Robert Pizzari, Splunk’s Asia head discusses AI-ready data, legacy infrastructure, cybersecurity pressures, and how Cisco Data Fabric is helping Indian enterprises balance compliance, cost, and operational resilience.
Robert Pizzari, Group-Vice President, Asia- Splunk
As enterprises accelerate AI adoption, the conversation around data infrastructure is rapidly shifting from experimentation to operational readiness. Organisations across India are now grappling with a mix of rising data volumes, increasing regulatory pressure, legacy infrastructure, and the growing need to operationalise AI securely and cost-effectively. At the same time, CIOs and CISOs are being pushed to rethink how machine data is collected, governed, and utilised across hybrid IT environments that span on-premises systems, multi-cloud architectures, and emerging AI workloads.
In this interview, Robert Pizzari, Group-Vice President, Asia- Splunk discusses how Splunk, backed by Cisco, is positioning itself beyond cybersecurity and into broader operational intelligence. He talks about the company’s evolving data strategy through the Cisco Data Fabric, the growing importance of federated search, and how enterprises can make AI-ready data environments more cost-efficient without abandoning existing infrastructure investments. He also shares insights into India’s regulatory landscape, the mounting pressures faced by CISOs, the role of machine data in the AI era, and why organisations need a tightly aligned AI and data strategy to remain resilient in an increasingly automated world.
CIO&Leader: Splunk is often seen as a security tool for enterprises, but you are also positioning yourself as an operational engine. How does Splunk bridge the gap between raw IT telemetry and board-ready business intelligence?
Robert Pizzari: At the end of the day, our heritage over the last 20-plus years originated as a monitoring tool focused on finding a needle in a haystack across applications, infrastructure, databases, and other systems. We really have not moved too far away from that foundation.
We fell into security as opposed to specifically going after security because our real strength has always been as a data platform. One of the recent announcements following the Cisco acquisition is the concept of the Cisco Data Fabric. It is designed to give organisations the ability to move, access, and govern data regardless of where it lives across networks, clouds, applications, and now AI systems.
There is also another layer tied to the machine data lake. This is not limited to IT, applications, databases, or security specifically. The machine data lake capability helps organisations land all their machine data irrespective of where it resides and helps them make that data AI-ready from day one without forcing them to move or repackage data constantly across repositories.
Another important transition we have taken is around federated search. Historically, if you asked whether all data needed to sit inside Splunk, the answer would have been yes. Most solutions in the market today, including SIEM platforms, still require centralised data repositories.
By decoupling the need to centralise all data, we believe we can help organisations maintain better control over cost, governance, and compliance without forcing them to move everything.
By decoupling the need to centralise all data, we believe we can help organisations maintain better control over cost, governance, and compliance without forcing them to move everything into Splunk. This federated search journey started around two years ago with support for Amazon Web Services S3 buckets, and recently we also announced support for Snowflake. Over time, more data lakes will be supported as well.
CIO&Leader:AI-ready data often comes with storage and processing challenges. AI adoption in India is expensive for enterprises. How does Splunk help organisations maintain cost efficiency?
Robert Pizzari: When I think about the mindset of a CIO or even a CISO, it is really about doing things efficiently while balancing cost and operational performance.
As we move into the AI era, organisations are increasingly focused on securing data, monitoring AI stacks, and using AI to improve outcomes such as faster detections, quicker investigations, and better uptime. We estimate that around 1.3 billion AI agents will become active by 2028, while global data volumes could reach around 394 zettabytes. More than half of that volume is expected to be machine data.
That obviously creates enormous challenges around storage and processing costs.
With the Cisco Data Fabric, organisations can access and train data whether it sits inside Splunk or elsewhere. We also enable search to be applied dynamically depending on the use case. One important thing we have learned over the last two decades is that not all data is created equally.
Some data use cases are near real time and require optimisation, while others are more focused on compliance and regulatory requirements and are accessed less frequently. By democratising the way data is accessed, we believe organisations can achieve much more cost-effective outcomes.
CIO&Leader:How should Indian CIOs rethink their approach to data collection? At what point does data become a liability instead of an asset?
Robert Pizzari: Without doubt, any AI strategy must be tightly connected to a data strategy.
Right now, data is fragmented across multiple tools, repositories, lakes, rivers, and environments. If organisations do not have a strong data strategy, AI is not going to magically solve the problem. In fact, poorly orchestrated data can actually create more noise.
Any AI strategy must be tightly connected to a data strategy.
As we move into an agentic AI era, autonomous systems will increasingly depend on real-time, contextualised, high-quality data. The old principle of “garbage in, garbage out” still applies. AI systems are not automatically going to fix poor data hygiene or eliminate risks such as hallucinations and bias.
That is why machine data strategy is becoming so important. For example, if a CIO already invested heavily in platforms like Snowflake or Amazon over the last few years, we are not asking them to move all of that data into Splunk. They can continue leveraging those investments while using Splunk for operational and machine data use cases where time is critical.
As attackers increasingly adopt AI, organisations also need to rethink how they defend themselves. Traditional defense models are no longer enough. Machine data growth across endpoints and repositories means organisations will need normalised and streamlined data environments so they can operate efficiently with AI systems.
Data tiering is another critical area. Organisations need to decide what data requires real-time access and what can be archived or accessed periodically. Our goal is to help organisations make those decisions while preserving the investments they have already made.
CIO&Leader: Indian organisations still rely heavily on legacy systems while also adopting modern cloud environments. How does Splunk support this hybrid reality without forcing organisations into complete cloud migration?
Robert Pizzari: This is not unique to India, but it is definitely a major reality there. Most organisations that have existed for a long time still rely on legacy applications and architectures. Some of these systems may remain operational for decades because replacing or rebuilding them is extremely difficult and expensive.
With Splunk and Cisco’s broader Data Fabric strategy, we support everything from on-premises legacy systems all the way to modern cloud-native environments. We are not asking organisations to abandon existing systems to benefit from innovation.
Take a typical bank as an example. Many banks operate thousands of applications, with core banking systems that may have been running for 10, 20, or even 30 years. Those systems are not going away anytime soon because replacing them would involve enormous cost and operational complexity.
For us, it does not matter whether the environment is legacy or future-state. Our monitoring capabilities are designed to support everything from on-premises systems to hybrid and cloud-only infrastructures.
Another important point specific to India is the regulatory landscape. CERT-In requires incident reporting within six hours, while the Digital Personal Data Protection Act introduces additional disclosure obligations. These timelines make broad monitoring strategies absolutely critical.
Even sectors like healthcare still operate operational technology systems running older operating systems that cannot easily be patched. Splunk is one of the few companies capable of supporting both older monolithic technologies and modern architectures such as Kubernetes and microservices.
CIO&Leader:What are your top recommendations for organisations trying to align AI strategy with data strategy?
Robert Pizzari:The first recommendation is visibility. Organisations cannot manage what they cannot see. Most enterprises already know they have monitoring blind spots and operational silos that need to be addressed.
Organisations cannot manage what they cannot see.
The second recommendation is simplification. Organisations should review how many monitoring tools they have accumulated over the years and evaluate whether some of those tools can be consolidated to improve efficiency, reduce costs, and simplify operations.
The third recommendation is building a strong foundational data strategy powered by the Cisco Data Fabric. We are not suggesting customers replace all of their current investments. One of Splunk’s key strengths is that we continue to operate as an open ecosystem platform even after the Cisco acquisition.
For organisations already using Cisco technologies across networking, data centers, connected workplaces, and AI systems, we are improving native integrations to simplify data ingestion and reduce reliance on unsupported third-party integrations.
Another major part of our strategy is allowing organisations to bring their own AI models to Splunk data. We are not building a closed environment where customers are restricted to our AI models. Through APIs and MCP servers, organisations can bring in foundational models, open-source models, or internally trained models depending on their governance requirements.
This is especially important for sectors like banking and government, where AI models may need to remain entirely within controlled on-premises environments. By reducing vendor lock-in and democratising access to data, organisations can scale more effectively while controlling costs.
CIO&Leader:Many organisations still view cybersecurity as a cost center. How does AI-powered automation help CISOs prove ROI and position security as a business enabler?
Robert Pizzari: The key lies in being able to ingest data once, pay for it once, and use it across multiple teams and business functions.
For example, the same telemetry collected for cybersecurity purposes can also support business analytics and customer insights. Organisations can analyse customer behavior, purchasing patterns, usage trends, and other business metrics using the same underlying datasets.
This helps organisations avoid paying multiple times for the same data.
There is also a major difference between cybersecurity incidents and operational incidents. Cyber incidents in regulated industries come with compliance obligations and require forensic integrity and chain-of-custody processes. At the same time, operational teams may use the same datasets to improve customer experience or application performance.
Our overall approach is focused on simplifying monitoring, making data accessible regardless of where it resides, and enabling different teams to use that data in a governed and secure way.
CIO&Leader:Is there anything else you would like to add specifically for the Indian market?
Robert Pizzari: One important thing I would leave behind comes from our recent CISO report for 2026, where we surveyed around 650 global CISOs, including a significant number from India.
There were three key findings.
First, most CISOs in India are dealing with what we call a “triple squeeze” — faster threats, limited talent availability, and increasing regulatory and reporting pressures.
Second, India is clearly moving toward data-driven security, AI-led operations, and identity-first security models. That shift is extremely important given the challenges organisations are facing.
Third, CISOs in India are feeling increasingly accountable and exposed because of growing compliance requirements, privacy regulations, and concerns around personal liability.
Many CISOs I met during my recent visit to India also spoke about pressure from boards to improve cybersecurity while controlling costs and responding to incidents more quickly.
It is an incredibly demanding role, but we believe Splunk, backed by Cisco, can help make that job significantly easier.
