VMware is in an all-out sprint to grow its $1 billion security business, doubling its engineering staff to compete with cyber giants like Microsoft and Cisco

  • VMware wants to be the next cybersecurity giant, competing with the likes of Cisco and Microsoft.
  • The firm has acquired a slew of startups and doubled its engineering talent in 18 months.
  • Three execs told Insider about VMware’s strategy to become an all-in-one IT and security vendor.
  • See more stories on Insider’s business page.

Twenty three years after its founding, VMware is at a pivotal moment. With a new CEO and an impending spinoff from Dell, the $69 billion cloud computing company has a unique opportunity to forge its own destiny.

VMware has set its sights on a new ambition: Rapidly growing its security business to become the next cyber giant and compete with the likes of Cisco and Microsoft.

In interviews with Insider, three executives broke down the company’s strategy to scale its security offerings, including a series of acquisitions and a rapid expansion of its security engineering talent.

“Security teams are dealing with this proliferation of problems and a cavalcade of solutions: Imagine if you went to the doctor and the doctor prescribed, like, a hundred medicines,” said Tom Gillis, a VMware senior vice president who oversees its network and security business unit, referring to a glut of venture funding rounds for new, highly-specialized security startups.

“Customers are looking for a larger vendor that can give them a systems approach so they can have fewer solutions, but get more value out of them,” he added. 

VMware isn’t the only firm beating that drum: Microsoft execs have recently talked about how its own big-box approach presents “easy button” for firms that don’t want to deal with a host of different companies to get the solution they need. 

“Security has to grow up”

While VMware specializes in hybrid cloud, where its customers use multiple cloud vendors as well as in-house data centers, it didn’t always brand itself as a security vendor. That changed with its $2.1 billion acquisition of the security startup Carbon Black in 2019, when it brought aboard the startup’s cloud security software and existing go-to-market programs. 

The acquisition marked the start of VMware’s standalone security business unit. Since then, VMware’s security business has grown to $1 billion in revenue in the past year. 

“It’s been a really interesting 18 months,” said Patrick Morley, Carbon Black’s former CEO who now serves as senior vice president and general manager of VMware’s security business unit.

VMware now has 25,000 customers paying for its cybersecurity software — a 50% increase since 2019 — and it has more than doubled its security engineering staff during that time, according to a spokesperson. Since then, it’s acquired other security startups including Mesh7 and SaltStack for undisclosed amounts.

“My view is that security has to grow up: Other industries have gone through a lot of explosive growth where you have a lot of vendors, and then over time that consolidates down to a core set that can really deliver the capabilities that customers want,” Morley said. “VMware is one of the few companies in the world that can help security grow up.”

VMware still has to grow significantly before its security business catches up to the likes of Cisco, whose security business boasts over 250,000 customers and brings in $3 billion in annual revenue. Microsoft’s security business, meanwhile, brought in $10 billion last year from its 400,000 customers.

But like Cisco, VMware is hoping that the sheer size of its existing networking client base will give it a leg up over smaller companies in security.

For instance, VMware runs more than 70 million virtual machines on behalf of its clients, which provides a unique wealth of data that its security business can use to glean insights into how those products are used and detect suspicious activity.

“We collect things on a continuous basis — who’s accessing what, which apps are they using, what this user’s role is — and use it to determine what appears potentially as a risk,” said Shankar Iyer, senior vice president and general manager of end user computing at VMware. “That’s unique about our architecture.”

A picture of a switch and lightbulb
Source: Read Full Article