Just weeks after Cisco Systems CEO John Chambers said he had written a blank cheque to beef up its security business, the US technology giant has tied up its first deal with the acquisition of the Czech Republic's little-known but highly promising Cognitive Security.
The deal, say analysts and industry players, is further proof of Central and Eastern Europe's growing clout in the technology sphere, in particular cyber security.
Cisco announced January 29 its intention to acquire for an undisclosed amount Cognitive, a Prague-based company specialising in technology for network behaviour analysis, which allows businesses to identify, and protect themselves against, sophisticated attacks on their networks. The selling shareholders include the founders Martin Rehak and Michal Pechoucek, Credo Ventures, several angel investors, and board members/advisors including Richard Seewald, Vlado Jez and Karel Obluk.
The deal is an important first step for Chris Young, Cisco's first executive for security appointed at a senior vice president level, who has been charged with overhauling the US firm's security business over the next two to three years.
Cisco is still the leader in the network security field, though it's struggling as its legacy products lose ground to smaller innovative rivals such as Juniper Networks and Palo Alto Networks. Acquisitions in this space don't come cheap, though, hence Cisco's move down the food chain to foreign, early-stage innovators like Cognitive.
The founders of Cognitive, which was a commercial spin-off from Prague's venerable Czech Technical University (CTU) in 2009, told bne at the end of last year that their company was in the process of hunting for a second round of financing. The first round came from local venture capitalists Credo Ventures in April 2011, which invested a reputed €1m out of its Credo Stage I Fund that targets early-stage tech firms in the region, primarily from the Czech Republic and Slovakia.
Cognitive's technology first came to the attention of the US military, which was interested in its ability to monitor internet traffic for anomalies that could signal that a system was being hacked. "It's like we are acting as the immune system of a network that finds strange or non-typical things in the body and these are highlighted," Rehak, Cognitive's chief executive, told bne.
At first only military or government institutions were interested in such technology because they were the only ones being hacked at such a level, explained Rehak, but industrial hacking has grown to a point where it has now become a problem at all levels. "This problem has become much more widespread and is now a standard issue for the networks of companies, both big and small," he said.
Until now, network security has primarily focused on securing the perimeters of networks, but "even if the door is locked, someone can get through the window and we can detect that," said Rehak.
This opens up lucrative new possibilities for a $10bn-15bn industry that has, to some degree, become commoditized. "Cognitive Security is in an interesting space, as the evolution of malware and malicious threats go well beyond the perimeter (handsets and PCs) and now deeper into the network where valuable IP and specific disruption of business functions is targeted by hackers," the board member Seewald told bne at the end of last year. "Cognitive offers security as a service platform which is scalable and protects against these advanced variations of malware for large corporates, governments and small business where I believe vulnerability will be the greatest in the coming years."