What happens when a single lost network packet can disrupt hours of manufacturing?
Recorded at Cisco Live, this episode features John Hoenemier, Director of Network Security Operations at GlobalFoundries, one of the world's leading semiconductor manufacturers. While most people think about microchips only when they buy a smartphone, laptop, car, or connected device, the reality is that modern life depends on a vast ecosystem of manufacturing facilities operating around the clock with extraordinary levels of precision.
During our conversation, John explains why semiconductor manufacturing is one of the most demanding operational environments in the world. Production runs continuously throughout the year, and even minor disruptions can have significant consequences. In this environment, the network serves as the digital nervous system of the factory floor, connecting equipment, systems, data, and people in real time.
We discuss the challenges of maintaining resilience in an environment where downtime is rarely an option. John shares how visibility, observability, security, and automation have become increasingly important as manufacturing operations grow more connected and more dependent on digital infrastructure. The conversation explores what happens when connectivity is interrupted and why reliability remains one of the most important measurements of success.
We also examine the growing role of AI, operational intelligence, and unified management platforms. John explains why bringing together data from multiple systems is helping teams make faster decisions and why technologies such as Cisco Cloud Control are generating so much interest among infrastructure leaders.
Along the way, we discuss cybersecurity, identity management, observability, and the unique realities of protecting highly distributed manufacturing environments. Despite operating in a very different industry, many of the challenges GlobalFoundries faces are remarkably familiar to technology leaders everywhere: balancing innovation with reliability, improving visibility, and finding ways to manage increasing complexity.
What stood out most was the reminder that behind every AI application, cloud service, connected device, and modern technology platform sits a manufacturing ecosystem that must operate with extraordinary consistency and precision.
As industries become increasingly connected, how important will resilient digital infrastructure become to the products and services we rely on every day?
[00:00:04] I think when most people think about semiconductors, they think about that finished product. The chip inside a smartphone, a laptop, a car or perhaps the AI infrastructure powering the latest breakthroughs. But I think what we seldom think about is what it actually takes to manufacture those chips. Well at Cisco Live I was lucky to grab a few minutes with the Director of Network Security Operations at Global Foundries.
[00:00:32] And together we explored the hidden world behind semiconductor manufacturing. Because it is a world where production runs 24 hours a day, 7 days a week. And a single network disruption can have consequences measured in hours rather than seconds. And where technology isn't simply supporting the business, it is the business.
[00:00:56] So today we discuss why the network has become the digital nervous system of a modern fabrication facility. The challenge of balancing innovation with reliability. And what happens when some of the world's most advanced manufacturing environments are still operating alongside technology that has been around for decades. And along the way I even learned that making chips is a bit like conducting a highly complex orchestra.
[00:01:25] Except the performance lasts for months. It falls to thousands of individual steps and there's very little room for missing a note. And on that bizarre analogy I'm going to introduce you to my guest right now. So thank you for joining me here at Cisco Live. Can you tell everyone listening a little about who you are and what you do? Okay, so my name is John, obviously. I'm the Director of Network Security Operations at Global Foundries.
[00:01:55] So we're a semiconductor manufacturer. We make chips for most of the consumer electronics companies you would know. We make what we call essential chips. So we don't do the sub-10 nanometer stuff that, you know, NVIDIA and all that hot space. We create all the things that the devices still need though. Power management, wireless, Bluetooth, all those things. So my team runs network engineering, network solution delivery, network architecture. I also have security.
[00:02:22] So we have the whole security infrastructure as well. We sit beside the CISO organization. So we work closely with them. And I also have identity and observability in my team as well. And before we get into the technology side of things, can you possibly paint a picture of what Global Foundries operations actually look like today? And what roles does technology play in keeping those facilities running smoothly? Just for people hearing about you for the first time, just to kind of understand what it all looks like and works like. The network is really the nervous system of our manufacturing floors.
[00:02:52] Everything we do realize on the network. And there's a lot of complicated equipment out there that talks constantly. So, you know, and it's real time. So for us, a single packet loss can actually cause hours of disruption to production because it's such a sequence ballet, you know, getting building microchips. So for us, you know, because it's 24-7 operation, we literally run 24 hours a day, 365 days a year. And we don't get down times. If we get a downtime, it's for, you know, a few hours once a year.
[00:03:20] And we have to pack in everything into that one. So we really work around that type of environment. And so focusing on resiliency, uptime and disruptionist upgrades and, you know, responses to security events and things like that, that's critical for us. And the network is often viewed as the background infrastructure. But in your environment, as you said there, it's more like a digital nervous system of business. But what happens when connectivity, visibility or security, any of these things break down
[00:03:49] in a modern semiconductor manufacturing operation? I'm sure you've got a few more stories you've picked up along the way. When the network goes down, manufacturing stops. And that is, you know, obviously the foundation of our business. So that is a critical event. You know, so for us, when there's a disruption in the network, that is a all hands on deck. Everybody respond. It really is that critical. Now, we actually live in kind of two different roles in the network because we still have the enterprise side, you know, the carpeted space where people are out, you know, working
[00:04:18] on their modern workplace things. That obviously is a little bit less important. So for us, you know, identifying and prioritizing those events is really critical. So we can get the right people involved at the right times. And you've described the importance of having a real time visibility into assets and indeed vulnerabilities. But how has that changed the way that your teams operate compared to maybe a more traditional reactive approach to infrastructure management? Yeah, because we're so sensitive to impacts to production, right?
[00:04:47] We always want to try and stay ahead and understand what those vulnerabilities are. And we're always prioritizing. So, you know, responding to vulnerabilities is always going to be a risk exercise. The risk of not responding versus the risk of responding. And so having better data is always going to help make better decisions. And that really has made a difference for us. So having, you know, really quick response and really, really quick understanding of what the exposure is for a particular set of devices to a new vulnerability and be able to craft a response to that very quickly. That's been really helpful.
[00:05:17] And one thing that stood out to me was this successful Catalyst SD1 deployment with zero production downtime, which I know is incredibly important to you. I mean, that's an outcome that many organizations would love to achieve. Almost probably look at it and go, really? How does that work? But what planning, preparation and lessons learned helped you make that transition so successful? Yeah, we're pretty proud of that one, actually. Yeah, yeah. So obviously, a ton of planning went into it.
[00:05:44] You know, we did what we called the Field of Dreams model. We built the new in parallel and then migrated over the sites. But again, because the sensitivities are so great in our environment, we had to be very, very aware that any disruption would be impactful. So, you know, we work closely with our manufacturing teams to coordinate and test. We work closely with Cisco, actually, and their managed services and their teams brought a lot of expertise and a lot of capabilities, honestly, to help us pull it off. And we did it.
[00:06:13] And once we were ready, we did it in a very quick turnaround as well. So it was a really successful story. And when we're talking about semiconductor manufacturing, it's one of the most complex and precision-driven industries in the world. So how do you balance the need for innovation and modernization with the need for absolute reliability in production environments? A bit of a balancing act? It is a tug of war, I would say, is probably a closer description.
[00:06:38] You know, our environment is interesting because we build some of the most complicated products on the planet. And yet, some of the tools we use are highly, highly complex. Some of them were complex 20 years ago, but we're still using them today. The nature of the tools is they're very expensive. Hundreds of millions of dollars for one tool in some cases. So we want to run those things until the wheels fall off. We want to get every penny out of them. So the manufacturing teams aren't particularly incentivized to go to the newest, latest, and greatest. And the vendors aren't incentivized to keep up with things like operating system upgrades.
[00:07:08] So we literally have, you know, legacy operating systems in the most complex manufacturing environment on the planet we have to deal with. So it's a constant tug of war as well as innovation, right? So we have the business side, you know, leadership and everybody wants, you know, we're driven to innovate. That's how we, you know, that's our differentiator moving forward is how do we innovate and stay ahead of things. So finding that balance of rolling out new innovative technologies in a heterogeneous
[00:07:34] environment where we still have mixed technologies with new and old, that is a constant challenge. And that's where we rely heavily on our vendors to help us navigate that. And cyber security is also becoming increasingly important across operational technology and manufacturing environments. So how has the threat landscape evolved over the last few years and what concerns are keeping manufacturing leaders like yourself awake at night? Is there anything you'd share there? Yeah. And I think that's been a, it's been an evolution in thinking that's really kind of taken
[00:08:04] shape over the last couple of years. It's always been understood, but now it's a reality, right? Those, the gap of things that we're running versus what's supported and what we can patch. It was always an operational risk, but now we're recognizing it's security exposure, right? And so, you know, working with manufacturing, and I think there's been a really good relationship with our manufacturing teams and building awareness and helping working together with them to identify and prioritize, you know, how we approach the cyber security risks in our manufacturing floors.
[00:08:33] You can never fix everything. So it's a matter of prioritizing and coming up with the right containment tools and really understanding what your threat landscape looks like. And as chief architects, you sit at the intersection of technology, strategy, and business outcomes. So when you're evaluating new technologies, how do you determine whether they're genuinely solving a business problem versus maybe running the risk of adding even more complexity? Yeah, I think, I think you kind of touched on it. The first question I always ask my team is what problem are we trying to solve here?
[00:09:02] And not what is this technology trying to say we need to solve, right? There needs to be a well-documented business problem that we're actually trying to solve. I always tell my teams, you know, there's three things we always need to lead out any conversation with our stakeholders, right? It's the fruit, and it starts with why do we care about something, right? So why are we looking at this? Why are we approaching new technologies? Why am I talking to you about security, right? And then what are we doing about it? So what's our path there? What technologies are we looking at?
[00:09:30] How do we engage with our stakeholders to understand what the business problem really looks like? And then ultimately with the stakeholders, what does it mean to them? We need to explain that, right? Say, hey, we're going to navigate this new technology. But it's going to require investment, or it's going to require some changes to your manufacturing process, which was a disruption or whatever that is. So we always try to couch our conversations with those things. And when we engage with the business, and so far, it's been pretty successful. And when people think about semiconductors, especially people listening, they probably focus on the chips themselves.
[00:09:58] I'm curious, what would surprise listeners most about the amount of tech required to manufacture these chips? Yeah, I think there's a lot. I've been working there for several years. And every time I think I understand the technology around chip manufacturing, I talk to somebody way smarter than me and realize I just barely scraping the surface. I think what most people don't realize is chips are made on wafers. So a Bluetooth chip or even an NVIDIA chip, they're all built, and there'll be multiple
[00:10:27] chips on a single wafer. They call them dyes. One of those wafers can take months to actually build, and there's thousands of processes that it needs to go through. They come out, they get sanded, actually, and then they lay down some lithography, which actually lays the traces. Then it goes through chemical processes. So it's an incredibly complex ballet of sequencing of events that happens with these things. And any disruption to that can cause all sorts of challenges down the road.
[00:10:54] It takes about three days to slow the fab down when we do get a downtime window so that they can sequence things and park things that are time sensitive and then shut things down and then about another 12 to 24 hours to turn everything back on again. A big thank you to Denodo for helping me make more than 60 monthly interviews possible across the Tech Talks network. And as businesses move from Gen.AI to Agentic.AI, trusted data becomes everything.
[00:11:20] Everything from Gen.AI to Agentic.AI, Denodo is helping organizations build intelligent, secure, and scalable AI solutions with data access, governance, and explainable results. So build AI that you can trust and do it with Denodo. And you can learn more by simply visiting denodo.com. As for Cisco Live, where we're recording this today, I believe you've been on stage. Is that right? What have you been talking about here? Yeah.
[00:11:50] So this morning I talked about Cisco IQ. And for us, that's really been a helpful tool. I mean, I don't think it's any mystery. Cisco hasn't been the easiest over the years. Really no vendors figured it out. But I think Cisco is getting close. Is how do you manage a large estate where things are bought globally? You have maintenance contracts that are coming and going and they're not necessarily all aligned. How do you keep track of all that?
[00:12:13] Right now with security vulnerabilities and understanding, you know, what might apply and what software version is vulnerable to what on thousands and thousands of devices is an incredible challenge. So with Cisco IQ, what they've done is they've stitched all together with now an AI underneath it. So we can just ask plain test questions. I can say, hey, show me all the devices that are vulnerable to this particular vulnerability. Or we're also using it to do some use case analysis on, you know, and maybe some refresh analysis for long-term spend. Right. So we get a long range planning exercises.
[00:12:42] I can say, hey, what if I did this 10, 20 percent? What does that do to my LDAS portfolio over the next 12 months? Right. Am I burning up or am I burning down? And so it's been really helpful to get out of the spreadsheets and start interacting with the data in a more meaningful way, in a quicker way. And I can also do a very quick, you know, with a lot more efficiently with less people. And you must have been speaking with so many different people here. And one of the great things of attending any tech conference is those moments of serendipity where you have a conversation with somebody you wouldn't normally bump into. Have you had any conversations like that?
[00:13:12] Any trends in the kind of conversations you're having? You know, I think when I come to these things and we've all we've all come to these things a bunch of times, you kind of forget that we're all big ecosystem. Right. And so, you know, it's always, you know, it's not really new, but it's always eye opening when you come here and you realize we're all trying to solve the same problems. Right. We're all we're all kind of in the same boat and we're all seeing basically the same things. And, you know, that's always refreshing just to see that and, you know, get my peers across the industries and very and doesn't matter if I sell coffee or make microchips.
[00:13:40] We're all basically trying to solve the same problem. And there's so many big announcements here this week. Anything in particular caught your eye? Anything that. Well, I mean, obviously cloud control is going to is I think that's the big buzz. Right. What I've been working with them over the last year and a half, I've been watching that evolve the various technologies underneath that. And I think it's exciting to see it all come together. And it'll be really interesting to watch where that's going. And for anybody listening that hasn't seen the keynote and hearing about cloud control for the first time, maybe we've got an architect listening.
[00:14:09] Can you just tell me a little bit about it and why it is such a big deal? Yeah. So I think, you know, there's a couple of pieces to that that are pretty powerful. One, it's bringing together a bunch of disparate control panels into that holy grail of things, which is that single pane of glass, which it's still not, but it's getting closer. Right. And the other piece it's doing is it's taking sort of like Cisco IQ.
[00:14:30] We're starting to pull all those disparate data sets into usable way and to things that are much more usable and more, you know, and more exposed to folks that don't necessarily know how to drive UIs, but they know what problem they're trying to solve. And with the agentic pieces that are coming online underneath that and the ability to control and throttle responses and apply agents to that, I think that's going to be a very powerful tool. Yeah. Yeah. A hundred percent with you.
[00:14:53] And if we were to look ahead, what excites you most about the future of the semiconductor manufacturing industry, whether it's AI automation, network security, where do you see the biggest opportunities to improve operations and help you deliver greater value to your customers? Yeah. Well, first I hope it continues to grow. That'd be great. Yeah.
[00:15:21] And as we transform them, like other observability stack, we can start bringing those pieces together and start having them interact in meaningful ways without having to custom develop APIs and build a bunch of, you know, sort of hardwired solutions that are constrained by what we thought of at the time. We can start pulling these things together and start exposing it to our stakeholders and have them start driving it in ways that we wouldn't have really thought of. Right. Because they understand the use cases better than we do.
[00:15:48] And finally, as Cisco life comes to a close and you're on that plane ride home, what are you going to be reflecting on? What are you going to be thinking about on that way? And when you, when you finally get time just to decompress and, and soak up everything that you've learned. Yeah. So whenever I come to one of these things, I'm always looking for the theme, right? So what, what is the industry thinking about right now? Whether it's, you know, Black Hat or RSA or this one, you know, where are we at?
[00:16:12] And, and I think what I'm sensing right now is, is the industry, you know, the network industry in particular is really trying to figure out one, what's the impact of all this going to be? Right. You hear bandwidth projections, all these things, but nobody really knows. Right. So everybody's sort of watching to see. And I think trying to figure out how to keep up with the rate of change, that's the biggest challenge, right? And that's the conversations I've had here with a lot of folks.
[00:16:36] And that's kind of the theme is, is how do we, how do we move fast enough and keep our folks trained and engaged at a pace that can keep up with all this change? And for anyone listening that would like to find out more information about you, your work, maybe carry on the conversation we started today. Where would you like me to point everyone listening? Oh, I can help you just, my LinkedIn is going to be the best way to reach me. Awesome. Well, I'll include your LinkedIn, the website and everything else and some of the Cisco Live keynotes and we'll put those on there.
[00:17:05] But thank you for sitting down and sharing a story with me. Thank you for your time. I appreciate it. Wow, so many big takeaways here, especially the sheer complexity that's hiding behind technologies that we all take for granted. Every smartphone, connected device, vehicle and data center all relies on semiconductor chips. Yet very few of us stop to think about the extraordinary infrastructure, planning and precision that is required to manufacture them.
[00:17:33] And I love John's description of the network as the digital nervous system of the factory. And I think that perfectly captured just how dependent modern manufacturing has become on connectivity, visibility and security. Because in this environment, a network isn't simply moving data around. It's helping coordinate one of the most sophisticated production processes on the planet.
[00:17:59] And perhaps my biggest takeaway was that while AI has dominated many conversations here at Cisco Live, the real challenge facing organizations remains remarkably familiar. How do you modernize, innovate, strengthen security and keep everything running without interruption at the same time? And for global foundries, that's a challenge they're facing every single day. And is it a battle that you're going through as well?
[00:18:28] Let me know, techtalksnetwork.com. Let me know what's the most surprising thing that you've learned about how the tech we use every day is actually being made. But that's it for today. I've taken up far too much of your time this week, haven't I? So I'm going to walk off into the sunset now, but I will return again tomorrow. Thanks for listening. Bye for now.