Cisco Systems, Inc. (CSCO) Earnings Call Transcript & Summary

Hello, everyone. Thank you for joining. I'm Heather, your Webex host for today's event. And In while, I'll turn things over to our speakers, I have a few housekeeping notes to cover. Please note that you have been muted. The chat and Q&A has been disabled for this session. We'll have a survey that will probably value exit if you could please take time to lever a view on there, your feedback is very important to us. With that, let's get started. All right, You might have to unmute real quick.

All right. okay, This is Sami Badri with Credit Suisse. The senior analyst, covering the software and network equipment sectors. With us today, we have Jeetu Patel, the EVP and GM of both the security and collaboration business at Cisco. And before we get started, we want to open it up -- or hand it over to the Cisco Investor Relations team to read a safe harbor statement, and then we're going to get into some Q&A with Jeetu.

Thank you, Sami. This webcast is educational in nature with no new financial information being given. However, we will be making forward-looking statements today. And those forward-looking statements are subject to the risks and uncertainties found in our 10-Q. I'll turn it back to you.

All right. Thank you very much, Marty. So it, maybe we can kick it off with some opening remarks for the webcast and investors today, and then we can get into some questions.

Sure, sure. And so just -- just by way of introduction, I'm Jeetu Patel. I run the security and collaboration business at Cisco. I've been here for close to 3 years. And we are about a year ago or so, we had a pretty exciting review of our strategy that we had done around security. And it was around trying to make sure that we actually have what business should Cisco being in security, and it's very clear that the business will have to be in is in a hybrid multi-cloud world, you need to make sure that you have the layer of abstraction above the multi-cloud provider so that you can take networking and security and abstracted from the 4 major computers in the world, whether it'd be Amazon Google, Microsoft or a private data center so that we can be that could actually acquire and steer any in all traffic to any of the cloud providers so that customers can actually have the public product economics without the public cloud market. So that was kind of the highest level of kind of strategy that we had launched around the Cisco Security Cloud. And yesterday, we are at the RSA conference right now. Yesterday, we made our first big announcement towards the vision of the Cisco Security Cloud by launching our XDR platform. And you should think about the Cisco Security Cloud as having 2 major components. There's going to be a component of -- there's going to be a set of capabilities and technologies we're going to have around prevention of it spreads. And then there's going to be a set of technologies we have around detection, response and remediation of the threats. So those are the 2 big kind of components that we should think about. And with me, I have -- one of the things that I wanted to talk about also is how have we been doing over the course of the past few years around security. And one of the big areas we have focused a lot of our time investing in is building out the leadership team. And so we have pretty much kind of got a great combination of leadership team from really, really interesting companies from the outside and some internal starts that we promoted in. So let me actually just walk you through the leadership team right now. So with me, sitting right next to me over here, the gentleman named Tom Gillis. Tom just joined us. How long have you been tom 3 months?

Just 4 .

Four months. So 4 months ago, Tom runs our security business sits on my leadership team and is -- used to be the gentleman that ran the networking and security business at VMware. And so that terms our GM for the security business. And then what we did was we've actually assembled a world star kind of rockstar team of people underneath tom. And the reason I talk about the team is -- that is the first step to building great products, which is then the first step to show revenue growth. And so you want to make sure that you focus on the team for a moment. Underneath Tom, we've got the Chief Product Officer that came from NetScope and Proofpoint. We have a Chief Design Officer that came to us from ServiceNow Encompass. We've actually got Head of Sales and Head of SE as well as the Head of Americas Sales, 3 people that came to us form Palo Alto Networks. We recently hired someone that's going to run our firewall business and that -- who came from Zscaler. And so -- and we've got our Head of Engineering that came from McAfee. So what we have done is we've actually assembled a great team of people that come from modern day kind of companies and are in here to go out and really transform the way that we actually build out the next generation of products at Cisco, right? So that was the first step. We are now starting to see it what you should expect during the course of this year and over the next few quarters is a continued level of progress that we will make towards the Cisco Security Cloud vision, both on the prevention as well as detection and response [indiscernible]. And yesterday was our first one of those forays where we announced Cisco XDR. And we'll talk a little bit more about that, I'm sure. But that's at the highest level what we're doing. And there should be -- one key thing that you keep in mind over here is, the industry is actually going through a massive transition to a platform shift. There's about 3,500 vendors in this market. On average, most customers have anywhere between 50 and 70 vendors because no one owns any kind of dominant market share. And when you start looking at that level of fractioning what's ended up happening is this market evolved as a result of patchwork. So there was a threat that came up. And as a result of that threat, we would have a solution that would bring up. And initially, it worked out great -- now when you have 70 vendors in an organization, that's 70 different policy engines at 70 different places where contention could occur between policies, and it's untenable to manage. And with AI and the advent of all the development that we see with AI. The threats are only going to get this attack are only going to get more sophisticated. Majority of ransomware starts on e-mail. E-mail used to be from the Nigerian friends. That ask you to click on in so that we could actually get malware on your computer. And that was very easy to decide that this was a [ fan e-mail ]. Now what you're going to find with the era of Chat GBT is attackers and adversaries have access to the same technology that we do. And so what they will have is the ability to create a tax which to normal course of day, it will be very hard to distinguish between a regular set of events that someone goes through versus a malicious attack. And so this is going to become a data game. This is going to become game where you're going to have to deal with this at machine scale rather than human scale. And given where Cisco is when we've actually got the broadest portfolio of offerings. And every single kind of major control point in the attack chain according to the Mitre Att&ck framework , whether it be e-mail or web or endpoint or network, we've actually got meaningful native telemetry in each one of those sources that can then be correlated. Our ability to go out and detect a breach, respond to the breach, make sure that we can correlate data across those different control points in the telemetry we get is just going to be far superior than what you could get in the point solution. So I think there's going to probably be less than half a dozen platform vendors in the market. We will be one of them. Microsoft will be one of them. Palo Alto Networks might be one of them. And then there's going to be a bunch of others who will try to play the platform but they'll have to either merge or convert and do something of that sort, but there's not that many players right now that can actually credibly be an end-to-end security platform with native telemetry across multitude of control points that can really go out and help increase the probability of success on detecting and responding to breaches. So that's at the highest level someone that keep in mind. And then the last thing I'll say is, our goal is to build amazing excellent products. And Cisco has been acquisitive in the past, and that's great. We will continue to be when the opportunity is right, but our goal is to make sure that we build great products that people love, that they talk to the friends and family about. Because, frankly, the best way that you can get to hundreds of millions of people using your product is by word of mouth. No launch of billboards get you there. And so we are maniacally obsessed on building great products that are easy to use, that are going to use data sources that actually give us a unique edge and advantage and where security meets networking that's where the magic happens, and that's where we will actually be able to provide a lot of value. So I wanted to give you a high-level context before we go into questions.

All right. Jeetu, thank you for that. You talked about the product launch yesterday. You talked about the kind of world Star team that you assembled. Maybe one thing you could double-click on is where is Cisco and Cisco's strategy today as far as all these pieces? Because you do have a sizable security business, how do you plan on taking what Cisco has today and into the next phase of the company's growth and road map?

Yes. The first step that I -- what we have to make sure is we have to develop a world-class team, like I mentioned. We now have that growth class leadership team. Second step was, we have to make sure that there was a very clear, well-articulated strategy than the entire company was crystal clear on our partner ecosystem was crystal clear on. We launched the Cisco Security Cloud strategy last year. That's actually gotten a lot of a positive sentiment back from our customers who really, frankly, want us to win. And we're asking, hey, we're going to be folks win and why it's taking so long because we are behind in some areas that were there. And so we wanted to make sure that we actually accelerate them. three, is you're starting to see the fruits of all our labor on strategy and the investment that's been made in this business as well as the team where we are now starting to launch capabilities in some very, very differentiated ways in the market. And so I'm actually super excited about what the market holds as potential for us. And yesterday, we just had analyst roundtable right before this as well and one of the folks came up to me after and said, "Hey, I just want to let you know, the excitement that you and Tom kind of share over here is also the part from the partner community. And they're just excited." And that's because what the market is responding to is we're building great products. Those products are getting to be easy to use. We're actually sharing a platform-based approach rather than a point solution-based approach. We have standardized our design language across our different formats of networking and security. So they're starting to look and feel more and more like they come from one company, one platform. And frankly, that's what you should expect from us moving forward. And in each one of these areas, whether it be on the prevention side or the detection and response side, just expect that there's going to be meaningful advancements made, which will have structural kind of differences compared to where we were. And I have to always be over here, so let me ask him to see if he wants to add to that as well.

Yes. I think what you just said is right on where we want to focus on product excellence and picking things that Cisco can do uniquely, and that is obviously things that leverage the network. So the places where security needs the network, I think there's lots, lots of room for opportunity for innovation and delivering products that, at the end of the day, stops bad guys more effectively than the point solution can .

Thank you for running through that. One thing I really wanted to hit on was considering where the Cisco Security business is today, what are some of the most addressable or near-term opportunities that you guys are going to go to market with and see evidence to show traction and progress in the near to medium term? Are there specifics that you guys can talk about?

Well, look, if you think about the 4 or 5 big areas that we are focused on right now. Network security is a big one. We actually got a very healthy firewall business, and that firewall business, for a while, has suffered from some degree of -- we had not innovated as fast as we should have. We had -- our quality had dropped for a while. All of those problems are now largely behind us. The big challenge that we do have is a large percentage of a firewall base is still on the older versions. And our goal is to make sure that we can actually move them to the new version of the firewall because that's when you start to see satisfaction rates go up. So that's one area. Another area that you can expect us to have a fair amount of kind of focus and emphasis and investment on is going to be around this notion of [indiscernible] and SSE. So basically, a simple way to talk about that is, can you have an easy way for any individual or an organization to connect to any application that they might actually want to connect to security, whether it be a cloud application, whether it be like Workday or Salesforce, whether it be a private applications like your order management system that sits on your data center or it be directly connecting to the Internet. And today, when you start seeing how that works, there's a fair amount of friction that users have with any of the players in the market that exists, where you have to know exactly when you log into an application that requires VPN. You have to know exactly when you log in to an application that requires DTNA . And the -- even if you look at some of our competitors, they have an Internet access stack, which is different from a private access staff. Those are 2 different product lines. They have 2 different user experiences and those things actually do matter. And so -- that will be an area that we actually focus on quite heavily. Zero Trust is an area with kind of risk-based authentication, continuous trusted access. What we're doing with do, that's going to be a very strong area, and that's a great franchise for us. You think about application security into the shift left movement, there's going to be a fair amount of investment that we continue to make there. And then frankly, all the things I talked about right now are on the prevention side. on the detection and response side of the house, XDR, which we just launched yesterday is going to be -- it's a huge TAM, and that's an area where we're going to be very differentiated because not only do we actually have native telemetry that's cross domain across the entire attack kill chain from e-mail to web to endpoint network. But what we also do is integrate third-party telemetry from some of our competitors like CrowdStrike and like Palo Alto Networks so that we can make sure that the customer has a holistic view. And so those will be the areas that we think there's going to be a fair amount of excitement. But the way you should think about this with us is, we're going to sell a platform. That platform is going to be the Cisco Security Cloud. It's going to have unified policy engine and open APIs. And that's how we will go to market. And then we will make sure that the way that we sell the platform is going to be through some sort of bundling in suites rather than selling it as just an individual kind of set of SKUs. And so you can expect us to move down the path with more of a suite-based approach. That might be a user security suite, that might be a cloud protection suite, and there'll be some kind of analytics kind of Street and think about that as kind of the directional -- high owner direction that we will be going in.

Got it. Got it. One thing I wanted to kind of zoom out on and talk about is that IT deployment models by enterprises are clearly evolving and changing. You have public cloud consumption, you have on-premise deployments happening and maybe something in between managed services. How do you view Cisco's business as positioned to ingest potential business that could come off from any real deployment path that could happen?

Maybe just talking about this, just to break it up, maybe I'll let Tom answer the next one and i will come back and forth.

Yes. So clearly, it's a multi-cloud world. And I think the opportunity for Cisco is to create toolsets that leverage our unique strength in the private cloud but are extensible into the public cloud. Here's a great example of that. Firewalls have always been built around an IP address. That's like the basic language of the firewall speaks. So in a private cloud, you define a workload with [indiscernible] and stuff, it's all around IP address. When you go to Amazon. There is an IP address, right? You look at like S3 or Glacier or Redshift, these are services. So building a translation layer that can understand the services of the native public cloud and tie that to an IP address. That's the kind of thing Cisco can do really, really well. And it allows us to bridge from a private cloud-centric business into a public cloud-centric business. So I think there are a bunch of examples of cases where we can take our strength in the data center and in devices and extend that into a more cloud-centric.

And the way to think about that also is we will have very robust hardware solutions. We will have very robust virtualized firewall solutions, and we'll have very robust multi-cloud firewall solutions. Those 3 together will actually comprise the totality of the value proposition that you have, whereas our competitors will not have that level of breadth. Because, for example, this multi-cloud thing that Tom just talked about, that's not an area that others are doing particularly well right now.

Got it. I wanted to kind of address the debate versus cloud versus On Premise, which has been very topical right now among a lot of investors and even people in the technology industry. So if one trend accelerated versus the other, how is Cisco positioned? And then also want to follow up, the acquisitions that Cisco has made over the last couple of years and even most recently, is there a specific kind of indexation you'd say these acquisitions and positions are? Look like they favor cloud? Do they favor on-premise? Can you give us an idea?

Yes. I think the way to think about this is, is the eventual future that most companies will move to the cloud? Yes. The way that they're going to operate is going to be a hybrid multi-cloud world. Every company is going to go at their own pace. And I think it's an incomplete story when you say, I'm only going to provide your cloud solution, I'm only going to provide you long term solution. So the way that we have to do it is you provide the customer the totality of the solution that protects their assets regardless of where they are. And then you give the customers the choice to say, you can move at your pace, but we will have an end-to-end solution from protecting your assets that are in a private data center, protecting assets that are in the public cloud, protecting your assets that are directly on the Internet, and we will make sure that we have a common way of -- we'll have an end-to-end way of protecting those assets. I don't think we have -- each customer, each industry will have the pace at which they will need to move at. And I don't think we should be dictating the pace. We should be making sure that we meet the customers where they are and helping them modernize the security infrastructure and the security posture. So that's the thing I would Keep in mind. And by the way, we will be innovating across all of those different vectors. So you saw that we've actually had the new 3000 series of firewalls that we launched, which have better price/performance ratio, which had a way better kind of manageability. We also have virtualized kind of firewalls that are doing pretty well. We just made an acquisition of a company called Valtix that actually specialize in this multi-cloud firewall, and that will be embedded into the firewall franchise that we have. And so you can just start seeing that across the board we've got a pretty top-brand set of offerings as we move forward.

Got it. Got it. So I wanted to shift gears a little bit and talk more about some of the more historical results that Cisco has reported in the security business. When we look back at reported revenues of security over the last 5 and 10 years, there has been some variability. Is that variability caused by customers, by technology, by threats? What would you say has caused episodic or lumpiness in the growth rates? And could that potentially change in the Cisco's forward-looking strategy?

Yes. So I think part of the variability is because of supply chain constraints, which then had build up the backlog, and that might have actually been part of the kind of variability you saw. Part of the variability is also caused because if you think about our innovation velocity over the course of the past few years, it has slowed down. And we have now actually got the right team, we're starting to accelerate it. And so in the long run, do you -- do we expect this to be as lumpy a business as is right now? No. I mean there's always going to be some lumpiness in enterprise sales. But our goal is to make sure that it gets to be more predictable, especially as you have more subscription revenue and SaaS revenue. The predictability of the business just gets better and better over time. And I think you should expect that what the time frame is, I think it will happen over time, but just know that we, as a company, had an opportunity to do better in some of our portfolio a few years ago that required that we completely rethought the strategy, rethought the team and rethought the structure in the way in which we operated. We operated largely in the past in a GM-based structure. We are now completely functional because we are trying to sell a platform and not go out and create individual kind of hyper specialist teams that don't really -- that continue to get to subscale. And so we have a much more kind of standardized sales motion. We've got a much more simplified message. We've got a -- we're going to make sure that we have fewer number of things that we sell to the market, so that it's much easier for the average seller that understand and consume. And all of those things actually add to the predictability kind of quotient over time. Anything to add, Tom?

No, that's perfect.

Got it. One thing I wanted to pivot to is this idea that Cisco has made a lot of acquisitions over time. They have a lot of security acquisitions. And I think you made some comments earlier regarding what to expect from Cisco in the future. You're now -- you're going to be building and developing a platform. Is that platform going to require a lot of M&A? Or is there going to be a little bit of a different strategy being leveraged?

I'm so glad you asked this question because the way that I think we have to think about the security business and any business, frankly, that Cisco is in is our primary mission is to build amazing products that people love that they talk to the friends and family about. And the operative word over there is we're going to build great products at Cisco. Now if you have a clear strategy, you're building great products, and there's an opportunity to go out and accelerate the build because you actually found another company, we aren't going to be shy to acquire. We've never been shy to acquire, but we look at a few things going to be looking for acquisitions. Is there a cultural fit? Is there a strategic fit? And is there a reasonable price point with which we can get it? And does it actually meaningfully accelerate our strategy from a time perspective? When that happens, we won't be shy to acquire like we just recently did the Valtix, right? But the goal is to go out and inject this kind of obsession around product excellence. We've now done this at Webex. We are starting to do this in security, and you'll actually start to see that the products that we build have to be differentiated. They have to have a structural advantage that only Cisco can do that other people can't do. And we have to build them as part of a holistic platform in a bunch of point solutions. And the platform has to be an integrated networking and security platform because that's where Cisco has an ability to shine compared to others in the market. And so that's what you should expect from us. And so we're not adverse to acquisitions, but we're not dependent on acquisitions for us to be successful.

Got it. Go it.

I want to make sure that Tom can respond to that because he has a lot of energy on this as well.

No, I think you said it too, So for me, this is really interesting because we have a very broad portfolio. We have products in 27 different product categories. tough to go out and fight a feature war in 27 categories. But if we focus on product excellence at the system level, at the sweet level, we can really, really shine. So let's pick a few places where we can do things that are magical seamless end user experience, but high levels of fidelity that allow us to identify friend from [ fo ] more accurately than a point solution can. If we do that, I think the market will be extremely receptive to that, and that's the mission.

Got it. I wanted to refer to the press release that you guys put out yesterday on XDR. And one thing that I think -- well, 2 things I wanted the importance of data in the cybersecurity industry, and I think it's always been important, but I guess we're entering a new [indiscernible] now, so I'm going to spend a couple of minutes on the emphasis of data sources, but then also how Cisco is ready to handle that much data to the platform. And then the second piece to my question is, how the data sets from partners being adjusted to the Cisco platform? How would you kind of characterize that opportunity for the company?

It's a great question. So yesterday, we announced our extended detection and response product at the RSA conference. And we talked about this whole construct at the keynote as well. And let me actually start with how attacks happen according to the Mitre Att&ck framework. If you think about 80% of the attacks that happens, start from e-mail. You got an e-mail with a link from the Nigeria friends. So if you click on this link, you'll get $10 million, Spam. Let's make sure that we -- reason Sounds like a good all you have to do is click a link. You click on the link. That link takes you to a website that didn't exists 2 hours ago. They actually download some kind of Malware on your computer, it kickstarts the process. That process then initiates some kind of package traversing the network so that you have lateral movement. And so very seldom is an attack typically to the target and destination in Step 1. Attack typically moves through a domain -- from domain to domain. Now how has security defense has been structured in the market to go out and address this? They've gone out and had very good point solutions in each domain. So you've got and e-mail management system, and you've got something from the web and you've got something for endpoint. You've got some things for the network. And if you look at each one of those sets of telemetry individually. The challenges as you actually have more sophisticated attacks where it's harder to discern between what's real life activity where you're just going out and working the way that you need to work versus this being a malicious attack. It's going to be hard to go out and have those isolation of telemetry views to be able to get you meaningful insight. And so what you have to have is this notion of cross domain made it telemetry that can be correlated, not just aggregated, okay? And so that's an area that we shine because we've actually got data at scale on every e-mail and every forward that happens. We've got data at scale on what happens within the web, but the DNS request that goes through. We have data at scale on what's happening on the endpoint. We've got over 200 million endpoints with AnyConnect, which is not called Cisco Secure Clients. And we've got data at scale on the network in every pocket the Traverse network. Taking all of those together, and correlating them actually gives us a very unique point of view on what might be happening rather than what's happening individually in each one of those areas. So it's extremely important that the differentiation has to be instructed with the quality of data that we have natively that can be correlated with each other. And then what we're doing on top of that, to your question on partners, is we're also ingesting data from some of our competitors. So Palo Alto network Rout strike, all those, we will actually send one we'll ingest data from them because that will actually only enrich the quality of analysis we can do to detect when there's a breach occurring, and what do we need to do to respond intermediate that region [indiscernible]. And this is different from -- and I'll let Tom talk about this, he talks about it very eloquently. This is different from how you might think about a SIM, where you're just going out and aggregating logs that is a summary data. There is actually looking at native telemetry where you know exactly every movement that's happening. And so tom, why don't you talk a little bit about...

Yes, this is I think a question that many in the audience are wondering, the story sounds familiar. How is it different than what a inventor we're talking about. And I think I'm an engineer, so I'll give you the technical nuance. A SIM is designed to aggregate logs and have historical analysis. So SIM thinks in days, weeks, months, even years. You can store data for 7 years. An XDR is trying to look in very, very high detail about events that are happening that Jeetu described. I got that e-mail from the print. I saw PowerShell running on my machine. I see a word looking process. That is an enormous amount of data. If you were trying to ingest and store that data, your SIM bill would be astronomical. So the XDR approach is to process that data and drive a decision as fast as possible and then dispense with the data. So it's just a fundamentally different design principle it's really oriented around detection and response. Jeetu talked about that, right? So we detect something bad and then we take immediate action, which is, turn on packet capture, trigger a snapshot or block the connection outline or so.

Got it. Got it.

One other thing that might be worth keeping in mind over here is the philosophy that we have to have is we can't be too insular in the way that we look at this. There's a continuum of fidelity and resolution that you get when you go from point solution, best-of-breed, siloed data to you taking data from the industry telemetry and actually ingesting it and kind of processing that data to having native telemetry cross domain that can be correlated. And what we will be is a combination between 2 and 3 rather than just being point solution-based. That actually happens when you move to a platform because the -- when you just go best-of-breed, I just don't think that's going to be tenable anymore given the rise of the volume of attacks and the sophistication of attacks that happened when you started looking at things, attacks are getting more coordinated, and we are getting more isolated in defenses that just can't work. And you have to make sure that you're equally or more coordinated on the defenses than you are on the [ SI spectrum ].

Yes. If I can just add to that. What jeetu said is true, which we obviously think it is, think about the impact that has on the shape of the industry. It used to be this collection of point solutions and it was who's got a better widget and that was the context. Now it's moving towards systems approach. We have to work across multiple different components in a coordinated fashion. And that's going to play to vendors like Cisco. So we're really excited about this direction. And at the end of the day, it solves a problem better for customers than the alternative. That's the focus.

Got it. I wanted to shift gears a little bit and talk about the effects that supply chain dynamics have had on maybe the security business, but also Cisco in general. For the next coming quarters, as supply chain dynamics start to ease how do you expect -- how do you think you expect to play out from a security perspective?

Well, look, the way that we see it is -- our goal is going to be to make sure that we continue to sell the platform. And our guidance that we had last earnings call, our supply chain is what I kind of stick with. And if you think about what the exciting part is about all of these pieces that we're doing right now is, when you think about buying a holistic platform, which actually has a lot of synergy among the different pieces and you just think about buying those things more so as a sweetened bundles rather than just individual SKUs, the complexity of the selling motion goes down dramatically. I have a philosophy, which is every SKU that you add creates unique selling motion. And so the fewer number of SKUs, the better off you are because you create fewer selling motions. And so that's the way that we ought to think about this is what can we do to make sure that we simplify the selling motion. We have a fewer number of hyper specialists, have more people across the security specialist team as well as the networking team that can actually talk about our security strategy and sell this in the least amount of hyper specialization. And we actually have a very clear set of target personas that we go after them. And once we get those pieces in place, I think you can start to see kind of volume and momentum start to pick up. You will always see fluctuations in supply chain. But I think our supply chain team has done a great job on that dimension.

I wanted to just think of this or maybe discuss this idea of the security business or security revenues attached to networking equipment and routing. One piece is maybe you could give us an idea on how much security business is actually attached to networking and routing shipments? And then I think based on the way you've described the Cisco platform going forward, there's likely going to be a slight change in the way things are going to be executed at Cisco. Maybe you could walk us through on how the security business is going to become potentially more independent over time?

So the way to think about this is majority of our security revenue comes from our networking customers, but a minority of our networking customers actually have security faults. So there's a huge amount of TAM that's available. If you think about where our differentiation lies, it's when security meets the network, like Tom mentioned, there is a tremendous amount of differentiation that we can bring to the table. But sometimes, a deal is led by security rather than network, and we will be able to play very effectively over there. And sometimes the deal is led with the network and they need security, and we will be able to play very effectively over there. The key is to make sure that you simplify the overall message and packaging and bundling and the selling motions. And once we've done that, there's plenty of addressable TAM left in the market, in our current installed base to go after. But we also have actually in certain areas, for example, in areas like Duo, we are getting a lot of new logos that Cisco didn't even have. And so it's not just going after the existing installed base. You can also go after new logos and greenfield. But Cisco has such a large coverage on number of logos, but the number of customers of those logos that use security is still a pretty small percentage that there's a lot of upside there.

Got it. Got it.

As a product person, I'm enamored with that intersection between security and networking. So I just see so much richness to do things that are kind of magical in the eyes of the customer. as we continue to evolve that product strategy, it's going to drive that attach that Jeetu was talking about. So that enormous TAM and upside, we're going to address some product innovation that leverages what we're great at the network.

One of my last kind of prepared questions I want to ask is, what do you think most investors and industry constituents are missing about Cisco Security as a business?

I think the -- and by the way, this is not that they're missing it. I think we've done a poor job in the past of articulating activity. The power of having native telemetry across the number of different control points and the breadth -- the sheer breadth of the capability that we have. at exactly the time when the world is realizing that this best-of-breed approach of point solutions is untenable in the future. I just don't think it's something that is well appreciated right now on what differentiation Cisco has. I mean we've got networking. We've got security, we've got hardware. We've got software. We've got on-premise applications we can protect, we've got cloud applications we can protect. We can actually protect [indiscernible]. We can actually help the SOC analysts. When you start thinking about the range and the breadth, that is what defines an end-to-end platform. And if you believe that the world is going to move to an end-to-end platform based approach rather than point solution-based approach moving forward, then it's hard to ignore Cisco as one of the formidable players in the market. One last thing I'll say is, the skeptics would say, well, we've been talking about this end-to-end platform for a while, why is now the right time? I think now is particularly important because the attacks are getting so sophisticated, and with end-to-end encryption, you can't even see what's inside a packet that if you don't have the right telemetry and the right data, you cannot solve this problem with human scale anymore. You have to solve it at machine scale. When you think about machine scale problems, the quality of the data that you feed into a model actually determines largely the kind of insights you get from the model. And if that quality of data is around native telemetry plus the human knowledge that we have from the incident responses that we do from the security playbooks that our [indiscernible] organization puts [ cisco ] in place and you merge those 2 together, I think there's a meaningful differentiation and a strategic advantage that we have that we have, to date, not exploited that you will start to see being exploited because the products are going to get more elegant. They're going to get easier to use, and the bundling is going to get better and the selling motion is going to get easier. The messaging is going to get easier. That when that starts to unlock, you'll actually see a meaningful kind of uptick in the business.

Got it. Got it. One last thing. I mean you've had a lot of things. You've hit about number of vendors, number of sophistication of attacks. We covered a lot of themes and we also corporate how Cisco is pivoting in response to a lot of new things and what you guys are developing. Are there any other kind of points you'd mentioned the dynamics and the security or cybersecurity landscape that are shifting that people may not necessarily be paying attention to? Or would you say we covered the...

I think the one of the things that we didn't cover is AI, and what is going to be happening in the world of AI? And I think you should think about it as 3 distinct things that are happening. Firstly, AI has been around for a while as end-to-end encryption happens, the packets that are moving over the network. We used to have this technology, and we still have a technology called deep packet inspection when you look inside every single packet to know whether or not there's malware. Today, it's harder to do an end-to-end encryption is actually the norm. So what can you do over there? Well, you have to insert the movement of the package to determine whether or not there's a malware rather than looking inside the package, right? But that's -- at the highest level, when you start thinking about AI as a development of large language models and what happened with Chat GPT, I think there's going to be 3 major areas of opportunity for someone like Cisco. #1, is can you use AI in the security stack to make the security stack simpler? We showed a concept yesterday in our keynote, which was, what if we could make the life of a SOC analyst, 10x easier? What if we could actually fundamentally reimagine how a SOC analyst goes out and spend the day by having AIB and assistance to them? And I don't think that's too far from reality. So that's one is AI to really help the security stack. The second one is, can we actually build security defenses for sophisticated attacks that are going to come because of better AI in the market. When we talked about the Nigerian prints typos are going to be changed to very bespoke e-mails that talk about, "Hey, you were [indiscernible] basketball game. Great game yesterday, here are some pictures download the link." That's much more enticing to go out and look at, "your shipment didn't arrive on time and quick over here to go out and correct your address." Those are the kind of attacks that are going to start, and it's going to be hard to decipher between what's a real attack versus legitimate activity. And so security defenses for the new era of attacks using AI will be the second opportunity for us. And the third one is making AI itself more secure. And so when you start looking at all those 3, I think there is a tremendous amount of potential for us, but there's also a tremendous amount of things -- aspects that we have to keep in mind from a responsible AI standpoint so that you don't go out and do things in a careless way. And then all of a sudden, there's -- the organization is put more at risk. And so we have to make sure that we are actually looking at AI very deeply. We have a responsible AI framework. We've actually got AI teams that are working very hard at some of this stuff. We've got predictive models for AI, and we are also going to make sure that there are specialized models that get created for the security industry because the problem with the security industry is you can't be right 80% of the time and who's to say 20% of the time. You have to be right much, much more often than that. And so we just need to make sure that that's -- so that's an area that you can expect a lot of investment from us and a lot of focus from us over the course of the next few years.

All right, Tom you want to add to that?

Perfect.

All right. Yes. So Q2, Tom, thank you very much for the time and the opportunity to host the Cisco team. Thank you very much. And if you have any questions, you can direct them to Cisco Investor Relations.

Thank you so much.

Thank you.

All right. Well, I'd like everyone for attending this session. We have been informative and viable, a special thanks as our speakers and panelists for today. I hope everyone has a great day and goodbye.