Cisco Systems, Inc. (CSCO) Earnings Call Transcript & Summary

Here we go. So thanks very much for joining us. I'm hosting Liz Centoni, Chief Strategy Officer and also GM, and we're going to talk about applications. We're going to talk about strategy. We're going to talk about Cisco. We're going to touch on current trends as well. But before we start, my dear friend, Marilyn Mora would like to say something.

Thank you, Tal. So before we begin, I'm going to do our favorite safe harbor statement here. Before we begin, we may make forward-looking statements so I'd refer you to our SEC filings, the most recent Forms 10-Q and 10-K that can be found on the Investor Relations website. So with that, I'll turn it back over to you, Tal.

Thank you. Thanks for the exciting announcement. And Liz, thank you so much for coming here.

My pleasure.

This is kind of awkward sitting but it's okay. Here you go, I'll turn a little bit. Here you go.

We wrote a report before on Cisco's applications. We try to do a deep dive and understand what you're doing and how much it contributes. And maybe you can help us first to define what is applications for Cisco. What's included in this definition? And talk about maybe a little bit -- a broader definition, meaning what's included, what's the growth rate? And what are you excited with, what are you investing in, et cetera?

Yes. So when I think about Applications, I think about it more from a developer standpoint, right? So you start with, how do I create? So if it's cloud-native applications and looking at leveraging services from different places, pulling together microservices, they make up my application for a number of reasons. Then how do I secure it? How do I connect it? And then how do I operate? When we report out and we talk about applications, we mainly talk about it, what is it in optimized application experiences. And that's very focused on Intersight, which is our SaaS management platform, both for infrastructure management as well as cloud and workload orchestration as well; and then AppDynamics, which is primarily application performance management, moving to observability; and ThousandEyes, which does Internet and network deep insight as well. And so some of this, how it comes together as an offer that we take to market with full stack observability. Double-digit growth is what I would say is there are fast-growing components of it. SaaS part of AppDynamics. We're moving from perpetual to SaaS, is growing in double-digit growth as well. Would I like it to grow faster? Absolutely, and that's what we're going to drive. So that's how we look at just the optimized application experiences. Things like WebEx are not included here. Any of the security apps are not included here as well.

Got it. And how does it fit in Cisco's overall strategy? How important is what you're doing to Cisco's overall strategy?

Yes. I'd step back and look at what are -- what do our customers need, right? So think back to your own experience or anyone here's experience over the last couple of years. And I'd say is we use a lot more digital services and products than we ever did before because of the pandemic. Everything went online. We're using more products and services through a web API or, I mean, through a web app or a mobile app for that matter. That's -- it's not going to change even if at some point in time we come out of the pandemic. In fact, what we see more and more is there's going to be a ton more applications out there. The application experience and what the end user faces is a big determining factor on will they stick with the application? Are they going to recommend the application to someone else? So when you're an enterprise and you're sitting there and going, "I'm selling a lot more of my products and services through applications," this gives me the ability to scale to millions without actually having a kind of a brick-and-mortar store out there. So the application experience has been very much become front and center in conversations with our customers. So what makes up the application experience, right? Let's take modern applications, for example. If you're looking at newer applications, my developers are really focused on things that I'm really good at and there's so much other service. I don't want to go out and build an authentication service. I don't want to go out and build a payment service because there's other people who've done that before. So why -- I say this to my development team as well, if someone's already solved the problem, why do we want to solve it for the 56th time, right? So I'm pulling all these services and building those capabilities, which means my run time of that application is now -- the Internet has become my run time, which is for me to say, hey, when something goes wrong, how do I figure out where -- what is the dependency of my application? And how do we figure out the root cause? For that, you need network intelligence. You need to have visibility into the infrastructure. You need to know -- you need deep insights into the Internet because you're consuming some SaaS service somewhere. You need to make sure that your -- it's not a security issue. So this is when you talk about why is this relevant to Cisco, not just because of APM and application performance monitoring because to deliver that application experience, all these pieces that the application is dependent on need to work together really well and you need that deep visibility. You need those insights because then you can take action, whether it's in near-real time and where we're moving to is more predictive like take an action before something has an issue. So it's closer to our core portfolio of networking and security than ever before.

Got it. Cisco historically was a hardware company. I'm generalizing. How do you make sure that you change the contract in a way that will promote and encourage application development, that you can bring the right talent, that you can sustain the right talent? What do you do beyond just defining at the management level, beyond just defining where you want to be? How do you -- what do you do in order to take your strategy and desires and goals and bring it down to the ground level to say, okay, we can also do it, not just define it?

So I've been in the company for 22 years. And with the exception of the last 2 to 3 years, always ran an engineering team. I still do, but I do corporate strategy as well. And if I look at our 27,000-plus development organization, even 22 years ago, more than 3/4 of it was software. Agree, a lot of it embedded systems, but there was only about 1/3 -- actually 1/4 if probably even less, that was truly hardware ASICs, et cetera. So we've always had a development organization that has been very software-heavy. Now the mix in that has changed to more where it's not just embedded systems where the application developers have become even more prominent than the others. So from a -- we're still a very much a software-driven company and that's -- the development organization reflects that as well. Now we're changing just the same way our customers are changing, right? If you look at even every development practice that's happening in our customers' organization, we're going from very traditional I built everything. It was tightly tied together. It was -- I had visibility into the whole thing. We all want the same things, just like our customers want. I want to move faster. I want to make sure that it's -- I have the agility, flexibility. I will consume services from anywhere. As long as -- because my goal is I want to be able to deliver what my customers want. I want to drive growth for the company. And I want to do it better than my competition. Same thing that customers do as well. So our culture has been shifting over the past few years. The people we hire, what we're driving as kind of even modern software development practices. Having come into the company as a software developer, APIs was always something -- everybody in software development knows APIs. Why do we care about it now more than we did before where APIs have become the first class citizens in some ways? I would say it's because for us to be able to develop software more from a modern architecture standpoint, you have to be able to consume APIs, which means everything that we build, we also want to be able to have others consume it through APIs as well. So it's culture-wise, it has been shifting over the last few years and it's reflected in a hire. Plus some of the acquisitions, if you look at that we've made over the past few years have been very software-driven. Agreed, like we've done Acacia and others in areas of silicon. We've also acquired talent in this space as well. And again, it's a strong leadership. So it starts from the top. But it's also around where I've seen the culture change is where we're focused on delivering outcomes for the customers. And it's not just about building the next cool widget out there. By the way, I do have an emerging technology team that does look at cool stuff out there, which we don't know what the use case is, but it's a small percentage of the team. But when you look at outcomes and you look at how do I deliver something that customers can actually install use and be delighted in such a way that they're waiting for the next set of feature sets to be dropped, this is -- you're rallying the team towards those goals and yes, software developers, we come in every day. We have pride in what we develop and we want that to be adopted.

So I'm going to ask you a tougher question even. And the tougher question is the -- if I look at the optimized application experiences, last quarter it grew 8%. A year ago, it grew 30%. So despite what you're saying, there has been a decline in the growth rate. And the question is why. And how do you -- what do you need to do in order to accelerate the growth on a sustainable basis within the Application business?

So I'd say ThousandEyes and Intersight grew beautifully, right? I mean those 2 are doing really well. In AppDynamics, we're making the shift from perpetual to SaaS and that does have an impact on the growth rates. But in addition to that, we could have executed better than we did before, right? And I'm driving that personally. And so I think there's no excuses about that and we've got a pretty aggressive road map, and that's my plan.

So let's talk about AppDynamics or let's talk about the segment kind of big product. You mentioned them. Would you mind to actually take us through the 3 pillars or the 3 segments you spoke about and take us through kind of the opportunity? What are you seeing? And what are the changes, like the migration to SaaS that you mentioned with AppDynamics?

So AppDynamics, when I look at it is it's a -- we acquired the company 5 years ago. It's a great product. I firmly believe in that. Those who know me long enough will tell you that I'm very operationally-driven, even though I was at a strategy role now as well. And I'll call it like I see it, right? So my -- we have a very solid road map for AppDynamics. But if I look at the product today, it's got huge competitive differentiation around business insights, especially for traditional applications, and we're extending that out into AppDynamics cloud for cloud native. Would I have liked us to deliver that road map faster? Absolutely. And that's going to change going forward, right? But when I look at what we have today, it's -- if you look at the area of application performance monitoring, sure, a lot of people can tell you what went wrong, here's where it went wrong. But what they don't -- what they're not able to tell you as effectively as what we can do in AppDynamics is tie that to a business impact. Because think about it, so many applications in your environment, right? You get a lot of alerts and events. Which ones do you prioritize? I want to be able to prioritize for my customers, which ones that impact revenue for them, cost for them, the user experience. We can do that with AppDynamics today. And we're extending that into -- for cloud native. So now -- and we're launching that next week as well. And so now we can enable our customers' performance monitoring across a hybrid environment in traditional as well as cloud native as well. We're enhancing what we're doing with end user monitoring, working together with ThousandEyes. This is where it's not just the individual pieces but how they come together that deliver like a really solid outcome that I don't think anyone in the industry can do it better than us, right? But it requires some work from us in integrating the portfolio tightly together because that end user monitoring becomes even more important in the world of hybrid work where -- think about it. You're at home. You want your Office 365, your experience of accessing and using Office 365 to be as good, if not better, than when you're in the campus, right? And that ties to your employee engagement as well. We can do that today for SaaS applications, not just end use, not just any application that you use as a consumer as well. In the area of optimization, we acquired a company last year to be able to do infrastructure optimization because most often than not, if you're developing, especially modern applications, your application is changing. So it's not like your infrastructure should be static. So how do you make the infrastructure dynamic? Most of the time, you're over-provisioning because you're a little -- you want to make sure your application performance is not impacted. Well, we got the company, bought the company, especially because that optimization helps you to decide what is needed for your application at that time to help you both keep the application performance whole as well as optimize your cost. The last one is on security. On the security side, more and more so is like you want your application to -- security, both in run time and in development as well, right? So things like if you're developing with more services, obviously, you're using APIs to be able to consume that data to communicate. More APIs means a bigger threat vector. We have capabilities that we're introducing that -- where it can tell you the reputation of those APIs. First, it can help you discover those APIs. Most of the time, most customers are like, "Wow, I didn't know my own team has so many APIs, and then I'm consuming so many third-party APIs." So when I think about it, it's a very robust road map. For me, it's more the speed at which we deliver it.

Rule #1. When you go on the podium, turn off your phone. Sorry.

And then -- no problem at all. And then the integration of it, integration with our network intelligence, internet insights and our security portfolio as well. So it's bringing the capabilities together to deliver use cases and outcomes. And that's where I see is where we're going with that.

So as someone that covered Cisco for so many years, the question is there are 2 efforts, one is on R&D teams and development, et cetera. The other team -- the other effort is how do I go to market? How do I go to the market with it? Tell us about Cisco's investment and what you have done behind the scenes or in front of the scenes to make sure that you can also sell applications. You can also go to customers. You can be identified in the market as a leader in applications.

Yes. So if you look at everything that I talked about, it's like we have this internal joke that we talk about, is like who takes the rap with the app, right? So you have NetOps, you have SecOps, you have AppOps and you have DevOps as well. You have SREs in the mix. You have multiple personas in the mix, but they all roll up into the CIO most of the time that we have very strong relationships with. And all of these need to work together because, usually, it's more around we want the focus to be mean time to innocence versus mean time to blame, right? Because usually, the app developer would say nothing to do with my code, it has to be the network or something else. But when you give people a common set of contextualized correlated data because you have all the assets like a ThousandEyes and Intersight and AppDynamics coming together, the focus is more like, how do I solve issues as fast as possible? And that's what the CIO wants. So the relevance is it's the same buyer that we're going to talk to. It's just that we're expanding that also with the DevOps and SRE teams as well. So I would say -- and then we're also doing this in 2 ways. One is from the CIO down. The other one is a product-led growth motion as well. You'll see us do put more and more things in open source as well, more of a developer-led adoption, where it's a product-led growth motion that drives it so more grounds-up as well as top-down. But it's the same conversations that we have. We just need to extend that out even further. I do think that, that is one of our advantages that we haven't fully exploited that yet.

When I prepared for this panel or this fireside chat, I looked on things you said in the past. And one of the terms you spoke about a lot was FSO, full-stack observability. What is it and why is it important?

Yes. And I'll go back to what I just said is, when you think about full-stack observability is really around looking at everything the application is dependent on, right? It's the code that you write, it's databases, it's logs, it's infrastructure. It's the x86 house it's dependent on, it's the network, it's Internet. It's cloud services that you use. You have to have end-to-end visibility across all of this. And that visibility gives you insights into what went wrong, where did it go wrong? And then you tie that together with business impact to be able to take action. For us, that is the full-stack observability piece. Because today, if you look at the environment is that everybody seems to have visibility into like individual domains of monitoring. And so you're looking for a needle in a haystack in application performance monitoring or in log monitoring. But you need all -- you need visibility end-to-end because if you want to be able to pinpoint what the issue is and what the impact, you can't just do it based on individual monitoring then you're trying to stitch that together. We take that out and we're providing that end-to-end visibility from the application all the way to the end user to say that visibility insights allows you to take action to improve the experience of the end user, address issues as fast as possible, and our road map and I hope is definitely on getting it too predictive versus just in real-time addressing issues.

When you provided kind of the long-term outlook about the market, you spoke about $1 trillion TAM. And dream the dream, 5, 10 years from now without a time stamp. Where do you want to -- you are currently not addressing $1 trillion TAM. So where else do you want to see your business? What are the other areas that you think are suitable for Cisco and you can make change or you can innovate and you can disrupt the market with? How do you get to $1 trillion TAM from where you are today?

So maybe I'll start by unpacking that $1 trillion or $900 billion something that we can round up to $1 trillion. So it starts with our core markets, right? That's about $260 billion, including the services part of it. That's our core networking portfolio. And then there's $140 billion of it that's in adjacent markets. And those adjacent markets go across, right? In security, there's adjacent markets of cloud security and other portions that we haven't covered yet. That's included in there. In application performance monitoring, it's going from APM to full-stack observability. There's a pretty sizable jump. Even in a core networking market, it's like as-a-service. More and more, there's as for, I want to consume everything as a service. That's not -- that's in that adjacent TAM. We haven't taken full advantage even of that adjacent TAM yet. Then when we look at an expansion TAM and we say, when you look at hybrid work, for example, you can quote multiple analysts that say, "That's just hybrid work itself is a $1.1 trillion TAM that's out there." We're all just trying to figure out how do we work in hybrid work. So I feel like that opportunity for us is still there, quite a bit both in that adjacent and that expansion TAM. And then automation, right? Automation is another place. I mean you see so many tools out there. And especially in a cloud-native world, that is something where it's like how do you automate some of the tasks that especially some of the repetitive tasks. So that's where our -- and that was about $500 billion in those expansion areas that are very much we can extend into. And our goal is -- so I feel that we're not opportunity-constrained. So it's not like we've got to go out and look for a whole bunch of new areas. Executing faster delivery in those markets is plenty enough for us to drive growth.

In the past, in most areas outside of switching and routing, even within switching at a certain point of time, Cisco went into new markets or expanded through M&A, acquired M&A, we called it, acquired R&D, we called it. Do you think that growth in Applications requires you to do more M&A? Or do you think that within what you have organically, you can continue and address new markets and new applications, et cetera?

I strongly believe that what we have today is a solid set of capabilities that we can build both best-of-breed and what I would call best-of-suite to deliver outcomes, so that customers don't have to stitch it together. I mean if you look at the breadth of our portfolio today, we're in a position to deliver outcomes, whether that's full-stack observability, whether that's SASE, whether that's hybrid work, whether that's hybrid cloud. And interestingly enough, I've talked to some of our large enterprise customers where -- who have pretty sizable software development organization. And I've asked them and said, especially in the case with full-stack observability, it's like you have a bunch of these monitoring tools, some of which we've sold to you, for example. Do you plan to stitch them all together? And for them, they expect us or another vendor like us to stitch it together for them. And that's where I think delivering these as offers, as outcomes, we see as definitely kind of the opportunity to be able to do that. As far as M&A is concerned, it's -- we always look. We're always out there, but it has to fit within kind of our framework or a set of principles that we always look at the lens through which we look at every M&A. It has to be a strategic fit. It has to be a financial fit and a cultural fit for us. And so we're always looking. And when we find something, we go beyond the early conversation. We're always having conversations, right? It's a part of our strategy, especially when we feel like there's something that can augment what we do, help us get into the market faster, get us more of a footprint, but it still has to fit within the principles of our framework on those 3 items. So I'd say whether it's an application or any other part of our business, we're always looking at M&A.

One big area that we always talk about is cloud, right, cloud strategy. And I want to talk about Cisco, if you can discuss Cisco's portfolio of cloud-native solutions. We can talk about maybe both the good and the bad, meaning areas where you feel really strong that you have all the tools needed for cloud-native applications, and areas that you invest in, in order to get better, in order to strengthen.

Yes. So if you look at cloud-native applications, right, I mean, any developer will tell you it's like, hey, I want to make sure that I have all the capabilities to create, to secure, to connect and to operate as well. I'll start from the last -- from the first piece of it. In create, we have capabilities in our data center networking portfolio today to help -- for developers to be able to spin up an infrastructure today. We have that with Intersight today. We continue to enhance that with other -- with more capabilities. The whole idea is how do we enable developers to spin up the infrastructure that they need or enable somebody else to spin up the infrastructure that they need as soon as possible. And we continue to add to that. On the create -- and on the secured part of it, this is part of our portfolio, as we talked about in RSA this week, is that we're continuing to add more cloud-native capabilities to it, whether that's very much in a hybrid multi-cloud environment. On the connect piece of it, I think that's one of the pieces where we're stronger in terms of being able to enable teams to be able to go out and consume services and capabilities and connect to different clouds and different SaaS clouds as well with the same policy that you would have on-prem. In observe, we do that today. Even if an application is developed cloud-native and sits fully in a public cloud out there, most often than not, as a developer, you're using some third-party SaaS service, which means you need an observability tool that looks outside of just that public cloud. So I would say is we're in a much better place, Tal, today than we were a few years ago. And we will continue. You'll see us continue to enhance especially on the cloud operating model in cloud security and in observability. You'll continue to see us invest. And these are the areas where we probably were not as strong as where we were a few years ago but now are. As far as cloud is concerned, if you'd asked me this question maybe a few years ago, we kind of missed that transition with the hyperscalers. But that has changed for us quite significantly. I'd venture to go out and say is, today we actually help cloud providers build the cloud by selling them everything from if they wanted disaggregated systems, basic hardware, software separately, we can do them, that we sell them systems as well. And so we were able to leapfrog with some of our silicon and optics capability and even our systems capability as well and have picked up pretty significantly in that space. But I do think that the cloud operating model, there's more room for us on how do you make it seamless across when you have workloads in 1 public cloud and then in another public cloud, and you have workloads on-prem. How do you simplify that operating model, especially with more and more workloads also being built and deployed in private data centers as well? That's the work we will continue to do and will hold in our portfolio there. And that includes partnerships that we would do as well.

A related question is a question I'm personally puzzled with. If you asked me 10 years ago, what are going to be the strongest areas of Cisco's growth strategy, not legacy growth, and I would have said security because security is always connected to the network. Network security is big part of security. Security is also in the area where Cisco want to be, applications, software, et cetera. And the fact is that Cisco is not a great security player, a big one, but growing subpar, right? Last quarter about 7%; a few quarters ago, 1%. The industry is growing much faster, at least the successful companies. How do you improve the growth in security? What are the components that are needed in order to have a better security growth? It's such a natural place for Cisco to shine. Why not now? And how do you improve it?

Yes. Like you, I would like our security growth to be higher, right, much more. I do believe that we do have the assets and there are some holes that we'll continue to take a look at how we fill. So let me touch on our security strategy, as we talked about at RSA this week is, we're building out our -- we have been building out our cloud security platform, right? So our view is that a platform for threat detection, response and remediation, we want to be open, standards-based and extensible. So very much an API-first approach because we do believe that we want to bring in our networking services, that we're the leader in that and our security services and the threat and talent capabilities that we have from Talos today, bring that together in 1 platform. And again, the extensibility is for there'll always be some third-party capabilities that our customers want. We want them to be able to have the choice to integrate that in there as well. So this is in the works. It will take us some time to be able to completely deliver that out. In the meantime, there are a number of things that we're doing, in the area of like passwordless, for example; in the area of continuous trusted access. It shouldn't be that Tal can come in and his user -- your -- as a user and as a device, your identity is confirmed once and that's it. How do you continuously monitor that? We internally implement that today, and we'll make that available for our customers as well. We're taking Talos and making it a threat-and-tell kind of on-demand service and very much customizing it to what each business needs in addition to what we offer generally to our customers as well. So there's a lot that we're doing. And do we, as a company, also want to drive it faster than where we are today? Absolutely. Because the market's there, right? And like you said, we've got this rich set of network services that are critical and integral to when you put this together, especially in this distributed users, devices, users -- and you look at apps and data that are distributed as well, how do we provide that secure access? In fact, that's the other reason we actually came out with our -- this week, we also launched our Cisco+ Secure Connect Now, which brings together networking services from Meraki -- so Meraki, SD-WAN, our Umbrella. And it's a turnkey as-a-service offering for partners and customers as well. So you'll see the pace of it definitely going up, and it's every intention of ours to go out there and grab more of that security market that's out there.

Dream the dream. Metaverse. How is Cisco participating in metaverse?

So metaverse allows you to dream more than anything else. It's -- I would say applications are going to be -- the experiences will get a lot more immersive, right? Today, the experience is physical in some way. In many ways, it's like so you'll see more of what we do in -- with AR/VR. And just -- we do that today with WebEx, by the way, right? So we're experimenting with a few things in WebEx. It's become more real, like with holograms. I don't think it's too farfetched to say that you can, probably in WebEx, interact with a hologram in the future. But we're looking at how do we expand our whole mindset to look at immersive experiences as well, which will become more and more the reality and we're looking at that in WebEx. We're looking at that in observability. It's some of these things that will take time to adopt and it's part of what we're experimenting with, kind of dabbling with right now.

Let's say someone gives me tomorrow -- upgrades me from an analyst at Bank of America to CEO of Cisco. And I call you and I say you have an unlimited budget, do whatever you want. What would you do? Within your area of expertise today, where would you invest in order to get higher growth?

You mean company-wide or what?

Within your business today as...

Yes. Maybe I should say this without my CEO in the room. Hopefully, he won't listen. I don't think I'm budget-constrained, by any means. And I don't think that's the case across the company as well. Our investment in R&D is -- goes into multiple billions of dollars. And we do believe that we're investing for the long term because of the number of tailwinds that we have. And so I'm not budget-constrained today. What I want to do is be able to execute faster than what I've been doing so far. That includes both the features and functionality and building into the product and the integrations across the other assets within the company.

So that's not a function of money? It's a function of what? What needs to happen for you to execute faster?

I need to -- so I can speak for myself. I'm rallying my team towards a common agenda in the outcomes we develop. It's like the value we bring to our customers and finding passion in that to be able to do that. And finding it's a combination of that, keeping the teams focused, tying it back to our corporate strategy and then giving the teams -- taking friction out of the way, right? I mean when you work in a large company, there's friction. So it's like we're doing that across the board and then adding the skills that we need and working across teams to be able to deliver. So yes, I can't believe I said that, that I actually have -- but it's true. In many ways, I don't think I'm budget-constrained. That is not one of my -- when you ask me what stresses me, that is not one of my top stressors.

So let's say the average between you and I, we are budget-constrained. Good. Thank you so much. Any -- by the way, is there any question from the audience? No? We normally don't get too many questions, so that's great. Thank you so much for your time and insights.

It was my pleasure to be here. Thank you.

Excellent. Thank you.