>> Narrator: From the CUBE Studios in Palo Alto, in Boston. Connecting with thought leaders all around the world, this is a CUBE Conversation. >> Hi, everybody. Welcome to the special Cube Conversation. With COVID-19 hitting, organizations really had to focus on business resiliency, and we've got two great guests here to talk about that topic. Bob Bender's the chief technology officer at Founders Federal Credit Union. And he's joined by Jim Shook, who is the director of cybersecurity and compliance practice at Dell Technologies. Gentlemen, thanks for coming on the CUBE, great to see you. >> Thanks, Dave, great to see you, thank you. So, Bob, let's start with you, give us a little bit of background on Founders and your role. >> Founders Federal Credit Union is a financial institution that has about 225,000 members, serving them in 30 different locations, located in the Carolinas. I serve as chief technology officer bringing in the latest technology and cyber resilient direction for the company. >> Great. And Jim, talk about your role. Is this a new role that was precipitated by COVID or was this something that Dell has had for a while? Certainly relevant. >> It's actually been around for a while, Dave. The organization invested in this space going back about five years, I founded the cyber security and compliance practice. So really, my role is most of the time in the field with our customers, helping them to understand and solve their issues around the cyber resilience and cyber recovery field that we're talking about. But I also, to do that properly, spend a lot of time with organizations that are interested in that space. So it could be with an advisory partner, could be the FBI, might be a regulator, a particular group like Sheltered Harbor that we've worked with frequently. So it's just really, as you point out, taken off first with ransomware a couple of years ago, and then with the recent challenges from work from home in COVID. So we're really helping out a lot of our customers right now. >> Bob, I've talked privately to a number of CIOs and CSOs and many have said to me that when COVID hit that their business continuance was really much too (voice cuts out) Now, you guys actually started your journey way back in 2017. I wonder if you could take us back a few years and what were the trends that you were seeing that precipitated you to go on this journey? >> Well, I think we actually saw the malware, the horizon there. And I'll take you back a little further 'cause I just love that story is, when we looked at the relationship of Dell EMC, we talked to the 1% of the 1%, who is protecting their environment, their data capital, the new critical asset in our environment. And Dell EMC was the top of the line every time. When we looked at the environment and what it required, to put our assets under protection, again, we turned to Dell EMC and said, where do we need to go here? You look at this Mecklenburg County, you look at the city of Atlanta, you look at Boeing and I hate to use the examples, but some very large companies, some really experienced companies were susceptible to this malware attacks that we just knew ourself it was going to change us. So the horizon was moving fast and we had to as well. >> Well, you were in a highly regulated industry as well. How did that factor into the move? Well, you're exactly right. We had on our budget, our capital budget horizon, to do an air gap solution. We were looking at that. So the regulatory requirements were requiring that, the auditors were in every day talking about that. And we just kept framing that in what we were going to do in that environment. We wanted to make sure as we did this purpose built data bunker, that we looked at everything, talk to the experts, whether that was federal state regulation. You mentioned Sheltered Harbor, there's GDPR. All these things are changing how are we going to be able to sustain a forward look as we stand this environment up. And we also stood up a cyber security operations center. So we felt very confident in our Runbooks, in our incident response, that you would think that we would be ready to execute. I'll share with you that we reached out every which way and a friend called me and was actually in a live ransomware event and asked if I wanted to come on to their site to help them through that incident. We had some expertise on our staff that they did not possess at that time. So going into that environment, spending 30 hours of the last 72 hours of an attack we came back changed. We came back changed and went to our board and our executives and said, "We thought we knew what we were doing." But when you see the need to change from one to 10 servers recovery to 300 in 72 hours, we just realized that we had to change our plan. We turned to the investment we had already made and what we had looked at for some time, and said, "Dell EMC, we're ready to look at that "PowerProtect Cyber Recovery solution. "How can you stand this up very quickly?" >> So, Jim, Bob was saying that he looked at the 1% of the 1%, so these guys are early adopters, but anything you can add to that discussion in terms of what you saw precipitate the activity, let's go pre-COVID, certainly ransomware was part of that. Was that the big catalyst that you saw? >> It really was. So when we started the practice, it was following up on the Sony Pictures attack, which only hit Sony in that. But it was unique in that it was trying to destroy an organization as opposed to just steal their data. So we had financial industry really leading the way, the regulators in the financial industry saying, "Gosh, these attacks could happen here "and they would be devastating." So they led the way. And as our practice continued, 2016 became the year of ransomware and became more prevalent, with the attackers getting more sophisticated and being able to monetize their efforts more completely with things like cryptocurrencies. And so as we come around and start talking to Bob, he still was well ahead of the game. People were talking about these issues, starting to grow concerned, but didn't really understand what to do. And Dave, I know we'll get to this a little bit later, but even today, there's quite a bit of disconnect, many times between the business, understanding the risks of the business and then the technology, which really is the business now, but making those pieces fit together and understanding where you need to improve to secure against these risks is a difficult process. >> Well, I think I'd love to come back to Bob and try to understand how you pitch this to the board, if you will, how you made the business case. To Jim's point, the adversaries are highly capable. It's a lucrative business. I always talk to my kids about ROI numerator and denominator. If you can raise the denominator, that's going to lower the value. And that's the business that you're in is making it less attractive for the bad guys. But how did you present this to the board? Was it a board level discussion? >> It was, exactly. We brought Dell EMC PowerProtect Cyber Recovery solution to them and said, not only you're experiencing and seeing in the news daily, these attacks in our regions, but we have actually gone out into an environment and watch that attack play out. Not only that is when we stepped away, and we ran through some tabletops with them and we stepped away. And we said, "Are you okay? "Do you know how it got in? "Are you prepared to protect now and detect that again?" Within 30 days, they were hit again by the same ransomware attacks and hackers. So I hate to say this, but I probably fast forwarded on the business case and in the environment, the horizon around me, players, they made my case for me. So I really appreciated that top down approach. The board invested, the executive invested, they understood what was at risk. They understood that you don't have weeks to recover in the financial institution. You're dealing with hundreds of thousand transactions per second so it made my case. We had studied, we had talked to the experts. We knew what we wanted. We went to Dell EMC and said, "I have six months and here's my spend." And that's from equipment hitting our CoLOS and our data centers, standing it up, standing up the Runbooks and it's fully executed. And I wanted an environment that was not only holistic. We built it out to cover all of our data and that I could stand up the data center within that environment. I didn't need another backup solution. I needed a cyber recovery environment, a lifestyle change, if you would say. It's got to be different than your BCP/DR. While it inherits some of those relationships, we fund it with employees separately. We treated the incident response separately, and it is really benefited. And I think we've really grown. And we continue to stress that to educate ourselves not only at the board level, but a bottom up approach as well with the employees. 'cause they're a part of that human firewall as well. >> I think you've seen this where a lot of organizations, they do a checkbox on backup or as I was saying before, DR. But then in this world of digital, when a problem hits, it's like, "Oh-oh, we're not ready." So I wonder Jim, if we can get into this solution that Bob has been talking about the Dell EMC PowerProtect Cyber Recovery solution, there's a mouthful there. You got the power branding going on. What is that all about? Talk to us about the tech that's behind this. >> It's something that we've developed over time and really added to in our capability. So at its core, PowerProtect Cyber Recovery is going to protect your most critical data and applications so that if there is a cyber attack, a ransomware or destructive attack, they're safe from that attack. And you can take that data and recover the most important components of the business. And to do that, we do a number of things, Dave. The solution itself takes care of all these things. But number one is we isolate the data so that you can't get there from here. If you're a bad actor, even an insider, you can't get to the data because of how we've architected. And so we'll use that to update the critical applications and data. Then we'll lock that data down. People will use terms like immutability or retention lock. So we'll lock it down in that isolated environment, and then we'll analyze it. So it's one thing to be able to protect the data with the solution, it's another, to be able to say that what I have here in my data vault, in my air gapped isolated environment is clean. It's good data. And if there was an attack, I can use that to recover. And then of course over time, we've built out all the capabilities. We've made it easier to deploy, easier to manage. We have very sophisticated services for organizations that need them. And then we can do a much lighter touch for organizations that have a lot of their built in capabilities. At its core, it's a recover capability so that if there was an attack that was unfortunately successful, you don't lose your business. You're not at the mercy of the criminals to pay the ransom. You have this data and you can recover it. >> So Bob, talk to us about your objectives going into this. It's more than a project. It really is a transformation of your resiliency infrastructure, I'll call it. What were your objectives going in? A lot of companies are reacting, and it's like, you don't have time to really think. So what are the objectives? How long did it take? Paint a picture of the project and what it looked like, some of the high level milestones that you were able to achieve. >> Well, I think several times Dell EMC was able to talk us off the edge, where it really got complicated. The Foundation Services is just one of your more difficult conversations, one of the top three, definitely, patch management, notification, and how you're going to rehydrate that data, keeping that window very small to reduce that risk almost completely as you move. I think other area this apply is that we really wanted to understand our data. And I think we're on a road to achieving that. It was important that if we were going to put it into the vault, it had a purpose. And if we weren't going to put it in a vault, let's see why would we choose to do that? Why would we have this data? Why would we have this laying around? Because that's a story of our members, 225 stories. So their ability to move into financial security, that story is now ours to protect. Not only do we want to serve you in the services and the industry and make sure you achieve what you're trying to, but now we have that story about you that we have to protect just as passionately. And we had that. I think that was two of the biggest things. I think the third is that we wanted to make sure we could be successful moving forward. And I'll share with you that in the history of the credit union, we achieved one of the biggest projects here, in the last two years. That umbrella of the Cyber Recovery solution protection was immediate. We plugged in a significant project of our data capital and it's automatically covered. So I take that out of the vendor of responsibility, which is very difficult to validate, to hold accountable sometimes. And it comes back under our control into this purpose built data security and cyber resilient, business strategy. That's a business strategy for us is to maintain that presence. So everything new, we feel that we're sized, there's not going to be a rip and replace, a huge architectural change because we did have this as an objective at the very beginning. >> Tim, when you go into a project like this, what do you tell customers in terms of things that they really should be focused on to have a successful outcome? >> I'm going to say first that not everybody has a Bob Bender. So we have a lot of these conversations where we have to really start from the beginning and work through it with our customers. If you approach this the right way, it's really about the business. So what are the key processes for your business? It can be different from a bank than from a hospital than from a school point. So what are the key things that you do? And then what's the tech that supports that and underlies those processes? That's what we want to get into the vault. So we'll have those conversations early on. I think we have to help a lot of organizations through the risks too. So understand the risk landscape, why doing one or two little things aren't really going to protect you from the full spectrum of attackers. And then the third piece really is, where do we start? How do we get moving on this process? How do we get victory so that the board can understand and the business can understand, and we can continue to progress along the way? So it's always a bit of a journey, but getting that first step and getting some understanding there on the threat landscape, along with why we're doing this is very important. >> So, Bob, what about any speed bumps that you encountered? What were some of those? No project is ever perfect. What'd you run into? How'd you deal with it? >> Well, I would say the Foundation Services were major part of our time. So it really helped for Dell EMC to come and explain to us and look at that perimeter and how our data is brought into that and size that for us and make sure it's sustainable. So that is definitely, could be a speed bump that we had to overcome. But today, because of those lifts, those efforts invested the Runbooks, the increase in new products, new data as our business organically grows is a non-event. It's very plug and play and that's what we wanted from the start. Again, you go back to that conversation at 1% of the 1%, it's saying, who protects you? We followed that. We stayed with the partner we trusted, the horizon holistically has come back and paid for itself again and again. So speed bumps, we're just enjoying that we were early adapters. I don't want to throw anybody out there, but you look about two weeks ago, there was a major announcement about an attack that was successful. They got them with ransomware and the company paid the ransom. But it wasn't for the ransomware, it was for the data they stole so that they would delete it. That's again, why we wanted this environment is we needed time to react in the case that these malwares are growing much faster than we're capable of understanding how they're attacking. Now it's one, two punch, where's it going to be? Where is it going to end? We're not going to likely be patient zero, but we're also not going to have to be up at night worrying that there's a new strain out there. We have a little time now that we have this secure environment that we know has that air gap solution that was built with the regulatory consideration, with the legal considerations, with the data capital, with the review of malware and such. You can go back in time and say, "Scan to see if I have a problem. So again, the partnership is while we focus on our business, they're focusing on the strategy for the future. And that's what we need. We can't be in both places at once. >> How long did the project take from the point of which you agreed, signed the contract to where you felt like you were getting value out of the solution? >> Six months. >> Really? >> We were adamant. I'd put it off for a year and a half, that's two budget cycles basically is what it felt. And then I had to come back and ask for that money back because we felt so passionate that our data, our critical data didn't need to be at that risk any longer. So it was a very tight timeline. And again, product on prem within six months. And it was a lot of things going on there. So I just wasn't idle during that time. I was having a conversation with Dell EMC about our relationship and our contracts. Let's build that cyber resilience into the contract. Now we've got this, PowerProtect Cyber Recovery environment, let's build it here where you also agree to bring on extra hardware or product if I need that. Let's talk about me being on a technology advisory panel So I can tell you where the pricing of the regulations are going, so you can start to build that in. Let's talk about the executive board reporting of your products and how that can enable us. We're not just talking about cyber and protecting your data. We're talking about back then 60% of your keep the lights on IT person will spend with auditors, talking about how we were failing. This product helped us get ahead of that to now where we're data analytic. We're just analysts that can come back to the business table and say, "We can stand that up very quickly." Not only because of the hardware and the platform solution we have, but it is now covered with a cyber resilience of the the cyber security recovery platform. >> I want to ask you about analytics. Do you feel as though you've been able to go from what is generally viewed as a reactive mode into something that is more anticipatory or proactive using analytics? >> Well, I definitely do. We pull analytics daily and sometimes hourly to make sure we're achieving our KPIs. And looking at the KRIs, we do risk assessments from the industry to make sure if our controls layer of defenses are there, that they will still work what we stood up three years ago. So I definitely think we've gone from an ad hoc rip and replace approach to transformation into a more of a threat hunting type of approach. So our cyber security operation center, for us, is very advanced and is always looking for opportunities not only to improve, to do self-assessments, but we're very active. We're monetizing that with a CUSO arm of the credit union to go out and help others where we're successful, others that may not have that staff. It's very rewarding for us. And I hate to say it sometimes it's at their expense of being in-evolved in the event of a ransomware attack or a malware event. We learned so much the gaps we have, that we could take this back, create Runbooks and make the industry stronger against these types of attacks. >> Well, so Jim, you said earlier, not every company has a Bob Bender. How common is it that you're able to see customers go from that reactive mode into one that is proactive? Is that rare or is it increasingly common? It can't be a 100%, but what are you seeing as trends? >> It's more common now. You think of, again, back to Bob, that's three plus years ago, and he's been a tireless supporter and tireless worker in his industry and in his community, in the cyber area. And efforts like those of Bob's have helped so many other organizations I think, understand the risks and take further action. I think too, Bob talks about some of the challenges with getting started in that three year timeframe, PowerProtect Cyber Recovery has become more productized, our practice is more mature. We have more people, more help. We're still doing things out there that nobody else is touching. And so we've made it easier for organizations that have an interest in this area, to deploy and deploy quickly and to get quick value from their projects. So I think between that some of the ease of use, and then also there's more understanding, I think, of what the bad actors can do and those threats. This isn't about somebody maybe having an outage for a couple of hours. This is about the very existence of a business being threatened. That if you're attacked, you might not come back from it. And there've been some significant example that you might lose hundreds of millions of dollars. So as that awareness has grown, more and more people have come on board and been able to leverage learnings from people like Bob who started much earlier. >> Well, I can see the CFO saying, "Okay, I get it. "I have no choice where we're going to be attacked. "We know that, I got to buy the insurance. You got me." But I can see the CFO saying, "Is there any way we can "get additional value out of this? "Can we use it to improve our processes and cut our costs? "Can we monetize this in some way?" Bob, what's the reality there? Are you able to find other sources of value beyond just an insurance policy? >> Definitely, Dave you're exactly right. We're able to go out there and take these Runbooks and really start to educate what cyber resilience means and what air gap means, what are you required to do, and then what is your responsibility to do it. When you take these exercises that are offered and you go through them, and then you change that perspective and go through a live event with other folks that see that after 60 hours of folks being up straight, it really changes your view to understand that there's no finish line here. We're always going to be trying to improve the product and why not pick somebody that you're comfortable with and you trust. And I think that's the biggest win we have from this is that was a Dell EMC partnership with us. It is very comfortable fit. We moved from backup and recovery into cyber resilience and cybersecurity as a business strategy with that partner, with our partner Dell, and it hasn't failed us. It's a very comforting. We're talking about quality of life for the employee. You hear that, keep the lights on. And they've really turned into professionals to really understand what security means differently today and what that quality of data is. Reports, aren't just reports, they're data capital. The new currency today of the value we bring. So how are we going to use that? How are we going to monetize that? It's changing. And then I hate to jump ahead, but we had our perimeters at 1% of our workforce remote and all of a sudden COVID-19 takes on a different challenge. We thought we were doing really good and next, we had to move 50% of our employees out in five days. And because of that Dell EMC, holistic approach, we were protected every step of the way. We didn't lose any time saying, we bought the wrong control, the wrong hardware, the wrong software. It was a very comfortable approach. The Runbooks held us, our security posture stayed solid. It's been a very rewarding. >> Well, Bob, that was my next question, actually is because you've started the journey. >> Sorry. >> No, no, it's okay. Because you started the journey early, were you able to respond to COVID in a more fast sell manner? it sounds like you just went right in. But there's nuance there, because you've got now 50% or more of the workforce working at home, you got endpoint security to worry about. You got identity access management, and it sounds like you were, "No problem. "We've got this covered." Am I getting that right? >> You're exactly right, Dave. We test our endpoints daily. We make sure that we understand what residue of data is where. And when we saw that employee shift to a safe environment, our most consideration at that time, we felt very comfortable that the controls we had in place, again, Dell and their business partners who we are going to hold true and be solid. And we test those metrics daily. I get reports back telling me, what's missing in patch management, what's missing in a backup. I'll go back to keeping BCP and cyber security separate. In the vault, we take approach of recovery and systems daily. And now that goes from maybe a 2% testing rate almost to 100% annually. So again, to your point, COVID was a real setback. We just executed the same Runbooks we had been maturing all along. So it was very comfortable for employees and it was very comfortable for our IT structure. We did not feel any service delays or outages because of that. In a day, when you have to produce that data, secure that data, every minute of every day of every year, it's very comforting to know it's going to happen. You don't push that button and nothing happens. It's executed as planned. >> Jim, did you see a huge spike in demand for your services as a result of COVID and how did you handle it? You guys got a zillion customers, how did you respond and make sure that you were taking care of everybody? >> We really did see a big spike, Dave. I think there were a couple of things going on. As Bob points out, the security posture changes very quickly when you're sending people to work from home or people remotely, you've expanded or obliterated your parameter, you're not ready for it. And so security becomes even more important and more top of mind. So with PowerProtect Cyber Recovery, we can go in and we can protect those most critical applications. So organizations are really looking at their full security posture. What can we do better to detect and protect against these threats? And that's really important. For us, we're focusing on what happens when those fail? And with that extension and people going home, and then the threat actors getting even more active, the possibilities of those failures become more possible and the risks are just in front of everybody. So I think it was a combination of all of those things. Many, many customers came to us very quickly and said, "Tell us more about what you're doing here. "How does it fit into our infrastructure? "What does it protect us against? "How quickly can we deploy?" And so there has been a huge uptake in interest. And we're fortunate in that, as you pointed out early on, Dave, we invested early here. I'm five years into the practice. We've got a lot of people, very mature, very sophisticated in this area, a lot of passion among our team. And we can go take care of all those customers. >> Bob, if you had a mulligan, thinking about this project, what would you do differently if you had a chance to do it over? >> I think I would start earlier. I think that was probably the biggest thing I regret in that realizing you need to understand that you may not have the time you think you do. And luckily, we came to our senses, we executed and I got to say it was with common sense, comfortable products that we already understood. We didn't have to learn a whole new game plan. I don't worry about that. I don't worry about the sizing of the product 'cause we did it, I feel correctly going in and it fits us as we move forward. And we're growing at an increased rate that we may not expect. It's plug and play. Again, I would just say, stay involved, get involved, know that what we know today about malware and these attacks are only going to get more complicated. And that's where I need to spend my time, my group become experts there. Why I really cherish the Dell EMC relationship is from the very beginning, they've always been very passionate on delivering products that recover and protect and now are cyber resilient. I don't have to challenge that, you pay for what you get for. And I just got to say, I don't think there's much other than I would have started earlier. So start today, don't put it off. >> So you said earlier though, you're never done, you never are, in this industry. So what's your roadmap look like? Where do you want to go from here with this capability? >> I definitely want to keep educating my staff, keep training them, keep working with Dell. Again, I tell you they're such forward thinking as a company. They saved me that investment. So if you're looking at part of the investment, it's got to be, are you with a partner that's forward thinking? So we definitely want to mature this, challenge it, keep challenging, keep working with Dell and their products to deliver more. Again, we go to the federal and state regulatory requirements. You go to the Sheltered Harbor, the ACET testing from the NCUA regulators, just software asset management. You can keep on going down the line. This product, I hate to say it, it's like the iPhone. You think about how many products the iPhone has now made not relevant. I don't even own a flashlight, I don't think. This is what the Dell product line brings to me is that I can trust they're going to keep me relevant so I can stay at the business table and design products that help our members today. >> Jim, how about from Dell's perspective, the roadmap, without giving away any confidential information, where do you want to take this? We talk about air gaps. I remember watching that documentary Zero Days and hearing them say, "We got through an air gap. "No problem." So analytics obviously plays a role in this machine intelligence, machine learning, AI. Where does Dell want to take this capability? Where do you see that going? >> We've got some things in mind and then we're always going to listen to our customers and see where the regulations are going to. And thus far, we've been ahead of those with the help of people like Bob. I think where we have a huge advantage, Dave is with PowerProtect Cyber Recovery. It's a product. So we've got people who are dedicated to this full time. We have a maturity in the organization, in the field to deliver it and to service it. And having something as a product like that really enables us to have roadmaps and support and things that customers need to really make this effective for them. So as we look out on the product, and thanks for your reminder, I don't want to risk saying anything here I'm going to get in trouble for. We look at things in three paths. One is we want to increase the ability for our customers to consume the product. So they want it in different forms. They might want it in appliances, in the Cloud, virtual, all of those things are things that we've developed and continue to develop. They want more capabilities. So they want the product to do more things. They want it to be more secure, and keeping up. As you mentioned, machine learning with the analytics is a big key for us. Even more mundane things like operational information makes it easier to keep the vault secure and understand what's going on there without having to get into it all the time. So those are really valuable. And then our third point, really, we can't do everything. And so we have great partners, whether they're doing delivery, offering cyber recovery as a service or providing secure capabilities, like our relationship with Unisys. They have a stealth product that is a zero knowledge, zero trust product that helps us to secure some of the connections to the vault. We'll keep iterating on all of those things and being innovative in this space, working with the regulators, doing things. Bob's mentioned a couple of times, Sheltered Harbor. We've been working with them for two years to have our product endorsed to their specification. Something that nobody else is even touching. So we'll continue along all those paths, but really following our customer's lead in addition to maybe going some places that they haven't thought about before. >> It's great guys. I have to fear that when you talk to SecOps pros, you ask them what their biggest challenge is, and they'll say lack of talent, lack of skills. And so this is a great example, Jim, you're mentioning it, you've productized this. This is a great example of a technology company translating, IT labor costs into R&D. And removing those so customers can spend time running their business. Bob and Jim, thanks so much for coming on the CUBE. Great story. Really appreciate your time. >> Thank you, Dave. >> Thank you, Dave. >> Thanks, Bob. >> All right. And thank you everybody for watching. This is Dave Vellante for the CUBE. We'll see you next time. (instrumental music)

>> Announcer: Live from Las Vegas, it's the Cube, covering Dell Technologies World, 2018, brought to you by Dell EMC and it's ecosystem partners. >> Well welcome back to Las Vegas, the Cube, continuing our coverage here of Dell Technologies World 2018, with some 14 thousand strong in attendance. This is day two by the way, of three days of coverage that you'll be seeing here live on the Cube. Along with Keith Townsend, I'm John Walls and we're now joined by Alex Almeida, who is the consultant of product marketing at Dell EMC, and Bob Bender who is the CTO of Founders Federal Credit Union, Bob, good to see you as well, sir. >> Thank you, thank you for having me. >> You bet, thanks for being here to both of you. First off, let's just set the table for what you do at Founders and what Founders is all about and then why Dell, and how Dell figures into your picture. >> Sure, so Founders Federal Credit Union established in 1950 we're a regional financial institution providing basic services for that area in South and North Carolina. We now service over 32 areas and we have about 210 thousand plus members. So I'm Chief Technology Officer and we're looking to Dell EMC to really give us a lift in the cyber resilience of our data, what we're trying to protect today. >> Keith and I were talking too, and said we always like hearing on the customer side of this, especially on the financial side, right? Because your concerns are grave concerns, right? We all care about our money, right? And obviously that's first and foremost for you, having trust, credibility, liability. So tell us a little bit about that thought process in general, what drives your business and how that then transfers over to DIT. >> Sure, and as a member, you look at us, big or small, you expect the same cyber resilience, protection for your personal information, you don't think there's going to be a difference there. So if you look at the Carolina's, you're going to see a significant, or the southeast, we've been picked on with malware, with that data extortion of what the name, ransomware, so we had to find a solution quickly and we looked at Dell EMC for data protection and cyber recovery to really help us in that area and really protect our data. >> So let's talk about some of the threats faced. Outside of malware, typically the line of thought is, you know what, don't assume that you can prevent getting hacked, assume that you are hacked, what personas do you guys wear as a bank, or as a credit union? >> Well, we looked at that and what we did is we get really involved and we go out and we see that event, the breach, the malware, the ransomware, and so we really thought, we lack the ability of bringing assets under governance, so how do we really roll that up so that everybody knows at any point in time, we can recover, that we have kind of a isolated recovery, an air gap, or a data bunker, and then a clean room to bring that up, a Sandbox. And we really saw that our tape media backup recovery was not going to recover for the events that were happening, the old days, you're looking at one or two critical systems that are being recovered. Today, they're locking 500, 1500 servers in a matter of minutes. So, when you rehydrate that data, you know, the deduplication, we're seeing 72 to one and that's done very fast, through the product lines of Dell EMC, significant, but when you want to rehydrate that, the data's gone, it's just not there. Well, if you take away that air gap situation, what're you left with? And if they're smart enough to figure out where your backups are, you're left with no protection, so we really needed to isolate and put off network all that critical data. And because of that 72 to one dedupe rate, and I realize we may be unique, there's others that may have to choose what those critical systems are, we're not going to have to, we're going to protect everything, every day, and so that we have a recovery point that we can point to and show management and our board and our members, such as you guys, that we can recover, that you're going to have trust in us handling your financial responsibilities. >> So what specific technologies are you guys using from Dell to create this environment in which you can recover within these isolated bubbles? >> You know, I'll let Alex talk more specific, but we really looked at the data protection solution, and a cyber solution, we said phase one, we want to stand this up very quickly because it's any minute this could happen to us. It's happening to very smart establishments. We really picked what was going to optimize our first iteration of this, and we did it quickly, so we're talking a roll out in 45 days. We used Data Domain, Avamar, DD Boost, we've got Data Protection Advisor, which gives me, whether I'm here or I'm off at another conference, or I'm showing up at the office, I get instant results of what we did the day before for that recovery. I know that we're in the petabyte storage business, I don't know when we crossed that line, but now we store you know, a huge amount of data very quickly. I mean, we took their product line and went from hours down to seconds and I can move that window any which way I want, and so it's just empowering to be able to use that product line to protect our data the way we are today. >> Yeah, I think the Dell EMC cyber recovery solution really is kind of looking at solving the problem, most people look at it from solving it as a preventative thing, how do I prevent malware from happening, how do I stop ransomware from attacking me? The thing is is that it's all about really, how are you going to recover from that? And having plan to be able to recover. And with the way we approached it, we started talking to customers like Bob, and they were really coming to us and saying, you know, this is increasing, this is an increasing problem that we're seeing and it's inevitable, we feel we're going to be attacked at some point. And you see on the news today, you know, we're only a little bit through the year and there's been a lot of news on cyber attacks and things like that. The key thing is how do you recover? So we took at that in conversations with our customers and went specifically back and designed a solution that leverages the best in industry technology that we have with our data protection portfolio. So when you look at data deduplication, you look at Data Domain, that technology in the industry provides the fastest recovery possible. And from there, that makes it realistic for companies to really say, yeah, I can recover from a ransomware attack. And the more important thing is, we look at this as the isolation piece of the solution is really where the value comes in. Not only is it to get a clean copy of the data, but you can use that for analysis of that data in that clean room to be able to detect early on problems that may be happening in your production environment. And it's really important that that recovery aspect be stressed and really the Data Domain solution is kind of the enabler there. >> It's still a really tough spot to be in, right? Because on one hand you're protecting, you're trying to prevent, so you're building the fortress as best you can, and at the same time, you're developing a recovery solution so that if there is a violation, an intrusion, you're going to be okay, but the fact is the data's gone, you know, it went out the door, and so I'm just curious psychologically, you know, how do you deal with that, with your board, with your ownership, with your customers? How do you deal with it, Alex, to your customer, just saying we're going to do all we can to keep this safe, >> Absolutely. >> But so that but is a big caviada, right? How do both of you deal with that? >> Yeah. >> First off... >> I'll say this, working with the Dell EMC engineers and their business partners, I'm sleeping better at night, and I'm not just saying that being here, what I mean is that they've shrunk my backup window, they've guaranteed me reporting and a infrastructure IQ of that environment that I have more insight, integrated, so across, holistically, my enterprise. So no longer am I adding on different components to complete backups, this backup, this company, this... I never get that insight, and I never really have the evidence that we're restoring, I can do the store and the restore at the same time and see that next day in reporting, that we're achieving that. I hear that but, but that but is a little quieter because you know, it's just a little less impactful because I'm confident now that I've got a very efficient window. I'm not effecting again, with those add on, ad hoc products, not condemning 'em, but, they're impactful to critical applications, I can see response time during peak times, the product doesn't have that effect. And it's really exciting because now I can, you know, I've got to rip and replace, I got to lift and shift, you decide what the acronyms you want to add to it, but we... The big thing I want to add, and sorry to ramble here a little, >> You're fine. >> Yep, yep. Our run books are becoming smaller. And this is, the less complex, now we're taking keep the lights on people that are very frustrated with our acronyms and our terminology and the way we're going and I'm starting to bring them into the cyber resilience, cyber security environment and they're feeling empowered and I'm getting more creative ideas and that means, more creative ideas means we're back as a business solving problems, not worrying if our backups are done at two in the morning. >> And from a Dell EMC perspective, I think we're really uniquely positioned in the industry, in that, not just from Dell EMC, but we look at all of Dell technologies, right? When we incorporate the fact that we have best in class data protection solutions to do operational recovery, disaster recovery, the next logical step is to really augment that and really start looking at cyber recovery, right? And then when you look at that and you look at the power of Dell technologies, it's really a layered approach, how do I layer my data protection solutions to do operational recovery, to do disaster recovery? And then at the same time, throw in a little RSA and SecureWorks in there into the picture and we're really uniquely positioned as a vendor in the industry, no other vendor can really handle that breadth in the industry from a cyber recovery standpoint when you throw in the likes of RSA and SecureWorks. >> So, Alex, let's drill down in the overall capability versus the rest of the industry. There's been a ton of investment in data protection, 90 million, 100 million, we're seeing unicorns pop up over just this use case of data protection. And they're making no qualms at it, they're going right at the Data Domain business. What is the message that you're going out and telling any users like Bob, that, you know what, stay the course, Data Domain, the portfolio of data protection at Dell is the best way to recover your environment in case of a breach. >> Yeah, absolutely. So in terms of that, what I say to customers I talk to every day around this, that are maybe doubting you know, going forward and what they're going to do, is that we are continuing to innovate, that Data Domain platform continues to innovate, you see that in our cloud scenarios, in the cloud, you know, use cases that we're talking about, and really kind of working together with our customers as a partner on how we apply things like cyber recovery for their workloads that go into the cloud, right? And that's really through that working relationship with customers and that very strong investment that we're making on the engineering side with our roadmaps is really what customers, at the end of the day become convinced that Data Domain is here to stay. >> So, Bob I'd love to follow up on-- >> Bob: Can I add on to that? >> Please. >> You know, I think the couple things you pointed on that I probably missed, is one, you've given me options, I can be on pram or off pram or back to on pram, and that is with the product line. And again, that integration across that, I have to have that insight, but at the end of the day, Dell EMC's product line delivers and that's what we experienced in our relationship. We're not talking about... 72 to one dedupe rate, I know that's, I triple checked the facts, it's like really, we're achieving that? That's impactful to my project lines, right? I'm no longer a bottle neck because I'm back at the projects and we're getting stuff moving and we're just not confused by the technology or the way we have to, you know, kind of bandaid them together, it's just one place to go and it delivers. And we see that delivery, especially with the growth of the Data Domain and the addition of the Sandbox, it's very exciting, we're seeing some great performance on our new systems. >> Yeah, and we hear that a lot about the flexibility of the portfolio and the data protection, the fact that, Bob mentioned it many times, making the backup window disappear is really where the heart of it is. And now Bob's team an all the customers that I've talked to and their teams can go off and actually move the business forward with more innovation and bringing more value back to the business. >> Part of security is disaster recovery. Do you guys integrate your disaster recovery practice as part of your Data Domain implementation? >> I think that's a great question. We've challenged our DR group, external also, we saw incident response component, just a big empty hole, it's missing. And I think that's a change in mindset people have to implement, as you pointed out, incident response is going to be before the disaster. And if you don't stand up, you're, look our data's gone mobile, that means it's everywhere, and we have to follow it everywhere with the same protection in the end of the day, no matter where we sit, we own it, we're responsible for it, so we have to go after it in the same protection. So I think it is part of that, we're integrating it, I think we confused a couple companies with that, but you got to stand up those foundation services, the cyber security, the data life cycle has made the cyber security become much more complex. And the use, the business use of that data is becoming more demanding, so we had to make it available, so we had to be transparent with these products and Kudos to Dell EMC and all the engineers making this happen. I don't know what I would be doing if it wasn't there for me. >> Keith: Well thank you, Bob. >> You know, and I'll tell you what strikes me a little bit about this, as we have just a final moment here, is that we think about cyber invasions and violations, what have you, we think about it on a global or a national scale. I mean, you are a very successful regional business, right? And you are just as prime of a target for malfeasance as any and you need to take these prophylactic measures just as aggressively as any enterprise. >> Right, right. If you look at the names, I mean, you just go down the list, Boeing, Mecklenburg County, City of Atlanta, you know, not to name 'em and pick on 'em but they're still recovering. And our business resilience, our reputation is all we have, we're there, you know, our critical asset is your data, that is what we say, you know, the story we tell is how we protect that and that's our services and if at the end of the day you don't trust our services, what are we? >> Alex: That's right. >> Not enough just to protect and prevent, you have to be able to recover. >> So to have a business partner that really understands, and I know I'm a little, maybe a little smaller than some of your others, but you still treat me like I'm... And you still listen to me, I bring you ideas, you say this fits, let's see what we can do. Your engineers go back and they say, you know, we can't say yes, but we can say we're going to take a different approach and come back with a solution. So it's very, very exciting to have a partner that does that with you. >> No, it's a great lesson, it is, it's great. Although, as I say goodbye here, I am a little disappointed when I heard you're from South Carolina I was expecting this wonderful southern accent to come out. (laughing) it just, Bob, what happened? >> You know, I'm an Iowa boy. >> John: You got a little yankee in ya'. >> There you go. Maybe they'll say a little more than a little. >> Alright, gentlemen, thanks for being with us. >> Thank you very much for having us. >> Thanks for sharing the Founders Federal story. Back with more from Las Vegas, you're watching the Cube, we're in Dell Technologies World 2018.

>>Welcome back to a blueprint for trusted infrastructure. We're here with Rob Emsley. Who's the director of product marketing for data protection and cyber security. Rob. Good to see you a new role. >>Yeah. Good to be back, Dave. Good to see you. Yeah, it's been a while since we chatted last and you know, one of the changes in, in my world is that I've expanded my responsibilities beyond data protection marketing, to also focus on cyber security marketing specifically for our infrastructure solutions group. So certainly that's, you know, something that really has driven us to, you know, to come and have this conversation with you today. >>So data protection obviously has become an increasingly important component of the cyber security space. I, I don't think necessarily of, you know, traditional backup and recovery as security it's to me, it's an adjacency. I know some companies have said, oh yeah, now we're a security company. They're kind of chasing the valuation for sure. Bubble. Dell's interesting because you, you have, you know, data protection in the form of backup and recovery and data management, but you also have security, you know, direct security capabilities. So you're sort of bringing those two worlds together and it sounds like your responsibility is to, to connect those, those dots. Is that right? >>Absolutely. Yeah. I mean, I think that the reality is, is that security is a, a multi-layer discipline. I think the, the days of thinking that it's one or another technology that you can use or process that you can use to make your organization secure long gone. I mean, certainly you actually correct. If you think about the backup and recovery space, I mean, people have been doing that for years, you know, certainly backup and recovery. It's all about the recovery. It's all about getting yourself backup and running when bad things happen. And one of the realities, unfortunately today is that one of the worst things that can happen is cyber attacks. You know, ransomware, malware are all things that are top of mind for all organizations today. And that's why you see a lot of technology and a lot of innovation going into the backup and recovery space, because if you have a copy, a good copy of your data, then that is really the, the first place you go to recover from a cyber attack. >>And that's why it's so important. The reality is is that unfortunately the cyber criminals keep on getting smarter. I don't know how it happens, but one of the things that is happening is that the days of them just going after your production data are no longer the only challenge that you have, they go after your, your backup data as well. So over the last half a decade, Dell technologies with its backup and recovery portfolio has introduced the concept of isolated cyber recovery volts. And that is really the, you know, we've had many conversations about that over the years. Yeah. And that's really a big tenant of what we do in the debt protection portfolio. >>So this idea of, of cybersecurity resilience, that definition is evolving. What does it mean to you? >>Yeah, I think the, the analyst team over at Gartner, they wrote a, a very insightful paper called you will be hacked, embraced the breach. And the whole basis of this analysis is so much money's been spent on prevention is that what's outta balance is the amount of budget that companies have spent on cyber resilience and cyber resilience is based upon the premise that you will be hacked. You have to embrace that fact and be ready and prepared to bring yourself back into business. You know, and that's really where cyber resiliency is very, very different than cyber security and prevention, you know, and I think that balance of get your security disciplines well funded, get your defenses as good as you can get them, but make sure that if the inevitable happens and you find yourself compromised that you have a great recovery plan and certainly a great recovery plan, it's really the basis of any good solid data protection backup from recovery philosophy. >>So if I had to do a SWOT analysis, we don't have to do the w OT, but let's focus on the S what would you say are Dell's strengths in this, you know, cybersecurity space, as it relates to data protection. >>One is we've been doing it a long time. You know, we talk a lot about Dell's data protection being proven and modern. You know, certainly the experience that we've had over literally three decades of providing enterprise scale data protection solutions to our customers has really allowed us to have a lot of insight into what works and what doesn't, as I mentioned to you, one of the unique differentiators of our solution is the cyber recovery vaulting solution that we introduce a little over five years ago, five, six years, power protect cyber recovery is something which has become a unique capability for customers to adopt on top of their investment in Dell technologies, data protection, you know, the, the unique elements of our solution already threefold, and it's, we call them the three eyes. It's isolation, it's a mutability and its intelligence. And the, the isolation part is really so important because you need to reduce the attack surface of your good known copies of data. >>You know, you need to put it in a location that the bad actors can't get to it. And that really is the, the, the, the essence of a cyber recovery vault. Interestingly enough, you're starting to see the market throw out that word, you know, from many other places, but really it comes down to having a real discipline that you don't allow the security of your cyber recovery vault to be compromised insofar as allowing it to be controlled from outside of the vault, you know, allowing it to be controlled by your backup application. Our cyber recovery vaulting technology is independent of the backup infrastructure. It uses it, but it controls its own security. And that is so, so important. It's like having a, a vault that the only way to open it is from the inside, you know, and think about that. If you think about, you know, vaults in banks or vaults in your home, normally you have a keypad on the outside, think of our cyber recovery vault as having its security controlled from inside of the vault. >>So nobody can get in, nothing can get in unless it's already in. And if it's already in, then it's trusted. Exactly. Yeah, exactly. Yeah. So isolation's the key. And then you, you mentioned immutability is the second piece. >>Yeah, so I, mutability is, is also something which has been around for a long time. People talk about backup mutability or immutable backup copies. So immutability is just the, the, the additional technology that allows the data that's inside of the vault to be unchangeable, you know, but again, that immutability, you know, your mileage varies, you know, when you look across the, the different offers that are out there in the market, especially in the backup industry, you make a very valid point earlier that the backup vendors in the market seem to be security, washing their marketing messages. I mean, everybody is leaning into the ever present danger of cyber security, not a bad thing, but the reality is is that you have to have the technology to back it up, you know, quite literally, >>Yeah, yeah, no pun intended. Right. And then actually pun intended. Now what about the intelligence piece of it? That's that's AI ML, where does that fit >>For sure. So the intelligence piece is delivered by a solution called cyber sense. And cyber sense for us is what really gives you the confidence that what you have in your cyber recovery volt is a good clean copy of data. So it's looking at the backup copies that get driven into the cyber volt, and it's looking for anomalies. So it's not looking for signatures of malware. You know, that's what your antivirus software does. That's what your endpoint protection software does. That's on the prevention side of the equation. But what we're looking for is we're looking to ensure that the data that you need when all hell breaks loose is good, and that when you get a request to restore and recover your business, you go right, let's go and do it. And you don't have any concern that what you have in the vault has been compromised. >>So cyber sense is really a, a unique analytics solution in the market, based upon the fact that it, it, isn't looking at at cursory indicators of, of, of, of, of malware infection or, or, or ransomware introduction it's doing full content analytics, you know, looking at, you know, has the data in any way changed, has it suddenly become encrypted? Has it suddenly become different to how it was in the previous scan? So that anomaly detection is very, very different. It's looking for, you know, like different characteristics that really are an indicator that something is going on. And of course, if it sees it, you immediately get flagged. But the good news is, is that you always have in the vault, the previous copy of good known data, which now becomes your restore point. >>So we're talking to Rob Emsley about how data protection fits into what Dell calls DT, I, Dell trusted infrastructure. And, and I'm, I want to come back Rob to this notion of, and, or cuz I think a lot of people are skeptical. Like how can I have great security and not introduce friction into my organization? Is that an automation play? How, how does Dell tackle that problem? >>I mean, I think a lot of it is across our infrastructure is, is security has to be built in, I mean, intrinsic security within our servers, within our storage devices, within our elements of our backup infrastructure. I mean, security, multifactor authentication, you know, elements that make the overall infrastructure secure. You know, we have capabilities that, you know, allow us to identify whether or not configurations have changed. You know, we'll probably be talking about that a little bit more to you later in the segment, but the, the essence is, is security is not, not a Bolton. It has to be part of the overall infrastructure. And that's so true, certainly in the data protection space, >>Give us the, the, the bottom line on, on how you see Dell's key differentiators. Maybe you could talk about Dell, of course always talks about its portfolio, but, but why should customers, you know, lead in to Dell in, in this whole cyber resilience space, >>You know, staying on the data protection space. As I mentioned, the, the, the work we've been doing to introduce this cyber resiliency solution for debt protection is in our opinion, as good as it gets, you know, the, you know, you've spoken to a number of our, of our best customers, whether it be Bob bender from founders, federal, or more recently at Delta arches world, you spoke to Tony Bryson yep. From the town of Gilbert. And these are customers that we've had for many years that have implemented cyber recovery volts. And at the end of the day, they can now sleep at night. You know, that's really the, the peace of mind that they have is that the insurance that a data protection from Dell cyber recovery vault a para protect cyber recovery solution, gives them, you know, really allows them to, you know, just have the assurance that they don't have to pay a ransom if they have a, an insider threat issue. And you know, all the way down to data deletion is they know that what's in the cyber recovery vault is good and ready for them to recover from. >>Great, well, Rob, congratulations on the new scope of responsibility. I like how you know, your organization is expanding as the threat surface is expanding. As we said, data protection becoming an adjacency to, to security, not security in and of itself. A key component of a comprehensive security strategy. Rob Emsley. Thank you for coming back in the cube. Good to see you again. >>You too, Dave. Thanks. >>All right. In a moment, I'll be back to wrap up a blueprint for trusted infrastructure. You watching the cube.

the cyber security landscape has changed dramatically over the past 24 to 36 months rapid cloud migration has created a new layer of security defense sure but that doesn't mean csos can relax in many respects it further complicates or at least changes the ciso's scope of responsibilities in particular the threat surface has expanded and that creates more seams and cisos have to make sure their teams pick up where the hyperscaler clouds leave off application developers have become a critical execution point for cyber assurance shift left is the kind of new buzz phrase for devs but organizations still have to shield right meaning the operational teams must continue to partner with secops to make sure infrastructure is resilient so it's no wonder that in etr's latest survey of nearly 1500 cios and it buyers that business technology executives cite security as their number one priority well ahead of other critical technology initiatives including collaboration software cloud computing and analytics rounding out the top four but budgets are under pressure and csos have to prioritize it's not like they have an open checkbook they have to contend with other key initiatives like those just mentioned to secure the funding and what about zero trust can you go out and buy xero trust or is it a framework a mindset in a series of best practices applied to create a security consciousness throughout the organization can you implement zero trust in other words if a machine or human is not explicitly allowed access then access is denied can you implement that policy without constricting organizational agility the question is what's the most practical way to apply that premise and what role does infrastructure play as the enforcer how does automation play in the equation the fact is that today's approach to cyber resilient type resilience can't be an either or it has to be an and conversation meaning you have to ensure data protection while at the same time advancing the mission of the organization with as little friction as possible and don't even talk to me about the edge that's really going to keep you up at night hello and welcome to the special cube presentation a blueprint for trusted infrastructure made possible by dell technologies in this program we explore the critical role that trusted infrastructure plays in cyber security strategies how organizations should think about the infrastructure side of the cyber security equation and how dell specifically approaches securing infrastructure for your business we'll dig into what it means to transform and evolve toward a modern security infrastructure that's both trusted and agile first up are pete gear and steve kenniston they're both senior cyber security consultants at dell technologies and they're going to talk about the company's philosophy and approach to trusted infrastructure and then we're going to speak to paris arcadi who's a senior consultant for storage at dell technologies to understand where and how storage plays in this trusted infrastructure world and then finally rob emsley who heads product marketing for data protection and cyber security he's going to take a deeper dive with rob into data protection and explain how it has become a critical component of a comprehensive cyber security strategy okay let's get started pete gear steve kenniston welcome to the cube thanks for coming into the marlboro studios today great to be here dave thanks dave good to see you great to see you guys pete start by talking about the security landscape you heard my little rap up front what are you seeing i thought you wrapped it up really well and you touched on all the key points right technology is ubiquitous today it's everywhere it's no longer confined to a monolithic data center it lives at the edge it lives in front of us it lives in our pockets and smartphones along with that is data and as you said organizations are managing sometimes 10 to 20 times the amount of data that they were just five years ago and along with that cyber crime has become a very profitable enterprise in fact it's been more than 10 years since uh the nsa chief actually called cyber crime the biggest transfer of wealth in history that was 10 years ago and we've seen nothing but accelerating cyber crime and really sophistication of how those attacks are perpetrated and so the new security landscape is really more of an evolution we're finally seeing security catch up with all of the technology adoption all the build out the work from home and work from anywhere that we've seen over the last couple of years we're finally seeing organizations and really it goes beyond the i t directors it's a board level discussion today security's become a board level discussion yeah i think that's true as well it's like it used to be the security was okay the secops team you're responsible for security now you've got the developers are involved the business lines are involved it's part of onboarding for most companies you know steve this concept of zero trust it was kind of a buzzword before the pandemic and i feel like i've often said it's now become a mandate but it's it's it's still fuzzy to a lot of people how do you guys think about zero trust what does it mean to you how does it fit yeah i thought again i thought your opening was fantastic in in this whole lead into to what is zero trust it had been a buzzword for a long time and now ever since the federal government came out with their implementation or or desire to drive zero trust a lot more people are taking a lot more seriously because i don't think they've seen the government do this but ultimately let's see ultimately it's just like you said right if if you don't have trust to those particular devices uh applications or data you can't get at it the question is and and you phrase it perfectly can you implement that as well as allow the business to be as agile as it needs to be in order to be competitive because we're seeing with your whole notion around devops and the ability to kind of build make deploy build make deploy right they still need that functionality but it also needs to be trusted it needs to be secure and things can't get away from you yeah so it's interesting we attended every uh reinforce since 2019 and the narrative there is hey everything in this in the cloud is great you know and this narrative around oh security is a big problem is you know doesn't help the industry the fact is that the big hyperscalers they're not strapped for talent but csos are they don't have the the capabilities to really apply all these best practices they're they're playing whack-a-mole so they look to companies like yours to take their r your r d and bake it into security products and solutions so what are the critical aspects of the so-called dell trusted infrastructure that we should be thinking about yeah well dell trusted infrastructure for us is a way for us to describe uh the the work that we do through design development and even delivery of our it system so dell trusted infrastructure includes our storage it includes our servers our networking our data protection our hyper converged everything that infrastructure always has been it's just that today customers consume that infrastructure at the edge as a service in a multi-cloud environment i mean i view the cloud as really a way for organizations to become more agile and to become more flexible and also to control costs i don't think organizations move to the cloud or move to a multi-cloud environment to enhance security so i don't see cloud computing as a panacea for security i see it as another attack surface and another uh aspect in front that organizations and and security organizations and departments have to manage it's part of their infrastructure today whether it's in their data center in a cloud or at the edge i mean i think it's a huge point because a lot of people think oh data's in the cloud i'm good it's like steve we've talked about oh why do i have to back up my data it's in the cloud well you might have to recover it someday so i don't know if you have anything to add to that or any additional thoughts on it no i mean i think i think like what pete was saying when it comes to when it comes to all these new vectors for attack surfaces you know people did choose the cloud in order to be more agile more flexible and all that did was open up to the csos who need to pay attention to now okay where can i possibly be attacked i need to be thinking about is that secure and part of the part of that is dell now also understands and thinks about as we're building solutions is it is it a trusted development life cycle so we have our own trusted development life cycle how many times in the past did you used to hear about vendors saying you got to patch your software because of this we think about what changes to our software and what implementations and what enhancements we deliver can actually cause from a security perspective and make sure we don't give up or or have security become a whole just in order to implement a feature we got to think about those things yeah and as pete alluded to our secure supply chain so all the way through knowing what you're going to get when you actually receive it is going to be secure and not be tampered with becomes vitally important and pete and i were talking earlier when you have tens of thousands of devices that need to be delivered whether it be storage or laptops or pcs or or whatever it is you want to be you want to know that that that those devices are can be trusted okay guys maybe pete you could talk about the how dell thinks about it's its framework and its philosophy of cyber security and then specifically what dell's advantages are relative to the competition yeah definitely dave thank you so we've talked a lot about dell as a technology provider but one thing dell also is is a partner in this larger ecosystem we realize that security whether it's a zero trust paradigm or any other kind of security environment is an ecosystem uh with a lot of different vendors so we look at three areas one is protecting data in systems we know that it starts with and ends with data that helps organizations combat threats across their entire infrastructure and what it means is dell's embedding security features consistently across our portfolios of storage servers networking the second is enhancing cyber resiliency over the last decade a lot of the funding and spending has been in protecting or trying to prevent cyber threats not necessarily in responding to and recovering from threats right we call that resiliency organizations need to build resiliency across their organization so not only can they withstand a threat but they can respond recover and continue with their operations and the third is overcoming security complexity security is hard it's more difficult because of the things we've talked about about distributed data distributed technology and and attack surfaces everywhere and so we're enabling organizations to scale confidently to continue their business but know that all all the i.t decisions that they're making um have these intrinsic security features and are built and delivered in a consistent security so those are kind of the three pillars maybe we could end on what you guys see as the key differentiators that people should know about that that dell brings to the table maybe each of you could take take a shot at that yeah i think first of all from from a holistic portfolio perspective right the uh secure supply chain and the secure development life cycle permeate through everything dell does when building things so we build things with security in mind all the way from as pete mentioned from from creation to delivery we want to make sure you have that that secure device or or asset that permeates everything from servers networking storage data protection through hyper converge through everything that to me is really a key asset because that means you can you understand when you receive something it's a trusted piece of your infrastructure i think the other core component to think about and pete mentioned as dell being a partner for making sure you can deliver these things is that even though those are that's part of our framework these pillars are our framework of how we want to deliver security it's also important to understand that we are partners and that you don't need to rip and replace but as you start to put in new components you can be you can be assured that the components that you're replacing as you're evolving as you're growing as you're moving to the cloud as you're moving to a more on-prem type services or whatever that your environment is secure i think those are two key things got it okay pete bring us home yeah i think one of one of the big advantages of dell is our scope and our scale right we're a large technology vendor that's been around for decades and we develop and sell almost every piece of technology we also know that organizations are might make different decisions and so we have a large services organization with a lot of experienced services people that can help customers along their security journey depending on whatever type of infrastructure or solutions that they're looking at the other thing we do is make it very easy to consume our technology whether that's traditional on-premise in a multi-cloud environment uh or as a service and so the best of breed technology can be consumed in any variety of fashion and know that you're getting that consistent secure infrastructure that dell provides well and dell's forgot the probably top supply chain not only in the tech business but probably any business and so you can actually take take your dog food and then and allow other billionaire champagne sorry allow other people to you know share share best practices with your with your customers all right guys thanks so much for coming thank you appreciate it okay keep it right there after this short break we'll be back to drill into the storage domain you're watching a blueprint for trusted infrastructure on the cube the leader in enterprise and emerging tech coverage be right back concern over cyber attacks is now the norm for organizations of all sizes the impact of these attacks can be operationally crippling expensive and have long-term ramifications organizations have accepted the reality of not if but when from boardrooms to i.t departments and are now moving to increase their cyber security preparedness they know that security transformation is foundational to digital transformation and while no one can do it alone dell technologies can help you fortify with modern security modern security is built on three pillars protect your data and systems by modernizing your security approach with intrinsic features and hardware and processes from a provider with a holistic presence across the entire it ecosystem enhance your cyber resiliency by understanding your current level of resiliency for defending your data and preparing for business continuity and availability in the face of attacks overcome security complexity by simplifying and automating your security operations to enable scale insights and extend resources through service partnerships from advanced capabilities that intelligently scale a holistic presence throughout it and decades as a leading global technology provider we'll stop at nothing to help keep you secure okay we're back digging into trusted infrastructure with paris sarcadi he's a senior consultant for product marketing and storage at dell technologies parasaur welcome to the cube good to see you great to be with you dave yeah coming from hyderabad awesome so i really appreciate you uh coming on the program let's start with talking about your point of view on what cyber security resilience means to to dell generally but storage specifically yeah so for something like storage you know we are talking about the data layer name and if you look at cyber security it's all about securing your data applications and infrastructure it has been a very mature field at the network and application layers and there are a lot of great technologies right from you know enabling zero trust advanced authentications uh identity management systems and so on and and in fact you know with the advent of you know the the use of artificial intelligence and machine learning really these detection tools for cyber securities have really evolved in the network and the application spaces so for storage what it means is how can you bring them to the data layer right how can you bring you know the principles of zero trust to the data layer uh how can you leverage artificial intelligence and machine learning to look at you know access patterns and make intelligent decisions about maybe an indicator of a compromise and identify them ahead of time just like you know how it's happening and other ways of applications and when it comes to cyber resilience it's it's basically a strategy which assumes that a threat is imminent and it's a good assumption with the severity of the frequency of the attacks that are happening and the question is how do we fortify the infrastructure in the switch infrastructure to withstand those attacks and have a plan a response plan where we can recover the data and make sure the business continuity is not affected so that's uh really cyber security and cyber resiliency and storage layer and of course there are technologies like you know network isolation immutability and all these principles need to be applied at the storage level as well let me have a follow up on that if i may the intelligence that you talked about that ai and machine learning is that do you do you build that into the infrastructure or is that sort of a separate software module that that points at various you know infrastructure components how does that work both dave right at the data storage level um we have come with various data characteristics depending on the nature of data we developed a lot of signals to see what could be a good indicator of a compromise um and there are also additional applications like cloud iq is the best example which is like an infrastructure wide health monitoring system for dell infrastructure and now we have elevated that to include cyber security as well so these signals are being gathered at cloud iq level and other applications as well so that we can make those decisions about compromise and we can either cascade that intelligence and alert stream upstream for uh security teams um so that they can take actions in platforms like sign systems xtr systems and so on but when it comes to which layer the intelligence is it has to be at every layer where it makes sense where we have the information to make a decision and being closest to the data we have we are basically monitoring you know the various parallels data access who is accessing um are they crossing across any geo fencing uh is there any mass deletion that is happening or a mass encryption that is happening and we are able to uh detect uh those uh patterns and flag them as indicators of compromise and in allowing automated response manual control and so on for it teams yeah thank you for that explanation so at dell technologies world we were there in may it was one of the first you know live shows that that we did in the spring certainly one of the largest and i interviewed shannon champion and a huge takeaway from the storage side was the degree to which you guys emphasized security uh within the operating systems i mean really i mean powermax more than half i think of the features were security related but also the rest of the portfolio so can you talk about the the security aspects of the dell storage portfolio specifically yeah yeah so when it comes to data security and broadly data availability right in the context of cyber resiliency dell storage this you know these elements have been at the core of our um a core strength for the portfolio and the source of differentiation for the storage portfolio you know with almost decades of collective experience of building highly resilient architectures for mission critical data something like power max system which is the most secure storage platform for high-end enterprises and now with the increased focus on cyber security we are extending those core technologies of high availability and adding modern detection systems modern data isolation techniques to offer a comprehensive solution to the customer so that they don't have to piece together multiple things to ensure data security or data resiliency but a well-designed and well-architected solution by design is delivered to them to ensure cyber protection at the data layer got it um you know we were talking earlier to steve kenniston and pete gear about this notion of dell trusted infrastructure how does storage fit into that as a component of that sort of overall you know theme yeah and you know and let me say this if you could adjust because a lot of people might be skeptical that i can actually have security and at the same time not constrict my organizational agility that's old you know not an ore it's an end how do you actually do that if you could address both of those that would be great definitely so for dell trusted infrastructure cyber resiliency is a key component of that and just as i mentioned you know uh air gap isolation it really started with you know power protect cyber recovery you know that was the solution more than three years ago we launched and that was first in the industry which paved way to you know kind of data isolation being a core element of data management and uh for data infrastructure and since then we have implemented these technologies within different storage platforms as well so that customers have the flexibility depending on their data landscape they can approach they can do the right data isolation architecture right either natively from the storage platform or consolidate things into the backup platform and isolate from there and and the other key thing we focus in trusted infrastructure dell infra dell trusted infrastructure is you know the goal of simplifying security for the customers so one good example here is uh you know being able to respond to these cyber threats or indicators of compromise is one thing but an i.t security team may not be looking at the dashboard of the storage systems constantly right storage administration admins may be looking at it so how can we build this intelligence and provide this upstream platforms so that they have a single pane of glass to understand security landscape across applications across networks firewalls as well as storage infrastructure and in compute infrastructure so that's one of the key ways where how we are helping simplify the um kind of the ability to uh respond ability to detect and respond these threads uh in real time for security teams and you mentioned you know about zero trust and how it's a balance of you know not uh kind of restricting users or put heavy burden on you know multi-factor authentication and so on and this really starts with you know what we're doing is provide all the tools you know when it comes to advanced authentication uh supporting external identity management systems multi-factor authentication encryption all these things are intrinsically built into these platforms now the question is the customers are actually one of the key steps is to identify uh what are the most critical parts of their business or what are the applications uh that the most critical business operations depend on and similarly identify uh mission critical data where part of your response plan where it cannot be compromised where you need to have a way to recover once you do this identification then the level of security can be really determined uh by uh by the security teams by the infrastructure teams and you know another you know intelligence that gives a lot of flexibility uh for for even developers to do this is today we have apis um that so you can not only track these alerts at the data infrastructure level but you can use our apis to take concrete actions like blocking a certain user or increasing the level of authentication based on the threat level that has been perceived at the application layer or at the network layer so there is a lot of flexibility that is built into this by design so that depending on the criticality of the data criticality of the application number of users affected these decisions have to be made from time to time and it's as you mentioned it's it's a balance right and sometimes you know if if an organization had a recent attack you know the level of awareness is very high against cyber attacks so for a time you know these these settings may be a bit difficult to deal with but then it's a decision that has to be made by security teams as well got it so you're surfacing what may be hidden kpis that are being buried inside for instance the storage system through apis upstream into a dashboard so that somebody could you know dig into the storage tunnel extract that data and then somehow you know populate that dashboard you're saying you're automating that that that workflow that's a great example and you may have others but is that the correct understanding absolutely and it's a two-way integration let's say a detector an attack has been detected at a completely different layer right in the application layer or at a firewall we can respond to those as well so it's a two-way integration we can cascade things up as well as respond to threats that have been detected elsewhere um uh through the api that's great all right hey api for power skill is the best example for that uh excellent so thank you appreciate that give us the last word put a bow on this and and bring this segment home please absolutely so a dell storage portfolio um using advanced data isolation um with air gap having machine learning based algorithms to detect uh indicators of compromise and having rigor mechanisms with granular snapshots being able to recover data and restore applications to maintain business continuity is what we deliver to customers uh and these are areas where a lot of innovation is happening a lot of product focus as well as you know if you look at the professional services all the way from engineering to professional services the way we build these systems the way we we configure and architect these systems um cyber security and protection is a key focus uh for all these activities and dell.com securities is where you can learn a lot about these initiatives that's great thank you you know at the recent uh reinforce uh event in in boston we heard a lot uh from aws about you know detent and response and devops and machine learning and some really cool stuff we heard a little bit about ransomware but i'm glad you brought up air gaps because we heard virtually nothing in the keynotes about air gaps that's an example of where you know this the cso has to pick up from where the cloud leaves off but that was in front and so number one and number two we didn't hear a ton about how the cloud is making the life of the cso simpler and that's really my takeaway is is in part anyway your job and companies like dell so paris i really appreciate the insights thank you for coming on thecube thank you very much dave it's always great to be in these uh conversations all right keep it right there we'll be right back with rob emsley to talk about data protection strategies and what's in the dell portfolio you're watching thecube data is the currency of the global economy it has value to your organization and cyber criminals in the age of ransomware attacks companies need secure and resilient it infrastructure to safeguard their data from aggressive cyber attacks [Music] as part of the dell technologies infrastructure portfolio powerstor and powermax combine storage innovation with advanced security that adheres to stringent government regulations and corporate compliance requirements security starts with multi-factor authentication enabling only authorized admins to access your system using assigned roles tamper-proof audit logs track system usage and changes so it admins can identify suspicious activity and act with snapshot policies you can quickly automate the protection and recovery process for your data powermax secure snapshots cannot be deleted by any user prior to the retention time expiration dell technologies also make sure your data at rest stays safe with power store and powermax data encryption protects your flash drive media from unauthorized access if it's removed from the data center while adhering to stringent fips 140-2 security requirements cloud iq brings together predictive analytics anomaly detection and machine learning with proactive policy-based security assessments monitoring and alerting the result intelligent insights that help you maintain the security health status of your storage environment and if a security breach does occur power protect cyber recovery isolates critical data identifies suspicious activity and accelerates data recovery using the automated data copy feature unchangeable data is duplicated in a secure digital vault then an operational air gap isolates the vault from the production and backup environments [Music] architected with security in mind dell emc power store and powermax provides storage innovation so your data is always available and always secure wherever and whenever you need it [Music] welcome back to a blueprint for trusted infrastructure we're here with rob emsley who's the director of product marketing for data protection and cyber security rob good to see a new role yeah good to be back dave good to see you yeah it's been a while since we chatted last and you know one of the changes in in my world is that i've expanded my responsibilities beyond data protection marketing to also focus on uh cyber security marketing specifically for our infrastructure solutions group so certainly that's you know something that really has driven us to you know to come and have this conversation with you today so data protection obviously has become an increasingly important component of the cyber security space i i don't think necessarily of you know traditional backup and recovery as security it's to me it's an adjacency i know some companies have said oh yeah now we're a security company they're kind of chasing the valuation for sure bubble um dell's interesting because you you have you know data protection in the form of backup and recovery and data management but you also have security you know direct security capability so you're sort of bringing those two worlds together and it sounds like your responsibility is to to connect those those dots is that right absolutely yeah i mean i think that uh the reality is is that security is a a multi-layer discipline um i think the the days of thinking that it's one uh or another um technology that you can use or process that you can use to make your organization secure uh are long gone i mean certainly um you actually correct if you think about the backup and recovery space i mean people have been doing that for years you know certainly backup and recovery is all about the recovery it's all about getting yourself back up and running when bad things happen and one of the realities unfortunately today is that one of the worst things that can happen is cyber attacks you know ransomware malware are all things that are top of mind for all organizations today and that's why you see a lot of technology and a lot of innovation going into the backup and recovery space because if you have a copy a good copy of your data then that is really the the first place you go to recover from a cyber attack and that's why it's so important the reality is is that unfortunately the cyber criminals keep on getting smarter i don't know how it happens but one of the things that is happening is that the days of them just going after your production data are no longer the only challenge that you have they go after your your backup data as well so over the last half a decade dell technologies with its backup and recovery portfolio has introduced the concept of isolated cyber recovery vaults and that is really the you know we've had many conversations about that over the years um and that's really a big tenant of what we do in the data protection portfolio so this idea of of cyber security resilience that definition is evolving what does it mean to you yeah i think the the analyst team over at gartner they wrote a very insightful paper called you will be hacked embrace the breach and the whole basis of this analysis is so much money has been spent on prevention is that what's out of balance is the amount of budget that companies have spent on cyber resilience and cyber resilience is based upon the premise that you will be hacked you have to embrace that fact and be ready and prepared to bring yourself back into business you know and that's really where cyber resiliency is very very different than cyber security and prevention you know and i think that balance of get your security disciplines well-funded get your defenses as good as you can get them but make sure that if the inevitable happens and you find yourself compromised that you have a great recovery plan and certainly a great recovery plan is really the basis of any good solid data protection backup and recovery uh philosophy so if i had to do a swot analysis we don't have to do the wot but let's focus on the s um what would you say are dell's strengths in this you know cyber security space as it relates to data protection um one is we've been doing it a long time you know we talk a lot about dell's data protection being proven and modern you know certainly the experience that we've had over literally three decades of providing enterprise scale data protection solutions to our customers has really allowed us to have a lot of insight into what works and what doesn't as i mentioned to you one of the unique differentiators of our solution is the cyber recovery vaulting solution that we introduced a little over five years ago five six years parapatek cyber recovery is something which has become a unique capability for customers to adopt uh on top of their investment in dell technologies data protection you know the the unique elements of our solution already threefold and it's we call them the three eyes it's isolation it's immutability and it's intelligence and the the isolation part is really so important because you need to reduce the attack surface of your good known copies of data you know you need to put it in a location that the bad actors can't get to it and that really is the the the the essence of a cyber recovery vault interestingly enough you're starting to see the market throw out that word um you know from many other places but really it comes down to having a real discipline that you don't allow the security of your cyber recovery vault to be compromised insofar as allowing it to be controlled from outside of the vault you know allowing it to be controlled by your backup application our cyber recovery vaulting technology is independent of the backup infrastructure it uses it but it controls its own security and that is so so important it's like having a vault that the only way to open it is from the inside you know and think about that if you think about you know volts in banks or volts in your home normally you have a keypad on the outside think of our cyber recovery vault as having its security controlled from inside of the vault so nobody can get in nothing can get in unless it's already in and if it's already in then it's trusted exactly yeah exactly yeah so isolation is the key and then you mentioned immutability is the second piece yeah so immutability is is also something which has been around for a long time people talk about uh backup immunoability or immutable backup copies so immutability is just the the the additional um technology that allows the data that's inside of the vault to be unchangeable you know but again that immutability you know your mileage varies you know when you look across the uh the different offers that are out there in the market especially in the backup industry you make a very valid point earlier that the backup vendors in the market seems to be security washing their marketing messages i mean everybody is leaning into the ever-present danger of cyber security not a bad thing but the reality is is that you have to have the technology to back it up you know quite literally yeah no pun intended and then actually pun intended now what about the intelligence piece of it uh that's that's ai ml where does that fit for sure so the intelligence piece is delivered by um a solution called cybersense and cybersense for us is what really gives you the confidence that what you have in your cyber recovery vault is a good clean copy of data so it's looking at the backup copies that get driven into the cyber vault and it's looking for anomalies so it's not looking for signatures of malware you know that's what your antivirus software does that's what your endpoint protection software does that's on the prevention side of the equation but what we're looking for is we're looking to ensure that the data that you need when all hell breaks loose is good and that when you get a request to restore and recover your business you go right let's go and do it and you don't have any concern that what you have in the vault has been compromised so cyber sense is really a unique analytic solution in the market based upon the fact that it isn't looking at cursory indicators of of um of of of malware infection or or ransomware introduction it's doing full content analytics you know looking at you know has the data um in any way changed has it suddenly become encrypted has it suddenly become different to how it was in the previous scan so that anomaly detection is very very different it's looking for um you know like different characteristics that really are an indicator that something is going on and of course if it sees it you immediately get flagged but the good news is is that you always have in the vault the previous copy of good known data which now becomes your restore point so we're talking to rob emsley about how data protection fits into what dell calls dti dell trusted infrastructure and and i want to come back rob to this notion of and not or because i think a lot of people are skeptical like how can i have great security and not introduce friction into my organization is that an automation play how does dell tackle that problem i mean i think a lot of it is across our infrastructure is is security has to be built in i mean intrinsic security within our servers within our storage devices uh within our elements of our backup infrastructure i mean security multi-factor authentication you know elements that make the overall infrastructure secure you know we have capabilities that you know allow us to identify whether or not configurations have changed you know we'll probably be talking about that a little bit more to you later in the segment but the the essence is is um security is not a bolt-on it has to be part of the overall infrastructure and that's so true um certainly in the data protection space give us the the bottom line on on how you see dell's key differentiators maybe you could talk about dell of course always talks about its portfolio but but why should customers you know lead in to dell in in this whole cyber resilience space um you know staying on the data protection space as i mentioned the the the work we've been doing um to introduce this cyber resiliency solution for data protection is in our opinion as good as it gets you know the you know you've spoken to a number of our of our best customers whether it be bob bender from founders federal or more recently at delton allergies world you spoke to tony bryson from the town of gilbert and these are customers that we've had for many years that have implemented cyber recovery vaults and at the end of the day they can now sleep at night you know that's really the the peace of mind that they have is that the insurance that a data protection from dell cyber recovery vault a parapatex cyber recovery solution gives them you know really allows them to you know just have the assurance that they don't have to pay a ransom if they have a an insider threat issue and you know all the way down to data deletion is they know that what's in the cyber recovery vault is good and ready for them to recover from great well rob congratulations on the new scope of responsibility i like how you know your organization is expanding as the threat surface is expanding as we said data protection becoming an adjacency to security not security in and of itself a key component of a comprehensive security strategy rob emsley thank you for coming back in the cube good to see you again you too dave thanks all right in a moment i'll be back to wrap up a blueprint for trusted infrastructure you're watching the cube every day it seems there's a new headline about the devastating financial impacts or trust that's lost due to ransomware or other sophisticated cyber attacks but with our help dell technologies customers are taking action by becoming more cyber resilient and deterring attacks so they can greet students daily with a smile they're ensuring that a range of essential government services remain available 24 7 to citizens wherever they're needed from swiftly dispatching public safety personnel or sending an inspector to sign off on a homeowner's dream to protecting restoring and sustaining our precious natural resources for future generations with ever-changing cyber attacks targeting organizations in every industry our cyber resiliency solutions are right on the money providing the security and controls you need we help customers protect and isolate critical data from ransomware and other cyber threats delivering the highest data integrity to keep your doors open and ensuring that hospitals and healthcare providers have access to the data they need so patients get life-saving treatment without fail if a cyber incident does occur our intelligence analytics and responsive team are in a class by themselves helping you reliably recover your data and applications so you can quickly get your organization back up and running with dell technologies behind you you can stay ahead of cybercrime safeguarding your business and your customers vital information learn more about how dell technology's cyber resiliency solutions can provide true peace of mind for you the adversary is highly capable motivated and well equipped and is not standing still your job is to partner with technology vendors and increase the cost of the bad guys getting to your data so that their roi is reduced and they go elsewhere the growing issues around cyber security will continue to drive forward thinking in cyber resilience we heard today that it is actually possible to achieve infrastructure security while at the same time minimizing friction to enable organizations to move quickly in their digital transformations a xero trust framework must include vendor r d and innovation that builds security designs it into infrastructure products and services from the start not as a bolt-on but as a fundamental ingredient of the cloud hybrid cloud private cloud to edge operational model the bottom line is if you can't trust your infrastructure your security posture is weakened remember this program is available on demand in its entirety at thecube.net and the individual interviews are also available and you can go to dell security solutions landing page for for more information go to dell.com security solutions that's dell.com security solutions this is dave vellante thecube thanks for watching a blueprint for trusted infrastructure made possible by dell we'll see you next time

(upbeat music) >> Welcome back to a Blueprint For Trusted Infrastructure. We're here with Rob Emsley. Who's the director of product marketing for data protection and cyber security. Rob, good to see you. A new role. >> Yeah. Good to be back, Dave. Good to see you. Yeah, it's been a while since we chatted last and, you know, one of the changes in my world is that I've expanded my responsibilities beyond data protection marketing to also focus on cybersecurity marketing specifically for our infrastructure solutions group. So certainly that's, you know, something that really has driven us, you know, to come and have this conversation with you today. >> So data protection obviously has become an increasingly important component of the cyber security space. I don't think necessarily of, you know, traditional backup and recovery as security, to me, it's an adjacency. I know some companies have said, oh, yeah. Now we're a security company. They're kind of chasing the valuation bubble. >> For sure. >> Dell's interesting because you have, you know, data protection in the form of backup and recovery and data management, but you also have security, you know, direct security capabilities. So you're sort of bringing those two worlds together and it sounds like your responsibility is to connect those dots. Is that right? >> Absolutely. Yeah. I mean, I think that the reality is is that security is a multi-layer discipline. I think the days of thinking that it's one or another technology that you can use or process that you can use to make your organization secure are long gone. I mean, certainly you actually correct. If you think about the backup and recovery space, I mean, people have been doing that for years, you know, certainly backup and recovery, it's all about the recovery. It's all about getting yourself backup and running when bad things happen. And one of the realities, unfortunately today is that one of the worst things that can happen is cyber attacks. You know, ransomware, malware are all things that are top of mind for all organizations today. And that's why you see a lot of technology and a lot of innovation going into the backup and recovery space because if you have a copy, a good copy of your data, then that is really the first place you go to recover from a cyber attack. And that's why it's so important. The reality is is that unfortunately the cyber criminals keep on getting smarter. I don't know how it happens, but one of the things that is happening is that the days of them just going after your production data are no longer the only challenge that you have, they go after your backup data as well. So over the last half a decade, Dell Technologies with its backup and recovery portfolio has introduced the concept of isolated cyber recovery vaults. We've had many conversations about that over the years and that's really a big tenant of what we do in the data protection portfolio. >> So this idea of cybersecurity resilience that definition is evolving. What does it mean to you? >> Yeah, I think the analyst team over at Gartner, they wrote a very insightful paper called you will be hacked embrace the breach. And the whole basis of this analysis is so much money's been spent on prevention is that what's out of balance is the amount of budget that companies have spent on cyber resilience and cyber resilience is based upon the premise that you will be hacked. You have to embrace that fact and be ready and prepared to bring yourself back into business. You know, and that's really where cyber resiliency is very, very different than cyber security and prevention, you know, and I think that balance of get your security disciplines well funded, get your defenses as good as you can get them but make sure that if the inevitable happens and you find yourself compromised that you have a great recovery plan and certainly a great recovery plan, it's really the basis of any good, solid data protection backup from recovery philosophy. >> So if I had to do a SWOT analysis, we don't have to do the WOT, but let's focus on the S. What would you say are Dell's strengths in this, you know, cyber security space as it relates to data protection? >> One is we've been doing it a long time. You know, we talk a lot about Dell's data protection being proven and modern. You know, certainly the experience that we've had over literally three decades of providing enterprise scale data protection solutions to our customers has really allowed us to have a lot of insight into what works and what doesn't. As I mentioned to you, one of the unique differentiators of our solution is the cyber recovery vaulting solution that we introduce a little over five years ago, five, six years. Power protect cyber recovery is something which has become a unique capability for customers to adopt on top of their investment in Dell Technologies data protection, you know, the unique elements of our solution already threefold, and we call them the three Is. It's isolation, it's a immutability and it's intelligence. And the, the isolation part is really so important because you need to reduce the attack surface of your good known copies of data. You know, you need to put it in a location that the bad actors can't get to it. And that really is the essence of a cyber recovery vault. Interestingly enough, you're starting to see the market throw out that word, you know, from many other places, but really it comes down to having a real discipline that you don't allow the security of your cyber recovery vault to be compromised insofar as allowing it to be controlled from outside of the vault, you know, allowing it to be controlled by your backup application. Our cyber recovery vaulting technology is independent of the backup infrastructure. It uses it, but it controls its own security. And that is so, so important. It's like having a vault that the only way to open it is from the inside, you know, and think about that. If you think about, you know, vaults in banks or vaults in your home, normally you have a key pad on the outside. Think of our cyber recovery vault as having its security controlled from inside of the vault. >> So nobody can get in, nothing can get in unless it's already in. And if it's already in, then it's trusted. >> Exactly, exactly. >> Yeah. So isolation's the key. And then you mentioned immutability is the second piece. >> Yeah, so immutability is also something which has been around for a long time. People talk about backup mutability or immutable backup copies. So I mutability is just the additional technology that allows the data that's inside of the vault to be unchangeable, you know, but again that immutability, you know, your mileage varies, you know, when you look across the different offers that are out there in the market especially in the backup industry. You made a very valid point earlier that the backup vendors in the market seem to be security washing their marketing messages. I mean, everybody is leaning into the ever present danger of cybersecurity, not a bad thing, but the reality is is that you have to have the technology to back it up, you know, quite literally >> Yeah, no pun intended. Right. Actually pun intended. Now what about the intelligence piece of it? That's that's AI, ML, where does that fit? >> For sure. So the intelligence piece is delivered by a solution called CyberSense. And CyberSense for us is what really gives you the confidence that what you have in your cyber recovery vault is a good clean copy of data. So it's looking at the backup copies that get driven into the cyber vault, and it's looking for anomalies. So it's not looking for signatures of malware. You know, that's what your antivirus software does. That's what your endpoint protection software does. That's on the prevention side of the equation. But what we're looking for is we're looking to ensure that the data that you need when all hell breaks loose is good and that when you get a request to restore and recover your business, you go, right, let's go and do it. And you don't have any concern that what you have in the vault has been compromised. So cyber sense is really a unique analytic solution in the market based upon the fact that it isn't looking at at cursory indicators of malware infection or ransomware introduction, it's doing full content analytics, you know, looking at, you know, has the data in any way changed, has it suddenly become encrypted? Has it suddenly become different to how it was in the previous scan? So that anomaly detection is very, very different. It's looking for, you know, like different characteristics that really are an indicator that something is going on. And, of course, if it sees it, you immediately get flagged. But the good news is is that you always have in the vault the previous copy of good known data which now becomes your restore point. >> So we're talking to Rob Emsley about how data protection fits into what Dell calls DTI, Dell Trusted Infrastructure. And I want to come back, Rob, to this notion of, and not or cause I think a lot of people are skeptical. Like how can I have great security and not introduce friction into my organization? Is that an automation play? How does Dell tackle that problem? >> I mean, I think a lot of it is across our infrastructure is is security has to be built in, I mean, intrinsic security within our servers, within our storage devices, within our elements of our backup infrastructure. I mean, security, multifactor authentication, you know, elements that make the overall infrastructure secure. You know, we have capabilities that, you know, allow us to identify whether or not configurations have changed. You know, we'll probably be talking about that a little bit more to you later in the segment, but the essence is security is not a Bolton. It has to be part of the overall infrastructure. And that's so true, certainly in the data protection space >> Give us the bottom line on how you see Dell's key differentiators. Maybe you could talk about Dell, of course, always talks about its portfolio, but why should customers, you know, lead in to Dell in this whole cyber resilience space? >> You know, staying on the data protection space as I mentioned, the work we've been doing to introduce this cyber resiliency solution for data protection is in our opinion, as good as it gets. You know, you've spoken to a number of our best customers whether it be Bob Bender from Founders Federal or more recently at (indistinct) you spoke to Tony Bryson from the Town of Gilbert. And these are customers that we've had for many years that have implemented cyber recovery vaults. And at the end of the day, they can now sleep at night. You know, that's really the peace of mind that they have is that the insurance that a data protection from Dell cyber recovery vault, a power protect cyber recovery solution gives them, you know, really allows them to, you know, just have the assurance that they don't have to pay a ransom. If they have an insider threat issue and, you know, all the way down to data deletion is they know that what's in the cyber recovery vault is good and ready for them to recover from. >> Great. Well, Rob, congratulations on the new scope of responsibility. I like how, you know, your organization is expanding as the threat surface is expanding. As we said, data protection becoming an adjacency to security, not security in and of itself. A key component of a comprehensive security strategy. Rob Emsley, thank you for coming back in theCUBE. Good to see you again. >> You too, Dave. Thanks. >> All right, in a moment, I'll be back to wrap up a blueprint for trusted infrastructure. You are watching theCUBE. (upbeat music)

>>from around the >>globe it's the cube with >>coverage of Kublai >>Khan and Cloud Native Con Europe 2020 >>one virtual >>brought to you by red hat. The cloud native computing foundation and ecosystem partners. Welcome back to the cubes coverage of Kublai khan 21 cloud native gone 21 virtual. I'm john for your host of the cube. We're here with a great segment of an entrepreneur also the creator and maintainer of fluent bit Eduardo Silva who's now the founder of Palihapitiya was a startup. Going to commercialize and have an enterprise grade fluent D influence bit Eduardo. Great to have you on. Thanks for coming on the cube >>during the place for having me here. So I'm pretty happy to share the news about the crew and whenever you want, >>exciting trends, exciting trends happening with C N C f koo Kahne cloud native cloud native a lot of data, a lot of management, a lot of logging, a lot of observe ability, a lot of end user um contributions and enterprise adoption. So let's get into it first by give us a quick update on fluent D anything upcoming to highlight. >>Yeah, well fluent is actually turning two years old right now. So it's the more metric project that we have a lot of management and processing in the market. And we're really happy to see that the sides are project that was started 10 years ago, its adoption. You can see continues growing ecosystem from a planning perspective and companies adopting the technology that that is really great. So it's very overwhelming and actually really happy to take this project and continue working with companies, individuals and and right now what is the position where we are now with through And these are part of the Roma is like one of the things that people is facing not because of the tool because people have every time there has more data, more Metro services the system are scaling up is like about performance, right? And performance is critical if you're slowing down data processing actually you're not getting the data at the right time where you need it right. Nobody's people needs real time query is real time analysis. So from a security perspective we're going to focus a lot on everything that is about performance I would say for this year and maybe the other one, I would say that we won't see many new futures around fluently itself as as a project so we'll be mostly about back texting and performance improvements. >>Yeah, I definitely want to dig in with you on the data and logging challenges around kubernetes especially with and to end workflows and there's the different environments that sits in the middle of. But first before we get there, just take a minute to explain for the folks um not that savvy with fluent bit. What is fluent bit real quick, explain what it is. >>Okay, so I will start with a quick story about this, so when we started flowing the, we envision that at some point I'm talking about six years ago, right, all this IOT train or embedded or h will be available and for that you we got back to heavy right? If you have a constraint environment or you want to process data in a more faster way without all the capabilities at that time we say that he might not be suitable for that. So the thing is okay and it was not longer like a single software piece right? We want to say through in this an ecosystem, right? And as part of the ecosystem we have sck where people can connect applications fluid the but also we say we need like a flu Indie but that could be lightweight and faster. Burundi is reading ruby right? And the critical part in C. But since it's written ruby of course there's some process calls on how do you process the data and how much you can scale? Right. So we said if you're going to dig into embedded or small constrained environment, let's write a similar solution. But in C language so we can optimize a memory, can optimize scenario and all this kind of um needs will be will will be effective, right? And we started to spread called fluent bed and through a bit it's like a nowadays like a lightweight version of Wendy, it has started for the Marilyn knows, but after a few years people from the cloud space, I'm talking about containers, kubernetes, they started to ask for more futures for flowing it because they wanted they have influence, but also they wanted to have flowing better than because of it was lively and nowadays we can see that what fluent established the market and true indeed, we're getting around $2 million dollars every single day. So nowadays the attraction of the break is incredible. And it's mostly used to um want to collect logs from the files from system be and for most of coordinated environment disabled, process all this information on a pen, meta data and solve all the problem of how do I collect my data? How do I make sure that the data has the right context meta data and I'm able to deliver this data. So a central place like a job provider or any kind of storage. >>That's great. And I love the fact that's written C, which kind of gives the, I'll say it more performance on the code. Less overhead, get deeper closer um and people No, no, see it's high performance, quick, quick stats. So how old is the project through a bit, What version are you on? >>Uh, a little bit. It's, I'm not sure it is turning six or seven this year, 96. It's been around >>for a while. >>Yeah, yeah. We just released this this week, one at 73 right. We have done more than 100 releases actually really settled two and it's pretty past sometimes we have releases every 23 weeks. So the operation, the club medical system is quite fast. People once and more future more fixes and they don't want to wait for a couple of months for the next release. They wanted to have the continue image right away to test it out and actually sends away as a project. We worked with most of providers like AWS Microsoft actor google cloud platform, the demon for this fixes and improvements are in a weekly basis. >>You guys got a lot of props, I was checking around on the internet, you guys are getting strong um, reviews on logging for kubernetes with the couple releases ago, you had higher performance improvements for google AWS logged in postgres equal and other environments. Um but the question that I'm getting and I'm hearing from folks is, you know, I have end to end workflows and they've been steady. They've been strong. But as more data comes in and more services are connecting to it from network protocols, two Other cloud services, the complexity of what was once a straight straightforward workflow and to end is impacted by this new data. How do you guys address that? How would you speak to that use case? >>Well, for for us data we have taken approaches. Data for us is agnostic on the way that it comes from but that it comes from and the format that comes from for for example, if you talk about the common uses case that we have now is like data come from different formats. Every single developer use the all looking format come from different channels, TCP file system or another services. So it is very, very different. How do we get this data? And that is a big challenge. Right? How do we take data from different sources, different format and you try to unify this internal and then if you're going to talk for example to less exert let's say you Jason you're going to talk to africa, they have their own binary protocol. So we are kind of the backbone that takes all the data transfer data and try to adapt to the destination expected payload from a technical perspective. Yeah, is really challenging. Is really challenging also that Nowadays, so two years ago people was finding processing, I don't know 500,000 messages per second, But nowadays they won 10, 20 40,000. So prime architecture perspective Yeah, there are many challenges and and I think that the teamwork from the maintaining this and with companies has provided a lot of value, a lot of value. And I think that the biggest proof here is that the adoption like adoption and big adoption, you have more banks reported more enhancement requests. All right. So if I get >>this right, you got different sources of data collection issues. If you look on the front end and then you got some secret sauce with bit fluent, I mean uh inside the kubernetes clusters um and then you deliver it to multiple services and databases and cloud services. That that right. Is that the key? The key value is that is that the key value proposition? Did I get that right with fluent bit? >>Mhm. Yeah, I would say most of the technical implementation when the of the value of the technical implementation, I would say that is towards being the vendor neutral. Right? So when you come, when you go to the market and you go to the talk to bank institution hospital form and if the company right, most of them are facing this concept of bender looking right, they use a Bender database but you have to get married. So they're tooling, right? And I'm not going to mention any inventor name. Right? Actually it's very fun. Well for example, the business model, this company that start with S and ends with swung right? For example is you pay as much money so you pay as much money compared to the data that you ingested. But the default tools in just the whole data. But in reality if you go to the enterprise they say yeah. I mean just in all my data into Splunk or X provider right? But from 100 that I'm interesting, which I'm paying for, I'm just using this service to query at least 20 of the data. So why I mean just in this 80 extra I didn't get it right. That's why I want to send and this is real use case there's this language is really good for where is analyzed the data But they said yeah, 80 of my data is just a five data. I will need it maybe in a couple of months just I want to send it to Amazon history or any kind of other a archive service. So users, the value that says is that I want to have a mentor neutral pipeline which me as a user, I went to this side work went to send data, went to send it and also I can come to my bills. Right? And I think that is the biggest value. So you can go to the market. They will find maybe other tools for logging or tools for Matrix because there's a ton of them. But I think that none of them can say we are gender neutral. Not all of them can offer this flexibility to the use, right? So from a technical language performance but from an end user is being the neutrality. >>Okay. So I have to ask you then here in the C n C F projects that are going on and the community around um um fluent bit, you have to have those kinds of enhancements integrations, for instance, for not only performance improvement, but extensive bility. So enterprises there, they want everything right. They make things very >>complicated. They're very >>complicated infrastructure. So if they want some policy they want to have data ingestion policies or take advantage of no vendor lock in, how is the community responding? How did what's your vision for helping companies now? You've got your new venture and you got the open source project, How does this evolve? How do you see this evolving eduardo? Because there is a need for use cases that don't need all the data, but you need all the data to get some of the data. Right. So it's a you have a new new >>paradigm of >>coding and you want to be dynamic and relevant. What's the how do you see this evolving? >>Yeah. Actually going to give you some spoilers. Right. So some years before report. Yeah. So users has this a lot of they have a lot of problems how to collect the data processing data and send the data. We just told them right, Performance is a continuous improvement, Right? Because you have always more data, more formats, that's fine. But one critical thing that people say, hey, you say, hey, I want to put my business logic in the pipeline. So think about this if you have to embed we are the platform for data. Right? But we also provide capabilities to do data processing because you can grab the data or you can do custom modifications over the data. One thing that we did like a year two years ago is we added this kind of stream processing capabilities, can you taste equal for Kaka? But we have our own sequel engine influence them. So when the data is flowing without having any data banks, any index or anything, we can do data aggregation. You can, you can put some business logic on it and says for all the data that matches this pattern, stand it to a different destination, otherwise send it to caracas plan or elastic. So we have, this is what we have now. Extreme processing capabilities. Now what is the spoiler and what we're going next. Right now there are two major areas. One of them is distributed. Extreme processing right? The capabilities to put this intelligence on the age, on the age I'm referring to for example, a cooper needs note right or constrained environment, right? Communities on the age is something that is going on. There are many companies using that approach but they want to put some intelligence and data processing where the data is being generated. Because there is one problem when you have more data and you want to create the data, you have to wait and to centralize all the data in the database for your service. And there's a legend see right, millions sometimes hours because data needs to be in Mexico. But what about it? To have 100 of notes, but each one is already right, influenced it. Why you don't run the queries there. That is one of the features that we have. And well now talking from the challenges from spoil perspectives, people says, okay, I love this pipeline. I noticed Lambert has a political architecture but the language see it's not my thing, right? I don't want to go and see. Nobody likes see that we are honest about that. And there are many mass words about security or not just nothing, which is true, right? It's really easy to mess up things and see. Right? So, and we said, okay, so now our next level, it's like we're going to provide this year the ability to write your own plug ins in Western webassembly. So with the web is simply interface. You can run your own pregnancy goal, rust or any kind of weapon sending support language and translate that implementation to native. Wasn't that fluent that will understand. So C as a language won't be with one being longer uploaded for you as a developer. As a company that wants to put more business logic into the bike. Well that is one of the things that are coming up and really we already have some docs but they're not ready to show. So maybe we can expect something for us at the end of this year. >>Great stuff by the way, from a c standpoint us, old timers like me used to program and see, and not a lot of C courses being taught, but if you do know see it's very valuable. But again, to your point, the developers are are focused on coding the apps, not so much the underlying. So I think that's that's key. I will like to ask you one final question of water before we wrap up, how do you deploy fluid bid? What's the is it is that you're putting it inside the cluster? Is there is that scripts, What's the what's the architecture real quick? Give us a quick overview of the architecture. >>Okay, so that it's not just for a classroom, you can run it on any machine. Windows, Linux, IBM Yeah, and that doesn't need to be a kubernetes. Classic. Right? When we created to invade Copernicus was quite new at the same time. So if you talk about kubernetes deploys as a demon set at the moment is pretty much a part that runs on every note like an agent. Right? Uh, all you can run necessarily on any kind of machine. Oh and one thing before we were, I just need to mention something that from the spoil it. But because it's just getting, we're having many news these days. Is that fluently used to be mostly for logging right? And influence the specifically project. We've got many people from years ago saying, you know what? I'm losing my agent for logging to a bed but I have my agents for metrics and sometimes this is quite heavy to have multiple agents on your age. So now flowing bed is extending the capabilities to deal with native metrics. Right. The first version will be available about this week in cuba come right. We will be able to process host matrix for application metrics and send them to permit use with open matrix format in a native way. So we extended the political system to be a better citizen with open metrics and in the future also with open telemetry, which is a hot thing that is coming up on this month. >>Everyone loves metrics. That's super important. Having the data Is really, really important as day two operations and get all this stuff is happening. I wanna thank you for coming on and sharing the update and congratulations on. The new venture will keep following you and look good for the big launch but fluent bit looking good. Congratulations. Thanks for coming on. >>Thank you so much help governments. >>Okay this is the cubes coverage of Kublai khan 21 cloud Native Con 21 virtual soon we'll be back in real life at the events extracting the signal from the noise. Thanks for watching. Yeah.

>>from New York. It's the Q covering Escape. 19. >>Welcome back to the Cube coverage here in New York City for the first inaugural multi cloud conference called Escape, where in New York City was staying in New York, were not escaping from New York were in New York. It's all about multi Cloud, and we're here. Lisa Marie Nancy, developer advocate for Port Works, and Eric Conn, vice president of Products Works. Welcome back. Q. >>Thank you, John. Good to see >>you guys. So, um, whenever the first inaugural of anything, we want to get into it and find out why. Multi clouds certainly been kicked around. People have multiple clouds, but is there really multi clouding going on? So this seems to be the theme here about setting the foundation, architecture and data of the two kind of consistent themes. What shared guys take Eric, What's your take on this multi cloud trend? Yeah, >>I think it's something we've all been actively watching for a couple years, and suddenly it is becoming the thing right? So every we just had ah, customer event back in Europe last week, and every customer there is already running multi cloud. It's always something on their consideration. So there's definitely it's not just a discussion topic. It's now becoming a practical reality. So this event's been perfect because it's both the sense of what are people doing, What are they trying to achieve and also the business sense. So it's definitely something that is not necessarily mainstream, but it's becoming much more how they're thinking about building all their applications. Going forward, >>you know, you have almost two camps in the world. Want to get your thoughts on this guy's Because, like you have cloud native and people that are cloud native, they love it. They born the cloud that get it. Everything's cracking along. The developers air on Micro Service's They're agile train with their own micro service's. Then you got the hybrid I t. Trying to be hybrid developer, right? So you kind of have to markets coming together. So to me, I see multi cloud as kind of a combination of old legacy Data center types of I t with cloud native, not just ops and dead. But how about like trying to build developer teams inside enterprises? This seems to be a big trend, and multi club fits into that because now the reality is that I got azure. I got Amazon. Well, let's take a step back and think about the architecture. What's the foundation? So that to me, is more my opinion. But I want to get your thoughts and reactions that because if it's true, that means some new thinking has to come around around. What's the architecture? What are you trying to do? What's the workloads behavior outcome look like? What's the work flows? So there's a whole nother set of conversations that happened. >>I agree. I think the thing that the fight out there right now that we want to make mainstream is that it's a platform choice, and that's the best way to go forward. So it's still an active debate. But the idea could be I want to do multi club, but I'm gonna lock myself into the Cloud Service is if that's the intent or that's the design architecture pattern. You're really not gonna achieve the goals we all set out to do right, So in some ways we have to design ourselves or have the architecture that will let us achieve the business schools that were really going for and that really means from our perspective or from a port works perspective. There's a platform team. That platform team should run all the applications and do so in a multi cloud first design pattern. And so from that perspective, that's what we're doing from a data plan perspective. And that's what we do with Kubernetes etcetera. So from that idea going forward, what we're seeing is that customers do want to build a platform team, have that as the architecture pattern, and that's what we think is going to be the winning strategy. >>Thank you. Also, when you have the definition of cod you have to incorporate, just like with hybrid I t the legacy applications. And we saw that you throughout the years those crucial applications, as we call them People don't always want them to refer to his legacy. But those are crucial applications, and our customers were definitely thinking about how we're gonna run those and where is the right places it on Prem. We're seeing that a lot too. So I think when we talk about multi cloud, we also talk about what What is in your legacy? What is it? Yeah, I >>like I mean I use legacy. I think it's a great word because I think it really puts nail in the coffin of that old way because remember, if you think about some of the large enterprises, these legacy applications, they've been optimized for hardware and optimize their full stack. They've been build up from the ground up, so they're cool. They're running stuff, but it doesn't always translate to see a new platform designed point. So how do you mean Containers is great fit for their Cooper names. Obviously, you know is the answer. We you guys see that as well, but okay, I can keep that and still get this design point. So I guess what I want to ask you guys, as you guys are digging into some of the customer facing conversations, what are they talking about? The day talking about? The platform? Specifically? Certainly, on the security side, we're seeing everyone running away from buying tools to thinking about platforms. What's the conversation like on the cloud side >>way? Did a talk are multiplied for real talk at Barcelona? Q. Khan put your X three on Sudden. Andrew named it for reals of Izzy, but we really wanted to talk about multiplied in the real world. And when we said show of hands in Barcelona, who's running multi cloud? It was very, very few. And this was in, what, five months? Four months ago? Whereas maybe our customers are just really super advanced because of our 100 plus customers. At four words, we Eric is right. A lot of them are already running multi cloud or if not their plan, in the planning stage right now. So even in the last +56 months, this has become a reality. And we're big fans of communities. I don't know if you know Eric was the first product manager for Pernetti. Hey, he's too shy to say it on Dhe. So yeah, and we think, you know, and criminal justice to be the answer to making all They caught a reality right now. >>Well, I want to get back into G, K, E and Cooper. Very notable historic moment. So congratulations, But to your point about multi cloud, it's interesting because, you know, having multiple clouds means things, right? So, for instance, if I upgrade to office 3 65 and I kill my exchange server, I'm essentially running azure by their definition. If I'm building it, stack on AWS. I'm a native, this customer. Let's just say I want to do some tensorflow or play with big table or spanner on Google. Now >>we have three >>clouds now they're not. So they have work clothes, specific objectives. I am totally no problem. I see that like for the progressive customers, some legacy be to be people who like maybe they put their toe in the cloud. But anyone doing meaningful cloud probably has multiple clouds. But that's workload driven when you get into tying them together and is interesting. And I think that's where I think you guys have a great opportunity in this community because if open source convene the gateway to minimize the lock in and when I say lock and I mean like locking them propriety respect if his value their great use it. But if I want to move my data out of the Amazon, >>you brought up so many good points. So let me go through a few and Lisa jumping. I feel like locking. People don't wanna be locked >>in at the infrastructure level. So, like you said, if >>there's value at the higher levels of Stack, and it helps me do my business faster. That's an okay thing to exchange, but it is just locked in and it's not doing anything. They're that's not equal exchange, right, So there's definitely a move from infrastructure up the platform. So locking in >>infrastructure is what people are trying to move away from. >>From what we see from the perspective of legacy, there is a lot of things happening in industry that's pretty exciting of how legacy will also start to running containers. And I'm sure you've seen that. But containers being the basis you could run a BM as well. And so that will mean a lot for in terms of how V EMS can start >>to be matched by orchestrators like kubernetes. So that is another movement for legacy, and I wanted to acknowledge that point >>now, in terms of the patterns, there are definitely applications, like a hybrid pattern where connect the car has to upload all its data once it docks into its location and move it to the data center. So there are patterns where the workflow does move the ups are the application data between on Prem into a public cloud, for instance, and then coming back from that your trip with Lisa. There is also examples where regulations require companies to enterprise is to be able to move to another cloud in a reasonable time frame. So there's definitely a notion of Multi Cloud is both an architectural design pattern. But it's also a sourcing strategy, and that sourcing strategy is more regulation type o. R. In terms of not being locked in. And that's where I'm saying it's all those things. I'd >>love to get your thoughts on this because I like where you're going with this because it kind of takes it to a level of okay, standardization, kubernetes nights, containers, everyone knows what that is. But then you start talking about a P I gateways, for instance, right? So if I'm a car and I have five different gateways on my device, I ot devices or I have multiple vendors dealing with control playing data that could be problematic. I gotta do something like that. So I'm starting. Envision them? I just made that news case up, but my point is is that you need some standards. So on the a p I side was seeing some trends there. One saying, Okay, here's my stuff. I'll just pass parameters with FBI State and stateless are two dynamics. What do you make of that? What, What? What has to happen next to get to that next level of happiness and goodness? Because Bernays, who's got it, got it there, >>right? I feel that next level. I feel like in Lisa, Please jump. And I feel like from automation perspective, Kubernetes has done that from a P I gateway. And what has to happen next. There's still a lot of easy use that isn't solved right. There's probably tons of opportunities out there to build a much better user experience, both from the operations point of view and from what I'm trying to do is an intense because what people aren't gonna automate right now is the intent. They automate a lot of the infrastructure manual tasks, and that's goodness. But from how I docked my application, how the application did it gets moved. We're still at the point of making policy driven, easy to use, and I think there's a lot of opportunities for everyone to get better there. That's like low priority loving fruitcake manual stuff >>and communities was really good at the local food. That's a really use case that you brought up. Really. People were looking at the data now and when you're talking about persistent mean kun is his great for stateless, but for state full really crucial data. So that's where we really come in. And a number of other companies in the cloud native storage ecosystem come in and have really fought through this problem and that data management problem. That's where this platform that Aaron was talking to that >>state problem. Talk about your company. I want to go back to to, um, Google Days. Um, many war stories around kubernetes will have the same fate as map reduce. Yeah, the debates internally at Google. What do we do with it? You guys made the good call. Congratulations on doing that. What was it like to be early on? Because you already had large scale. You were already had. Borg already had all these things in place. Um, it wasn't like there was what was, >>Well, a few things l say one is It was intense, right? It was intense in the sense that amazing amount of intelligence amazing amount of intent, and right back then a lot of things were still undecided, right? We're still looking at how containers or package we're still looking at how infrastructure kit run and a lot of service is were still being rolled out. So what it really meant is howto build something that people want to build, something that people want to run with you and how to build an ecosystem community. A lot of that the community got was done very well, right? You have to give credit to things like the Sig. A lot of things like how people like advocates like Lisa had gone out and made it part of what they're doing. And that's important, right? Every ecosystem needs to have those advocates, and that's what's going well, a cz ah flip side. I think there's a lot of things where way always look back, in which we could have done a few things differently. But that's a different story for different. Today >>I will come back in the studio Palop of that. I gotta ask you now that you're outside. Google was a culture shock. Oh my God! People actually provisioning software provisioning data center culture shock when there's a little >>bit of culture shock. One thing is, and the funny thing is coming full circle in communities now, is that the idea of an application? Right? The idea of what is an application eyes, something that feels very comfortable to a lot of legacy traditional. I wanna use traditional applications, but the moment you're you've spent so much time incriminates and you say, What's the application? It became a very hard thing, and I used to have a lot of academic debates. Where is saying there is no application? It's It's a soup of resources and such. So that was a hard thing. But funny thing is covered, as is now coming out with definitions around application, and Microsoft announced a few things in that area to so there are things that are coming full circle, but that just shows how the movement has changed and how things are becoming in some ways meeting each other halfway. >>Talk about the company, what you guys are doing. Take a moment. Explain in context to multi cloud. We're here. Port works. What's the platform? It's a product. What's the value proposition? What's the state of the company. >>So the companies? Uh well, well, it's grown from early days when Lisa and I joined where we're probably a handful now. We're in four or five cities. Geography ease over 100 people over 150 customers and there. It's been a lot of enterprises that are saying, like, How do I take this pattern of doing containers and micro service is And how do I run it with my mission? Critical business crinkle workloads. And at that point, there is no mission critical business critical workload that isn't stable so suddenly they're trying to say, How do I run These applications and containers and data have different life cycles. So what they're really looking for is a data plane that works with the control planes and how controlled planes are changing the behavior. So a lot of our technology and a lot of our product innovation has been around both the data plane but a storage control plane that integrates with a computer controlled plane. So I know we like to talk about one control plane. There's actually multiple control planes, and you mentioned security, right? If I look at how applications are running way after now securely access for applications, and it's no longer have access to the data. Before I get to use it, you have to now start to do things like J W. T. Or much higher level bearer tokens to say, I know how to access this application for this life cycle for this use case and get that kind of resiliency. So it's really around having that storage. More complexity absolutely need abstraction >>layers, and you got compute. Look, leading work there. But you gotta have >>software to do it from a poor works perspective. Our products entirely software right down loans and runs using kubernetes. And so the point here is we make remarries able to run all the staple workloads out of the box using the same comment control plane, which is communities. So that's the experiences that we really want to make it so that Dev Ops teams can run anywhere close. And that's that's in some ways been part of the mix. Lisa, >>we've been covering Dev up, going back to 2010. Remember when I first was hanging around San Francisco 2008 joint was coming out the woodwork and all that early days and you look at the journey of how infrastructures code We talked about that in 2008 and now we'll get 11 years later. Look at the advancements you've been through this now The tipping point. It's just seems like this wave is big and people are on it. The developers air getting it. It's a modern renaissance of application developers, and the enterprises it's happening in the enterprise is not just like the nerds Tier one, the Alfa Geeks or >>the Cloud native. It's happening in the >>everyone's on board this time, and you and I have been in the trenches in the early stages of many open source projects. And I think with with kubernetes Arab reference of community earlier, I'm super proud to be running the world's largest CNC F for user group. And it's a great community, a diverse community, super smart people. One of my favorite things about working for works is we have some really smart engineers that have figured out what companies want, how to solve problems, and then we'll go creative. It'll open source projects. We created a project called autopilot, really largely because one of our customers, every who's in the G s space and who's running just incredible application. You can google it and see what the work they're doing. It's all there publicly, Onda We built, you know, we built an open source project for them to help them get the most out of kubernetes. We can say so. There's a lot of people in the community system doing that. How can we make communities better halfway make commitments, enterprise grade and not take years to do that? Like some of the other open source projects that we worked on, it took. So it's a super exciting time to be here, >>and open source is growing so fast now. I mean, just think about how these projects being structured. Maur and Maur projects are coming online and user price, but a lot more vendor driven projects to use be mostly and used, but now you have a lot of vendors who are users. So the line is blurring between Bender User in Open source is really fascinating. >>Well, you look at the look of the landscape on the C N. C f. You know the website. I mean, it's what 400 that are already on board. It's really important. >>They don't have enough speaking slasher with >>right. I know, and it's just it. It is users and vendors. Everybody's in this community together. It's one of things that makes it super exciting. And it it's how we know this is This was the right choice for us to base this on communities because that's what everybody, you guys >>are practically neighbors. So we're looking for seeing the studio. Palo Alto Eric, I want to ask you one final question on the product side. Road map. What you guys thinking As Kubernetes goes, the next level state, a lot of micro service is observe abilities becoming a key part of it, Obviously, automation, configuration management things are developing fast. State. What's the What's the road map for you guys? >>For us, it's been always about howto handle the mission critical and make that application run seamlessly. And then now we've done a lot of portability. So disaster recovery has been one of the biggest things for us is that customers are saying, How do I do a hybrid pattern back to your earlier question of running on Prem and in Public Cloud and do a d. R. Pale over into some of the things at least, is pointing out that we're announcing soon is non series autopilot in the idea, automatically managing applications scale from a volume capacity. And then we're actually going to start moving a lot more into some of the what you do with data after the life cycle in terms of backup and retention. So those are the things that everyone's been pushing us and the customers are all asking for. You >>know, I think data they were back in recovery is interesting. I think that's going to change radically. And I think we look at the trend of how yeah, data backup and recovery was built. It was built because of disruption of business, floods, our gains, data center failure. But I think the biggest disruptions ransomware that malware. So security is now a active disruptor. So it's not like it after the hey, if we ever have, ah, fire, we can always roll back. So you're infected and you're just rolling back infected code. That's a ransomware dream. That's what's going on. So I think data protection it needs to be >>redefined. What do you think? Absolutely. I think there's a notion of How do I get last week's data last month? And then oftentimes customers will say, If I have a piece of data volume and I suddenly have to delete it, I still need to have some record of that action for a long time, right? So those are the kinds of things that are happening and his crew bearnaise and everything. It gets changed. Suddenly. The important part is not what was just that one pot it becomes. How do I reconstruct everything? What action is not one thing. It's everywhere. That's right and protected all through the platform. If it was a platform decision, it's not some the cattlemen on the side. You can't be a single lap. It has to be entire solution. And it has to handle things like, Where do you come from? Where is it allowed to go? And you guys have that philosophy. We absolutely, and it's based on the enterprises that are adopting port works and saying, Hey, this is my romance. I'm basing it on Kubernetes. You're my date a partner. We make it happen. >>This speaks to your point of why the enterprise is in. The vendors jumped in this is what people care about Security. How do you solve this last mile problem? Storage. Networking. How do you plug those holes in Kubernetes? Because that is crucial to our >>personal private moment. Victory moment for me personally, was been a big fan of Cuban is absolutely, you know, for years. Then there were created, talked about one. The moments that got me that was really kind of a personal, heartfelt moment was enterprise buyer. And, you know, the whole mindset in the Enterprise has always been You gotta kill the old to bring in the new. And so there's always been that tension of a you know, the shiny new toy from Silicon Valley or whatever. You know, I'm not gonna just trash this and have a migration za paying that. But for I t, they don't want that to do that. They hate doing migrations, but with containers and kubernetes that could actually they don't to end of life to bring in the new project. They can do it on their own timetable or keep it around. So that took a lot of air out of the tension in on the I t. Side because they say great I can deal with the lifecycle management, my app on my own terms and go play with Cloud native and said to me, that's like that was to be like, Okay, there it is. That was validation. That means this Israel because now they can innovate without compromising. >>I think so. And I think some of that has been how the ecosystems embrace it, right. So now it's becoming all the vendors are saying my internal stack is also based on community. So even if you as an application owner or not realizing it, you're gonna take a B M next year and you're gonna run it and it's gonna be back by something like awesome. Lisa >>Marie Nappy Eric on Thank you for coming on Port Works Hot start of multiple cities Kubernetes big developer Project Open Source. Talking about multi cloud here at the inaugural Multi cloud conference in New York City. It's the Cube Courage of escape. 2019. I'm John Period. Thanks for watching

>> from our studios in the heart of Silicon Valley, Palo Alto, California It is >> a cute conversation. Hey, welcome back. Get ready. Geoffrey here with the Cube. We're gonna rip out the studios for acute conversation. It's the middle of the summer, the conference season to slow down a little bit. So we get a chance to do more cute conversation, which is always great. Excited of our next guest. He's Ridge, IP, Ops Statik. He's a VP and GM from key. Cite, Reject. Great to see you. >> Thank you for hosting us. >> Yeah. So we've had Marie on a couple of times. We had Bethany on a long time ago before the for the acquisition. But for people that aren't familiar with key site, give us kind of a quick overview. >> Sure, sure. So I'm within the excess solutions group Exhale really started was founded back in 97. It I peered around 2000 really started as a test and measurement company quickly after the I poet became the number one vendor in the space, quickly grew around 2012 and 2013 and acquired two companies Net optics and an ooey and net optics and I knew we were in the visibility or monitoring space selling taps, bypass witches and network packet brokers. So that formed the Visibility Group with a nice Xia. And then around 2017 key cite acquired Xia and we became I S G or extra Solutions group. Now, key site is also a very large test and measurement company. It is the actual original HB startup that started in Palo Alto many years ago. An HB, of course, grew, um it also started as a test and measurement company. Then later on it, it became a get a gun to printers and servers. HB spun off as agile in't, agile in't became the test and measurement. And then around 2014 I would say, or 15 agile in't spun off the test and measurement portion that became key site agile in't continued as a life and life sciences organization. And so key sites really got the name around 2014 after spinning off and they acquired Xia in 2017. So more joy of the business is testing measurement. But we do have that visibility and monitoring organization to >> Okay, so you do the test of measurement really on devices and kind of pre production and master these things up to speed. And then you're actually did in doing the monitoring in life production? Yes, systems. >> Mostly. The only thing that I would add is that now we are getting into live network testing to we see that mostly in the service provider space. Before you turn on the service, you need to make sure that all the devices and all the service has come up correctly. But also we're seeing it in enterprises to, particularly with security assessments. So reach assessment attacks. Security is your eye to organization really protecting the network? So we're seeing that become more and more important than they're pulling in test, particularly for security in that area to so as you. As you say, it's mostly device testing. But then that's going to network infrastructure and security networks, >> Right? So you've been in the industry for a while, you're it. Until you've been through a couple acquisitions, you've seen a lot of trends, so there's a lot of big macro things happening right now in the industry. It's exciting times and one of the ones. Actually, you just talked about it at Cisco alive a couple weeks ago is EJ Computer. There's a lot of talk about edges. Ej the new cloud. You know how much compute can move to the edge? What do you do in a crazy oilfield? With hot temperatures and no powers? I wonder if you can share some of the observations about EJ. You're kind of point of view as to where we're heading. And what should people be thinking about when they're considering? Yeah, what does EJ mean to my business? >> Absolutely, absolutely. So when I say it's computing, I typically include Io TI agent. It works is along with remote and branch offices, and obviously we can see the impact of Io TI security cameras, thermal starts, smart homes, automation, factory automation, hospital animation. Even planes have sensors on their engines right now for monitoring purposes and diagnostics. So that's one group. But then we know in our everyday lives, enterprises are growing very quickly, and they have remote and branch offices. More people are working from remotely. More people were working from home, so that means that more data is being generated at the edge. What it's with coyote sensors, each computing we see with oil and gas companies, and so it doesn't really make sense to generate all that data. Then you know, just imagine a self driving car. You need to capture a lot of data and you need to process. It just got really just send it to the cloud. Expect a decision to mate and then come back and so that you turn left or right, you need to actually process all that data, right? We're at the edge where the source of the data is, and that means pushing more of that computer infrastructure closer to the source. That also means running business critical applications closer to the source. And that means, you know, um, it's it's more of, ah, madness, massively distributed computer architecture. Um, what happens is that you have to then reliably connect all these devices so connectivity becomes important. But as you distribute, compute as well as applications, your attack surface increases right. Because all of these devices are very vulnerable. We're probably adding about 5,000,000 I ot devices every day to our network, So that's a lot of I O T. Devices or age devices that we connect many of these devices. You know, we don't really properly test. You probably know from your own home when you can just buy something and could easily connect it to your wife. I Similarly, people buy something, go to their work and connect to their WiFi. Not that device is connected to your entire network. So vulnerabilities in any of these devices exposes the entire network to that same vulnerability. So our attack surfaces increasing, so connection reliability as well as security for all these devices is a challenge. So we enjoy each computing coyote branch on road officers. But it does pose those challenges. And that's what we're here to do with our tech partners. Toe sold these issues >> right? It's just instinct to me on the edge because you still have kind of the three big um, the three big, you know, computer things. You got the networking right, which is just gonna be addressed by five g and a lot better band with and connectivity. But you still have store and you still have compute. You got to get those things Power s o a cz. You're thinking about the distribution of that computer and store at the edge versus in the cloud and you've got the Leighton see issue. It seems like a pretty delicate balancing act that people are gonna have to tune these systems to figure out how much to allocate where, and you will have physical limitations at this. You know the G power plant with the sure by now the middle of nowhere. >> It's It's a great point, and you typically get agility at the edge. Obviously, don't have power because these devices are small. Even if you take a room order branch office with 52 2 100 employees, there's only so much compute that you have. But you mean you need to be able to make decisions quickly. They're so agility is there. But obviously the vast amounts of computer and storage is more in your centralized data center, whether it's in your private cloud or your public cloud. So how do you do the compromise? When do you run applications at the edge when you were in applications in the cloud or private or public? Is that in fact, a compromise and year You might have to balance it, and it might change all the time, just as you know, if you look at our traditional history off compute. He had the mainframes which were centralized, and then it became distributed, centralized, distributed. So this changes all the time and you have toe make decisions, which which brings up the issue off. I would say hybrid, I t. You know, they have the same issue. A lot of enterprises have more of a, um, hybrid I t strategy or multi cloud. Where do you run the applications? Even if you forget about the age even on, do you run an on Prem? Do you run in the public cloud? Do you move it between class service providers? Even that is a small optimization problem. It's now even Matt bigger with H computer. >> Right? So the other thing that we've seen time and time again a huge trend, right? It's software to find, um, we've seen it in the networking space to compete based. It's offered to find us such a big write such a big deal now and you've seen that. So when you look at it from a test a measurement and when people are building out these devices, you know, obviously aton of great functional capability is suddenly available to people, but in terms of challenges and in terms of what you're thinking about in software defined from from you guys, because you're testing and measuring all this stuff, what's the goodness with the badness house for people, you really think about the challenges of software defined to take advantage of the tremendous opportunity. >> That's a really good point. I would say that with so far defined it working What we're really seeing is this aggregation typically had these monolithic devices that you would purchase from one vendor. That wonder vendor would guarantee that everything just works perfectly. What software defined it working, allows or has created is this desegregated model. Now you have. You can take that monolithic application and whether it's a server or a hardware infrastructure, then maybe you have a hyper visor or so software layer hardware, abstraction, layers and many, many layers. Well, if you're trying to get that toe work reliably, this means that now, in a way, the responsibility is on you to make sure that you test every all of these. Make sure that everything just works together because now we have choice. Which software packages should I install from which Bender This is always a slight differences. Which net Nick Bender should I use? If PJ smart Nick Regular Nick, you go up to the layer of what kind of ax elation should I use? D. P. D K. There's so many options you are responsible so that with S T N, you do get the advantage of opportunity off choice, just like on our servers and our PCs. But this means that you do have to test everything, make sure that everything works. So this means more testing at the device level, more testing at the service being up. So that's the predeployment stage and wants to deploy the service. Now you have to continually monitor it to make sure that it's working as you expected. So you get more choice, more diversity. And, of course, with segregation, you can take advantage of improvements on the hardware layer of the software layer. So there's that the segregation advantage. But it means more work on test as well as monitoring. So you know there's there's always a compromise >> trade off. Yeah, so different topic is security. Um, weird Arcee. This year we're in the four scout booth at a great chat with Michael the Caesars Yo there. And he talked about, you know, you talk a little bit about increasing surface area for attack, and then, you know, we all know the statistics of how long it takes people to know that they've been reach its center center. But Mike is funny. He you know, they have very simple sales pitch. They basically put their sniffer on your network and tell you that you got eight times more devices on the network than you thought. Because people are connecting all right, all types of things. So when you look at, you know, kind of monitoring test, especially with these increased surface area of all these, Iet devices, especially with bring your own devices. And it's funny, the H v A c seemed to be a really great place for bad guys to get in. And I heard the other day a casino at a casino, uh, connected thermometer in a fish tank in the lobby was the access point. How is just kind of changing your guys world, you know, how do you think about security? Because it seems like in the end, everyone seems to be getting he breached at some point in time. So it's almost Maur. How fast can you catch it? How do you minimize the damage? How do you take care of it versus this assumption that you can stop the reaches? You >> know, that was a really good point that you mentioned at the end, which is it's just better to assume that you will be breached at some point. And how quickly can you detect that? Because, on average, I think, according to research, it takes enterprise about six months. Of course, they're enterprise that are takes about a couple of years before they realize. And, you know, we hear this on the news about millions of records exposed billions of dollars of market cap loss. Four. Scout. It's a very close take partner, and we typically use deploy solutions together with these technology partners, whether it's a PM in P. M. But very importantly, security, and if you think about it, there's terabytes of data in the network. Typically, many of these tools look at the packet data, but you can't really just take those terabytes of data and just through it at all the tools, it just becomes a financially impossible toe provide security and deploy such tools in a very large network. So where this is where we come in and we were the taps, we access the data where the package workers was essentially groom it, filtering down to maybe tens or hundreds of gigs that that's really, really important. And then we feed it, feed it to our take partners such as Four Scout and many of the others. That way they can. They can focus on providing security by looking at the packets that really matter. For example, you know some some solutions only. Look, I need to look at the package header. You don't really need to see the send the payload. So if somebody is streaming Netflix or YouTube, maybe you just need to send the first mega byte of data not the whole hundreds of gigs over that to our video, so that allows them to. It allows us or helps us increase the efficiency of that tool. So the end customer can actually get a good R Y on that on that investment, and it allows for Scott to really look at or any of the tech partners to look at what's really important let me do a better job of investigating. Hey, have I been hacked? And of course, it has to be state full, meaning that it's not just looking at flow on one data flow on one side, looking at the whole communication. So you can understand What is this? A malicious application that is now done downloading other malicious applications and infiltrating my system? Is that a DDOS attack? Is it a hack? It's, Ah, there's a hole, equal system off attacks. And that's where we have so many companies in this in this space, many startups. >> It's interesting We had Tom Siebel on a little while ago actually had a W s event and his his explanation of what big data means is that there's no sampling air. And we often hear that, you know, we used to kind of prior to big day, two days we would take a sample of data after the fact and then tried to to do someone understanding where now the more popular is now we have a real time streaming engines. So now we're getting all the data basically instantaneously in making decisions. But what you just bring out is you don't necessarily want all the data all the time because it could. It can overwhelm its stress to Syria. That needs to be a much better management approach to that. And as I look at some of the notes, you know, you guys were now deploying 400 gigabit. That's right, which is bananas, because it seems like only yesterday that 100 gigabyte Ethan, that was a big deal a little bit about, you know, kind of the just hard core technology changes that are impacting data centers and deployments. And as this band with goes through the ceiling, what people are physically having to do, do it. >> Sure, sure, it's amazing how it took some time to go from 1 to 10 gig and then turning into 40 gig, but that that time frame is getting shorter and shorter from 48 2 108 100 to 400. I don't even know how we're going to get to the next phase because the demand is there and the demand is coming from a number of Trans really wants five G or the preparation for five G. A lot of service providers are started to do trials and they're up to upgrading that infrastructure because five G is gonna make it easier to access state of age quickly invest amounts of data. Whenever you make something easy for the consumer, they will consume it more. So that's one aspect of it. The preparation for five GS increasing the need for band with an infrastructure overhaul. The other piece is that we're with the neutralization. We're generating more Eastern West traffic, but because we're distributed with its computing, that East West traffic can still traverse data centers and geography. So this means that it's not just contained within a server or within Iraq. It actually just go to different locations. That also means your data center into interconnect has to support 400 gig. So a lot of network of hitmen manufacturers were typically call them. Names are are releasing are about to release 400 devices. So on the test side, they use our solutions to test these devices, obviously, because they want to release it based the standards to make sure that it works on. So that's the pre deployment phase. But once these foreign jiggy devices are deployed and typically service providers, but we're start slowly starting to see large enterprises deploy it as a mention because because of visualization and computing, then the question is, how do you make sure that your 400 gig infrastructure is operating at the capacity that you want in P. M. A. P M. As well as you're providing security? So there's a pre deployment phase that we help on the test side and then post deployment monitoring face. But five G is a big one, even though we're not. Actually we haven't turned on five year service is there's tremendous investment going on. In fact, key site. The larger organization is helping with a lot of these device testing, too. So it's not just Xia but key site. It's consume a lot of all of our time just because we're having a lot of engagements on the cellphone side. Uh, you know, decide endpoint side. It's a very interesting time that we're living in because the changes are becoming more and more frequent and it's very hot, so adapt and make sure that you're leading that leading that wave. >> In preparing for this, I saw you in another video camera. Which one it was, but your quote was you know, they didn't create electricity by improving candles. Every line I'm gonna steal it. I'll give you credit. But as you look back, I mean, I don't think most people really grown to the step function. Five g, you know, and they talk about five senior fun. It's not about your phone. It says this is the first kind of network built four machines. That's right. Machine data, the speed machine data and the quantity of Mr Sheen data. As you sit back, What kind of reflectively Again? You've been in this business for a while and you look at five G. You're sitting around talking to your to your friends at a party. So maybe some family members aren't in the business. How do you How do you tell them what this means? I mean, what are people not really seeing when they're just thinking it's just gonna be a handset upgrade there, completely missing the boat? >> Yeah, I think for the for the regular consumer, they just think it's another handset. You know, I went from three G's to 40 year. I got I saw bump in speed, and, you know, uh, some handset manufacturers are actually advertising five G capable handsets. So I'm just going to be out by another cell phone behind the curtain under the hurt. There's this massive infrastructure overhaul that a lot of service providers are going through. And it's scary because I would say that a lot of them are not necessarily prepared. The investment that's pouring in is staggering. The help that they need is one area that we're trying to accommodate because the end cell towers are being replaced. The end devices are being replaced. The data centers are being upgraded. Small South sites, you know, Um, there's there's, uh how do you provide coverage? What is the killer use case? Most likely is probably gonna be manufacturing just because it's, as you said mission to make mission machine learning Well, that's your machine to mission communication. That's where the connected hospitals connected. Manufacturing will come into play, and it's just all this machine machine communication, um, generating vast amounts of data and that goes ties back to that each computing where the edge is generating the data. But you then send some of that data not all of it, but some of that data to a centralized cloud and you develop essentially machine learning algorithms, which you then push back to the edge. The edge becomes a more intelligent and we get better productivity. But it's all machine to machine communication that, you know, I would say that more of the most of the five communication is gonna be much information communication. Some small portion will be the consumers just face timing or messaging and streaming. But that's gonna be there exactly. Exactly. That's going to change. I'm of course, we'll see other changes in our day to day lives. You know, a couple of companies attempted live gaming on the cloud in the >> past. It didn't really work out just because the network latency was not there. But we'll see that, too, and was seeing some of the products coming out from the lecture of Google into the company's where they're trying to push gaming to be in the cloud. It's something that we were not really successful in the past, so those are things that I think consumers will see Maur in their day to day lives. But the bigger impact is gonna be for the for the enterprise >> or jet. Thanks for ah, for taking some time and sharing your insight. You know, you guys get to see a lot of stuff. You've been in the industry for a while. You get to test all the new equipment that they're building. So you guys have a really interesting captaincy toe watches developments. Really exciting times. >> Thank you for inviting us. Great to be here. >> All right, Easier. Jeff. Jeff, you're watching the Cube. Where? Cube studios and fellow out there. Thanks for watching. We'll see you next time.

>> From the SiliconANGLE media office in Boston Massachusetts, it's theCUBE. Now here's your host, Dave Vellante. >> Hi everbody, this is Dave Vellante, and welcome to this special Cube conversation on a very important topic, cyber security and cyber resiliency. With me today is Stefan Voss who's the Senior Director of Product Management for Data Protection Software and Cyber Security and Compliance at Dell EMC. Stefan, thanks for coming on and helping us understand this very important topic ahead of RSA World. >> My pleasure, thanks Dave for having me. >> You're welcome, so let's talk about the environment today. We have, for years, seen back-up evolve into data protection, obviously disaster recovery is there, certainly long term retention. But increasingly, cyber resilience is part of the conversation. What are you seeing from customers? >> Yeah, definitely, we're seeing that evolution as well. It's definitely a changing market and what a perfect fit. We have to worry about right of breach, What happens when I get attacked? How can I recover? And the technologies we have, that we have for business resiliency back-up, they all apply, they all apply more than ever. But sometimes they have to be architected in a different way. So folks are very sensitive to that and they realize that they have great technologies. >> I'm glad you mentioned the focus on recovery because we have a lot of conversations on theCUBE about the CIO and how he, or she, should be communicating to the board, or the CSO, how they should be communicating to the board. That conversation has changed quite dramatically over the last 10 years. Cyber is a board-level issue. When you talk to, certainly large companies, every quarter they're talking about cyber. And not just in terms of what they're doing to keep the bad guys out but really what the processes are to respond, what the right regime is - you know, cyber security is obviously a team sport, it's not just the responsibility of the CSO or the SECOPS team, or the IT team, everybody has to be involved and be aware of it. Are you seeing that awareness at board levels within your customer base, and maybe even at smaller companies? >> 100%, I think the company size almost doesn't matter. Everybody can lose their business fairly quickly and there's one thing that NotPetya, that very bad, sort of, attack told us is that it can be very devastating. And so if we don't have a process and if we don't treat it as a team sport, we'll be uncoordinated. So, first of all, we learned that recovery is real and we need to have a recovery strategy. Doesn't mean we don't do detection, so the NIS continuum applies, but the CSOs are much more interested in the actual data recovery than they ever were before which is very interesting. And then, you know, you learn that the process is as important as the technology. So, in other words, Bob Bender - a fabulous quote from Founders Federal - you know, the notion of sweating before the game, being prepared, having a notion of a cyber recovery run book. Because the nature of the disasters are changing so, therefore, we have to think about using the same technologies in a different way. >> And I said at the open that things are shifting from just a pure back-up and recovery spectrum to much broader. The ROI is changing, people are trying to get more out of their data protection infrastructure than just insurance and, certainly, risk management and cyber resiliency and response is part of that. How is the ROI equation changing? >> Yeah, I mean, it's a very valid question. You know, we do have, people are asking for the ROI. We have to take a risk-based approach, we are mitigating risk. It's never fun to have any data protection or business resilience topology, 'cause it's incremental cost, but we do that for a reason. We need to be able to have an operational recovery strategy, a recovery strategy from a geographic disaster and, of course, now more so than ever a recovery strategy from a cyber attack. And so, therefore, we have to think about, you know, not so much the ROI but what is my risk reduction, right? By having, sort of, that process in place but also the confidence that I can get to the data that I need to recover. >> Now we're gonna get into that a little bit later when we talk about the business impact analysis. But I wanna talk about data isolation. Obviously ransomware is a hot topic today and this notion of creating an air gap. What is data isolation from your perspective? What are customers doing there? >> Yeah, I mean, I think almost every customer has a variant of data isolation. It's clear that it works, we've seen this from the NotPetya attack again that where we were, large logistics company, right, found data the domain controller on a system that underwent maintenance in Nigeria. So a system that was offline, but we don't wanna operate that way. So we wanna get the principles of isolation because we know it kind of reduces the attack surface, right, from the internal actor, from ransomware variants, you name it. All of these are, when you have stuff on the network it's theoretically fair game for the attacker. >> So that Nigeria example was basically by luck there was a system offline under maintenance that happened to be isolated? And so they were able to recover from that system? >> Absolutely. And another example was, of course, critical data that domain controller, 'cause that's what this attack happened to go after, was on tape. And so, you know, this just shows and proves that isolation works. The challenge we were running into with every customer we work with was the recovery time. Especially when you have to do selective recovery more often, you know, we wanna be able to get the benefits of online media. But also get, sort of, the benefits of isolation. >> Yeah, I mean, you don't wanna recover from tape. Tape is there as a last resort and hopefully you never have to go to it. How are customers, sort of, adopting this data isolation strategy and policy? Who's involved, what are some of the pre-requisites that they need to think about? >> Yeah, so the good thing - first thing's first, right. We have technology we know and love, so our data protection appliances where we started architecting this workflow, that we can use. So, in other words, you don't have to learn a new technology, buy something else. There's an incremental investment, yes. And then we have to think about who's involved. So that earlier point, the security folks are almost always involved, and they should be involved. Sometimes they fund the project, sometimes it comes out of IT. Right, so, this is the collaborative effort and then to the extent it's necessary, of course, you wanna have GRC - so the risk people - involved to make sure that we really focus on the most important critical assets. >> Now ahead of RSA, let's talk a little bit about what's going on in that world. There are security frameworks, Nist in particular is one, that's relatively new, I mean it's 2014 it came out, it's been revised really focusing on prevent, detect and, very importantly, respond. Something we've talked about a lot. Are people using that framework? Are they doing the self-assessments that Nist prescribes? What's your take? >> Yeah, I think they are. So, first of all, they are realizing that leaning too much left of breach, in other words hoping that we can always catch everything, sort of the eggshell perimeter, everybody understands that that's not enough. So we have to go in-depth and we also have to have a recovery strategy. And so the way I always like to break it down pragmatically is - one, what do I prioritize on? So we can always spend money on everything, but doing a business impact analysis and then maybe governing that in a tool like RSA Archer can help me be a little bit more strategic. And then, on the other end, if I can do a better job co-ordinating the data recovery along with the incident response, that will go a long way. You know and, of course, that doesn't forego any investment in the detection but it is widely adopted. >> One of the key parts about the NIS framework is understanding exposure in the supply chain where you may not have total control over one of your suppliers' policies, but yet they're embedded into your workflow. How are people handling that? Is there a high degree of awareness there? What are you seeing? >> It is absolutely, that's why product security is such an important element, and it's the number one priority for Dell Security, even above and beyond the internal security of our data center, as crazy as it sounds. Because, you know, we can do a lot of damage right in the market. So, certainly, supply chain, making sure we have robust products all along the way is something that every customer asks about all the time and it's very important. >> Let's go back to business impact analysis, we've mentioned it a couple of times now. What is a business impact analysis and how do you guys go about helping your customers conduct one? >> Yeah, I mean, let's maybe keep it to that example, let's say I go through this analysis and I find that I'm a little bit fuzzy on the recovery and that's an area I wanna invest. You know, and then I buy off on the concept that I have an isolated or cyber recovery vault on an isolated enclave onto which I can then copy data and make sure that I can get to it when I have to recover. The question then becomes, well what does business critical mean? And that's where the business impact analysis will help to say what is your business critical process - number one, number two - what are the associated applications, assets? 'Cause when you have that dependency map it makes it a lot easier to start prioritizing what applications do I put in the vault, in other words. In this specific example. And then how can I put it into financial terms to justify the investment? >> Well we were talking about ROI before, I mean really we've done actually quite a few studies looking at Global 2000 and the cost of downtime. I mean, these are real tangible metrics that, if you can reduce the amount of downtime or you can reduce the security threat, you're talking about putting money back in your pocket. Because Global 2000 organizations are losing millions and millions of dollars every year, so it is actually hard ROI. Even though some people might look at it as softer. I wanna talk about isolated data vault, you know, this notion of air gaps. What are you guys specifically doing there? Do you have solutions in that area? >> Yeah, we do. So we are using, luckily, so the concepts that we know from resiliency disaster recovery. Right, so our data protection storage which is very robust, it's very secure, it has very secure replication. So we have the mechanisms to get data into the vault, we have the mechanisms to create a read-only copy, so an immutable copy, that I can then go back into. So all of this is there, right, but the problem is how do I automate that workflow? So that's a software that we wrote that goes along with the data protection appliance sale. And what it does, it's all about ingesting that business critical data that I talked about into the secure enclave, and then rendering it into an immutable copy that I can get to when I have nowhere else to go. >> Okay, so you've got that gap, that air gap. Now, the bad guys will say 'Hey, I can get through an air gap, I can dress somebody up as a worker and put a stick in'. And so, how much awareness is there of that exposure? And I know it's maybe, you know, we're hitting the tip of the pyramid here, but still important. Can you guys help address that through, whether it's processes or product or experience? >> 100% so we have, of course, our consulting services that will then work with you on elements of physical security, or how do I lock down that remaining replication link? It's just about raising the bar for the attacker to make it more likely we'll catch them before they can get to, really, the prized assets. We're just raising the bar but, yes, those are things we do. So consulting, physical security, how do I do secure reporting out? How do I secure management going in? How do I secure that replication or synchronization link into the vault? All of these are topics that we then discuss, if they kind of deviate from the best practices and we have very good answers through our many customer arrangements. >> Stefan, let's talk about some of the specific offerings. RSA is a portfolio company in the Dell Technologies Group, it's a sister company of Dell EMC. What are you guys doing with RSA? Are you integrating with any of their specific products? Maybe you could talk about that a little bit? >> Yeah, I think, so when you think about recovery and incident response being so important, there's an obvious, right? So what RSA has found - I thought this was very interesting is that there's a lack of coordination between, typically, the security teams and the data professionals, data restoration professionals. So the more we can bridge that gap through technology, reporting, the better it is, right? So, there's a logical affinity between an incident response retainer, activity, and the data recovery solutions that we provide. That's one example, right? So every day counts, that example that I talked about NotPetya, the specific customer was losing 25 Euros every day. If I can shave off one day, it's money in the bank. Or money not out of the bank. The other area is, how do I make sure that I'm strategic about what data I protect in this way? That's the BIA Archer. And then there's some integrations we are looking at from an analytics perspective. >> Archer being the sort of governance risk and compliance, workflow, that's sort of one of the flagship products of RSA. So you integrate to that framework. And what about analytics, things like IOC, RSA NetWitness, are those products that you're integrating to or with, or leveraging in any way? >> Yeah, first off, analytics in general it's an interesting concept now we have data inside our secure enclave, right? So what if we could actually go in and give more confidence to the actual copies that we're storing there. So we have an ecosystem from an analytics perspective. We work with one specific company, we have Arrest API-based integration where we then, essentially, use them to do a vote of confidence on the copy, of the raw back up. Is it good? Are there signs that it was corrupted by malware? and so forth. So what that helps us do is be more proactive around our recovery because, I think you're about to say something - but if I knew there's something, you know, suspicious then I can start my analytics activity that much sooner. >> Well the lightbulb went off in my head. Because if I have an air gap, and I was saying before, it's necessary but insufficient. If I can run analytics on the corpus of the back up data and I can identify anomalies, I might be able to end run somebody trying to get through that air gap that I just mentioned before. Maybe it's a physical, you know, security breach. And the analytics might inform me. Is that a reasonable scenario? >> It is a reasonable scenario, though we do something slightly different. So, first of all, detection mechanisms, left of breach stuff, is what it is, we love it, we sell it, you know, we use it. But, you know, when it comes to back up they're not off-the-shelf tools we can just use and say 'Hey, why don't you scan this back up?' It doesn't typically work. So what we do is, in the vault, we have time, we have a workbench so it's almost like sending a specimen to the lab. And then we take a look at it. Are there any signs that there was data corruption that was indicative of a ransomware attack? And when there is such a scenario we say, 'You might wanna take a look at it, and do some further investigation'. That's when we then look at NetWitness or working with the security teams. But we can now be of service and say 'You might wanna look at this copy over here'. It's suspicious, there's an indicative compromise. And then take the next steps other than hoping for the best. >> You mentioned the ecosystem, you mentioned the ecosystem before. I wanna double-click on that. So, talk about the ecosystem. We've said here it's a team sport, you can't just do it alone. From a platform perspective is it open, is it API based? Maybe you can give some examples of how you're working with the ecosystem and how they're leveraging the platform. >> Yeah 100%. So, like I said, so we have, you know, our data protection appliances and that's sort of our plumbing, right, to get the data to where I want. We have the orchestration software. This is the part we're talking about. The orchestration software has Arrest API, everything's documented in Swagger. And the reason we did that is that we can do these orchestrations with third party analytics vendors, that's one use case right? So, I'm here, I have a copy here, please scan, tell me what you find and then give me an alert if you find something. The other example would be, maybe, doing a level of resiliency orchestration. Where you'd automate the recovery workflow beyond what we would have to offer. There are many examples but that is how we are enabling the ecosystem, essentially. >> You mentioned Founders Federal earlier. Is that a customer, is that a reference customer? What can you tell me about them? >> Yeah it's a reference customer and they very much saw the need for this type of protection. And, you know, we've been working with them. There's a Dell World, last year, session that we did with them. And very much the same sort of, like the quote said, focus on the process not only the product and the set of technologies, right? And, so that's how we've been partnering with them. >> The quote being 'Sweat before the game'? Founders Federal, that's a great quote. Alright, we've talked a lot about just, sort of, general terms about cyber recovery. What can you tell us, tell the audience, what makes Dell EMC cyber recovery different in the marketplace and, you know, relative to your competition? Pitch me. >> Yeah, I mean, I think it's a very unique capability. Because, one, you need a large install base and, sort of, a proven platform to even built it on, right? So when you look at the data domain technology we have a lot to work with. We have a lot of customers using it. So that's very hard to mimic. We have the orchestration software where we, I believe, are ahead of the game, right? So the orchestration software that I talked about that gets the data into the vault securely. And then our ecosystem, right? So those are really the three things. And then, of course, we have the consulting services which is also hard to mimic. To really, you know, design the process around this whole thing. But I think the ecosystem, sort of, approach is also very powerful. >> You have a big portfolio, you've got your sister company that's, sort of, well known obviously in this business. Do you also have solutions? I mean, for instance, is there an appliance as part of the portfolio that fits in here? And what is that? >> Yeah, so, you can think of this as, if I wanted to really blow it down, the two things I would buy is a data domain - it could be the smallest one - and a VxRail appliance that runs the software. And then I stick that in the vault. And then there's, sort of, that product. So you can think of it as an appliance that happens to go with the software that I talked about that does the orchestration. >> Okay, so, RSA the premier conference on cyber coming up in a couple of weeks. What have you guys got going there? Give us a little tease. >> Yeah, absolutely. So it's gonna be an awesome show and we will have a booth, and so we look forward to a lot of customer conversations. And we do have a panel. It's gonna be with Mastercard and RSA and myself. And we're really gonna take it from left of breach all the way to right of breach. >> Awesome, do you know when that panel is yet? >> It is, I think, on the 5th, I may have to check. >> Which is which day? >> I wanna say it's Wednesday. >> So it starts on the Monday, right? So that'll be day three. So check the conference schedule, I mean things change at the last minute. But that's great. Mastercard is an awesome reference customer. We've worked with them in the past and so, that's great. Stefan, thanks very much for coming to theCUBE and sharing some of your perspectives and what's coming up at RSA. It's good to have you. >> Thanks so much, Dave, I appreciate it. >> Okay, thanks for watching everybody. This is Dave Vellante from our East Cost headquarters. You're watching theCUBE.