Any company that doesn't effectively lock down its data is susceptible to a data breach, and data breaches are expensive. Dealing with a data breach now costs $4.24 million on average, according to IBM's latest data breach report, with more than one-third of that cost stemming from lost business resulting from increased customer turnover, system downtown, and diminished reputation.
It's in every company's best interest to employ robust cybersecurity measures. Effective cybersecurity isn't cheap, but it's a much better deal than suffering a data breach. Big companies like T-Mobile, which suffered a major breach in July and took a month to even realize that something was amiss, are still learning that lesson.
One problem for companies looking to build a cybersecurity strategy is the sheer number of options. There are more than 3,500 security point-solution vendors, and many companies end up using dozens of separate security products to cover their bases. That complexity is costly in terms of time and money.
A platform approach
Cisco Systems (CSCO 0.42%) is best known for its enterprise networking gear, but the tech giant is also a major player in the cybersecurity market. Cisco's strategy is to offer its large enterprise customers a full-fledged cybersecurity platform. Customers can pick and choose which parts they want to use, and they can add more products as their needs change.
Cisco's security platform covers user and email access, device and endpoint protection, network security, and locking down apps and data. The company also offers services like incident response. Cisco already has 300,000 security customers, and its solutions protect 61 million endpoints and 840,000 networks.
Cisco uses a land-and-expand business model with its security platform. About 80% of Cisco security customers start out with one of four popular products, and one-quarter of customers go on to purchase at least one additional security product. Of Cisco's 300,000 security customers, roughly 11,000 have bought at least three security products.
Enterprise agreements, which allow a customer to manage all its enterprisewide software licenses and subscriptions under a single contract, is one way Cisco is aiming to expand with existing security customers. The company now has about 4,500 customers with enterprise agreements, more than triple what it had 3 years ago. While the typical Cisco customer owns 1.4 security products, the typical enterprise agreement customer owns 4.1 security products.
Cisco has a huge opportunity to sign more customers onto enterprise agreements, and in doing so make it easier for those customers to add additional security products. Cisco sees its total security market opportunity hitting $80 billion by 2025. Expanding within its existing enterprise customer base will be the key to growing its share of the market.
Growing a multi-billion-dollar business
Cisco generated $3.4 billion of revenue from its security segment in fiscal 2021. Security revenue grew by just 7%, although the pandemic was certainly a headwind. Because Cisco's customer base is primarily large companies and organizations, its customers tend to pull back on spending during times of economic uncertainty.
Some parts of the security business are growing faster. Security recurring subscription revenue jumped 18% in fiscal 2021, and both the cloud security and Zero Trust portfolios grew by more than 20%. Subscriptions are now about 81% of Cisco's total software revenue across all its segments.
There are other security companies taking a platform approach – CrowdStrike may be the most notable. But Cisco has the advantage of already counting the world's largest companies as customers. Those customer relationships will be valuable as Cisco aims to expand its security business.