>>All we're back. We're wrapping up day two at Falcon 22 from the area in Las Vegas, CrowdStrike CrowdStrike. The action is crazy. Second day, a keynotes. Sean Henry is back. He's the chief security officer at CrowdStrike. He did a keynote today. Sean. Good to see you. Thanks for coming >>Back. Good. See you, Dave. Thanks for having me. >>So, unfortunately, I wasn't able to see your keynote cuz I had to come do cube interviews. You interviewed Kimbo Walden from, from, you know, white house, right? >>National cyber security >>Director. We're gonna talk about that. We're gonna talk about Overwatch, your threat hunting report. I want to share the results with our audience, but start with your, well actually start with the event. We're now in day two, you've had a good chance to talk to customers and partners. What are, what are your observations? Yeah, >>It's first of all, it's been an amazing event over 2200 attendees here. It's really taking top three floors at the area hotel and we've got partners and customers, employees, and to see the excitement and the level of collaboration here is absolutely phenomenal. All these different organizations that are each have a piece of cyber security to see them coming together, all in support of how do you stop breaches? How do you work together to do it? It's really been absolutely phenomenal. You're >>Gonna love the collaboration. We kind of talked about this on our earlier segment is the industry has to do a better job and has been doing a better job. You know, I think you and Kevin laid that out pretty well. So tell me about the interview with the fireside chat with Kimba. What was that like? What topics came up? >>Yeah. Kimba is the principal, deputy national cyber security advisor. She's been there for just four months. She spent over 10 years at DHS, but she most recently came from the private sector in cybersecurity. So she's got that the experience as a private sector expert, as well as a public sector expert and to see her come together in that position. It was great. We talked a lot about some of the strategies the white house is looking to put forth in their new cybersecurity strategy. There was recently an executive order, right? That the, the president put forth that talks about a lot of the things that we're doing here. So for example, the executive order talks about a lot of the legacy type of capabilities being put to pasture and about the government embracing cloud, embracing threat, hunting, embracing EDR, embracing zero trust and identity protection. Those are all the things that the private sector has been moving towards over the last year or two. That's what this is all about here. But to see the white house put that out, that all government agencies will now be embracing that I think it puts them on a much shorter footing and it allows the government to be able to identify vulnerabilities before they get exploited. It allows them to much more quickly identify, have visibility and respond to, to threats. So the government in infrastructure will be safer. And it was really nice to hear her talk about that and about how the private sector can work with the government. >>So you know how this works, you know, having been in the bureau. But so it's the, these executive orders. A lot of times people think, oh, it's just symbolic. And there are a couple of aspects of it. One is president Biden really impressed upon the private sector to, you know, amp it up to, to really focus and do a better job. But also as you pointed out that executive order can adjudicate what government agencies must do must prioritize. So it's more than symbolic. It's actually taking action. Isn't >>It? Yeah. I, I, I think it, I think it's both. I think it's important for the government to lead in this area because while a, a large portion of infrastructure, major companies, they understand this, there is still a whole section of private sector organizations that don't understand this and to see the white house, roll it out. I think that's good leadership and that is symbolic. But then to your second point to mandate that government agencies do this, it really pushes those. That might be a bit reluctant. It pushes them forward. And I think this is the, the, the type of action that as it starts to roll out and people become more comfortable and they start to see the successes. They understand that they're becoming safer, that they're reducing risk. It really is kind of a self-fulfilling prophecy and we see things become much safer. Did, >>Did you guys talk about Ukraine? Was that, was that off limits or did that come up at all? >>It wasn't, it wasn't off limits, but we didn't talk about it because there are so many other things we were discussing. We were talking about this, the cyber security workforce, for example, and the huge gap in the number of people who have the expertise, the capability and the, and the opportunities to them to come into cyber security technology broadly, but then cyber security as a sub sub component of that. And some of the programs, they just had a big cyber workforce strategy. They invited a lot of people from the private sector to have this conversation about how do you focus on stem? How do you get younger people? How do you get women involved? So getting maybe perhaps to the untapped individuals that would step forward and be an important stop gap and an important component to this dearth of talent and it's absolutely needed. So that was, was one thing. There were a number of other things. Yeah. >>So I mean, pre pandemic, I thought the number was 350,000 open cybersecurity jobs. I heard a number yesterday just in the us. And you might have even told me this 7, 7 50. So it's doubled in just free to post isolation economy. I don't know what the stats are, but too big. Well, as a, as a CSO, how much can automation do to, to close that gap? You know, we were talking earlier on the cube about, you gotta keep the humans in the loop, you, you, the, the, the, the Nirvana of the machines will just take care of everything is just probably not gonna happen anytime in the near term, even midterm or long term, but, but, but how can automation play and help close that gap? So >>The, the automation piece is, is what allows this to scale. You know, if we had one company with a hundred endpoints and we had a couple of folks there, you could do it with humans. A lot of it when you're talking about hundreds of millions of endpoints spread around the globe, you're talking about literally trillions of events every week that are being identified, evaluated and determined whether they're malicious or not. You have to have automation and to have using the cloud, using AI, using machine learning, to sort through, and really look for the malicious needle in a stack of needle. So you've gotta get that fidelity, that fine tune review. And you can only do that with automation. What you gotta remember, Dave, is that there's a human being at the end of every one of these attacks. So we've got the bad guys, have humans there, they're using the technology to scale. We're using the technology to scale to detect them. But then when you get down to the really malicious activity, having human beings involved is gonna take it to another level and allow you to eradicate the adversaries from the environment. >>Okay. So they'll use machines to knock on the door when that door gets opened and they're in, and they're saying, okay, where do we go from here? And they're directing strategy. Absolutely. I, I spent, I think gave me a sta I, I wonder if I wrote it down correctly, 2 trillion events per day. Yeah. That you guys see is that I write that down. Right? >>You did. It changes just like the number of jobs. It changes when I started talking about this just a, a year and a half ago, it was a billion a day. And when you look at how it's multiplied exponentially, and that will continue because of the number of applications, because of the number of devices as that gets bigger, the number of events gets bigger. And that's one of the problems that we have here is the spread of the network. The vulnerability, the environment is getting bigger and bigger and bigger as it gets bigger, more opportunities for bad guys to exploit vulnerabilities. >>Yeah. And we, we were talking earlier about IOT and extending, you know, that, that threats surface as well, talk about the Overwatch threat hunting report. What is that? How, how often have you run it? And I'd love to get into some of the results. Yeah. >>So Overwatch is a service that we offer where we have 24 by seven threat hunters that are operating in our customer environments. They're hunting, looking for, looking for malicious activity, malicious behavior. And to the point you just made earlier, where we use automation to sort out and filter what is clearly bad. When an adversary does get what we call fingers on the keyboard. So they're in the box and now a human being, they get a hit on their automated attack. They get a hit that, Hey, we're in, it's kind of the equivalent of looking at the Bober while you're fishing. Yeah. When you see the barber move, then the fisherman jumps up from his nap and starts to reel it in similar. They jump on the keyboard fingers on the keyboard. Our Overwatch team is detecting them very, very quickly. So we found 77,000 potential intrusions this past year in 2021, up to the end of June one, one every seven minutes from those detections. >>When we saw these detections, we were able to identify unusual adversary behavior that we'd not necessar necessarily seen before we call it indicators of attack. What does that mean? It means we're seeing an adversary, taking a new action, using a new tactic. Our Overwatch team can take that from watching it to human beings. They take it, they give it to our, our engineering team and they can write detections, which now become automated, right? So you have, you have all the automation that filters out all the bad stuff. One gets through a bad guy, jumps up, he's on the keyboard. And now he's starting to execute commands on the system. Our team sees that pulls those commands out. They're unusual. We've not seen 'em before we give it to our engineering team. They write detections that now all become automated. So because of that, we stopped over with the 77,000 attacks that we identified. We stopped over a million new attacks that would've come in and exploited a network. So it really is kind of a big circle where you've got human beings and intelligence and technology, all working together to make the system smarter, to make the people smarter and make the customers safer. And you're >>Seeing new IAS pop up all the time, and you're able to identify those and, and codify 'em. Now you've announced at reinforced, I, I, in July in Boston, you announced the threat hunting service, which is also, I think, part of your you're the president as well of that services division, right? So how's that going? What >>What's happening there? What we announced. So we've the Overwatch team has been involved working in customer environments and working on the back end in our cloud for many years. What we've announced is this cloud hunting, where, because of the adoption of the cloud and the movement to the cloud of so many organizations, they're pushing data to the cloud, but we're seeing adversaries really ramp up their attacks against the cloud. So we're hunting in Google cloud in Microsoft Azure cloud in AWS, looking for anomalous behavior, very similar to what we do in customer environments, looking for anomalous behavior, looking for credential exploitation, looking for lateral movement. And we are having a great success there because as that target space increases, there's a much greater need for customers to ensure that it's protected. So >>The cloud obviously is very secure. You got some of the best experts in the planet inside of hyperscale companies. So, and whether it's physical security or logical security, they're obviously, you know, doing a good job is the weakness, the seams between where the cloud provider leaves off and the customer has to take over that shared responsibility model, you know, misconfiguring and S3 bucket is the, you know, the common one, but I'm so there like a zillion others, where's that weakness. Yeah. >>That, that's exactly right. We see, we see oftentimes the it piece enabling the cloud piece and there's a connectivity there, and there is a seam there. Sometimes we also see misconfiguration, and these are some of the things that our, our cloud hunters will find. They'll identify again, the equivalent of, of walking down the hallway and seeing a door that's unlocked, making sure it's locked before it gets exploited. So they may see active exploitation, which they're negating, but they also are able to help identify vulnerabilities prior to them getting exploited. And, you know, the ability for organizations to successfully manage their infrastructure is a really critical part of this. It's not always malicious actors. It's identifying where the infrastructure can be shored up, make it more resilient so that you can prevent some of these attacks from happening. I >>Heard, heard this week earlier, something I hadn't heard before, but it makes a lot of sense, you know, patch Tuesday means hack Wednesday. And, and so I, I presume that the, the companies releasing patches is like a signal to the bad guys that Hey, you know, free for all go because people aren't necessarily gonna patch. And then the solar winds customers are now circumspect about patches. The very patches that are supposed to protect us with the solar winds hack were the cause of the malware getting in and, you know, reforming, et cetera. So that's a complicated equation. Yeah. >>It, it certainly is a couple, couple parts there to unwind. First, when you, you think about patch Tuesday, there are adversaries often, not always that are already exploiting some of those vulnerabilities in the wild. So it's a zero day. It's not yet been patched in some cases hasn't yet been identified. So you've got people who are actively exploiting. It we've found zero days in the course of our threat hunting. We report them in a, in a, in a responsible way. We've gone to Microsoft. We've told them a couple times in the last few months that we found a zero day and give them an opportunity to patch that before anybody goes public with it, because absolutely right when it does go public, those that didn't know about it before recognize that there will be millions of devices depending on the, the vulnerability that are out there and exploitable. And they will absolutely, it will tell everybody that you can now go to this particular place. And there's an opportunity to gain access, to exploit privileges, depending on the criticality of the patch. >>I, I don't, I, I don't, I'm sorry to generalize, but I wanna ask you about the hacker mindset. Let's say that what you just described a narrow set of hackers knows that there's an unpatched, you know, vulnerability, and they're making money off of that. Will they keep that to themselves? Will they share that with other folks in the net? Will they sell that information? Or is it, is it one of those? It depends. It, >>I was just gonna say, it depends you, you beat me to it. It absolutely depends. All of, all of the above would be the answer. We certainly see organ now a nation state for example, would absolutely keep that to themselves. Yeah. Right. Their goal is very different from an organized crime group, which might sell access. And we see them all the time in the underground selling access. That's how they make money nation states. They want to keep a zero day to themselves. It's something they're able to exploit in some cases for months or years, that that, that vulnerability goes undetected. But a nation state is aware of it and exploiting it. It's a, it's a dangerous game. And it just, I think, exemplifies the importance of ensuring that you're doing everything you can to patch in a timely matter. Well, >>Sean, we appreciate the work that you've done in your previous role and continuing to advance education, knowledge and protection in our industry. Thank you for coming on >>You. Thank you for having me. This is a fantastic event. Really appreciate you being here and helping to educate folks. Yeah. >>You guys do do a great job. Awesome. Set that you built and look forward to future events with you guys. My >>Friends. Thanks so much, Dave. Yeah. Thank >>You. Bye now. All right. Appreciate it. All right, keep it right there. We're gonna wrap up in a moment. Live from Falcon 22. You're watching the cube.

from around the globe it's thecube covering space and cyber security symposium 2020 hosted by cal poly hello and welcome to thecube's coverage we're here hosting with cal poly an amazing event space in the intersection of cyber security this session is defending satellite and space infrastructure from cyber threats got two great guests we've got major general john shaw combined four space component commander u.s space command and vandenberg air force base in california and roland cuello who's the ceo of maverick space systems gentlemen thank you for spending the time to come on to this session for the cal poly space and cyber security symposium appreciate it absolutely um guys defending satellites and space infrastructure is the new domain obviously it's a war warfighting domain it's also the future of the world and this is an important topic because we rely on space now for our everyday life and it's becoming more and more critical everyone knows how their phones work and gps just small examples of all the impacts i'd like to discuss with this hour this topic with you guys so if we can have you guys do an opening statement general if you can start with your opening statement we'll take it from there thanks john and greetings from vandenberg air force base we are just down the road from cal poly here on the central coast of california and uh very proud to be part of this uh effort and part of the partnership that we have with with cal poly on a number of fronts um i should uh so in in my job here i actually uh have two hats that i wear and it's i think worth talking briefly about those to set the context for our discussion you know we had two major organizational events within our department of defense with regard to space last year in 2019 and probably the one that made the most headlines was the stand-up of the united states space force that happened uh december 20th last year and again momentous the first new branch in our military since 1947 uh and uh it is a it's just over nine months old now as we're making this recording uh and already we're seeing a lot of change uh with regard to how we're approaching uh organizing training and equipping on a service side or space capabilities and so i uh in that with regard to the space force the hat i wear there is commander of space operations command that was what was once 14th air force when we were still part of the air force here at vandenberg and in that role i'm responsible for the operational capabilities that we bring to the joint warfighter and to the world from a space perspective didn't make quite as many headlines but another major change that happened last year was the uh the reincarnation i guess i would say of united states space command and that is a combatant command it's how our department of defense organizes to actually conduct warfighting operations um most people are more familiar perhaps with uh central command centcom or northern command northcom or even strategic command stratcom well now we have a space com we actually had one from 1985 until 2002 and then stood it down in the wake of the 9 11 attacks and a reorganization of homeland security but we've now stood up a separate command again operationally to conduct joint space operations and in that organization i wear a hat as a component commander and that's the combined force-based component command uh working with other all the additional capabilities that other services bring as well as our allies that combined in that title means that uh i under certain circumstances i would lead an allied effort uh in space operations and so it's actually a terrific job to have here on the central coast of california uh both working the uh how we bring space capabilities to the fight on the space force side and then how we actually operate those capabilities it's a point of joint in support of joint warfighters around the world um and and national security interests so that's the context now what el i i also should mention you kind of alluded to john you're beginning that we're kind of in a change situation than we were a number of years ago and that space we now see space as a warfighting domain for most of my career going back a little ways most of my my focus in my jobs was making sure i could bring space capabilities to those that needed them bringing gps to that special operations uh soldier on the ground somewhere in the world bringing satellite communications for our nuclear command and control bringing those capabilities for other uses but i didn't have to worry in most of my career about actually defending those space capabilities themselves well now we do we've actually gone to a point where we're are being threatened in space we now are treating it more like any other domain normalizing in that regard as a warfighting domain and so we're going through some relatively emergent efforts to protect and defend our capabilities in space to to design our capabilities to be defended and perhaps most of all to train our people for this new mission set so it's a very exciting time and i know we'll get into it but you can't get very far into talking about all these space capabilities and how we want to protect and defend them and how we're going to continue their ability to deliver to warfighters around the globe without talking about cyber because they fit together very closely so anyway thanks for the chance to be here today and i look forward to the discussion general thank you so much for that opening statement and i would just say that not only is it historic with the space force it's super exciting because it opens up so much more challenges and opportunities for to do more and to do things differently so i appreciate that statement roland your opening statement your your job is to put stuff in space faster cheaper smaller better your opening statement please um yes um thank you john um and yes you know to um general shaw's point you know with with the space domain and the need to protect it now um is incredibly important and i hope that we are more of a help um than a thorn in your side um in terms of you know building satellites smaller faster cheaper um you know and um definitely looking forward to this discussion and you know figuring out ways where um the entire space domain can work together you know from industry to to us government even to the academic environment as well so first would like to say and preface this by saying i am not a cyber security expert um we you know we build satellites um and uh we launch them into orbit um but we are by no means you know cyber security experts and that's why um you know we like to partner with organizations like the california cyber security institute because they help us you know navigate these requirements um so um so i'm the ceo of um of maverick space systems we are a small aerospace business in san luis obispo california and we provide small satellite hardware and service solutions to a wide range of customers all the way from the academic environment to the us government and everything in between we support customers through an entire you know program life cycle from mission architecture and formulation all the way to getting these customer satellites in orbit and so what we try to do is um provide hardware and services that basically make it easier for customers to get their satellites into orbit and to operate so whether it be reducing mass or volume um creating greater launch opportunities or providing um the infrastructure and the technology um to help those innovations you know mature in orbit you know that's you know that's what we do our team has experienced over the last 20 years working with small satellites and definitely fortunate to be part of the team that invented the cubesat standard by cal poly and stanford uh back in 2000 and so you know we are in you know vandenberg's backyard um we came from cal poly san luis obispo um and you know our um our hearts are fond you know of this area and working with the local community um a lot of that success um that we have had is directly attributable um to the experiences that we learned as students um working on satellite programs from our professors and mentors um you know that's you know all you know thanks to cal poly so just wanted to tell a quick story so you know back in 2000 just imagine a small group of undergraduate students you know myself included with the daunting task of launching multiple satellites from five different countries on a russian launch vehicle um you know many of us were only 18 or 19 not even at the legal age to drink yet um but as you know essentially teenagers we're managing million dollar budgets um and we're coordinating groups um from around the world um and we knew that we knew what we needed to accomplish um yet we didn't really know um what we were doing when we first started um the university was extremely supportive um and you know that's the cal poly learn by doing philosophy um i remember you know the first time we had a meeting with our university chief legal counsel and we were discussing the need to to register with the state department for itar nobody really knew what itar was back then um and you know discussing this with the chief legal counsel um you know she was asking what is itar um and we essentially had to explain you know this is um launching satellites as part of the um the u.s munitions list and essentially we have a similar situation you know exporting munitions um you know we are in similar categories um you know as you know as weapons um and so you know after that initial shock um everybody jumped in you know both feet forward um the university um you know our head legal counsel professors mentors and the students um you know knew we needed to tackle this problem um because you know the the need was there um to launch these small satellites and um you know the the reason you know this is important to capture the entire spectrum of users of the community um is that the technology and the you know innovation of the small satellite industry occurs at all levels you know so we have academia commercial national governments we even have high schools and middle schools getting involved and you know building satellite hardware um and the thing is you know the the importance of cyber security is incredibly important because it touches all of these programs and it touches you know people um at a very young age um and so you know we hope to have a conversation today um to figure out you know how do we um create an environment where we allow these programs to thrive but we also you know protect and you know keep their data safe as well thank you very much roland appreciate that uh story too as well thanks for your opening statement gentlemen i mean i love this topic because defending the assets in space is is as obvious um you look at it but there's a bigger picture going on in our world right now and generally you kind of pointed out the historic nature of space force and how it's changing already operationally training skills tools all that stuff is revolving you know in the tech world that i live in you know change the world is a topic they use that's thrown around a lot you can change the world a lot of young people we have just other panels on this where we're talking about how to motivate young people changing the world is what it's all about with technology for the better evolution is just an extension of another domain in this case space is just an extension of other domains similar things are happening but it's different there's a huge opportunity to change the world so it's faster there's an expanded commercial landscape out there certainly government space systems are moving and changing how do we address the importance of cyber security in space general we'll start with you because this is real it's exciting if you're a young person there's touch points of things to jump into tech building hardware to changing laws and and everything in between is an opportunity and it's exciting and it's truly a chance to change the world how does the commercial government space systems teams address the importance of cyber security so john i think it starts with with the realization that as i like to say that cyber and space are bffs uh there's nothing that we do on the cutting edge of space that isn't heavy reliant heavily reliant on the cutting edge of cyber and frankly there's probably nothing on the cutting edge of cyber that doesn't have a space application and when you realize that you see how how closely those are intertwined as we need to move forward at at speed it becomes fundamental to to the to answering your question let me give a couple examples we one of the biggest challenges i have on a daily basis is understanding what's going on in the space domain those on the on the on the surface of the planet talk about tyranny of distance across the oceans across large land masses and i talk about the tyranny of volume and you know right now we're looking out as far as the lunar sphere there's activity that's extending out to the out there we expect nasa to be conducting uh perhaps uh human operations in the lunar environment in the next few years so it extends out that far when you do the math that's a huge volume how do you do that how do you understand what's happening in real time in within that volume it is a big data problem by the very definition of that that kind of effort to that kind of challenge and to do it successfully in the years ahead it's going to require many many sensors and the fusion of data of all kinds to present a picture and then analytics and predictive analytics that are going to deliver an idea of what's going on in the space arena and that's just if people are not up to mischief once you have threats introduced into that environment it is even more challenging so i'd say it's a big data problem that we'll be enjoying uh tackling in the years ahead a second example is you know we if i if i had to if we had to take a vote of what were the most uh amazing robots that have ever been designed by humans i think that spacecraft would have to be up there on the list whether it's the nasa spacecraft that explore other planets or the ones that we or gps satellites that that amazingly uh provide a wonderful service to the entire globe uh and beyond they are amazing technological machines that's not going to stop i mean all the work that roland talked about at the at the even even that we're doing it at the kind of the microsoft level is is putting cutting-edge technology into smaller packages you can to get some sort of capability out of that as we expand our activities further and further into space for national security purposes or for exploration or commercial or civil the the cutting edge technologies of uh artificial intelligence uh and machine to machine engagements and machine learning are going to be part of that design work moving forward um and then there's the threat piece as we try to as we operate these these capabilities how these constellations grow that's going to be done via networks and as i've already pointed out space is a warfighting domain that means those networks will come under attack we expect that they will and that may happen early on in a conflict it may happen during peace time in the same way that we see cyber attacks all the time everywhere in many sectors of of activity and so by painting that picture you kind of get you we start to see how it's intertwined at the very very base most basic level the cutting edge of cyber and cutting edge of space with that then comes the need to any cutting edge cyber security capability that we have is naturally going to be needed as we develop space capabilities and we're going to have to bake that in from the very beginning we haven't done that in the past as well as we should but moving forward from this point on it will be an essential ingredient that we work into all of our new capability roland we're talking about now critical infrastructure we're talking about new capabilities being addressed really fast so it's kind of chaotic now there's threats so it's not as easy as just having capabilities because you've got to deal with the threats the general just pointed out but now you've got critical infrastructure which then will enable other things down down the line how do you protect it how do we address this how do you see this being addressed from a security standpoint because you know malware these techniques can be mapped in as extended into into space and takeovers wartime peacetime these things are all going to be under threat that's pretty well understood i think people kind of get that how do we address it what's your what's your take yeah you know absolutely and you know i couldn't agree more with general shaw you know with cyber security and space being so intertwined um and you know i think with fast and rapid innovation um comes you know the opportunity for threats especially um if you have bad actors um that you know want to cause harm and so you know as a technology innovator and you're pushing the bounds um you kind of have a common goal of um you know doing the best you can um and you know pushing the technology balance making it smaller faster cheaper um but a lot of times what entrepreneurs and you know small businesses and supply chains um are doing and don't realize it is a lot of these components are dual use right i mean you could have a very benign commercial application but then a small you know modification to it and turn it into a military application and if you do have these bad actors they can exploit that and so you know i think the the big thing is um creating a organization that is you know non-biased that just wants to kind of level the playing field for everybody to create a set standard for cyber security in space i think you know one group that would be perfect for that you know is um cci um you know they understand both the cybersecurity side of things and they also have you know at cal poly um you know the the small satellite group um and you know just having kind of a a clearinghouse or um an agency where um can provide information that is free um you know you don't need a membership for and to be able to kind of collect that but also you know reach out to the entire value chain you know for a mission and um making them aware um of you know what potential capabilities are and then how it might um be you know potentially used as a weapon um and you know keeping them informed because i think you know the the vast majority of people in the space industry just want to do the right thing and so how do we get that information free flowing to you know to the us government so that they can take that information create assessments and be able to not necessarily um stop threats from occurring presently but identify them long before that they would ever even happen um yeah that's you know general i want to i want to follow up on that real quick before we go to the next talk track critical infrastructure um you mentioned you know across the oceans long distance volume you know when you look at the physical world you know you had you know power grids here united states you had geography you had perimeters uh the notion of a perimeter and the moat this is and then you had digital comes in then you have we saw software open up and essentially take down this idea of a perimeter and from a defense standpoint and that everything changed and we had to fortify those critical assets uh in the u.s space increases the same problem statement significantly because it's you can't just have a perimeter you can't have a moat it's open it's everywhere like what digital's done and that's why we've seen a slurge of cyber in the past two decades attacks with software so this isn't going to go away you need the critical infrastructure you're putting it up there you're formulating it and you've got to protect it how do you view that because it's going to be an ongoing problem statement what's the current thinking yeah i i think my sense is a mindset that you can build a a firewall or a defense or some other uh system that isn't dynamic in his own right is probably not heading in the right direction i think cyber security in the future whether it's for our space systems or for other critical infrastructure is going to be a dynamic fight that happens at a machine-to-machine um a speed and dynamic um i don't think it's too far off where we will have uh machines writing their own code in real time to fight off attacks that are coming at them and by the way the offense will probably be doing the same kind of thing and so i i guess i would not want to think that the answer is something that you just build it and you leave it alone and it's good enough it's probably going to be a constantly evolving capability constantly reacting to new threats and staying ahead of those threats that's the kind of use case just to kind of you know as you were kind of anecdotal example is the exciting new software opportunities for computer science majors i mean i tell my young kids and everyone man it's more exciting now i wish i was 18 again it's so so exciting with ai bro i want to get your thoughts we were joking on another panel with the dod around space and the importance of it obviously and we're going to have that here and then we had a joke it's like oh software's defined everything it says software's everything ai and and i said well here in the united states companies had data centers and they went to the cloud and they said you can't do break fix it's hard to do break fix in space you can't just send a tech up i get that today but soon maybe robotics the general mentions robotics technologies and referencing some of the accomplishments fixing things is almost impossible in space but maybe form factors might get better certainly software will play a role what's your thoughts on that that landscape yeah absolutely you know for for software in orbit um you know there's there's a push for you know software-defined radios um to basically go from hardware to software um and you know that's that that's a critical link um if you can infiltrate that and a small satellite has propulsion on board you could you know take control of that satellite and cause a lot of havoc and so you know creating standards and you know that kind of um initial threshold of security um you know for let's say you know these radios you know communications and making that um available um to the entire supply chain to the satellite builders um and operators you know is incredibly key and you know that's again one of the initiatives that um that cci is um is tackling right now as well general i want to get your thoughts on best practices around cyber security um state of the art today uh and then some guiding principles and kind of how the if you shoot the trajectory forward what what might happen uh around um supply chain there's been many stories where oh we outsourced the chips and there's a little chip sitting in a thing and it's built by someone else in china and the software is written from someone in europe and the united states assembles it it gets shipped and it's it's corrupt and it has some cyber crime making i'm oversimplifying the the statement but this is what when you have space systems that involve intellectual property uh from multiple partners whether it's from software to creation and then deployment you get supply chain tiers what are some of the best practices that you see involving that don't stunt the innovation but continues to innovate but people can operate safely what's your thoughts yeah so on supply chain i think i think the symposium here is going to get to hear from lieutenant general jt thompson uh from space missile system center down in los angeles and and uh he's a he's just down the road from us there uh on the coast um and his team is is the one that we look to really focus on as he acquires and develop again bake in cyber security from the beginning and knowing where the components are coming from and and properly assessing those as you as you put together your space systems is a key uh piece of what his team is focused on so i expect we'll hear him talk about that when it talks to i think she asked the question a little more deeply about how do the best practices in terms of how we now develop moving forward well another way that we don't do it right is if we take a long time to build something and then you know general general jt thompson's folks take a while to build something and then they hand it over to to to me and my team to operate and then they go hands-free and and then and then that's you know that's what i have for for years to operate until the next thing comes along that's a little old school what we're going to have to do moving forward with our space capabilities and with the cyber piece baked in is continually developing new capability sets as we go we actually have partnership between general thompson's team and mine here at vandenberg on our ops floor or our combined space operations center that are actually working in real time together better tools that we can use to understand what's going on the space environment to better command and control our capabilities anywhere from military satellite communications to space domain awareness sensors and such and so and we're developing those capabilities in real time it's a dev and and with the security pieces so devsecops is we're practicing that in in real time i think that is probably the standard today that we're trying to live up to as we continue to evolve but it has to be done again in close partnership all the time it's not a sequential industrial age process while i'm on the subject of partnerships so general thompson's and team and mine have good partnerships it's part partnerships across the board are going to be another way that we are successful and that uh it means with with academia in some of the relationships that we have here with cal poly it's with the commercial sector in ways that we haven't done before the old style business was to work with just a few large um companies that had a lot of space experience well we need we need a lot of kinds of different experience and technologies now in order to really field good space capabilities and i expect we'll see more and more non-traditional companies being part of and and organizations being part of that partnership that will work going forward i mentioned at the beginning that um uh allies are important to us so everything that uh that role and i've been talking about i think you have to extrapolate out to allied partnerships right it doesn't help me uh as a combined force component commander which is again one of my jobs it doesn't help me if the united states capabilities are cyber secure but i'm trying to integrate them with capabilities from an ally that are not cyber secure so that partnership has to be dynamic and continually evolving together so again close partnering continually developing together from the acquisition to the operational sectors with as many um different sectors of our economy uh as possible are the ingredients to success general i'd love to just follow up real quick i was having just a quick reminder for a conversation i had with last year with general keith alexander who was does a lot of cyber security work and he was talking about the need to share faster and the new school is you got to share faster and to get the data you mentioned observability earlier you need to see what everything's out there he's a real passionate person around getting the data getting it fast and having trusted partners so that's not it's kind of evolving as i mean sharing is a well-known practice but with cyber it's sensitive data potentially so there's a trust relationship there's now a new ecosystem that's new for uh government how do you view all that and your thoughts on that trend of the sharing piece of it on cyber so it's i don't know if it's necessarily new but it's at a scale that we've never seen before and by the way it's vastly more complicated and complex when you overlay from a national security perspective classification of data and information at various levels and then that is again complicated by the fact you have different sharing relationships with different actors whether it's commercial academic or allies so it gets very very uh a complex web very quickly um so that's part of the challenge we're working through how can we how can we effectively share information at multiple classification levels with multiple partners in an optimal fashion it is certainly not optimal today it's it's very difficult even with maybe one industry partner for me to be able to talk about data at an unclassified level and then various other levels of classification to have the traditional networks in place to do that i could see a solution in the future where our cyber security is good enough that maybe i only really need one network and the information that is allowed to flow to the players within the right security environment um to uh to make that all happen as quickly as possible so you've actually uh john you've hit on yet another big challenge that we have is um is evolving our networks to properly share with the right people at the right uh clearance levels as at speed of war which is what we're going to need yeah and i wanted to call that out because this is an opportunity again this discussion here at cal poly and around the world is for new capabilities and new people to solve the problems and um it's again it's super exciting if you you know you're geeking out on this it's if you have a tech degree or you're interested in changing the world there's so many new things that could be applied right now roland will get your thoughts on this because one of the things in the tech trends we're seeing this is a massive shift all the theaters of the tech industry are are changing rapidly at the same time okay and it affects policy law but also deep tech the startup communities are super important in all this too we can't forget them obviously the big trusted players that are partnering certainly on these initiatives but your story about being in the dorm room now you got the boardroom and now you got everything in between you have startups out there that want to and can contribute and you know what's an itar i mean i got all these acronym certifications is there a community motion to bring startups in in a safe way but also give them a ability to contribute because you look at open source that proved everyone wrong on software that's happening now with this now open network concept the general is kind of alluding to which is it's a changing landscape your thoughts i know you're passionate about this yeah absolutely you know and i think um you know as general shaw mentioned you know we need to get information out there faster more timely and to the right people um and involving not only just stakeholders in the us but um internationally as well you know and as entrepreneurs um you know we have this very lofty vision or goal uh to change the world and um oftentimes um you know entrepreneurs including myself you know we put our heads down and we just run as fast as we can and we don't necessarily always kind of take a breath and take a step back and kind of look at what we're doing and how it's touching um you know other folks and in terms of a community i don't know of any formal community out there it's mostly ad hoc and you know these ad hoc communities are folks who let's say have you know was was a student working on a satellite um you know in college and they love that entrepreneurial spirit and so they said well i'm gonna start my own company and so you know a lot of the these ad hoc networks are just from relationships um that are that have been built over the last two decades um you know from from colleagues that you know at the university um i do think formalizing this and creating um kind of a you know clearinghouse to to handle all of this is incredibly important yeah um yeah there's gonna be a lot of entrepreneurial activity no doubt i mean just i mean there's too many things to work on and not enough time so i mean this brings up the question though while we're on this topic um you got the remote work with covid everyone's working remotely we're doing this remote um interview rather than being on stage works changing how people work and engage certainly physical will come back but if you looked at historically the space industry and the talent you know they're all clustered around the bases and there's always been these areas where you're you're a space person you're kind of working there and there's jobs there and if you were cyber you were 10 in other areas over the past decade there's been a cross-pollination of talent and location as you see the intersection of space general start with you you know first of all central coast is a great place to live i know that's where you guys live but you can start to bring together these two cultures sometimes they're you know not the same maybe they're getting better we know they're being integrated so general can you just share your thoughts because this is uh one of those topics that everyone's talking about but no one's actually kind of addressed directly um yeah john i i think so i think i want to answer this by talking about where i think the space force is going because i think if there was ever an opportunity or inflection point in our department of defense to sort of change culture and and try to bring in non-traditional kinds of thinking and and really kind of change uh maybe uh some of the ways that the department of defense has does things that are probably archaic space force is an inflection point for that uh general raymond our our chief of space operations has said publicly for a while now he wants the us space force to be the first truly digital service and uh you know what we what we mean by that is you know we want the folks that are in the space force to be the ones that are the first adopters or the early adopters of of technology um to be the ones most fluent in the cutting edge technological developments on space and cyber and and other um other sectors of the of of the of the economy that are technologically focused uh and i think there's some can that can generate some excitement i think and it means that we probably end up recruiting people into the space force that are not from the traditional recruiting areas that the rest of the department of defense looks to and i think it allows us to bring in a diversity of thought and diversity of perspective and a new kind of motivation um into the service that i think is frankly is is really exciting so if you put together everything i mentioned about how space and cyber are going to be best friends forever and i think there's always been an excitement in them you know from the very beginning in the american psyche about space you start to put all these ingredients together and i think you see where i'm going with this that really changed that cultural uh mindset that you were describing it's an exciting time for sure and again changing the world and this is what you're seeing today people do want to change world they want a modern world that's changing roy look at your thoughts on this i was having an interview a few years back with a tech entrepreneur um techie and we were joking we were just kind of riffing and we and i said everything that's on star trek will be invented and we're almost there actually if you think about it except for the transporter room you got video you got communicators so you know not to bring in the star trek reference with space force this is digital and you start thinking about some of the important trends it's going to be up and down the stack from hardware to software to user experience everything your thoughts and reaction yeah abs absolutely and so you know what we're seeing is um timeline timelines shrinking dramatically um because of the barrier to entry for you know um new entrants and you know even your existing aerospace companies is incredibly low right so if you take um previously where you had a technology on the ground and you wanted it in orbit it would take years because you would test it on the ground you would verify that it can operate in space in a space environment and then you would go ahead and launch it and you know we're talking tens if not hundreds of millions of dollars to do that now um we've cut that down from years to months when you have a prototype on the ground and you want to get it launched you don't necessarily care if it fails on orbit the first time because you're getting valuable data back and so you know we're seeing technology being developed you know for the first time on the ground and in orbit in a matter of a few months um and the whole kind of process um you know that that we're doing as a small business is you know trying to enable that and so allowing these entrepreneurs and small small companies to to get their technology in orbit at a price that is sometimes even cheaper than you know testing on the ground you know this is a great point i think this is really an important point to call out because we mentioned partnerships earlier the economics and the business model of space is doable i mean you do a mission study you get paid for that you have technology you can get stuff up up quickly and there's a cost structure there and again the alternative was waterfall planning years and millions now the form factors are different now again there may be different payloads involved but you can standardize payloads you got robotic arms all this is all available this brings up the congestion problem this is going to be on the top of mind the generals of course but you got the proliferation okay of these constellation systems you have more and more tech vectors i mean essentially that's malware i mean that's a probe you throw something up in space that could cause some interference maybe a takeover general this is the this is the real elephant in the room the threat matrix from new stuff and new configurations so general how does the proliferation of constellation systems change the threat matrix so i i think the uh you know i guess i'm gonna i'm gonna be a little more optimistic john than i think you pitched that i'm actually excited about these uh new mega constellations in leo um i'm excited about the the growing number of actors that are that are going into space for various reasons and why is that it's because we're starting to realize a new economic engine uh for the nation and for human society so the question is so so i think we want that to happen right when uh um when uh we could go to almost any any other domain in history and and and you know there when when air traffic air air travel started to become much much more commonplace with many kinds of uh actors from from private pilots flying their small planes all the way up to large airliners uh you know there there was a problem with congestion there was a problem about um challenges about uh behavior and are we gonna be able to manage this and yes we did and it was for the great benefit of society i could probably look to the maritime domain for similar kinds of things and so this is actually exciting about space we are just going to have to find the ways as a society and it's not just the department of defense it's going to be civil it's going to be international find the mechanisms to encourage this continued investment in the space domain i do think the space force uh will play a role in in providing security in the space environment as we venture further out as as economic opportunities emerge uh wherever they are um in the in the lunar earth lunar system or even within the solar system space force is going to play a role in that but i'm actually really excited about the those possibilities hey by the way i got to say you made me think of this when you talked about star trek and and and space force and our technologies i remember when i was younger watching the the next generation series i thought one of the coolest things because being a musician in my in my spare time i thought one of the coolest things was when um commander riker would walk into his quarters and and say computer play soft jazz and there would just be the computer would just play music you know and this was an age when you know we had we had hard uh um uh media right like how will that that is awesome man i can't wait for the 23rd century when i can do that and where we are today is is so incredible on those lines the things that i can ask alexa or siri to play um well that's the thing everything that's on star trek think about it almost invented i mean you got the computers you got the only thing really is the holograms are starting to come in you got now the transporter room now that's physics we'll work on that right right so there's a there is this uh a balance between physics and imagination but uh we have not exhausted either well um personally everyone that knows me knows i'm a huge star trek fan all the series of course i'm an original purist but at that level but this is about economic incentive as well roland i want to get your thoughts because you know the gloom and doom you got to think about the the bad stuff to make it good if i if i put my glass half full on the table there's economic incentives just like the example of the plane and the air traffic there's there's actors that are more actors that are incented to have a secure system what's your thoughts to general's comments around the optimism and and the potential threat matrix that needs to be managed absolutely so and you know one of the things that we've seen over the years um as you know we build these small satellites is a lot of the technology you know that the general is talking about um you know voice recognition miniaturized chips and sensors um started on the ground and i mean you know you have you know your iphone um that about 15 years ago before the first iphone came out um you know we were building small satellites in the lab and we were looking at cutting-edge state-of-the-art magnetometers and sensors um that we were putting in our satellites back then we didn't know if they were going to work and then um a few years later as these students graduate they go off and they go out to under you know other industries and so um some of the technology that was first kind of put in these cubesats in the early 2000s you know kind of ended up in the first generation iphone smartphones um and so being able to take that technology rapidly you know incorporate that into space and vice versa gives you an incredible economic advantage because um not only are your costs going down um because you know you're mass producing you know these types of terrestrial technologies um but then you can also um you know increase you know revenue and profit um you know by by having you know smaller and cheaper systems general let's talk about that for real quickly it's a good point i want to just shift it into the playbook i mean everyone talks about playbooks for management for tech for startups for success i mean one of the playbooks that's clear from in history is investment in r d around military and or innovation that has a long view spurs innovation commercially i mean just there's a huge many decades of history that shows that hey we got to start thinking about these these challenges and you know next you know it's in an iphone this is history this is not like a one-off and now with space force you get you're driving you're driving the main engine of innovation to be all digital you know we we riff about star trek which is fun but the reality is you're going to be on the front lines of some really new cool mind-blowing things could you share your thoughts on how you sell that people who write the checks or recruit more talent well so i first i totally agree with your thesis that the that you know national security well could probably go back an awful long way hundreds to thousands of years that security matters tend to drive an awful lot of innovation and creativity because um you know i think the the probably the two things that drive drive people the most are probably an opportunity to make money uh but only by beating that out are trying to stay alive um and uh and so i don't think that's going to go away and i do think that space force can play a role um as it pursues uh security uh structures you know within the space domain to further encourage economic investment and to protect our space capabilities for national security purposes are going to be at the cutting edge this isn't the first time um i think we can point back to the origins of the internet really started in the department of defense and with a partnership i should add with academia that's how the internet got started that was the creativity in order to to meet some needs there cryptography has its roots in security but we use it uh in in national security but now we use it in for economic reasons and meant and a host of other kinds of reasons and then space itself right i mean we still look back to uh apollo era as an inspiration for so many things that inspired people to to either begin careers in in technical areas or in space and and so on so i think i think in that same spirit you're absolutely right i guess i'm totally agreeing with your thesis the space force uh will be and a uh will have a positive inspirational influence in that way and we need to to realize that so when we are asking for when we're looking for how we need to meet capability needs we need to spread that net very far look for the most creative solutions and partner early and often with those that that can that can work on those when you're on the new frontier you've got to have a team sport it's a team effort you mentioned the internet just anecdotally i'm old enough to remember this because i remember the days that was going on and said the government if the policy decisions that the u.s made at that time was to let it go a little bit invisible hand they didn't try to commercialize it too fast and but there was some policy work that was done that had a direct effect to the innovation versus take it over and next you know it's out of control so i think you know i think this this just a cross-disciplinary skill set becomes a big thing where you need to have more people involved and that's one of the big themes of this symposium so it's a great point thank you for sharing that roland your thoughts on this because you know you got policy decisions we all want to run faster we want to be more innovative but you got to have some ops view now mostly ops people want things very tight very buttoned up secure the innovators want to go faster it's the yin and yang that's that's the world we live in how's it all balanced in your mind yeah um you know one of the things um that may not be apparently obvious is that you know the us government and department of um of defense is one of the biggest investors in technology in the aerospace sector um you know they're not the traditional venture capitalists but they're the ones that are driving technology innovation because there's funding um you know and when companies see that the us governments is interested in something businesses will will re-vector um you know to provide that capability and in the i would say the more recent years we've had a huge influx of private equity venture capital um coming into the markets to kind of help augment um you know the government investment and i think having a good partnership and a relationship with these private equity venture capitalists and the us government is incredibly important because the two sides you know can can help collaborate and kind of see a common goal but then also too on um you know the other side is you know there's that human element um and as general shaw was saying it's like not you know not only do companies you know obviously want to thrive and do really well some companies just want to stay alive um to see their technology kind of you know grow into what they've always dreamed of and you know oftentimes entrepreneurs um are put in a very difficult position because they have to make payroll they have to you know keep the lights on and so sometimes they'll take investment um from places where they may normally would not have you know from potentially foreign investment that could potentially you know cause issues with you know the you know the us supply chain well my final question is the best i wanted to say for last because i love the idea of human space flight i'd love to be on mars i'm not sure i'll be able to make it someday but how do you guys see the possible impacts of cyber security on expanding human space flight operations i mean general this is your wheelhouse this is urine command putting humans in space and certainly robots will be there because they're easy to go because they're not human but humans in space i mean you're starting to see the momentum the discussion uh people are are scratching that itch what's your take on that how do we see making this more possible well i i think we will see we will see uh commercial space tourism uh in the future i'm not sure how wide and large a scale it will become but we'll we will see that and um part of uh i think the mission of the space force is going to be probably to again do what we're doing today is have really good awareness of what's going on the domain to uh to to to ensure that that is done safely and i think a lot of what we do today will end up in civil organizations to do space traffic management and safety uh in in that uh arena um and uh um it is only a matter of time uh before we see um humans going even beyond the you know nasa has their plan the the artemis program to get back to the moon and the gateway initiative to establish a a space station there and that's going to be an exploration initiative but it is only a matter of time before we have um private citizens or private corporations putting people in space and not only for tourism but for economic activity and so it'll be really exciting to watch it would be really exciting and space force will be a part of it general roland i want to thank you for your valuable time to come on this symposium i really appreciate it final uh comment i'd love to you to spend a minute to share your personal thoughts on the importance of cyber security to space and we'll close it out we'll start with you roland yeah so i think that the biggest thing um i would like to try to get out of this you know from my own personal perspective is um creating that environment that allows um you know the the aerospace supply chain small businesses you know like ourselves be able to meet all the requirements um to protect um and safeguard our data but also um create a way that you know we can still thrive and it won't stifle innovation um you know i'm looking forward um to comments and questions um you know from the audience um to really kind of help um you know you know basically drive to that next step general final thoughts the importance of cyber security to space i'll just i'll go back to how i started i think john and say that space and cyber are forever intertwined they're bffs and whoever has my job 50 years from now or 100 years from now i predict they're going to be saying the exact same thing cyber and space are are intertwined for good we will always need the cutting edge cyber security capabilities that we develop as a nation or as a as a society to protect our space capabilities and our cyber capabilities are going to need space capabilities in the future as well general john shaw thank you very much roland cleo thank you very much for your great insight thank you to cal poly for putting this together i want to shout out to the team over there we couldn't be in person but we're doing a virtual remote event i'm john furrier with thecube and siliconangle here in silicon valley thanks for watching

>> Announcer: From around the globe, it's The Cube, covering Space and Cybersecurity Symposium 2020, hosted by Cal Poly. >> Everyone, welcome to this special virtual conference, the Space and Cybersecurity Symposium 2020 put on by Cal Poly with support from The Cube. I'm John Furey, your host and master of ceremony's got a great topic today, and this session is really the intersection of space and cybersecurity. This topic, and this conversation is a cybersecurity workforce development through public and private partnerships. And we've got a great lineup, we've Jeff Armstrong is the president of California Polytechnic State University, also known as Cal Poly. Jeffrey, thanks for jumping on and Bong Gumahad. The second, Director of C4ISR Division, and he's joining us from the Office of the Under Secretary of Defense for the acquisition and sustainment of Department of Defense, DOD, and of course Steve Jacques is Executive Director, founder National Security Space Association, and managing partner at Velos. Gentlemen, thank you for joining me for this session, we've got an hour of conversation, thanks for coming on. >> Thank you. >> So we've got a virtual event here, we've got an hour to have a great conversation, I'd love for you guys to do an opening statement on how you see the development through public and private partnerships around cybersecurity and space, Jeff, we'll start with you. >> Well, thanks very much, John, it's great to be on with all of you. On behalf of Cal Poly, welcome everyone. Educating the workforce of tomorrow is our mission at Cal Poly, whether that means traditional undergraduates, masters students, or increasingly, mid-career professionals looking to upskill or re-skill. Our signature pedagogy is learn by doing, which means that our graduates arrive at employers, ready day one with practical skills and experience. We have long thought of ourselves as lucky to be on California's beautiful central coast, but in recent years, as we've developed closer relationships with Vandenberg Air Force Base, hopefully the future permanent headquarters of the United States Space Command with Vandenberg and other regional partners, We have discovered that our location is even more advantageous than we thought. We're just 50 miles away from Vandenberg, a little closer than UC Santa Barbara and the base represents the Southern border of what we have come to think of as the central coast region. Cal Poly and Vandenberg Air Force Base have partnered to support regional economic development, to encourage the development of a commercial space port, to advocate for the space command headquarters coming to Vandenberg and other ventures. These partnerships have been possible because both parties stand to benefit. Vandenberg, by securing new streams of revenue, workforce, and local supply chain and Cal Poly by helping to grow local jobs for graduates, internship opportunities for students and research and entrepreneurship opportunities for faculty and staff. Crucially, what's good for Vandenberg Air Force Base and for Cal Poly is also good for the central coast and the U.S., creating new head of household jobs, infrastructure, and opportunity. Our goal is that these new jobs bring more diversity and sustainability for the region. This regional economic development has taken on a life of its own, spawning a new nonprofit called REACH which coordinates development efforts from Vandenberg Air Force Base in the South to Camp Roberts in the North. Another factor that has facilitated our relationship with Vandenberg Air Force Base is that we have some of the same friends. For example, Northrop Grumman has as long been an important defense contractor and an important partner to Cal Poly, funding scholarships in facilities that have allowed us to stay current with technology in it to attract highly qualified students for whom Cal Poly's costs would otherwise be prohibitive. For almost 20 years, Northrop Grumman has funded scholarships for Cal Poly students. This year, they're funding 64 scholarships, some directly in our College of Engineering and most through our Cal Poly Scholars Program. Cal Poly scholars support both incoming freshmen and transfer students. These are especially important, 'cause it allows us to provide additional support and opportunities to a group of students who are mostly first generation, low income and underrepresented, and who otherwise might not choose to attend Cal Poly. They also allow us to recruit from partner high schools with large populations of underrepresented minority students, including the Fortune High School in Elk Grove, which we developed a deep and lasting connection. We know that the best work is done by balanced teams that include multiple and diverse perspectives. These scholarships help us achieve that goal and I'm sure you know Northrop Grumman was recently awarded a very large contract to modernize the U.S. ICBM armory with some of the work being done at Vandenberg Air Force Base, thus supporting the local economy and protecting... Protecting our efforts in space requires partnerships in the digital realm. Cal Poly has partnered with many private companies such as AWS. Our partnerships with Amazon Web Services has enabled us to train our students with next generation cloud engineering skills, in part, through our jointly created digital transformation hub. Another partnership example is among Cal Poly's California Cyber Security Institute College of Engineering and the California National Guard. This partnership is focused on preparing a cyber-ready workforce, by providing faculty and students with a hands on research and learning environment side by side with military law enforcement professionals and cyber experts. We also have a long standing partnership with PG&E most recently focused on workforce development and redevelopment. Many of our graduates do indeed go on to careers in aerospace and defense industry. As a rough approximation, more than 4,500 Cal Poly graduates list aerospace or defense as their employment sector on LinkedIn. And it's not just our engineers in computer sciences. When I was speaking to our fellow panelists not too long ago, speaking to Bong, we learned that Rachel Sims, one of our liberal arts majors is working in his office, so shout out to you, Rachel. And then finally, of course, some of our graduates soar to extraordinary heights, such as Commander Victor Glover, who will be heading to the International Space Station later this year. As I close, all of which is to say that we're deeply committed to workforce development and redevelopment, that we understand the value of public-private partnerships, and that we're eager to find new ways in which to benefit everyone from this further cooperation. So we're committed to the region, the state and the nation, in our past efforts in space, cyber security and links to our partners at, as I indicated, aerospace industry and governmental partners provides a unique position for us to move forward in the interface of space and cyber security. Thank you so much, John. >> President Armstrong, thank you very much for the comments and congratulations to Cal Poly for being on the forefront of innovation and really taking a unique, progressive view and want to tip a hat to you guys over there, thank you very much for those comments, appreciate it. Bong, Department of Defense. Exciting, you've got to defend the nation, space is global, your opening statement. >> Yes, sir, thanks John, appreciate that. Thank you everybody, I'm honored to be in this panel along with Preston Armstrong of Cal Poly and my longtime friend and colleague Steve Jacques of the National Security Space Association to discuss a very important topic of a cybersecurity workforce development as President Armstrong alluded to. I'll tell you, both of these organizations, Cal Poly and the NSSA have done and continue to do an exceptional job at finding talent, recruiting them and training current and future leaders and technical professionals that we vitally need for our nation's growing space programs, as well as our collective national security. Earlier today, during session three, I, along with my colleague, Chris Samson discussed space cyber security and how the space domain is changing the landscape of future conflicts. I discussed the rapid emergence of commercial space with the proliferation of hundreds, if not thousands of satellites, providing a variety of services including communications, allowing for global internet connectivity, as one example. Within DOD, we continued to look at how we can leverage this opportunity. I'll tell you, one of the enabling technologies, is the use of small satellites, which are inherently cheaper and perhaps more flexible than the traditional bigger systems that we have historically used and employed for DOD. Certainly not lost on me is the fact that Cal Poly pioneered CubeSats 28, 27 years ago, and they set a standard for the use of these systems today. So they saw the value and benefit gained way ahead of everybody else it seems. And Cal Poly's focus on training and education is commendable. I'm especially impressed by the efforts of another of Steven's colleague, the current CIO, Mr. Bill Britton, with his high energy push to attract the next generation of innovators. Earlier this year, I had planned on participating in this year's cyber innovation challenge in June, Oops, Cal Poly hosts California middle, and high school students, and challenge them with situations to test their cyber knowledge. I tell you, I wish I had that kind of opportunity when I was a kid, unfortunately, the pandemic changed the plan, but I truly look forward to future events such as these, to participate in. Now, I want to recognize my good friend, Steve Jacques, whom I've known for perhaps too long of a time here, over two decades or so, who was an acknowledged space expert and personally I've truly applaud him for having the foresight a few years back to form the National Security Space Association to help the entire space enterprise navigate through not only technology, but policy issues and challenges and paved the way for operationalizing space. Space, it certainly was fortifying domain, it's not a secret anymore, and while it is a unique area, it shares a lot of common traits with the other domains, such as land, air, and sea, obviously all are strategically important to the defense of the United States. In conflict, they will all be contested and therefore they all need to be defended. One domain alone will not win future conflicts, and in a joint operation, we must succeed in all. So defending space is critical, as critical as to defending our other operational domains. Funny, space is the only sanctuary available only to the government. Increasingly as I discussed in a previous session, commercial space is taking the lead in a lot of different areas, including R&D, the so-called new space. So cybersecurity threat is even more demanding and even more challenging. The U.S. considers and futhered access to and freedom to operate in space, vital to advancing security, economic prosperity and scientific knowledge of the country, thus making cyberspace an inseparable component of America's financial, social government and political life. We stood up US Space Force a year ago or so as the newest military service. Like the other services, its mission is to organize, train and equip space forces in order to protect U.S. and allied interest in space and to provide spacecape builders who joined force. Imagine combining that U.S. Space Force with the U.S. Cyber Command to unify the direction of the space and cyberspace operation, strengthen DOD capabilities and integrate and bolster a DOD cyber experience. Now, of course, to enable all of this requires a trained and professional cadre of cyber security experts, combining a good mix of policy, as well as a high technical skill set. Much like we're seeing in STEM, we need to attract more people to this growing field. Now, the DOD has recognized the importance to the cybersecurity workforce, and we have implemented policies to encourage its growth. Back in 2013, the Deputy Secretary of Defense signed a DOD Cyberspace Workforce Strategy, to create a comprehensive, well-equipped cyber security team to respond to national security concerns. Now, this strategy also created a program that encourages collaboration between the DOD and private sector employees. We call this the Cyber Information Technology Exchange program, or CITE that it's an exchange program, which is very interesting in which a private sector employee can naturally work for the DOD in a cyber security position that spans across multiple mission critical areas, important to the DOD. A key responsibility of the cyber security community is military leaders, unrelated threats, and the cyber security actions we need to have to defeat these threats. We talked about rapid acquisition, agile business processes and practices to speed up innovation, likewise, cyber security must keep up with this challenge. So cyber security needs to be right there with the challenges and changes, and this requires exceptional personnel. We need to attract talent, invest in the people now to grow a robust cybersecurity workforce for the future. I look forward to the panel discussion, John, thank you. >> Thank you so much, Bob for those comments and, you know, new challenges or new opportunities and new possibilities and freedom to operate in space is critical, thank you for those comments, looking forward to chatting further. Steve Jacques, Executive Director of NSSA, you're up, opening statement. >> Thank you, John and echoing Bongs, thanks to Cal Poly for pulling this important event together and frankly, for allowing the National Security Space Association be a part of it. Likewise, on behalf of the association, I'm delighted and honored to be on this panel of President Armstrong, along with my friend and colleague, Bong Gumahad. Something for you all to know about Bong, he spent the first 20 years of his career in the Air Force doing space programs. He then went into industry for several years and then came back into government to serve, very few people do that. So Bong, on behalf of the space community, we thank you for your lifelong devotion to service to our nation, we really appreciate that. And I also echo a Bong shout out to that guy, Bill Britton. who's been a long time co-conspirator of ours for a long time, and you're doing great work there in the cyber program at Cal Poly, Bill, keep it up. But Professor Armstrong, keep a close eye on him. (laughter) I would like to offer a little extra context to the great comments made by President Armstrong and Bong. And in our view, the timing of this conference really could not be any better. We all recently reflected again on that tragic 9/11 surprise attack on our homeland and it's an appropriate time we think to take pause. While a percentage of you in the audience here weren't even born or were babies then, for the most of us, it still feels like yesterday. And moreover, a tragedy like 9/11 has taught us a lot to include, to be more vigilant, always keep our collective eyes and ears open, to include those "eyes and ears from space," making sure nothing like this ever happens again. So this conference is a key aspect, protecting our nation requires we work in a cyber secure environment at all times. But you know, the fascinating thing about space systems is we can't see 'em. Now sure, we see space launches, man, there's nothing more invigorating than that. But after launch they become invisible, so what are they really doing up there? What are they doing to enable our quality of life in the United States and in the world? Well to illustrate, I'd like to paraphrase elements of an article in Forbes magazine, by Bongs and my good friend, Chuck Beames, Chuck is a space guy, actually had Bongs job a few years in the Pentagon. He's now Chairman and Chief Strategy Officer at York Space Systems and in his spare time, he's Chairman of the Small Satellites. Chuck speaks in words that everyone can understand, so I'd like to give you some of his words out of his article, paraphrase somewhat, so these are Chuck's words. "Let's talk about average Joe and plain Jane. "Before heading to the airport for a business trip "to New York city, Joe checks the weather forecast, "informed by NOAA's weather satellites, "to see what to pack for the trip. "He then calls an Uber, that space app everybody uses, "it matches riders with drivers via GPS, "to take him to the airport. "So Joe has launched in the airport, "unbeknownst to him, his organic lunch is made "with the help of precision farming "made possible to optimize the irrigation and fertilization "with remote spectral sensing coming from space and GPS. "On the plane, the pilot navigates around weather, "aided by GPS and NOAA's weather satellites "and Joe makes his meeting on time "to join his New York colleagues in a video call "with a key customer in Singapore, "made possible by telecommunication satellites. "En route to his next meeting, "Joe receives notice changing the location of the meeting "to the other side of town. "So he calmly tells Siri to adjust the destination "and his satellite-guided Google maps redirect him "to the new location. "That evening, Joe watches the news broadcast via satellite, "report details of meeting among world leaders, "discussing the developing crisis in Syria. "As it turns out various forms of "'remotely sensed information' collected from satellites "indicate that yet another banned chemical weapon "may have been used on its own people. "Before going to bed, Joe decides to call his parents "and congratulate them for their wedding anniversary "as they cruise across the Atlantic, "made possible again by communication satellites "and Joe's parents can enjoy the call "without even wondering how it happened. "The next morning back home, "Joe's wife, Jane is involved in a car accident. "Her vehicle skids off the road, she's knocked unconscious, "but because of her satellite equipped OnStar system, "the crash is detected immediately, "and first responders show up on the scene in time. "Joe receives the news, books an early trip home, "sends flowers to his wife "as he orders another Uber to the airport. "Over that 24 hours, "Joe and Jane used space system applications "for nearly every part of their day. "Imagine the consequences if at any point "they were somehow denied these services, "whether they be by natural causes or a foreign hostility. "In each of these satellite applications used in this case, "were initially developed for military purposes "and continued to be, but also have remarkable application "on our way of life, just many people just don't know that." So ladies and gentlemen, now you know, thanks to Chuck Beames. Well, the United States has a proud heritage of being the world's leading space-faring nation. Dating back to the Eisenhower and Kennedy years, today, we have mature and robust systems operating from space, providing overhead reconnaissance to "watch and listen," provide missile warning, communications, positioning, navigation, and timing from our GPS system, much of which you heard in Lieutenant General JT Thomson's earlier speech. These systems are not only integral to our national security, but also to our quality of life. As Chuck told us, we simply no longer can live without these systems as a nation and for that matter, as a world. But over the years, adversaries like China, Russia and other countries have come to realize the value of space systems and are aggressively playing catch up while also pursuing capabilities that will challenge our systems. As many of you know, in 2007, China demonstrated its ASAT system by actually shooting down one of its own satellites and has been aggressively developing counterspace systems to disrupt ours. So in a heavily congested space environment, our systems are now being contested like never before and will continue to be. Well, as a Bong mentioned, the United States have responded to these changing threats. In addition to adding ways to protect our system, the administration and the Congress recently created the United States Space Force and the operational United States Space Command, the latter of which you heard President Armstrong and other Californians hope is going to be located at Vandenberg Air Force Base. Combined with our intelligence community, today we have focused military and civilian leadership now in space, and that's a very, very good thing. Commensurately on the industry side, we did create the National Security Space Association, devoted solely to supporting the National Security Space Enterprise. We're based here in the DC area, but we have arms and legs across the country and we are loaded with extraordinary talent in scores of former government executives. So NSSA is joined at the hip with our government customers to serve and to support. We're busy with a multitude of activities underway, ranging from a number of thought-provoking policy papers, our recurring spacetime webcasts, supporting Congress's space power caucus, and other main serious efforts. Check us out at nssaspace.org. One of our strategic priorities and central to today's events is to actively promote and nurture the workforce development, just like Cal-Poly. We will work with our U.S. government customers, industry leaders, and academia to attract and recruit students to join the space world, whether in government or industry, and to assist in mentoring and training as their careers progress. On that point, we're delighted to be working with Cal Poly as we hopefully will undertake a new pilot program with them very soon. So students stay tuned, something I can tell you, space is really cool. While our nation's satellite systems are technical and complex, our nation's government and industry workforce is highly diverse, with a combination of engineers, physicists and mathematicians, but also with a large non-technical expertise as well. Think about how government gets these systems designed, manufactured, launching into orbit and operating. They do this via contracts with our aerospace industry, requiring talents across the board, from cost estimating, cost analysis, budgeting, procurement, legal, and many other support tasks that are integral to the mission. Many thousands of people work in the space workforce, tens of billions of dollars every year. This is really cool stuff and no matter what your education background, a great career to be part of. In summary, as Bong had mentioned as well, there's a great deal of exciting challenges ahead. We will see a new renaissance in space in the years ahead and in some cases it's already begun. Billionaires like Jeff Bezos, Elon Musk, Sir Richard Branson, are in the game, stimulating new ideas and business models. Other private investors and startup companies, space companies are now coming in from all angles. The exponential advancement of technology and micro electronics now allows a potential for a plethora of small sat systems to possibly replace older satellites, the size of a Greyhound bus. It's getting better by the day and central to this conference, cybersecurity is paramount to our nation's critical infrastructure in space. So once again, thanks very much and I look forward to the further conversation. >> Steve, thank you very much. Space is cool, it's relevant, but it's important as you pointed out in your awesome story about how it impacts our life every day so I really appreciate that great story I'm glad you took the time to share that. You forgot the part about the drone coming over in the crime scene and, you know, mapping it out for you, but we'll add that to the story later, great stuff. My first question is, let's get into the conversations, because I think this is super important. President Armstrong, I'd like you to talk about some of the points that was teased out by Bong and Steve. One in particular is the comment around how military research was important in developing all these capabilities, which is impacting all of our lives through that story. It was the military research that has enabled a generation and generation of value for consumers. This is kind of this workforce conversation, there are opportunities now with research and grants, and this is a funding of innovation that is highly accelerated, it's happening very quickly. Can you comment on how research and the partnerships to get that funding into the universities is critical? >> Yeah, I really appreciate that and appreciate the comments of my colleagues. And it really boils down to me to partnerships, public-private partnerships, you have mentioned Northrop Grumman, but we have partnerships with Lockheed Martin, Boeing, Raytheon, Space X, JPL, also member of an organization called Business Higher Education Forum, which brings together university presidents and CEOs of companies. There's been focused on cybersecurity and data science and I hope that we can spill into cybersecurity and space. But those partnerships in the past have really brought a lot forward. At Cal Poly, as mentioned, we've been involved with CubeSat, we've have some secure work, and we want to plan to do more of that in the future. Those partnerships are essential, not only for getting the R&D done, but also the students, the faculty, whether they're master's or undergraduate can be involved with that work, they get that real life experience, whether it's on campus or virtually now during COVID or at the location with the partner, whether it may be governmental or industry, and then they're even better equipped to hit the ground running. And of course we'd love to see more of our students graduate with clearance so that they could do some of that secure work as well. So these partnerships are absolutely critical and it's also in the context of trying to bring the best and the brightest in all demographics of California and the U.S. into this field, to really be successful. So these partnerships are essential and our goal is to grow them just like I know our other colleagues in the CSU and the UC are planning to do. >> You know, just as my age I've seen, I grew up in the eighties and in college and they're in that system's generation and the generation before me, they really kind of pioneered the space that spawned the computer revolution. I mean, you look at these key inflection points in our lives, they were really funded through these kinds of real deep research. Bong, talk about that because, you know, we're living in an age of cloud and Bezos was mentioned, Elon Musk, Sir Richard Branson, you got new ideas coming in from the outside, you have an accelerated clock now in terms of the innovation cycles and so you got to react differently, you guys have programs to go outside of the defense department, how important is this because the workforce that are in schools and/or folks re-skilling are out there and you've been on both sides of the table, so share your thoughts. >> No, thanks Johnny, thanks for the opportunity to respond to, and that's what, you know, you hit on the nose back in the 80's, R&D and space especially was dominated by government funding, contracts and so on, but things have changed as Steve pointed out, allow these commercial entities funded by billionaires are coming out of the woodwork, funding R&D so they're taking the lead, so what we can do within the DOD in government is truly take advantage of the work they've done. And since they're, you know, paving the way to new approaches and new way of doing things and I think we can certainly learn from that and leverage off of that, saves us money from an R&D standpoint, while benefiting from the product that they deliver. You know, within DOD, talking about workforce development, you know, we have prioritized and we have policies now to attract and retain the talent we need. I had the folks do some research and it looks like from a cybersecurity or workforce standpoint, a recent study done, I think last year in 2019, found that the cyber security workforce gap in U.S. is nearing half a million people, even though it is a growing industry. So the pipeline needs to be strengthened, getting people through, you know, starting young and through college, like Professor Armstrong indicated because we're going to need them to be in place, you know, in a period of about maybe a decade or so. On top of that, of course, is the continuing issue we have with the gap with STEM students. We can't afford not have expertise in place to support all the things we're doing within DoD, not only DoD but the commercial side as well, thank you. >> How's the gap get filled, I mean, this is, again, you've got cybersecurity, I mean, with space it's a whole other kind of surface area if you will, it's not really surface area, but it is an IOT device if you think about it, but it does have the same challenges, that's kind of current and progressive with cybersecurity. Where's the gap get filled, Steve or President Armstrong, I mean, how do you solve the problem and address this gap in the workforce? What are some solutions and what approaches do we need to put in place? >> Steve, go ahead., I'll follow up. >> Okay, thanks, I'll let you correct me. (laughter) It's a really good question, and the way I would approach it is to focus on it holistically and to acknowledge it upfront and it comes with our teaching, et cetera, across the board. And from an industry perspective, I mean, we see it, we've got to have secure systems in everything we do, and promoting this and getting students at early ages and mentoring them and throwing internships at them is so paramount to the whole cycle. And that's kind of, it really takes a focused attention and we continue to use the word focus from an NSSA perspective. We know the challenges that are out there. There are such talented people in the workforce, on the government side, but not nearly enough of them and likewise on the industry side, we could use more as well, but when you get down to it, you know, we can connect dots, you know, the aspects that Professor Armstrong talked about earlier to where you continue to work partnerships as much as you possibly can. We hope to be a part of that network, that ecosystem if you will, of taking common objectives and working together to kind of make these things happen and to bring the power, not just of one or two companies, but of our entire membership thereabout. >> President Armstrong-- >> Yeah, I would also add it again, it's back to the partnerships that I talked about earlier, one of our partners is high schools and schools Fortune, Margaret Fortune, who worked in a couple of administrations in California across party lines and education, their fifth graders all visit Cal Poly, and visit our learned-by-doing lab. And you've got to get students interested in STEM at an early age. We also need the partnerships, the scholarships, the financial aid, so the students can graduate with minimal to no debt to really hit the ground running and that's exacerbated and really stress now with this COVID induced recession. California supports higher education at a higher rate than most states in the nation, but that has brought this year for reasons all understand due to COVID. And so our partnerships, our creativity, and making sure that we help those that need the most help financially, that's really key because the gaps are huge. As my colleagues indicated, you know, half a million jobs and I need you to look at the students that are in the pipeline, we've got to enhance that. And the placement rates are amazing once the students get to a place like Cal Poly or some of our other amazing CSU and UC campuses, placement rates are like 94%. Many of our engineers, they have jobs lined up a year before they graduate. So it's just going to take a key partnerships working together and that continued partnership with government local, of course, our state, the CSU, and partners like we have here today, both Steve and Bong so partnerships is the thing. >> You know, that's a great point-- >> I could add, >> Okay go ahead. >> All right, you know, the collaboration with universities is one that we put on lot of emphasis here, and it may not be well known fact, but just an example of national security, the AUC is a national centers of academic excellence in cyber defense works with over 270 colleges and universities across the United States to educate and certify future cyber first responders as an example. So that's vibrant and healthy and something that we ought to take advantage of. >> Well, I got the brain trust here on this topic. I want to get your thoughts on this one point, 'cause I'd like to define, you know, what is a public-private partnership because the theme that's coming out of the symposium is the script has been flipped, it's a modern era, things are accelerated, you've got security, so you've got all of these things kind of happenning it's a modern approach and you're seeing a digital transformation play out all over the world in business and in the public sector. So what is a modern public-private partnership and what does it look like today because people are learning differently. COVID has pointed out, which is that we're seeing right now, how people, the progressions of knowledge and learning, truth, it's all changing. How do you guys view the modern version of public-private partnership and some examples and some proof points, can you guys share that? We'll start with you, Professor Armstrong. >> Yeah, as I indicated earlier, we've had, and I could give other examples, but Northrop Grumman, they helped us with a cyber lab many years ago that is maintained directly, the software, the connection outside it's its own unit so the students can learn to hack, they can learn to penetrate defenses and I know that that has already had some considerations of space, but that's a benefit to both parties. So a good public-private partnership has benefits to both entities and the common factor for universities with a lot of these partnerships is the talent. The talent that is needed, what we've been working on for years of, you know, the undergraduate or master's or PhD programs, but now it's also spilling into upskilling and reskilling, as jobs, you know, folks who are in jobs today that didn't exist two years, three years, five years ago, but it also spills into other aspects that can expand even more. We're very fortunate we have land, there's opportunities, we have ONE Tech project. We are expanding our tech park, I think we'll see opportunities for that and it'll be adjusted due to the virtual world that we're all learning more and more about it, which we were in before COVID. But I also think that that person to person is going to be important, I want to make sure that I'm driving across a bridge or that satellite's being launched by the engineer that's had at least some in person training to do that in that experience, especially as a first time freshman coming on campus, getting that experience, expanding it as an adult, and we're going to need those public-private partnerships in order to continue to fund those at a level that is at the excellence we need for these STEM and engineering fields. >> It's interesting people and technology can work together and these partnerships are the new way. Bongs too with reaction to the modern version of what a public successful private partnership looks like. >> If I could jump in John, I think, you know, historically DOD's had a high bar to overcome if you will, in terms of getting rapid... pulling in new companies, miss the fall if you will, and not rely heavily on the usual suspects, of vendors and the like, and I think the DOD has done a good job over the last couple of years of trying to reduce that burden and working with us, you know, the Air Force, I think they're pioneering this idea around pitch days, where companies come in, do a two-hour pitch and immediately notified of, you know, of an a award, without having to wait a long time to get feedback on the quality of the product and so on. So I think we're trying to do our best to strengthen that partnership with companies outside of the main group of people that we typically use. >> Steve, any reaction, any comment to add? >> Yeah, I would add a couple and these are very excellent thoughts. It's about taking a little gamble by coming out of your comfort zone, you know, the world that Bong and I, Bong lives in and I used to live in the past, has been quite structured. It's really about, we know what the threat is, we need to go fix it, we'll design as if as we go make it happen, we'll fly it. Life is so much more complicated than that and so it's really, to me, I mean, you take an example of the pitch days of Bong talks about, I think taking a gamble by attempting to just do a lot of pilot programs, work the trust factor between government folks and the industry folks and academia, because we are all in this together in a lot of ways. For example, I mean, we just sent a paper to the white house at their request about, you know, what would we do from a workforce development perspective and we hope to embellish on this over time once the initiative matures, but we have a piece of it for example, is a thing we call "clear for success," getting back to president Armstrong's comments so at a collegiate level, you know, high, high, high quality folks are in high demand. So why don't we put together a program that grabs kids in their underclass years, identifies folks that are interested in doing something like this, get them scholarships, have a job waiting for them that they're contracted for before they graduate, and when they graduate, they walk with an SCI clearance. We believe that can be done, so that's an example of ways in which public-private partnerships can happen to where you now have a talented kid ready to go on day one. We think those kinds of things can happen, it just gets back down to being focused on specific initiatives, giving them a chance and run as many pilot programs as you can, like pitch days. >> That's a great point, it's a good segue. Go ahead, President Armstrong. >> I just want to jump in and echo both the Bong and Steve's comments, but Steve that, you know, your point of, you know our graduates, we consider them ready day one, well they need to be ready day one and ready to go secure. We totally support that and love to follow up offline with you on that. That's exciting and needed, very much needed more of it, some of it's happening, but we certainly have been thinking a lot about that and making some plans. >> And that's a great example, a good segue. My next question is kind of re-imagining these workflows is kind of breaking down the old way and bringing in kind of the new way, accelerate all kinds of new things. There are creative ways to address this workforce issue and this is the next topic, how can we employ new creative solutions because let's face it, you know, it's not the days of get your engineering degree and go interview for a job and then get slotted in and get the intern, you know, the programs and you'd matriculate through the system. This is multiple disciplines, cybersecurity points at that. You could be smart in math and have a degree in anthropology and be one of the best cyber talents on the planet. So this is a new, new world, what are some creative approaches that's going to work for you? >> Alright, good job, one of the things, I think that's a challenge to us is, you know, somehow we got me working for, with the government, sexy right? You know, part of the challenge we have is attracting the right level of skill sets and personnel but, you know, we're competing, oftentimes, with the commercial side, the gaming industry as examples is a big deal. And those are the same talents we need to support a lot of the programs that we have in DOD. So somehow we have do a better job to Steve's point about making the work within DOD, within the government, something that they would be interested early on. So attract them early, you know, I could not talk about Cal Poly's challenge program that they were going to have in June inviting high school kids really excited about the whole idea of space and cyber security and so on. Those are some of the things that I think we have to do and continue to do over the course of the next several years. >> Awesome, any other creative approaches that you guys see working or might be an idea, or just to kind of stoke the ideation out there? Internships, obviously internships are known, but like, there's got to be new ways. >> Alright, I think you can take what Steve was talking about earlier, getting students in high school and aligning them sometimes at first internship, not just between the freshman and sophomore year, but before they enter Cal Poly per se and they're involved. So I think that's absolutely key, getting them involved in many other ways. We have an example of upskilling or work redevelopment here in the central coast, PG&E Diablo nuclear plant that is going to decommission in around 2024. And so we have a ongoing partnership to work and reposition those employees for the future. So that's, you know, engineering and beyond but think about that just in the manner that you were talking about. So the upskilling and reskilling, and I think that's where, you know, we were talking about that Purdue University, other California universities have been dealing with online programs before COVID, and now with COVID so many more Faculty were pushed into that area, there's going to be a much more going and talk about workforce development in upskilling and reskilling, the amount of training and education of our faculty across the country in virtual and delivery has been huge. So there's always a silver linings in the cloud. >> I want to get your guys' thoughts on one final question as we end the segment, and we've seen on the commercial side with cloud computing on these highly accelerated environments where, you know, SAS business model subscription, and that's on the business side, but one of the things that's clear in this trend is technology and people work together and technology augments the people components. So I'd love to get your thoughts as we look at a world now, we're living in COVID, and Cal Poly, you guys have remote learning right now, it's at the infancy, it's a whole new disruption, if you will, but also an opportunity enable new ways to encollaborate, So if you look at people and technology, can you guys share your view and vision on how communities can be developed, how these digital technologies and people can work together faster to get to the truth or make a discovery, hire, develop the workforce, these are opportunities, how do you guys view this new digital transformation? >> Well, I think there's huge opportunities and just what we're doing with this symposium, we're filming this on Monday and it's going to stream live and then the three of us, the four of us can participate and chat with participants while it's going on. That's amazing and I appreciate you, John, you bringing that to this symposium. I think there's more and more that we can do. From a Cal Poly perspective, with our pedagogy so, you know, linked to learn by doing in-person will always be important to us, but we see virtual, we see partnerships like this, can expand and enhance our ability and minimize the in-person time, decrease the time to degree, enhance graduation rate, eliminate opportunity gaps for students that don't have the same advantages. So I think the technological aspect of this is tremendous. Then on the upskilling and reskilling, where employees are all over, they can re be reached virtually, and then maybe they come to a location or really advanced technology allows them to get hands on virtually, or they come to that location and get it in a hybrid format. So I'm very excited about the future and what we can do, and it's going to be different with every university, with every partnership. It's one size does not fit all, There's so many possibilities, Bong, I can almost imagine that social network that has a verified, you know, secure clearance. I can jump in, and have a little cloak of secrecy and collaborate with the DOD possibly in the future. But these are the kind of crazy ideas that are needed, your thoughts on this whole digital transformation cross-pollination. >> I think technology is going to be revolutionary here, John, you know, we're focusing lately on what we call visual engineering to quicken the pace of the delivery capability to warfighter as an example, I think AI, Machine Language, all that's going to have a major play in how we operate in the future. We're embracing 5G technologies, and the ability for zero latency, more IOT, more automation of the supply chain, that sort of thing, I think the future ahead of us is very encouraging, I think it's going to do a lot for national defense, and certainly the security of the country. >> Steve, your final thoughts, space systems are systems, and they're connected to other systems that are connected to people, your thoughts on this digital transformation opportunity. >> Such a great question and such a fun, great challenge ahead of us. Echoing my colleagues sentiments, I would add to it, you know, a lot of this has, I think we should do some focusing on campaigning so that people can feel comfortable to include the Congress to do things a little bit differently. You know, we're not attuned to doing things fast, but the dramatic, you know, the way technology is just going like crazy right now, I think it ties back to, hoping to convince some of our senior leaders and what I call both sides of the Potomac river, that it's worth taking this gamble, we do need to take some of these things you know, in a very proactive way. And I'm very confident and excited and comfortable that this is going to be a great time ahead and all for the better. >> You know, I always think of myself when I talk about DC 'cause I'm not a lawyer and I'm not a political person, but I always say less lawyers, more techies than in Congress and Senate, so (laughter)I always get in trouble when I say that. Sorry, President Armstrong, go ahead. >> Yeah, no, just one other point and Steve's alluded to this and Bong did as well, I mean, we've got to be less risk averse in these partnerships, that doesn't mean reckless, but we have to be less risk averse. And also, as you talk about technology, I have to reflect on something that happened and you both talked a bit about Bill Britton and his impact on Cal Poly and what we're doing. But we were faced a few years ago of replacing traditional data, a data warehouse, data storage, data center and we partnered with AWS and thank goodness, we had that in progress and it enhanced our bandwidth on our campus before COVID hit, and with this partnership with the digital transformation hub, so there's a great example where we had that going. That's not something we could have started, "Oh COVID hit, let's flip that switch." And so we have to be proactive and we also have to not be risk-averse and do some things differently. That has really salvaged the experience for our students right now, as things are flowing well. We only have about 12% of our courses in person, those essential courses and I'm just grateful for those partnerships that I have talked about today. >> And it's a shining example of how being agile, continuous operations, these are themes that expand the space and the next workforce needs to be built. Gentlemen, thank you very much for sharing your insights, I know Bong, you're going to go into the defense side of space in your other sessions. Thank you gentlemen, for your time, for a great session, I appreciate it. >> Thank you. >> Thank you gentlemen. >> Thank you. >> Thank you. >> Thank you, thank you all. I'm John Furey with The Cube here in Palo Alto, California covering and hosting with Cal Poly, the Space and Cybersecurity Symposium 2020, thanks for watching. (bright atmospheric music)

[Music] from the cube studios in Palo Alto in Boston it's the cube covering the IBM thing brought to you by IBM hello everybody this is state velocity of the cube and you're watching our wall-to-wall coverage of the IBM think digital experience at Justin Youngblood is here he's the vice president of IBM security Justin good to see you again thanks for coming on hey Dave good to be here thank you so look let's get right into it I mean we're here remote I wish we were you know for face-to-face and in Moscow II but things have changed dramatically there's a massive shift to work from home that's you know obviously kovat 19 has tightened the need for security but let's start with some of the things that you're seeing how you're responding the to secure those remote workers and let's get into some of the trends that you're seeing in the security space yeah absolutely some major trends and there is a big response around Cove at night 19 right now and and first of all you know what we tell all of our employees our clients our partners the entire ecosystem is number one priority stay safe and healthy of course even at IBM right now we have over 95% of IBM erse who are working from home we've seen that trend across our clients and partners as well and basically three themes keep popping up as it relates to security in Kovan 19 the first is clients are asking us to help them secure their remote workforce we have a number of tools technologies and services to help them do that the second is detecting and responding to accelerating threats amidst Cova 19 the threat actors are more active than ever they're driving some targeted attacks and phishing campaigns and our clients are asking us for help on that front and then the third is virtually extending security teams and operations and we've got a set of services managed services and and remote employees who can actually work with our clients and help them with their security operation centers and anything they need from a security program yeah I mean when you talk to CISOs they'll tell you look we you know our biggest problem is a lack of talent and we have all these fragmented tools and then now you throw kovat 19 at them and it's okay now overnight blank and secure the remote workforce so talk a little bit about this notion of platforms I've said often the security marketplace is very fragmented that accentuates the skills issue is you got to learn all these different tools and this is integration issues talk about platforms and how that might help solve this problem absolutely security platforms are on the rise do you see a lot of security platforms being announced by vendors today the problem statements are very clear oh as enterprises have moved along on their journey to cloud and digital transformation they now have workloads applications data users spread across multiple cloud environments every enterprise is using multiple clouds today so the problem statements become very clear for security security leaders have too many security tools they have too much data and they don't have enough people right so too many security tools that lack interoperability the average Enterprise has anywhere from 50 to 80 different security point products that don't talk to each other but trying to solve a security problem to pinpoint an issue actually takes looking at multiple screens too much data that comes without insights trying to stitch together all of this disparate data across a fragmented security landscape is very complex and it allows threats to be missed and then not enough people the shortage in cybersecurity is well documented over 2 million unfilled jobs today and that number continues to grow so enter security platforms that are that are on the value proposition of cleaning up this mess in November last year we announced the cloud pack for security that's IBM security platform and it has some some attributes that are powerful compelling we're seeing a lot of traction with client well you mentioned two things that really caught my attention the detection and the response because you know you're gonna get infiltrated everybody gets infiltrated and you know you've seen the stats it takes you know whatever 250 300 days before you can even detect it and then and then responses is critical so so talk about the cloud pack for security you know there are other platforms out there what makes yours different yeah are basically traditional security is broken we have a vision of modern security at centers on the cloud pack for security we set out two years ago with the concept of a next-generation platform it's a security control plane that works across hybrid multi cloud environments it connects all your security data and tools with a common platform that includes IBM and security tools and cloud platforms so whether you're using a sim like Q radar or Splunk endpoint detection systems like carbon black or CrowdStrike and any of the IBM any of the cloud platforms including IBM AWS or Azure it connects all of those and brings the insights together we work with over 50 enterprises and service providers help us co-create this solution and the attributes are its multi cloud capable but for security is multi cloud capable it can bring all the insights together from across these hybrid multi cloud environment it's open it's built and based on open standards and open technologies it's simple and it's composable in the sense that it has the ability to integrate with IBM and third-party technologies and add more capabilities over time what we see from other security platforms in the industry is they they basically approached the problem saying mr. customer bring all your data to our cloud will run the analytics on it and then provide you the insights what's different with cloud pack for security is we take the analytics to the data customers don't need to move their data from all the disparate sources where it exists we take the analytics to the data and bring those insights back to a common console or the or the security leaders and security analysts to take action on why you preaching to the choir now because well first of all you've got the the integration matrix and you've got the resources obviously I mean you mentioned a couple of really prominent and you know some hot products right now and this is the challenge right best to breathe versus fully integrated suite and what you're saying if I understand it correctly is we're not asking you to make that trade-off if you want to use you know of some tool go for it we're gonna integrate with that and give you the control and then the second piece is bringing that analytics capability to the data cuz that's the other thing you really don't want to move your data you the Einstein written move as much data as you have to but no more right absolutely this is a this is a team sport security is a team sport and that's where open technologies are so important the ability with an open API to integrate with any IBM or third-party technology this is not a rip and replace strategy clients can't afford to do that they want to work within their existing security tools but they need a common platform for bring it all together so we talked about the ability to gain complete insights across your hybrid multi cloud environment the ability to act faster with a set of playbooks and automation that basically runs security run books once a once an incident is detected to automatically go about about the fix and then third is the ability to run anywhere cloud pack for security like all of the IBM cloud packs is built on kubernetes and Red Hat openshift so it can be deployed on-premise or on the public cloud of the customers choosing complete choice and flexibility in that deployment I mean another key point you just made is automation and you talked earlier about that skills gap and the unfilled jobs automation is really the way certainly a way and probably a the most important way to close that gap I want to ask you about open could you think about you know security and networks and you know opens almost antithetical to secure I want close but you mean open in a different context and what if we could talk about that and maybe break down the key aspects of open as you defined it we've seen open technologies open standards open source be adopted across technology domains think of operating systems and Linux think of application development think of the management domain and kubernetes which now has a community of over 4,000 developers behind it it's more than any single vendor could put behind it so it's so open technologies really provide a force multiplier for any any industry security has been a laggard in adopting open standards and open source code so last year 2019 October time frame IBM partnered with McAfee and dozens of other vendors and launching the open Cyber Security Alliance focused on open standards that promote interoperability across security tools focused on open source code which we've adopted into an underpin the cloud pack I beams cloth pack for security focused on threat intelligence and analytics and ultimately sharing best practices and let me talk about run books this really comes down to the automated play books that customers need to run in response to a security threat or incident that's become really important automating actions to help security operations teams be more productive so all of those capabilities in total sum up what we're talking about with open technology for security and it underpins our IBM cloud pack for security solution well I've always felt that Open was part of the answer and like you said the industry was slowly to adopt adversary is highly capable he-she they're very well-funded do you think our industry is ready for this open approach we're absolutely ready for the open approach we see customers responding extremely positively to the cloud pack for security and the fact that it is built on open technologies many enterprises come to us and say they want that future proofing of their investments they want to know that what they purchased will interoperate with their existing environments without a rip rip and replace and the only way to get there is through open standards and open technology so it's it's already being well received and we're gonna see it grow just like it has any other technology domains operating systems application development management etc now is the time for security while Justin you're operating in one of the most important aspects of the IT value chain thank you for keeping us safe stay safe down there in Austin and thanks for coming on the queue thank you Dave good to be here take care and thank you for watching everybody watching the cubes coverage of IBM sync 2020 ibm's digital production keep it right there we're right back right after this short break [Music] you

>> from Seattle WASHINGTON. It's the Q covering AWS Imagine brought to you by Amazon Web service is >> Hey, welcome back already, Jeffrey. Here with the cue, we're in downtown Seattle at the AWS. Imagine, Edie, you event. It's a small conference. It's a second year, but it'll crow like a weed like everything else does the of us. And it's all about Amazon and a degree. As for education, and that's everything from K through 12 community college, higher education, retraining vets coming out of the service. It's a really big area. And we're really excited to have fresh off his keynote presentations where he changed his title on me from what it was >> this morning tow. It was the senator duties >> David Raymond, the director of what was the Virginia Cyber Range and now is the U. S. Cyber range. Virginia Tech. David, Great to see you. >> Yeah, Thank you. Thanks. So the Virginia cyber age actually will continue to exist in its current form. Okay, Well, it'll still serve faculty and students in the in the Commonwealth of Virginia, funded by the state of Virginia. Now the U. S. Cyber Angel fund will provide service to folks outside over, >> so we jumped ahead. So? So it's back up. A step ladder is the Virginia, >> So the Virginia Cyber Range provides courseware and infrastructure so students could do hands on cyber security, educational activities in Virginia, high schools and colleges so funded by the state of Virginia and, um provides this service at no charge to the schools >> and even in high school, >> even in high school. Yes, so now that there are now cybersecurity courses in the Virginia Department of Education course catalogue as of two years ago, and I mean they've grown like wildfire, >> I'm just so a ton of talk here about skills gap. And there's tremendous skills gap. Even the machine's gonna take everybody's job. There's a whole lot of jobs are filled, but what's interesting? I mean, it's the high school angle is really weird. I mean, how do you Most high school kids haven't even kind of clued in tow, privacy and security, opting in and opting out. It's gotta be a really interesting conversation when now you bring security into that a potential career into that and directly reflects on all those things that you do on your phone. >> Well, I would argue that that's exactly the problem. Students are not exposed to cyber security, you know. They don't want the curia potentials are they really don't understand what it is we talked about. We talked about teenagers being digital natives. Really? They know how to use smartphones. They know how to use computers, but they don't understand how they work. And they don't understand the security aspects that go along with using all this technology. And I would argue that by the time a student gets into college they have a plan, right? So I have a student in college. He's he's gonna be a doctor. He knows what a doctor is. He heard of that his whole life. And in high school, he was able to get certified as a nursing assistant. We need cyber security in that same realm, right? If we start students in high school and we and we expose them to cybersecurity courses, they're all elective courses. Some of the students will latch onto it, and I'll say, Hey, this is what I want to be when I grew up. And in Virginia, we have we have this dearth of cyber security expertise and this is true across the country. In Virginia, right now, we have over 30,000 cyber security jobs that are unfilled. That's about 1/3 of the cyber security jobs in this state. And I mean, that's a serious problem, not only in Virginia but nationwide. And one of the ways to fix that is to get high school students exposed to cybersecurity classes, give them some real hands on opportunities. So they're really doing it, not just learning the words and passing the test, and I mean really again in Virginia, this is this is grown like wildfire and really thinks revolutionized cybersecurity education in the state. >> And what are some of the topics that say, a high school level, where you know you're kind of getting versed on the vocabulary and the terminology vs when they go into into college and start to take those types, of course, is >> yeah, so in Virginia, there's actually cybersecurity courses across the C T E career pathways. And so SETI is the career and technical education curricula. And so there are courses like cyber security and health care, where students learn about personal health data and how to secure that specific specific kinds of data, they learn about the regulations behind that data. There's healthcare in manufacturing, where students learn about industrial control systems and you know how those things need to be secured and how they're different from a laptop or a phone. And the way those air secured and what feeds into all of those courses is an introductory course. Cyber security fundamentals, where students learn some of the very basics they learn the terminology. They learn things like the C I. A. Triad right, confidentiality, integrity and availability of the three basic components of security that you try to maintain for any system. So they start out learning the basics. But still they're doing that hands on. So they're so they're in a network environment where they see that you know that later on in the course during Capstone exercises, they might see someone trying to attack a computer that they're that they're tasked to defend and a defender of what does that look like? What are the things that I'm going to do? That computer? You know, I might install anti virus. I might have a firewall on the computer. And how do I set that up and etcetera etcetera. So high school start with the basics. As as students progressed through their high school years, there are opportunities to take further more advanced classes in the high schools. And then when they get to college, some of those students are gonna have latched onto cyber security as a potential career field. Now, now we've got him right way, get him into the right into the right majors and into the right courses. And our hope is that that's gonna sort of kick start this pipeline of students in Virginia colleges, >> right? And then I wonder if you could >> talk a little bit about the support at the state level. And it's pretty interesting that you had him from the state level we heard earlier today about supported the state level. And it was Louisiana for for another big initiative. So you know that the fact that the governor and the Legislature are basically branding this at the state level, not the individual school district level, is a pretty strong statement of the prioritization that they're putting on this >> that has been critical to our success. If we didn't have state level support, significant state level support, there's no way we could be where we are. So the previous governor of Virginia, Terry McAuliffe, he latched on to cyber security education as one of his signature initiatives. In fact, he was the president of the State Governors Association, and in that role he cybersecurity was one of his condition. So so he felt strongly about educating K 12 education college students feeding that cybersecurity pipeline Onda Cyberangels one of one of a handful of different initiatives. So they were veterans scholarships, and there were some community college scholarships and other other initiatives. Some of those are still ongoing so far are not. But but Cyber Range has been very successful. Funded by the state provides a service at no cost to high schools and colleges on Dad's Been >> critically, I can't help. We're at our say earlier this year, and I'm just thinking of all the CEOs that I was sitting with over the course of a couple of days that are probably looking for your phone number right now. Make introduction. But I'm curious. Are are the company's security companies. I mean, Arcee is a huge show. Amazon just had their first ever security conference means a lot of money being invested in this space. Are they behind it? Have you have you looked for in a kind of private company participation to help? Because they desperately need these employees? >> Definitely. So we've just started down that road, Really? I mean, our state funding has kept us strong to this point in our state funding is gonna continue into the foreseeable future. But you're right. There are definitely opportunities to work with industry. Certainly a DBS has been a very strong partner of our since the very beginning. They really I mean, without without the help of some, some of their cloud architects and other technical folks way could not have built what we built in the eight of us. Cloud. We've also been talking to Palo Alto about using some of their virtual appliances in our network environments. So yeah, so we're definitely going down the road of industry partners and that will continue to grow, I'm sure >> So then fast forward today to the keynote and your your announcement that now you taking it beyond just Virginia. So now it's the U. S. Cyber range. Have that come apart? Come about. What does that mean? >> Yes, So we've been We've been sharing the story of the Virginia cyber range for the last couple of years, and I goto national conferences and talk about it. And, um, just to just sort of inform other states, other other school systems what Virginia's doing. How could you? How could you potentially match what we're doing and what The question that I keep getting is I don't want to reinvent the wheel. How can I buy what you have? And that's been sort of a constant drumbeat over the last couple of years. So we decided fairly early on that we might want to try to expand beyond Virginia, and it just sort of the conditions were right about six months ago. So we set a mark on the wall, he said. In Summer of 2019 we're gonna make this available to folks outside of Virginia. And so, so again, the Virginia Cyberangels still exist. Funded by the Commonwealth of Virginia, the U. S cyber range is still part of Virginia Tech. So within Virginia Tech, but we will have to we will have to essentially recoup our costs so we'll have to spend money on cloud infrastructure and We'll have to spend salary money on folks who support this effort. And so we'll recoup costs from folks that are outside of Virginia using our service. But, um, we think the costs are gonna be very competitive compared to similar efforts. And we're looking forward to some successes here. >> And do you think you're you're kind of breakthrough will be at the high school level, the You know, that underground level, you know, where do you kind of see the opportunities? You've got the whole thing covered with state support in Virginia. How does that get started in California? How's that get started here? Yeah, that's a Washington state. >> That's a great question. So really, when we started this, I thought we were building a thing for higher ed. That's my experience. I've been teaching cyber security and higher ed for several years, and I knew I knew what I would want if I was using it, and I do use it. So I teach classes at Virginia Tech Graduate program. So I I used the Virginia side in my class, and, um, what has happened is that the high schools have latched onto this as I mentioned, and Most of our users are high schools. In Virginia, we have 180. Virginia High School is using the Virgin Cyber. That's almost >> 188 1 >> 180. That's almost half the high schools in the state using the Virginia cyber age. So we think. And if you think about, you know, higher. Ed has been teaching cybersecurity classes that the faculty members who have been teaching them a lot of them have set up their own network infrastructure. They have it set up the way they want it, and it ties into their existing courseware, and you know they're going to use that, At least for now. What we provide is is something that makes it so that a high school or a community college doesn't have to figure out how to fund or figure out how to actually put this network architecture together. They just come to us. They have the flexibility of the flexibility to use, just are very basic plug and play network environments, or they have flexibility to, um, make modifications depending on how sophisticated they themselves are with with, you know, manipulating systems and many playing the network so so Our expectation is that the biggest growth is going to be in the high school market, >> right? That's great, because when you say cyber range God, finally, Donna me use it like a target range. It's like a place to go practice >> where the name comes from, right? >> Absolutely. If I finally like okay, I get it. So because it's not only the curriculum and the course where and everything else but it's actually an environment, it depends on the stage things and do things exactly >> So students could d'oh offensive, offensive and defensive cybersecurity activities. And so early on, when we were teaching students howto hack essentially in colleges, you know, there were people who were concerned about that on the military case we make for that is you can't teach somebody how to defend unless they understand how they're gonna be attacked. The same is true in this case. So all of our all of our course, where has lots of ethics and no other legal and other other discussions embedded throughout. So students understand the implications of what their actions would be if they do it somewhere else. And, um, right, these are all isolated network environments their places where students can get hands on in a place where they can essentially do whatever they want without causing trouble on the school network or on the Internet. And it's very much akin to a rifle range, >> right? Like you said, you can have different scenarios. And I would imagine there's probably gonna be competitions of you think. Fact. You know what's going on in the robotics world for lots of all these things, right? Like white hat, black hat hacker. Well, very, very exciting. David, Congratulations. And it sounds like you're well on your way. Thanks. Great. Alright, >> He's David. I'm Jeff. You're watching The Cube were at Washington State Convention Centre just across the street at a W s. Imagine. Thanks for watching. We'll see you next time. >> Thanks.

(enlightening music) >> Hello everyone, I'm John Furrier here at theCUBE headquarters in Palo Alto, California, for a special CUBE Conversation. I'm the host of theCUBE here with my special guest, Monica Kumar, vice president of Oracle Cloud platform. Monica, thanks for joining me today. >> Thank you so much for having me. >> So Oracle Cloud has got some great stuff goin' on, one of the things I'm most intrigued about, I've heard a lot about, is this autonomous database. I have a lot of questions, want to dig into it and really unpack that, so first take a minute to explain, what is the autonomous database? >> You know, before I do that, John, can I ask you a question? >> Sure! >> You use a smartphone, right? >> Yep. >> Do you know what happens every minute of when we use a smartphone and use the internet, how much data gets generated? >> No. >> Okay, I'm going to tell you. >> Alright, good. >> 16 million text messages happen every single minute, about four million Google searches, we're talking four million YouTube videos watched, about a million Facebook pages are open, and half a million Tweets. Now think about the impact of all this data in just one minute. Somebody, somewhere, is finding this data useful, and can actually extract some value out of it. Now, you might have heard this also, that in the last two years, the world's 90 percent of data has actually been created, and it's doubling every two years. >> So my kid's LTE bill, that's why, they're watching Netflix, that's why I'm paying all this extra bandwidth. (laughs) This is a real world. I mean, I can imagine my iPhone, I got multiple apps on there, lot of power being used, but that's just one piece, like when I'm buying with Apple Pay, or I'm doing things around, there's a lot of mobility involved, what's the value of all this? >> Well see, there's also a lot of devices, I mean we talk about IoT. By the year 2021, or in about the next five years, there'll be 50 billion devices that will be collecting data, analyzing data, sharing data. So what we're talking about is the sheer volume of the data that's being generated. And ultimately, every organization is trying to figure out how to extract insights from this data, how to make their businesses run better because of those insights. Whether create new revenue streams, maybe optimize for efficiency, deliver better customer services. So that is the problem we are dealing with today is, how do we get more value out of that data? >> So how does it all work, I mean autonomous driving, you see cars around, Uber's been trying to do it, other people have fleets, cars all over the place. Autonomous database, I mean it sounds like it's self-driving, which implies that's what cloud is all about, automation. How does the check work, what's goin' on under the hood? >> Yeah so let me explain to you, I mean this is where Oracle comes in. We've been in the data and information business for over four decades. This is what we've done. We've actually been solving the hard problem for our customers when it comes to data management, and using data. And now with this new whole deluge of more and more data, who better than Oracle to solve this problem? And one of the more important ways in which we can solve this problem is by automation, is by the use of machine learning. So that's where we're moving as a company, is you're moving to adopt and embed more and more machine learning across our entire cloud portfolio. And one of the biggest things we're doing is what you're talking about, autonomous database, which is exactly that, it's combining machine learning with the decades and decades of the database optimizations that we've been putting out in the industry. It's the power of that combination, which has culminated into what we call autonomous database today. >> Is autonomous database on-premises and Cloud, or both, how does that work? >> Yes, Oracle's always been about choice, so definitely it's both. And I'll explain to you the cloud offering, in fact, you eluded to self-driving cars. It's very similar to that. So there are three core attributes of autonomous database. It's self-driving, self-securing, and self-repairing, and let me explain to you what I mean by each of those. So self-driving is really the database provisioning itself, upgrading itself, patching, tuning, monitoring, backing up, all of the functions that are very manual today, are all done by autonomous database itself, so that's the self-driving part. Self-securing, applying all of the security patches by itself so the user doesn't have to worry about it. And the self-repairing is really focused on maximizing uptime, productivity. So today we offer with autonomous 99.995 percent uptime, which means 2.5 minutes of downtime or less per month, per month, which includes, by the way, both planned and unplanned downtime. So that's what autonomous database is, it's using the power of machine learning to automate all of the manual tasks that a human being is doing, which is really not of high value, which is really very administrative type of work. >> So I can see some of the time things are great for customers, what other benefits do those customers have in terms of having this, obviously automation takes away a lot of, makes free time, but what specific benefits do you guys see coming out of this for customers? >> Yeah, absolutely, I think for businesses it's all about outcome. So there are three major benefits of autonomous. The first one is reducing cost, it's making sure that the administrative times, I'll give you an example, we now with autonomous can cut off the administrative time by 80 percent, the cost of administering a database. So that's real hard savings for the customer, and they can then take that and put into something else that more strategic to them. It's about reducing risk. The risk of breeches, which could cause reputational damage to companies, which could cause, shareholder value loss. So the fact that we are reducing risk with autonomous technology is another big benefit. And the third, and the most important one, is really innovation, the time to innovation, the time to insights, more productivity for the customer. So those three, in my opinion, are the top three benefits >> To organizations. >> Now being agile, having flexibility, the cloud certainly brings that scale out mentality, that server list we hear things like that in the industry, so certainly very relevant, and machine learning makes that automation happen. Love that message. The question I would have for you is okay, in my mind, I'm trying to think, how would I buy this, how would I use it? What are some of the offerings that you guys have, is it turnkey box, is it software, how do you roll this out to customers, how do they consume it? Take us through the offering itself. >> Sure, today we offer autonomous in our cloud in two different offerings. One is autonomous data warehouse, which is purely for analytics, so you can actually create new data warehouses, or data mods to get insights from your data. The second one is transaction processing, it's autonomous transaction processing, which can be used to develop applications, to deploy applications, high-performance workloads, mission-critical workloads in the cloud. So those are the two ways we can do, in fact, we have many customers who are using our technology today in our cloud. But like I said, this is also going to be available in on-premises as well. >> That's awesome. So, when you get into the customer examples, who's using this now? Is it shipping? What's the status of it? I mean this gets a lot of attention, and the press articles are great. We covered it on SiliconANGLE, what are the customer examples? >> Absolutely, so of course it's shipping, and it's the first and only self-driving database in the industry. We have many, many customers for the last few months who are using it. I'll give you a few examples. We have a major Enterprise car rental company who is using it, and they were able to cut down their time to provision databases from two weeks to eight minutes. Now what does that mean? That means they can now roll out projects faster, and improve their customer services and offers they are making to customers. We have another customer who is in the shipping and oil industry, and they've cut down their time to querying complex data sets from 20 minutes to a few seconds. Again, which means they can get access to insights much faster to make decisions. And they've also eliminated downtime from patching because everything is done online, patching is done automatically on the database while it's running online. And then we have another customer who's a managed service provider. They're now able to provision their customers 10 times faster. So that means they can grow their business, they can provision more customers, their current customers can be happier because they are supporting them better and faster. >> What are some of the comments and messages, to kind of go off tangent for a second here but, I mean, they go "Wow, this is amazing"? What's some of the feedback you're getting? What are they saying, what are some the anecdotal comments? Share some color around that. >> Sure, I mean one of the big comments is "Wow! Me, I'm a DB, I thought this was "going to take my job away, but actually, "to the contrary, it's making my job easier." DBAs are now realizing they can actually manage many more databases efficiently in the same time that they were doing before. And secondly, they don't have to be involved in manual drudgery tasks, they can now offload all of that to autonomous database, and they can now focus on more strategic tasks. They can become a partner to the business, they can focus on application life-cycle management, on data security, on data architectures. So that's the one reaction we are getting is like "Wow, I didn't realize how much of my time "I was spending doing maintenance stuff, "which really adds no value to the organization." So customers are seeing a lot of productivity gains. I think the second thing is the speed of innovation. The fact that it would take them three months, six months, to deploy new projects, and now they can do it quickly within a few minutes is actually unbelievable to them. >> This is a real good point, I just want more double-down on that real quick, because one of the things we're seeing is, across all the events we go to, that message of the fear of "Oh my god, "I'm going to lose my job" or "I'm going to be automated away" actually isn't true. If they get re-deployed in other easier jobs, I don't want to say easier, but all the mundane tasks can be automated, that's a good thing. The security thing about the patching and self-updating, that's amazing. But the skill gaps is a huge problem CIOs face is that they need more people. And cloud architects are the number-one demand jobs, so I mean this must be really refreshing to hear that when you say "Hey, you were doing "a DBA job before, or something else, "now you're a cloud architect." Are you seeing the cloud architect role become important, and if so, what are they doing? What's the role of a cloud architect, and how does this fit into that? >> Yeah, I think the way we describe it, I think it's close to cloud architect, but think about it from administering data, or managing databases to actually using databases to mine insights, it's a different mindset. So you're becoming a data professional from a data administrator. So as opposed to having a job of managing a database, that's not important, what's important is you use the database to get insights and make your business smarter. So now we are working with, for example, our DBA stakeholders, which have been our Oracle family for four decades, to help them re-skill, to new ways of thinking, to becoming data professionals, to becoming data architects, and like I said, focusing on things like data life-cycle management, how do you work with application developers, how do you work with lines of businesses when your line of business comes to you and says "Hey, I want a database tag deployed for XYZ", the ability for them to say "Of course, I can give it to you in minutes." as opposed to saying "Oh, you'll have to wait two months." Imagine that. >> Yeah they're helping people, and they're also, more important, they're powerful. >> Right, right. >> Okay, Oracle OpenWorld is happening, and so one of the conversations we're hearing, and certainly this is consistent throughout the industry, the role of security. I put my skeptic hat on like okay Monica, tell me the truth, is it really self-updating the security patches? What about the phishing attacks? There's a real paranoia on the security. Take me through the security, while you guys are comfortable with the security, what's the big message and what's the big feature of why it's so secure? >> Right. But before I do that, let me paint a picture for you. We all know the opportunity that comes with Cloud, it presents huge opportunities to organizations. But with every opportunity, there comes a challenge that needs to be solved. And like you said, security is a big challenge. We are talking about massive scale of security breeches happening in the industry. We are talking about bad guys having access to very sophisticated technologies to wage this war against us, the organizations, to get access to core data. And we are talking about the number of security issues that are happening multiplying and compounding, and I'll give you some data points. There are 3.5 million cyber security jobs that are open in the next couple years. We don't have enough people to fill those jobs, even if we did, we can't keep pace with the amount of security threats and challenges that we need to navigate and address. >> And by the way, that's a data problem by the way, too. >> Back to your data is the central value proposition. >> Exactly, and also the other point I want to give you, which is equally important is of all the breeches that have happened, 85 percent actually had to fix available, and yet it wasn't applied and the breech happened. So again, we are talking about human beings who are very busy >> The human error on the patch side is huge. Spear phishing and also patches are the two number one areas of security. >> Right, but also people are busy. You kind of say "Okay, I'm going to do this later, "I have so many other 10 things to take care of first, "and I'm going to apply this patch later." Now what happens is, that's why we need to throw automation and machine learning at this problem. I don't think we can solve it by throwing just more and more human man-power on it. We need to combine the power of human and machine to tackle this security problem, and that's what we're doing with autonomous database. Not only can we predict a breech before it happens, we can actually fix it before it becomes an issue. And that's what I'm talking about with the whole self-securing notion. That's the power of autonomous database. >> A few Oracle OpenWorlds ago, Larry Ellison said on stage, I'll never forget this, I actually loved the line, other people kind of gave him some heat for it, but he said "Security should always be on. "Off is the exception." Has that view permeated through Oracle? >> Oh, Oracle was built on that view. We have, if you look again at our history, and our customer base, we are supporting the largest and the biggest governments in the world. We support from federal governments, to state governments, to public sector, to every organization who cares deeply about security, and it's not just a government issue, it's every organization has to safeguard the data of their customers. I mean that's the law. Every single organization cares about it. Oracle was built on that, that's the foundation that we are built on. So for us, security is very important, that's the first design principle of our data management, and all of our technology solutions. >> Well you guys are in the middle of all the cloud action, for sure, we're covering you guys, it's great to have you on theCUBE. Monica, thanks for coming and sharing your story. Where can people find out more information on the autonomous database, this awesome new product? >> Well, it's going to be all over oracle.com, so I'd say go there at first and from there you can navigate to a lot of great content on autonomous database. We have customer studies, we have free trials, so you can take us for a spin. It's like driving a self-driving car, it's self-driving database. >> It's a Tesla. >> Yeah, it's like the Tesla of databases, exactly. >> Monica, thanks for coming, I'm John Furrier here for CUBE Conversation, we are in Palo Alto at our headquarters, I'm John Furrier with theCUBE, thanks for watching. (enlightening music)