(upbeat music) (background crowd chatter) >> Hello, fantastic cloud community and welcome back to Las Vegas where we are live from the show floor at AWS re:Invent. My name is Savannah Peterson. Joined for the first time. >> Yeah, Doobie. >> VIP, I know. >> All right, let's do this. >> Thanks for having me Dave, I really appreciate it. >> I appreciate you doing all the hard work. >> Yeah. (laughs) >> You, know. >> I don't know about that. We wouldn't be here without you and all these wonderful stories that all the businesses have. >> Well, when I host with John it's hard for me to get a word in edgewise. I'm just kidding, John. (Savannah laughing) >> Shocking, I've never want that experience. >> We're like knocking each other, trying to, we're elbowing. No, it's my turn to speak, (Savannah laughing) so I'm sure we're going to work great together. I'm really looking forward to it. >> Me too Dave, I feel very lucky to be here and I feel very lucky to introduce our guest this afternoon, Clint Sharp, welcome to the show. You are with Cribl. Yeah, how does it feel to be on the show floor today? >> It's amazing to be back at any conference in person and this one is just electric, I mean, there's like a ton of people here love the booth. We're having like a lot of activity. It's been really, really exciting to be here. >> So you're a re:Ieinvent alumni? Have you been here before? You're a Cube alumni. We're going to have an OG conversation about observability, I'm looking forward to it. Just in case folks haven't been watching theCUBE for the last nine years that you've been on it. I know you've been with a few different companies during that time period. Love that you've been with us since 2013. Give us the elevator pitch for Cribl. >> Yeah, so Cribl is an observability company which we're going to talk about today. Our flagship product is a telemetry router. So it just really helps you get data into the right places. We're very specifically in the observability and security markets, so we sell to those buyers and we help them work with logs and metrics and open telemetry, lots of different types of data to get it into the right systems. >> Why did observability all of a sudden become such a hot thing? >> Savannah: Such a hot topic. >> Right, I mean it just came on the scene so quickly and now it's obviously a very crowded space. So why now, and how do you guys differentiate from the crowd? >> Yeah, sure, so I think it's really a post-digital transformation thing Dave, when I think about how I interact with organizations you know, 20 years ago when I started this business I called up American Airlines when things weren't working and now everything's all done digitally, right? I rarely ever interact with a human being and yet if I go on one of these apps and I get a bad experience, switching is just as easy as booking another airline or changing banks or changing telecommunications providers. So companies really need an ability to dive into this data at very high fidelity to understand what Dave's experience with their service or their applications are. And for the same reasons on the security side, we need very, very high fidelity data in order to understand whether malicious actors are working their way around inside of the enterprise. And so that's really changed the tooling that we had, which, in prior years, it was really hard to ask arbitrary questions of that data. You really had to deal with whatever the vendor gave you or you know, whatever the tool came with. And observability is really an evolution, allowing people to ask and answer questions of their data that they really weren't planning in advance. >> Dave: Like what kind of questions are people asking? >> Yeah sure so what is Dave's performance with this application? I see that a malicious actor has made their way on the inside of my network. Where did they go? What did they do? What files did they access? What network connections did they open? And the scale of machine data of this machine to machine communication is so much larger than what you tend to see with like human generated data, transactional data, that we really need different systems to deal with that type of data. >> And what would you say is your secret sauce? Like some people come at it, some search, some come at it from security. What's your sort of superpower as Lisa likes to say? >> Yeah, so we're a customer's first company. And so one of the things I think that we've done incredibly well is go look at the market and look for problems that are not being solved by other vendors. And so when we created this category of an observability pipeline, nobody was really marketing an observability pipeline at that time. And really the problem that customers had is they have data from a lot of different sources and they need to get it to a lot of different destinations. And a lot of that data is not particularly valuable. And in fact, one of the things that we like to say about this class of data is that it's really not valuable until it is, right? And so if I have a security breach, if I have an outage and I need to start pouring through this data suddenly the data is very, very valuable. And so customers need a lot of different places to store this data. I might want that data in a logging system. I might want that data in a metric system. I might want that data in a distributed tracing system. I might want that data in a data lake. In fact AWS just announced their security data lake product today. >> Big topic all day. >> Yeah, I mean like you can see that the industry is going in this way. People want to be able to store massively greater quantities of data than they can cost effectively do today. >> Let's talk about that just a little bit. The tension between data growth, like you said it's not valuable until it is or until it's providing context, whether that be good or bad. Let's talk about the tension between data growth and budget growth. How are you seeing that translate in your customers? >> Yeah, well so data's growing in a 25% CAGR per IDC which means we're going to have two and a half times the data in five years. And when you talk to CISOs and CIOs and you ask them, is your budget growing at a 25% CAGR, absolutely not, under no circumstances am I going to have, you know, that much more money. So what got us to 2022 is not going to get us to 2032. And so we really need different approaches for managing this data at scale. And that's where you're starting to see things like the AWS security data lake, Snowflake is moving into this space. You're seeing a lot of different people kind of moving into the database for security and observability type of data. You also have lots of other companies that are competing in broad spectrum observability, companies like Splunk or companies like Datadog. And these guys are all doing it from a data-first approach. I'm going to bring a lot of data into these platforms and give users the ability to work with that data to understand the performance and security of their applications. >> Okay, so carry that through, and you guys are different how? >> Yeah, so we are this pipeline that's sitting in the middle of all these solutions. We don't care whether your data was originally intended for some other tool. We're going to help you in a vendor-neutral way get that data wherever you need to get it. And that gives them the ability to control cost because they can put the right data in the right place. If it's data that's not going to be frequently accessed let's put it in a data lake, the cheapest place we can possibly put that data to rest. Or if I want to put it into my security tool maybe not all of the data that's coming from my vendor, my vendor has to put all the data in their records because who knows what it's going to be used for. But I only use half or a quarter of that information for security. And so what if I just put the paired down results in my more expensive storage but I kept full fidelity data somewhere else. >> Okay so you're observing the observability platforms basically, okay. >> Clint: We're routing that data. >> And then creating- >> It's meta observability. >> Right, observability pipeline. When I think a data pipeline, I think of highly specialized individuals, there's a data analyst, there's a data scientist, there's a quality engineer, you know, etc, et cetera. Do you have specific roles in your customer base that look at different parts of that pipeline and can you describe that? >> Yeah, absolutely, so one of the things I think that we do different is we sell very specifically to the security tooling vendors. And so in that case we are, or not to the vendors, but to the customers themselves. So generally they have a team inside of that organization which is managing their security tooling and their operational tooling. And so we're building tooling very specifically for them, for the types of data they work with for the volumes and scale of data that they work with. And that is giving, and no other vendor is really focusing on them. There's a lot of general purpose data people in the world and we're really the only ones that are focusing very specifically on observability and security data. >> So the announcement today, the security data lake that you were talking about, it's based on the Open Cybersecurity Framework, which I think AWS put forth, right? And said, okay, everybody come on. [Savannah] Yeah, yeah they did. >> So, right, all right. So what are your thoughts on that? You know, how does it fit with your strategy, you know. >> Yeah, so we are again a customer's first neutral company. So if OCSF gains traction, which we hope it does then we'll absolutely help customers get data into that format. But we're kind of this universal adapter so we can take data from other vendors, proprietary schemas, maybe you're coming from one of the other send vendors and you want to translate that to OCSF to use it with the security data lake. We can provide customers the ability to change and reshape that data to fit into any schema from any vendor so that we're really giving security data lake customers the ability to adapt the legacy, the stuff that they have that they can't get rid of 'cause they've had it for 10 years, 20 years and nothing inside of an enterprise ever goes away. That stuff stays forever. >> Legacy. >> Well legacy is working right? I mean somebody's actually, you know, making money on top of this thing. >> We never get rid of stuff. >> No, (laughing) we just added the toolkit. It's like all the old cell phones we have, it's everything. I mean we even do it as individual users and consumers. It's all a part of our little personal library. >> So what's happened in the field company momentum? >> Yeah let's talk trends too. >> Yeah so the company's growing crazily fast. We're north of 400 employees and we're only a hundred and something, you know, a year ago. So you can kind of see we're tripling you know, year over year. >> Savannah: Casual, especially right now in a lot of companies are feeling that scale back. >> Yeah so obviously we're keeping our eye closely on the macro conditions, but we see such a huge opportunity because we're a value player in this space that there's a real flight to value in enterprises right now. They're looking for projects that are going to pay themselves back and we've always had this value prop, we're going to come give you a lot of capabilities but we're probably going to save you money at the same time. And so that's just really resonating incredibly well with enterprises today and giving us an opportunity to continue to grow in the face of some challenging headwinds from a macro perspective. >> Well, so, okay, so people think okay, security is immune from the macro. It's not, I mean- >> Nothing, really. >> No segment is immune. CrowdStrike announced today the CrowdStrike rocket ship's still growing AR 50%, but you know, stocks down, I don't know, 20% right now after our- >> Logically doesn't make- >> Okay stuff happens, but still, you know, it's interesting, the macro, because it was like, to me it's like a slingshot, right? Everybody was like, wow, pandemic, shut down. All of a sudden, oh wow, need tech, boom. >> Savannah: Yeah, digitally transformed today. >> It's like, okay, tap the brakes. You know, when you're driving down the highway and you get that slingshotting effect and I feel like that's what's going on now. So, the premise is that the real leaders, those guys with the best tech that really understand the customers are going to, you know, get through this. What are your customers telling you in terms of, you know they're spending patterns, how they're trying to maybe consolidate vendors and how does that affect you guys? >> Yeah, for sure, I mean, I think, obviously, back to that flight to value, they're looking for vendors who are aligned with their interests. So, you know, as their budgets are getting pressure, what vendors are helping them provide the same capabilities they had to provide to the business before especially from a security perspective 'cause they're going to get cut along with everybody else. If a larger organization is trimming budgets across, security's going to get cut along with everybody else. So is IT operations. And so since they're being asked to do more with less that's you know, really where we're coming in and trying to provide them value. But certainly we're seeing a lot of pressure from IT departments, security departments all over in terms of being able to live and do more with less. >> Yeah, I mean, Celip's got a great quote today. "If you're looking to tighten your belt the cloud is the place to do it." I mean, it's probably true. >> Absolutely, elastic scalability in this, you know, our new search product is based off of AWS Lambda and it gives you truly elastic scalability. These changes in architectures are what's going to allow, it's not that cloud is cheaper, it's that cloud gives you on-demand scalability that allows you to truly control the compute that you're spending. And so as a customer of AWS, like this is giving us capabilities to offer products that are scalable and cost effective in ways that we just have not been able to do in the cloud. >> So what does that mean for the customer that you're using serverless using Lambda? What does that mean for them in terms of what they don't have to do that they maybe had to previously? >> It offers us the ability to try to charge them like a truly cloud native vendor. So in our cloud product we sell a credit model whereby which you deduct credits for usage. So if you're streaming data, you pay for gigabytes. If you're searching data then you're paying for CPU consumption, and so it allows us to charge them only for what they're consuming which means we don't have to manage a whole fleet of servers, and eventually, well we go to managing our own compute quite possibly as we start to get to scale at certain customers. But Lambda allowed us to not have to launch that way, not have to run a bunch of infrastructure. And we've been able to align our charging model with something that we think is the most customer friendly which is true consumption, pay for what you consume. >> So for example, you're saying you don't have to configure the EC2 Instance or figure out the memory sizing, you don't have to worry about any of that. You just basically say go, it figures that out and you can focus on upstream, is that right? >> Yep, and we're able to not only from a cost perspective also from a people perspective, it's allowed us velocity that we did not have before, which is we can go and prototype and build significantly faster because we're not having to worry, you know, in our mature products we use EC2 like everybody else does, right? And so as we're launching new products it's allowed us to iterate much faster and will we eventually go back to running our own compute, who knows, maybe, but it's allowed us a lot faster velocity than we were able to get before. >> I like what I've heard you discuss a lot is the agility and adaptability. We're going to be moving and evolving, choosing different providers. You're very outspoken about being vendor agnostic and I think that's actually a really unique and interesting play because we don't know what the future holds. So we're doing a new game on that note here on theCUBE, new game, new challenge, I suppose I would call it to think of this as your 30 second thought leadership highlight reel, a sizzle of the most important topic or conversation that's happening theme here at the show this year. >> Yeah, I mean, for me, as I think, as we're looking, especially like security data lake, et cetera, it's giving customers ownership of their data. And I think that once you, and I'm a big fan of this concept of open observability, and security should be the same way which is, I should not be locking you in as a vendor into my platform. Data should be stored in open formats that can be analyzed by multiple places. And you've seen this with AWS's announcement, data stored in open formats the same way other vendors store that. And so if you want to plug out AWS and you want to bring somebody else in to analyze your security lake, then great. And as we move into our analysis product, our search product, we'll be able to search data in the security data lake or data that's raw in S3. And we're really just trying to give customers back control over their future so that they don't have to maintain a relationship with a particular vendor. They're always getting the best. And that competition fuels really great product. And I'm really excited for the next 10 years of our industry as we're able to start competing on experiences and giving customers the best products, the customer wins. And I'm really excited about the customer winning. >> Yeah, so customer focused, I love it. What a great note to end on. That was very exciting, very customer focused. So, yo Clint, I have really enjoyed talking to you. Thanks. >> Thanks Clint. >> Thanks so much, it's been a pleasure being on. >> Thanks for enhancing our observability over here, I feel like I'll be looking at things a little bit differently after this conversation. And thank all of you for tuning in to our wonderful afternoon of continuous live coverage here at AWS re:Ieinvent in fabulous Las Vegas, Nevada with Dave Vellante. I'm Savannah Peterson. We're theCUBE, the leading source for high tech coverage. (bright music)

hello I'm John Furrier with thecube and welcome to this special presentation of the cube and Horizon 3.ai they're announcing a global partner first approach expanding their successful pen testing product Net Zero you're going to hear from leading experts in their staff their CEO positioning themselves for a successful Channel distribution expansion internationally in Europe Middle East Africa and Asia Pacific in this Cube special presentation you'll hear about the expansion the expanse partner program giving Partners a unique opportunity to offer Net Zero to their customers Innovation and Pen testing is going International with Horizon 3.ai enjoy the program [Music] welcome back everyone to the cube and Horizon 3.ai special presentation I'm John Furrier host of thecube we're here with Jennifer Lee head of Channel sales at Horizon 3.ai Jennifer welcome to the cube thanks for coming on great well thank you for having me so big news around Horizon 3.aa driving Channel first commitment you guys are expanding the channel partner program to include all kinds of new rewards incentives training programs help educate you know Partners really drive more recurring Revenue certainly cloud and Cloud scale has done that you got a great product that fits into that kind of Channel model great Services you can wrap around it good stuff so let's get into it what are you guys doing what are what are you guys doing with this news why is this so important yeah for sure so um yeah we like you said we recently expanded our Channel partner program um the driving force behind it was really just um to align our like you said our Channel first commitment um and creating awareness around the importance of our partner ecosystems um so that's it's really how we go to market is is through the channel and a great International Focus I've talked with the CEO so you know about the solution and he broke down all the action on why it's important on the product side but why now on the go to market change what's the what's the why behind this big this news on the channel yeah for sure so um we are doing this now really to align our business strategy which is built on the concept of enabling our partners to create a high value high margin business on top of our platform and so um we offer a solution called node zero it provides autonomous pen testing as a service and it allows organizations to continuously verify their security posture um so we our company vision we have this tagline that states that our pen testing enables organizations to see themselves Through The Eyes of an attacker and um we use the like the attacker's perspective to identify exploitable weaknesses and vulnerabilities so we created this partner program from a perspective of the partner so the partner's perspective and we've built It Through The Eyes of our partner right so we're prioritizing really what the partner is looking for and uh will ensure like Mutual success for us yeah the partners always want to get in front of the customers and bring new stuff to them pen tests have traditionally been really expensive uh and so bringing it down in one to a service level that's one affordable and has flexibility to it allows a lot of capability so I imagine people getting excited by it so I have to ask you about the program What specifically are you guys doing can you share any details around what it means for the partners what they get what's in it for them can you just break down some of the mechanics and mechanisms or or details yeah yep um you know we're really looking to create business alignment um and like I said establish Mutual success with our partners so we've got two um two key elements that we were really focused on um that we bring to the partners so the opportunity the profit margin expansion is one of them and um a way for our partners to really differentiate themselves and stay relevant in the market so um we've restructured our discount model really um you know highlighting profitability and maximizing profitability and uh this includes our deal registration we've we've created deal registration program we've increased discount for partners who take part in our partner certification uh trainings and we've we have some other partner incentives uh that we we've created that that's going to help out there we've we put this all so we've recently Gone live with our partner portal um it's a Consolidated experience for our partners where they can access our our sales tools and we really view our partners as an extension of our sales and Technical teams and so we've extended all of our our training material that we use internally we've made it available to our partners through our partner portal um we've um I'm trying I'm thinking now back what else is in that partner portal here we've got our partner certification information so all the content that's delivered during that training can be found in the portal we've got deal registration uh um co-branded marketing materials pipeline management and so um this this portal gives our partners a One-Stop place to to go to find all that information um and then just really quickly on the second part of that that I mentioned is our technology really is um really disruptive to the market so you know like you said autonomous pen testing it's um it's still it's well it's still still relatively new topic uh for security practitioners and um it's proven to be really disruptive so um that on top of um just well recently we found an article that um that mentioned by markets and markets that reports that the global pen testing markets really expanding and so it's expected to grow to like 2.7 billion um by 2027. so the Market's there right the Market's expanding it's growing and so for our partners it's just really allows them to grow their revenue um across their customer base expand their customer base and offering this High profit margin while you know getting in early to Market on this just disruptive technology big Market a lot of opportunities to make some money people love to put more margin on on those deals especially when you can bring a great solution that everyone knows is hard to do so I think that's going to provide a lot of value is there is there a type of partner that you guys see emerging or you aligning with you mentioned the alignment with the partners I can see how that the training and the incentives are all there sounds like it's all going well is there a type of partner that's resonating the most or is there categories of partners that can take advantage of this yeah absolutely so we work with all different kinds of Partners we work with our traditional resale Partners um we've worked we're working with systems integrators we have a really strong MSP mssp program um we've got Consulting partners and the Consulting Partners especially with the ones that offer pen test services so we they use us as a as we act as a force multiplier just really offering them profit margin expansion um opportunity there we've got some technology partner partners that we really work with for co-cell opportunities and then we've got our Cloud Partners um you'd mentioned that earlier and so we are in AWS Marketplace so our ccpo partners we're part of the ISP accelerate program um so we we're doing a lot there with our Cloud partners and um of course we uh we go to market with uh distribution Partners as well gotta love the opportunity for more margin expansion every kind of partner wants to put more gross profit on their deals is there a certification involved I have to ask is there like do you get do people get certified or is it just you get trained is it self-paced training is it in person how are you guys doing the whole training certification thing because is that is that a requirement yeah absolutely so we do offer a certification program and um it's been very popular this includes a a seller's portion and an operator portion and and so um this is at no cost to our partners and um we operate both virtually it's it's law it's virtually but live it's not self-paced and we also have in person um you know sessions as well and we also can customize these to any partners that have a large group of people and we can just we can do one in person or virtual just specifically for that partner well any kind of incentive opportunities and marketing opportunities everyone loves to get the uh get the deals just kind of rolling in leads from what we can see if our early reporting this looks like a hot product price wise service level wise what incentive do you guys thinking about and and Joint marketing you mentioned co-sell earlier in pipeline so I was kind of kind of honing in on that piece sure and yes and then to follow along with our partner certification program we do incentivize our partners there if they have a certain number certified their discount increases so that's part of it we have our deal registration program that increases discount as well um and then we do have some um some partner incentives that are wrapped around meeting setting and um moving moving opportunities along to uh proof of value gotta love the education driving value I have to ask you so you've been around the industry you've seen the channel relationships out there you're seeing companies old school new school you know uh Horizon 3.ai is kind of like that new school very cloud specific a lot of Leverage with we mentioned AWS and all the clouds um why is the company so hot right now why did you join them and what's why are people attracted to this company what's the what's the attraction what's the vibe what do you what do you see and what what do you use what did you see in in this company well this is just you know like I said it's very disruptive um it's really in high demand right now and um and and just because because it's new to Market and uh a newer technology so we are we can collaborate with a manual pen tester um we can you know we can allow our customers to run their pen test um with with no specialty teams and um and and then so we and like you know like I said we can allow our partners can actually build businesses profitable businesses so we can they can use our product to increase their services revenue and um and build their business model you know around around our services what's interesting about the pen test thing is that it's very expensive and time consuming the people who do them are very talented people that could be working on really bigger things in the in absolutely customers so bringing this into the channel allows them if you look at the price Delta between a pen test and then what you guys are offering I mean that's a huge margin Gap between street price of say today's pen test and what you guys offer when you show people that they follow do they say too good to be true I mean what are some of the things that people say when you kind of show them that are they like scratch their head like come on what's the what's the catch here right so the cost savings is a huge is huge for us um and then also you know like I said working as a force multiplier with a pen testing company that offers the services and so they can they can do their their annual manual pen tests that may be required around compliance regulations and then we can we can act as the continuous verification of their security um um you know that that they can run um weekly and so it's just um you know it's just an addition to to what they're offering already and an expansion so Jennifer thanks for coming on thecube really appreciate you uh coming on sharing the insights on the channel uh what's next what can we expect from the channel group what are you thinking what's going on right so we're really looking to expand our our Channel um footprint and um very strategically uh we've got um we've got some big plans um for for Horizon 3.ai awesome well thanks for coming on really appreciate it you're watching thecube the leader in high tech Enterprise coverage [Music] [Music] hello and welcome to the Cube's special presentation with Horizon 3.ai with Raina Richter vice president of emea Europe Middle East and Africa and Asia Pacific APAC for Horizon 3 today welcome to this special Cube presentation thanks for joining us thank you for the invitation so Horizon 3 a guy driving Global expansion big international news with a partner first approach you guys are expanding internationally let's get into it you guys are driving this new expanse partner program to new heights tell us about it what are you seeing in the momentum why the expansion what's all the news about well I would say uh yeah in in international we have I would say a similar similar situation like in the US um there is a global shortage of well-educated penetration testers on the one hand side on the other side um we have a raising demand of uh network and infrastructure security and with our approach of an uh autonomous penetration testing I I believe we are totally on top of the game um especially as we have also now uh starting with an international instance that means for example if a customer in Europe is using uh our service node zero he will be connected to a node zero instance which is located inside the European Union and therefore he has doesn't have to worry about the conflict between the European the gdpr regulations versus the US Cloud act and I would say there we have a total good package for our partners that they can provide differentiators to their customers you know we've had great conversations here on thecube with the CEO and the founder of the company around the leverage of the cloud and how successful that's been for the company and honestly I can just Connect the Dots here but I'd like you to weigh in more on how that translates into the go to market here because you got great Cloud scale with with the security product you guys are having success with great leverage there I've seen a lot of success there what's the momentum on the channel partner program internationally why is it so important to you is it just the regional segmentation is it the economics why the momentum well there are it's there are multiple issues first of all there is a raising demand in penetration testing um and don't forget that uh in international we have a much higher level in number a number or percentage in SMB and mid-market customers so these customers typically most of them even didn't have a pen test done once a year so for them pen testing was just too expensive now with our offering together with our partners we can provide different uh ways how customers could get an autonomous pen testing done more than once a year with even lower costs than they had with with a traditional manual paint test so and that is because we have our uh Consulting plus package which is for typically pain testers they can go out and can do a much faster much quicker and their pain test at many customers once in after each other so they can do more pain tests on a lower more attractive price on the other side there are others what even the same ones who are providing um node zero as an mssp service so they can go after s p customers saying okay well you only have a couple of hundred uh IP addresses no worries we have the perfect package for you and then you have let's say the mid Market let's say the thousands and more employees then they might even have an annual subscription very traditional but for all of them it's all the same the customer or the service provider doesn't need a piece of Hardware they only need to install a small piece of a Docker container and that's it and that makes it so so smooth to go in and say okay Mr customer we just put in this this virtual attacker into your network and that's it and and all the rest is done and within within three clicks they are they can act like a pen tester with 20 years of experience and that's going to be very Channel friendly and partner friendly I can almost imagine so I have to ask you and thank you for calling the break calling out that breakdown and and segmentation that was good that was very helpful for me to understand but I want to follow up if you don't mind um what type of partners are you seeing the most traction with and why well I would say at the beginning typically you have the the innovators the early adapters typically Boutique size of Partners they start because they they are always looking for Innovation and those are the ones you they start in the beginning so we have a wide range of Partners having mostly even um managed by the owner of the company so uh they immediately understand okay there is the value and they can change their offering they're changing their offering in terms of penetration testing because they can do more pen tests and they can then add other ones or we have those ones who offer 10 tests services but they did not have their own pen testers so they had to go out on the open market and Source paint testing experts um to get the pen test at a particular customer done and now with node zero they're totally independent they can't go out and say okay Mr customer here's the here's the service that's it we turn it on and within an hour you're up and running totally yeah and those pen tests are usually expensive and hard to do now it's right in line with the sales delivery pretty interesting for a partner absolutely but on the other hand side we are not killing the pain testers business we do something we're providing with no tiers I would call something like the foundation work the foundational work of having an an ongoing penetration testing of the infrastructure the operating system and the pen testers by themselves they can concentrate in the future on things like application pen testing for example so those Services which we we're not touching so we're not killing the paint tester Market we're just taking away the ongoing um let's say foundation work call it that way yeah yeah that was one of my questions I was going to ask is there's a lot of interest in this autonomous pen testing one because it's expensive to do because those skills are required are in need and they're expensive so you kind of cover the entry level and the blockers that are in there I've seen people say to me this pen test becomes a blocker for getting things done so there's been a lot of interest in the autonomous pen testing and for organizations to have that posture and it's an overseas issue too because now you have that that ongoing thing so can you explain that particular benefit for an organization to have that continuously verifying an organization's posture yep certainly so I would say um typically you are you you have to do your patches you have to bring in new versions of operating systems of different Services of uh um operating systems of some components and and they are always bringing new vulnerabilities the difference here is that with node zero we are telling the customer or the partner package we're telling them which are the executable vulnerabilities because previously they might have had um a vulnerability scanner so this vulnerability scanner brought up hundreds or even thousands of cves but didn't say anything about which of them are vulnerable really executable and then you need an expert digging in one cve after the other finding out is it is it really executable yes or no and that is where you need highly paid experts which we have a shortage so with notes here now we can say okay we tell you exactly which ones are the ones you should work on because those are the ones which are executable we rank them accordingly to the risk level how easily they can be used and by a sudden and then the good thing is convert it or indifference to the traditional penetration test they don't have to wait for a year for the next pain test to find out if the fixing was effective they weren't just the next scan and say Yes closed vulnerability is gone the time is really valuable and if you're doing any devops Cloud native you're always pushing new things so pen test ongoing pen testing is actually a benefit just in general as a kind of hygiene so really really interesting solution really bring that global scale is going to be a new new coverage area for us for sure I have to ask you if you don't mind answering what particular region are you focused on or plan to Target for this next phase of growth well at this moment we are concentrating on the countries inside the European Union Plus the United Kingdom um but we are and they are of course logically I'm based into Frankfurt area that means we cover more or less the countries just around so it's like the total dark region Germany Switzerland Austria plus the Netherlands but we also already have Partners in the nordics like in Finland or in Sweden um so it's it's it it's rapidly we have Partners already in the UK and it's rapidly growing so I'm for example we are now starting with some activities in Singapore um um and also in the in the Middle East area um very important we uh depending on let's say the the way how to do business currently we try to concentrate on those countries where we can have um let's say um at least English as an accepted business language great is there any particular region you're having the most success with right now is it sounds like European Union's um kind of first wave what's them yes that's the first definitely that's the first wave and now we're also getting the uh the European instance up and running it's clearly our commitment also to the market saying okay we know there are certain dedicated uh requirements and we take care of this and and we're just launching it we're building up this one uh the instance um in the AWS uh service center here in Frankfurt also with some dedicated Hardware internet in a data center in Frankfurt where we have with the date six by the way uh the highest internet interconnection bandwidth on the planet so we have very short latency to wherever you are on on the globe that's a great that's a great call outfit benefit too I was going to ask that what are some of the benefits your partners are seeing in emea and Asia Pacific well I would say um the the benefits is for them it's clearly they can they can uh talk with customers and can offer customers penetration testing which they before and even didn't think about because it penetrates penetration testing in a traditional way was simply too expensive for them too complex the preparation time was too long um they didn't have even have the capacity uh to um to support a pain an external pain tester now with this service you can go in and say even if they Mr customer we can do a test with you in a couple of minutes within we have installed the docker container within 10 minutes we have the pen test started that's it and then we just wait and and I would say that is we'll we are we are seeing so many aha moments then now because on the partner side when they see node zero the first time working it's like this wow that is great and then they work out to customers and and show it to their typically at the beginning mostly the friendly customers like wow that's great I need that and and I would say um the feedback from the partners is that is a service where I do not have to evangelize the customer everybody understands penetration testing I don't have to say describe what it is they understand the customer understanding immediately yes penetration testing good about that I know I should do it but uh too complex too expensive now with the name is for example as an mssp service provided from one of our partners but it's getting easy yeah it's great and it's great great benefit there I mean I gotta say I'm a huge fan of what you guys are doing I like this continuous automation that's a major benefit to anyone doing devops or any kind of modern application development this is just a godsend for them this is really good and like you said the pen testers that are doing it they were kind of coming down from their expertise to kind of do things that should have been automated they get to focus on the bigger ticket items that's a really big point so we free them we free the pain testers for the higher level elements of the penetration testing segment and that is typically the application testing which is currently far away from being automated yeah and that's where the most critical workloads are and I think this is the nice balance congratulations on the international expansion of the program and thanks for coming on this special presentation really I really appreciate it thank you you're welcome okay this is thecube special presentation you know check out pen test automation International expansion Horizon 3 dot AI uh really Innovative solution in our next segment Chris Hill sector head for strategic accounts will discuss the power of Horizon 3.ai and Splunk in action you're watching the cube the leader in high tech Enterprise coverage foreign [Music] [Music] welcome back everyone to the cube and Horizon 3.ai special presentation I'm John Furrier host of thecube we're with Chris Hill sector head for strategic accounts and federal at Horizon 3.ai a great Innovative company Chris great to see you thanks for coming on thecube yeah like I said uh you know great to meet you John long time listener first time caller so excited to be here with you guys yeah we were talking before camera you had Splunk back in 2013 and I think 2012 was our first splunk.com and boy man you know talk about being in the right place at the right time now we're at another inflection point and Splunk continues to be relevant um and continuing to have that data driving Security in that interplay and your CEO former CTO of his plug as well at Horizon who's been on before really Innovative product you guys have but you know yeah don't wait for a breach to find out if you're logging the right data this is the topic of this thread Splunk is very much part of this new international expansion announcement uh with you guys tell us what are some of the challenges that you see where this is relevant for the Splunk and Horizon AI as you guys expand uh node zero out internationally yeah well so across so you know my role uh within Splunk it was uh working with our most strategic accounts and so I looked back to 2013 and I think about the sales process like working with with our small customers you know it was um it was still very siled back then like I was selling to an I.T team that was either using this for it operations um we generally would always even say yeah although we do security we weren't really designed for it we're a log management tool and we I'm sure you remember back then John we were like sort of stepping into the security space and and the public sector domain that I was in you know security was 70 of what we did when I look back to sort of uh the transformation that I was witnessing in that digital transformation um you know when I look at like 2019 to today you look at how uh the IT team and the security teams are being have been forced to break down those barriers that they used to sort of be silent away would not commute communicate one you know the security guys would be like oh this is my box I.T you're not allowed in today you can't get away with that and I think that the value that we bring to you know and of course Splunk has been a huge leader in that space and continues to do Innovation across the board but I think what we've we're seeing in the space and I was talking with Patrick Coughlin the SVP of uh security markets about this is that you know what we've been able to do with Splunk is build a purpose-built solution that allows Splunk to eat more data so Splunk itself is ulk know it's an ingest engine right the great reason people bought it was you could build these really fast dashboards and grab intelligence out of it but without data it doesn't do anything right so how do you drive and how do you bring more data in and most importantly from a customer perspective how do you bring the right data in and so if you think about what node zero and what we're doing in a horizon 3 is that sure we do pen testing but because we're an autonomous pen testing tool we do it continuously so this whole thought I'd be like oh crud like my customers oh yeah we got a pen test coming up it's gonna be six weeks the week oh yeah you know and everyone's gonna sit on their hands call me back in two months Chris we'll talk to you then right not not a real efficient way to test your environment and shoot we saw that with Uber this week right um you know and that's a case where we could have helped oh just right we could explain the Uber thing because it was a contractor just give a quick highlight of what happened so you can connect the doctor yeah no problem so um it was uh I got I think it was yeah one of those uh you know games where they would try and test an environment um and with the uh pen tester did was he kept on calling them MFA guys being like I need to reset my password we need to set my right password and eventually the um the customer service guy said okay I'm resetting it once he had reset and bypassed the multi-factor authentication he then was able to get in and get access to the building area that he was in or I think not the domain but he was able to gain access to a partial part of that Network he then paralleled over to what I would assume is like a VA VMware or some virtual machine that had notes that had all of the credentials for logging into various domains and So within minutes they had access and that's the sort of stuff that we do you know a lot of these tools like um you know you think about the cacophony of tools that are out there in a GTA architect architecture right I'm gonna get like a z-scale or I'm going to have uh octum and I have a Splunk I've been into the solar system I mean I don't mean to name names we have crowdstriker or Sentinel one in there it's just it's a cacophony of things that don't work together they weren't designed work together and so we have seen so many times in our business through our customer support and just working with customers when we do their pen tests that there will be 5 000 servers out there three are misconfigured those three misconfigurations will create the open door because remember the hacker only needs to be right once the defender needs to be right all the time and that's the challenge and so that's what I'm really passionate about what we're doing uh here at Horizon three I see this my digital transformation migration and security going on which uh we're at the tip of the spear it's why I joined sey Hall coming on this journey uh and just super excited about where the path's going and super excited about the relationship with Splunk I get into more details on some of the specifics of that but um you know well you're nailing I mean we've been doing a lot of things on super cloud and this next gen environment we're calling it next gen you're really seeing devops obviously devsecops has already won the it role has moved to the developer shift left is an indicator of that it's one of the many examples higher velocity code software supply chain you hear these things that means that it is now in the developer hands it is replaced by the new Ops data Ops teams and security where there's a lot of horizontal thinking to your point about access there's no more perimeter huge 100 right is really right on things one time you know to get in there once you're in then you can hang out move around move laterally big problem okay so we get that now the challenges for these teams as they are transitioning organizationally how do they figure out what to do okay this is the next step they already have Splunk so now they're kind of in transition while protecting for a hundred percent ratio of success so how would you look at that and describe the challenge is what do they do what is it what are the teams facing with their data and what's next what are they what are they what action do they take so let's use some vernacular that folks will know so if I think about devsecops right we both know what that means that I'm going to build security into the app it normally talks about sec devops right how am I building security around the perimeter of what's going inside my ecosystem and what are they doing and so if you think about what we're able to do with somebody like Splunk is we can pen test the entire environment from Soup To Nuts right so I'm going to test the end points through to its I'm going to look for misconfigurations I'm going to I'm going to look for um uh credential exposed credentials you know I'm going to look for anything I can in the environment again I'm going to do it at light speed and and what what we're doing for that SEC devops space is to you know did you detect that we were in your environment so did we alert Splunk or the Sim that there's someone in the environment laterally moving around did they more importantly did they log us into their environment and when do they detect that log to trigger that log did they alert on us and then finally most importantly for every CSO out there is going to be did they stop us and so that's how we we do this and I think you when speaking with um stay Hall before you know we've come up with this um boils but we call it fine fix verifying so what we do is we go in is we act as the attacker right we act in a production environment so we're not going to be we're a passive attacker but we will go in on credentialed on agents but we have to assume to have an assumed breach model which means we're going to put a Docker container in your environment and then we're going to fingerprint the environment so we're going to go out and do an asset survey now that's something that's not something that Splunk does super well you know so can Splunk see all the assets do the same assets marry up we're going to log all that data and think and then put load that into this long Sim or the smoke logging tools just to have it in Enterprise right that's an immediate future ad that they've got um and then we've got the fix so once we've completed our pen test um we are then going to generate a report and we can talk about these in a little bit later but the reports will show an executive summary the assets that we found which would be your asset Discovery aspect of that a fix report and the fixed report I think is probably the most important one it will go down and identify what we did how we did it and then how to fix that and then from that the pen tester or the organization should fix those then they go back and run another test and then they validate like a change detection environment to see hey did those fixes taste play take place and you know snehaw when he was the CTO of jsoc he shared with me a number of times about it's like man there would be 15 more items on next week's punch sheet that we didn't know about and it's and it has to do with how we you know how they were uh prioritizing the cves and whatnot because they would take all CBDs it was critical or non-critical and it's like we are able to create context in that environment that feeds better information into Splunk and whatnot that brings that brings up the efficiency for Splunk specifically the teams out there by the way the burnout thing is real I mean this whole I just finished my list and I got 15 more or whatever the list just can keeps growing how did node zero specifically help Splunk teams be more efficient like that's the question I want to get at because this seems like a very scale way for Splunk customers and teams service teams to be more so the question is how does node zero help make Splunk specifically their service teams be more efficient so so today in our early interactions we're building customers we've seen are five things um and I'll start with sort of identifying the blind spots right so kind of what I just talked about with you did we detect did we log did we alert did they stop node zero right and so I would I put that you know a more Layman's third grade term and if I was going to beat a fifth grader at this game would be we can be the sparring partner for a Splunk Enterprise customer a Splunk Essentials customer someone using Splunk soar or even just an Enterprise Splunk customer that may be a small shop with three people and just wants to know where am I exposed so by creating and generating these reports and then having um the API that actually generates the dashboard they can take all of these events that we've logged and log them in and then where that then comes in is number two is how do we prioritize those logs right so how do we create visibility to logs that that um are have critical impacts and again as I mentioned earlier not all cves are high impact regard and also not all or low right so if you daisy chain a bunch of low cves together boom I've got a mission critical AP uh CPE that needs to be fixed now such as a credential moving to an NT box that's got a text file with a bunch of passwords on it that would be very bad um and then third would be uh verifying that you have all of the hosts so one of the things that splunk's not particularly great at and they'll literate themselves they don't do asset Discovery so dude what assets do we see and what are they logging from that um and then for from um for every event that they are able to identify one of the cool things that we can do is actually create this low code no code environment so they could let you know Splunk customers can use Splunk sword to actually triage events and prioritize that event so where they're being routed within it to optimize the Sox team time to Market or time to triage any given event obviously reducing MTR and then finally I think one of the neatest things that we'll be seeing us develop is um our ability to build glass cables so behind me you'll see one of our triage events and how we build uh a Lockheed Martin kill chain on that with a glass table which is very familiar to the community we're going to have the ability and not too distant future to allow people to search observe on those iocs and if people aren't familiar with it ioc it's an instant of a compromise so that's a vector that we want to drill into and of course who's better at Drilling in the data and smoke yeah this is a critter this is an awesome Synergy there I mean I can see a Splunk customer going man this just gives me so much more capability action actionability and also real understanding and I think this is what I want to dig into if you don't mind understanding that critical impact okay is kind of where I see this coming got the data data ingest now data's data but the question is what not to log you know where are things misconfigured these are critical questions so can you talk about what it means to understand critical impact yeah so I think you know going back to the things that I just spoke about a lot of those cves where you'll see um uh low low low and then you daisy chain together and they're suddenly like oh this is high now but then your other impact of like if you're if you're a Splunk customer you know and I had it I had several of them I had one customer that you know terabytes of McAfee data being brought in and it was like all right there's a lot of other data that you probably also want to bring but they could only afford wanted to do certain data sets because that's and they didn't know how to prioritize or filter those data sets and so we provide that opportunity to say hey these are the critical ones to bring in but there's also the ones that you don't necessarily need to bring in because low cve in this case really does mean low cve like an ILO server would be one that um that's the print server uh where the uh your admin credentials are on on like a printer and so there will be credentials on that that's something that a hacker might go in to look at so although the cve on it is low is if you daisy chain with somebody that's able to get into that you might say Ah that's high and we would then potentially rank it giving our AI logic to say that's a moderate so put it on the scale and we prioritize those versus uh of all of these scanners just going to give you a bunch of CDs and good luck and translating that if I if I can and tell me if I'm wrong that kind of speaks to that whole lateral movement that's it challenge right print serve a great example looks stupid low end who's going to want to deal with the print server oh but it's connected into a critical system there's a path is that kind of what you're getting at yeah I use Daisy Chain I think that's from the community they came from uh but it's just a lateral movement it's exactly what they're doing in those low level low critical lateral movements is where the hackers are getting in right so that's the beauty thing about the uh the Uber example is that who would have thought you know I've got my monthly Factor authentication going in a human made a mistake we can't we can't not expect humans to make mistakes we're fallible right the reality is is once they were in the environment they could have protected themselves by running enough pen tests to know that they had certain uh exposed credentials that would have stopped the breach and they did not had not done that in their environment and I'm not poking yeah but it's an interesting Trend though I mean it's obvious if sometimes those low end items are also not protected well so it's easy to get at from a hacker standpoint but also the people in charge of them can be fished easily or spearfished because they're not paying attention because they don't have to no one ever told them hey be careful yeah for the community that I came from John that's exactly how they they would uh meet you at a uh an International Event um introduce themselves as a graduate student these are National actor States uh would you mind reviewing my thesis on such and such and I was at Adobe at the time that I was working on this instead of having to get the PDF they opened the PDF and whoever that customer was launches and I don't know if you remember back in like 2008 time frame there was a lot of issues around IP being by a nation state being stolen from the United States and that's exactly how they did it and John that's or LinkedIn hey I want to get a joke we want to hire you double the salary oh I'm gonna click on that for sure you know yeah right exactly yeah the one thing I would say to you is like uh when we look at like sort of you know because I think we did 10 000 pen tests last year is it's probably over that now you know we have these sort of top 10 ways that we think and find people coming into the environment the funniest thing is that only one of them is a cve related vulnerability like uh you know you guys know what they are right so it's it but it's it's like two percent of the attacks are occurring through the cves but yeah there's all that attention spent to that and very little attention spent to this pen testing side which is sort of this continuous threat you know monitoring space and and this vulnerability space where I think we play a such an important role and I'm so excited to be a part of the tip of the spear on this one yeah I'm old enough to know the movie sneakers which I loved as a you know watching that movie you know professional hackers are testing testing always testing the environment I love this I got to ask you as we kind of wrap up here Chris if you don't mind the the benefits to Professional Services from this Alliance big news Splunk and you guys work well together we see that clearly what are what other benefits do Professional Services teams see from the Splunk and Horizon 3.ai Alliance so if you're I think for from our our from both of our uh Partners uh as we bring these guys together and many of them already are the same partner right uh is that uh first off the licensing model is probably one of the key areas that we really excel at so if you're an end user you can buy uh for the Enterprise by the number of IP addresses you're using um but uh if you're a partner working with this there's solution ways that you can go in and we'll license as to msps and what that business model on msps looks like but the unique thing that we do here is this C plus license and so the Consulting plus license allows like a uh somebody a small to mid-sized to some very large uh you know Fortune 100 uh consulting firms use this uh by buying into a license called um Consulting plus where they can have unlimited uh access to as many IPS as they want but you can only run one test at a time and as you can imagine when we're going and hacking passwords and um checking hashes and decrypting hashes that can take a while so but for the right customer it's it's a perfect tool and so I I'm so excited about our ability to go to market with uh our partners so that we understand ourselves understand how not to just sell to or not tell just to sell through but we know how to sell with them as a good vendor partner I think that that's one thing that we've done a really good job building bring it into the market yeah I think also the Splunk has had great success how they've enabled uh partners and Professional Services absolutely you know the services that layer on top of Splunk are multi-fold tons of great benefits so you guys Vector right into that ride that way with friction and and the cool thing is that in you know in one of our reports which could be totally customized uh with someone else's logo we're going to generate you know so I I used to work in another organization it wasn't Splunk but we we did uh you know pen testing as for for customers and my pen testers would come on site they'd do the engagement and they would leave and then another release someone would be oh shoot we got another sector that was breached and they'd call you back you know four weeks later and so by August our entire pen testings teams would be sold out and it would be like well even in March maybe and they're like no no I gotta breach now and and and then when they do go in they go through do the pen test and they hand over a PDF and they pack on the back and say there's where your problems are you need to fix it and the reality is that what we're going to generate completely autonomously with no human interaction is we're going to go and find all the permutations of anything we found and the fix for those permutations and then once you've fixed everything you just go back and run another pen test it's you know for what people pay for one pen test they can have a tool that does that every every Pat patch on Tuesday and that's on Wednesday you know triage throughout the week green yellow red I wanted to see the colors show me green green is good right not red and one CIO doesn't want who doesn't want that dashboard right it's it's exactly it and we can help bring I think that you know I'm really excited about helping drive this with the Splunk team because they get that they understand that it's the green yellow red dashboard and and how do we help them find more green uh so that the other guys are in red yeah and get in the data and do the right thing and be efficient with how you use the data know what to look at so many things to pay attention to you know the combination of both and then go to market strategy real brilliant congratulations Chris thanks for coming on and sharing um this news with the detail around the Splunk in action around the alliance thanks for sharing John my pleasure thanks look forward to seeing you soon all right great we'll follow up and do another segment on devops and I.T and security teams as the new new Ops but and super cloud a bunch of other stuff so thanks for coming on and our next segment the CEO of horizon 3.aa will break down all the new news for us here on thecube you're watching thecube the leader in high tech Enterprise coverage [Music] yeah the partner program for us has been fantastic you know I think prior to that you know as most organizations most uh uh most Farmers most mssps might not necessarily have a a bench at all for penetration testing uh maybe they subcontract this work out or maybe they do it themselves but trying to staff that kind of position can be incredibly difficult for us this was a differentiator a a new a new partner a new partnership that allowed us to uh not only perform services for our customers but be able to provide a product by which that they can do it themselves so we work with our customers in a variety of ways some of them want more routine testing and perform this themselves but we're also a certified service provider of horizon 3 being able to perform uh penetration tests uh help review the the data provide color provide analysis for our customers in a broader sense right not necessarily the the black and white elements of you know what was uh what's critical what's high what's medium what's low what you need to fix but are there systemic issues this has allowed us to onboard new customers this has allowed us to migrate some penetration testing services to us from from competitors in the marketplace But ultimately this is occurring because the the product and the outcome are special they're unique and they're effective our customers like what they're seeing they like the routineness of it many of them you know again like doing this themselves you know being able to kind of pen test themselves parts of their networks um and the the new use cases right I'm a large organization I have eight to ten Acquisitions per year wouldn't it be great to have a tool to be able to perform a penetration test both internal and external of that acquisition before we integrate the two companies and maybe bringing on some risk it's a very effective partnership uh one that really is uh kind of taken our our Engineers our account Executives by storm um you know this this is a a partnership that's been very valuable to us [Music] a key part of the value and business model at Horizon 3 is enabling Partners to leverage node zero to make more revenue for themselves our goal is that for sixty percent of our Revenue this year will be originated by partners and that 95 of our Revenue next year will be originated by partners and so a key to that strategy is making us an integral part of your business models as a partner a key quote from one of our partners is that we enable every one of their business units to generate Revenue so let's talk about that in a little bit more detail first is that if you have a pen test Consulting business take Deloitte as an example what was six weeks of human labor at Deloitte per pen test has been cut down to four days of Labor using node zero to conduct reconnaissance find all the juicy interesting areas of the of the Enterprise that are exploitable and being able to go assess the entire organization and then all of those details get served up to the human to be able to look at understand and determine where to probe deeper so what you see in that pen test Consulting business is that node zero becomes a force multiplier where those Consulting teams were able to cover way more accounts and way more IPS within those accounts with the same or fewer consultants and so that directly leads to profit margin expansion for the Penn testing business itself because node 0 is a force multiplier the second business model here is if you're an mssp as an mssp you're already making money providing defensive cyber security operations for a large volume of customers and so what they do is they'll license node zero and use us as an upsell to their mssb business to start to deliver either continuous red teaming continuous verification or purple teaming as a service and so in that particular business model they've got an additional line of Revenue where they can increase the spend of their existing customers by bolting on node 0 as a purple team as a service offering the third business model or customer type is if you're an I.T services provider so as an I.T services provider you make money installing and configuring security products like Splunk or crowdstrike or hemio you also make money reselling those products and you also make money generating follow-on services to continue to harden your customer environments and so for them what what those it service providers will do is use us to verify that they've installed Splunk correctly improved to their customer that Splunk was installed correctly or crowdstrike was installed correctly using our results and then use our results to drive follow-on services and revenue and then finally we've got the value-added reseller which is just a straight up reseller because of how fast our sales Cycles are these vars are able to typically go from cold email to deal close in six to eight weeks at Horizon 3 at least a single sales engineer is able to run 30 to 50 pocs concurrently because our pocs are very lightweight and don't require any on-prem customization or heavy pre-sales post sales activity so as a result we're able to have a few amount of sellers driving a lot of Revenue and volume for us well the same thing applies to bars there isn't a lot of effort to sell the product or prove its value so vars are able to sell a lot more Horizon 3 node zero product without having to build up a huge specialist sales organization so what I'm going to do is talk through uh scenario three here as an I.T service provider and just how powerful node zero can be in driving additional Revenue so in here think of for every one dollar of node zero license purchased by the IT service provider to do their business it'll generate ten dollars of additional revenue for that partner so in this example kidney group uses node 0 to verify that they have installed and deployed Splunk correctly so Kitty group is a Splunk partner they they sell it services to install configure deploy and maintain Splunk and as they deploy Splunk they're going to use node 0 to attack the environment and make sure that the right logs and alerts and monitoring are being handled within the Splunk deployment so it's a way of doing QA or verifying that Splunk has been configured correctly and that's going to be internally used by kidney group to prove the quality of their services that they've just delivered then what they're going to do is they're going to show and leave behind that node zero Report with their client and that creates a resell opportunity for for kidney group to resell node 0 to their client because their client is seeing the reports and the results and saying wow this is pretty amazing and those reports can be co-branded where it's a pen testing report branded with kidney group but it says powered by Horizon three under it from there kidney group is able to take the fixed actions report that's automatically generated with every pen test through node zero and they're able to use that as the starting point for a statement of work to sell follow-on services to fix all of the problems that node zero identified fixing l11r misconfigurations fixing or patching VMware or updating credentials policies and so on so what happens is node 0 has found a bunch of problems the client often lacks the capacity to fix and so kidney group can use that lack of capacity by the client as a follow-on sales opportunity for follow-on services and finally based on the findings from node zero kidney group can look at that report and say to the customer you know customer if you bought crowdstrike you'd be able to uh prevent node Zero from attacking and succeeding in the way that it did for if you bought humano or if you bought Palo Alto networks or if you bought uh some privileged access management solution because of what node 0 was able to do with credential harvesting and attacks and so as a result kidney group is able to resell other security products within their portfolio crowdstrike Falcon humano Polito networks demisto Phantom and so on based on the gaps that were identified by node zero and that pen test and what that creates is another feedback loop where kidney group will then go use node 0 to verify that crowdstrike product has actually been installed and configured correctly and then this becomes the cycle of using node 0 to verify a deployment using that verification to drive a bunch of follow-on services and resell opportunities which then further drives more usage of the product now the way that we licensed is that it's a usage-based license licensing model so that the partner will grow their node zero Consulting plus license as they grow their business so for example if you're a kidney group then week one you've got you're going to use node zero to verify your Splunk install in week two if you have a pen testing business you're going to go off and use node zero to be a force multiplier for your pen testing uh client opportunity and then if you have an mssp business then in week three you're going to use node zero to go execute a purple team mssp offering for your clients so not necessarily a kidney group but if you're a Deloitte or ATT these larger companies and you've got multiple lines of business if you're Optive for instance you all you have to do is buy one Consulting plus license and you're going to be able to run as many pen tests as you want sequentially so now you can buy a single license and use that one license to meet your week one client commitments and then meet your week two and then meet your week three and as you grow your business you start to run multiple pen tests concurrently so in week one you've got to do a Splunk verify uh verify Splunk install and you've got to run a pen test and you've got to do a purple team opportunity you just simply expand the number of Consulting plus licenses from one license to three licenses and so now as you systematically grow your business you're able to grow your node zero capacity with you giving you predictable cogs predictable margins and once again 10x additional Revenue opportunity for that investment in the node zero Consulting plus license my name is Saint I'm the co-founder and CEO here at Horizon 3. I'm going to talk to you today about why it's important to look at your Enterprise Through The Eyes of an attacker the challenge I had when I was a CIO in banking the CTO at Splunk and serving within the Department of Defense is that I had no idea I was Secure until the bad guys had showed up am I logging the right data am I fixing the right vulnerabilities are my security tools that I've paid millions of dollars for actually working together to defend me and the answer is I don't know does my team actually know how to respond to a breach in the middle of an incident I don't know I've got to wait for the bad guys to show up and so the challenge I had was how do we proactively verify our security posture I tried a variety of techniques the first was the use of vulnerability scanners and the challenge with vulnerability scanners is being vulnerable doesn't mean you're exploitable I might have a hundred thousand findings from my scanner of which maybe five or ten can actually be exploited in my environment the other big problem with scanners is that they can't chain weaknesses together from machine to machine so if you've got a thousand machines in your environment or more what a vulnerability scanner will do is tell you you have a problem on machine one and separately a problem on machine two but what they can tell you is that an attacker could use a load from machine one plus a low from machine two to equal to critical in your environment and what attackers do in their tactics is they chain together misconfigurations dangerous product defaults harvested credentials and exploitable vulnerabilities into attack paths across different machines so to address the attack pads across different machines I tried layering in consulting-based pen testing and the issue is when you've got thousands of hosts or hundreds of thousands of hosts in your environment human-based pen testing simply doesn't scale to test an infrastructure of that size moreover when they actually do execute a pen test and you get the report oftentimes you lack the expertise within your team to quickly retest to verify that you've actually fixed the problem and so what happens is you end up with these pen test reports that are incomplete snapshots and quickly going stale and then to mitigate that problem I tried using breach and attack simulation tools and the struggle with these tools is one I had to install credentialed agents everywhere two I had to write my own custom attack scripts that I didn't have much talent for but also I had to maintain as my environment changed and then three these types of tools were not safe to run against production systems which was the the majority of my attack surface so that's why we went off to start Horizon 3. so Tony and I met when we were in Special Operations together and the challenge we wanted to solve was how do we do infrastructure security testing at scale by giving the the power of a 20-year pen testing veteran into the hands of an I.T admin a network engineer in just three clicks and the whole idea is we enable these fixers The Blue Team to be able to run node Zero Hour pen testing product to quickly find problems in their environment that blue team will then then go off and fix the issues that were found and then they can quickly rerun the attack to verify that they fixed the problem and the whole idea is delivering this without requiring custom scripts be developed without requiring credential agents be installed and without requiring the use of external third-party consulting services or Professional Services self-service pen testing to quickly Drive find fix verify there are three primary use cases that our customers use us for the first is the sock manager that uses us to verify that their security tools are actually effective to verify that they're logging the right data in Splunk or in their Sim to verify that their managed security services provider is able to quickly detect and respond to an attack and hold them accountable for their slas or that the sock understands how to quickly detect and respond and measuring and verifying that or that the variety of tools that you have in your stack most organizations have 130 plus cyber security tools none of which are designed to work together are actually working together the second primary use case is proactively hardening and verifying your systems this is when the I that it admin that network engineer they're able to run self-service pen tests to verify that their Cisco environment is installed in hardened and configured correctly or that their credential policies are set up right or that their vcenter or web sphere or kubernetes environments are actually designed to be secure and what this allows the it admins and network Engineers to do is shift from running one or two pen tests a year to 30 40 or more pen tests a month and you can actually wire those pen tests into your devops process or into your detection engineering and the change management processes to automatically trigger pen tests every time there's a change in your environment the third primary use case is for those organizations lucky enough to have their own internal red team they'll use node zero to do reconnaissance and exploitation at scale and then use the output as a starting point for the humans to step in and focus on the really hard juicy stuff that gets them on stage at Defcon and so these are the three primary use cases and what we'll do is zoom into the find fix verify Loop because what I've found in my experience is find fix verify is the future operating model for cyber security organizations and what I mean here is in the find using continuous pen testing what you want to enable is on-demand self-service pen tests you want those pen tests to find attack pads at scale spanning your on-prem infrastructure your Cloud infrastructure and your perimeter because attackers don't only state in one place they will find ways to chain together a perimeter breach a credential from your on-prem to gain access to your cloud or some other permutation and then the third part in continuous pen testing is attackers don't focus on critical vulnerabilities anymore they know we've built vulnerability Management Programs to reduce those vulnerabilities so attackers have adapted and what they do is chain together misconfigurations in your infrastructure and software and applications with dangerous product defaults with exploitable vulnerabilities and through the collection of credentials through a mix of techniques at scale once you've found those problems the next question is what do you do about it well you want to be able to prioritize fixing problems that are actually exploitable in your environment that truly matter meaning they're going to lead to domain compromise or domain user compromise or access your sensitive data the second thing you want to fix is making sure you understand what risk your crown jewels data is exposed to where is your crown jewels data is in the cloud is it on-prem has it been copied to a share drive that you weren't aware of if a domain user was compromised could they access that crown jewels data you want to be able to use the attacker's perspective to secure the critical data you have in your infrastructure and then finally as you fix these problems you want to quickly remediate and retest that you've actually fixed the issue and this fine fix verify cycle becomes that accelerator that drives purple team culture the third part here is verify and what you want to be able to do in the verify step is verify that your security tools and processes in people can effectively detect and respond to a breach you want to be able to integrate that into your detection engineering processes so that you know you're catching the right security rules or that you've deployed the right configurations you also want to make sure that your environment is adhering to the best practices around systems hardening in cyber resilience and finally you want to be able to prove your security posture over a time to your board to your leadership into your regulators so what I'll do now is zoom into each of these three steps so when we zoom in to find here's the first example using node 0 and autonomous pen testing and what an attacker will do is find a way to break through the perimeter in this example it's very easy to misconfigure kubernetes to allow an attacker to gain remote code execution into your on-prem kubernetes environment and break through the perimeter and from there what the attacker is going to do is conduct Network reconnaissance and then find ways to gain code execution on other machines in the environment and as they get code execution they start to dump credentials collect a bunch of ntlm hashes crack those hashes using open source and dark web available data as part of those attacks and then reuse those credentials to log in and laterally maneuver throughout the environment and then as they loudly maneuver they can reuse those credentials and use credential spraying techniques and so on to compromise your business email to log in as admin into your cloud and this is a very common attack and rarely is a CV actually needed to execute this attack often it's just a misconfiguration in kubernetes with a bad credential policy or password policy combined with bad practices of credential reuse across the organization here's another example of an internal pen test and this is from an actual customer they had 5 000 hosts within their environment they had EDR and uba tools installed and they initiated in an internal pen test on a single machine from that single initial access point node zero enumerated the network conducted reconnaissance and found five thousand hosts were accessible what node 0 will do under the covers is organize all of that reconnaissance data into a knowledge graph that we call the Cyber terrain map and that cyber Terrain map becomes the key data structure that we use to efficiently maneuver and attack and compromise your environment so what node zero will do is they'll try to find ways to get code execution reuse credentials and so on in this customer example they had Fortinet installed as their EDR but node 0 was still able to get code execution on a Windows machine from there it was able to successfully dump credentials including sensitive credentials from the lsas process on the Windows box and then reuse those credentials to log in as domain admin in the network and once an attacker becomes domain admin they have the keys to the kingdom they can do anything they want so what happened here well it turns out Fortinet was misconfigured on three out of 5000 machines bad automation the customer had no idea this had happened they would have had to wait for an attacker to show up to realize that it was misconfigured the second thing is well why didn't Fortinet stop the credential pivot in the lateral movement and it turned out the customer didn't buy the right modules or turn on the right services within that particular product and we see this not only with Ford in it but we see this with Trend Micro and all the other defensive tools where it's very easy to miss a checkbox in the configuration that will do things like prevent credential dumping the next story I'll tell you is attackers don't have to hack in they log in so another infrastructure pen test a typical technique attackers will take is man in the middle uh attacks that will collect hashes so in this case what an attacker will do is leverage a tool or technique called responder to collect ntlm hashes that are being passed around the network and there's a variety of reasons why these hashes are passed around and it's a pretty common misconfiguration but as an attacker collects those hashes then they start to apply techniques to crack those hashes so they'll pass the hash and from there they will use open source intelligence common password structures and patterns and other types of techniques to try to crack those hashes into clear text passwords so here node 0 automatically collected hashes it automatically passed the hashes to crack those credentials and then from there it starts to take the domain user user ID passwords that it's collected and tries to access different services and systems in your Enterprise in this case node 0 is able to successfully gain access to the Office 365 email environment because three employees didn't have MFA configured so now what happens is node 0 has a placement and access in the business email system which sets up the conditions for fraud lateral phishing and other techniques but what's especially insightful here is that 80 of the hashes that were collected in this pen test were cracked in 15 minutes or less 80 percent 26 of the user accounts had a password that followed a pretty obvious pattern first initial last initial and four random digits the other thing that was interesting is 10 percent of service accounts had their user ID the same as their password so VMware admin VMware admin web sphere admin web Square admin so on and so forth and so attackers don't have to hack in they just log in with credentials that they've collected the next story here is becoming WS AWS admin so in this example once again internal pen test node zero gets initial access it discovers 2 000 hosts are network reachable from that environment if fingerprints and organizes all of that data into a cyber Terrain map from there it it fingerprints that hpilo the integrated lights out service was running on a subset of hosts hpilo is a service that is often not instrumented or observed by security teams nor is it easy to patch as a result attackers know this and immediately go after those types of services so in this case that ILO service was exploitable and were able to get code execution on it ILO stores all the user IDs and passwords in clear text in a particular set of processes so once we gain code execution we were able to dump all of the credentials and then from there laterally maneuver to log in to the windows box next door as admin and then on that admin box we're able to gain access to the share drives and we found a credentials file saved on a share Drive from there it turned out that credentials file was the AWS admin credentials file giving us full admin authority to their AWS accounts not a single security alert was triggered in this attack because the customer wasn't observing the ILO service and every step thereafter was a valid login in the environment and so what do you do step one patch the server step two delete the credentials file from the share drive and then step three is get better instrumentation on privileged access users and login the final story I'll tell is a typical pattern that we see across the board with that combines the various techniques I've described together where an attacker is going to go off and use open source intelligence to find all of the employees that work at your company from there they're going to look up those employees on dark web breach databases and other forms of information and then use that as a starting point to password spray to compromise a domain user all it takes is one employee to reuse a breached password for their Corporate email or all it takes is a single employee to have a weak password that's easily guessable all it takes is one and once the attacker is able to gain domain user access in most shops domain user is also the local admin on their laptop and once your local admin you can dump Sam and get local admin until M hashes you can use that to reuse credentials again local admin on neighboring machines and attackers will start to rinse and repeat then eventually they're able to get to a point where they can dump lsas or by unhooking the anti-virus defeating the EDR or finding a misconfigured EDR as we've talked about earlier to compromise the domain and what's consistent is that the fundamentals are broken at these shops they have poor password policies they don't have least access privilege implemented active directory groups are too permissive where domain admin or domain user is also the local admin uh AV or EDR Solutions are misconfigured or easily unhooked and so on and what we found in 10 000 pen tests is that user Behavior analytics tools never caught us in that lateral movement in part because those tools require pristine logging data in order to work and also it becomes very difficult to find that Baseline of normal usage versus abnormal usage of credential login another interesting Insight is there were several Marquee brand name mssps that were defending our customers environment and for them it took seven hours to detect and respond to the pen test seven hours the pen test was over in less than two hours and so what you had was an egregious violation of the service level agreements that that mssp had in place and the customer was able to use us to get service credit and drive accountability of their sock and of their provider the third interesting thing is in one case it took us seven minutes to become domain admin in a bank that bank had every Gucci security tool you could buy yet in 7 minutes and 19 seconds node zero started as an unauthenticated member of the network and was able to escalate privileges through chaining and misconfigurations in lateral movement and so on to become domain admin if it's seven minutes today we should assume it'll be less than a minute a year or two from now making it very difficult for humans to be able to detect and respond to that type of Blitzkrieg attack so that's in the find it's not just about finding problems though the bulk of the effort should be what to do about it the fix and the verify so as you find those problems back to kubernetes as an example we will show you the path here is the kill chain we took to compromise that environment we'll show you the impact here is the impact or here's the the proof of exploitation that we were able to use to be able to compromise it and there's the actual command that we executed so you could copy and paste that command and compromise that cubelet yourself if you want and then the impact is we got code execution and we'll actually show you here is the impact this is a critical here's why it enabled perimeter breach affected applications will tell you the specific IPS where you've got the problem how it maps to the miter attack framework and then we'll tell you exactly how to fix it we'll also show you what this problem enabled so you can accurately prioritize why this is important or why it's not important the next part is accurate prioritization the hardest part of my job as a CIO was deciding what not to fix so if you take SMB signing not required as an example by default that CVSs score is a one out of 10. but this misconfiguration is not a cve it's a misconfig enable an attacker to gain access to 19 credentials including one domain admin two local admins and access to a ton of data because of that context this is really a 10 out of 10. you better fix this as soon as possible however of the seven occurrences that we found it's only a critical in three out of the seven and these are the three specific machines and we'll tell you the exact way to fix it and you better fix these as soon as possible for these four machines over here these didn't allow us to do anything of consequence so that because the hardest part is deciding what not to fix you can justifiably choose not to fix these four issues right now and just add them to your backlog and surge your team to fix these three as quickly as possible and then once you fix these three you don't have to re-run the entire pen test you can select these three and then one click verify and run a very narrowly scoped pen test that is only testing this specific issue and what that creates is a much faster cycle of finding and fixing problems the other part of fixing is verifying that you don't have sensitive data at risk so once we become a domain user we're able to use those domain user credentials and try to gain access to databases file shares S3 buckets git repos and so on and help you understand what sensitive data you have at risk so in this example a green checkbox means we logged in as a valid domain user we're able to get read write access on the database this is how many records we could have accessed and we don't actually look at the values in the database but we'll show you the schema so you can quickly characterize that pii data was at risk here and we'll do that for your file shares and other sources of data so now you can accurately articulate the data you have at risk and prioritize cleaning that data up especially data that will lead to a fine or a big news issue so that's the find that's the fix now we're going to talk about the verify the key part in verify is embracing and integrating with detection engineering practices so when you think about your layers of security tools you've got lots of tools in place on average 130 tools at any given customer but these tools were not designed to work together so when you run a pen test what you want to do is say did you detect us did you log us did you alert on us did you stop us and from there what you want to see is okay what are the techniques that are commonly used to defeat an environment to actually compromise if you look at the top 10 techniques we use and there's far more than just these 10 but these are the most often executed nine out of ten have nothing to do with cves it has to do with misconfigurations dangerous product defaults bad credential policies and it's how we chain those together to become a domain admin or compromise a host so what what customers will do is every single attacker command we executed is provided to you as an attackivity log so you can actually see every single attacker command we ran the time stamp it was executed the hosts it executed on and how it Maps the minor attack tactics so our customers will have are these attacker logs on one screen and then they'll go look into Splunk or exabeam or Sentinel one or crowdstrike and say did you detect us did you log us did you alert on us or not and to make that even easier if you take this example hey Splunk what logs did you see at this time on the VMware host because that's when node 0 is able to dump credentials and that allows you to identify and fix your logging blind spots to make that easier we've got app integration so this is an actual Splunk app in the Splunk App Store and what you can come is inside the Splunk console itself you can fire up the Horizon 3 node 0 app all of the pen test results are here so that you can see all of the results in one place and you don't have to jump out of the tool and what you'll show you as I skip forward is hey there's a pen test here are the critical issues that we've identified for that weaker default issue here are the exact commands we executed and then we will automatically query into Splunk all all terms on between these times on that endpoint that relate to this attack so you can now quickly within the Splunk environment itself figure out that you're missing logs or that you're appropriately catching this issue and that becomes incredibly important in that detection engineering cycle that I mentioned earlier so how do our customers end up using us they shift from running one pen test a year to 30 40 pen tests a month oftentimes wiring us into their deployment automation to automatically run pen tests the other part that they'll do is as they run more pen tests they find more issues but eventually they hit this inflection point where they're able to rapidly clean up their environment and that inflection point is because the red and the blue teams start working together in a purple team culture and now they're working together to proactively harden their environment the other thing our customers will do is run us from different perspectives they'll first start running an RFC 1918 scope to see once the attacker gained initial access in a part of the network that had wide access what could they do and then from there they'll run us within a specific Network segment okay from within that segment could the attacker break out and gain access to another segment then they'll run us from their work from home environment could they Traverse the VPN and do something damaging and once they're in could they Traverse the VPN and get into my cloud then they'll break in from the outside all of these perspectives are available to you in Horizon 3 and node zero as a single SKU and you can run as many pen tests as you want if you run a phishing campaign and find that an intern in the finance department had the worst phishing behavior you can then inject their credentials and actually show the end-to-end story of how an attacker fished gained credentials of an intern and use that to gain access to sensitive financial data so what our customers end up doing is running multiple attacks from multiple perspectives and looking at those results over time I'll leave you two things one is what is the AI in Horizon 3 AI those knowledge graphs are the heart and soul of everything that we do and we use machine learning reinforcement techniques reinforcement learning techniques Markov decision models and so on to be able to efficiently maneuver and analyze the paths in those really large graphs we also use context-based scoring to prioritize weaknesses and we're also able to drive collective intelligence across all of the operations so the more pen tests we run the smarter we get and all of that is based on our knowledge graph analytics infrastructure that we have finally I'll leave you with this was my decision criteria when I was a buyer for my security testing strategy what I cared about was coverage I wanted to be able to assess my on-prem cloud perimeter and work from home and be safe to run in production I want to be able to do that as often as I wanted I want to be able to run pen tests in hours or days not weeks or months so I could accelerate that fine fix verify loop I wanted my it admins and network Engineers with limited offensive experience to be able to run a pen test in a few clicks through a self-service experience and not have to install agent and not have to write custom scripts and finally I didn't want to get nickeled and dimed on having to buy different types of attack modules or different types of attacks I wanted a single annual subscription that allowed me to run any type of attack as often as I wanted so I could look at my Trends in directions over time so I hope you found this talk valuable uh we're easy to find and I look forward to seeing seeing you use a product and letting our results do the talking when you look at uh you know kind of the way no our pen testing algorithms work is we dynamically select uh how to compromise an environment based on what we've discovered and the goal is to become a domain admin compromise a host compromise domain users find ways to encrypt data steal sensitive data and so on but when you look at the the top 10 techniques that we ended up uh using to compromise environments the first nine have nothing to do with cves and that's the reality cves are yes a vector but less than two percent of cves are actually used in a compromise oftentimes it's some sort of credential collection credential cracking uh credential pivoting and using that to become an admin and then uh compromising environments from that point on so I'll leave this up for you to kind of read through and you'll have the slides available for you but I found it very insightful that organizations and ourselves when I was a GE included invested heavily in just standard vulnerability Management Programs when I was at DOD that's all disa cared about asking us about was our our kind of our cve posture but the attackers have adapted to not rely on cves to get in because they know that organizations are actively looking at and patching those cves and instead they're chaining together credentials from one place with misconfigurations and dangerous product defaults in another to take over an environment a concrete example is by default vcenter backups are not encrypted and so as if an attacker finds vcenter what they'll do is find the backup location and there are specific V sender MTD files where the admin credentials are parsippled in the binaries so you can actually as an attacker find the right MTD file parse out the binary and now you've got the admin credentials for the vcenter environment and now start to log in as admin there's a bad habit by signal officers and Signal practitioners in the in the Army and elsewhere where the the VM notes section of a virtual image has the password for the VM well those VM notes are not stored encrypted and attackers know this and they're able to go off and find the VMS that are unencrypted find the note section and pull out the passwords for those images and then reuse those credentials across the board so I'll pause here and uh you know Patrick love you get some some commentary on on these techniques and other things that you've seen and what we'll do in the last say 10 to 15 minutes is uh is rolled through a little bit more on what do you do about it yeah yeah no I love it I think um I think this is pretty exhaustive what I like about what you've done here is uh you know we've seen we've seen double-digit increases in the number of organizations that are reporting actual breaches year over year for the last um for the last three years and it's often we kind of in the Zeitgeist we pegged that on ransomware which of course is like incredibly important and very top of mind um but what I like about what you have here is you know we're reminding the audience that the the attack surface area the vectors the matter um you know has to be more comprehensive than just thinking about ransomware scenarios yeah right on um so let's build on this when you think about your defense in depth you've got multiple security controls that you've purchased and integrated and you've got that redundancy if a control fails but the reality is that these security tools aren't designed to work together so when you run a pen test what you want to ask yourself is did you detect node zero did you log node zero did you alert on node zero and did you stop node zero and when you think about how to do that every single attacker command executed by node zero is available in an attacker log so you can now see you know at the bottom here vcenter um exploit at that time on that IP how it aligns to minor attack what you want to be able to do is go figure out did your security tools catch this or not and that becomes very important in using the attacker's perspective to improve your defensive security controls and so the way we've tried to make this easier back to like my my my the you know I bleed Green in many ways still from my smoke background is you want to be able to and what our customers do is hey we'll look at the attacker logs on one screen and they'll look at what did Splunk see or Miss in another screen and then they'll use that to figure out what their logging blind spots are and what that where that becomes really interesting is we've actually built out an integration into Splunk where there's a Splunk app you can download off of Splunk base and you'll get all of the pen test results right there in the Splunk console and from that Splunk console you're gonna be able to see these are all the pen tests that were run these are the issues that were found um so you can look at that particular pen test here are all of the weaknesses that were identified for that particular pen test and how they categorize out for each of those weaknesses you can click on any one of them that are critical in this case and then we'll tell you for that weakness and this is where where the the punch line comes in so I'll pause the video here for that weakness these are the commands that were executed on these endpoints at this time and then we'll actually query Splunk for that um for that IP address or containing that IP and these are the source types that surface any sort of activity so what we try to do is help you as quickly and efficiently as possible identify the logging blind spots in your Splunk environment based on the attacker's perspective so as this video kind of plays through you can see it Patrick I'd love to get your thoughts um just seeing so many Splunk deployments and the effectiveness of those deployments and and how this is going to help really Elevate the effectiveness of all of your Splunk customers yeah I'm super excited about this I mean I think this these kinds of purpose-built integration snail really move the needle for our customers I mean at the end of the day when I think about the power of Splunk I think about a product I was first introduced to 12 years ago that was an on-prem piece of software you know and at the time it sold on sort of Perpetual and term licenses but one made it special was that it could it could it could eat data at a speed that nothing else that I'd have ever seen you can ingest massively scalable amounts of data uh did cool things like schema on read which facilitated that there was this language called SPL that you could nerd out about uh and you went to a conference once a year and you talked about all the cool things you were splunking right but now as we think about the next phase of our growth um we live in a heterogeneous environment where our customers have so many different tools and data sources that are ever expanding and as you look at the as you look at the role of the ciso it's mind-blowing to me the amount of sources Services apps that are coming into the ciso span of let's just call it a span of influence in the last three years uh you know we're seeing things like infrastructure service level visibility application performance monitoring stuff that just never made sense for the security team to have visibility into you um at least not at the size and scale which we're demanding today um and and that's different and this isn't this is why it's so important that we have these joint purpose-built Integrations that um really provide more prescription to our customers about how do they walk on that Journey towards maturity what does zero to one look like what does one to two look like whereas you know 10 years ago customers were happy with platforms today they want integration they want Solutions and they want to drive outcomes and I think this is a great example of how together we are stepping to the evolving nature of the market and also the ever-evolving nature of the threat landscape and what I would say is the maturing needs of the customer in that environment yeah for sure I think especially if if we all anticipate budget pressure over the next 18 months due to the economy and elsewhere while the security budgets are not going to ever I don't think they're going to get cut they're not going to grow as fast and there's a lot more pressure on organizations to extract more value from their existing Investments as well as extracting more value and more impact from their existing teams and so security Effectiveness Fierce prioritization and automation I think become the three key themes of security uh over the next 18 months so I'll do very quickly is run through a few other use cases um every host that we identified in the pen test were able to score and say this host allowed us to do something significant therefore it's it's really critical you should be increasing your logging here hey these hosts down here we couldn't really do anything as an attacker so if you do have to make trade-offs you can make some trade-offs of your logging resolution at the lower end in order to increase logging resolution on the upper end so you've got that level of of um justification for where to increase or or adjust your logging resolution another example is every host we've discovered as an attacker we Expose and you can export and we want to make sure is every host we found as an attacker is being ingested from a Splunk standpoint a big issue I had as a CIO and user of Splunk and other tools is I had no idea if there were Rogue Raspberry Pi's on the network or if a new box was installed and whether Splunk was installed on it or not so now you can quickly start to correlate what hosts did we see and how does that reconcile with what you're logging from uh finally or second to last use case here on the Splunk integration side is for every single problem we've found we give multiple options for how to fix it this becomes a great way to prioritize what fixed actions to automate in your soar platform and what we want to get to eventually is being able to automatically trigger soar actions to fix well-known problems like automatically invalidating passwords for for poor poor passwords in our credentials amongst a whole bunch of other things we could go off and do and then finally if there is a well-known kill chain or attack path one of the things I really wish I could have done when I was a Splunk customer was take this type of kill chain that actually shows a path to domain admin that I'm sincerely worried about and use it as a glass table over which I could start to layer possible indicators of compromise and now you've got a great starting point for glass tables and iocs for actual kill chains that we know are exploitable in your environment and that becomes some super cool Integrations that we've got on the roadmap between us and the Splunk security side of the house so what I'll leave with actually Patrick before I do that you know um love to get your comments and then I'll I'll kind of leave with one last slide on this wartime security mindset uh pending you know assuming there's no other questions no I love it I mean I think this kind of um it's kind of glass table's approach to how do you how do you sort of visualize these workflows and then use things like sore and orchestration and automation to operationalize them is exactly where we see all of our customers going and getting away from I think an over engineered approach to soar with where it has to be super technical heavy with you know python programmers and getting more to this visual view of workflow creation um that really demystifies the power of Automation and also democratizes it so you don't have to have these programming languages in your resume in order to start really moving the needle on workflow creation policy enforcement and ultimately driving automation coverage across more and more of the workflows that your team is seeing yeah I think that between us being able to visualize the actual kill chain or attack path with you know think of a of uh the soar Market I think going towards this no code low code um you know configurable sore versus coded sore that's going to really be a game changer in improve or giving security teams a force multiplier so what I'll leave you with is this peacetime mindset of security no longer is sustainable we really have to get out of checking the box and then waiting for the bad guys to show up to verify that security tools are are working or not and the reason why we've got to really do that quickly is there are over a thousand companies that withdrew from the Russian economy over the past uh nine months due to the Ukrainian War there you should expect every one of them to be punished by the Russians for leaving and punished from a cyber standpoint and this is no longer about financial extortion that is ransomware this is about punishing and destroying companies and you can punish any one of these companies by going after them directly or by going after their suppliers and their Distributors so suddenly your attack surface is no more no longer just your own Enterprise it's how you bring your goods to Market and it's how you get your goods created because while I may not be able to disrupt your ability to harvest fruit if I can get those trucks stuck at the border I can increase spoilage and have the same effect and what we should expect to see is this idea of cyber-enabled economic Warfare where if we issue a sanction like Banning the Russians from traveling there is a cyber-enabled counter punch which is corrupt and destroy the American Airlines database that is below the threshold of War that's not going to trigger the 82nd Airborne to be mobilized but it's going to achieve the right effect ban the sale of luxury goods disrupt the supply chain and create shortages banned Russian oil and gas attack refineries to call a 10x spike in gas prices three days before the election this is the future and therefore I think what we have to do is shift towards a wartime mindset which is don't trust your security posture verify it see yourself Through The Eyes of the attacker build that incident response muscle memory and drive better collaboration between the red and the blue teams your suppliers and Distributors and your information uh sharing organization they have in place and what's really valuable for me as a Splunk customer was when a router crashes at that moment you don't know if it's due to an I.T Administration problem or an attacker and what you want to have are different people asking different questions of the same data and you want to have that integrated triage process of an I.T lens to that problem a security lens to that problem and then from there figuring out is is this an IT workflow to execute or a security incident to execute and you want to have all of that as an integrated team integrated process integrated technology stack and this is something that I very care I cared very deeply about as both a Splunk customer and a Splunk CTO that I see time and time again across the board so Patrick I'll leave you with the last word the final three minutes here and I don't see any open questions so please take us home oh man see how you think we spent hours and hours prepping for this together that that last uh uh 40 seconds of your talk track is probably one of the things I'm most passionate about in this industry right now uh and I think nist has done some really interesting work here around building cyber resilient organizations that have that has really I think helped help the industry see that um incidents can come from adverse conditions you know stress is uh uh performance taxations in the infrastructure service or app layer and they can come from malicious compromises uh Insider threats external threat actors and the more that we look at this from the perspective of of a broader cyber resilience Mission uh in a wartime mindset uh I I think we're going to be much better off and and will you talk about with operationally minded ice hacks information sharing intelligence sharing becomes so important in these wartime uh um situations and you know we know not all ice acts are created equal but we're also seeing a lot of um more ad hoc information sharing groups popping up so look I think I think you framed it really really well I love the concept of wartime mindset and um I I like the idea of applying a cyber resilience lens like if you have one more layer on top of that bottom right cake you know I think the it lens and the security lens they roll up to this concept of cyber resilience and I think this has done some great work there for us yeah you're you're spot on and that that is app and that's gonna I think be the the next um terrain that that uh that you're gonna see vendors try to get after but that I think Splunk is best position to win okay that's a wrap for this special Cube presentation you heard all about the global expansion of horizon 3.ai's partner program for their Partners have a unique opportunity to take advantage of their node zero product uh International go to Market expansion North America channel Partnerships and just overall relationships with companies like Splunk to make things more comprehensive in this disruptive cyber security world we live in and hope you enjoyed this program all the videos are available on thecube.net as well as check out Horizon 3 dot AI for their pen test Automation and ultimately their defense system that they use for testing always the environment that you're in great Innovative product and I hope you enjoyed the program again I'm John Furrier host of the cube thanks for watching

(upbeat music) >> Hello, welcome to this CUBE conversation I'm John Furrier your host here in theCUBE in Palo Alto, California, featuring Cribl a hot startup taking over the enterprise when it comes to data pipelining, and we have a CUBE alumni who's the co-founder and CEO, Clint Sharp. Clint, great to see you again, you've been on theCUBE, you were on in 2013, great to see you, congratulations on the company that you co-founded, and leading as the chief executive officer over $200 million in funding, doing this really strong in the enterprise, congratulations thanks for joining us. >> Hey, thanks John it's really great to be back. >> You know, remember our first conversation the big data wave coming in, Hadoop World 2010, now the cloud comes in, and really the cloud native really takes data to a whole nother level. You've seeing the old data architectures being replaced with cloud scale. So the data landscape is interesting. You know, Data as Code you're hearing that term, data engineering teams are out there, data is everywhere, it's now part of how developers and companies are getting value whether it's real time, or coming out of data lakes, data is more pervasive than ever. Observability is a hot area, there's a zillion companies doing it, what are you guys doing? Where do you fit in the data landscape? >> Yeah, so what I say is that Cribl and our products and we solve the problem for our customers of the fundamental tension between data growth and budget. And so if you look at IDCs data data's growing at a 25%, CAGR, you're going to have two and a half times the amount of data in five years that you have today, and I talk to a lot of CIOs, I talk to a lot of CISOs, and the thing that I hear repeatedly is my budget is not growing at a 25% CAGR so fundamentally, how do I resolve this tension? We sell very specifically into the observability in security markets, we sell to technology professionals who are operating, you know, observability in security platforms like Splunk, or Elasticsearch, or Datadog, Exabeam, like these types of platforms they're moving, protocols like syslog, they're moving, they have lots of agents deployed on every endpoint and they're trying to figure out how to get the right data to the right place, and fundamentally you know, control cost. And we do that through our product called Stream which is what we call an observability pipeline. It allows you to take all this data, manipulate it in the stream and get it to the right place and fundamentally be able to connect all those things that maybe weren't originally intended to be connected. >> So I want to get into that new architecture if you don't mind, but let me first ask you on the problem space that you're in. So cloud native obviously instrumentating, instrumenting everything is a key thing. You mentioned data got all these tools, is the problem that there's been a sprawl of things being instrumented and they have to bring it together, or it's too costly to run all these point solutions and get it to work? What's the problem space that you're in? >> So I think customers have always been forced to make trade offs John. So the, hey I have volumes and volumes and volumes of data that's relevant to securing my enterprise, that's relevant to observing and understanding the behavior of my applications but there's never been an approach that allows me to really onboard all of that data. And so where we're coming at is giving them the tools to be able to, you know, filter out noise and waste, to be able to, you know, aggregate this high fidelity telemetry data. There's a lot of growing changes, you talk about cloud native, but digital transformation, you know, the pandemic itself and remote work all these are driving significantly greater data volumes, and vendors unsurprisingly haven't really been all that aligned to giving customers the tools in order to reshape that data, to filter out noise and waste because, you know, for many of them they're incentivized to get as much data into their platform as possible, whether that's aligned to the customer's interests or not. And so we saw an opportunity to come out and fundamentally as a customers-first company give them the tools that they need, in order to take back control of their data. >> I remember those conversations even going back six years ago the whole cloud scale, horizontally scalable applications, you're starting to see data now being stuck in the silos now to have high, good data you have to be observable, which means you got to be addressable. So you now have to have a horizontal data plane if you will. But then you get to the question of, okay, what data do I need at the right time? So is the Data as Code, data engineering discipline changing what new architectures are needed? What changes in the mind of the customer once they realize that they need this new way to pipe data and route data around, or make it available for certain applications? What are the key new changes? >> Yeah, so I think one of the things that we've been seeing in addition to the advent of the observability pipeline that allows you to connect all the things, is also the advent of an observability lake as well. Which is allowing people to store massively greater quantities of data, and also different types of data. So data that might not traditionally fit into a data warehouse, or might not traditionally fit into a data lake architecture, things like deployment artifacts, or things like packet captures. These are binary types of data that, you know, it's not designed to work in a database but yet they want to be able to ask questions like, hey, during the Log4Shell vulnerability, one of all my deployment artifacts actually had Log4j in it in an affected version. These are hard questions to answer in today's enterprise. Or they might need to go back to full fidelity packet capture data to try to understand that, you know, a malicious actor's movement throughout the enterprise. And we're not seeing, you know, we're seeing vendors who have great log indexing engines, and great time series databases, but really what people are looking for is the ability to store massive quantities of data, five times, 10 times more data than they're storing today, and they're doing that in places like AWSS3, or in Azure Blob Storage, and we're just now starting to see the advent of technologies we can help them query that data, and technologies that are generally more specifically focused at the type of persona that we sell to which is a security professional, or an IT professional who's trying to understand the behaviors of their applications, and we also find that, you know, general-purpose data processing technologies are great for the enterprise, but they're not working for the people who are running the enterprise, and that's why you're starting to see the concepts like observability pipelines and observability lakes emerge, because they're targeted at these people who have a very unique set of problems that are not being solved by the general-purpose data processing engines. >> It's interesting as you see the evolution of more data volume, more data gravity, then you have these specialty things that need to be engineered for the business. So sounds like observability lake and pipelining of the data, the data pipelining, or stream you call it, these are new things that they bolt into the architecture, right? Because they have business reasons to do it. What's driving that? Sounds like security is one of them. Are there others that are driving this behavior? >> Yeah, I mean it's the need to be able to observe applications and observe end-user behavior at a fine-grain detail. So, I mean I often use examples of like bank teller applications, or perhaps, you know, the app that you're using to, you know, I'm going to be flying in a couple of days. I'll be using their app to understand whether my flight's on time. Am I getting a good experience in that particular application? Answering the question of is Clint getting a good experience requires massive quantities of data, and your application and your service, you know, I'm going to sit there and look at, you know, American Airlines which I'm flying on Thursday, I'm going to be judging them based on off of my experience. I don't care what the average user's experience is I care what my experience is. And if I call them up and I say, hey, and especially for the enterprise usually this is much more for, you know, in-house applications and things like that. They call up their IT department and say, hey, this application is not working well, I don't know what's going on with it, and they can't answer the question of what was my individual experience, they're living with, you know, data that they can afford to store today. And so I think that's why you're starting to see the advent of these new architectures is because digital is so absolutely critical to every company's customer experience, that they're needing to be able to answer questions about an individual user's experience which requires significantly greater volumes of data, and because of significantly greater volumes of data, that requires entirely new approaches to aggregating that data, bringing the data in, and storing that data. >> Talk to me about enabling customer choice when it comes around controlling their data. You mentioned that before we came on camera that you guys are known for choice. How do you enable customer choice and control over their data? >> So I think one of the biggest problems I've seen in the industry over the last couple of decades is that vendors come to customers with hugely valuable products that make their lives better but it also requires them to maintain a relationship with that vendor in order to be able to continue to ask questions of that data. And so customers don't get a lot of optionality in these relationships. They sign multi-year agreements, they look to try to start another, they want to go try out another vendor, they want to add new technologies into their stack, and in order to do that they're often left with a choice of well, do I roll out like get another agent, do I go touch 10,000 computers, or a 100,000 computers in order to onboard this data? And what we have been able to offer them is the ability to reuse their existing deployed footprints of agents and their existing data collection technologies, to be able to use multiple tools and use the right tool for the right job, and really give them that choice, and not only give them the choice once, but with the concepts of things like the observability lake and replay, they can go back in time and say, you know what? I wanted to rehydrate all this data into a new tool, I'm no longer locked in to the way one vendor stores this, I can store this data in open formats and that's one of the coolest things about the observability late concept is that customers are no longer locked in to any particular vendor, the data is stored in open formats and so that gives them the choice to be able to go back later and choose any vendor, because they may want to do some AI or ML on that type of data and do some model training. They may want to be able to forward that data to a new cloud data warehouse, or try a different vendor for log search or a different vendor for time series data. And we're really giving them the choice and the tools to do that in a way in which was simply not possible before. >> You know you are bring up a point that's a big part of the upcoming AWS startup series Data as Code, the data engineering role has become so important and the word engineering is a key word in that, but there's not a lot of them, right? So like how many data engineers are there on the planet, and hopefully more will come in, come from these great programs in computer science but you got to engineer something but you're talking about developing on data, you're talking about doing replays and rehydrating, this is developing. So Data as Code is now a reality, how do you see Data as Code evolving from your perspective? Because it implies DevOps, Infrastructure as Code was DevOps, if Data as Code then you got DataOps, AIOps has been around for a while, what is Data as Code? And what does that mean to you Clint? >> I think for our customers, one, it means a number of I think sort of after-effects that maybe they have not yet been considering. One you mentioned which is it's hard to acquire that talent. I think it is also increasingly more critical that people who were working in jobs that used to be purely operational, are now being forced to learn, you know, developer centric tooling, things like GET, things like CI/CD pipelines. And that means that there's a lot of education that's going to have to happen because the vast majority of the people who have been doing things in the old way from the last 10 to 20 years, you know, they're going to have to get retrained and retooled. And I think that one is that's a huge opportunity for people who have that skillset, and I think that they will find that their compensation will be directly correlated to their ability to have those types of skills, but it also represents a massive opportunity for people who can catch this wave and find themselves in a place where they're going to have a significantly better career and more options available to them. >> Yeah and I've been thinking about what you just said about your customer environment having all these different things like Datadog and other agents. Those people that rolled those out can still work there, they don't have to rip and replace and then get new training on the new multiyear enterprise service agreement that some other vendor will sell them. You come in and it sounds like you're saying, hey, stay as you are, use Cribl, we'll have some data engineering capabilities for you, is that right? Is that? >> Yup, you got it. And I think one of the things that's a little bit different about our product and our market John, from kind of general-purpose data processing is for our users they often, they're often responsible for many tools and data engineering is not their full-time job, it's actually something they just need to do now, and so we've really built tool that's designed for your average security professional, your average IT professional, yes, we can utilize the same kind of DataOps techniques that you've been talking about, CI/CD pipelines, GITOps, that sort of stuff, but you don't have to, and if you're really just already familiar with administering a Datadog or a Splunk, you can get started with our product really easily, and it is designed to be able to be approachable to anybody with that type of skillset. >> It's interesting you, when you're talking you've remind me of the big wave that was coming, it's still here, shift left meant security from the beginning. What do you do with data shift up, right, down? Like what do you, what does that mean? Because what you're getting at here is that if you're a developer, you have to deal with data but you don't have to be a data engineer but you can be, right? So we're getting in this new world. Security had that same problem. Had to wait for that group to do things, creating tension on the CI/CD pipelining, so the developers who are building apps had to wait. Now you got shift left, what is data, what's the equivalent of the data version of shift left? >> Yeah so we're actually doing this right now. We just announced a new product a week ago called Cribl Edge. And this is enabling us to move processing of this data rather than doing it centrally in the stream to actually push this processing out to the edge, and to utilize a lot of unused capacity that you're already paying AWS, or paying Azure for, or maybe in your own data center, and utilize that capacity to do the processing rather than having to centralize and aggregate all of this data. So I think we're going to see a really interesting, and left from our side is towards the origination point rather than anything else, and that allows us to really unlock a lot of unused capacity and continue to drive the kind of cost down to make more data addressable back to the original thing we talked about the tension between data growth, if we want to offer more capacity to people, if we want to be able to answer more questions, we need to be able to cost-effectively query a lot more data. >> You guys had great success in the enterprise with what you got going on. Obviously the funding is just the scoreboard for that. You got good growth, what are the use cases, or what's the customer look like that's working for you where you're winning, or maybe said differently what pain points are out there the customer might be feeling right now that Cribl could fit in and solve? How would you describe that ideal persona, or environment, or problem, that the customer may have that they say, man, Cribl's a perfect fit? >> Yeah, this is a person who's working on tooling. So they administer a Splunk, or an Elastic, or a Datadog, they may be in a network operations center, a security operation center, they are struggling to get data into their tools, they're always at capacity, their tools always at the redline, they really wish they could do more for the business. They're kind of tired of being this department of no where everybody comes to them and says, "hey, can I get this data in?" And they're like, "I wish, but you know, we're all out of capacity, and you know, we have, we wish we could help you but we frankly can't right now." We help them by routing that data to multiple locations, we help them control costs by eliminating noise and waste, and we've been very successful at that in, you know, logos, like, you know, like a Shutterfly, or a, blanking on names, but we've been very successful in the enterprise, that's not great, and we continue to be successful with major logos inside of government, inside of banking, telco, et cetera. >> So basically it used to be the old hyperscalers, the ones with the data full problem, now everyone's got the, they're full of data and they got to really expand capacity and have more agility and more engineering around contributions of the business sounds like that's what you guys are solving. >> Yup and hopefully we help them do a little bit more with less. And I think that's a key problem for our enterprises, is that there's always a limit on the number of human resources that they have available at their disposal, which is why we try to make the software as easy to use as possible, and make it as widely applicable to those IT and security professionals who are, you know, kind of your run-of-the-mill tools administrator, our product is very approachable for them. >> Clint great to see you on theCUBE here, thanks for coming on. Quick plug for the company, you guys looking for hiring, what's going on? Give a quick update, take 30 seconds to give a plug. >> Yeah, absolutely. We are absolutely hiring cribl.io/jobs, we need people in every function from sales, to marketing, to engineering, to back office, GNA, HR, et cetera. So please check out our job site. If you are interested it in learning more you can go to cribl.io. We've got some great online sandboxes there which will help you educate yourself on the product, our documentation is freely available, you can sign up for up to a terabyte a day on our cloud, go to cribl.cloud and sign up free today. The product's easily accessible, and if you'd like to speak with us we'd love to have you in our community, and you can join the community from cribl.io as well. >> All right, Clint Sharp co-founder and CEO of Cribl, thanks for coming to theCUBE. Great to see you, I'm John Furrier your host thanks for watching. (upbeat music)

>> Announcer: From around the globe, it's theCUBE with digital coverage of MIT Chief Data Officer and Information Quality symposium brought to you by SiliconANGLE Media. >> Hi everybody. This is Dave Vellante and welcome back to theCUBE's coverage of the MIT CDOIQ 2020 event. Of course, it's gone virtual. We wish we were all together in Cambridge. They were going to move into a new building this year for years they've done this event at the Tang Center, moving into a new facility, but unfortunately going to have to wait at least a year, we'll see, But we've got a great guest. Nonetheless, Doug Laney is here. He's a Business Value Strategist, the bestselling author, an analyst, consultant then a long time CUBE friend. Doug, great to see you again. Thanks so much for coming on. >> Dave, great to be with you again as well. So can I ask you? You have been an advocate for obviously measuring the value of data, the CDO role. I don't take this the wrong way, but I feel like the last 150 days have done more to accelerate people's attention on the importance of data and the value of data than all the great work that you've done. What do you think? (laughing) >> It's always great when organizations, actually take advantage of some of these concepts of data value. You may be speaking specifically about the situation with United Airlines and American Airlines, where they have basically collateralized their customer loyalty data, their customer loyalty programs to the tunes of several billion dollars each. And one of the things that's very interesting about that is that the third party valuations of their customer loyalty data, resulted in numbers that were larger than the companies themselves. So basically the value of their data, which is as we've discussed previously off balance sheet is more valuable than the market cap of those companies themselves, which is just incredibly fascinating. >> Well, and of course, all you have to do is look to the Trillionaire's Club. And now of course, Apple pushing two trillion to really see the value that the market places on data. But the other thing is of course, COVID, everybody talks about the COVID acceleration. How have you seen it impact the awareness of the importance of data, whether it applies to business resiliency or even new monetization models? If you're not digital, you can't do business. And digital is all about data. >> I think the major challenge that most organizations are seeing from a data and analytics perspective due to COVID is that their traditional trend based forecast models are broken. If you're a company that's only forecasting based on your own historical data and not taking into consideration, or even identifying what are the leading indicators of your business, then COVID and the economic shutdown have entirely broken those models. So it's raised the awareness of companies to say, "Hey, how can we predict our business now? We can't do it based on our own historical data. We need to look externally at what are those external, maybe global indicators or other kinds of markets that proceed our own forecasts or our own activity." And so the conversion from trend based forecast models to what we call driver based forecast models, isn't easy for a lot of organizations to do. And one of the more difficult parts is identifying what are those external data factors from suppliers, from customers, from partners, from competitors, from complimentary products and services that are leading indicators of your business. And then recasting those models and executing on them. >> And that's a great point. If you think about COVID and how it's changed things, everything's changed, right? The ideal customer profile has changed, your value proposition to those customers has completely changed. You got to rethink that. And of course, it's very hard to predict even when this thing eventually comes back, some kind of hybrid mode, you used to be selling to people in an office environment. That's obviously changed. There's a lot that's permanent there. And data is potentially at least the forward indicator, the canary in the coal mine. >> Right. It also is the product and service. So not only can it help you and improve your forecasting models, but it can become a product or service that you're offering. Look at us right now, we would generally be face to face and person to person, but we're using video technology to transfer this content. And then one of the things that I... It took me awhile to realize, but a couple of months after the COVID shutdown, it occurred to me that even as a consulting organization, Caserta focuses on North America. But the reality is that every consultancy is now a global consultancy because we're all doing business remotely. There are no particular or real strong localization issues for doing consulting today. >> So we talked a lot over the years about the role of the CDO, how it's evolved, how it's changed the course of the early... The pre-title days it was coming out of a data quality world. And it's still vital. Of course, as we heard today from the Keynote, it's much more public, much more exposed, different public data sources, but the role has certainly evolved initially into regulated industries like financial, healthcare and government, but now, many, many more organizations have a CDO. My understanding is that you're giving a talk in the business case for the CDO. Help us understand that. >> Yeah. So one of the things that we've been doing here for the last couple of years is a running an ongoing study of how organizations are impacted by the role of the CDO. And really it's more of a correlation and looking at what are some of the qualities of organizations that have a CDO or don't have a CDO. So some of the things we found is that organizations with a CDO nearly twice as often, mention the importance of data and analytics in their annual report organizations with a C level CDO, meaning a true executive are four times more often likely to be using data, to transform the business. And when we're talking about using data and advanced analytics, we found that organizations with a CIO, not a CDO responsible for their data assets are only half as likely to be doing advanced analytics in any way. So there are a number of interesting things that we found about companies that have a CDO and how they operate a bit differently. >> I want to ask you about that. You mentioned the CIO and we're increasingly seeing lines of reporting and peer reporting alter shift. The sands are shifting a little bit. In the early days the CDO and still predominantly I think is an independent organization. We've seen a few cases and increasingly number where they're reporting into the CIO, we've seen the same thing by the way with the chief Information Security Officer, which used to be considered the fox watching the hen house. So we're seeing those shifts. We've also seen the CDO become more aligned with a technical role and sometimes even emerging out of that technical role. >> Yeah. I think the... I don't know, what I've seen more is that the CDOs are emerging from the business, companies are realizing that data is a business asset. It's not an IT asset. There was a time when data was tightly coupled with applications of technologies, but today data is very easily decoupled from those applications and usable in a wider variety of contexts. And for that reason, as data gets recognized as a business, not an IT asset, you want somebody from the business responsible for overseeing that asset. Yes, a lot of CDOs still report to the CIO, but increasingly more CDOs you're seeing and I think you'll see some other surveys from other organizations this week where the CDOs are more frequently reporting up to the CEO level, meaning they're true executives. Along I advocated for the bifurcation of the IT organization into separate I and T organizations. Again, there's no reason other than for historical purposes to keep the data and technology sides of the organizations so intertwined. >> Well, it makes sense that the Chief Data Officer would have an affinity with the lines of business. And you're seeing a lot of organizations, really trying to streamline their data pipeline, their data life cycles, bringing that together, infuse intelligence into that, but also take a systems view and really have the business be intimately involved, if not even owned into the data. You see a lot of emphasis on self-serve, what are you seeing in terms of that data pipeline or the data life cycle, if you will, that used to be wonky, hard core techies, but now it really involving a lot more constituent. >> Yeah. Well, the data life cycle used to be somewhat short. The data life cycles, they're longer and they're more a data networks than a life cycle and or a supply chain. And the reason is that companies are finding alternative uses for their data, not just using it for a single operational purpose or perhaps reporting purpose, but finding that there are new value streams that can be generated from data. There are value streams that can be generated internally. There are a variety of value streams that can be generated externally. So we work with companies to identify what are those variety of value streams? And then test their feasibility, are they ethically feasible? Are they legally feasible? Are they economically feasible? Can they scale? Do you have the technology capabilities? And so we'll run through a process of assessing the ideas that are generated. But the bottom line is that companies are realizing that data is an asset. It needs to be not just measured as one and managed as one, but also monetized as an asset. And as we've talked about previously, data has these unique qualities that it can be used over and over again, and it generate more data when you use it. And it can be used simultaneously for multiple purposes. So companies like, you mentioned, Apple and others have built business models, based on these unique qualities of data. But I think it's really incumbent upon any organization today to do so as well. >> But when you observed those companies that we talk about all the time, data is at the center of their organization. They maybe put people around that data. That's got to be one of the challenge for many of the incumbents is if we talked about the data silos, the different standards, different data quality, that's got to be fairly major blocker for people becoming a "Data-driven organization." >> It is because some organizations were developed as people driven product, driven brand driven, or other things to try to convert. To becoming data-driven, takes a high degree of data literacy or fluency. And I think there'll be a lot of talk about that this week. I'll certainly mention it as well. And so getting the organization to become data fluent and appreciate data as an asset and understand its possibilities and the art of the possible with data, it's a long road. So the culture change that goes along with it is really difficult. And so we're working with 150 year old consumer brand right now that wants to become more data-driven and they're very product driven. And we hear the CIO say, "We want people to understand that we're a data company that just happens to produce this product. We're not a product company that generates data." And once we realized that and started behaving in that fashion, then we'll be able to really win and thrive in our marketplace. >> So one of the key roles of a Chief Data Officers to understand how data affects the monetization of an organization. Obviously there are four profit companies of your healthcare organization saving lives, obviously being profitable as well, or at least staying within the budget, depending upon the structure of the organization. But a lot of people I think oftentimes misunderstand that it's like, "Okay, do I have to become a data broker? Am I selling data directly?" But I think, you pointed out many times and you just did that unlike oil, that's why we don't like that data as a new oil analogy, because it's so much more valuable and can be use, it doesn't fall because of its scarcity. But what are you finding just in terms of people's application of that notion of monetization? Cutting costs, increasing revenue, what are you seeing in the field? What's that spectrum look like? >> So one of the things I've done over the years is compile a library of hundreds and hundreds of examples of how organizations are using data and analytics in innovative ways. And I have a book in process that hopefully will be out this fall. I'm sharing a number of those inspirational examples. So that's the thing that organizations need to understand is that there are a variety of great examples out there, and they shouldn't just necessarily look to their own industry. There are inspirational examples from other industries as well, many clients come to me and they ask, "What are others in my industry doing?" And my flippant response to that is, "Why do you want to be in second place or third place? Why not take an idea from another industry, perhaps a digital product company and apply that to your own business." But like you mentioned, there are a variety of ways to monetize data. It doesn't involve necessarily selling it. You can deliver analytics, you can report on it, you can use it internally to generate improved business process performance. And as long as you're measuring how data's being applied and what its impact is, then you're in a position to claim that you're monetizing it. But if you're not measuring the impact of data on business processes or on customer relationships or partner supplier relationships or anything else, then it's difficult to claim that you're monetizing it. But one of the more interesting ways that we've been working with organizations to monetize their data, certainly in light of GDPR and the California consumer privacy act where I can't sell you my data anymore, but we've identified ways to monetize your customer data in a couple of ways. One is to synthesize the data, create synthetic data sets that retain the original statistical anomalies in the data or features of the data, but don't share actually any PII. But another interesting way that we've been working with organizations to monetize their data is what I call, Inverted data monetization, where again, I can't share my customer data with you, but I can share information about your products and services with my customers. And take a referral fee or a commission, based on that. So let's say I'm a hospital and I can't sell you my patient data, of course, due to variety of regulations, but I know who my diabetes patients are, and I can introduce them to your healthy meal plans, to your gym memberships, to your at home glucose monitoring kits. And again, take a referral fee or a cut of that action. So we're working with customers and the financial services firm industry and in the healthcare industry on just those kinds of examples. So we've identified hundreds of millions of dollars of incremental value for organizations that from their data that we're just sitting on. >> Interesting. Doug because you're a business value strategist at the top, where in the S curve do you see you're able to have the biggest impact. I doubt that you enter organizations where you say, "Oh, they've got it all figured out. They can't use my advice." But as well, sometimes in the early stages, you may not be able to have as big of an impact because there's not top down support or whatever, there's too much technical data, et cetera, where are you finding you can have the biggest impact, Doug? >> Generally we don't come in and run those kinds of data monetization or information innovation exercises, unless there's some degree of executive support. I've never done that at a lower level, but certainly there are lower level more immediate and vocational opportunities for data to deliver value through, to simply analytics. One of the simple examples I give is, I sold a home recently and when you put your house on the market, everybody comes out of the woodwork, the fly by night, mortgage companies, the moving companies, the box companies, the painters, the landscapers, all know you're moving because your data is in the U.S. and the MLS directory. And it was interesting. The only company that didn't reach out to me was my own bank, and so they lost the opportunity to introduce me to a Mortgage they'd retain me as a client, introduce me to my new branch, print me new checks, move the stuff in my safe deposit box, all of that. They missed a simple opportunity. And I'm thinking, this doesn't require rocket science to figure out which of your customers are moving, the MLS database or you can harvest it from Zillow or other sites is basically public domain data. And I was just thinking, how stupid simple would it have been for them to hire a high school programmer, give him a can of red bull and say, "Listen match our customer database to the MLS database to let us know who's moving on a daily or weekly basis." Some of these solutions are pretty simple. >> So is that part of what you do, come in with just hardcore tactical ideas like that? Are you also doing strategy? Tell me more about how you're spending your time. >> I trying to think more of a broader approach where we look at the data itself and again, people have said, "If you tortured enough, what would you tell us? We're just take that angle." We look at examples of how other organizations have monetized data and think about how to apply those and adapt those ideas to the company's own business. We look at key business drivers, internally and externally. We look at edge cases for their customers' businesses. We run through hypothesis generating activities. There are a variety of different kinds of activities that we do to generate ideas. And most of the time when we run these workshops, which last a week or two, we'll end up generating anywhere from 35 to 50 pretty solid ideas for generating new value streams from data. So when we talk about monetizing data, that's what we mean, generating new value streams. But like I said, then the next step is to go through that feasibility assessment and determining which of these ideas you actually want to pursue. >> So you're of course the longtime industry watcher as well, as a former Gartner Analyst, you have to be. My question is, if I think back... I've been around a while. If I think back at the peak of Microsoft's prominence in the PC era, it was like windows 95 and you felt like, "Wow, Microsoft is just so strong." And then of course the Linux comes along and a lot of open source changes and low and behold, a whole new set of leaders emerges. And you see the same thing today with the Trillionaire's Club and you feel like, "Wow, even COVID has been a tailwind for them." But you think about, "Okay, where could the disruption come to these large players that own huge clouds, they have all the data." Is data potentially a disruptor for what appear to be insurmountable odds against the newbies" >> There's always people coming up with new ways to leverage data or new sources of data to capture. So yeah, there's certainly not going to be around for forever, but it's been really fascinating to see the transformation of some companies I think nobody really exemplifies it more than IBM where they emerged from originally selling meat slicers. The Dayton Meat Slicer was their original product. And then they evolved into Manual Business Machines and then Electronic Business Machines. And then they dominated that. Then they dominated the mainframe software industry. Then they dominated the PC industry. Then they dominated the services industry to some degree. And so they're starting to get into data. And I think following that trajectory is something that really any organization should be looking at. When do you actually become a data company? Not just a product company or a service company or top. >> We have Inderpal Bhandari is one of our huge guests here. He's a Chief-- >> Sure. >> Data Officer of IBM, you know him well. And he talks about the journey that he's undertaken to transform the company into a data company. I think a lot of people don't really realize what's actually going on behind the scenes, whether it's financially oriented or revenue opportunities. But one of the things he stressed to me in our interview was that they're on average, they're reducing the end to end cycle time from raw data to insights by 70%, that's on average. And that's just an enormous, for a company that size, it's just enormous cost savings or revenue generating opportunity. >> There's no doubt that the technology behind data pipelines is improving and the process from moving data from those pipelines directly into predictive or diagnostic or prescriptive output is a lot more accelerated than the early days of data warehousing. >> Is the skills barrier is acute? It seems like it's lessened somewhat, the early Hadoop days you needed... Even data scientist... Is it still just a massive skill shortage, or we're starting to attack that. >> Well, I think companies are figuring out a way around the skill shortage by doing things like self service analytics and focusing on more easy to use mainstream type AI or advanced analytics technologies. But there's still very much a need for data scientists and organizations and the difficulty in finding people that are true data scientists. There's no real certification. And so really anybody can call themselves a data scientist but I think companies are getting good at interviewing and determining whether somebody's got the goods or not. But there are other types of skills that we don't really focus on, like the data engineering skills, there's still a huge need for data engineering. Data doesn't self-organize. There are some augmented analytics technologies that will automatically generate analytic output, but there really aren't technologies that automatically self-organize data. And so there's a huge need for data engineers. And then as we talked about, there's a large interest in external data and harvesting that and then ingesting it and even identifying what external data is out there. So one of the emerging roles that we're seeing, if not the sexiest role of the 21st century is the role of the Data Curator, somebody who acts as a librarian, identifying external data assets that are potentially valuable, testing them, evaluating them, negotiating and then figuring out how to ingest that data. So I think that's a really important role for an organization to have. Most companies have an entire department that procures office supplies, but they don't have anybody who's procuring data supplies. And when you think about which is more valuable to an organization? How do you not have somebody who's dedicated to identifying the world of external data assets that are out there? There are 10 million data sets published by government, organizations and NGOs. There are thousands and thousands of data brokers aggregating and sharing data. There's a web content that can be harvested, there's data from your partners and suppliers, there's data from social media. So to not have somebody who's on top of all that it demonstrates gross negligence by the organization. >> That is such an enlightening point, Doug. My last question is, I wonder how... If you can share with us how the pandemic has effected your business personally. As a consultant, you're on the road a lot, obviously not on the road so much, you're doing a lot of chalk talks, et cetera. How have you managed through this and how have you been able to maintain your efficacy with your clients? >> Most of our clients, given that they're in the digital world a bit already, made the switch pretty quick. Some of them took a month or two, some things went on hold but we're still seeing the same level of enthusiasm for data and doing things with data. In fact some companies have taken our (mumbles) that data to be their best defense in a crisis like this. It's affected our business and it's enabled us to do much more international work more easily than we used to. And I probably spend a lot less time on planes. So it gives me more time for writing and speaking and actually doing consulting. So that's been nice as well. >> Yeah, there's that bonus. Obviously theCUBE yes, we're not doing physical events anymore, but hey, we've got two studios operating. And Doug Laney, really appreciate you coming on. (Dough mumbles) Always a great guest and sharing your insights and have a great MIT CDOIQ. >> Thanks, you too, Dave, take care. (mumbles) >> Thanks Doug. All right. And thank you everybody for watching. This is Dave Vellante for theCUBE, our continuous coverage of the MIT Chief Data Officer conference, MIT CDOIQ, will be right back, right after this short break. (bright music)

>> Narrator: Live from Las Vegas it's theCUBE. Covering UiPath Forward Americas 2019. Brought to you by UiPath. >> Welcome back everyone to theCUBE's live coverage of UiPath Forward here at the Bellagio in Las Vegas. I'm your host Rebecca Knight along with my co-host Dave Vellante. We are joined by Craig Le Clair, he is the vice president of Forrester and also the author of the book "Invisible Robots in the Quiet of the Night: How AI and Automation will Restructure the Workforce". Thank you so much for coming on theCUBE. >> Craig: Thank you! Thanks for having me. >> And congratulations, it's already made #11 on Amazon's AI and automation bestseller list. >> Wow, it's not quite best seller but OK, that's great, thank you, it's doing well. >> So if anyone calls your book a bestseller you just take 'em on that. >> (Craig) I'll just take it. >> So it is a, it's a bleak story right now, I mean there's a lot, there's so many changes going on in the workforce and there's so much anxiety on the part of workers that they're going to lose their job that all these technologies are going to take away their their livelihood, so how are companies managing this? Are they managing it well, would you say, or is the anxiety misplaced? Give us an overview. >> Yeah, so I don't think companies are really aware of the broader implications of the automation and AI that's developing. They tend to focus on the things that companies focus on. They focus on more efficiency and productivity and so forth, and underlying that is this digital anxiety that we call it, and the fact that a lot of the jobs that we, particularly the middle class have, the working class have, are the targets of the invisible robots, and that's really the point of the invisible robot book is that there's a lot of media attention on the hardware aspects of robotics, in fact the Super Bowl last year had 10 commercials with hardware robots. But if you look at this conference you look at the number of people here. What are these people doing? They're going back to their companies and saying "You know, this UiPath, and there are other providers "in the market, we can build software robotics, "we can build bots to do some of these tasks "that a lot of these humans are doing." And while there is elevation of the human capability in spirit for many of them, there's also a comfort level in employees that do things that they have control over, have incited. And when you extract those you are left with a series of more exciting moments, perhaps, but it's not going to make you more relaxed as an employee. And then you look at the overall job numbers, and our estimates are very conservative compared to some of the other reports, that are 45, 50% of workers over 10 years being displaced. We think it's 16%, but still, when you look at just the US numbers, that's of 160 workers today, 160 million workers, that's a lot of people. >> Rebecca: It is indeed. >> So, displaced and then sort of re-targeted or? >> A percentage, >> Vaporized. >> No, no, well the 16% is the automation, is the net loss of jobs. Now in that, automation's expensive, so there are a tremendous number of new jobs that are created by the work that's been going on here. So we have a formula to calculate that for these 12 different work personas, and the work personas have different relationships to AI and automation, so you would be crossed so many knowledge workers and be very well protected for a long time. >> Rebecca: All right, there we go. >> So you're good, but... for coordinators, people that have clip boards in their hands, for those who work in cubicles, they're going to have a lot of people leaving those cubicles that aren't going to be able to migrate to other personas. And so we have a changed management issue, we need to start driving more education from the workplace through certification, and that's a really critical thing I'll talk about tomorrow, that the refresh of technology with automation is 18 months to 24 months, you can't depend on traditional education to keep up, so we need a different way to look at training and education and for many it's going to be a much better life, but there's going to be many that it will not be. >> What was the time frame for your net 16% loss? >> 10 years. >> 10 years, okay, to me a lower net loss number makes sense, and in fact if you can elongate your timeline it probably shows a net job creation, you can make that argument anyway I don't know if you. >> Craig: It's being made. >> Dave: You don't buy it though? >> I don't, the world economic foundation and others are having huge net new numbers for jobs based on AI. Some of the large integration companies that want to build AI platforms for you are talking about trillions of dollars that would be added value to the world economy, I just don't buy it, and you know the reason I wrote this book was because what's going on here is very quietly preparing to displace a lot of efforts starting with relatively small tasks, it's called task automation but then expanding to more and more work and eventually adding a level of intelligence to the task automation going on here, that's going to take a lot of jobs. And for most of those 20 million cubicle workers, they have high school educations. You know, the bigger problem is this level of anxiety, you know, you go into almost any bookstore and there's a whole section For Dummy books, and it's not, is it because we have this sort of cognitive recession or because there's a, it's because the world's getting faster and more complicated. And unless you have the digital skills to adapt to that, the digital skills gap is growing. And we need to have as much focus that you see here and energy on building automation. We need to have an equal amount of focus on the societal problems. >> Yeah, it really comes down to education, too. I mean if I were able to snap my fingers and transform the educational system, there might be a different outcome but that's very unlikely to happen. Craig, one of the things we talked about last year was you had made the statement that some of these moonshot digital transformations aren't happening for a variety of reasons but our PA is kind of a practical way to achieve automation. >> Still very true. >> Have you seen sort of a greater awareness in your client base that, "You know, hey, maybe we should dial down "some of these moonshots and just try to "pick some clear winners." >> Yeah, we have a number of prediction reports coming out from Forrester and they're all saying basically that. I'm doing reports on what I'm calling the intelligent process automation market and that's really our PA plus AI, but not all aspects of AI. You know, it's AI that you can see in ROI around, you know it's AI that deals with unstructured documents and content and email. It's not the moonshot, more transformative AI that we have been very focused on for a number of years. Now all of that's very very important. You're not going to transform your business by doing task automation even if it's a little more intelligent and handles some decision management, you still need to think about "How do I instantiate "my business algorithmically," with AI that's going to make predictions and move decision management and change the customer experience. All that's still true, as true as it was in 2014/2015, we're just seeing a more realistic pull back in terms of the invested profile. >> Well, and so we've been talking about that all day, it is taking automating processes that have been around for a long time, and you, I think identified this as one of the potential blockers before, if you get old processes that are legacy and I think you, you gave the story of "Hey, I flew out here "on American Airlines in the old SABRE system." How old are those processes, you know? We've, you know the old term "paving the cow path." So the question is, given all the hype around RPA, the valuations, et cetera, what role do you see RPA having in those sort of transformative use cases? >> Well here's the interesting thing that was, I think, somewhat accidental by the, you know what really changed from having simple desktop automation? Well you needed some place to house and essentially manage that automation, so the RPA platforms had to build a central management capability. UiPath calls that the orchestrator, others call it the control tower, but when you think of all the categories of AI none of them have a orchestration capability, so the ability to use events to link in machine intelligence and dispatch digital workers or task automation to coordinate various AI building blocks as we call them and apply it to a use case, that orchestration ability is pretty unique to the RPA platforms. So the sort of secret value of RPA is not in everything that's being talked about here but eventually is going to be as a coordinating mechanism for bringing together machine learning that'll begin in the cloud, conversational intelligence that might be in Google. Having the RPA bots work in conjunction with those. >> But if I recall, I mean that's something that you pointed out last year as well that RPA today struggles with unstructured data that... >> Well it can't do it. >> You're right, we've talked about it NLP versus RPA, RPA, given structured data, I can go after it. >> That's the RPA plus AI bit, though. I mean, you take text analytics layer, and you combine it with RPA bots and now you have the unstructured capability plus the structured capability that RPA does so well. And, with the combination of the two, you can reach. I think what the industry needs to do or the buyers of RPA need to take the pressure off this immediacy of the ROI. In a sense, that's what's driven the value. I can deploy something, I can get value in a few months but, to really make it effective and transformative you need to combine it with these AI components, that's going to take a little longer, so this sort of impatience that you see in a lot of companies, they should really step back and take a look at the more end to end capabilities and take a little hit on the ROI immediately so that you can do that. >> No, I mean I can definitely see a step function, okay, great, we've absorbed that value, we get the quick ROI, but there's, to your point there's got to be some patient capital to allow you to truly transform in order for RPA, I don't want to put words in your mouth, to live up to the hype. >> Absolutely, I totally agree. And I am still very, very high on the market, I think it's going to do extremely well. >> Well, if you look at the spending data, it's quite interesting. I mean RPA as a category is off the charts. You know, UiPath, from the, your last wave kind of took the lead but, Automation Anywhere, Blue Prism spending, even in traditional incumbents, maybe not even RPA, maybe more "process automation" like Pegasystems. Their spending data suggests that this is the rising tide lifting all boats so, my question to you is, how do you see this all shaking out? I mean, huge evaluations, the bankers are swarming around. You saw them in the media yesterday. You know, at some point there's got to be a winner takes most. The number two guy will do pretty well and then everybody else kind of consolidates. What's your outlook? >> Well, there are a lot of emerging players coming into the market and, part of my life is having to fend them off and talk to them, and the RPA wave is coming out in a week. It's going to have four new players in it. Companies like SAP. >> Well, they acquired a company right? >> They acquired and they built internally, and have some interesting approaches to the market. So you are going to see the big players come into the market. Others I won't mention that'll be in the market in a month It's getting a lot of attention. But also I think that there are domains, business domains that, the different platforms can start to specialize in. The majors, the UiPaths to the world, will be horizontal and remain that way. And depend on partners to tailor it for a particular application area. But you're going to see RPA companies come into the testing market, software testing market. You're going to see them come into the contact centers to deal with attended mode in more sophisticated ways perhaps than those that don't have that background. You're going to see tailored robots that are going to be in these robot communities that are springing up. That'll give a lot of juice to others to come into the market. >> And like you say you're going to see, we've talked about this as well Rebecca, the best of breed versus the suite, right? Whether its SAP, Inforce talking about it, I'm sure Oracle will throw its hat in the ring I mean, why not, right? Hey, we have that too. >> Well, if you're those companies that the RPA bots are feasting on, they're slowing the upgrades to your core platforms, in some ways making them less relevant, because their argument has been, let's integrate, you get self integration when you buy SAP, when you buy Oracle, when you buy these big platforms. Well, the bots actually make that argument less powerful because you can use the bots to give you that integration, as a layer, and so they're going to have to come up with some different stories I think if they're going to continue to move forward on their platforms, move them to the cloud and so forth. >> So, finally, your best advice for workers in this new landscape and how it is going to alter their working lives. And also, your best advice for companies and managers who are, as you said, maybe not quite, they're grappling with this issue but maybe not and they're not being disingenuous to workers about who's going to lose their jobs, but this idea of as they're coming to terms with understanding quite all of the implications of this new world. >> Yeah, I know, I'm presenting data tomorrow that shows that organizations, employees, and leaders are not ready and I have data to show that. They're not understanding it. My best advice, I love the concept of, it's not a Forrester concept, it's called constructive ambition. This is the ability in an employee to want to go a little bit out of the box, and learn, and to challenge themselves, and move into more digital to close that digital skills gap. And, we have to get better at, companies need to get better at identifying constructive ambition in people they're hiring, and also, ways to draw it out. And to walk these employees up the mountain in a way that's good for their career and good for the company. I can tell you, I'll tell a few stories on the main stage last night, I interviewed Walmart employees and machinists that could no longer deal with their machine because they had to put codes into it so they had to set it up with programming steps and the digital anxiety was such that they quit the job. So a clear lack of constructive ambition. On the other hand, a Walmart employee graduated from one of their 200 academies and was able to take on more and more responsibility. Somebody with no high school degree at all. She said, "I've never graduated "from anything in my life. "My kids have never seen me "succeed at anything, and I got this certification "from Walmart that said that I was doing this level "of standard work and that felt really, really good." So, you know, we, companies can take a different view towards this but they have to have some model of future of work of what it's going to look like so they can take a more strategic view. >> Well Craig, thank you so much for coming on theCUBE. It was a really great talk. Another plug for the book, "Invisible Robots in the Quiet of the Night" you can buy it on Amazon. >> Craig: Thank you. >> I'm Rebecca Knight for Dave Vellante, stay tuned for more of theCUBE's live coverage of UiPath Forward. (techno music)

(upbeat music) >> Hey, welcome back everybody. Jeff Frick with The Cube. If you can't tell over my shoulder, we are at Oracle Park. It's a glorious day. The marine layer is burning off and it is really spectacular. We're happy to be here. Haven't been here since, I think 2014. It's an interesting event called Sports Tech Tokyo World Demo Day. About 25 technology companies in the sports area are giving demos all day today. It's a huge program, and we're excited to have our next guest coming from the analytics side. She's Sezin Aksoy, Global Data Strategy and Analytics for AXS. >> Correct. >> Welcome. >> Thank you. >> Absolutely. >> Glad to be here. >> So Global Data Strategy. Everything's all about data. >> Correct. >> So, somebody's really happy to have you on board. What are so... What do you, what are you working on, what was top of line. >> Sure, so it's going to sound cheesy but data is the power of the world. >> Yes. >> It's going to empower people making better decisions, so that's kind of my role is at AXS. So AXS is the ticketing platform for live entertainment events. We operate in the US, Europe, as well as in Japan. And, if you think about it, when a consumer comes to your website, that's the first touchpoint that you have. Whether they buy the ticket or don't. Whether they buy or sell, and transfer the ticket, or they attend the event, all those are various touchpoints that we are collecting. So that we can inform our clients to make better decisions with data. >> Right. >> Whether it's pricing decisions, or marketing decisions, or scanning an event, which gates will be more busier than others. So, that's kind of what my team works on. >> Excellent. So, let's jump into a little bit on the dynamic pricing. >> Sizen: Hm mm. >> Because we saw, we've seen dynamic pricing. And you said you were in the airline industry. >> Correct. >> We've seen it in the hotel industry. >> Yup. >> My father in law talks about when he was doing dynamic pricing as a young kid. >> Sizen: Okay. Just making a call when somebody came through the door, at eleven o'clock. >> Sizen: Yeah. (laughs) >> Jeffrey: What's my marginal cost... >> Okay, yep. >> Jeffrey: with somebody in that room or not. There's really slow to get beyond, kind of the entertain, oh excuse me, the travel industry for other people... >> Hm mm. Yep. >> To kind of get on board the dynamic pricing. >> Yeah. We saw the Giants here... >> Yep. >> Actually a couple of years ago. We came by, they were starting to do dynamic pricing. >> Sizen: Hm mm. >> A Friday night Dodger game, compared to a Tuesday day... >> Sizen: Yep. >> Milwaukee game, very, very different. >> Sizen: Hm mm. >> So, what are some of the factors going in, what are some of the resistance, >> Sizen: Yeah. >> that had to be overcome for people to actually accept that it's okay to charge more for a Friday night Dodger game, than a Tuesday afternoon Milwaukee game. >> Yep, so yeah, so my background start with the airlines, which is where dynamic pricing, revenue management started at, specifically the American Airlines. If you think about there are a lot of similarities between airlines and live entertainments. Fixed costs, you have to, flight has to go, or the game has to be played no matter how many people are there. So, you really have a limited time to really maximize your revenue. And you kind of have a product that the demand level is different by day, whether it's a Tuesday game or Friday game. It really something you have to study the sort of the behavior from the consumers when they buy their tickets. What are the factors they put into play to make that decision? And in that mix, San Francisco Giants was one of the first teams that actually incorporated dynamic pricing about ten years ago, that slowly. The challenges with it is we are not as the consumer, not as trained to know that the price may change. Hotels, airlines been doing it for years and years. >> Right. >> And for them, also it didn't start from like doing all the flights in day one. So it's really needs to be a phased approach. It needs to be a lot of education for the public, and to think about the right way to think about it is, you want incentivize people to buy early. And you want to make sure they are the ones that getting the best price, and not necessarily the people that are buying last minute. >> Right. >> If you're buying last minute, then you must accept that it maybe the available today you're not looking for or the price not you looking for. But I will say though that plans change, people decide to not attend the game. The reason is that, potential for finding other seats for that similar game. But, really for you, have your plans. It's better to buy early, and that's kind of what the industries needs to be trained on, more and more. >> Right. >> Was there more opportunity in getting additional value out of that high demand game? Or was the bigger opportunity in getting, kind of lowering the prices on the less desirable games, and getting kind of marginal revenue on that side. Where was the easy money made, >> Yeah. >> Jeffrey: On dynamic pricing? I mean the immediate impact is from the high value seats for the high value games, cause that's really is your premium product at that point. But in the meantime, there's always a low number of seats that you have in your premium area. And if you find the right price, and if you start earlier. And really the goal is to sell all the seats, and to fill all the seats. >> Right. >> Also, just selling the seats is not, doesn't get you far enough. You want to make sure people actually come to the game, and they're the people that are going to attend the game. Right? >> Right. >> So, if you kind of, the lower level has many more seats, so it's really has to be both ways. It can't be in one area, either dynamic pricing and you don't do it. It's just all about training the public and consumers. >> Right. Now, the other interesting you said in your kind of intro, was keeping track of... What are the busiest turnstiles? And where people coming? And the flow within the game. >> Sizen: Yep. >> What are some of the analytics that you do there, >> Sizen: Yep. >> And how are teams using those... >> Sizen: Yep. >> that information to provide a better fan experience? >> Yeah, so we have scanned data, and we actually have it real time. So, we are able to provide the teams. We have kineses streams, not to go too technical, to kind of empower them to do their game operations in a certain way. So example would be, you could study the past games and understand where people came from. Typically for a Friday game verse a Tuesday game, your crowd will look different, right. The Friday game, maybe the more the families or Saturday or Sunday. But Tuesday may be more corporate world, right. So understanding they're patterns, but also than having that data accessible to you to real time. So, that way you're able to see how many people are coming in from this one gate to other. You can man the gates differently that way. And the real time data is not something that comes just easily. There's a lot of infrastructure built for it. >> Right. >> But we've done it at AXS, and we've been able to provide to the teams so they can manage their getting in better. >> Right. >> So real time's interesting cause you know a lot of these conversations about real time, and I would say, "How do you define real time?" And in my mind, it's in time to do something about it. >> Exactly. >> So, using real time, I mean are there things they can do in real time to either lighten the load at an overdone gate, or... >> Sizen: Yeah. >> What are some of the real time impacts that people are using this data to do? >> Yeah, so exactly the example you provided. Like making sure there are more people at this one gate as opposed to others. But also, like knowing who's coming into the arena. So AXS's I-D ticketing, I-D based ticketing platform, so we actually know who's coming in. It's a rotating barcode, so if you just copy-paste the ticket, and text your friend. That doesn't work, that eliminates fraud as well. But because we know who's coming in, you can actually empower your sales reps as a team to make sure you are, you know, if they are coming to a suite or a premium area. So in so actually just scanned in, so you kind of come up with ideas for sales reps. As well as some of the marketing activations, like... It could be that you have people that typically come in late. You want to incentivize them. You could actually come up with promotions on merch and food and beverage to incentivize them early, right? Or at the same time you can actually, there are some platforms that do marketing activation. You may have had a lot of hotdogs left that you couldn't sell. Towards the late quarter, you could send a message to everyone saying, "Okay, ya know, hot dogs are 20 percent off." >> Right, right. >> So that, you need real time for it, for data for that. Cause you again need to know how many people scanned in. You may want to know how many people scanned out. So for some conferences and other type events, you want to make sure there's a Fire Marshall rules, so you want to make sure. So all the real time data is helpful for that if you just look at the purchaser data, you're not going to get that specifically there. >> That's really interesting cause I was going to say, What are some of the next things that we can expect to see dynamic pricing applied to, and you just went through them which are really situational specific. >> Yep. >> Opportunities to clear inventory, to do whatever. >> Exactly, it's not just a ticket purchase. It could be applied to other things as well. >> Right, Right. >> Yeah. >> How cool. So what other kind of data sets are you looking at to help teams that maybe we're not thinking about. >> Sure, just when people buy their tickets. What marketing may have they done, so that we can understand the web traffic, and did they buy the ticket when you send out that email. Or did they buy it three days later. So that's one area. As well as sort of, the inventory that you have available for that game. Does it sell faster for that Friday game versus a Tuesday game? We also, we're a comprehensive marketplace where we have both primary and secondary in the same map. To give the convenience back to the consumers, so you kind of have a chance to see all the inventory available in front of you. So, a bit of understanding how tickets transact in the secondary marketplace is helpful for the teams to really price their product better. Cause sometimes we have... I work for a team, so I have that background where you may have just 20 price points, and you've done it for 20 years but it's been certainly changing then. But now that you have all these different data points on the second, you also you kind of maybe is like, 'Okay I need 40 price points really because there's that much differentiation demand. >> Wow, really sophisticated analysis... >> Yeah, it's a passion area for me, so... >> And doing the real time, real time data flow and everything. >> Yeah, yeah. A really interesting, interesting conversation. >> Yeah. >> To go so far beyond just dynamic pricing. >> Exactly. >> It uses more sophisticated methods to get more value, provide better experience for the fans. >> And actually in Japan, they do more about dynamic pricing. So they utilize our platform to actually able to price every seat differently if they wanted to. We've just went out with on sales for Big League teams, and that's how they apply that. So it's been used elsewhere, maybe in the U-S in sports. It's definitely catching up, and it's much much big difference from the 10 years ago. But, I think Japan has already been kind of doing that. >> Excellent. >> Mm hm. >> Well Sizen, thanks for taking a few minutes, and sharing those stories. There's a lot going on behind the scenes that may not be conscious of, but hopefully we're getting the benefit of. >> Yeah, thank you. >> All right. Sizen, and I'm Jeff. Yes, we're live. They're banging on something down there. I'm not sure what, but keep watching. We'lls be here at Oracle Park in San Francisco. Thanks for watching, and see ya next time. (upbeat music)

>> From Yorktown Heights, New York, it's theCUBE, covering IBM Cloud Innovation Day. Brought to you by IBM. >> Hi, I'm Peter Burris from Wikibon, and you're watching theCUBE being broadcast from IBM Innovation Day at the Thomas J. Watson Research Lab in beautiful Yorktown, New York. And we've had a number of great conversations thus far, we've got some more on the horizon, stay with us. Now, we've got Jim Comfort. Jim Comfort is the General Manager of Hybrid Cloud Services at IBM. Jim, welcome to theCUBE. >> Thank you, Peter, glad to be here. >> So, Jim, what does Hybrid Cloud Services as a group do? >> Actually, we run infrastructure for clients. That's our business, but we help you advise, build and manage private cloud. Advise, build and manage consumption of public cloud, Azure, Google, IBM, and we help you manage and stitch all of that together. >> So a lot of people think of cloud and they think of this monolithic thing. "If I go to the cloud, suddenly my business has changed." But there's more to it than that. There's a number of different things that a business has to be successful at to succeed at getting to the cloud. What is your perspective on that? >> Well, I completely agree. And this is kind of my first conversation with clients is, you need a business strategy, but to execute that strategy you have to realize it will touch most everything in your business. It'll touch infrastructure, it'll touch applications, it'll touch your dev ops, or your development process morph to dev ops. It'll touch your operations very profoundly, this whole SRE thought, and it will test your data governance and management as well as your security and compliance. So that's the scope that you have to comprehend. >> But most people, they start with perhaps the infrastructure first and end up with the data last. Is that the right way to think about this? >> I agree, many do, and actually I have not seen many build-it-they-will-come strategies succeed. And so what I really look for is, do you understand the business drivers? Top-line revenue growth, new markets, new insights, new data, and from that can you derive a technology strategy? What I've seen happen in many cases is, if you start from the bottom up you'll be trapped in what I call the religious wars of technology that never end. >> And most people, a lot of folks start from the bottom up, because they start from the technology side of the business. >> Correct. >> Are you seeing more business people getting engaged, and conceptualizing what the strategy needs to be? >> I am, and it starts on both sides. The business people will say, "I need to move faster than you can move, so I'm going to do something different," and the IT people will say, "I can do that for you, here's what you need." The two signatures of the most successful transformations are does the line of business and the IT have the relationship to collaborate so they actually learn together? And then if they have that, have they actually created a team that understands the new as well as they understand the existing or the old, so they can actually understand what's real, what's not, where's the hype, what really happens. And then they get into the rational, real planning decision. >> So as you think about some of the assessment challenges, because you said you go through the assessment process, what are some of the key questions that a client should start with as they think about undertaking this journey? >> Well, number one is start with the business driver. I said that already, but you have to start with understanding what you're trying to accomplish so you can make choices. And the other is, start small enough and get to the end of something so that you know what the reality is, and that's where our, this is where we bring in our methods. When you hear us talk about the garage method, you hear us talk about MVPs and all the language everyone wants to use. We like to start with something, and start that iterative cycle of learning. That's the key. >> So with an iterative cycle of learning, in many respects this whole notion of agility is predicated on this idea of being agile or iterative. But it's also empirical, knowing what the data is, knowing what the data says, and being opportunistic. How does a customer balance that as they get going, say early on in the cloud journey? >> I think, again, most of what we're talking about in digital transformations is new insights that will help your business. That could be from data that you had, it could be new data. And if they think about it, what insights am I looking for? What new experience am I trying to create, and what do I need to do that? Then you start to get people to step back and think, well, what are all the possibilities? And now, how do we tackle that? So it starts from realizing, what insight am I looking for? >> So there's a lot of invention happening in the industry. >> Oh, yeah. >> And enormous new things being created. Customers are being overwhelmed at trying to adopt them. The innovation side, the social side of effecting a change in the business. You mentioned some of the markers for success and putting together the strategy. Go forward a little bit. What are some of the companies that have successfully gotten to that end stage maturity doing differently? >> We have a number of very good ones. I mean, a very clear one in my mind is American Airlines, where they were really trying to change the experience. They had three distinct things that had grown up over time, the mobile experience, the kiosk experience and the Web experience. Three completely different things. They brought it together, converged it, modernized it, and now completely changed the experience and the speed with which they can now act on what they see for their clients or for their customers, all of us. But also as they get new ideas, the speed and the velocity that they can bring those in is phenomenal. >> And that improves their ecosystem, their ability to work with a lot of others as well. >> Their ecosystem, how to work with others, how to bring in new ideas. And this is all, for them it's all about client satisfaction and service to their end client, to the end user. That's what it was. It had a lot of technology dimensions, but they were very clear the experience they were trying to attack. >> So next February, IBM Think, 30-plus thousand people descending upon San Francisco. You guys are taking it over. What kind of conversations are going to be on your agenda as you work with customers and partners to get this message out? >> Well, it's really two things. I often joke the blessing and curse of IBM is the breadth of our portfolio. It's a very large place, but we actually have a very simple, clear way to talk to, advise, move, build and manage. Those are the steps you need in your journey. Now, which journey for you, which type of thing. But that, we have clarity on that, and I think you'll see that displayed at Think and get to understand it. The other thing is that we have a lot of experiential and real practical, we've made this happen for many large clients at scale, and I think that what we want people to understand is we can help you that same way. It's really pretty simple. >> Jim Comfort, General Manager Hybrid Cloud Services at IBM. Thanks for being on theCUBE. >> Thank you, Peter. >> And we'll be back momentarily with more from theCUBE at IBM Innovation Day here at the Thomas J. Watson Research Center in New York.

>> From Yorktown Heights, New York, it's theCUBE, covering IBM Cloud Innovation Day, brought to you by IBM. >> I'm Peter Burris of Wikibon. Welcome back to IBM Innovation Day, covered by theCUBE, from beautiful Yorktown Heights, New York, Thomas J. Watson Research Center. A lot of great conversations about the journey to the cloud and what it means, and we're going to have another one here with Denis Kennelly, who is the General Manager of Cloud Integration in IBM. Denis, welcome to theCUBE. >> Thank you, Peter, and welcome to Yorktown also. >> I love it here. So, very quickly, what does the GM of Cloud Integration do? >> Yeah, so, I suppose we start from the beginning, right? So I am responsible for a lot of what we call the traditional IBM middleware. So these are brands that are known to the industry and to our customers, things like WebSphere, Message Queue, or MQ, as we know it, which is kind of the core foundation stones for a lot of IT today that's out there in the industry. And it's not just about, you know, sometimes people talk about this legacy, but this is what all the systems run on today. And also, I'm involved in the whole journey of moving that middleware to the cloud and enabling customers to get on that journey to cloud. And it's not just to a cloud, because your typical enterprise today has probably on average about five different clouds, and clouds, as we know them as the IS players of the past, but also when we talk about cloud, we also think about things like SaaS properties and applications of that regard. So it's helping customers go from that traditional IT infrastructure and on their journey to the cloud. That's what I do. >> So utilizing these enterprise-ready technologies that have driven the enterprise, bringing them to the cloud as services, but also making sure that the stuff that's currently installed can engage and integrate the cloud from a management service standpoint as well. >> Absolutely, because customers have made a huge investment in this middleware, and a lot of the transactions, and a lot of the security, and a lot of the risks set in these systems, and they have served us very well for many decades. Now, as we start to move to the cloud, it isn't a binary switch. It's going to be a transition over time, and today, I think we're about 20% into that journey. I would say we've done some of the easier parts. Now we're getting into some of the more complex and some of the more difficult problems. And kind of one of the underlying pieces of technology we're using to enable customers to do that is container technology. So we've made the decision to use containers right across our middleware, our software. So what I mean by that is we've taken all our software and it's running on containers today, and that's a key enabler to make this happen, because containers give you that flexibility and that openness to run on different targeted environments and be able to run on different clouds at the end of the day. >> The model by which developers thought about integration would be through a transaction. Generally pretty stateful. So, I'll put something in a queue, I'll wait for a response, guaranteed delivery. Now we're moving to a world, containers, a lot more reliance on stateless interactions. It means we're being driven mainly by events. I'm thinking in terms of events. Talk about how that is changing the way we think about the role of middleware or the role of integration amongst all these different possible services. >> Yeah, it's a great point. I mean, so if you think about containers, we think about stateless, and we think about microservices, and we talk about event-based applications, so a lot of those front ends are on that today and building on those technologies. So you've got to enable the new developers to build in that way. Now, how do you integrate that with that backend, right? Because at the end of the day, these transactions are running in the backend, and you really want to enable, as part of the transformation, you want to open up those backends to those new developers and to those new customer insights, because what is digital transformation? It's about putting the customer at the middle and enable insights on those customers, and enable rapid development of those applications. So at the core of that is integration, and integration is not just message-based integration. It's being able to take those backend transactions and surface them up through APIs, not just the standard APIs as we think of maybe as web services, but event-based probability models, and event-based APIs also, and doing that in a consistent and a secure manner, because if you have all these complex transactional systems, who has access to that data? Who has access to make those transactions? Who can, at certain levels, et cetera, and we really have to do that in a secure and a consistent manner across these environments is critical to what we do. >> So, can you give us some examples of some customers that are successfully transitioning their backend systems to these new technologies in a way that protects the backend system, makes it economical to do so, in other words, doesn't force change, but can utilize some of these new integration technologies to make both the new investments more valuable but also the backends more valuable too. >> Yeah, I mean, if you think of, I'll give you an example of a customer, American Airlines, in the airline industry, right? So, if you think about travel and airline travel in times past, you know, you made a reservation maybe through an agent and you booked the flight from A to B. Today, you have your cellphone, you get regular updates on your flights. If you're delayed, you're possibly offered re-routing options, et cetera, right, so there's a classic example of how digital has transformed the airline industry and the airline booking industry. If your flight, you know, if there's weather patterns, et cetera, how you can get real time updates on your flights. So, okay, that's all happening on the front end, on your cellphone, or your tablet, or whatever, but the backend booking system is still a transactional-based system that says, Peter is on this flight going from A to B at this time, et cetera. So, that's an example of how we have modernized an application and we have worked with American Airlines to make that happen, to give you that kind of 360 view as a customer, where you bring in together flight information, weather information, rating information, because we'll offer you different alternatives in terms of if you need to rebook in the event of something going on, and at the backend, there's still a transaction that says, book Peter on this flight from A to B, and that's a real life example of a transformation, how we've integrated those two worlds there. >> So if we go back five or six, or more than that, say 10, 15 years, in the days of MQ, for example, the people who were developing, and setting up those systems, and administering and managing those systems were a relatively specialized group. Today, the whole concept of DevOps in many respects is borrowing from much of the stuff that those folks did many, many years ago as infrastructure builders, or developers, as I call them. How does that group move into this new world of integration in the cloud? >> Yeah, so, I think first of all, the rate and pace has multiplied, right, so the rate and pace of which we make changes to the system has multiplied. I mean, maybe traditionally, we run in changes maybe once a month. We have things like change control windows. Things were very well controlled, et cetera, right? But at the end of the day, it doesn't meet the needs of today and what we need to do in a digital world. So today, we're running in changes on the hour. So now, you're faced with a challenge, right? So when you make changes, how do you know that the system is still performing, is still operating at the level you need it to operate on? You start to think about security and you start to think about, okay, I've made a change, have I introduced vulnerabilities into the system? You've got to, you know, in the past, these were all separate groups and almost islands within the operation center, where you have the developer, who kind of over to all the code, and then operations looked at it and see how it's performed, and security checked for compliance, et cetera, and they were kind of three different islands of personas or groups within the organization. Today, that's really collapsing into one organization. The developer is responsible for making sure the change gets in, for making sure the change performs, and is also security compliant. And we call this the role of the SRE, or the systems reliability engineer, and really bringing those two worlds together into one persona, and it's not just one persona but having the systems on the inside to make that happen. And that's critical in how management is changing and the management of these systems is changing, and how the skill level is needed in this new world. >> So Denis, one more question. In a few months, IBM Think is going to take over San Francisco, February 2019, >> Looking forward to it. >> 3,000 people. Talk to us a little bit about what gets you excited about Think, and what kind of conversations you hope to be having while you're there. >> Yeah, well, you know, this is the one time of the year where all of IBM comes together, and it's new this year that we're going to San Francisco, and in particular, in our cloud business, which I'll talk about, which really encompasses everything we're talking about here, which is our middleware business and also how we move customers to the cloud, and really engaging with customers in those conversations. And this is the one time of the year where all of IBM comes together, and where you can see the full breadth of our capabilities all the ways from our systems, and the hardware, down at that level, at the chip level, right through to the middleware and the software to our cloud, and actually engaging with customers, and really understanding what the customer needs are, and making sure that what we are working on is meeting those customer needs, and of course, if we need to adapt or change, and take that feedback back into the organization, so we do that in real time. It's a very exciting time for us. It's a week in the year that I really look forward to, because that's where all of IBM comes together, including our services, et cetera, and where we actually have conversations with key customers and partners and really understanding what's going on in the industry and how we can help people on this journey to the cloud that I talked about. >> Denis Kennelly, IBM General Manager of Cloud Integration, thanks very much for being on theCUBE. >> Thank you, Peter. And once again, this is Peter Burris. We're signing off from the IBM Innovation Day, here at the Thomas J. Watson Research Center in Yorktown Heights. Thank you very much for watching. Let's carry on these conversations about cloud and the future of computing.

>> Live from Las Vegas. It's theCUBE, covering Boomi World 2018. Brought to you by Dell Boomi. >> Welcome back to theCUBE, we are continuing our coverage of Boomi World 2018. I'm Lisa Martin in Las Vegas with John Furrier and we're welcoming to theCUBE, Pragnya Paramita, Senior Product Marketing Manager at Dell Boomi. Pragnya, welcome. >> Hi, nice to meet you guys. >> So second annual Dell Boomi World, we had Mandy Dhaliwal, your CMO, on shortly, ago who said doubled from last year. Some of the really cool stats that caught my ears and eyes this morning during the general session are 7500 plus customers globally that Dell Boomi has now. You're adding five new customers everyday. There are about close to 70 different customers speaking at this event. The customers are coming together to share how Dell Boomi is helping them on this nebulous, daunting transformation journey. Talk to us about some of the news coming out in the last couple of days, and as a product marketing manager, what are some of the things that excite you? >> I think, after the last few weeks, what we've been able to put out in the market with our partnership with the Blockchain consortium has been really exciting. To be working for a company that's always been at the cutting edge and looking to do things at the cutting edge, just as an employee, that's like a really cool thing to be a part of. But what I'm really excited about is tomorrow's Keynote. And I know we've probably been teasing everybody through the day about tomorrow's Keynote but I'm really excited to unveil what we are going to be showing you guys tomorrow. >> So one of the things that's exciting about you guys is that the product market fit is clear with customer traction. As you guys look at, say, Blockchain smart contracts, this is about business, so you're messaging around, connecting businesses with developer integration as a starting point with low code is a productivity question, it's a foundational question. As you have this platform, what's some of the product positionings that you guys are looking to expand on? Obviously we heard Michael Dell today say, data tsunami, scaling AI. These are questions that people want to have answers. Is that how you guys see the positioning when you go to market? >> So, at first positioning I think the true value that we do provide our customers is fast time to market, so I think speed and the ability to do things efficiently and being the first to market is what our customers really value and we want to be able to power that so that's goal to our positioning in the market. The other one is flexibility. I think with each vendor and consolidation happening around in the market, people are marking their turfs and territory and in this day and event, at Boomi, we really want to be an open ecosystem. You bring your data, you bring your application, you bring your cloud. You could have a hybrid environment as you operate your business, Boomi will connect to everything, and I think that is a cool part of our messaging that we want to make sure customers understand, we want to make sure the market understand that we'll be true to that. >> As you got the cool technology with the Cloud-Native, you guys are born in the cloud, still operating at cloud scale, as you sit at the product marketing meetings and think about the customers, you're solving a lot of problems, there's a lot of check boxes on the solving customer problems but you also want a position for the future. So I got to ask you, when you look at your customer base holistically, what's the core problem that you guys solve for your customers? >> I think unlocking the value of the data, customer data. So it resides in siloed application, it resides in parts of business that some... So if you're not the American business, your ability to interact with your Australian counterparts is not only restricted by time zones but it's also restricted by laws and data protection and all of those things which governments are waking up to. And to be able to do that securely, to be able to do that at a scale, is something that we want to be able to deliver to our customers. And I think our ability to be a Cloud-Native platform allows us that flexibility to do it in a way that customers feel comfortable and again, are able to get some value back from their data. >> So about six months ago, the Gartner Magic Quadrant for IPAAS came out and once again I think, John, we've heard today for the fifth year in a row Dell Boomi is a strong leader. I'm curious, six months later, now, today, you guys said we are re-imagining the I in iPaaS. From a market that's well established, highly competitive, that now customers, it's not just about integrating applications, it's integrating data from new sources, from existing sources, to be able to identify new revenue streams, new products, new services. What is it about this re-imagining the I to be intelligence, that, in your opinion, is going to further really kind of elevate Dell Boomi's competitive differentiation. >> So, the true differentiation is that in the market, we were the first who were a Native-Cloud application. So the value of that single instance multi-tenant cloud application is what we are really leveraging as part of our intelligence in the platform. So many of our competitors and other vendors in the market have probably caught on to this whole cloud thing in the last couple of years. But at the end of the day, we have 10 years of a lead with them, that would be hard for them to match. And again, it is value from what customers have been doing on our platform, so our ability to look at that enormous amount of data anonymously and then provide value back to them has been really critical to our success in how our customers have found value and I guess with the ability for us to leverage AI and machine learning capabilities within the platform, we want to be able to make it much more easier for our customers. >> So in terms of business initiatives, some of the key ones that Dell Boomi targets are e-commerce, order to cash, Customer 360, as well as onboarding. Talk to us, I really like that Chris McNabb, in the general session this morning kind of opened the kimono and said, "Hey, we found, "through the voice of our own employees, "we weren't so great in this particular area." Talk to us about the Dell Boomi employee onboarding solution and how it was really born based on your own internal needs for improvement. >> So I joined a year ago, I was employee number 300 something, and this year we are at employee number 700 plus, maybe going onto 800 at the last we heard, so you can imagine the scale that the company is growing at and for us and I guess what Chris articulated this morning, employee onboarding was becoming a choke point, not only in making sure employees are productive faster, but are also enjoying this new company that they've decided to, you know, become a part of. We, at Boomi, as Boomers ourselves, do really value our culture a lot, but that didn't quite reflect in the employee onboarding experience that we were providing, and I think that was a big stimulus, Chris shared the numbers of our NPS scores that he saw, for him to say that hey, we are running at a really fast pace but this is critical issue. >> Pretty big negative number a year ago or six months ago on that end. >> And as a CEO, he decided this is a priority, but then as we went through this exercise, what we were able to find out that it's not only a challenge that we are facing, but our customers, both large and small, continue facing that issue. So the approach that we took was while we were solving our own employee onboarding challenge, we were able to productize that entire solution and create an accelerator. And the value of that accelerator, it's a common problem, we know it is a problem that happens at scale, and at a certain scale it becomes really detrimental to your business. But then your business is really unique so we cannot give you a one-size-fit-all solution that you can go and turn on on day one and it'll work. What we are giving you here is a framework, we leveraged it, we had great results, we are more than happy to share that back, that something that took like 92 days for an employee to get access to 27 applications now takes minutes, like literally five minutes. What took about 19 admins across the organizations who were doing this as a second job almost, because we're a small company, the guy who bought the license for this new software that he wanted his team to use, became the admin for that product, and now his team is, from seven people, it's now 52 people. But he's still the admin of that product, along with managing that solution, so all of that effort was consolidated from 19 people to like two people, that's real gain there in just employee productivity that we have been able to standardize. And what we are doing now is taking the solution and the accelerator package to our customers and we are having some great conversation with many of our customers who had initially looked at Boomi and said like, hey, you guys provide us an integration solution to our problem. But at the end of the day, onboarding, as within an organization, is a cross-functional issue. It ties together workflows from your finance team, from your benefits team, from your recruiting team who is getting the candidate to your HR, who is going to make sure-- >> Facilities where you sit, all kinds of data. >> All kinds of things, and making sure you have your laptop and your badges and all of those things on day one. So a lot of people in the organizations are like these silent heroes who are making sure that every employee who shows up on day one has a good experience but there's only so far that a manual process can go, and being able to automate that process, and a good reason why we are now able to do this is because of Boomi Flow. The ManyWho acquisition that we did last year, it has opened doors for us to have conversations with our customers where we are like, you have cross-functional processes, you need to be able to automate them as much as possible and let your employees actually do more value added work instead of being, you know, sending emails and then collating emails with data from every place, putting it in a spreadsheet, adding that to your SAP, or your workday system and-- >> So that sounds like that's the consequence of two problems, I hear this right, one, data silos and manual or purpose-built applications that are dependent upon data silos. No data silos allows for automation, and then everything kind of goes away and solves the problem. Is that right? >> Yeah, absolutely. So cross-functional workflows are something that when people try to solve, they end up causing the integration problem at the end of the day. So you try to solve for one thing but then integration is always at the core of it. With Boomi, because we are coming integration up, we sort of automatically solve for that, but then with Boomi Flow, what we are able to do is we are able to abstract that away from users who don't really care about how you're going to get two applications to work together, so if you are in the HR team, you just want to make sure that here is the value proposition for the organization that I hired these employees for, they get to see that. I don't really care if your 15 applications need to work together at the backend. (cross talking) >> American Airlines example's a good one, they've hundreds of integrations, some will ship it and forget it. They won't have to remember it, hey, number 52, what was that again? Solved the problem but broke this over there. That's kind of the problem that is the core issue, right? >> It's a core issue. So we have a session later today with American Airlines, and MOD Pizza. So, both of them are a study in contrast. MOD Pizza is an organization that was founded a couple of years ago, around the same time that American Airlines and US Airways merges was happening. So the session is very interesting because you get a perspective from a company that started in 2011 or 2013, and took an approach of being a Cloud-Native infrastructure. So they make choices where all of their applications are in the Cloud but then when they grew at a certain scale, employee onboarding became an issue, they came to Boomi and how they are solving it, and on the flip side of it, you have a perspective from a large organization that around the same time relogged that their employee onboarding issues and then looked at Boomi and then said that, hey, how can we solve this? And as they said in the Keynote, good is not good enough, you need to have a great experience. >> Well you've also raised your NPS score 168 points, and now you've got an opportunity to reach customers in a different way, like you said to be able to integrate these functions and have to work together, that abstraction layer is critical for the business being more efficient and more productive. Finding new revenue streams faster, being more competitive, and really unlocking the value of that data so it can be used across multiple business units within organizations at the same time. Pragnya, thanks so much for stopping by and joining John and me on theCUBE today. >> Yeah, it was great talking to you guys. >> We appreciate it and have a great time at-- >> Hope you have a great Boomi World. >> Absolutely, off to a great start. Thanks so much for your time. For John Furrier, I'm Lisa Martin, you're watching theCUBE, Live from Boomi World 18 in Vegas, stick around, John and I will be back with our next guest. (light music)

>>live from Las Vegas. It's the Cube covering booby World 2018. Brought to you by Del Bumi >>Welcome back to the Cube. We're live at Bumi World 2018 in Las Vegas. I'm Lisa Martin with John Ferrier and we're welcoming to the King for the first time. Brian Stewart, managing director of Deloitte specifically in the h r transformation practice. Brian, thanks so much for joining us on the program today. >>Thanks for having me, >>Deloitte. Long time Global Systems integrator with Del Technologies del Bumi. You were on a customer panel this morning and the Kino that was very interesting. Talk to us about what? Deloitte His helping American Airlines transform with Del Boom. You mentioned This is, you know, this is a big, long duration transformation. American Airlines, well known, a lot of passengers. A lot of customers don't just about where you started three years ago, what that transformation has been like. >>Sure, in 2013 when American and US Airways came together, the first thing they did was focused on their customer world. And once they were able to get the customer rolled under control, they started looking at how they could take their employees world forward and what what we started to do was, as they said, we want to take successfactors and make that our system of record way came in to do the implementation. Okay, so we leverage Successfactors used elbow me to do the integration between all the external and internal systems. So it's some 136 plus integration State star systems and 327 internal systems spread out, you know, across the American Airlines. >>And what were some of the big results that you have helped them achieve to date? >>Well, I think for American the biggest thing was they wanted their employees experience to be the same as their customers never want it. They believe that if the employees experience is the best, it can be that the customers will have the best boss works pains. And so when they were able to do the implementation successfactors and tied together the integration points it allowed there and play experience to come up to the same standards as their customer experience. And for the first time, they had an integrated system that allowed them to get that view, provide consistent experience across the board and give them really give them place confidence. And they knew where to go to get their data, to manage their own data. >>About where you see Del Bumi succeeding where others haven't been successful, the attractions been great. A lot of watching might be looking at Dublin's Hey, okay, what's they're born in the cloud. What's why why were they successful? What's what's what's the key thing in your mind >>from our perspective, when we looked at the possible options way, looked at several possible metal wears and way Bumi stood out was to measure weight, scalability and flexibility going forward. When you're talking American Airlines, over the course of last 20 years, we're talking 325,000 plus employees that have traveled benefits. So in order to scale to that kind of number as we pull across, we had to have a solution that could be speed to build and pull that information on a regular basis. Okay, boom. He really check that box in the hard way where nobody else could. >>Big trend is different, you know, hit the easy, but not so easy when you're dealing with a lot of legacy integration points project timelines tend to get loaded in lengthened. That's the challenge. How to shorten those? Well, it's a big, big challenge. Howto customers get that that success point. >>There were a couple of different ways that we looked at handling that number one by using booming. We had all the pre built, you know, attachments to the FBI's for success factors. That was a big deal for us, because we're going to have speed to build, right? I mean, when you're talking 136 integrations that have now turned into 100 50 as after we've gone life, it's Yeah, it's a lot. It's a lot to manage, and we can't have a situation where every little thing is it's custom built. Then things start to fall apart, right? It becomes a self fulfilling, snowballing top of prophecy. So the consistency provided by Bumi allowed us to get that speed, and then it also gave us the flexibility to make calls where sometimes there are challenges with that kind of volume of data to make the combined like ad hoc report calls with the A P, I calls and do innovative actions that most people haven't seen. I know some of the stuff we were doing. They said we didn't know you could do that way, pulled it off. >>Well, what a surprise. So that's the business. You want to be in success point where you can actually go out, get value of the data and deliver the user experience. Peace, >>right. And as we go forward and we continue to leverage a state AIDS, you know, HR systems are great. And like I said, American believes that with experience must mean customer experience. But it's often hard to determine our why exactly right. Because, you know, HR Systems. You know, it's not always clear, but one of things you can take it forward on is combining it with other data across the organization and looking at how we can tie the employee data using Bumi with data from airports or customer, and tie that out and provide insights going forward. >>You know, that's a big deal. And I think you're in the hr side of it. This personal practice you're in now, but I think you nailed what we hear a lot, which is Oh, we have a staff that's gonna help you. But you know about a horizontally scalable cloud fabric model, whether it's on premises or in cloud. But the data accessibility cross pollinates. That's a key value. >>Yeah, you know, when you look at things that can impact operations Dr Shareholder value I mean, when you can get insights on those type of things back and binding that set of data going across like you're talking about, it really changes what you can get out of the system. >>So it's more than just immigration platform at that point. Yeah, it's a data trust platform >>on booming searches underlying foundation friendly with that date around >>transformation theme of many events. Del Bumi coming out today and say we want to be the transformation transformation is now a sea level conversation. It's a board level conversation. It's an imperative, very challenging for businesses like American Airlines, who grow dramatically by opposition et cetera, but also weren't born in the cloud to undergo such transformation. When you were having conversations with customers, where are you going right to that sea level? The boardroom. This is alright, delight. We have to transform. We need your help to help us identify where we should start. What's that customer like inquiry Start like >>it depends. I mean, sometimes it's a question about what can the road map look like? Kind of what you're talking about from that sea level executive or way. Maybe in the middle of an implementation where we're identifying, you know, like, here's how we can leverage the state and take it forward and bringing that forward. You know, when you talk to one of the things that you see all the time, is people on the ground have wonderful ideas and understand exactly what you know. Changes could help impact the business. And listening to those people and putting together their thoughts and taking it forward is one of the things we do to try to make sure way actually leverage all parts off Clyde experience. So I think you can start the way you're talking about. But it can also start with, you know, I think when the gentleman I work with it at American senior manager and his ideas are something constantly collaborate on to try to come up with how we can improve American Airlines is business. >>So, uh, >>in terms of delights partnership as a global systems integrator with Delta me, you have choice customers have choice. It's It's about much more than integrating applications data people processes. Today, Dell, Gloomy came out and said, We want to be not just the transformation partner, but we're We're gonna redefine the eye and ipads intelligence percent McNab talked about. I pass to Dato from some of the things you heard presumably yesterday. The Partner Summit. What excites you about this new vision that Del Bhumi is bringing the iPads >>well, the opening up in the flexibility of the platform and to add your logic in as the represented from sky, I'll have talked about this morning understanding how you can add that logic and to drive changes to anything from customer experience. You know, adding the intelligence into your workflow being part of the, you know, their flow product that they're talking about, adding that intelligence in really changes the game on what you can do. And that is the most exciting part to me, because if you had that intelligence and you can save both a customer frustration, user user experience and the bottom line and you know you can, you can anticipate things more quickly and be able to help people sell them ourselves. >>Ryan, My final question for you is you seen different evolutions of deployments and consultancy projects over the years. They've gotten shorter in the gravy train of two year projects. Everyone's making money that because planes serviced just different animal Baxter, I t was different. Now cloud speed is critical. You mentioned scale earlier. I need speed. I need scale and I need to have automation. I don't want to be going back and uploading on the 138 6 integration and find out the 3rd 1 has problems. This is chasing your tail kind of philosophy. That's over this new world. What's different about this world we're living in now? If you had to tell a friend Hey, As you start going into digital transformation, watch out for these things. But do more of this. What would that advice be? How would you advise >>I think in? If I were to try to phrase it like that, It's the key that we look for his automation and everything. So one, the big challenges I know most people faces. All right, I contest these interfaces. I've quarterly releases. People talk about release fatigue, right? How can I oughta make my testing Sakhalin away because that doesn't come just out of the box right in, actually leverage moving for some of that. But But how can automate that cycle? Because what you're exactly right. People don't want to have to say tweet one value on my data model. Now I have to test 48 interfaces. I shouldn't have to generate 40 a day sets. It should be automated and ready to go. And I think that kind of speed is what we look at as a big changer for how we how we handle keeping those things compressed and not testing everything in the world every time >>and changes the productivity. Yeah. I mean, those are like, that's grunt work. You gotta go down and get down and dirty. If you don't have the automation, someone's gonna do that. It's a weekend, you know. I mean, we could be ruined basically at that point, >>and and you see that frustration, right? Because you know, if people have to do that nobody you have highly experienced in highly paid people, they don't want to sit there in top in data all day because it's a waste of their time. So it's not evaluate either. >>It's no, it's a waste of time. It's also wasted a lot of money. Well, Brian, thanks so much for stopping by the Cube, joining John and me today and talk to us about what Deloitte is enabling customers with double me to achieve with respected transformation. We appreciate your time. >>Thank you very much. >>Thank you so much for watching the Cube life from Bhumi World 18. I'm Lisa Martin with John Ferrier will be right back with our next >>guest.

>> Live from Miami Beach, Florida, it's theCUBE. Covering UiPathForward Americas. Brought to you by UiPath. >> Welcome back to Miami everybody. You're watching theCUBE, the leader in live tech coverage. We go out to events, we extract the signal from the noise. A lot of noise here but the signal's all around automation and robotic process automation. I'm Dave Vellante, he's Stu Miniman, my co-host. Guy Kirkwood's here he's the UiPath chief evangelist otherwise known as the chief injector of Kool-Aid. Welcome. (guests chuckling) And Craig LeClair, the Vice President at Forrester. Covers this market, wrote the seminal document on this space. Knows it inside out. Craig, great to see you again. >> Yeah, nice to see you again. It's great to be back at theCUBE. >> So let's start with the analyst perspective. Take us back to when you first discovered RPA, why you got excited about it, and what Forrester Research is all about in that space. >> Yeah, it's been a very a interesting ride. Most of these companies, at least that are the higher value ones in the category they've been around for a long time. They've been around for over a decade, and no one ever heard of them three years ago. So I had covered at Forrester, business process management and some of the business rules engines, and I've always been in process. I just got this sense that there was a way that companies could make progress and digital transformation and overcome the technical debt that they had. A lot of the progress has been tepid in digital transformation because it takes tremendous amount of time and tons of consultants to modernize that core system that really runs the company. So along comes this RPA technology that allows you to build human equivalence that patch up the inefficiencies without touching. I came in on American Airlines and the system that cut my ticket was designed in 1960. It's the same Sabre reservation system. That's the big obstacle that a lot of companies have been struggling to really take advantage of AI in general. A lot of the more moonshot and more sophisticated promises haven't been realized. RPA is a very practical form of automation that companies can get a handle on right now, and move the dial for digital transformation. >> So Guy we heard a vision set forth by Daniel this morning. Basically a chicken in every pot, I call it, a robot for every person. Now what Craig was just saying about essentially cutting the line on technical debt, do you have clear evidence of that in your customer base? Maybe you could give some examples. >> What we're really seeing is that as organizations have to deal with the stresses, what Leslie Wilcox professor at LSE describes as the stresses within organizations and particularly in environments where the demographics are changing. What we're seeing is that organizations have to automate. So the best example of that is in Japan where the Japanese population peaked in 2010. It's now falling as a whole, plus all the baby boomers, people of Craig's and my age are now retiring. So we're now in a position where they measure levels of dangerous overwork as being more that 106 hours a week. That isn't 106 hour a week in total, that's 106 hours a week in addition to the 60 hours a week the Japanese people normally work. And there is a word in Japanese, which is (speaking in foreign language), which means to work oneself to death. So there really is no choice. So what we're seeing happening in Japan will be replicated in Western Europe and certainly in the US over the next few years. So what's driving that is the rise of the ecosystems of technologies of which RPA and AI are part, and that's really what we're seeing within the market. >> Craig, sometimes these big waves particularly in infrastructure, you kind of saw it with virtualization and some other wonky techs, like data reduction. They could be a one-time step function, and not an ongoing business value creator. Where does RPA fit in there? How can organizations make sure that this is a continuous business value generator as opposed to a one time hit? >> Good question. >> Well, I like the concept of RPA as a platform that can lead to more intelligence and more integration with AI components. It allows companies to build an automation center or a center of excellence focused on automation. But the next thing they're going to do after building some simple robots that are doing repetitive tasks, is they're going to say "Oh well wouldn't it be better "if my employee could have a textual chat with a chatbot "that then was interacting with the digital worker "that I built with the bot." Or they're going to say "You know what? I really want to use that machine learning algorithm "for my underwriting process, but I can use these bots "to go out and collect all the data from the core systems "and elsewhere and from the web and feed the algorithms "so that I could make a better decision." So again it goes back to that backing off the moonshot approach that we've been talking about that AI has been taking because of the tremendous amount of money spent by the major players to lay out the promise of AI has really been a little dysfunctional in getting organizations' eye off the ball in terms of what could be done with slightly more intelligent automation. So RPA will be a flash in the pan unless it starts to embed these more learning-capable AI modules. But I think it has a very good chance of doing that particularly now with so much investment coming into the category right. >> Craig, it's really interesting. When I heard you describe that it reminds me of the home automation. The Cortanas and Alexas and consumer side where you're seeing this. You've got the consumer side where you can build skills yourself, you know teenagers people can do that. One of the challenges always on the business side is how do you get the momentum when you don't have the consumer side. How do those interact? >> It's the technical debt issue and it's just like the mobile peak in 2011. Consumers in their hands had much better mobility right away than businesses. It took businesses five, they're still not there in building a great mobile environment. So these Alexa in our kitchen snooping on our conversation and to some extent Netflix that observes our behavior. That's a light form of AI. There is a learning from that behavior that's updating an algorithm autonomously in Netflix to understand what you want to watch. There's no one with a spreadsheet back there right. So this has given us in a sense a false sense of progress with all of AI. The reality is business is just getting started. Business is nowhere with AI. RPA is an initial foray on that path. We're in Miami so I'll call it a gateway drug. >> In fact there's also an element that the Siris, the Cortanas, the Alexas, are very poor at understanding specific ontologies that are required for industry, and that's where the limitation is right now. We're working with an organization called Humly, they're focused on those ontologies for specific industries. So if the robot doesn't understand something, then you could say to the robot Okay sit that in the Wells account, if you're in a bank, and it understands that Wells in that case means Wells Fargo it doesn't mean a hole in the ground with water at the bottom or a town in Somerset in the UK, 'cause they're all wells. So it's getting that understanding correct. >> I wonder if you guys could comment on this. Stu and I were at Splunk earlier this week and they were talking up NLP and we were saying one of the problems is that NLP is sometimes not that great. And they made a comment that I thought was very interesting. They said frankly a lot of the stuff that we're ingesting is text and it's actually pretty good. I would imagine the same is true for RPA. Is that what you see? >> You were talking about that on stage. With regards to the text analytics. >> Yes. So RPA doesn't handle unstructured content the way that NLP does. So NLP can handle voice, it can handle text. For the bots to work in RPA today you have to have a layer of analytics that understands those documents, understands those emails and creates a nice clean file that the bots can then work with. But what's happening is the text analytics layer is slowly merging with the RPA bots platforms so it's going to be viewed as one solution. But it's more about categories of use cases that deal with forms and documents and emails rather than natural language, which is where it's at. >> So known business processes really is the starting point. >> Known business-- >> One example we've got live is an insurance company in South Africa called Hollard, and they've used a combination of Microsoft Cognitive Toolkit, plus IBM Watson and it's orchestrated doing NLP and orchestrated by UiPath. So that's dealing with utterly unstructured data. That's the 1.5 million emails that that organization gets in a year. They've managed to automate 98% of that, so it never sees a human. And their reduction in cost is 91% cost in reduction per transaction. And that's done by one of our implementation partners, a company called LarcAI down there. It's superb. >> Yeah, so text analytics is hard. Last several years we have that sentiment out of it, but if I understand it correctly Craig, you're saying if you apply it to a known process it actually could have outcomes that can save money. >> Yes, absolutely yes. >> As Guy was just saying. >> I think it's moving from that rules-based activity to more experience-based activity as more of these technologies become merged. >> Will the technology in your view advance to the point, because the known processes. okay, there's probably a lot of work to be done there, but today there's so many unknown processes. It's like this messy, unpredictable thing. Will machine intelligence combined with robotic process automation get to the point, and if so when, that we can actually be more flexible and adapt to some of these unknown processes or is that just decades off? >> No, no, I think we talk at Forrester about the concept of convergence. Meaning the convergence of the physical world and the digital world. So essentially digital's getting embedded in everything physical that we have right. Think of IoT applications and so forth. But essentially that data coming from those physical devices is unstructured data that the machine learning algorithms are going to make sense of, and make decisions about. So we're very close to seeing that in factory environments. We're seeing that in self-driving cars. The fleet managers that are now understanding where things are based on the signals coming from them. So there's a lot of opportunity that's right here on the horizon. >> Craig, a lot of the technologies you mentioned, we may have had a lot of the technical issues sorted out, but it's the people interactions some things like autonomous vehicles, there's government policies going to be one of the biggest inhibitors out there. When you look at the RPA space, what should workers how do they prepare for this? How do companies, make sure that they can embrace this and be better for it? >> That's a really tough and thoughtful question. The RPA category really attacks what we call the cubicle population. And there are we're estimating four million cubicles will be emptied out in five years by RPA technology specifically. That's how we built the market forecast 'cause each one of the digital workers replacing a cubicle worker will cost $11,000 or what. That's how we built up the market forecast. They're going to be automation deficits. It's not all going to be relocating people. We think that there's going to be a lot of disruption in the outsource community first. So companies are going to look at contractors. They're going to look at the BPO contract. Then they're going to look at their internal staff. Our numbers are pretty clear. We think they're going to be four million automation deficits in five years due to RPA technology specifically. Now there will be better jobs for those that are remaining. But I think it's a big change management issue. When you first talk about robots to employees you can tell them that their jobs are going to get better, they're going to be more human. They're going to have a much more exhilarating experience. And their response to you is, What they're thinking is, "Damn robot's going to take my job." That's what they're thinking. So you have to walk them up the mountain and really understand what their career path is and move them into this motion of adaptive and continual learning and what we call constructive ambition. Which is another whole subject. But there are employees that have a higher level of curiosity and are more willing to adapt to get on the other side of the digital divide. Yep. >> You mentioned the market. You guys did a market forecast. I've seen, read stats, a little over a billion today. I don't know if that's consistent with your numbers? >> Yeah that's about right. >> Is this a 10X market? When does it get to 10 billion? Is it five, seven, 10 years? >> So we go out five years and have it be close to three billion. I think the numbers I presented on stage were 3.2 billion in five years. Now that's just software licenses and it's not the services community that surround that. >> You'd probably triple it if you add in services. >> I think two to three times service license ratio. There's always an issue at this point in emerging markets. Some of the valuations that are there, that market three billion has to be a bit bigger than that in eight or nine years to justify those valuations. That's always the fascinating capital structure questions we create with these sorts of things. >> So you describe this sort of one for one replacement. I'm presuming there's other potential use cases, or maybe not, that you forecast. Is that right? >> Oh no for the cubicles? >> Yes, it's not just cubicle replacement in that three billion right? It's other uplifts. >> No there are use cases that help in factory automation, in supply chain, in guys carrying around clipboards in warehouses. There are a tremendous number of use cases, but the primary focus are back office workers that tend to be in cubicles and contact center employees who are always in cubicles. >> And then we'll see if the non-obvious ones emerge. >> I think ultimately what's going to happen is the number of people doing back office corporate functions, so that's both finance and accounting procurement, HR type roles and indeed the industry specific roles. So claims processing insurance will diminish over time. But I think what we're going to see is an increase in the number of people doing customer experience, because it's the customer intimacy that is really going to differentiate organizations going forward. >> The market's moving very fast. Reading your report, it's like you were saying yesterday's features are now table steaks. Everybody's watching everybody else. You heard Daniel today saying, "Hey our competitors are watching. "We're open they're going to steal from us so be it." The rising tide lifts all boats. What do you advise clients in terms of where they should start, how they should get started? Obviously pick some quick wins. But what do you tell people? >> I always same pretty much the same advice you give almost on any emerging technology. Start with a good solution provider that you trust. Focus on a proof of concept, POC and a pilot. Start small and grow incrementally, and walk people up the mountain as you do that. That's the solution. I also have this report I call The Rule of Fives, that there are certain tasks that are perfect for RPA and they should meet these three rules of five. A relatively small number of decisions, relatively small number of applications involved, and a relatively small number of clicks in the click stream. 500 clicks, five apps, five decisions. Look for those in high volume that have high transaction volume and you'll hit RPA goal. You'll be able to offset 2 1/2 to four FTE's for one bot. And if you follow those rules, follow the proof of concept, good solution partner everyone's winning. >> You have practical advice to get started and actually get to an outcome. Anything you'd add to that? >> In most organizations what they're now doing, is picking one, two, or three different technologies to actually play with to start. And that's a really good way. So we recommend that organizations pick three, four, five processes and do a hackathon and very quickly they work out which organizations they want to work with. It's not necessarily just the technology and in a lot of cases UiPath isn't the right answer. But that is a very good way for them to realize what they want to do and the speed with which they'll want to do it. >> Great, well guys thanks for coming on theCUBE, sharing your knowledge. >> Thank you. >> Pleasure. >> Appreciate your time. >> Thanks very much indeed. >> Alright keep it right there everybody. Stu and I will be back from UiPathForward Americas. This is theCUBE. Be right back. (upbeat music)

>> Announcer: From the Corinium Chief Analytics Officer Conference. Spring, San Francisco, it's theCUBE! >> Hey, welcome back everybody, Jeff Frick here with theCUBE. We're in downtown San Francisco at the Corinium Chief Analytics Officer Spring event 2018. About 100 people, really intimate, a lot of practitioners sharing best practices about how they got started, how are they really leveraging data and becoming digitally transformed, analytically driven, data driven. We're excited to have Vishal Morde. He's the VP of Data Science at Barclays, welcome. >> Glad to be here, yeah. >> Absolutely. So we were just talking about Philly, you're back in Delaware, and you actually had a session yesterday talking about Barclays journey. So I was wondering if you could share some of the highlights of that story with us. >> Absolutely, so I had a talk, I opened the conference with data science journey at Barclays. And, we have been on this journey for five years now where we transform our data and analytics practices and really harness the power of Big Data, Machine Learning, and advanced analytics. And the whole idea was to use this power of, newly found power that we have, to make the customer journey better. Better through predictive models, better through deeper and richer consumer insights and better through more personalized customer experience. So that is the sole bet. >> Now it's interesting because we think of financial services as being a data driven, organization already. You guys are way ahead Obviously Wall Street's trading on microseconds. What was different about this digital transformation than what you've been doing for the past? >> I think the key was, we do have all the data in the world. If you think about it, banks know everything about you, right? We have our demographic data, behaviors data. From very granular credit card transactions data, we have your attitudal data, but what we quickly found out that we did not have a strategy to use that data well. To improve our our productivity, profitability of a business and make the customer experience better. So what we did was step one was developing a comprehensive data strategy and that was all about organizing, democratizing, and monetizing our data assets. And step towards, then we went about the monetization part in a very disciplined way. We built a data science lab where we can quickly do a lot of rapid prototyping, look at any idea in machine learning data science, incubate it, validate it, and finally, it was ready for production. >> So I'm curious on that first stage, so you've got all this data, you've been collecting it forever, suddenly now you're going to take an organized approach to it. What'd you find in that first step when you actually tried to put a little synthesis and process around what you already had? >> Well the biggest challenge was, the data came from different sources. So we do have a lot of internal data assets, but we are in the business where we do have to get a lot of external data. Think about credit bureau's, right? Also we have a co-brand business, where we work with partners like Uber, imagine the kind of data we get from them, we have data from American Airlines. So our idea was to create a data governance structure of, we formed a Chief Data Office, the officer forum, we got all the people across our organization to understand the value of data. We are a data driven company as you said but, it took us a while to take that approach and importance of data, and then, data analytics need to be embedded in the organizational DNA, and that's what we're going to focus on first. Data awareness of importance of data, importance of governance as well, and then we could think about democratizing and monetizing, organization's the key for us. >> Right, right, well so how did you organize, how has the Chief Data Officer, what did he or she, who did he or she report to, how did you organize? >> Right, so it was directly reporting to our CEO. >> Jeff: Into the CEO, not into the CIO? >> Not into the CIO. We had a technology office, we do kind of, have a line-of-sight or adopted line with technology, and we made sure that that office has a lot of high-level organization buy-in, they are given budgets to make sure the data governance was in place, key was to get data ownership going. We were using a lot of data, but there was no data ownership. And that was the key, once we know that, who actually owned this data, then you can establish a governance framework, then you can establish how you use this data, and then, how to be monetized. >> So who owned it before you went through this exercise, just kind of, it was just kind of there? >> Yeah, there wasn't a clear ownership, and that's the key for us. Once you establish ownership, then it becomes an asset, we were not treating data as an asset, so there was a change in, kind of mindset, that we had to go through, that data is an asset, and it was used as a means to an end, rather than an asset. >> Right, well what about the conflict with the governance people, I'm sure there was a lot of wait, wait, wait, we just can't open this up to anybody, I'm sure it's a pretty interesting discussion because you have to open it up to more people, but you still have to obviously follow the regs. >> Right, and that's where there are a lot of interesting advancement in data science, where, in the area of data governance, there are new tools out there which lets you track who's actually accessing your data. Once we had that infrastructure, then you can start figuring out okay, how do we allow access, how do we actually proliferate that data across different levels of the organization? Because data needs to be in the hands of decision makers, no matter who they are, could be our CEO, to somebody who's taking our phone calls. So that democratization piece became so important, then we can think about how do you-- you can't directly jump into monetization phase before you get your, all the ducks in order. >> So what was the hardest part, the biggest challenge, of that first phase in organizing the data? >> Creating that 360 degree view on our customers, we had a lot of interesting internal data assets, but we were missing big pieces of the puzzles, where we're looking at, you're trying to create a 360 degree view on a customer, it does take a while to get that right, and that's where the data, setting up the data governance piece, setting up the CDO office, those are the more painful, more difficult challenges, but they lay the foundation for all the the work that we wanted to do, and it allowed to us to kind of think through more methodically about our problems and establish a foundation that we can now, we can take any idea and use it, and monetize it for you. >> So it's interesting you, you said you've been on this journey for five years, so, from zero to a hundred, where are you on your journey do you think? >> Right, I think we're just barely scratching the surface, (both laughing) - I knew you were going to say that >> Because I do feel that, the data science field itself is evolving, I look at data science as like ever-evolving, ever-mutating kind of beast, right? And we just started our journey, I think we are off to a good start, we have really good use-cases, we have starting using the data well, we have established importance of data, and now we are operationalized on the machine learning data science projects as well. So that's been great, but I do feel there's a lot of untapped potential in this, and I think it'll only get better. >> What about on the democratization, we just, in the keynote today there was a very large retailer, I think he said he had 50 PhDs on staff and 150 data centers this is a multi-billion dollar retailer. How do you guys deal with resource constraints of your own data science team versus PhDs, and trying to democratize the decision making out to a much broader set of people? >> So I think the way we've thought about this is think big, but start small. And what we did was, created a data science lab, so what it allowed is to kind of, and it was the cross-functional team of data scientists, data engineers, software developers kind of working together, and that is a primary group. And they were equally supported by your info-sec guys, or data governance folks, so, they're a good support group as well. And with that cross-functional team, now we are able to move from generating an idea, to incubating it, making sure it has a true commercial value and once we establish that, then we'll even move forward operationalization, so it was more surgical approach rather than spending millions and millions of dollars on something that we're not really sure about. So that did help us to manage a resource constraint now, only the successful concepts were actually taken through operationalization, and we before, we truly knew the bottom line impact, we could know that, here's what it means for us, and for consumers, so that's the approach that we took. >> So, we're going to leave it there, but I want to give you the last word, what advice would give for a peer, not in the financial services industry, they're not watching this. (both laugh) But you know, in terms of doing this journey, 'cause it's obviously, it's a big investment, you've been at it for five years, you're saying you barely are getting started, you're in financial services, which is at it's base, basically an information technology industry. What advice do you give your peers, how do they get started, what do they do in the dark days, what's the biggest challenge? >> Yeah, I feel like my strong belief is, data science is a team sport, right? A lot of people come and ask me: how do we find these unicorn data scientist, and my answer always being that, they don't exist, they're figments of imagination. So it's much better to take cross-functional team, with a complimentary kind of skill set, and get them work together, how do you fit different pieces of the puzzle together, will determine the success of the program. Rather than trying to go really big into something, so that's, the team sport is the key concept here, and if I can get the word out across, that'll be really valuable. >> Alright, well thanks for sharin' that, very useful piece of insight! >> Vishal: Absolutely! >> Alright thanks Vishal, I'm Jeff Frick, you are watching theCUBE, from the Corinium Chief Analytic Officer summit, San Francisco, 2018, at the Parc 55, thanks for watching! (bubbly music plays)

>> Announcer: Live from Atlanta, Georgia, it's theCUBE, covering IFS World Conference 2018. Brought to you by IFS. >> Welcome back to theCUBE's live coverage of IFS World Conference here in Atalanta, Georgia. I'm Rebecca Knight, your host along with my co-host, Jeff Frick. It is late in the day here, the reception is about to start, the drinks are flowing, but we are still interviewing guests, and we've got a great panel right now. Joining us is Scott Helmer. He is the Senior Vice President at the Aviation and Business Defense Unit at IFS, and Henry Canaday, who is a contributing editor at Aviation Week. Thank you both so much for joining us. >> Thanks for having us. >> I wonder if you could walk our viewers a little bit through the idea, where does aviation and defense sit within the IFS business strategy? >> I'm happy to answer that. I think our new CEO of IFS, Darren Roos, has been very clear that there are three things that IFS will be best at. Number one, we will be best at mid-market ERP in those vertical markets that we care about. We will be number one in field service management. And we will be number one in maintenance management solutions in aviation and defense. So aviation and defense is one of the pillars on which IFS's strategy is currently based, and we have formed a global business unit inside of IFS that is specifically responsible, it's a 300 person strong team that is responsible for distributing a comprehensive portfolio of A and D solutions to the A and D market globally. >> What are the some of the biggest challenges that you're setting out to solve for your customers? >> Also a good question. We address the full range of management solution capability across A and D. So whether you're an operator in commercial or defense sector, or whether you're an inservice support provider, we provide solutions and support, all of your MRO capabilities, some of your performance-based logistics requirements, some of your supply chain requirements. Basically leveraging the core processes that IFS is differentiated around. Those being manufacturing, asset and service management, supply chain and project management. >> What's special about aviation and defense that's not been marketed or service delivery, which captures a lot of industry verticals, but the fact that you guys got carved out as a separate vertical, what are some of those unique challenges? >> What is chiefly unique about aviation and defense is the overall complexity in the marketplace. You're talking about very very complex capital intense of mobile assets, where managing the maintenance obligations in order to maintain the availability of the aircraft is under the scrutiny of compliance and is required to be done efficiently, without compromising safety. >> Not to mention the fact, your assets are flying all over the world, so they might not necessarily be able just to roll into the maintenance yard at the end of a bad day. >> And they're large and expensive, that's for sure. >> (laughs) Large and expensive. >> Henry, you've been covering the aviation industry for more than 20 years now. What do you see as the biggest trends, biggest concerns that a company like IFS is trying to grapple with right now, in terms of servicing its clients? >> Well the interesting thing about the airline industry is that it technically in many areas it's extremely advanced and very fast moving industry. In selling tickets, the industry has been going through a continual IT revolution for the last 20 years. Things like giving you notices about when your planes arrive and stuff like that. Very fast moving, changing all the time. But this is stuff, it's just money. There's no safety involved, so they can take chances, if they get it 99% right, they make enough money, they can solve the one percent errors. The problem with maintenance is it's messy, it's complex as Scott says. It's also safety critical. They can't screw it up one tenth of one percent of the time. They've been very, very cautious and very, very slow, and they look sluggish and stagnant on the maintenance side. But fortunately, now, especially the U.S. airlines are making some good money, so there's actually an opportunity for companies like IFS to come in here and really reform the maintenance program. >> We cover a lot of autonomous vehicle shows. Autonomous vehicles are coming. Obviously, a big element of autonomous vehicles will ultimately be safety. One of the things that comes up over and over again, if you look at the number of accidents, the fatalities that happen on our streets, compared to what happens in aviation, if a week on the streets happened at a week in the aviation industry, the planes would be shut down. >> Scott: There'd be no aviation. >> The threshold that you guys have to achieve in terms of safety is second to none. I don't know if there's anything even close, especially in terms of volume of people, and then, oh by the way, everyone globally is getting richer, so the amount of passenger flow. I don't know if you can speak to that in terms of the growth of passenger miles, I imagine is the metric, continues to explode. >> You've had basically 18 straight years without a fatal crash by a major American airline. That's unheard of, that's unheard of. We used to have one crash a year up till around 2000. Every time somebody annoys me with customer service in an airline, I think of this, they're doing the important stuff right, so I don't care. (laughs) >> Very well. >> Right. >> And, then do you think the efficiency, right? At least here domestically, I always think of Southwest, 'cause they were the first ones that really had fast turns, and they raced to the gate, they raced back out of the gate, in terms of really trying to get the maximum efficiency out of those assets. The pressure there, in translating to the other airlines is pretty significant to make sure you're really getting a high ROI. >> That's absolutely right. Again one of the levels of complexity that we were discussing. Certainly airlines are being forced to finally introduce some change into their maintenance operations, as the increasingly complex assets are part of the re-fleeting, as that faster traffic continues to grow. It's about both achieving greater efficiency in maintenance operations, not only without compromising safety, but ensuring the availability of that asset. Because revenue dollars still matter greatly, and those assets are your revenue producing assets that an airline has. >> Can you describe your approach in terms of of how you work together with your clients, the airlines, in terms of developing new products and new features. >> One of the unique characteristics about aviation and defense is not only the size of the client, but the length and duration of the relationships. So, we have a long and rich history, both at IFS and through the acquired MXI technologies, of working with our partners in their programs over the very long term. As much as we have domain expertise and a sizable team of domain experts inside of our business, we're able to recognize our partners that are visionaries in the industry, and we have established multiple levels of collaboration to involve them in the shaping of solution capability to support their businesses going forward. We are just launching today two new planning applications that were not only being launched with American Airlines and LATAM Airlines respectively, but were co-developed with subject matter experts at each. So they're tremendously valuable inputs into shaping our vision of what solutions are going to best drive business value for our customers over a very long relationship horizon. >> So, what have you unpack at MXI acquisition, what did that give you that you didn't have before and what's the total solution now? >> Certainly, I joined IFS through the MXI acquisition. I was previously it's Chief Operating Officer. MXI was focused on best of breed MRO capability for both defense and service port providers, as well as commercial airlines. In combining with IFS, that had a rich history in A and D, we now have the most comprehensive solution portfolio available on the market today. We are the only vendor that can provide best of breed capability, integrated into an end to end enterprise landscape, and we've got the team of subject matter experts or domain experts that are capable of delivering that value, not just the product, but the solution to the customers across all the segments of A and D. >> Just to be clear, your defense is more than aviation. I saw a military truck over on the expo hall, so it's assets beyond just airplanes when it comes to defense. >> Correct, we support on the defense side of things. We support multiple platforms, whether they're fighter jets, whether they're cargo carriers, whether they tanks, whether they're ships, we support for the operators, the offset optimization, performance based logistics, security, et cetera. For the in-service port providers, we similarly support supply chain requirements, MRO requirements, et cetera. >> Henry, as you look forward, you've been covering this space for a while, what are some big, new things coming down the road in the aviation industry that we should be looking for, 'cause we haven't seen a lot of big things from the outside looking in. I guess we had the next generation fighter planes, and then we had obviously the A380 and the 787 on the commercial side. What's new and coming that you're excited about? >> Well, technology changes slowly in commercial aviation, because of the safety aspect. The big, new things are the new aircraft, the 787 and the A350. They are really new generation aircraft, lot more composites, plastics if you will. They're using that instead of aluminum. The other things that's happening is additive manufacturing, this whole printing parts. That's real big, and I've been telling everybody the new Boeing 787 has two printed parts, one made by GE, $120 billion a year. The other made by a company called Norsk Titanium, with 140 people coming out of Norway, which is not exactly the center of innovation in aerospace programs. >> Jeff: With a printed part, like a 3D printed part? >> Yeah a printed part. Those are the two big changes in the aircraft. I mean, customers aren't going to see it, but these planes are now made largely of plastics and the metal parts are going to be more and more printed. Much more efficient way, lighter aircraft, less fuel use, more efficient, less environmental effects, etc. That's a big deal. More important than a huge airplane. >> Right, well I can imagine, we hear about the impacts of 3D printing. I haven't really seen it yet, but this vision where your ability to print parts on demand will have significant impacts on supply chains and inventory and huge, huge impacts down the road. >> And the airline industry is the most demanding. They've go to go through really massive proofs of concept and proof of materials, and it's starting to happen. >> Henry, what would you say is the most important area that IFS should focus on. If they can solve one problem in the airline industry, what do you think it should be? >> Availability would be one. Just aircraft availability, that's what. The airlines are concerned about two things. Dollar cost per flight hour to maintain and what they call a technical dispatch reliability. They want to get that plane launched 99.99% of the time. Get rid of the unpredictive maintenance problems. Schedule everything, make it quick, I want to get the planes off on time. >> It's amazing that unscheduled maintenance, regardless of industry, still continues to be such a bug-a-boo to productivity and profitability. It's one of these things that just has huge impact. >> I would completely agree with Henry. I think asset availability is the number one focus for commercial operators. Our focus has certainly been around trying to remove the impacts of unscheduled maintenance. One of the applications that we launched today allows you to react very, very quickly to unplanned or unscheduled maintenance events, and to do some what-if modeling, so that you can implement the best plan for your fleet, in order to maximize the availability of that asset. Not just in terms of bolstering or producing a better plan. We're attempting to do that even with line planning, where we're adjusting the traditional planning perimeters away from what must be done to what should be done in order to maximize the availability of that aircraft. Of course, as Henry said, everybody's focused on faster, tighter turnaround times. All of our software is designed to try and drive tighter turnaround times and greater efficiency. >> What percentage is scheduled versus predictive versus prescriptive? Maintenance. >> I think it varies by airline. The great majority of maintenance is scheduled, I mean, there's no doubt about that. They put these aircraft down for a week or a month. It's a massive amount of money. It's not the amount of maintenance, it's when unscheduled maintenance happens, it really throws things off. It may only be one or two percent of the maintenance tasks are unscheduled, but that's what throws the aircraft off the schedule. That's what leaves passengers sitting in the departure lounges, ticked off. Not getting there till the next day or the next week, whenever, so it's a very, very small percentage, these unscheduled maintenance events, but it's crucial to the airlines' economics. >> Exactly. Crucial to our itineraries, as well, as the economics. Exactly. >> Making sure that the airlines continue to do what they do best, which is get us from place A to place B. >> Precisely. Well, Scott Henry, thank you so much, it's been a really fun conversation. >> I enjoyed being here, thank you. >> Jeff: Thank you. >> Thanks, Henry. >> Thanks. >> We will have more from theCUBE's live coverage of IFS World Conference just after this. (digital music)

>> Hi, I'm Peter Burris, and welcome to another Wikibon Action Item. (funky electronic music) This was a very interesting week in the tech industry, specifically because IBM's Think Conference aggregated in a large number of people. Now, The CUBE was there. Dave Vellante, John Furrier, and myself all participated in somewhere in the vicinity of 60 or 70 interviews with thought leaders in the industry, including a number of very senior IBM executives. The reason why this becomes so important is because IBM made a proposal to the industry about how some of the digital disruption that the market faces is likely to unfold. The normal approach or the normal mindset that people have used is that startups, digital native companies were going to change the way that everything was going to operate, and the dinosaurs were going to go by the wayside. IBM's interesting proposal is that the dinosaurs actually are going to learn to dance, utilizing or playing on a book title from a number of years ago. And the specific argument was laid out by Ginni Rometty in her keynote, when she said that there are number of factors that are especially important here. Factor number one is that increasingly, businesses are going to recognize that the role that their data plays in competition is on the ascending. It's getting more important. Now, this is something that Wikibon's been arguing for quite some time. In fact, we have said that the whole key to digital disruption and digital business is to acknowledge the difference between business and digital business, is the role that data and data assets play in your business. So we have strong agreement there. But on top of that, Ginni Rometty made the observation that 80% of the data that could be accessed and put the work in business has not yet been made available to the new activities, the new processes that are essential to changing the way customers are engaged, businesses operate, and overall change and disruption occurs. So her suggestion is that that 80%, that vast amount of data that could be applied that's not being tapped, is embedded deep within the incumbents. And so the core argument from IBM is that the incumbent companies, not the digital natives, not the startups, but the incumbent companies are poised to make a significant, to have a significant role in disrupting how markets operate, because of the value of their data that hasn't currently been put to work and made available to new types of work. That was the thesis that we heard this week, and that's what we're going to talk about today. Are the incumbent really going to strike back? So Dave Vellante, let me start with you. You were at Think, you heard the same type of argument. What did you walk away with? >> So when I first heard the term incumbent disruptors, I was very skeptical, and I still am. But I like the concept and I like it a lot. So let me explain why I like it and why I think there's some real challenges. If I'm a large incumbent global 2,000, I'm not going to just roll over because the world is changing and software is eating my world. Rather what I'm going to do is I'm going to use my considerable assets to compete, and so that includes my customers, my employees, my ecosystem, the partnerships that I have there, et cetera. The reason why I'm skeptical is because incumbents aren't organized around their data assets. Their data assets are stovepipe, they're all over the place. And the skills to leverage that data value, monetize that data, understand the contribution that data makes toward monetization, those skills are limited. They're bespoke and they're very narrow. They're within lines of business or divisions. So there's a huge AI gap between the true digital business and an incumbent business. Now, I don't think all is lost. I think a lot of strategies can work, from M&A to transformation projects, joint ventures, spin-offs. Yeah, IBM gave some examples. They put up Verizon and American Airlines. I don't see them yet as the incumbent disruptors. But then there was another example of IBM Maersk doing some very interesting and disrupting things, Royal Bank of Canada doing some pretty interesting things. >> But in a joint venture forum, Dave, to your point, they specifically set up a joint venture that would be organized around this data, didn't they? >> Yes, and that's really the point I'm trying to make. All is not lost. There are certain things that you can do, many things that you can do as an incumbent. And it's really game on for the next wave of innovation. >> So we agree as a general principle that data is really important, David Floyer. And that's been our thesis for quite some time. But Ginni put something out there, Ginni Rometty put something out there. My good friend, Ginni Rometty, put something out there that 80% of the data that could be applied to disruption, better customer engagement, better operations, new markets, is not being utilized. What do we think about that? Is that number real? >> If you look at the data inside any organization, there's a lot of structured data. And that has better ability to move through an organization. Equally, there's a huge amount of unstructured data that goes in emails. It goes in voicemails, it goes in shared documents. It goes in diagrams, PowerPoints, et cetera, that also is data which is very much locked up in the way that Dave Vellante was talking about, locked up in a particular process or in a particular area. So is there a large amount of data that could be used inside an organization? Is it private, is it theirs? Yes, there is. The question is, how do you tap that data? How do you organize around that data to release it? >> So this is kind of a chicken and egg kind of a problem. Neil Raden, I'm going to turn to you. When we think about this chicken and egg problem, the question is do we organize in anticipation of creating these assets? Do we establish new processes in anticipation of creating these data assets? Or do we create the data assets first and then re-institutionalize the work? And the reason why it's a chicken and egg kind of problem is because it takes an enormous amount of leadership will to affect the way a business works before the asset's in place. But it's unclear that we're going to get the asset that we want unless we affect the reorganization, institutionalization. Neil, is it going to be a chicken? Is it going to be the egg? Or is this one of the biggest problems that these guys are going to have? >> Well, I'm a little skeptical about this 80% number. I need some convincing before I comment on that. But I would rather see, when David mentioned the PowerPoint slides or email or that sort of thing, I would rather see that information curated by the application itself, rather than dragged out in broad data and reinterpreted in something. I think that's very dangerous. I think we saw that in data warehousing. (mumbling) But when you look at building data lakes, you throw all this stuff into a data lake. And then after the fact, somebody has to say, "Well, what does this data mean?" So I find it kind of a problem. >> So Jim Kobielus, a couple weeks ago Microsoft actually introduced a technology or a toolkit that could in fact be applied to move this kind of advance processing for dragging value out of a PowerPoint or a Word document or something else, close and proximate to the application. Is that, I mean, what Neil just suggested I think is a very, very good point. Are we going to see these kinds of new technologies directly embedded within applications to help users narrowly, but businesses more broadly, lift that information out of these applications so it can be freed up for other uses? >> I think yeah, on some level, Peter, this is a topic called dark data. It's been discussed in data management circles for a long time. The vast majority, I think 75 to 80% is the number that I see in the research, is locked up in terms of it's not searchable, it's not easily discoverable. It's not mashupable, I'm making up a word. But the term mashup hasn't been used in years, but I think it's a good one. What it's all about is if we want to make the most out of our incumbent's data, then we need to give the business, the business people, the tools to find the data where it is, to mash it up into new forms and analytics and so forth, in order to monetize it and sell it, make money off of it. So there are a wide range of data discovery and other tools that support a fairly self-service combination and composition of composite data object. I don't know that, however, that the culture of monetizing existing dataset and pulling dark data into productized forms, I don't think that's taken root in any organization anywhere. I think that's just something that consultants talk about as something that gee, should be done, but I don't think it's happening in the real world. >> And I think you're probably correct about that, but I still think Neil raised a great point. And I would expect, and I think we all believe, that increasingly this is not going to come as a result of massive changes in adoption of new data science, like practices everywhere, but an embedding of these technologies. Machine learning algorithms, approaches to finding patterns within application data, in the applications themselves, which is exactly what Neil was saying. So I think that what we're going to see, and I wanted some validation from you guys about this, is increasingly tools being used by application providers to reveal data that's in applications, and not open source, independent tool chains that then ex-post-facto get applied to all kinds of different data sources in an attempt for the organization to pull the stuff out. David Floyer, what do you think? >> I agree with you. I think there's a great opportunity for the IT industry in this area to put together solutions which can go and fit in. On the basis of existing applications, there's a huge amount of potential, for example, of ERP systems to link in with IOT systems, for example, and provide a data across an organization. Rather than designing your own IOT system, I think people are going to buy-in pre-made ones. They're going to put the devices in, the data's going to come in, and the AI work will be done as part of that, as part of implementing that. And right across the board, there is tremendous opportunity to improve the applications that currently exist, or put in new versions of applications to address this question of data sharing across an organization. >> Yeah, I think that's going to be a big piece of what happens. And it also says, Neil Raden, something about whether or not enormous machine learning deities in the sky, some of which might start with the letter W, are going to be the best and only way to unlock this data. Is this going to be something that, we're suggesting now that it's something that's going to be increasingly-distributed closer to applications, less invasive and disruptive to people, more invasive and disruptive to the applications and the systems that are in place. And what do you think, Neil? Is that a better way of thinking about this? >> Yeah, let me give you an example. Data science the way it's been practiced is a mess. You have one person who's trying to find the data, trying to understand the data, complete your selection, designing experiments, doing runs, and so forth, coming up with formulas and then putting them in the cluster with funny names so they can try to remember which one was which. And now what you have are a number of software companies who've come up with brilliant ways of managing that process, of really helping the data science to create a work process in curating the data and so forth. So if you want to know something about this particular model, you don't have to go to the person and say, "Why did you do that model? "What exactly were you thinking?" That information would be available right there in the workbench. And I think that's a good model for, frankly, everything. >> So let's-- >> Development pipeline toolkits. That's a hot theme. >> Yeah, it's a very hot theme. But Jim, I don't think you think but I'm going to test it. I don't think we're going to see AI pipeline toolkits be immediately or be accessed by your average end user who's putting together a contract, so that that toolkit or so that data is automatically munched and ingested or ingested and munched by some AI pipeline. This is going to happen in an application. So the person's going to continue to do their work, and then the tooling will or will not grab that information and then combine it with other things through the application itself into the pipeline. We got that right? >> Yeah, but I think this is all being, everything you described is being embedded in applications that are making calls to backend cloud services that have themselves been built by data scientists and exposed through rest APIs. Steve, Peter, everything you're describing is coming to applications fairly rapidly. >> I think that's a good point, but I want to test it. I want to test that. So Ralph Finos, you've been paying a lot of attention during reporting season to what some of the big guys are saying on some of their calls and in some of their public statements. One company in particular, Oracle, has been finessing a transformation, shall we say? What are they saying about how this is going as we think about their customer base, the transformation of their customer base, and the degree to which applications are or are not playing a role in those transformations? >> Yeah, I think in their last earnings call a couple days ago that the point that they were making around the decline and the-- >> Again, this is Oracle. So in Oracle's last earnings call, yeah. >> Yeah, I'm sorry, yeah. And the decline and the revenue growth rate in the public cloud, the SAS end of their business, was a function really of a slowdown of the original acquisitions they made to kind of show up as being a transformative cloud vendor, and that are basically beginning to run out of gas. And I think if you're looking at marketing applications and sales-related applications and content-type of applications, those are kind of hitting a natural high of growth. And I think what they were saying is that from a migration perspective on ERP, that that's going to take a while to get done. They were saying something like 10 or 15% of their customer base had just begun doing some sort of migration. And that's a data around ERP and those kinds of applications. So it's a long slog ahead of them, but I'd rather be in their shoes, I think, for the long run than trying to kind of jazz up in the near-term some kind of pseudo-SAS cloud growth based on acquisition and low-lying fruit. >> Yeah, because they have a public cloud, right? I mean, at least they're in the game. >> Yeah, and they have to show they're in the game. >> Yeah, and specifically they're talking about their applications as clouds themselves. So they're not just saying here's a set of resources that you can build, too. They're saying here's a set of SAS-based applications that you can build around. >> Dave: Right. Go ahead, Ralph, sorry. >> Yeah, yeah. And I think the notion there is the migration to their ERP and their systems of record applications that they're saying, this is going to take a long time for people to do that migration because of complexity in process. >> So the last point, or Dave Vellante, did you have a point you want to make before I jump into a new thought here? >> I just compare and contrast IBM and Oracle. They have public clouds, they have SAS. Many others don't. I think this is a major different point of differentiation. >> Alright, so we've talked about whether or not this notion of data as a source of value's important, and we agree it is. We still don't know whether or not 80% is the right number, but it is some large number that's currently not being utilized and applied to work differently than the data currently is. And that likely creates some significant opportunities for transformation. Do we ultimately think that the incumbents, again, I mention the chicken and the egg problem. Do we ultimately think that the incumbents are... Is this going to be a test of whether or not the incumbents are going to be around in 10 years? The degree to which they enact the types of transformation we thought about. Dave Vellante, you said you were skeptical. You heard the story. We've had the conversation. Will incumbents who do this in fact be in a better position? >> Well, incumbents that do take action absolutely will be in a better position. But I think that's the real question. I personally believe that every industry is going to get disrupted by digital, and I think a lot of companies are not prepared for this and are going to be in deep trouble. >> Alright, so one more thought, because we're talking about industries overall. There's so many elements we haven't gotten to, but there's one absolute thing I want to talk about. Specifically the difference between B2C and B2B companies. Clearly the B2C industries have been disrupted, many of them pretty significantly, over the last few years. Not too long ago, I have multiple not-necessarily-good memories of running the aisles of Toys R Us sometime after 10 o'clock at night, right around December 24th. I can't do that anymore, and it's not because my kids are grown. Or I won't be able to do that soon anymore. So B2C industries seem to have been moved faster, because the digital natives are able to take advantage of the fact that a lot of these B2C industries did not have direct and strong relationships with those customers. I would posit that a lot of the B2B industries are really where the action's going to take. And the kind of way I would think about it, and David Floyer, I'll turn to you first. The way I would think about it is that in the B2C world, it's new markets and new ways of doing things, which is where the disruption's going to take place. So more of a substitution as opposed to a churn. But in the B2B markets, it's disrupting greater efficiencies, greater automation, greater engagement with existing customers, as well as finding new businesses and opportunities. What do you think about that? >> I think the B2B market is much more stable. Relationships, business relationships, very, very important. They take a long time to change. >> Peter: But much of that isn't digital. >> A lot of that is not digital. I agree with that. However, I think that the underlying change that's happening is one of automation. B2B are struggling to put into place automation with robots, automation everywhere. What you see, for example, in Amazon is a dedication to automation, to making things more efficient. And I think that's, to me, the biggest challenges, owning up to the fact that they have to change their automation, get themselves far more efficient. And if they don't succeed in doing that, then their ability to survive or their likelihood of being taken over with a reverse takeover becomes higher and higher and higher. So how do you go about that level, huge increase in automation that is needed to survive, I think is the biggest question for B2B players. >> And when we think about automation, David Floyer, we're not talking about the manufacturing arms or only talking about the manufacturing arms. We're talking about a lot of new software automation. Dave Vellante, Jim Kobielus, RPA is kind of a new thing. Dave, we saw some interesting things at Think. Bring us up to speed quickly on what the community at Think was talking about with RPA. >> Well, I tell you. There were a lot of people in financial services, which is IBM's stronghold. And they're using software robots to automate a lot of the backend stuff that humans were doing. That's a major, major use case. I would say 25 to 30% of the financial services organizations that I talked to had active RPA projects ongoing at the moment. I don't know. Jim, what are your thoughts? >> Yeah, I think backend automation is where B2B disruption is happening. As the organizations are able to automate more of their backend, digitize more of their backend functions and accelerate them and improve the throughput of transactions, are those that will clean up. I think for the B2C space, it's the frontend automation of the digitalization of the engagement channels. But RPA is essentially a key that's unlocking backend automation for everybody, because it allows more of the frontend business analysts and those who are not traditionally BPM, or business process re-engineering professionals, to begin to take standard administrative processes and begin to automate them from, as it were, the outside-in in a greater way. So I think RPA is a secret key for that. I think we'll see some of the more disruptive organizations, businesses, take RPA and use it to essentially just reverse-engineer, as it were, existing processes, but in an automated fashion, and drive that improvement but in the backend by AI. >> I just love the term software robots. I just think that that's, I think that so strongly evokes what's going to happen here. >> If I could add, I think there's a huge need to simplify that space. The other thing I witnessed at IBM Think is it's still pretty complicated. It's still a heavy lift. There's a lot of big services component to this, which is probably why IBM loves it. But there's a massive market, I think, to simplify the adoption or RPA. >> I completely agree. We have to open the aperture as well. Again, the goal is not to train people new things, new data science, new automation stuff, but to provide tools and increasingly embed those tools into stuff that people are already using, so that the disruption and the changes happen more as a consequence of continuing to do what the people do. Alright, so let's hit the action item we're on, guys. It's been a great conversation. Again, we haven't talked about GDPR. We haven't talked about a wide array of different factors that are going to be an issue. I think this is something we're going to talk about. But on the narrow issue of can the disruptors strike back? Neil Raden, let's start with you. Neil Raden, action item. >> I've been saying since 1975 that I should be hanging around with a better class of people, but I do spend a lot of time in the insurance industry. And I have been getting a consensus that in the next five to 10 years, there will no longer be underwriters for claims adjustments. That business is ready for massive, massive change. >> And those are disruptors, largely. Jim Kobielus, action item. >> Action item. In terms of business disruption, is just not to imagine that because you were the incumbent in the past era in some solution category that's declining, that that automatically guarantees you, that makes your data fit for seizing opportunities in the future. As we've learned from Blockbuster Video, the fact that they had all this customer data didn't give them any defenses against Netflix coming along and cleaning their coffin, putting them out of business. So the next generation of disruptor will not have any legacy data to work from, and they'll be able to work miracles because they made a strategic bet on some frontend digital channel that made all the difference. >> Ralph Finos, action item. >> Yeah, I think there's a notion here of siege mentality. And I think the incumbents are in the castle walls, and the disruptors are outside the castle walls. And sometimes the disruptors, you know, scale the walls. Sometimes they don't. But I think being inside the walls is a long-run tougher thing to be at. >> Dave Vellante, action item. >> I want to pick up on something Neil said. I think it's alluring for some of these industries, like insurance and financial services and healthcare, even parts of government, that really haven't been disrupted in a huge way yet to say, "Well, I'll wait and I'll see what happens." I think that's a huge mistake. I think you have to start immediately thinking about strategies, particularly around your data, as we talked about earlier. Maybe it's M&A, maybe it's joint ventures, maybe it's spinning out new companies. But the time is past where you should be acting. >> David Floyer, action item. >> I think that it's easier to focus on something that you can actually do. So my action item is that the focus of most B2B companies should be looking at all of their processes and incrementally automating them, taking out the people cost, taking out the cost, other costs, automating those processes as much as possible. That, in my opinion, is the most likely path to being in the position that you can continue to be competitive. Without that focus, it's likely that you're going to be disrupted. >> Alright. So the one thing I'll say about that, David, is when I think you say people cost I think you mean the administrative cost associated with people. >> And people doing things, automating jobs. >> Alright, so we have been talking here in today's Wikibon Action Item about the question, will the incumbents be able to strike back? The argument we heard at IBM Think this past week, and this is the third week of March, was that data is an asset that can be applied to significantly disrupt industries, and that incumbents have a lot of data that hasn't been bought into play in the disruptive flow. And IBM's argument is that we're going to see a lot of incumbents start putting their data into play, more of their data assets into play. And that's going to have a significant impact ultimately on industry structure, customer engagement, the nature of the products and services that are available over the course of the next decade. We agree. We generally agree. We might nitpick about whether it's 80%, whether it's 60%. But in general, the observation is an enormous amount of data that exists within a large company, that's related to how they conduct business, is siloed and locked away and is used once and is not made available, is dark and is not made available for derivative uses. That could, in fact, lead to significant consequential improvements in how a business's transaction costs are ultimately distributed. Automation's going to be a big deal. David Floyer's mentioned this in the past. I'm also of the opinion that there's going to be a lot of new opportunities for revenue enhancement and products. I think that's going to be as big, but it's very clear that to start it makes an enormous amount of sense to take a look at where your existing transaction costs are, where existing information asymmetries exist, and see what you can do to unlock that data, make it available to other processes, and start to do a better job of automating local and specific to those activities. And we generally ask our clients to take a look at what is your value proposition? What are the outcomes that are necessary for that value proposition? What activities are most important to creating those outcomes? And then find those that, by doing a better job of unlocking new data, you can better automate those activities. In general, our belief is that there's a significant difference between B2C and B2B businesses. Why? Because a lot of B2C businesses never really had that direct connection, therefore never really had as much of the market and customer data about what was going on. A lot of point-of-sale perhaps, but not a lot of other types of data. And then the disruptors stepped in and created direct relationships, gathered that data and were able to rapidly innovate products and services that served consumers differently. Where a lot of that new opportunity exists is in the B2B world. And here's where the real incumbents are going to start flexing their muscles over the course of the next decade, as they find those opportunities to engage differently, to automate existing practices and activities, change their cost model, and introduce new approaches to operating that are cloud-based, blockchain-based, data-based, based on data, and find new ways to utilize their people. If there's one big caution we have about this, it's this. Ultimately, the tooling is not broadly mature. The people necessary to build a lot of these tools are increasingly moving into the traditional disruptors, the legacy disruptors if we will. AWS, Netflix, Microsoft, companies more along those lines. That talent is very dear still in the industry, and it's going to require an enormous effort to bring those new types of technologies that can in fact liberate some of this data. We looked at things like RPA, robot process automation. We look at the big application providers to increasingly imbue their products and services with some of these new technologies. And ultimately, paradoxically perhaps, we look for the incumbent disruptors to find ways to disrupt without disrupting their own employees and customers. So embedding more of these new technologies in an ethical way directly into the systems and applications that serve people, so that the people face minimal changes to learning new tricks, because the systems themselves have gotten much more automated and much more... Are able to learn and evolve and adjust much more rapidly in a way that still corresponds to the way people do work. So our action item. Any company in the B2B space that is waiting for data to emerge as an asset in their business, so that they can then do all the institutional, re-institutionalizing of work and reorganizing of work and new types of investment, is not going to be in business in 10 years. Or it's going to have a very tough time with it. The big challenge for the board and the CIO, and it's not successfully been done in the past, at least not too often, is to start the process today without necessarily having access to the data, of starting to think about how the work's going to change, think about the way their organization's going to have to be set up. This is not business process re-engineering. This is organizing around future value of data, the options that data can create, and employ that approach to start doing local automation, serve customers, and change the way partnerships work, and ultimately plan out for an extended period of time how their digital business is going to evolve. Once again, I want to thank David Floyer here in the studio with me. Neil Raden, Dave Vellante, Ralph Finos, Jim Kobielus remote. Thanks very much guys. For all of our clients, once again this has been a Wikibon Action Item. We'll talk to you again. Thanks for watching. (funky electronic music)

(upbeat music) >> Announcer: Live from Las Vegas it's The Cube, covering IBM Think 2018. Brought to you by IBM. >> We're back at IBM Think 2018. This is The Cube, the leader in live tech coverage. My name is Dave Vellante. I'm here with my co-host Peter Burris, Moe Abdulla is here. He's the vice president of Cloud Garage and Solution Architecture Hybrid Cloud for IBM and Tim Davis is here, Data Analytics and Cloud Architecture Group and Services Center of Excellence IBM. Gentlemen, welcome to The Cube. >> Glad to be here. >> Thanks for having us. >> Moe, Garage, Cloud Garage, I'm picturing drills and wrenches, what's the story with Garage? Bring that home for us. >> (laughs) I wish it was that type of a garage. My bill would go down for sure. No, the garage is playing on the theme of the start-up, the idea of how do you bring new ideas and innovate on them, but for the enterprises. So what two people can do with pizza and innovate, how do you bring that to a larger concept. That's what The Garage is really about. >> Alright and Tim, talk about your role. >> Yeah, I lead the data and analytics field team and so we're really focused on helping companies do digital transformation and really drive digital and analytics, data, into their businesses to get better business value, accelerate time to value. >> Awesome, so we're going to get into it. You guys both have written books. We're going to get into the Field Guide and we're going to get into the Cloud Adoption Playbook, but Peter I want you to jump in here because I know you got to run, so get your questions in and then I'll take over. >> Sure I think so obvious question number one is, one of the biggest challenges we've had in analytics over the past couple of years is we had to get really good at the infrastructure and really good at the software and really good at this and really good at that and there were a lot of pilot failures because if you succeeded at one you might not have succeeded at the other. The Garage sounds like it's time to value based. Is that the right way to think about this? And what are you guys together doing to drive time to value, facilitate adoption, and get to the changes, the outcomes that the business really wants? >> So Tim you want to start? >> Yeah I can start because Moe leads the overall Garage and within the Garage we have something called the Data First Methodology where we're really driving a direct engagement with the clients where we help them develop a data strategy because most clients when they do digital transformation or really go after data, they're taking kind of a legacy approach. They're building these big monolithic data warehouses, they're doing big master data management programs and what we're really trying to do is change the paradigm and so we connect with the Data First Methodology through the Garage to get to a data strategy that's connected to the business outcome because it's what data and analytics do you need to successfully achieve what you're trying to do as a business. A lot of this is digital transformation which means you're not only changing what you're doing from a data warehouse to a data lake, but you're also accelerating the data because now we have to get into the time domain of a customer, or your customer where they may be consuming things digitally and so they're at a website, they're moving into a bank branch, they go into a social media site, maybe they're being contacted by a fintech. You've got to retain an maintain a digital relationship and that's the key. >> And The Garage itself is really playing on the same core value of it's not the big beating the small anymore, it's the fast beating the slow and so when you think of the fast beating the slow, how do you achieve fast? You really do that by three ways. So The Garage says the first way to achieve fast is to break down the problem into smaller chunks, also known as MVPs or minimum viable product. So you take a very complex problem that people are talking and over-talking and over engineering, and you really bring it down to something that has a client value, user-centered. So bring the discipline from the business side, the operation side, the developers, and we mush them together to center that. That's one way to do fast. The second way-- >> By the way, I did, worked with a client. They started calling it minimum viable outcomes. >> Yes, minimum viable outcomes means what product and there's a lot of types of these minimum viable to achieve, we're talking about four weeks, six weeks, and so on and so forth. The story of American Airlines was taking all of their kiosk systems for example and really changing them both in terms of the types of services they can deliver, so now you can recheck your flights, et cetera, within six week periods and you really, that's fast, and doing it in one terminal and then moving to others. The second way you do fast is by understanding that the change is not just technology. The change is culture, process, and so on. So when you come to The Garage, it's not like the mechanic style garage where you are sitting in the waiting room and the mechanic is fixing your car. Not at all. You really have some sort of mechanical skills and you're in there with me. That's called pair programming. That's called test-driven, these types of techniques and methodologies are proven in the industry. So Tim will sit right next to me and we'll code together. By the time Tim goes back to his company, he's now an expert on how to do it. So fast is achieving the cultural transformation as well as this minimum viable aspect. >> Hands on, and you guys are actually learning from each in that experience, aren't you? >> Absolutely. >> Oh yeah. >> And then sharing, yeah. >> I would also say I would think that there's one more thing for both of you guys and that is increasingly as business acknowledges that data is an asset unlike traditional systems approaches where we built a siloed application, this server, that database manager, this data model, that application and then we do some integration at some point in time, when you start with this garage approach, data-centric approach, figure out how that works, now you have an asset that can be reused in a lot of new and interesting ways. Does that also factor into this from a speed aspect? >> Yeah it does. And this is a key part. We have something called data science experience now and we're really driving pilots through The Garage, through the data first method to get that rapid engagement and the goal is to do sprints, to do 12 to 20 week kind of sprints where we actually produce a business outcome that you show to the business and then you put it into production and we're actually developing algorithms and other things as we go that are part of the analytic result and that's kind of the key and behind that, you know the analytic result is really the, kind of the icing on the cake and the business value where you connect, but there's a whole foundation underneath that of data and that's why we do a data topology and the data topology has kind of replaced the data lake, replaces all that modeling because now we can have a data topology that spans on premise, private cloud, and public cloud and we can drive an integrated strategy with the governance program over that to actually support the data analytics that you're trying to drive and that's how we get at that. >> But that topology's got to tie back to the attributes of the data, right? Not the infrastructure that's associated with it. >> It does and the idea of the topology is you may have an existing warehouse. That becomes a zone in the topology, so we aren't really ripping and replacing, we're augmenting, you know, so we may augment an on premise warehouse that may sit in a relational database technology with a Hadoop environment that we can spin up in the cloud very rapidly and then the data science applications and so we can have a discovery zone as well as the traditional structured reporting and the level of data quality can be mixed. You may do analytic discovery against raw data versus where you have highly processed data where we have extreme data quality for regulatory reporting. >> Compared to a god box where everything goes through some pipe into that box. >> And you put in on later. >> Yes. >> Well and this is the, when Hadoop came out, right, people thought they were going to dump all their data into Hadoop and something beautiful was going to happen right? And what happened is everybody created a lot of data swamps out there. >> Something really ugly happened. >> Right, right, it's just a pile of data. >> Well they ended up with a cheaper data warehouse. >> But it's not because that data warehouse was structured, it has-- >> Dave: Yeah and data quality. >> All the data modeling, but all that stuff took massive amounts of time. When you just dump it into a Hadoop environment you have no structure, you have to discover the structures so we're really doing all the things we used to do with data warehousing only we're doing it in incremental, agile, faster method where you can also get access to the data all the way through it. >> Yeah that makes sense. >> You know it's not like we will serve new wine before its time, you know you can. >> Yeah, yeah, yeah, yeah. >> You know, now you can eat the grapes, you can drink the wine as it's fermenting, and you can-- >> No wrong or right, just throw it in and figure it out. >> There's an image that Tim chose that the idea of a data lake is this organized library with books, but the reality is a library with all the books dumped in the middle and go find the book that you want. >> Peter: And no Dewey Decimal. >> And, exactly. And if you want to pick on the idea that you had earlier, when you look at that type of a solution, the squad structure is changing. To solve that particular problem you no longer just have your data people on one side. You have a data person, you have the business person that's trying to distill it, you have the developer, you have the operator, so the concept of DevOps to try and synchronize between these two players is now really evolved and this is the first time you're hearing it, right at The Cube. It's the Biz Data DevOps. That's the new way we actually start to tell this. >> Dave: Explain that, explain that to us. >> Very simple. It starts with business requirements. So the business reflects the user and the consumer and they come with not just generics, they come with very specific requirements that then automatically and immediately says what are the most valuable data sources I need either from my enterprise or externally? Because the minute I understand those requirements and the persistence of those requirements, I'm now shaping the way the solution has to be implemented. Data first, not data as an afterthought. That's why we call it the data first method. The developers then, when they're building the cloud infrastructure, they really understand the type of resilience, the type of compliance, the type of meshing that you need to do and they're doing it from the outside. And because of the fact that they're dealing with data, the operation people automatically understand that they have to deal with the right to recovery and so on and so forth. So now we're having this. >> Makes sense. You're not throwing it over the wall. >> Exactly. >> That's where the DevOps piece comes in. >> And you're also understanding the velocity of data, through the enterprise as well as the gaps that you have as an enterprise because you're, when you go into a digital world you have to accumulate a lot more data and then you have to be able to match that and you have to be able to do identity resolution to get to a customer to understand all the dimensions of it. >> Well in the digital world, data is the core, so and it's interesting what you were saying Moe about essentially the line of business identifying the data sources because they're the ones who know how data affects monetization. >> Yes. >> Inder Paul Mendari, when he took over as IBM Chief Data Officer, said you must from partnerships with the line of business in order to understand how to monetize, how data contributes to the monetization and your DevOps metaphor is very important because everybody is sort of on the same page is the idea right? >> That's right. >> And there's a transformation here because we're working very close with Inder Paul's team and the emergence of a Chief Data Officer in many enterprises and we actually kind of had a program that we still have going from last year which is kind of the Chief Data Officer success program where you can help get at this because the classic IT structure has kind of started to fail because it's not data oriented, it's technology oriented, so by getting to a data oriented organization and having a elevated Chief Data Officer, you can get aligned with the line of business, really get your hands on the data and we prescribe the data topology, which is actually the back cover of that book, shows an example of one, because that's the new center of the universe. The technologies can change, this data can live on premise or in the cloud, but the topology should only change when your business changes-- (drowned out) >> This is hugely important so I want to pick up on something Ginny Rometti was talking about yesterday was incumbent disruptors. And when I heard that I'm like, come on no way. You know, instant skeptic. >> Tim: And that's what, that's what it is. >> Right and so then I started-- >> Moe: Wait, wait, discover. >> To think about it and you guys, what you're describing is how you take somebody, a company, who's been organized around human expertise and other physical assets for years, decades, maybe hundreds of years and transform them into a data oriented company-- >> Tim: Exactly. >> Where data is the core asset and human expertise is surrounding that data and learn to say look, it's not an, most data's in silos. You're busting down those silos. >> Exactly. >> And giving the prescription to do that. >> Exactly, yeah exactly. >> I think that's what Tim actually said this very, you heard us use the word re-prescriptive. You heard us use the word methodology, data first method or The Garage method and what we're really starting to see is these patterns from enterprises. You know, what works for a startup does not necessarily translate easily for an enterprise. You have to make it work in the context of the existing baggage, the existing processes, the existing culture. >> Customer expectations. >> Expectations, the scale, all of those type dimensions. So this particular notion of a prescription is we're taking the experiences from Hertz, Marriott, American Airlines, RVs, all of these clients that really have made that leap and got the value and essentially started to put it in the simple framework, seven elements to those frameworks, and that's in the adoption, yeah. >> You're talking this, right? >> Yeah. >> So we got two documents here, the Cloud Adoption Playbook, which Moe you authored, co-authored. >> Moe: With Tim's help. >> Tim as well and then this Field Guide, the IBM Data and Analytic Strategy Field Guide that Tim you also contributed to this right? >> Yeah, I wrote some of it yeah. >> Which augments the book, so I'll give you the description of it too. >> Well I love the hybrid cloud data topology in the back. >> That's an example of a topology on the back. >> So that's kind of cool. But go ahead, let's talk about these. >> So if you look at the cover of that book and piece of art, very well drawn. That's right. You will see that there are seven elements. You start to see architecture, you start to see culture and organization, you start to see methodology, you start to see all of these different components. >> Dave: Governance, management, security, emerging tech. >> That's right, that really are important in any type of transformation. And then when you look at the data piece, that's a way of taking that data and applying all of these dimensions, so when a client comes forward and says, "Look, I'm having a data challenge "in the sense of how do I transform access, "how do I share data, how to I monetize?," we start to take them through all of these dimensions and what we've been able to do is to go back to our starting comment, accelerate the transformation, sorry. >> And the real engagement that we're getting pulled into now in many cases and getting pulled right up the executive chains at these companies is data strategy because this is kind of the core, you've got to, so many companies have a business strategy, very good business strategies, but then you ask for their data strategy, they show you some kind of block diagram architecture or they show you a bunch of servers and the data center. You know, that's not a strategy. The data strategy really gets at the sources and consumption, velocity of data, and gaps in the data that you need to achieve your business outcome. And so by developing a data strategy, this opens up the patterns and the things that we talk to. So now we look at data security, we look at data management, we look at governance, we look at all the aspects of it to actually lay this out. And another thought here, the other transformation is in data warehousing, we've been doing this for the past, some of us longer than others, 20 or 30 years, right? And our whole thing then was we're going to align the silos by dumping all the data into this big data warehouse. That is really not the path to go because these things became like giant dinosaurs, big monolithic difficult to change. The data lake concept is you leave the data where it is and you establish a governance and management process over top of it and then you augment it with things like cloud, like Hadoop, like other things where we can rapidly spin up and we're taking advantage of things like object stores and advanced infrastructures and this is really where Moe and I connect with our IBM Club private platforms, with our data capabilities, because we can now put together managed solutions for some of these major enterprises and even show them the road map and that's really that road map. >> It's critical in that transformation. Last word, Moe. >> Yeah, so to me I think the exciting thing about this year, versus when we spoke last year, is the maturity curve. You asked me this last year, you said, "Moe where are we on the maturity curve of adoption?" And I think the fact that we're talking today about data strategies and so on is a reflection of how people have matured. >> Making progress. >> Earlier on, they really start to think about experimenting with ideas. We're now starting to see them access detailed deep information about approaches and methodologies to do it and the key word for us this year was not about experimentation or trial, it's about acceleration. >> Exactly. >> Because they've proven it in that garage fashion in small places, now I want to do it in the American Airlines scale, I want to do it at the global scale. >> Exactly. >> And I want, so acceleration is the key theme of what we're trying to do here. >> What a change from 15, 20 years ago when the deep data warehouse was the single version of the truth. It was like snake swallowing a basketball. >> Tim: Yeah exactly, that's a good analogy. >> And you had a handful of people who actually knew how to get in there and you had this huge asynchronous process to get insights out. Now you guys have a very important, in a year you've made a ton of progress, yea >> It's democratization of data. Everyone should, yeah. >> So guys, really exciting, I love the enthusiasm. Congratulations. A lot more work to do, a lot more companies to affect, so we'll be watching. Thank you. >> Thank you so much. >> Thank you very much. >> And make sure you read our book. (Tim laughs) >> Yeah definitely, read these books. >> They'll be a quiz after. >> Cloud Adoption Playbook and IBM Data and Analytic Strategy Field Guide. Where can you get these? I presume on your website? >> On Amazon, you can get these on Amazon. >> Oh you get them on Amazon, great. Okay, good. >> Thank you very much. >> Thanks guys, appreciate it. >> Alright, thank you. >> Keep it right there everybody, this is The Cube. We're live from IBM Think 2018 and we'll be right back. (upbeat electronic music)