Cisco Systems is adding to its fast-growing portfolio of security offerings with the acquisition of Portcullis Computer Security, a U.K.-based company that offers a broad range of security consulting services.
The networking vendor announced the deal Sept. 30, with officials saying it will add to Cisco's efforts to offer customers both security technologies as well as services to help them assess their security environment and how to respond when an incident happens. No financial details were released.
"Portcullis' range of security consulting services includes assessments to identify vulnerabilities, forensic testing, first responder training to prepare for attacks, policy review and creation, security awareness training, and overall security posture audits," Rob Salvango, vice president of corporate business development for Cisco, wrote in a post on the company blog. "Together, Cisco and Portcullis will provide strategic guidance to our clients to help them with their most difficult security challenges."
Over the past several years, Cisco has aggressively built out its security capabilities through acquisitions with the goal of offering a comprehensive set of products and services. In June, company officials announced their Security Everywhere initiative, noting that the rise of the Internet of things (IoT) and the shift toward a digital economy has significantly increased the threat of cyber-attacks. The goal of the initiative is to add security throughout the network, from systems running in the data center out through the campus networks and reaching to the cloud and the endpoints in the hands of users.
"The more things become connected, the more opportunities exist for malicious actors as well," Scott Harrell, vice president of product management for Cisco's Security Business Group, said in a post on the company blog at the time of the announcement. "We are now dealing with a new world where more and more devices are creating a broader and more diverse attack surface that can be exploited."
In April, Cisco officials said they were integrating intrusion prevention technology from Sourcefire—bought in 2013 for $2.7 billion—into the Application Centric Infrastructure (ACI) network virtualization solution.
Over the past several years, Cisco also has bought other security firms like ThreatGrid, Cognitive Security and, most recently, OpenDNS.
In his blog post, Cisco's Salvango wrote that the Portcullis acquisition will complement the services Cisco acquired earlier this year when it bought security advisory firm Neohapsis.
"Portcullis has a long history of providing security consulting services in Europe, with an extensive customer network, and a respected reputation for penetration testing of web applications and infrastructure," he wrote. "When paired with Cisco's existing security services portfolio, Portcullis will help accelerate Cisco's security services business and more quickly expand its security consulting services outside of North America."
Cisco and Portcullis share similar views regarding technology and security, according to Paul Docherty, co-founder and director at Portcullis. Cisco will be able to expand its security services offerings while the Portcullis team will be able to leverage the giant networking vendor's scale and technologies, Docherty wrote in a post on the company blog.
"Portcullis has built an enviable reputation within the information assurance arena, having worked in collaboration with thousands of organisations over more than two decades to reduce their risks, identify areas for improvement and test the implementation of security controls," he wrote. "Cisco recognises the importance of security, its strategic investments within the sector not only highlight that recognition but also outline the intention to deliver market leading products and services on a global scale."
Once the deal closes later this year, Portcullis employees will become part of the Cisco Security Solutions group, which is led by Vice President James Mobley.