(gentle music) >> We all know that virtually every organization is using the cloud in some way, shape or form. But those same organizations are building or maybe buying abstraction layers that attempt to hide the underlying complexity of these clouds. Which are now connected to on-prem workloads, they're in hybrid models, spanning across multiple clouds, and bleeding out to the edge. Now, while such an approach is extensively simplifies technology, provisioning and management, it brings challenges. And these challenges are fundamentally data problems. For example, with the sprawling clouds, how do you track sensitive data and know where it lives? How do you ensure compliance and privacy protections in a world of ever-changing regulations? How can you securely share data in an increasingly decentralized environment? How can you identify gaps in security policies and how can organizations identify and stop exfiltration in this complex environment? And, oh, by the way, very importantly, how can this all be automated? Because the number one challenges that CSOs face is a lack of talent. Hello everyone, this is Dave Vellante, and welcome to this CUBE conversation where we profile emerging technologies, innovative startups and disruptive trends in enterprise tech. And today we're pleased to welcome two guests from a really interesting firm trying to solve many of these problems. With us are Dr. Noah Johnson, who was the co-founder and CTO. And April Mitchell, head of engineering, both from Dasera. Folks, welcome April. Great to see you again. >> It's a pleasure to be here. Thanks, Dave. >> Okay Noah, let me start with you. I got to ask you, is security in your mind a do-over? >> Hey Dave. Thanks for having us. Great to be here. So yeah, you hear the adage a lot today, security is broken. And certainly if you look at the number of data breaches and misuses of data in the last few years, clearly something isn't working, right? Now, our view actually is that data security needs to be rethought, and kind of designed from the ground up for the modern way that the data is used. And that's exactly what we're doing. So we don't say, do over, so much as data security re-imagined, especially for the cloud. >> Yeah, you can't just rip and replace, but it's a little tongue in cheek there. But tell me more about the background of the company. Why did you and your co-founders start the firm? Are those challenges that I laid out upfront, the ones that you're directly attacking? >> Yeah, we're attacking all of them. So the background of the company, our technology originally came from PhD work that I did while I was studying at UC Berkeley. So I've spent most of the last decade or so looking at different cybersecurity problems. And my dissertation specifically focused on, how do you secure sensitive data while still allowing people to access it in a flexible way? As part of that work, I was able to collaborate with a big tech company, Fortune 500 company, who were facing very similar problems internally. They needed to get a handle on their data. And so through that kind of research collaboration, we built a platform that was able to track data and monitor how the data was used to better protect it while still allowing the company to be data-driven. They ended up deploying the system at scale. And so this was really strong, at least initial validation. The approach that we're using at Dasera actually is quite effective and sound. So since then, we've talked to hundreds of other CSOs and security teams, and really sort of gotten a deeper appreciation for the magnitude of the problem today. No person that we've spoken to has high confidence in their data security. And we can dig into the reasons for that. It's not for lack of effort, it's that this is a very hard problem, especially with the moving to the cloud. >> Yeah, I mean, trust is popping up on the NPS surveys. It's like the number one factor today. April, let's bring you into the discussion. You and I met early last decade and we've followed your career since then. What attracted you to Dasera? >> Yeah, that's a great question, Dave. I've spent my career at Fortune 10 companies with 15,000 plus employees. What made me take this step to go to all the magnitude, a smaller company and team? And I would say it was an easy choice and I was driven by a bold vision, the right team and an innovators heart. When I had a conversation with Ani, the CEO and Noah's co-founder, Ani and I crossed paths back at HP, and he had the opportunity to work with myself and one of my collaborators. And I'd say at the time we were the two co-founders running our own little two-person startup within HP labs, delivering consumer web services. And Ani and I connected then. And we knew we wanted to have that chance to work together in the future. And I was blessed with the opportunity to go from analytics, to programmability at HP at Cisco. And when Ani called me up just a little over two months ago, and he told me about Dasera, immediately I was interested. Data security is a wonderful hot space with so many challenges, and that innovation and the challenge from a real research perspective is what drew me to Dasera. And I had the conversation with Noah. And we went deep into differential privacy and the cracks of his PhD research. And I understood there, this company is built on very strong bonds. And really, to be successful, it's about the team. You have to have a diverse team with great experience. And when I talked to every single one of the team members, they shared a vision and they shared a passion. And you know me, I love being a part of a strong team and I love building strong teams. And that's exactly what we're doing here at Dasera. >> Thank you for that April. So Noah, give us the north star. Like early on, you guys got to focus in on where you're headed. What is that north star? >> Our goal is to really solve data security. You know, we touched on earlier, clearly current solutions aren't working. We think we have a very innovative solution that is designed specifically for where data lives today, which is the cloud. We see ourselves as being the kind of gold standard for tracking and managing and securing data in the cloud across the entire life cycle. You know, from the point the data is created to all of the different ways that data is used, to when the data is deleted, we want to build a system that lets companies for the first time, get that visibility, create that feedback loop between the data users, the different security stakeholders, the legal teams. Help them make better, more informed security decisions by providing that visibility. >> So April, I use this chart sometimes when I do segments on security. I think it's from Optiv and it's this, it shows all the different segments and this is a very fragmented market space. So I'm wondering, like for first of all, like who's the enemy, I mean, who you're trying to attack? But it's so fragmented, maybe there isn't one. But from an engineering standpoint, part two of the question is, what are the really gnarly problems that you're focusing on? But talk about part A first, if you would. Who are you targeting here? >> Absolutely. I would say the best defense is a really good offense. And how are we approaching this problem differently? And there are many data security tools out there. Many processes, from access control to DLP, but we still had 4,000 events, 4,000 breaches in the last year alone. So we can't continue to expect different outcomes by using these same approaches. So that's where we are changing the story. And we have a bold purpose. We don't want to be a typical existing cybersecurity company. We want to take the approach of treating data security as sacred, we want to make the world a safer place, and we want to do that by securing data across its life cycle. Creation to deletion. You asked about the gnarly challenges that are out there. To do that right, you have to do it at speed. You've got to do it in real time and you have to do it at scale. And those are definitely the challenges that we're running into right now from an engineering perspective. >> So Noah, when you looked at the landscape, you saw, as April said, it was just so many different tools out there. How do you describe your difference in the marketplace? And April, please chime in as well. >> Sure. Yeah. So everyone has a slightly different approach. April touched on this earlier. We want to fix data security. So in some sense, we're all on the same team. We have different views of the most effective way of solving this problem, but ultimately everyone wants to solve the same problem. I would say, we're the only ones that give a comprehensive look at the entire data life cycle. So if you look at other similar security offerings, a lot of players are focused on just access control, right? Or data loss prevention, or specific features like encryption. And these are all really important technologies, but they're not sufficient, right? These are technologies that have been in use for the last decade and yet we still see data breaches on a daily basis. And the reason for that is, even if you have those systems in place, there's a lot that can go wrong between when someone is granted access to all of the different ways they consume and share the data. And so where we're unique is we give this holistic picture of the data end to end. And we don't necessarily replace those other solutions. Actually, we compliment them. Our system can tell you, if you have an encryption solution in place, are you encrypting the right data, right? Are you using it the right way? So you get more value out of those tools. Or if you have access control, our platform can be a set of guard rails or kind of a backstop that can let you know, are those access control rules properly configured, are certain users over privileged, and so forth. So really providing that context, like I said earlier, to make better security decisions. That's where we're differentiated. That's kind of our unique view of how to solve the problem. >> April, anything you'd add to that? It sounds like you're a platform for all these tools. I feel like I need that for my apps. But what's the secret sauce there? >> Yeah. I think the secret sauce is that we've learned from the challenges that our customers are facing. We have an approach where we want to rapidly innovate and rapidly validate. And our team is doing that. Noah mentioned a couple of the key features. I'm going to add a few more, because really when you're making a choice, what should I use, you've got to start with, what do you want to protect? Your data and your people? How can we help you protect that? Well, we can help you manage data sprawl. You'd be surprised by how many customers on the cloud are really interested, or use our product for the first time and go, "Oh my gosh, I did not know that that was there. When did that get there? How did it get copied there? Why is it there?" You know, and they're asking these questions. So we want to help you track that sprawl of your data. We want to monitor the data when it's in use. How are people growing it? How are your employees accessing it? How are they using it? Are they using it in the right way? Are they using it in the right way today? Are they using it on the right way tomorrow based the permissions? And we can give you that risk analysis and that perspective. We also want to let you know that when the data's sprawls, when there's a new copy that's stored in the new data store, is it configured the right way? Are you protecting it the right way? We can analyze that for you as well. So really the completeness of the features from the end to end solution, you can't protect across the entire data life cycle from creation to deletion, unless you're truly connecting and understanding how the data is being used. >> Great. Thank you. Noah, what's the ideal customer look like? Big, small, different industries? Will you give us the ICP? >> So as far as industries, our view is, a data breaches is a data breach. So any company that collects data and needs to protect it would benefit from our solution. I will say specifically, organizations that are cloud first and data-driven. Meaning they collect a lot of data and need to use that data, especially if that data is sensitive. So think B to C companies, retail, e-commerce, social media, finance, any company that collects consumer data, there are legal obligations, security obligations, kind of a higher standard of care that's required for that data. And that's where we can really help. So we're seeing traction actually from all of these industries. As far as the ideal user profile, we are targeting data security professionals. But we are a platform. We are a collaboration platform. Our system is designed to let different stakeholders within the organization, work together. From the security team, to the legal team, to the different data custodians, they can all collaborate seamlessly within the platform using that context that we're stitching together about the data flow. >> That last point is important because it used to be, it was the SecOps team. It was their problem. And now it's IT, it's security, it's legal, it's the line of business. And then the first point you made about cloud first and data-driven, that's good news for your term. Because if you're not cloud first and data-driven, you're probably not going to be in business by the end of the decade. So, how about the business case? You know, your startup, the ideal startup situation is you're 10X the value at 1/10 the price. Now, maybe in your case it's a little different 'cause you're taking that holistic view as opposed to one narrow view. But what's the justification? Lay out the ROI. >> Yeah. So we've designed the platform actually to be very quick time to value and easy to deploy. The platform is fully automated, has built in policies and machine learning. So you spin it up and it will automatically discover the data stores, it will go and crawl the data to automatically classify it. And so now you've already solved the problem of just data sprawl, knowing what data is out there. And then we can show customers, here's how the databases are configured, is the data sufficiently protected, here's how employees are interacting with the data. And then finally optionally to write policies and workflows to make sure that there's a process in place to protect the data across its entire life cycle. So there's sort of an evolution of different features. So there's kind of a maturity evolution from just, number one, identifying the data, or like we say, you can't protect what you don't know exists, to protecting it and identifying whether there are any security risks and compliance gaps. And then finally automatic proactive protection and remediation by security policies. >> So where are you guys in terms of the maturity? Obviously it's early days, but where are you in terms of product market fit? Have you nailed that? Still trying to figure that out? I know you've raised around 9 million, you're out of stealth. You give us a sense of the maturity curve. >> I can jump in on that one and speak a bit about our first customers. And then Noah can add more detail as well. But we're seeing these cloud first organizations, the CSOs, the chief security or privacy officers coming to us because they know that traditional approaches aren't working. We are here, we are ready to engage. We aren't just grabbing, what's coming, we're talking about what we have now. And we will sit arm to arm with you and made sure that we are solving the challenges that your team is facing right now. And that's where we're getting early feedback. That's where we've really been able to showcase some new innovations and to validate and move from there. But I would say, if you're interested in talking to us, please call, please visit the website and make that connection. Because we're not stealth, we're not hiding. We're engaging and definitely have a offering that is ready to be used. >> So okay, so you're in market with that offering. What do I buy from you? Is it a SAS, is it a subscription, is it a service? >> Yeah, so we have a few different product offerings and deployment models, depending on where the data's stored and the environment that the company wants to run the software. So we support on-prem, we also have a SAS offering as well. >> Okay, and that runs in the cloud, obviously, the SAS offering, or you can sort of put it as in a require on appliance? How do I deploy it on on-prem? >> No appliance runs. Runs purely in the cloud. And within an hour to onboard, to connect to the environment and to get a scan up and running. >> And it's status of the company, am I right, I think you've raised like $9 million. Head count, anything you can share in that regard? Are you hiring? I'm sure you are. >> We're growing very quickly. There's been tremendous traction as April mentioned earlier, and we're super excited about the opportunity ahead of us. It's clear we've tackled the very big problem that is still unsolved. So we have big plans and we fortunately have been able to raise some capital to help us build out the team, to add the capabilities that we need to fully solve this problem end to end. So we're well on our way, but it's a journey. This is an unsolved problem for a reason, right? It's quite complex. And we've got a great headstart, we've got a great approach, we've got some great early customers, but there's a way to go still. >> And I'll use that opportunity to say, yes, we are hiring. And if you're interested in this space, if you want to learn from a team of experts, but also grow your skills and take on some new challenges, then please go to the website and check out the current positions that we have. Dropped me ping through any of the social media networks, 'cause we'd love to hear from you. >> Great. Website is Dasera, D-A-S-E-R-A. All right. So check it out. Guys. great to have you on. Thanks so much. Best of luck. We'll be tracking you, and really congratulations on getting to this point. And I know you have a lot more work to do, but really exciting times, I'm sure, for you. >> Thanks Dave. >> It's a pleasure to see you this way and hopefully in person soon. >> Hopefully. Yeah, absolutely. Hopefully in '21. We'll see. We'll see. Thank you for watching everybody. This is Dave Vellante for the CUBE, we'll see you next time. (gentle music)

live from Las Vegas it's the cube covering IBM think 2018 brought to you by IBM hello everyone welcome back to the cube coverage here at IBM think 2018 in Las Vegas Nevada the Mandalay Bay it's a cubes exclusive covers three days of wall-to-wall interviews thought leaders experts entrepreneurs people making an impact and our next guest artists ani who's the co-founder of hosh io h OS h o de Ojo kayo advisor at the pink sky capital he's a cube alumni a walk in off the streets cuz he lives in Las Vegas but very instrumentals are connected to this community because of his pioneering work in in crypto blockchain and the future of money architects great to see you thanks for coming by thank you for having me it's good to be back on the cube great second time and second time yeah only couple we just saw each other the Bahamas the first security token conference yeah I bike on I I be on IBM's really big on supply chain this is their visitor old school you know generations of providing software for businesses b2b and now blockchains their big thing but blockchains yeah pretty straightforward yeah you know you get efficiencies but they're not talking about token economics because they talk about something execs here they're like well that implies the general public in their world thinks cryptocurrency they think Bitcoin so I want to connect the networks together our network IBM's network your network because the melting pot of this trend is really about blockchain cryptocurrency in the sense of the value around tokens and how tokens can be harnessed to capture the values I want to get your perspective as these worlds collide so I think that IBM is doing a great job by spearheading a blockchain movement and they're very they're focusing on the fortune 500 and the key with Fortune 500 companies right now is that they have rooms full of Java developers Java engineers and aetherium is the protocol right now that is most commonly found the majority of icos and token generation events that have occurred to date have all been on etherium x' network and etherium is the most and they found in blockchain however the etherium blockchain the language to build and launch token generation events on aetherium you have to write in a language called solidity and solidity is a new language and iBM has made a smart move by doing everything in Java and JavaScript similar to a lot of the new block chains that are aiming to compete with aetherium and the key distinction just to kind of put it out there when I get your reaction to and get some commentary around is IBM is not competing with public block chains they're looking at a in a different way they're saying hey you know you can have I guess private blockchains I mean it's not a really a dirty word they because they have a different use case correct I think it's very important especially when it comes to things like healthcare you look at the health care industry healthcare records will not be going on public block chains and so the hyper ledger fabric framework may make sense for things that need to be HIPAA compliant for example so reliability is key so what's their jannat like say hashed crafts got a lot of traction in their performance and their speed they got time stamps that's not a native blockchain yet that's kind of getting some traction IBM's got something similar for those markets that require the reliability the performance and the security so help the audience understand IBM's moves here because IBM's conservative so they don't really want to throw the word cryptocurrency out there because it might be misunderstood but this is gonna end up in token economics how are you explaining what the moves ibm's making to the average person that might not know the inside nuances in baseball for say the crypto market I think what's interesting is that iBM has a more mature focus on this space and you know they have direct ties historically to the fortune 500 companies the way others do not and so they've taken a much more sophisticated and a much much more conservative approach you don't see IBM throwing around the word cryptocurrency and that's a smart move because it's about the cryptography that secures block chains in a decentralized ecosystem and it's that the discussion of just tokens and token sales and leveraging tokens as a currency it's a premature time in this entire industry to be having that discussion so although it's going on it's a distraction for IBM you saying yeah because we but it's more interesting for smart contracts to be written that our functional smart contracts that for the first time ever white collared middlemen are being cut out of the picture in a new trustless decentralized ecosystem so talk about where IBM could take this with token economists obviously do you think that it's all leads to some sort of tokenization is that gonna be where the value capture is gonna be how does IBM get there in your mind I think they get there by having fortune 500 companies launch legitimate decentralized applications on their blockchain and that's just what Java JavaScript it's because most fortune 500 companies already have a plethora of Engineers globally that they can simply have start working on IBM's blockchain whereas you don't see that as a risk for IBM no that's that's IBM's advantage because today if the fortune 500 companies aren't building on aetherium whose blockchain mainly because of the learning curve it takes for a current full stack engineer to become a solidity engineer what's the etherium future now obviously they have they're working on lightning seeing some things going on that area the Lightning is Bitcoin is plasma yeah plasma sorry I got them confused so they got to go through the work this and some real work that's got to get done the theory of childs a big developer community the biggest the biggest so do those merge with the IBM communities downstream at some point or is it okay to be separate and does it matter I think they'll remain separate and in this case I I highly doubt that a theory IBM hyper ledger will go down the route that route stock has gone root stock essentially is the etherium virtual machine sidechain to the Bitcoin blockchain enabling smart contracts on the Bitcoin blockchain for the first time and rootstock is a very interesting project however IBM is its own ecosystem and the way in which they're catering to the fortune 500 is extremely intriguing and from Hojo's perspective we want to be auditing smart contracts that are functional that are written by more sophisticated players in the industry centralized ecosystem our main focus is just security auditing and there's gonna be a lot more smart contracts written by more sophisticated players on IBM's blockchain then possibly the other ones right now we have we have not seen a plethora of Fortune 500 companies by any means launching smart contracts on the theorems blockchain and blue chips banks or whatever as they try to disrupt themselves need to get us to partner governments okay so how about for a minute I just take a second to talk about your business I know we covered this at polycon and the Bahamas but for the sake of the context to IBM yeah talk about what you guys are doing we're specifically in the marketplace of partners would you sit if you were parting with IBM and and your role that you could possibly take with IBM so to take a step back quick host show the word itself hosho and means security in japanese and we started this company eight months ago my co-founder yo Kwon and I and our laser focus is blockchain security and being the global leader within the blockchain security space so as far as we see there's new blockchains being made new protocol tokens being launched as well as new tokens being launched as well as do smart contracts being written that are functional for the entire business and no matter what blockchain a smart contract is written on that smart contract is code that has been written and that code has to be audited by a professional third party and we are that professional third party that there's a line-by-line code review of the smart contract and finds all security vulnerabilities and we've been building proprietary tooling to find vulnerabilities faster and faster and faster we do a gas analysis to make sure that that blockchain is not being clogged we conduct the static analysis to find any hidden functionality within the framework of the smart contract and the last part which is very crucial is that yeah very uniquely qualified full stack engineer with a unique QA mindset and a security background who knows the language in which this is coded which currently most projects that were auditing our aetherium ERC 20 tokens written in solidity someone has to marry the source of truth which in the case of an ICO is a white paper and marry the white paper to the smart contract and make sure is the smart contract doing what the white paper says codify the white paper basically this process of auditing is gonna be ever more crucial within the the business that IBM does with Fortune 500 businesses because when a publicly traded company launches a smart contract for a decentralized application security is the highest priority and abilities is where the hackers could come in just be on a time to market getting those smart contract codes written it was fully baked it's irreversible once the smart contract is launched and millions of dollars are gonna go through this smart contract it's been regular practice in the cybersecurity world to type up code and to have it reviewed by a third party auditor we're simply applying the exact same logic to the blockchain space and it's exciting to see more blockchains by sophisticated players like IBM come to fruition and we're looking forward to actual projects from big players around the world launch on IBM's blockchain and hosho is looking to be a preferred partner of IBM's to do all their security work whether it's smart contract auditing or penetration testing and real quick on penetration testing that's our other core service that we provide and penetration testing is both for websites and for crypto currency exchanges in which we're making sure there's no security vulnerabilities within your website and finding every way possible to penetrate your website or your exchange and every time code is changed you open up the doors to more vulnerabilities and so in the crypto currency exchange space right now we're seeing that new exchanges are being made but sophisticated investors don't know if this is a safe place to trade hundreds of millions of dollars or not yeah and so when you got commerce being John I mean IBM as folk as you mentioned is legit and they're doing a great job by the way props to IBM for doing what they're doing they've been in for multiple years now and they're supporting the Apache project they're putting their their weight behind it but these are real-world examples granted supply chain might be boring to some audiences but not to others I mean you're moving real product around this is commerce with digital fingerprints and code and potentially tokens that's a highly gonna accelerate the payment process I mean the notion of clearing goes away it's instant yes this is a highly accelerated money transfer value capture value Tran for environment you can't take me chances yes and security is primal concern and we're excited that companies like IBM value security and this space is one that the dust has yet to settle and what's gonna help the dust settle within the blockchain ecosystem is more priority on security so what's your take if you are gonna give a talk here we're doing talking here in the cube so it's awesome it's gonna be alive and on-demand as well your advice to people saying you know we got a tokenizer our business I need to start with blockchain I can see some areas to create some efficiencies around some inefficient processes and create new business models I got to get started your thoughts my thoughts are take a step back and first evaluate do you have a business what problem are you solving once your business is actually generating some revenue and you've evaluated why the concept of a blockchain could be interesting for your business then pick a blockchain and stick to it and then when you start building on that block chain you've figured out that a token could actually be leveraged within this decentralized application that you're building then you can start figuring out what the token economics of it would actually be I think what people are doing nowadays is rushing to create a token because of their excitement about the fundraising mechanism that an ICO is and an ICO is democratizing to some extent at least global capital raising and I think that fundraising mechanism is not going anywhere that that fundraising mechanism is here to stay however the majority of ICO projects that we're seeing occurring today I don't think these companies will be around in the next couple of years which shows how immature to some extent the industry actually is whereas maybe the projects that are built and launched on IBM's block chains that they develop maybe they're more sophisticated and will be companies that have gone through a more rigorous process of making sure security was a primary concern and they wrote quality code for quality businesses that are actually leveraging decentralization in the appropriate way not the other way around of we want to raise capital so let's invent a reason to have a token or you have a big case right now in Silicon Valley at least is you have companies that are very serious a and B and decided let's do an icy overseer you see and that that's tricky it's not always the right solution when you're saying is don't confuse the ico crazy fundraising arbitrage and new new model to applying supply chain tokens and blockchain to a durable business agreed and on the same token we have people in the space whether they're investors they're lawyers PR firms exchanges they all need to mitigate their risk by keeping security as a concern for them both in-house and for the companies that they're working with yeah lawyers don't want to be doing lawyer work for a company that will turn out to be a scam coin and someone has to do a security audit of that token the same goes for a PR firm a marketer and in exchange exchanges should not be listing tokens that have not gone through a smart contract audit well it's good to know we got a cube alumni here in the cube to help us with our security audit yeah well the answers the life were in a cube interview so do we got one right here I want to just get into in topic you and I were talking of dinner the other night when we had we saw each other a few nights ago about the problem of picks and shovels and tools and maturity in this new emerging area can you um can you just take a minute to explain what that we were talking about there and I thought you had a good point I mean maturity of the space is not mature it's growing it's embryonic but moving fast and there's need for tools let's unpack that just share your thoughts vision so I think that a lot of people have been more excited to join in an IC o---- a token generation event and do more quick money grabs but to me what's more exciting is the infrastructure that's needed for this industry to actually grow and mature an infrastructure is infamously known as picks and shovels because when the gold rush happened the people who made the real money or the people selling the shovels to the gold diggers and what's included in that is businesses like our own hosho which is selling security audits of smart contracts doing penetration testing bringing maturity and making making things less risky for for everybody in this space so we start we see ourselves as selling picks and shovels on the other hand I'll give you an example Goldman Sachs has a trading desk today it's not 24/7 stock market Oh at 9:00 closes at 5:00 what happens tomorrow when a 24/7 crypto currency trading desk is turned on at Goldman Sachs do the traders that are now 24/7 have the appropriate tools and the governance built into software to manage a team of 24/7 traders at Goldman Sachs today when you have traders trading in the stock market they have a plethora of tools that make them snipers and you have certified market technicians telling hedge funds that this isn't gonna go up two points here in three points they're reading candlesticks in the cryptocurrency space it's like poking a stick you go from being a sniper to having a stick find by Wars like a blind man so companies there's a dozen companies that can be made building the infrastructure for just what I just said the governance with four trading floors this is a really good point and I wanted to bring it up because in these emerging markets these white spaces for tools and technology to help the overall trend grow faster has always been a successful man however you mentioned something about the goldman sachs trading this and that is it literally could be turned down overnight right so that's the problem you can accelerate things too fast and not be prepared that seems Oldman honest I'd know Goldman's done a great job at being very much forward-thinking they've been at every money 20/20 since the beginning of that FinTech conference and they're definitely in this pickle this exercise the analogy is a company can turn on a new model fairly quickly faster than the old days which we're taking months and then now you can do it really on a much shorter timeframe that means they potentially could be exposed if they go too fast yeah this is where the ecosystem has to help yeah I think the bulge bracket banks are treading the water very carefully JPMorgan is doing things they're involved with aetherium Z cash - JPMorgan has a lot going on on this front but these are publicly traded monster banks they're not going to take any risks these are they have a they have stockholders to to answer to they have the US government we have over 150 regulatory arms just regulating the finance industry in the United States and so I think it the American citizen citizen is quick to point fingers to bulge bracket banks and those banks are answering to too many regulatory arms this is one of the downsides of the United States right now in general is the increasingly coercive environment of the government ybm certainly got the blue chip company got the the fortune 500 but they also have a marketplace and that's where they could really kind of change the game feeling in those white spaces yeah IBM's marketplace sounds very exciting and my mind just goes to who's handling the security for everything to do with IBM blockchain we're hoping at Osho arch edge thanks for joining us thanks for sharing your your insight here in the queue with an IBM think conference breaking down all the top news that's really around blockchain at AI would date at the sin of the value proposition all being disrupted by new decentralized technologies blockchain being the beginning and a lot more is happening and certainly we're in and bring it to you on the cube no matter where it is will be there I'm John furrow here and Las Vegas for IBM think coverage we'll be back with more coverage after this short break [Music]