>> From theCUBE Studios in Palo Alto and Boston, bringing you data-driven insights from theCUBE and ETR. This is Breaking Analysis with Dave Vellante. >> Spark became a top level Apache project in 2014, and then shortly thereafter, burst onto the big data scene. Spark, along with the cloud, transformed and in many ways, disrupted the big data market. Databricks optimized its tech stack for Spark and took advantage of the cloud to really cleverly deliver a managed service that has become a leading AI and data platform among data scientists and data engineers. However, emerging customer data requirements are shifting into a direction that will cause modern data platform players generally and Databricks, specifically, we think, to make some key directional decisions and perhaps even reinvent themselves. Hello and welcome to this week's wikibon theCUBE Insights, powered by ETR. In this Breaking Analysis, we're going to do a deep dive into Databricks. We'll explore its current impressive market momentum. We're going to use some ETR survey data to show that, and then we'll lay out how customer data requirements are changing and what the ideal data platform will look like in the midterm future. We'll then evaluate core elements of the Databricks portfolio against that vision, and then we'll close with some strategic decisions that we think the company faces. And to do so, we welcome in our good friend, George Gilbert, former equities analyst, market analyst, and current Principal at TechAlpha Partners. George, good to see you. Thanks for coming on. >> Good to see you, Dave. >> All right, let me set this up. We're going to start by taking a look at where Databricks sits in the market in terms of how customers perceive the company and what it's momentum looks like. And this chart that we're showing here is data from ETS, the emerging technology survey of private companies. The N is 1,421. What we did is we cut the data on three sectors, analytics, database-data warehouse, and AI/ML. The vertical axis is a measure of customer sentiment, which evaluates an IT decision maker's awareness of the firm and the likelihood of engaging and/or purchase intent. The horizontal axis shows mindshare in the dataset, and we've highlighted Databricks, which has been a consistent high performer in this survey over the last several quarters. And as we, by the way, just as aside as we previously reported, OpenAI, which burst onto the scene this past quarter, leads all names, but Databricks is still prominent. You can see that the ETR shows some open source tools for reference, but as far as firms go, Databricks is very impressively positioned. Now, let's see how they stack up to some mainstream cohorts in the data space, against some bigger companies and sometimes public companies. This chart shows net score on the vertical axis, which is a measure of spending momentum and pervasiveness in the data set is on the horizontal axis. You can see that chart insert in the upper right, that informs how the dots are plotted, and net score against shared N. And that red dotted line at 40% indicates a highly elevated net score, anything above that we think is really, really impressive. And here we're just comparing Databricks with Snowflake, Cloudera, and Oracle. And that squiggly line leading to Databricks shows their path since 2021 by quarter. And you can see it's performing extremely well, maintaining an elevated net score and net range. Now it's comparable in the vertical axis to Snowflake, and it consistently is moving to the right and gaining share. Now, why did we choose to show Cloudera and Oracle? The reason is that Cloudera got the whole big data era started and was disrupted by Spark. And of course the cloud, Spark and Databricks and Oracle in many ways, was the target of early big data players like Cloudera. Take a listen to Cloudera CEO at the time, Mike Olson. This is back in 2010, first year of theCUBE, play the clip. >> Look, back in the day, if you had a data problem, if you needed to run business analytics, you wrote the biggest check you could to Sun Microsystems, and you bought a great big, single box, central server, and any money that was left over, you handed to Oracle for a database licenses and you installed that database on that box, and that was where you went for data. That was your temple of information. >> Okay? So Mike Olson implied that monolithic model was too expensive and inflexible, and Cloudera set out to fix that. But the best laid plans, as they say, George, what do you make of the data that we just shared? >> So where Databricks has really come up out of sort of Cloudera's tailpipe was they took big data processing, made it coherent, made it a managed service so it could run in the cloud. So it relieved customers of the operational burden. Where they're really strong and where their traditional meat and potatoes or bread and butter is the predictive and prescriptive analytics that building and training and serving machine learning models. They've tried to move into traditional business intelligence, the more traditional descriptive and diagnostic analytics, but they're less mature there. So what that means is, the reason you see Databricks and Snowflake kind of side by side is there are many, many accounts that have both Snowflake for business intelligence, Databricks for AI machine learning, where Snowflake, I'm sorry, where Databricks also did really well was in core data engineering, refining the data, the old ETL process, which kind of turned into ELT, where you loaded into the analytic repository in raw form and refine it. And so people have really used both, and each is trying to get into the other. >> Yeah, absolutely. We've reported on this quite a bit. Snowflake, kind of moving into the domain of Databricks and vice versa. And the last bit of ETR evidence that we want to share in terms of the company's momentum comes from ETR's Round Tables. They're run by Erik Bradley, and now former Gartner analyst and George, your colleague back at Gartner, Daren Brabham. And what we're going to show here is some direct quotes of IT pros in those Round Tables. There's a data science head and a CIO as well. Just make a few call outs here, we won't spend too much time on it, but starting at the top, like all of us, we can't talk about Databricks without mentioning Snowflake. Those two get us excited. Second comment zeros in on the flexibility and the robustness of Databricks from a data warehouse perspective. And then the last point is, despite competition from cloud players, Databricks has reinvented itself a couple of times over the year. And George, we're going to lay out today a scenario that perhaps calls for Databricks to do that once again. >> Their big opportunity and their big challenge for every tech company, it's managing a technology transition. The transition that we're talking about is something that's been bubbling up, but it's really epical. First time in 60 years, we're moving from an application-centric view of the world to a data-centric view, because decisions are becoming more important than automating processes. So let me let you sort of develop. >> Yeah, so let's talk about that here. We going to put up some bullets on precisely that point and the changing sort of customer environment. So you got IT stacks are shifting is George just said, from application centric silos to data centric stacks where the priority is shifting from automating processes to automating decision. You know how look at RPA and there's still a lot of automation going on, but from the focus of that application centricity and the data locked into those apps, that's changing. Data has historically been on the outskirts in silos, but organizations, you think of Amazon, think Uber, Airbnb, they're putting data at the core, and logic is increasingly being embedded in the data instead of the reverse. In other words, today, the data's locked inside the app, which is why you need to extract that data is sticking it to a data warehouse. The point, George, is we're putting forth this new vision for how data is going to be used. And you've used this Uber example to underscore the future state. Please explain? >> Okay, so this is hopefully an example everyone can relate to. The idea is first, you're automating things that are happening in the real world and decisions that make those things happen autonomously without humans in the loop all the time. So to use the Uber example on your phone, you call a car, you call a driver. Automatically, the Uber app then looks at what drivers are in the vicinity, what drivers are free, matches one, calculates an ETA to you, calculates a price, calculates an ETA to your destination, and then directs the driver once they're there. The point of this is that that cannot happen in an application-centric world very easily because all these little apps, the drivers, the riders, the routes, the fares, those call on data locked up in many different apps, but they have to sit on a layer that makes it all coherent. >> But George, so if Uber's doing this, doesn't this tech already exist? Isn't there a tech platform that does this already? >> Yes, and the mission of the entire tech industry is to build services that make it possible to compose and operate similar platforms and tools, but with the skills of mainstream developers in mainstream corporations, not the rocket scientists at Uber and Amazon. >> Okay, so we're talking about horizontally scaling across the industry, and actually giving a lot more organizations access to this technology. So by way of review, let's summarize the trend that's going on today in terms of the modern data stack that is propelling the likes of Databricks and Snowflake, which we just showed you in the ETR data and is really is a tailwind form. So the trend is toward this common repository for analytic data, that could be multiple virtual data warehouses inside of Snowflake, but you're in that Snowflake environment or Lakehouses from Databricks or multiple data lakes. And we've talked about what JP Morgan Chase is doing with the data mesh and gluing data lakes together, you've got various public clouds playing in this game, and then the data is annotated to have a common meaning. In other words, there's a semantic layer that enables applications to talk to the data elements and know that they have common and coherent meaning. So George, the good news is this approach is more effective than the legacy monolithic models that Mike Olson was talking about, so what's the problem with this in your view? >> So today's data platforms added immense value 'cause they connected the data that was previously locked up in these monolithic apps or on all these different microservices, and that supported traditional BI and AI/ML use cases. But now if we want to build apps like Uber or Amazon.com, where they've got essentially an autonomously running supply chain and e-commerce app where humans only care and feed it. But the thing is figuring out what to buy, when to buy, where to deploy it, when to ship it. We needed a semantic layer on top of the data. So that, as you were saying, the data that's coming from all those apps, the different apps that's integrated, not just connected, but it means the same. And the issue is whenever you add a new layer to a stack to support new applications, there are implications for the already existing layers, like can they support the new layer and its use cases? So for instance, if you add a semantic layer that embeds app logic with the data rather than vice versa, which we been talking about and that's been the case for 60 years, then the new data layer faces challenges that the way you manage that data, the way you analyze that data, is not supported by today's tools. >> Okay, so actually Alex, bring me up that last slide if you would, I mean, you're basically saying at the bottom here, today's repositories don't really do joins at scale. The future is you're talking about hundreds or thousands or millions of data connections, and today's systems, we're talking about, I don't know, 6, 8, 10 joins and that is the fundamental problem you're saying, is a new data error coming and existing systems won't be able to handle it? >> Yeah, one way of thinking about it is that even though we call them relational databases, when we actually want to do lots of joins or when we want to analyze data from lots of different tables, we created a whole new industry for analytic databases where you sort of mung the data together into fewer tables. So you didn't have to do as many joins because the joins are difficult and slow. And when you're going to arbitrarily join thousands, hundreds of thousands or across millions of elements, you need a new type of database. We have them, they're called graph databases, but to query them, you go back to the prerelational era in terms of their usability. >> Okay, so we're going to come back to that and talk about how you get around that problem. But let's first lay out what the ideal data platform of the future we think looks like. And again, we're going to come back to use this Uber example. In this graphic that George put together, awesome. We got three layers. The application layer is where the data products reside. The example here is drivers, rides, maps, routes, ETA, et cetera. The digital version of what we were talking about in the previous slide, people, places and things. The next layer is the data layer, that breaks down the silos and connects the data elements through semantics and everything is coherent. And then the bottom layers, the legacy operational systems feed that data layer. George, explain what's different here, the graph database element, you talk about the relational query capabilities, and why can't I just throw memory at solving this problem? >> Some of the graph databases do throw memory at the problem and maybe without naming names, some of them live entirely in memory. And what you're dealing with is a prerelational in-memory database system where you navigate between elements, and the issue with that is we've had SQL for 50 years, so we don't have to navigate, we can say what we want without how to get it. That's the core of the problem. >> Okay. So if I may, I just want to drill into this a little bit. So you're talking about the expressiveness of a graph. Alex, if you'd bring that back out, the fourth bullet, expressiveness of a graph database with the relational ease of query. Can you explain what you mean by that? >> Yeah, so graphs are great because when you can describe anything with a graph, that's why they're becoming so popular. Expressive means you can represent anything easily. They're conducive to, you might say, in a world where we now want like the metaverse, like with a 3D world, and I don't mean the Facebook metaverse, I mean like the business metaverse when we want to capture data about everything, but we want it in context, we want to build a set of digital twins that represent everything going on in the world. And Uber is a tiny example of that. Uber built a graph to represent all the drivers and riders and maps and routes. But what you need out of a database isn't just a way to store stuff and update stuff. You need to be able to ask questions of it, you need to be able to query it. And if you go back to prerelational days, you had to know how to find your way to the data. It's sort of like when you give directions to someone and they didn't have a GPS system and a mapping system, you had to give them turn by turn directions. Whereas when you have a GPS and a mapping system, which is like the relational thing, you just say where you want to go, and it spits out the turn by turn directions, which let's say, the car might follow or whoever you're directing would follow. But the point is, it's much easier in a relational database to say, "I just want to get these results. You figure out how to get it." The graph database, they have not taken over the world because in some ways, it's taking a 50 year leap backwards. >> Alright, got it. Okay. Let's take a look at how the current Databricks offerings map to that ideal state that we just laid out. So to do that, we put together this chart that looks at the key elements of the Databricks portfolio, the core capability, the weakness, and the threat that may loom. Start with the Delta Lake, that's the storage layer, which is great for files and tables. It's got true separation of compute and storage, I want you to double click on that George, as independent elements, but it's weaker for the type of low latency ingest that we see coming in the future. And some of the threats highlighted here. AWS could add transactional tables to S3, Iceberg adoption is picking up and could accelerate, that could disrupt Databricks. George, add some color here please? >> Okay, so this is the sort of a classic competitive forces where you want to look at, so what are customers demanding? What's competitive pressure? What are substitutes? Even what your suppliers might be pushing. Here, Delta Lake is at its core, a set of transactional tables that sit on an object store. So think of it in a database system, this is the storage engine. So since S3 has been getting stronger for 15 years, you could see a scenario where they add transactional tables. We have an open source alternative in Iceberg, which Snowflake and others support. But at the same time, Databricks has built an ecosystem out of tools, their own and others, that read and write to Delta tables, that's what makes the Delta Lake and ecosystem. So they have a catalog, the whole machine learning tool chain talks directly to the data here. That was their great advantage because in the past with Snowflake, you had to pull all the data out of the database before the machine learning tools could work with it, that was a major shortcoming. They fixed that. But the point here is that even before we get to the semantic layer, the core foundation is under threat. >> Yep. Got it. Okay. We got a lot of ground to cover. So we're going to take a look at the Spark Execution Engine next. Think of that as the refinery that runs really efficient batch processing. That's kind of what disrupted the DOOp in a large way, but it's not Python friendly and that's an issue because the data science and the data engineering crowd are moving in that direction, and/or they're using DBT. George, we had Tristan Handy on at Supercloud, really interesting discussion that you and I did. Explain why this is an issue for Databricks? >> So once the data lake was in place, what people did was they refined their data batch, and Spark has always had streaming support and it's gotten better. The underlying storage as we've talked about is an issue. But basically they took raw data, then they refined it into tables that were like customers and products and partners. And then they refined that again into what was like gold artifacts, which might be business intelligence metrics or dashboards, which were collections of metrics. But they were running it on the Spark Execution Engine, which it's a Java-based engine or it's running on a Java-based virtual machine, which means all the data scientists and the data engineers who want to work with Python are really working in sort of oil and water. Like if you get an error in Python, you can't tell whether the problems in Python or where it's in Spark. There's just an impedance mismatch between the two. And then at the same time, the whole world is now gravitating towards DBT because it's a very nice and simple way to compose these data processing pipelines, and people are using either SQL in DBT or Python in DBT, and that kind of is a substitute for doing it all in Spark. So it's under threat even before we get to that semantic layer, it so happens that DBT itself is becoming the authoring environment for the semantic layer with business intelligent metrics. But that's again, this is the second element that's under direct substitution and competitive threat. >> Okay, let's now move down to the third element, which is the Photon. Photon is Databricks' BI Lakehouse, which has integration with the Databricks tooling, which is very rich, it's newer. And it's also not well suited for high concurrency and low latency use cases, which we think are going to increasingly become the norm over time. George, the call out threat here is customers want to connect everything to a semantic layer. Explain your thinking here and why this is a potential threat to Databricks? >> Okay, so two issues here. What you were touching on, which is the high concurrency, low latency, when people are running like thousands of dashboards and data is streaming in, that's a problem because SQL data warehouse, the query engine, something like that matures over five to 10 years. It's one of these things, the joke that Andy Jassy makes just in general, he's really talking about Azure, but there's no compression algorithm for experience. The Snowflake guy started more than five years earlier, and for a bunch of reasons, that lead is not something that Databricks can shrink. They'll always be behind. So that's why Snowflake has transactional tables now and we can get into that in another show. But the key point is, so near term, it's struggling to keep up with the use cases that are core to business intelligence, which is highly concurrent, lots of users doing interactive query. But then when you get to a semantic layer, that's when you need to be able to query data that might have thousands or tens of thousands or hundreds of thousands of joins. And that's a SQL query engine, traditional SQL query engine is just not built for that. That's the core problem of traditional relational databases. >> Now this is a quick aside. We always talk about Snowflake and Databricks in sort of the same context. We're not necessarily saying that Snowflake is in a position to tackle all these problems. We'll deal with that separately. So we don't mean to imply that, but we're just sort of laying out some of the things that Snowflake or rather Databricks customers we think, need to be thinking about and having conversations with Databricks about and we hope to have them as well. We'll come back to that in terms of sort of strategic options. But finally, when come back to the table, we have Databricks' AI/ML Tool Chain, which has been an awesome capability for the data science crowd. It's comprehensive, it's a one-stop shop solution, but the kicker here is that it's optimized for supervised model building. And the concern is that foundational models like GPT could cannibalize the current Databricks tooling, but George, can't Databricks, like other software companies, integrate foundation model capabilities into its platform? >> Okay, so the sound bite answer to that is sure, IBM 3270 terminals could call out to a graphical user interface when they're running on the XT terminal, but they're not exactly good citizens in that world. The core issue is Databricks has this wonderful end-to-end tool chain for training, deploying, monitoring, running inference on supervised models. But the paradigm there is the customer builds and trains and deploys each model for each feature or application. In a world of foundation models which are pre-trained and unsupervised, the entire tool chain is different. So it's not like Databricks can junk everything they've done and start over with all their engineers. They have to keep maintaining what they've done in the old world, but they have to build something new that's optimized for the new world. It's a classic technology transition and their mentality appears to be, "Oh, we'll support the new stuff from our old stuff." Which is suboptimal, and as we'll talk about, their biggest patron and the company that put them on the map, Microsoft, really stopped working on their old stuff three years ago so that they could build a new tool chain optimized for this new world. >> Yeah, and so let's sort of close with what we think the options are and decisions that Databricks has for its future architecture. They're smart people. I mean we've had Ali Ghodsi on many times, super impressive. I think they've got to be keenly aware of the limitations, what's going on with foundation models. But at any rate, here in this chart, we lay out sort of three scenarios. One is re-architect the platform by incrementally adopting new technologies. And example might be to layer a graph query engine on top of its stack. They could license key technologies like graph database, they could get aggressive on M&A and buy-in, relational knowledge graphs, semantic technologies, vector database technologies. George, as David Floyer always says, "A lot of ways to skin a cat." We've seen companies like, even think about EMC maintained its relevance through M&A for many, many years. George, give us your thought on each of these strategic options? >> Okay, I find this question the most challenging 'cause remember, I used to be an equity research analyst. I worked for Frank Quattrone, we were one of the top tech shops in the banking industry, although this is 20 years ago. But the M&A team was the top team in the industry and everyone wanted them on their side. And I remember going to meetings with these CEOs, where Frank and the bankers would say, "You want us for your M&A work because we can do better." And they really could do better. But in software, it's not like with EMC in hardware because with hardware, it's easier to connect different boxes. With software, the whole point of a software company is to integrate and architect the components so they fit together and reinforce each other, and that makes M&A harder. You can do it, but it takes a long time to fit the pieces together. Let me give you examples. If they put a graph query engine, let's say something like TinkerPop, on top of, I don't even know if it's possible, but let's say they put it on top of Delta Lake, then you have this graph query engine talking to their storage layer, Delta Lake. But if you want to do analysis, you got to put the data in Photon, which is not really ideal for highly connected data. If you license a graph database, then most of your data is in the Delta Lake and how do you sync it with the graph database? If you do sync it, you've got data in two places, which kind of defeats the purpose of having a unified repository. I find this semantic layer option in number three actually more promising, because that's something that you can layer on top of the storage layer that you have already. You just have to figure out then how to have your query engines talk to that. What I'm trying to highlight is, it's easy as an analyst to say, "You can buy this company or license that technology." But the really hard work is making it all work together and that is where the challenge is. >> Yeah, and well look, I thank you for laying that out. We've seen it, certainly Microsoft and Oracle. I guess you might argue that well, Microsoft had a monopoly in its desktop software and was able to throw off cash for a decade plus while it's stock was going sideways. Oracle had won the database wars and had amazing margins and cash flow to be able to do that. Databricks isn't even gone public yet, but I want to close with some of the players to watch. Alex, if you'd bring that back up, number four here. AWS, we talked about some of their options with S3 and it's not just AWS, it's blob storage, object storage. Microsoft, as you sort of alluded to, was an early go-to market channel for Databricks. We didn't address that really. So maybe in the closing comments we can. Google obviously, Snowflake of course, we're going to dissect their options in future Breaking Analysis. Dbt labs, where do they fit? Bob Muglia's company, Relational.ai, why are these players to watch George, in your opinion? >> So everyone is trying to assemble and integrate the pieces that would make building data applications, data products easy. And the critical part isn't just assembling a bunch of pieces, which is traditionally what AWS did. It's a Unix ethos, which is we give you the tools, you put 'em together, 'cause you then have the maximum choice and maximum power. So what the hyperscalers are doing is they're taking their key value stores, in the case of ASW it's DynamoDB, in the case of Azure it's Cosmos DB, and each are putting a graph query engine on top of those. So they have a unified storage and graph database engine, like all the data would be collected in the key value store. Then you have a graph database, that's how they're going to be presenting a foundation for building these data apps. Dbt labs is putting a semantic layer on top of data lakes and data warehouses and as we'll talk about, I'm sure in the future, that makes it easier to swap out the underlying data platform or swap in new ones for specialized use cases. Snowflake, what they're doing, they're so strong in data management and with their transactional tables, what they're trying to do is take in the operational data that used to be in the province of many state stores like MongoDB and say, "If you manage that data with us, it'll be connected to your analytic data without having to send it through a pipeline." And that's hugely valuable. Relational.ai is the wildcard, 'cause what they're trying to do, it's almost like a holy grail where you're trying to take the expressiveness of connecting all your data in a graph but making it as easy to query as you've always had it in a SQL database or I should say, in a relational database. And if they do that, it's sort of like, it'll be as easy to program these data apps as a spreadsheet was compared to procedural languages, like BASIC or Pascal. That's the implications of Relational.ai. >> Yeah, and again, we talked before, why can't you just throw this all in memory? We're talking in that example of really getting down to differences in how you lay the data out on disk in really, new database architecture, correct? >> Yes. And that's why it's not clear that you could take a data lake or even a Snowflake and why you can't put a relational knowledge graph on those. You could potentially put a graph database, but it'll be compromised because to really do what Relational.ai has done, which is the ease of Relational on top of the power of graph, you actually need to change how you're storing your data on disk or even in memory. So you can't, in other words, it's not like, oh we can add graph support to Snowflake, 'cause if you did that, you'd have to change, or in your data lake, you'd have to change how the data is physically laid out. And then that would break all the tools that talk to that currently. >> What in your estimation, is the timeframe where this becomes critical for a Databricks and potentially Snowflake and others? I mentioned earlier midterm, are we talking three to five years here? Are we talking end of decade? What's your radar say? >> I think something surprising is going on that's going to sort of come up the tailpipe and take everyone by storm. All the hype around business intelligence metrics, which is what we used to put in our dashboards where bookings, billings, revenue, customer, those things, those were the key artifacts that used to live in definitions in your BI tools, and DBT has basically created a standard for defining those so they live in your data pipeline or they're defined in their data pipeline and executed in the data warehouse or data lake in a shared way, so that all tools can use them. This sounds like a digression, it's not. All this stuff about data mesh, data fabric, all that's going on is we need a semantic layer and the business intelligence metrics are defining common semantics for your data. And I think we're going to find by the end of this year, that metrics are how we annotate all our analytic data to start adding common semantics to it. And we're going to find this semantic layer, it's not three to five years off, it's going to be staring us in the face by the end of this year. >> Interesting. And of course SVB today was shut down. We're seeing serious tech headwinds, and oftentimes in these sort of downturns or flat turns, which feels like this could be going on for a while, we emerge with a lot of new players and a lot of new technology. George, we got to leave it there. Thank you to George Gilbert for excellent insights and input for today's episode. I want to thank Alex Myerson who's on production and manages the podcast, of course Ken Schiffman as well. Kristin Martin and Cheryl Knight help get the word out on social media and in our newsletters. And Rob Hof is our EIC over at Siliconangle.com, he does some great editing. Remember all these episodes, they're available as podcasts. Wherever you listen, all you got to do is search Breaking Analysis Podcast, we publish each week on wikibon.com and siliconangle.com, or you can email me at David.Vellante@siliconangle.com, or DM me @DVellante. Comment on our LinkedIn post, and please do check out ETR.ai, great survey data, enterprise tech focus, phenomenal. This is Dave Vellante for theCUBE Insights powered by ETR. Thanks for watching, and we'll see you next time on Breaking Analysis.

(upbeat music) >> Hello and welcome to theCube's coverage of International Women's Day. I'm John Furrier, your host of "theCUBE." We've got great two remote guests coming into our Palo Alto Studios, some tech athletes, as we say, people that've been in the trenches, years of experience, Lena Smart, CISO at MongoDB, Cube alumni, and Tara Hernandez, VP of Developer Productivity at MongoDB as well. Thanks for coming in to this program and supporting our efforts today. Thanks so much. >> Thanks for having us. >> Yeah, everyone talk about the journey in tech, where it all started. Before we get there, talk about what you guys are doing at MongoDB specifically. MongoDB is kind of gone the next level as a platform. You have your own ecosystem, lot of developers, very technical crowd, but it's changing the business transformation. What do you guys do at Mongo? We'll start with you, Lena. >> So I'm the CISO, so all security goes through me. I like to say, well, I don't like to say, I'm described as the ones throat to choke. So anything to do with security basically starts and ends with me. We do have a fantastic Cloud engineering security team and a product security team, and they don't report directly to me, but obviously we have very close relationships. I like to keep that kind of church and state separate and I know I've spoken about that before. And we just recently set up a physical security team with an amazing gentleman who left the FBI and he came to join us after 26 years for the agency. So, really starting to look at the physical aspects of what we offer as well. >> I interviewed a CISO the other day and she said, "Every day is day zero for me." Kind of goofing on the Amazon Day one thing, but Tara, go ahead. Tara, go ahead. What's your role there, developer productivity? What are you focusing on? >> Sure. Developer productivity is kind of the latest description for things that we've described over the years as, you know, DevOps oriented engineering or platform engineering or build and release engineering development infrastructure. It's all part and parcel, which is how do we actually get our code from developer to customer, you know, and all the mechanics that go into that. It's been something I discovered from my first job way back in the early '90s at Borland. And the art has just evolved enormously ever since, so. >> Yeah, this is a very great conversation both of you guys, right in the middle of all the action and data infrastructures changing, exploding, and involving big time AI and data tsunami and security never stops. Well, let's get into, we'll talk about that later, but let's get into what motivated you guys to pursue a career in tech and what were some of the challenges that you faced along the way? >> I'll go first. The fact of the matter was I intended to be a double major in history and literature when I went off to university, but I was informed that I had to do a math or a science degree or else the university would not be paid for. At the time, UC Santa Cruz had a policy that called Open Access Computing. This is, you know, the late '80s, early '90s. And anybody at the university could get an email account and that was unusual at the time if you were, those of us who remember, you used to have to pay for that CompuServe or AOL or, there's another one, I forget what it was called, but if a student at Santa Cruz could have an email account. And because of that email account, I met people who were computer science majors and I'm like, "Okay, I'll try that." That seems good. And it was a little bit of a struggle for me, a lot I won't lie, but I can't complain with how it ended up. And certainly once I found my niche, which was development infrastructure, I found my true love and I've been doing it for almost 30 years now. >> Awesome. Great story. Can't wait to ask a few questions on that. We'll go back to that late '80s, early '90s. Lena, your journey, how you got into it. >> So slightly different start. I did not go to university. I had to leave school when I was 16, got a job, had to help support my family. Worked a bunch of various jobs till I was about 21 and then computers became more, I think, I wouldn't say they were ubiquitous, but they were certainly out there. And I'd also been saving up every penny I could earn to buy my own computer and bought an Amstrad 1640, 20 meg hard drive. It rocked. And kind of took that apart, put it back together again, and thought that could be money in this. And so basically just teaching myself about computers any job that I got. 'Cause most of my jobs were like clerical work and secretary at that point. But any job that had a computer in front of that, I would make it my business to go find the guy who did computing 'cause it was always a guy. And I would say, you know, I want to learn how these work. Let, you know, show me. And, you know, I would take my lunch hour and after work and anytime I could with these people and they were very kind with their time and I just kept learning, so yep. >> Yeah, those early days remind me of the inflection point we're going through now. This major C change coming. Back then, if you had a computer, you had to kind of be your own internal engineer to fix things. Remember back on the systems revolution, late '80s, Tara, when, you know, your career started, those were major inflection points. Now we're seeing a similar wave right now, security, infrastructure. It feels like it's going to a whole nother level. At Mongo, you guys certainly see this as well, with this AI surge coming in. A lot more action is coming in. And so there's a lot of parallels between these inflection points. How do you guys see this next wave of change? Obviously, the AI stuff's blowing everyone away. Oh, new user interface. It's been called the browser moment, the mobile iPhone moment, kind of for this generation. There's a lot of people out there who are watching that are young in their careers, what's your take on this? How would you talk to those folks around how important this wave is? >> It, you know, it's funny, I've been having this conversation quite a bit recently in part because, you know, to me AI in a lot of ways is very similar to, you know, back in the '90s when we were talking about bringing in the worldwide web to the forefront of the world, right. And we tended to think in terms of all the optimistic benefits that would come of it. You know, free passing of information, availability to anyone, anywhere. You just needed an internet connection, which back then of course meant a modem. >> John: Not everyone had though. >> Exactly. But what we found in the subsequent years is that human beings are what they are and we bring ourselves to whatever platforms that are there, right. And so, you know, as much as it was amazing to have this freely available HTML based internet experience, it also meant that the negatives came to the forefront quite quickly. And there were ramifications of that. And so to me, when I look at AI, we're already seeing the ramifications to that. Yes, are there these amazing, optimistic, wonderful things that can be done? Yes. >> Yeah. >> But we're also human and the bad stuff's going to come out too. And how do we- >> Yeah. >> How do we as an industry, as a community, you know, understand and mitigate those ramifications so that we can benefit more from the positive than the negative. So it is interesting that it comes kind of full circle in really interesting ways. >> Yeah. The underbelly takes place first, gets it in the early adopter mode. Normally industries with, you know, money involved arbitrage, no standards. But we've seen this movie before. Is there hope, Lena, that we can have a more secure environment? >> I would hope so. (Lena laughs) Although depressingly, we've been in this well for 30 years now and we're, at the end of the day, still telling people not to click links on emails. So yeah, that kind of still keeps me awake at night a wee bit. The whole thing about AI, I mean, it's, obviously I am not an expert by any stretch of the imagination in AI. I did read (indistinct) book recently about AI and that was kind of interesting. And I'm just trying to teach myself as much as I can about it to the extent of even buying the "Dummies Guide to AI." Just because, it's actually not a dummies guide. It's actually fairly interesting, but I'm always thinking about it from a security standpoint. So it's kind of my worst nightmare and the best thing that could ever happen in the same dream. You know, you've got this technology where I can ask it a question and you know, it spits out generally a reasonable answer. And my team are working on with Mark Porter our CTO and his team on almost like an incubation of AI link. What would it look like from MongoDB? What's the legal ramifications? 'Cause there will be legal ramifications even though it's the wild, wild west just now, I think. Regulation's going to catch up to us pretty quickly, I would think. >> John: Yeah, yeah. >> And so I think, you know, as long as companies have a seat at the table and governments perhaps don't become too dictatorial over this, then hopefully we'll be in a good place. But we'll see. I think it's a really interest, there's that curse, we're living in interesting times. I think that's where we are. >> It's interesting just to stay on this tech trend for a minute. The standards bodies are different now. Back in the old days there were, you know, IEEE standards, ITF standards. >> Tara: TPC. >> The developers are the new standard. I mean, now you're seeing open source completely different where it was in the '90s to here beginning, that was gen one, some say gen two, but I say gen one, now we're exploding with open source. You have kind of developers setting the standards. If developers like it in droves, it becomes defacto, which then kind of rolls into implementation. >> Yeah, I mean I think if you don't have developer input, and this is why I love working with Tara and her team so much is 'cause they get it. If we don't have input from developers, it's not going to get used. There's going to be ways of of working around it, especially when it comes to security. If they don't, you know, if you're a developer and you're sat at your screen and you don't want to do that particular thing, you're going to find a way around it. You're a smart person. >> Yeah. >> So. >> Developers on the front lines now versus, even back in the '90s, they're like, "Okay, consider the dev's, got a QA team." Everything was Waterfall, now it's Cloud, and developers are on the front lines of everything. Tara, I mean, this is where the standards are being met. What's your reaction to that? >> Well, I think it's outstanding. I mean, you know, like I was at Netscape and part of the crowd that released the browser as open source and we founded mozilla.org, right. And that was, you know, in many ways kind of the birth of the modern open source movement beyond what we used to have, what was basically free software foundation was sort of the only game in town. And I think it is so incredibly valuable. I want to emphasize, you know, and pile onto what Lena was saying, it's not just that the developers are having input on a sort of company by company basis. Open source to me is like a checks and balance, where it allows us as a broader community to be able to agree on and enforce certain standards in order to try and keep the technology platforms as accessible as possible. I think Kubernetes is a great example of that, right. If we didn't have Kubernetes, that would've really changed the nature of how we think about container orchestration. But even before that, Linux, right. Linux allowed us as an industry to end the Unix Wars and as someone who was on the front lines of that as well and having to support 42 different operating systems with our product, you know, that was a huge win. And it allowed us to stop arguing about operating systems and start arguing about software or not arguing, but developing it in positive ways. So with, you know, with Kubernetes, with container orchestration, we all agree, okay, that's just how we're going to orchestrate. Now we can build up this huge ecosystem, everybody gets taken along, right. And now it changes the game for what we're defining as business differentials, right. And so when we talk about crypto, that's a little bit harder, but certainly with AI, right, you know, what are the checks and balances that as an industry and as the developers around this, that we can in, you know, enforce to make sure that no one company or no one body is able to overly control how these things are managed, how it's defined. And I think that is only for the benefit in the industry as a whole, particularly when we think about the only other option is it gets regulated in ways that do not involve the people who actually know the details of what they're talking about. >> Regulated and or thrown away or bankrupt or- >> Driven underground. >> Yeah. >> Which would be even worse actually. >> Yeah, that's a really interesting, the checks and balances. I love that call out. And I was just talking with another interview part of the series around women being represented in the 51% ratio. Software is for everybody. So that we believe that open source movement around the collective intelligence of the participants in the industry and independent of gender, this is going to be the next wave. You're starting to see these videos really have impact because there are a lot more leaders now at the table in companies developing software systems and with AI, the aperture increases for applications. And this is the new dynamic. What's your guys view on this dynamic? How does this go forward in a positive way? Is there a certain trajectory you see? For women in the industry? >> I mean, I think some of the states are trying to, again, from the government angle, some of the states are trying to force women into the boardroom, for example, California, which can be no bad thing, but I don't know, sometimes I feel a bit iffy about all this kind of forced- >> John: Yeah. >> You know, making, I don't even know how to say it properly so you can cut this part of the interview. (John laughs) >> Tara: Well, and I think that they're >> I'll say it's not organic. >> No, and I think they're already pulling it out, right. It's already been challenged so they're in the process- >> Well, this is the open source angle, Tara, you are getting at it. The change agent is open, right? So to me, the history of the proven model is openness drives transparency drives progress. >> No, it's- >> If you believe that to be true, this could have another impact. >> Yeah, it's so interesting, right. Because if you look at McKinsey Consulting or Boston Consulting or some of the other, I'm blocking on all of the names. There has been a decade or more of research that shows that a non homogeneous employee base, be it gender or ethnicity or whatever, generates more revenue, right? There's dollar signs that can be attached to this, but it's not enough for all companies to want to invest in that way. And it's not enough for all, you know, venture firms or investment firms to grant that seed money or do those seed rounds. I think it's getting better very slowly, but socialization is a much harder thing to overcome over time. Particularly, when you're not just talking about one country like the United States in our case, but around the world. You know, tech centers now exist all over the world, including places that even 10 years ago we might not have expected like Nairobi, right. Which I think is amazing, but you have to factor in the cultural implications of that as well, right. So yes, the openness is important and we have, it's important that we have those voices, but I don't think it's a panacea solution, right. It's just one more piece. I think honestly that one of the most important opportunities has been with Cloud computing and Cloud's been around for a while. So why would I say that? It's because if you think about like everybody holds up the Steve Jobs, Steve Wozniak, back in the '70s, or Sergey and Larry for Google, you know, you had to have access to enough credit card limit to go to Fry's and buy your servers and then access to somebody like Susan Wojcicki to borrow the garage or whatever. But there was still a certain amount of upfrontness that you had to be able to commit to, whereas now, and we've, I think, seen a really good evidence of this being able to lease server resources by the second and have development platforms that you can do on your phone. I mean, for a while I think Africa, that the majority of development happened on mobile devices because there wasn't a sufficient supply chain of laptops yet. And that's no longer true now as far as I know. But like the power that that enables for people who would otherwise be underrepresented in our industry instantly opens it up, right? And so to me that's I think probably the biggest opportunity that we've seen from an industry on how to make more availability in underrepresented representation for entrepreneurship. >> Yeah. >> Something like AI, I think that's actually going to take us backwards if we're not careful. >> Yeah. >> Because of we're reinforcing that socialization. >> Well, also the bias. A lot of people commenting on the biases of the large language inherently built in are also problem. Lena, I want you to weigh on this too, because I think the skills question comes up here and I've been advocating that you don't need the pedigree, college pedigree, to get into a certain jobs, you mentioned Cloud computing. I mean, it's been around for you think a long time, but not really, really think about it. The ability to level up, okay, if you're going to join something new and half the jobs in cybersecurity are created in the past year, right? So, you have this what used to be a barrier, your degree, your pedigree, your certification would take years, would be a blocker. Now that's gone. >> Lena: Yeah, it's the opposite. >> That's, in fact, psychology. >> I think so, but the people who I, by and large, who I interview for jobs, they have, I think security people and also I work with our compliance folks and I can't forget them, but let's talk about security just now. I've always found a particular kind of mindset with security folks. We're very curious, not very good at following rules a lot of the time, and we'd love to teach others. I mean, that's one of the big things stem from the start of my career. People were always interested in teaching and I was interested in learning. So it was perfect. And I think also having, you know, strong women leaders at MongoDB allows other underrepresented groups to actually apply to the company 'cause they see that we're kind of talking the talk. And that's been important. I think it's really important. You know, you've got Tara and I on here today. There's obviously other senior women at MongoDB that you can talk to as well. There's a bunch of us. There's not a whole ton of us, but there's a bunch of us. And it's good. It's definitely growing. I've been there for four years now and I've seen a growth in women in senior leadership positions. And I think having that kind of track record of getting really good quality underrepresented candidates to not just interview, but come and join us, it's seen. And it's seen in the industry and people take notice and they're like, "Oh, okay, well if that person's working, you know, if Tara Hernandez is working there, I'm going to apply for that." And that in itself I think can really, you know, reap the rewards. But it's getting started. It's like how do you get your first strong female into that position or your first strong underrepresented person into that position? It's hard. I get it. If it was easy, we would've sold already. >> It's like anything. I want to see people like me, my friends in there. Am I going to be alone? Am I going to be of a group? It's a group psychology. Why wouldn't? So getting it out there is key. Is there skills that you think that people should pay attention to? One's come up as curiosity, learning. What are some of the best practices for folks trying to get into the tech field or that's in the tech field and advancing through? What advice are you guys- >> I mean, yeah, definitely, what I say to my team is within my budget, we try and give every at least one training course a year. And there's so much free stuff out there as well. But, you know, keep learning. And even if it's not right in your wheelhouse, don't pick about it. Don't, you know, take a look at what else could be out there that could interest you and then go for it. You know, what does it take you few minutes each night to read a book on something that might change your entire career? You know, be enthusiastic about the opportunities out there. And there's so many opportunities in security. Just so many. >> Tara, what's your advice for folks out there? Tons of stuff to taste, taste test, try things. >> Absolutely. I mean, I always say, you know, my primary qualifications for people, I'm looking for them to be smart and motivated, right. Because the industry changes so quickly. What we're doing now versus what we did even last year versus five years ago, you know, is completely different though themes are certainly the same. You know, we still have to code and we still have to compile that code or package the code and ship the code so, you know, how well can we adapt to these new things instead of creating floppy disks, which was my first job. Five and a quarters, even. The big ones. >> That's old school, OG. There it is. Well done. >> And now it's, you know, containers, you know, (indistinct) image containers. And so, you know, I've gotten a lot of really great success hiring boot campers, you know, career transitioners. Because they bring a lot experience in addition to the technical skills. I think the most important thing is to experiment and figuring out what do you like, because, you know, maybe you are really into security or maybe you're really into like deep level coding and you want to go back, you know, try to go to school to get a degree where you would actually want that level of learning. Or maybe you're a front end engineer, you want to be full stacked. Like there's so many different things, data science, right. Maybe you want to go learn R right. You know, I think it's like figure out what you like because once you find that, that in turn is going to energize you 'cause you're going to feel motivated. I think the worst thing you could do is try to force yourself to learn something that you really could not care less about. That's just the worst. You're going in handicapped. >> Yeah and there's choices now versus when we were breaking into the business. It was like, okay, you software engineer. They call it software engineering, that's all it was. You were that or you were in sales. Like, you know, some sort of systems engineer or sales and now it's,- >> I had never heard of my job when I was in school, right. I didn't even know it was a possibility. But there's so many different types of technical roles, you know, absolutely. >> It's so exciting. I wish I was young again. >> One of the- >> Me too. (Lena laughs) >> I don't. I like the age I am. So one of the things that I did to kind of harness that curiosity is we've set up a security champions programs. About 120, I guess, volunteers globally. And these are people from all different backgrounds and all genders, diversity groups, underrepresented groups, we feel are now represented within this champions program. And people basically give up about an hour or two of their time each week, with their supervisors permission, and we basically teach them different things about security. And we've now had seven full-time people move from different areas within MongoDB into my team as a result of that program. So, you know, monetarily and time, yeah, saved us both. But also we're showing people that there is a path, you know, if you start off in Tara's team, for example, doing X, you join the champions program, you're like, "You know, I'd really like to get into red teaming. That would be so cool." If it fits, then we make that happen. And that has been really important for me, especially to give, you know, the women in the underrepresented groups within MongoDB just that window into something they might never have seen otherwise. >> That's a great common fit is fit matters. Also that getting access to what you fit is also access to either mentoring or sponsorship or some sort of, at least some navigation. Like what's out there and not being afraid to like, you know, just ask. >> Yeah, we just actually kicked off our big mentor program last week, so I'm the executive sponsor of that. I know Tara is part of it, which is fantastic. >> We'll put a plug in for it. Go ahead. >> Yeah, no, it's amazing. There's, gosh, I don't even know the numbers anymore, but there's a lot of people involved in this and so much so that we've had to set up mentoring groups rather than one-on-one. And I think it was 45% of the mentors are actually male, which is quite incredible for a program called Mentor Her. And then what we want to do in the future is actually create a program called Mentor Them so that it's not, you know, not just on the female and so that we can live other groups represented and, you know, kind of break down those groups a wee bit more and have some more granularity in the offering. >> Tara, talk about mentoring and sponsorship. Open source has been there for a long time. People help each other. It's community-oriented. What's your view of how to work with mentors and sponsors if someone's moving through ranks? >> You know, one of the things that was really interesting, unfortunately, in some of the earliest open source communities is there was a lot of pervasive misogyny to be perfectly honest. >> Yeah. >> And one of the important adaptations that we made as an open source community was the idea, an introduction of code of conducts. And so when I'm talking to women who are thinking about expanding their skills, I encourage them to join open source communities to have opportunity, even if they're not getting paid for it, you know, to develop their skills to work with people to get those code reviews, right. I'm like, "Whatever you join, make sure they have a code of conduct and a good leadership team. It's very important." And there are plenty, right. And then that idea has come into, you know, conferences now. So now conferences have codes of contact, if there are any good, and maybe not all of them, but most of them, right. And the ideas of expanding that idea of intentional healthy culture. >> John: Yeah. >> As a business goal and business differentiator. I mean, I won't lie, when I was recruited to come to MongoDB, the culture that I was able to discern through talking to people, in addition to seeing that there was actually women in senior leadership roles like Lena, like Kayla Nelson, that was a huge win. And so it just builds on momentum. And so now, you know, those of us who are in that are now representing. And so that kind of reinforces, but it's all ties together, right. As the open source world goes, particularly for a company like MongoDB, which has an open source product, you know, and our community builds. You know, it's a good thing to be mindful of for us, how we interact with the community and you know, because that could also become an opportunity for recruiting. >> John: Yeah. >> Right. So we, in addition to people who might become advocates on Mongo's behalf in their own company as a solution for themselves, so. >> You guys had great successful company and great leadership there. I mean, I can't tell you how many times someone's told me "MongoDB doesn't scale. It's going to be dead next year." I mean, I was going back 10 years. It's like, just keeps getting better and better. You guys do a great job. So it's so fun to see the success of developers. Really appreciate you guys coming on the program. Final question, what are you guys excited about to end the segment? We'll give you guys the last word. Lena will start with you and Tara, you can wrap us up. What are you excited about? >> I'm excited to see what this year brings. I think with ChatGPT and its copycats, I think it'll be a very interesting year when it comes to AI and always in the lookout for the authentic deep fakes that we see coming out. So just trying to make people aware that this is a real thing. It's not just pretend. And then of course, our old friend ransomware, let's see where that's going to go. >> John: Yeah. >> And let's see where we get to and just genuine hygiene and housekeeping when it comes to security. >> Excellent. Tara. >> Ah, well for us, you know, we're always constantly trying to up our game from a security perspective in the software development life cycle. But also, you know, what can we do? You know, one interesting application of AI that maybe Google doesn't like to talk about is it is really cool as an addendum to search and you know, how we might incorporate that as far as our learning environment and developer productivity, and how can we enable our developers to be more efficient, productive in their day-to-day work. So, I don't know, there's all kinds of opportunities that we're looking at for how we might improve that process here at MongoDB and then maybe be able to share it with the world. One of the things I love about working at MongoDB is we get to use our own products, right. And so being able to have this interesting document database in order to put information and then maybe apply some sort of AI to get it out again, is something that we may well be looking at, if not this year, then certainly in the coming year. >> Awesome. Lena Smart, the chief information security officer. Tara Hernandez, vice president developer of productivity from MongoDB. Thank you so much for sharing here on International Women's Day. We're going to do this quarterly every year. We're going to do it and then we're going to do quarterly updates. Thank you so much for being part of this program. >> Thank you. >> Thanks for having us. >> Okay, this is theCube's coverage of International Women's Day. I'm John Furrier, your host. Thanks for watching. (upbeat music)

(upbeat music) >> Hi, everyone. Welcome to theCUBE's coverage of International Women's Day. I'm John Furrier, host of theCUBE. As part of International Women's Day, we're featuring some of the leading women in business technology from developer to all types of titles and to the executive level. And one topic that's really important is called Getting a Seat at the Table, board makeup, having representation at corporate boards, private and public companies. It's been a big push. And former technology operating executive and corporate board member, she's a board machine Sue Barsamian, formerly with HPE, Hewlett Packard. Sue, great to see you. CUBE alumni, distinguished CUBE alumni. Thank you for coming on. >> Yes, I'm very proud of my CUBE alumni title. >> I'm sure it opens a lot of doors for you. (Sue laughing) We're psyched to have you on. This is a really important topic, and I want to get into the whole, as women advance up, and they're sitting on the boards, they can implement policy and there's governance. Obviously public companies have very strict oversight, and not strict, but like formal. Private boards have to operate, be nimble. They don't have to share all their results. But still, boards play an important role in the success of scaled up companies. So super important, that representation there is key. >> Yes. >> I want to get into that, but first, before we get started, how did you get into tech? How did it all start for you? >> Yeah, long time ago, I was an electrical engineering major. Came out in 1981 when, you know, opportunities for engineering, if you were kind, I went to Kansas State as an undergrad, and basically in those days you went to Texas and did semiconductors. You went to Atlanta and did communication satellites. You went to Boston or you went to Silicon Valley. And for me, that wasn't too hard a choice. I ended up going west and really, I guess what, embarked on a 40 year career in Silicon Valley and absolutely loved it. Largely software, but some time on the hardware side. Started out in networking, but largely software. And then, you know, four years ago transitioned to my next chapter, which is the corporate board director. And again, focused on technology software and cybersecurity boards. >> For the folks watching, we'll cut through another segment we can probably do about your operating career, but you rose through the ranks and became a senior operating executive at the biggest companies in the world. Hewlett Packard Enterprise, Hewlett Packard Enterprise and others. Very great career, okay. And so now you're kind of like, put that on pause, and you're moving on to the next chapter, which is being a board director. What inspired you to be a board director for multiple public companies and multiple private companies? Well, how many companies are you on? But what's the inspiration? What's the inspiration? First tell me how many board ships you're on, board seats you're on, and then what inspired you to become a board director? >> Yeah, so I'm on three public, and you are limited in terms of the number of publics that you can do to four. So I'm on three public, and I'm on four private from a tech perspective. And those range from, you know, a $4 billion in revenue public company down to a 35 person private company. So I've got the whole range. >> So you're like freelancing, I mean, what is it like? It's a full-time job, obviously. It's a lot of work involved. >> Yeah, yeah, it's. >> John: Why are you doing it? >> Well, you know, so I retired from being an operating executive after 37 years. And, but I loved, I mean, it's tough, right? It's tough these days, particularly with all the pressures out there in the market, not to mention the pandemic, et cetera. But I loved it. I loved working. I loved having a career, and I was ready to back off on, I would say the stresses of quarterly results and the stresses of international travel. You have so much of it. But I wasn't ready to back off from being involved and engaged and continuing to learn new things. I think this is why you come to tech, and for me, why I went to the valley to begin with was really that energy and that excitement, and it's like it's constantly reinventing itself. And I felt like that wasn't over for me. And I thought because I hadn't done boards before I retired from operating roles, I thought, you know, that would fill the bill. And it's honestly, it has exceeded expectations. >> In a good way. You feel good about where you're at and. >> Yeah. >> What you went in, what was the expectation going in and what surprised you? And were there people along the way that kind of gave you some pointers or don't do this, stay away from this. Take us through your experiences. >> Yeah, honestly, there is an amazing network of technology board directors, you know, in the US and specifically in the Valley. And we are all incredibly supportive. We have groups where we get together as board directors, and we talk about topics, and we share best practices and stories, and so I underestimated that, right? I thought I was going to, I thought I was going to enter this chapter where I would be largely giving back after 37 years. You've learned a little bit, right? What I underestimated was just the power of continuing to learn and being surrounded by so many amazing people. When, you know, when you do, you know, multiple boards, your learnings are just multiplied, right? Because you see not just one model, but you see many models. You see not just one problem, but many problems. Not just one opportunity, but many opportunities. And I underestimated how great that would be for me from a learning perspective and then your ability to share from one board to the other board because all of my boards are companies who are also quite close to each other, the executives collaborate. So that has turned out to be really exciting for me. >> So you had the stressful job. You rose to the top of the ranks, quarterly shot clock earnings, and it's hard charging. It's like, it's like, you know, being an athlete, as we say tech athlete. You're a tech athlete. Now you're taking that to the next level, which is now you're juggling multiple operational kind of things, but not with super pressure. But there's still a lot of responsibility. I know there's one board, you got compensation committee, I mean there's work involved. It's not like you're clipping coupons and having pizza. >> Yeah, no, it's real work. Believe me, it's real work. But I don't know how long it took me to not, to stop waking up and looking at my phone and thinking somebody was going to be dropping their forecast, right? Just that pressure of the number, and as a board member, obviously you are there to support and help guide the company and you feel, you know, you feel the pressure and the responsibility of what that role entails, but it's not the same as the frontline pressure every quarter. It's different. And so I did the first type. I loved it, you know. I'm loving this second type. >> You know, the retirement, it's always a cliche these days, but it's not really like what people think it is. It's not like getting a boat, going fishing or whatever. It's doing whatever you want to do, that's what retirement is. And you've chose to stay active. Your brain's being tested, and you're working it, having fun without all the stress. But it's enough, it's like going the gym. You're not hardcore workout, but you're working out with the brain. >> Yeah, no, for sure. It's just a different, it's just a different model. But the, you know, the level of conversations, the level of decisions, all of that is quite high. Which again, I like, yeah. >> Again, you really can't talk about some of the fun questions I want to ask, like what's the valuations like? How's the market, your headwinds? Is there tailwinds? >> Yes, yes, yes. It's an amazing, it's an amazing market right now with, as you know, counter indicators everywhere, right? Something's up, something's down, you know. Consumer spending's up, therefore interest rates go up and, you know, employment's down. And so or unemployment's down. And so it's hard. Actually, I really empathize with, you know, the, and have a great deal of respect for the CEOs and leadership teams of my board companies because, you know, I kind of retired from operating role, and then everybody else had to deal with running a company during a pandemic and then running a company through the great resignation, and then running a company through a downturn. You know, those are all tough things, and I have a ton of respect for any operating executive who's navigating through this and leading a company right now. >> I'd love to get your take on the board conversations at the end if we have more time, what the mood is, but I want to ask you about one more thing real quick before we go to the next topic is you're a retired operating executive. You have multiple boards, so you've got your hands full. I noticed there's a lot of amazing leaders, other female tech athletes joining boards, but they also have full-time jobs. >> Yeah. >> And so what's your advice? Cause I know there's a lot of networking, a lot of sharing going on. There's kind of a balance between how much you can contribute on the board versus doing the day job, but there's a real need for more women on boards, so yet there's a lot going on boards. What's the current state of the union if you will, state of the market relative to people in their careers and the stresses? >> Yeah. >> Cause you left one and jumped in all in there. >> Yeah. >> Some can't do that. They can't be on five boards, but they're on a few. What's the? >> Well, and you know, and if you're an operating executive, you wouldn't be on five boards, right? You would be on one or two. And so I spend a lot of time now bringing along the next wave of women and helping them both in their career but also to get a seat at the table on a board. And I'm very vocal about telling people not to do it the way I do it. There's no reason for it to be sequential. You can, you know, I thought I was so busy and was traveling all the time, and yes, all of that was true, but, and maybe I should say, you know, you can still fit in a board. And so, and what I see now is that your learnings are so exponential with outside perspective that I believe I would've been an even better operating executive had I done it earlier. I know I would've been an even better operating executive had I done it earlier. And so my advice is don't do it the way I did it. You know, it's worked out fine for me, but hindsight's 2020, I would. >> If you can go back and do a mulligan or a redo, what would you do? >> Yeah, I would get on a board earlier, full stop, yeah. >> Board, singular, plural? >> Well, I really, I don't think as an operating executive you can do, you could do one, maybe two. I wouldn't go beyond that, and I think that's fine. >> Yeah, totally makes sense. Okay, I got to ask you about your career. I know technical, you came in at that time in the market, I remember when I broke into the business, very male dominated, and then now it's much better. When you went through the ranks as a technical person, I know you had some blockers and definitely some, probably some people like, well, you know. We've seen that. How did you handle that? What were some of the key pivot points in your journey? And we've had a lot of women tell their stories here on theCUBE, candidly, like, hey, I was going to tell that professor, I'm going to sit in the front row. I'm going to, I'm getting two degrees, you know, robotics and aerospace. So, but they were challenged, even with the aspiration to do tech. I'm not saying that was something that you had, but like have you had experience like that, that you overcome? What were those key points and how did you handle them and how does that help people today? >> Yeah, you know, I have to say, you know, and not discounting that obviously this has been a journey for women, and there are a lot of things to overcome both in the workforce and also just balancing life honestly. And they're all real. There's also a story of incredible support, and you know, I'm the type of person where if somebody blocked me or didn't like me, I tended to just, you know, think it was me and like work harder and get around them, and I'm sure that some of that was potentially gender related. I didn't interpret it that way at the time. And I was lucky to have amazing mentors, many, many, many of whom were men, you know, because they were in the positions of power, and they made a huge difference on my career, huge. And I also had amazing female mentors, Meg Whitman, Ann Livermore at HPE, who you know well. So I had both, but you know, when I look back on the people who made a difference, there are as many men on the list as there are women. >> Yeah, and that's a learning there. Create those coalitions, not just one or the other. >> Yeah, yeah, yeah, absolutely. >> Well, I got to ask you about the, well, you brought up the pandemic. This has come up on some interviews this year, a little bit last year on the International Women's Day, but this year it's resonating, and I would never ask in an interview. I saw an interview once where a host asked a woman, how do you balance it all? And I was just like, no one asked men that. And so it's like, but with remote work, it's come up now the word empathy around people knowing each other's personal situation. In other words, when remote work happened, everybody went home. So we all got a glimpse of the backdrop. You got, you can see what their personal life was on Facebook. We were just commenting before we came on camera about that. So remote work really kind of opened up this personal side of everybody, men and women. >> Yeah. >> So I think this brings this new empathy kind of vibe or authentic self people call it. Is remote work an opportunity or a threat for advancement of women in tech? >> It's a much debated topic. I look at it as an opportunity for many of the reasons that you just said. First of all, let me say that when I was an operating executive and would try to create an environment on my team that was family supportive, I would do that equally for young or, you know, early to mid-career women as I did for early to mid-career men. And the reason is I needed those men, you know, chances are they had a working spouse at home, right? I needed them to be able to share the load. It's just as important to the women that companies give, you know, the partner, male or female, the partner support and the ability to share the love, right? So to me it's not just a woman thing. It's women and men, and I always tried to create the environment where it was okay to go to your soccer game. I knew you would be online later in the evening when the kids were in bed, and that was fine. And I think the pandemic has democratized that and made that, you know, made that kind of an everyday occurrence. >> Yeah the baby walks in. They're in the zoom call. The dog comes in. The leaf blower going on the outside the window. I've seen it all on theCUBE. >> Yeah, and people don't try to pretend anymore that like, you know, the house is clean, the dog's behaved, you know, I mean it's just, it's just real, and it's authentic, and I think that's healthy. >> Yeah. >> I do, you know, I also love, I also love the office, and you know, I've got a 31 year old and a soon to be 27 year old daughter, two daughters. And you know, they love going into the office, and I think about when I was their age, how just charged up I would get from being in the office. I also see how great it is for them to have a couple of days a week at home because you can get a few things done in between Zoom calls that you don't have to end up piling onto the weekend, and, you know, so I think it's a really healthy, I think it's a really healthy mix now. Most tech companies are not mandating five days in. Most tech companies are at two to three days in. I think that's a, I think that's a really good combination. >> It's interesting how people are changing their culture to get together more as groups and even events. I mean, while I got you, I might as well ask you, what's the board conversations around, you know, the old conferences? You know, before the pandemic, every company had like a user conference. Right, now it's like, well, do we really need to have that? Maybe we do smaller, and we do digital. Have you seen how companies are handling the in-person? Because there's where the relationships are really formed face-to-face, but not everyone's going to be going. But now certain it's clearly back to face-to-face. We're seeing that with theCUBE as you know. >> Yeah, yeah. >> But the numbers aren't coming back, and the numbers aren't that high, but the stakeholders. >> Yeah. >> And the numbers are actually higher if you count digital. >> Yeah, absolutely. But you know, also on digital there's fatigue from 100% digital, right? It's a hybrid. People don't want to be 100% digital anymore, but they also don't want to go back to the days when everybody got on a plane for every meeting, every call, every sales call. You know, I'm seeing a mix on user conferences. I would say two-thirds of my companies are back, but not at the expense level that they were on user conferences. We spend a lot of time getting updates on, cause nobody has put, interestingly enough, nobody has put T&E, travel and expense back to pre-pandemic levels. Nobody, so everybody's pulled back on number of trips. You know, marketing events are being very scrutinized, but I think very effective. We're doing a lot of, and, you know, these were part of the old model as well, like some things, some things just recycle, but you know, there's a lot of CIO and customer round tables in regional cities. You know, those are quite effective right now because people want some face-to-face, but they don't necessarily want to get on a plane and go to Las Vegas in order to do it. I mean, some of them are, you know, there are a lot of things back in Las Vegas. >> And think about the meetings that when you were an operating executive. You got to go to the sales kickoff, you got to go to this, go to that. There were mandatory face-to-faces that you had to go to, but there was a lot of travel that you probably could have done on Zoom. >> Oh, a lot, I mean. >> And then the productivity to the family impact too. Again, think about again, we're talking about the family and people's personal lives, right? So, you know, got to meet a customer. All right. Salesperson wants you to get in front of a customer, got to fly to New York, take a red eye, come on back. Like, I mean, that's gone. >> Yeah, and oh, by the way, the customer doesn't necessarily want to be in the office that day, so, you know, they may or may not be happy about that. So again, it's and not or, right? It's a mix. And I think it's great to see people back to some face-to-face. It's great to see marketing and events back to some face-to-face. It's also great to see that it hasn't gone back to the level it was. I think that's a really healthy dynamic. >> Well, I'll tell you that from our experience while we're on the topic, we'll move back to the International Women's Day is that the productivity of digital, this program we're doing is going to be streamed. We couldn't do this face-to-face because we had to have everyone fly to an event. We're going to do hundreds of stories that we couldn't have done. We're doing it remote. Because it's better to get the content than not have it. I mean it's offline, so, but it's not about getting people to the event and watch the screen for seven hours. It's pick your interview, and then engage. >> Yeah. >> So it's self-service. So we're seeing a lot, the new user experience kind of direct to consumer, and so I think there will be an, I think there's going to be a digital first class citizen with events, so that that matches up with the kind of experience, but the offline version. Face-to-face optimized for relationships, and that's where the recruiting gets done. That's where, you know, people can build these relationships with each other. >> Yeah, and it can be asynchronous. I think that's a real value proposition. It's a great point. >> Okay, I want to get, I want to get into the technology side of the education and re-skilling and those things. I remember in the 80s, computer science was software engineering. You learned like nine languages. You took some double E courses, one or two, and all the other kind of gut classes in school. Engineering, you had the four class disciplines and some offshoots of specialization. Now it's incredible the diversity of tracks in all engineering programs and computer science and outside of those departments. >> Yeah. >> Can you speak to the importance of STEM and the diversity in the technology industry and how this brings opportunity to lower the bar to get in and how people can stay in and grow and keep leveling up? >> Yeah, well look, we're constantly working on how to, how to help the incoming funnel. But then, you know, at a university level, I'm on the foundation board of Kansas State where I got my engineering degree. I was also Chairman of the National Action Council for Minorities in Engineering, which was all about diversity in STEM and how do you keep that pipeline going because honestly the US needs more tech resources than we have. And if you don't tap into the diversity of our entire workforce, we won't be able to fill that need. And so we focused a lot on both the funnel, right, that starts at the middle school level, particularly for girls, getting them in, you know, the situation of hands-on comfort level with coding, with robot building, you know, whatever gives them that confidence. And then keeping that going all the way into, you know, university program, and making sure that they don't attrit out, right? And so there's a number of initiatives, whether it's mentoring and support groups and financial aid to make sure that underrepresented minorities, women and other minorities, you know, get through the funnel and stay, you know, stay in. >> Got it. Now let me ask you, you said, I have two daughters. You have a family of girls too. Is there a vibe difference between the new generation and what's the trends that you're seeing in this next early wave? I mean, not maybe, I don't know how this is in middle school, but like as people start getting into their adult lives, college and beyond what's the current point of view, posture, makeup of the talent coming in? >> Yeah, yeah. >> Certain orientations, do you see any patterns? What's your observation? >> Yeah, it's interesting. So if I look at electrical engineering, my major, it's, and if I look at Kansas State, which spends a lot of time on this, and I think does a great job, but the diversity of that as a major has not changed dramatically since I was there in the early 80s. Where it has changed very significantly is computer science. There are many, many university and college programs around the country where, you know, it's 50/50 in computer science from a gender mix perspective, which is huge progress. Huge progress. And so, and to me that's, you know, I think CS is a fantastic degree for tech, regardless of what function you actually end up doing in these companies. I mean, I was an electrical engineer. I never did core electrical engineering work. I went right into sales and marketing and general management roles. So I think, I think a bunch of, you know, diverse CS graduates is a really, really good sign. And you know, we need to continue to push on that, but progress has been made. I think the, you know, it kind of goes back to the thing we were just talking about, which is the attrition of those, let's just talk about women, right? The attrition of those women once they got past early career and into mid-career then was a concern, right? And that goes back to, you know, just the inability to, you know, get it all done. And that I am hopeful is going to be better served now. >> Well, Sue, it's great to have you on. I know you're super busy. I appreciate you taking the time and contributing to our program on corporate board membership and some of your story and observations and opinions and analysis. Always great to have you and call you a contributor for theCUBE. You can jump on on one more board, be one of our board contributors for our analysts. (Sue laughing) >> I'm at capacity. (both laughing) >> Final, final word. What's the big seat at the table issue that's going well and areas that need to be improved? >> So I'll speak for my boards because they have made great progress in efficiency. You know, obviously with interest rates going up and the mix between growth and profitability changing in terms of what investors are looking for. Many, many companies have had to do a hard pivot from grow at all costs to healthy balance of growth and profit. And I'm very pleased with how my companies have made that pivot. And I think that is going to make much better companies as a result. I think diversity is something that has not been solved at the corporate level, and we need to keep working it. >> Awesome. Thank you for coming on theCUBE. CUBE alumni now contributor, on multiple boards, full-time job. Love the new challenge and chapter you're on, Sue. We'll be following, and we'll check in for more updates. And thank you for being a contributor on this program this year and this episode. We're going to be doing more of these quarterly, so we're going to move beyond once a year. >> That's great. (cross talking) It's always good to see you, John. >> Thank you. >> Thanks very much. >> Okay. >> Sue: Talk to you later. >> This is theCUBE coverage of IWD, International Women's Day 2023. I'm John Furrier, your host. Thanks for watching. (upbeat music)

(intro music) >> "theCUBE's" live coverage is made possible by funding from Dell Technologies, creating technologies that drive human progress. (upbeat music) >> We're not going to- >> Hey everybody, welcome back to the Fira in Barcelona. My name is Dave Vellante, I'm here with Dave Nicholson, day four of MWC23. I mean, it's Dave, it's, it's still really busy. And you walking the floors, you got to stop and start. >> It's surprising. >> People are cheering. They must be winding down, giving out the awards. Really excited. Pier, look at you and Elias here. He's the vice president of Engineering Technology for Edge Computing Offers Strategy and Execution at Dell Technologies, and he's joined by Dan Cummins, who's a fellow and vice president of, in the Edge Business Unit at Dell Technologies. Guys, welcome. >> Thank you. >> Thank you. >> I love when I see the term fellow. You know, you don't, they don't just give those away. What do you got to do to be a fellow at Dell? >> Well, you know, fellows are senior technical leaders within Dell. And they're usually tasked to help Dell solve you know, a very large business challenge to get to a fellow. There's only, I think, 17 of them inside of Dell. So it is a small crowd. You know, previously, really what got me to fellow, is my continued contribution to transform Dell's mid-range business, you know, VNX two, and then Unity, and then Power Store, you know, and then before, and then after that, you know, they asked me to come and, and help, you know, drive the technology vision for how Dell wins at the Edge. >> Nice. Congratulations. Now, Pierluca, I'm looking at this kind of cool chart here which is Edge, Edge platform by Dell Technologies, kind of this cube, like cubes course, you know. >> AK project from here. >> Yeah. So, so tell us about the Edge platform. What, what's your point of view on all that at Dell? >> Yeah, absolutely. So basically in a, when we create the Edge, and before even then was bringing aboard, to create this vision of the platform, and now building the platform when we announced project from here, was to create solution for the Edge. Dell has been at the edge for 30 years. We sold a lot of compute. But the reality was people want outcome. And so, and the Edge is a new market, very exciting, but very siloed. And so people at the Edge have different personas. So quickly realize that we need to bring in Dell, people with expertise, quickly realize as well that doing all these solution was not enough. There was a lot of problem to solve because the Edge is outside of the data center. So you are outside of the wall of the data center. And what is going to happen is obviously you are in the land of no one. And so you have million of device, thousand of million of device. All of us at home, we have all connected thing. And so we understand that the, the capability of Dell was to bring in technology to secure, manage, deploy, with zero touch, zero trust, the Edge. And all the edge the we're speaking about right now, we are focused on everything that is outside of a normal data center. So, how we married the computer that we have for many years, the new gateways that we create, so having the best portfolio, number one, having the best solution, but now, transforming the way that people deploy the Edge, and secure the Edge through a software platform that we create. >> You mentioned Project Frontier. I like that Dell started to do these sort of project, Project Alpine was sort of the multi-cloud storage. I call it "The Super Cloud." The Project Frontier. It's almost like you develop, it's like mission based. Like, "Okay, that's our North Star." People hear Project Frontier, they know, you know, internally what you're talking about. Maybe use it for external communications too, but what have you learned since launching Project Frontier? What's different about the Edge? I mean you're talking about harsh environments, you're talking about new models of connectivity. So, what have you learned from Project Frontier? What, I'd love to hear the fellow perspective as well, and what you guys are are learning so far. >> Yeah, I mean start and then I left to them, but we learn a lot. The first thing we learn that we are on the right path. So that's good, because every conversation we have, there is nobody say to us, you know, "You are crazy. "This is not needed." Any conversation we have this week, start with the telco thing. But after five minutes it goes to, okay, how I can solve the Edge, how I can bring the compute near where the data are created, and how I can do that secure at scale, and with the right price. And then can speak about how we're doing that. >> Yeah, yeah. But before that, we have to really back up and understand what Dell is doing with Project Frontier, which is an Edge operations platform, to simplify your Edge use cases. Now, Pierluca and his team have a number of verticalized applications. You want to be able to securely deploy those, you know, at the Edge. But you need a software platform that's going to simplify both the life cycle management, and the security at the Edge, with the ability to be able to construct and deploy distributed applications. Customers are looking to derive value near the point of generation of data. We see a massive explosion of data. But in particular, what's different about the Edge, is the different computing locations, and the constraints that are on those locations. You know, for example, you know, in a far Edge environment, the people that service that equipment are not trained in the IT, or train, trained in it. And they're also trained in the safety and security protocols of that environment. So you necessarily can't apply the same IT techniques when you're managing infrastructure and deploying applications, or servicing in those locations. So Frontier was designed to solve for those constraints. You know, often we see competitors that are doing similar things, that are starting from an IT mindset, and trying to shift down to cover Edge use cases. What we've done with Frontier, is actually first understood the constraints that they have at the Edge. Both the operational constraints and technology constraints, the service constraints, and then came up with a, an architecture and technology platform that allows them to start from the Edge, and bleed into the- >> So I'm laughing because you guys made the same mistake. And you, I think you learned from that mistake, right? You used to take X86 boxes and throw 'em over the fence. Now, you're building purpose-built systems, right? Project Frontier I think is an example of the learnings. You know, you guys an IT company, right? Come on. But you're learning fast, and that's what I'm impressed about. >> Well Glenn, of course we're here at MWC, so it's all telecom, telecom, telecom, but really, that's a subset of Edge. >> Yes. >> Fair to say? >> Yes. >> Can you give us an example of something that is, that is, orthogonal to, to telecom, you know, maybe off to the side, that maybe overlaps a little bit, but give us an, give us an example of Edge, that isn't specifically telecom focused. >> Well, you got the, the Edge verticals. and Pierluca could probably speak very well to this. You know, you got manufacturing, you got retail, you got automotive, you got oil and gas. Every single one of them are going to make different choices in the software that they're going to use, the hyperscaler investments that they're going to use, and then write some sort of automation, you know, to deploy that, right? And the Edge is highly fragmented across all of these. So we certainly could deploy a private wireless 5G solution, orchestrate that deployment through Frontier. We can also orchestrate other use cases like connected worker, or overall equipment effectiveness in manufacturing. But Pierluca you have a, you have a number. >> Well, but from your, so, but just to be clear, from your perspective, the whole idea of, for example, private 5g, it's a feature- >> Yes. >> That might be included. It happened, it's a network topology, a network function that might be a feature of an Edge environment. >> Yes. But it's not the center of the discussion. >> So, it enables the outcome. >> Yeah. >> Okay. >> So this, this week is a clear example where we confirm and establish this. The use case, as I said, right? They, you say correctly, we learned very fast, right? We brought people in that they came from industry that was not IT industry. We brought people in with the things, and we, we are Dell. So we have the luxury to be able to interview hundreds of customers, that just now they try to connect the OT with the IT together. And so what we learn, is really, at the Edge is different personas. They person that decide what to do at the Edge, is not the normal IT administrator, is not the normal telco. >> Who is it? Is it an engineer, or is it... >> It's, for example, the store manager. >> Yeah. >> It's, for example, the, the person that is responsible for the manufacturing process. Those people are not technology people by any means. But they have a business goal in mind. Their goal is, "I want to raise my productivity by 30%," hence, I need to have a preventive maintenance solution. How we prescribe this preventive maintenance solution? He doesn't prescribe the preventive maintenance solution. He goes out, he has to, a consult or himself, to deploy that solution, and he choose different fee. Now, the example that I was doing from the houses, all of us, we have connected device. The fact that in my house, I have a solar system that produce energy, the only things I care that I can read, how much energy I produce on my phone, and how much energy I send to get paid back. That's the only thing. The fact that inside there is a compute that is called Dell or other things is not important to me. Same persona. Now, if I can solve the security challenge that the SI, or the user need to implement this technology because it goes everywhere. And I can manage this in extensively, and I can put the supply chain of Dell on top of that. And I can go every part in the world, no matter if I have in Papua New Guinea, or I have an oil ring in Texas, that's the winning strategy. That's why people, they are very interested to the, including Telco, the B2B business in telco is looking very, very hard to how they recoup the investment in 5g. One of the way, is to reach out with solution. And if I can control and deploy things, more than just SD one or other things, or private mobility, that's the key. >> So, so you have, so you said manufacturing, retail, automotive, oil and gas, you have solutions for each of those, or you're building those, or... >> Right now we have solution for manufacturing, with for example, PTC. That is the biggest company. It's actually based in Boston. >> Yeah. Yeah, it is. There's a company that the market's just coming right to them. >> We have a, very interesting. Another solution with Litmus, that is a startup that, that also does manufacturing aggregation. We have retail with Deep North. So we can do detecting in the store, how many people they pass, how many people they doing, all of that. And all theses solution that will be, when we will have Frontier in the market, will be also in Frontier. We are also expanding to energy, and we going vertical by vertical. But what is they really learn, right? You said, you know you are an IT company. What, to me, the Edge is a pre virtualization area. It's like when we had, you know, I'm, I've been in the company for 24 years coming from EMC. The reality was before there was virtualization, everybody was starting his silo. Nobody thought about, "Okay, I can run this thing together "with security and everything, "but I need to do it." Because otherwise in a manufacturing, or in a shop, I can end up with thousand of devices, just because someone tell to me, I'm a, I'm a store manager, I don't know better. I take this video surveillance application, I take these things, I take a, you know, smart building solution, suddenly I have five, six, seven different infrastructure to run this thing because someone say so. So we are here to democratize the Edge, to secure the Edge, and to expand. That's the idea. >> So, the Frontier platform is really the horizontal platform. And you'll build specific solutions for verticals. On top of that, you'll, then I, then the beauty is ISV's come in. >> Yes. >> 'Cause it's open, and the developers. >> We have a self certification program already for our solution, as well, for the current solution, but also for Frontier. >> What does that involve? Self-certification. You go through you, you go through some- >> It's basically a, a ISV can come. We have a access to a lab, they can test the thing. If they pass the first screen, then they can become part of our ecosystem very easily. >> Ah. >> So they don't need to spend days or months with us to try to architect the thing. >> So they get the premature of being certified. >> They get the Dell brand associated with it. Maybe there's some go-to-market benefits- >> Yes. >> As well. Cool. What else do we need to know? >> So, one thing I, well one thing I just want to stress, you know, when we say horizontal platform, really, the Edge is really a, a distributed edge computing problem, right? And you need to almost create a mesh of different computing locations. So for example, even though Dell has Edge optimized infrastructure, that we're going to deploy and lifecycle manage, customers may also have compute solutions, existing compute solutions in their data center, or at a co-location facility that are compute destinations. Project Frontier will connect to those private cloud stacks. They'll also collect to, connect to multiple public cloud stacks. And then, what they can do, is the solutions that we talked about, they construct that using an open based, you know, protocol, template, that describes that distributed application that produces that outcome. And then through orchestration, we can then orchestrate across all of these locations to produce that outcome. That's what the platform's doing. >> So it's a compute mesh, is what you just described? >> Yeah, it's, it's a, it's a software orchestration mesh. >> Okay. >> Right. And allows customers to take advantage of their existing investments. Also allows them to, to construct solutions based on the ISV of their choice. We're offering solutions like Pierluca had talked about, you know, in manufacturing with Litmus and PTC, but they could put another use case that's together based on another ISV. >> Is there a data mesh analog here? >> The data mesh analog would run on top of that. We don't offer that as part of Frontier today, but we do have teams working inside of Dell that are working on this technology. But again, if there's other data mesh technology or packages, that they want to deploy as a solution, if you will, on top of Frontier, Frontier's extensible in that way as well. >> The open nature of Frontier is there's a, doesn't, doesn't care. It's just a note on the mesh. >> Yeah. >> Right. Now, of course you'd rather, you'd ideally want it to be Dell technology, and you'll make the business case as to why it should be. >> They get additional benefits if it's Dell. Pierluca talked a lot about, you know, deploying infrastructure outside the walls of an IT data center. You know, this stuff can be tampered with. Somebody can move it to another room, somebody can open up. In the supply chain with, you know, resellers that are adding additional people, can open these devices up. We're actually deploying using an Edge technology called Secure Device Onboarding. And it solves a number of things for us. We, as a manufacturer can initialize the roots of trust in the Dell hardware, such that we can validate, you know, tamper detection throughout the supply chain, and securely transfer ownership. And that's different. That is not an IT technique. That's an edge technique. And that's just one example. >> That's interesting. I've talked to other people in IT about how they're using that technique. So it's, it's trickling over to that side of the business. >> I'm almost curious about the friction that you, that you encounter because the, you know, you paint a picture of a, of a brave new world, a brave new future. Ideally, in a healthy organization, they have, there's a CTO, or at least maybe a CIO, with a CTO mindset. They're seeking to leverage technology in the service of whatever the mission of the organization is. But they've got responsibilities to keep the lights on, as well as innovate. In that mix, what are you seeing as the inhibitors? What's, what's the push back against Frontier that you're seeing in most cases? Is it, what, what is it? >> Inside of Dell? >> No, not, I'm saying out, I'm saying with- >> Market friction. >> Market, market, market friction. What is the push back? >> I think, you know, as I explained, do yourself is one of the things that probably is the most inhibitor, because some people, they think that they are better already. They invest a lot in this, and they have the content. But those are again, silo solutions. So, if you go into some of the huge things that they already established, thousand of store and stuff like that, there is an opportunity there, because also they want to have a refresh cycle. So when we speak about softer, softer, softer, when you are at the Edge, the software needs to run on something that is there. So the combination that we offer about controlling the security of the hardware, plus the operating system, and provide an end-to-end platform, allow them to solve a lot of problems that today they doing by themselves. Now, I met a lot of customers, some of them, one actually here in Spain, I will not make the name, but it's a large automotive. They have the same challenge. They try to build, but the problem is this is just for them. And they want to use something that is a backup and provide with the Dell service, Dell capability of supply chain in all the world, and the diversity of the portfolio we have. These guys right now, they need to go out and find different types of compute, or try to adjust thing, or they need to have 20 people there to just prepare the device. We will take out all of this. So I think the, the majority of the pushback is about people that they already established infrastructure, and they want to use that. But really, there is an opportunity here. Because the, as I said, the IT/OT came together now, it's a reality. Three years ago when we had our initiative, they've pointed out, sarcastically. We, we- >> Just trying to be honest. (laughing) >> I can't let you get away with that. >> And we, we failed because it was too early. And we were too focused on, on the fact to going. Push ourself to the boundary of the IOT. This platform is open. You want to run EdgeX, you run EdgeX, you want OpenVINO, you want Microsoft IOT, you run Microsoft IOT. We not prescribe the top. We are locking down the bottom. >> What you described is the inertia of, of sunk dollars, or sunk euro into an infrastructure, and now they're hanging onto that. >> Yeah. >> But, I mean, you know, I, when we say horizontal, we think scale, we think low cost, at volume. That will, that will win every time. >> There is a simplicity at scale, right? There is a, all the thing. >> And the, and the economics just overwhelm that siloed solution. >> And >> That's inevitable. >> You know, if you want to apply security across the entire thing, if you don't have a best practice, and a click that you can do that, or bring down an application that you need, you need to touch each one of these silos. So, they don't know yet, but we going to be there helping them. So there is no pushback. Actually, this particular example I did, this guy said you know, there are a lot of people that come here. Nobody really described the things we went through. So we are on the right track. >> Guys, great conversation. We really appreciate you coming on "theCUBE." >> Thank you. >> Pleasure to have you both. >> Okay. >> Thank you. >> All right. And thank you for watching Dave Vellante for Dave Nicholson. We're live at the Fira. We're winding up day four. Keep it right there. Go to siliconangle.com. John Furrier's got all the news on "theCUBE.net." We'll be right back right after this break. "theCUBE," at MWC 23. (outro music)

>> Narrator: theCUBE's live coverage is made possible by funding from Dell Technologies. Creating technologies that drive human progress. (upbeat music) >> Hey, welcome back to the Fira in Barcelona. My name is Dave Vellante. I'm here with David Nicholson, day four of MWC '23. Show's winding down a little bit, but it's still pretty packed here. Lot of innovation, planes, trains, automobiles, and we're talking 5G all week, private networks, connected breweries. It's super exciting. Really happy to have Warren Jackson here as the Edge Gateway Product Technologist at Dell Technologies, and Scott Waller, the CTO of the 5G Open Innovation Lab. Folks, welcome to theCUBE. >> Good to be here. >> Really interesting stories that we're going to talk about. Let's start, Scott, with you, what is the Open Innovation Lab? >> So it was hatched three years ago. Ideated about a bunch of guys from Microsoft who ran startup ventures program, started the developers program over at Microsoft, if you're familiar with MSDN. And they came three years ago and said, how does CSPs working with someone like T-Mobile who's in our backyard, I'm from Seattle. How do they monetize the edge? You need a developer ecosystem of applications and use cases. That's always been the thing. The carriers are building the networks, but where's the ecosystem of startups? So we built a startup ecosystem that is sponsored by partners, Dell being one sponsor, Intel, Microsoft, VMware, Aspirant, you name it. The enterprise folks who are also in the connectivity business. And with that, we're not like a Y Combinator or a Techstars where it's investment first and it's all about funding. It's all about getting introductions from a startup who might have a VR or AI type of application or observability for 5G slicing, and bring that in front of the Microsoft's of the world, or the Intel's and the Dell's of the world that they might not have the capabilities to do it because they're still a small little startup with an MVP. So we really incubate. We're the connectors and build a network. We've had 101 startups over the last three years. They've raised over a billion dollars. And it's really valuable to our partners like T-Mobile and Dell, et cetera, where we're bringing in folks like Expedo and GenXComm and Firecell. Start up private companies that are around here they were cohorts from our program in the past. >> That's awesome because I've often, I mean, I've seen Dell get into this business and I'm like, wow, they've done a really good job of finding these guys. I wonder what the pipeline is. >> We're trying to create the pipeline for the entire industry, whether it's 5G on the edge for the CSPs, or it's for private enterprise networks. >> Warren, what's this cool little thing you got here? >> Yeah, so this is very unique in the Dell portfolio. So when people think of Dell, they think of servers laptops, et cetera. But what this does is it's designed to be deployed at the edge in harsh environments and it allows customers to do analytics, data collection at the edge. And what's unique about it is it's got an extended temperature range. There's no fan in this and there's lots of ports on it for data ingestion. So this is a smaller box Edge Gateway 3200. This is the product that we're using in the brewery. And then we have a bigger brother of this, the Edge Gateway 5200. So the value of it, you can scale depending on what your edge compute requirements are at the edge. >> So tell us about the brewery story. And you covered it, I know you were in the Dell booth, but it's basically an analog brewery. They're taking measurements and temperatures and then writing it down and then entering it in and somebody from your company saw it and said, "We can help you with this problem." Explain the story. >> Yeah, so Scott and I did a walkthrough of the brewery back in November timeframe. >> It's in Framingham, Mass. >> Framingham, Mass, correct. And basically, we talked to him, and we said, what keeps you guys up at night? What's a problem that we can solve? Very simple, a kind of a lower budget, didn't have a lot money to spend on it, but what problem can we solve that will realize great benefit for you? So we looked at their fermentation process, which was completely analog. Somebody was walking around with a clipboard looking at analog gauges. And what we did is we digitized that process. So what this did for them rather than being completely reactive, and by the time they realized there was something going wrong with the fermentation process, it's too late. A batch of scrap. This allowed them to be proactive. So anytime, anywhere on the tablet or a phone, they can see if that fermentation process is going out of range and do something about it before the batch gets scrapped. >> Okay. Amazing. And Scott, you got a picture of this workflow here? >> Yeah, actually this is the final product. >> Explain that. >> As Warren mentioned, the data is actually residing in the industrial side of the network So we wanted to keep the IT/OT separation, which is critical on the factory floor. And so all the data is brought in from the sensors via digital connection once it's converted and into the edge gateway. Then there's a snapshot of it using Telit deviceWISE, their dashboarding application, that is decoding all the digital readings, putting them in a nice dashboard. And then when we gave them, we realized another problem was they're using cheap little Chromebooks that they spill beer on once a week and throw them out. That's why they bought the cheap ones 'cause they go through them so fast. So we got a Dell Latitude Rugged notebook. This is a brand new tablet, but they have the dashboarding software. So no matter if they're out there on the floor, but because the data resides there on the factory they have access to be able to change the parameters. This one's in the maturation cycle. This one's in the crashing cycle where they're bringing the temperature back down, stopping the fermentation process, getting it ready to go to the canning side of the house. >> And they're doing all that from this dashboard. >> They're doing all from the dashboard. They also have a giant screen that we put up there that in the floor instead of walking a hundred yards back behind a whole bunch of machinery equipment from a safety perspective, now they just look up on the screen and go, "Oh, that's red. That's out of range." They're actually doing a bunch of cleaning and a bunch of other things right now, too. So this is real time from Boston. >> Dave: Oh okay. >> Scott: This is actually real time from Boston. >> I'm no hop master, but I'm looking at these things flashing at me and I'm thinking something's wrong with my beer. >> We literally just lit this up last week. So we're still tweaking a few things, but they're also learning around. This is a new capability they never had. Oh, we have the ability to alert and monitor at different processes with different batches, different brews, different yeast types. Then now they're also training and learning. And we're going to turn that into eventually a product that other breweries might be able to use. >> So back to the kind of nuts and bolts of the system. The device that you have here has essentially wifi antennas on the back. >> Warren: Correct. >> Pull that up again if you would, please. >> Now I've seen this, just so people are clear, there are also paddle 5G antennas that go on the other side. >> Correct. >> That's sort of the connection from the 5G network that then gets transmogrified, technical term guys, into wifi so the devices that are physically connected to the brew vats, don't know what they're called. >> Fermentation tanks. >> Fermentation tanks, thank you. Those are wifi. That's a wifi signal that's going into this. Is that correct? >> Scott: No. >> No, it's not. >> It's a hard wire. >> Okay, okay. >> But, you're right. This particular gateway. >> It could be wifi if it's hard wire. >> It could be, yes. Could be any technology really. >> This particular gateway is not outfitted with 5G, but something that was very important in this application was to isolate the IT network, which is on wifi and physically connected from the OT network, which is the 5G connection. So we're sending the data directly from the gateway up to the cloud. The two partners that we worked with on this project were ifm, big sensor manufacturer that actually did the wired sensors into an industrial network called IO-Link. So they're physically wired into the gateway and then in the gateway we have a solution from our partner Telit that has deviceWISE software that actually takes the data in, runs the analytics on it, the logic, and then visualizes that data locally on those panels and also up to their cloud, which is what we're looking at. So they can look at it locally, they're in the plant and then up in the cloud on a phone or a tablet, whatever, when they're at home. >> We're talking about a small business here. I don't know how many employees they have, but it's not thousands. And I love that you're talking about an IT network and an OT network. And so they wanted, it is very common when we talk about industrial internet of things use cases, but we're talking about a tiny business here. >> Warren: Correct. >> They wanted to separate those networks because of cost, because of contention. Explain why. >> Yeah, just because, I mean, they're running their ERP system, their payroll, all of their kind of the way they run their business on their IT network and you don't want to have the same traffic out on the factory floor on that network, so it was pretty important. And the other thing is we really, one of the things that we didn't want to do in this project is interrupt their production process at all. So we installed this entire system in two days. They didn't have to shut down, they didn't have to stop. We didn't have to interrupt their process at all. It was like we were invisible there and we spun the thing up and within two days, very simple, easy, but tremendous value for their business. >> Talk about new markets here. I mean, it's like any company that's analog that needs to go digital. It's like 99% of the companies on the planet. What are you guys seeing out there in terms of the types of examples beyond breweries? >> Yeah, I could talk to that. So I spent a lot of time over the last couple years running my own little IoT company and a lot of it being in agriculture. So like in Washington state, 70% of the world's hops is actually grown in Washington state. It's my hometown. But in the Ag producing regions, there's lack of connectivity. So there's interest in private networks because the carriers aren't necessarily deploying it. But because we have the vast amount of hops there's a lot of IPAs, a lot of hoppy IPAs that come out of Seattle. And with that, there's a ton of craft breweries that are about the same size, some are a little larger. Anheuser-Busch and InBev and Heineken they've got great IoT platforms. They've done it. They're mass scale, they have to digitize. But the smaller shops, they don't, when we talk about IT/OT separation, they're not aware of that. They think it's just, I get local broadband and I get wifi and one hotspot inside my facility and it works. So a little bit of it was the education. I have got years in IT/OT security in my background so that education and we come forward with a solution that actually does that for them. And now they're aware of it. So now when they're asking questions of other vendors that are trying to sell them some type of solution, they're inherently aware of what should be done so they're not vulnerable to ransomware attacks, et cetera. So it's known as the Purdue Model. >> Well, what should they do? >> We came in and keep it completely separated and educated them because in the end too we'll build a design guide and a starter kit out of this that other brewers can use. Because I've toured dozens of breweries in Washington, the exact same scenario, analog gauges, analog process, very manual. And in the end, when you ask the brewer, what do they want out of this? It keeps them up at night because if the temperature goes out of range, because the chiller fails, >> They ruined. >> That's $30,000 lost in beer. That's a lot to a small business. However, it's also once they start digitizing the data and to Warren's point, it's read-only. We're not changing any of the process. We augmented on top of their existing systems. We didn't change their process. But now they have the ability to look at the data and see batch to batch consistency. Quality doesn't always mean best, it means consistency from batch to batch. Every beer from exhibit A from yesterday to two months from now of the same style of beer should be the same taste, flavor, boldness, et cetera. This is giving them the insights on it. >> It's like St. Louis Buds, when we were kids. We would buy the St. Louis Buds 'cause they tasted better than the Merrimack Buds. And then Budweiser made them all the same. >> Must be an East coast thing. >> It's an old guy thing, Dave. You weren't born yet. >> I was in high school. Yeah, I was in high school. >> We like the hops. >> We weren't 21. Do me a favor, clarify OT versus IT. It's something we talk about all the time, but not everyone's familiar with that separation. Define OT for me. >> It's really the factory floor. You got IT systems that are ERP systems, billing, you're getting your emails, stuff like that. Where the ransomware usually gets infected in. The OT side is the industrial control network. >> David: What's the 'O' stand for? >> Operation. >> David: Operation? >> Yeah, the operations side. >> 'Cause some people will think objects 'cause we think internet of things. >> The industrial operations, think of it that way. >> But in a sense those are things that are connected. >> And you think of that as they are the safety systems as well. So a machine, if someone doesn't push the stop button, you'd think if there's a lot of traffic on that network, it isn't guaranteed that that stop button actually stops that blade from coming down, someone's going to lose their arm. So it's very tied to safety, reliability, low latency. It is crafted in design that it never touches the internet inherently without having to go through a security gateway which is what we did. >> You mentioned the large companies like InBev, et cetera. You're saying they're already there. Are they not part of your target market? Or are there ways that you can help them? Is this really more of a small to mid-size company? >> For this particular solution, I think so, yeah. Because the cost to entry is low. I mean, you talk about InBev, they have millions of dollars of budgets to spend on OT. So they're completely automated from top to bottom. But these little craft brewers, which they're everywhere in the US. Vermont, Washington state, they're completely manual. A lot of these guys just started in their garage. And they just scaled up and they got a cult kind of following around their beers. One thing that we found here this week, when you talk around edge and 5G and beer, those things get people excited. In our booth we're serving beer, and all these kind of topics, it brings people together. >> And it lets the little guy compete more effectively with the big giants. >> Correct. >> And how do you do more with less as the little guy is kind of the big thing and to Warren's point, we have folks come up and say, "Great, this is for beer, but what about wine? What about the fermentation process of wine?" Same materials in the end. A vessel of some sort, maybe it's stainless steel. The clamps are the same, the sensors are the same. The parameters like temperature are key in any type of fermentation. We had someone talking about olive oil and using that. It's the same sanitary beverage style equipment. We grabbed sensors that were off the shelf and then we integrated them in and used the set of platforms that we could. How do we rapidly enable these guys at the lowest possible cost with stuff that's at the shelf. And there's four different companies in the solution. >> We were having a conversation with T-Mobile a little earlier and she mentioned the idea of this sounding scary. And this is a great example of showing that in fact, at a relatively small scale, this technology makes a lot of sense. So from that perspective, of course you can implement private 5G networks at an industrial scale with tens of millions of dollars of investment. But what about all of the other things below? And that seems to be a perfect example. >> Yeah, correct. And it's one of the things with the gateway and having flexibility the way Dell did a great job of putting really good modems in it. It had a wide spectrum range of what bands they support. So being able to say, at a larger facility, I mean, if Heineken wants to deploy something like this, oh, heck yeah, they probably could do it. And they might have a private 5G network, but let's say T-Mobile offers a private offering on their public via a slice. It's easy to connect that radio to it. You just change the sims. >> Is that how the CSPs fit here? How are they monetized? >> Yeah, correct. So one of our partners is T-Mobile and so we're working with them. We've got other telco partners that are coming on board in our lab. And so we'll do the same thing. We're going to take this back and put it in the lab and offer it up as others because the baseline building blocks or Lego blocks per se can be used in a bunch of different industries. It's really that starter point of giving folks the idea of what's possible. >> So small manufacturing, agriculture you mentioned, any other sort of use cases we should tune into? >> I think it's environmental monitoring, all of that stuff, I see it in IoT deployments all over the world. Just the simple starter kits 'cause a farmer doesn't want to get sold a solution, a platform, where he's got to hire a bunch of coders and partner with the big carriers. He just wants something that works. >> Another use case that we see a lot, a high cost in a lot of these places is the cost of energy. And a lot of companies don't know what they're spending on electricity. So a very simple energy monitoring system like that, it's a really good ROI. I'm going to spend five or $10,000 on a system like this, but I'm going to save $20,000 over a year 'cause I'm able to see, have visibility into that data. That's a lot of what this story's about, just giving visibility into the process. >> It's very cool, and like you said, it gets people excited. Is it a big market? How do you size it? Is it a big TAM? >> Yeah, so one thing that Dell brings to the table in this space is people are buying their laptops, their servers and whatnot from Dell and companies are comfortable in doing business with Dell because of our model direct to customer and whatnot. So our ability to bring a device like this to the OT space and have them have that same user experience they have with laptops and our client products in a ruggedized solution like this and bring a lot of partners to the table makes it easy for our customers to implement this across all kinds of industries. >> So we're talking to billions, tens of billions. Do we know how big this market is? What's the TAM? I mean, come on, you work for Dell. You have to do a TAM analysis. >> Yes, no, yeah. I mean, it really is in the billions. The market is huge for this one. I think we just tapped into it. We're kind of focused in on the brewery piece of it and the liquor piece of it, but the possibilities are endless. >> Yeah, that's tip of the spear. Guys, great story. >> It's scalable. I think the biggest thing, just my final feedback is working and partnering with Dell is we got something as small as this edge gateway that I can run a Packet Core on and run a 5G standalone node and then have one of the small little 5G radios out there. And I've got these deployed in a farm. Give the farmer an idea of what's possible, give him a unit on his tractor, and now he can do something that, we're providing connectivity he had never had before. But as we scale up, we've got the big brother to this. When we scale up from that, we got the telco size units that we can put. So it's very scalable. It's just a great suite of offerings. >> Yeah, outstanding. Guys, thanks for sharing the story. Great to have you on theCUBE. >> Good to be with you today. >> Stop by for beer later. >> You know it. All right, Dave Vellante for Dave Nicholson and the entire CUBE team, we're here live at the Fira in Barcelona MWC '23 day four. Keep it right there. (upbeat music)

>> From theCUBE Studios in Palo Alto in Boston, bringing you data-driven insights from theCUBE and ETR, this is Breaking Analysis with Dave Vellante. >> While never really meant to be a consumer tech event, the rapid ascendancy of smartphones sucked much of the air out of Mobile World Congress over the years, now MWC. And while the device manufacturers continue to have a major presence at the show, the maturity of intelligent devices, longer life cycles, and the disaggregation of the network stack, have put enterprise technologies front and center in the telco business. Semiconductor manufacturers, network equipment players, infrastructure companies, cloud vendors, software providers, and a spate of startups are eyeing the trillion dollar plus communications industry as one of the next big things to watch this decade. Hello, and welcome to this week's Wikibon CUBE Insights, powered by ETR. In this Breaking Analysis, we bring you part two of our ongoing coverage of MWC '23, with some new data on enterprise players specifically in large telco environments, a brief glimpse at some of the pre-announcement news and corresponding themes ahead of MWC, and some of the key announcement areas we'll be watching at the show on theCUBE. Now, last week we shared some ETR data that showed how traditional enterprise tech players were performing, specifically within the telecoms vertical. Here's a new look at that data from ETR, which isolates the same companies, but cuts the data for what ETR calls large telco. The N in this cut is 196, down from 288 last week when we included all company sizes in the dataset. Now remember the two dimensions here, on the y-axis is net score, or spending momentum, and on the x-axis is pervasiveness in the data set. The table insert in the upper left informs how the dots and companies are plotted, and that red dotted line, the horizontal line at 40%, that indicates a highly elevated net score. Now while the data are not dramatically different in terms of relative positioning, there are a couple of changes at the margin. So just going down the list and focusing on net score. Azure is comparable, but slightly lower in this sector in the large telco than it was overall. Google Cloud comes in at number two, and basically swapped places with AWS, which drops slightly in the large telco relative to overall telco. Snowflake is also slightly down by one percentage point, but maintains its position. Remember Snowflake, overall, its net score is much, much higher when measuring across all verticals. Snowflake comes down in telco, and relative to overall, a little bit down in large telco, but it's making some moves to attack this market that we'll talk about in a moment. Next are Red Hat OpenStack and Databricks. About the same in large tech telco as they were an overall telco. Then there's Dell next that has a big presence at MWC and is getting serious about driving 16G adoption, and new servers, and edge servers, and other partnerships. Cisco and Red Hat OpenShift basically swapped spots when moving from all telco to large telco, as Cisco drops and Red Hat bumps up a bit. And VMware dropped about four percentage points in large telco. Accenture moved up dramatically, about nine percentage points in big telco, large telco relative to all telco. HPE dropped a couple of percentage points. Oracle stayed about the same. And IBM surprisingly dropped by about five points. So look, I understand not a ton of change in terms of spending momentum in the large sector versus telco overall, but some deltas. The bottom line for enterprise players is one, they're just getting started in this new disruption journey that they're on as the stack disaggregates. Two, all these players have experience in delivering horizontal solutions, but now working with partners and identifying big problems to be solved, and three, many of these companies are generally not the fastest moving firms relative to smaller disruptive disruptors. Now, cloud has been an exception in fairness. But the good news for the legacy infrastructure and IT companies is that the telco transformation and the 5G buildout is going to take years. So it's moving at a pace that is very favorable to many of these companies. Okay, so looking at just some of the pre-announcement highlights that have hit the wire this week, I want to give you a glimpse of the diversity of innovation that is occurring in the telecommunication space. You got semiconductor manufacturers, device makers, network equipment players, carriers, cloud vendors, enterprise tech companies, software companies, startups. Now we've included, you'll see in this list, we've included OpeRAN, that logo, because there's so much buzz around the topic and we're going to come back to that. But suffice it to say, there's no way we can cover all the announcements from the 2000 plus exhibitors at the show. So we're going to cherry pick here and make a few call outs. Hewlett Packard Enterprise announced an acquisition of an Italian private cellular network company called AthoNet. Zeus Kerravala wrote about it on SiliconANGLE if you want more details. Now interestingly, HPE has a partnership with Solana, which also does private 5G. But according to Zeus, Solona is more of an out-of-the-box solution, whereas AthoNet is designed for the core and requires more integration. And as you'll see in a moment, there's going to be a lot of talk at the show about private network. There's going to be a lot of news there from other competitors, and we're going to be watching that closely. And while many are concerned about the P5G, private 5G, encroaching on wifi, Kerravala doesn't see it that way. Rather, he feels that these private networks are really designed for more industrial, and you know mission critical environments, like factories, and warehouses that are run by robots, et cetera. 'Cause these can justify the increased expense of private networks. Whereas wifi remains a very low cost and flexible option for, you know, whatever offices and homes. Now, over to Dell. Dell announced its intent to go hard after opening up the telco network with the announcement that in the second half of this year it's going to begin shipping its infrastructure blocks for Red Hat. Remember it's like kind of the converged infrastructure for telco with a more open ecosystem and sort of more flexible, you know, more mature engineered system. Dell has also announced a range of PowerEdge servers for a variety of use cases. A big wide line bringing forth its 16G portfolio and aiming squarely at the telco space. Dell also announced, here we go, a private wireless offering with airspan, and Expedo, and a solution with AthoNet, the company HPE announced it was purchasing. So I guess Dell and HPE are now partnering up in the private wireless space, and yes, hell is freezing over folks. We'll see where that relationship goes in the mid- to long-term. Dell also announced new lab and certification capabilities, which we said last week was going to be critical for the further adoption of open ecosystem technology. So props to Dell for, you know, putting real emphasis and investment in that. AWS also made a number of announcements in this space including private wireless solutions and associated managed services. AWS named Deutsche Telekom, Orange, T-Mobile, Telefonica, and some others as partners. And AWS announced the stepped up partnership, specifically with T-Mobile, to bring AWS services to T-Mobile's network portfolio. Snowflake, back to Snowflake, announced its telecom data cloud. Remember we showed the data earlier, it's Snowflake not as strong in the telco sector, but they're continuing to move toward this go-to market alignment within key industries, realigning their go-to market by vertical. It also announced that AT&T, and a number of other partners, are collaborating to break down data silos specifically in telco. Look, essentially, this is Snowflake taking its core value prop to the telco vertical and forming key partnerships that resonate in the space. So think simplification, breaking down silos, data sharing, eventually data monetization. Samsung previewed its future capability to allow smartphones to access satellite services, something Apple has previously done. AMD, Intel, Marvell, Qualcomm, are all in the act, all the semiconductor players. Qualcomm for example, announced along with Telefonica, and Erickson, a 5G millimeter network that will be showcased in Spain at the event this coming week using Qualcomm Snapdragon chipset platform, based on none other than Arm technology. Of course, Arm we said is going to dominate the edge, and is is clearly doing so. It's got the volume advantage over, you know, traditional Intel, you know, X86 architectures. And it's no surprise that Microsoft is touting its open AI relationship. You're going to hear a lot of AI talk at this conference as is AI is now, you know, is the now topic. All right, we could go on and on and on. There's just so much going on at Mobile World Congress or MWC, that we just wanted to give you a glimpse of some of the highlights that we've been watching. Which brings us to the key topics and issues that we'll be exploring at MWC next week. We touched on some of this last week. A big topic of conversation will of course be, you know, 5G. Is it ever going to become real? Is it, is anybody ever going to make money at 5G? There's so much excitement around and anticipation around 5G. It has not lived up to the hype, but that's because the rollout, as we've previous reported, is going to take years. And part of that rollout is going to rely on the disaggregation of the hardened telco stack, as we reported last week and in previous Breaking Analysis episodes. OpenRAN is a big component of that evolution. You know, as our RAN intelligent controllers, RICs, which essentially the brain of OpenRAN, if you will. Now as we build out 5G networks at massive scale and accommodate unprecedented volumes of data and apply compute-hungry AI to all this data, the issue of energy efficiency is going to be front and center. It has to be. Not only is it a, you know, hot political issue, the reality is that improving power efficiency is compulsory or the whole vision of telco's future is going to come crashing down. So chip manufacturers, equipment makers, cloud providers, everybody is going to be doubling down and clicking on this topic. Let's talk about AI. AI as we said, it is the hot topic right now, but it is happening not only in consumer, with things like ChatGPT. And think about the theme of this Breaking Analysis in the enterprise, AI in the enterprise cannot be ChatGPT. It cannot be error prone the way ChatGPT is. It has to be clean, reliable, governed, accurate. It's got to be ethical. It's got to be trusted. Okay, we're going to have Zeus Kerravala on the show next week and definitely want to get his take on private networks and how they're going to impact wifi. You know, will private networks cannibalize wifi? If not, why not? He wrote about this again on SiliconANGLE if you want more details, and we're going to unpack that on theCUBE this week. And finally, as always we'll be following the data flows to understand where and how telcos, cloud players, startups, software companies, disruptors, legacy companies, end customers, how are they going to make money from new data opportunities? 'Cause we often say in theCUBE, don't ever bet against data. All right, that's a wrap for today. Remember theCUBE is going to be on location at MWC 2023 next week. We got a great set. We're in the walkway in between halls four and five, right in Congress Square, stand CS-60. Look for us, we got a full schedule. If you got a great story or you have news, stop by. We're going to try to get you on the program. I'll be there with Lisa Martin, co-hosting, David Nicholson as well, and the entire CUBE crew, so don't forget to come by and see us. I want to thank Alex Myerson, who's on production and manages the podcast, and Ken Schiffman, as well, in our Boston studio. Kristen Martin and Cheryl Knight help get the word out on social media and in our newsletters. And Rob Hof is our editor-in-chief over at SiliconANGLE.com. He does some great editing. Thank you. All right, remember all these episodes they are available as podcasts wherever you listen. All you got to do is search Breaking Analysis podcasts. I publish each week on Wikibon.com and SiliconANGLE.com. All the video content is available on demand at theCUBE.net, or you can email me directly if you want to get in touch David.Vellante@SiliconANGLE.com or DM me @DVellante, or comment on our LinkedIn posts. And please do check out ETR.ai for the best survey data in the enterprise tech business. This is Dave Vellante for theCUBE Insights, powered by ETR. Thanks for watching. We'll see you next week at Mobile World Congress '23, MWC '23, or next time on Breaking Analysis. (bright music)

>> Hello and welcome to theCUBE's coverage of International Women's Day. I'm John Furrier, host of theCUBE. Got a variety of interviews across the gamut from topics, women in tech, mentoring, pipelining, developers, open source, executives. Stanford's having International Women's Day celebration with the women in data science, which we're streaming that live as well. Variety of programs. In this segment, Meagen Eisenberg, friend of theCUBE, she's the CMO of Laceworks, is an amazing executive, got a great journey story as a CMO but she's also actively advising startups, companies and really pays it forward. I want to say Meagen, thank you for coming on the program and thanks for sharing. >> Yeah, thank you for having me. I'm happy to be here. >> Well, we're going to get into some of the journey celebrations that you've gone through and best practice what you've learned is pay that forward. But I got to say, one of the things that really impresses me about you as an executive is you get stuff done. You're a great CMO but also you're advised a lot of companies, you have a lot of irons in the fires and you're advising companies and sometimes they're really small startups to bigger companies, and you're paying it forward, which I love. That's kind of the spirit of this day. >> Yeah, I mean, I agree with you. When I think about my career, a lot of it was looking to mentors women out in the field. This morning I was at a breakfast by Eileen and we had the CEO of General Motors on, and she was talking about her journey nine years as a CEO. And you know, and she's paying it forward with us. But I think about, you know, when you're advising startups, you know, I've gathered knowledge and pattern recognition and to be able to share that is, you know, I enjoy it. >> Yeah. And the startups are also fun too, but it's not always easy and it can get kind of messy as you know. Some startups don't make it some succeed and it's always like the origination story is kind of rewritten and then that's that messy middle. And then it's like that arrows that don't look like a straight line but everyone thinks it's great and you know, it's not for the faint of heart. And Teresa Carlson, who I've interviewed many times, former Amazon, now she's the president of Flexport, she always says, sometimes startups on certain industries aren't for the faint of heart so you got to have a little bit of metal, right? You got to be tough. And some cases that you don't need that, but startups, it's not always easy. What have you learned? >> Yeah, I mean, certainly in the startup world, grit, creativity. You know, when I was at TripActions travel company, pandemic hits, nobody's traveling. You cut budget, you cut heads, but you focus on the core, right? You focus on what you need to survive. And creativity, I think, wins. And, you know, as a CMO when you're marketing, how do you get through that noise? Even the security space, Lacework, it's a fragmented market. You've got to be differentiated and position yourself and you know, be talking to the right target audience and customers. >> Talk about your journey over the years. What have you learned? What's some observations? Can you share any stories and best practices that someone watching could learn from? I know there's a lot of people coming into the tech space with the generative AI things going on in Cloud computing, scaling to the edge, there's a lot more aperture for technical jobs as well as just new roles and new roles that haven't, you really don't go to college for anymore. You got cybersecurity you're in. What are some of the things that you've done over your career if you can share and some best practices? >> Yeah, I think number one, continual learning. When I look through my career, I was constantly reading, networking. Part of the journey is who you're meeting along the way. As you become more senior, your ability to hire and bring in talent matters a lot. I'm always trying to meet with new people. Yeah, if I look at my Amazon feed of books I've bought, right, it kind of chronicle of my history of things I was learning about. Right now I'm reading a lot about cybersecurity, how the, you know, how how they tell me the world ends is the one I'm reading most recently. But you've got to come up to speed and then know the product, get in there and talk to customers. Certainly on the marketing front, anytime I can talk with the customer and find out how they're using us, why they love us, that, you know, helps me better position and differentiate our company. >> By the way, that book is amazing. I saw Nicole speak on Tuesday night with John Markoff and Palo Alto here. What a great story she told there. I recommend that book to everyone. It goes in and she did eight years of research into that book around zero day marketplaces to all the actors involved in security. And it was very interesting. >> Yeah, I mean, it definitely wakes you up, makes you think about what's going on in the world. Very relevant. >> It's like, yeah, it was happening all the time, wasn't it. All the hacking. But this brings me, this brings up an interesting point though, because you're in a cybersecurity area, which by the way, it's changing very fast. It's becoming a bigger industry. It's not just male dominated, although it is now, it's still male dominated, but it's becoming much more and then just tech. >> Yeah, I mean it's a constantly evolving threat landscape and we're learning, and I think more than ever you need to be able to use the data that companies have and, you know, learn from it. That's one of the ways we position ourselves. We're not just about writing rules that won't help you with those zero day attacks. You've got to be able to understand your particular environment and at any moment if it changes. And that's how we help you detect a threat. >> How is, how are things going with you? Is there any new things you guys got going on? Initiatives or programs for women in tech and increasing the range of diversity inclusion in the industry? Because again, this industry's getting much wider too. It's not just specialized, it's also growing. >> Yes, actually I'm excited. We're launching secured by women, securedbywomen.com and it's very much focused on women in the industry, which some studies are showing it's about 25% of security professionals are women. And we're going to be taking nominations and sponsoring women to go to upcoming security events. And so excited to launch that this month and really celebrate women in security and help them, you know, part of that continual learning that I talked about, making sure they're there learning, having the conversations at the conferences, being able to network. >> I have to ask you, what inspired you to pursue the career in tech? What was the motivation? >> You know, if I think way back, originally I wanted to be on the art side and my dad said, "You can do anything as long as it's in the sciences." And so in undergrad I did computer science and MIS. Graduated with MIS and computer science minor. And when I came out I was a IT engineer at Cisco and you know, that kind of started my journey and decided to go back and get my MBA. And during that process I fell in love with marketing and I thought, okay, I understand the buyer, I can come out and market technology to the IT world and developers. And then from there went to several tech companies. >> I mean my father was an engineer. He had the same kind of thing. You got to be an engineer, it's a steady, stable job. But that time, computer science, I mean we've seen the evolution of computer science now it's the most popular degree at Berkeley we've heard and around the world and the education formats are changing. You're seeing a lot of people's self-training on YouTube. The field has really changed. What are some of the challenges you see for folks trying to get into the industry and how would you advise today if you were talking to your young self, what would you, what would be the narrative? >> Yeah, I mean my drawback then was HTML pages were coming out and I thought it would be fun to design, you know, webpages. So you find something you're passionate about in the space today, whether it's gaming or it's cybersecurity. Go and be excited about it and apply and don't give up, right? Do whatever you can to read and learn. And you're right, there are a ton of online self-help. I always try to hire women and people who are continual learners and are teaching themselves something. And I try to find that in an interview to know that they, because when you come to a business, you're there to solve problems and challenges. And the folks that can do that and be innovative and learn, those are the ones I want on my team. >> It's interesting, you know, technology is now impacting society and we need everyone involved to participate and give requirements. And that kind of leads my next question for you is, like, in your opinion, or let me just step back, let me rephrase. What are some of the things that you see technology being used for, for society right now that will impact people's lives? Because this is not a gender thing. We need everybody involved 'cause society is now digital. Technology's pervasive. The AI trends now we're seeing is clearly unmasking to the mainstream that there's some cool stuff happening. >> Yeah, I mean, I think ChatGPT, think about that. All the different ways we're using it we're writing content and marketing with it. We're, you know, I just read an article yesterday, folks are using it to write children's stories and then selling those stories on Amazon, right? And the amount that they can produce with it. But if you think about it, there's unlimited uses with that technology and you've got all the major players getting involved on it. That one major launch and piece of technology is going to transform us in the next six months to a year. And it's the ability to process so much data and then turn that into just assets that we use and the creativity that's building on top of it. Even TripActions has incorporated ChatGPT into your ability to figure out where you want when you're traveling, what's happening in that city. So it's just, you're going to see that incorporated everywhere. >> I mean we've done an interview before TripAction, your other company you were at. Interesting point you don't have to type in a box to say, I'm traveling, I want a hotel. You can just say, I'm going to Barcelona for Mobile World Congress, I want to have a good time. I want some tapas and a nice dinner out. >> Yes. Yeah. That easy. We're making it easy. >> It's efficiency. >> And actually I was going to say for women specifically, I think the reason why we can do so much today is all the technology and apps that we have. I think about DoorDash, I think about Waze you know, when I was younger you had to print out instructions. Now I get in the car real quick, I need to go to soccer practice, I enter it, I need to pick them up at someone's house. I enter it. It's everything's real time. And so it takes away all the things that I don't add value to and allows me to focus on what I want in business. And so there's a bunch of, you know, apps out there that have allowed me to be so much more efficient and productive that my mother didn't have for sure when I was growing up. >> That is an amazing, I think that actually illustrates, in my opinion, the best example of ChatGPT because the maps and GPS integration were two techs, technologies merged together that replace driving and looking at the map. You know, like how do you do that? Like now it's automatically. This is what's going to happen to creative, to writing, to ideation. I even heard Nicole from her book read said that they're using ChatGPT to write zero day exploits. So you seeing it... >> That's scary stuff. You're right. >> You're seeing it everywhere. Super exciting. Well, I got to ask you before you get into some of the Lacework things that you're involved with, cause I think you're doing great work over there is, what was the most exciting projects you've worked on in your career? You came in Cisco, very technical company, so got the technical chops, CSMIS which stands for Management of Information Science for all the young people out there, that was the state of the art back then. What are some of the exciting things you've done? >> Yeah, I mean, I think about, I think about MongoDB and learning to market to developers. Taking the company public in 2017. Launching Atlas database as a service. Now there's so much more of that, you know, the PLG motion, going to TripActions, you know, surviving a pandemic, still being able to come out of that and all the learnings that went with it. You know, they recently, I guess rebranded, so they're Navan now. And then now back in the security space, you know, 14 years ago I was at ArcSite and we were bought by HP. And so getting back into the security world is exciting and it's transformed a ton as you know, it's way more complicated than it was. And so just understanding the pain of our customers and how we protect them as is fun. And I like, you know, being there from a marketing standpoint. >> Well we really appreciate you coming on and sharing that. I got to ask you, for folks watching they might be interested in some advice that you might have for them and their career in tech. I know a lot of young people love the tech. It's becoming pervasive in our lives, as we mentioned. What advice would you give for folks watching that want to start a career in tech? >> Yeah, so work hard, right? Study, network, your first job, be the best at it because every job after that you get pulled into a network. And every time I move, I'm hiring people from the last job, two jobs before, three jobs before. And I'm looking for people that are working hard, care, you know, are continual learners and you know, add value. What can you do to solve problems at your work and add value? >> What's your secret networking hack or growth hack or tip that you can share? Because you're a great networker by the way. You're amazing and you do add a lot of value. I've seen you in action. >> Well, I try never to eat alone. I've got breakfast, I've got lunch, I've got coffee breaks and dinner. And so when I'm at work, I try and always sit and eat with a team member, new group. If I'm out on the road, I'm, you know, meeting people for lunch, going for dinner, just, you know, don't sit at your desk by yourself and don't sit in the hotel room. Get out and meet with people. >> What do you think about now that we're out of the pandemic or somewhat out of the pandemic so to speak, events are back. >> Yes. >> RSA is coming up. It's a big event. The bigger events are getting bigger and then the other events are kind of smaller being distributed. What's your vision of how events are evolving? >> Yeah, I mean, you've got to be in person. Those are the relationships. Right now more than ever people care about renewals and you are building that rapport. And if you're not meeting with your customers, your competitors are. So what I would say is get out there Lacework, we're going to be at RSA, we're going to be at re:Inforce, we're going to be at all of these events, building relationships, you know, coffee, lunch, and yeah, I think the future of events are here to stay and those that don't embrace in person are going to give up business. They're going to lose market share to us. >> And networking is obviously very key on events as well. >> Yes. >> A good opportunity as always get out to the events. What's the event networking trick or advice do you give folks that are going to get out to the networking world? >> Yeah, schedule ahead of time. Don't go to an event and expect people just to come by for great swag. You should be partnering with your sales team and scheduling ahead of time, getting on people's calendars. Don't go there without having 100 or 200 meetings already booked. >> Got it. All right. Let's talk about you, your career. You're currently at Lacework. It's a very hot company in a hot field, security, very male dominated, you're a leader there. What's it like? What's the strategies? How does a woman get in there and be successful? What are some tricks, observations, any data you can share? What's the best practice? What's the secret sauce from Meagen Eisenberg? >> Yes. Yeah, for Meagen Eisenberg. For Lacework, you know, we're focused on our customers. There's nothing better than getting, being close to them, solving their pain, showcasing them. So if you want to go into security, focus on their, the issues and their problems and make sure they're aware of what you're delivering. I mean, we're focused on cloud security and we go from build time to run time. And that's the draw for me here is we had a lot of, you know, happy, excited customers by what we were doing. And what we're doing is very different from legacy security providers. And it is tapping into the trend of really understanding how much data you have and what's happening in the data to detect the anomalies and the threats that are there. >> You know, one of the conversations that I was just having with a senior leader, she was amazing and I asked her what she thought of the current landscape, the job market, the how to get promoted through the careers, all those things. And the response was interesting. I want to get your reaction. She said interdisciplinary skills are critical. And now more than ever, the having that, having a set of skills, technical and social and emotional are super valuable. Do you agree? What's your reaction to that and what would, how would you reframe that? >> Yeah, I mean, I completely agree. You can't be a leader without balance. You've got to know your craft because you're developing and training your team, but you also need to know the, you know, how to build relationships. You're not going to be successful as a C-level exec if you're not partnering across the functions. As a CMO I need to partner with product, I need to partner with the head of sales, I need to partner with finance. So those relationships matter a ton. I also need to attract the right talent. I want to have solid people on the team. And what I will say in the security, cybersecurity space, there's a talent shortage and you cannot hire enough people to protect your company in that space. And that's kind of our part of it is we reduce the number of alerts that you're getting. So you don't need hundreds of people to detect an issue. You're using technology to show, you know, to highlight the issue and then your team can focus on those alerts that matter. >> Yeah, there's a lot of emerging markets where leveling up and you don't need pedigree. You can just level up skill-wise pretty quickly. Which brings me to the next question for you is how do you keep up with all the tech day-to-day and how should someone watching stay on top of it? Because I mean, you got to be on top of this stuff and you got to ride the wave. It's pretty turbulent, but it's still growing and changing. >> Yeah, it's true. I mean, there's a lot of reading. I'm watching the news. Anytime something comes out, you know, ChatGPT I'm playing with it. I've got a great network and sharing. I'm on, you know, LinkedIn reading articles all the time. I have a team, right? Every time I hire someone, they bring new information and knowledge in and I'm you know, Cal Poly had this learn by doing that was the philosophy at San Luis Obispo. So do it. Try it, don't be afraid of it. I think that's the advice. >> Well, I love some of the points you mentioned community and network. You mentioned networking. That brings up the community question, how could people get involved? What communities are out there? How should they approach communities? 'Cause communities are also networks, but also they're welcoming people in that form networks. So it's a network of networks. So what's your take on how to engage and work with communities? How do you find your tribe? If someone's getting into the business, they want support, they might want technology learnings, what's your approach? >> Yeah, so a few, a few different places. One, I'm part of the operator collective, which is a strong female investment group that's open and works a lot with operators and they're in on the newest technologies 'cause they're investing in it. Chief I think is a great organization as well. You've got a lot of, if you're in marketing, there's a ton of CMO networking events that you can go to. I would say any field, even for us at Lacework, we've got some strong CISO networks and we do dinners around you know, we have one coming up in the Bay area, in Boston, New York, and you can come and meet other CISOs and security leaders. So when I get an invite and you know we all do, I will go to it. I'll carve out the time and meet with others. So I think, you know, part of the community is get out there and, you know, join some of these different groups. >> Meagen, thank you so much for spending the time. Final question for you. How do you see the future of tech evolving and how do you see your role in it? >> Yeah, I mean, marketing's changing wildly. There's so many different channels. You think about all the social media channels that have changed over the last five years. So when I think about the future of tech, I'm looking at apps on my phone. I have three daughters, 13, 11, and 8. I'm telling you, they come to me with new apps and new technology all the time, and I'm paying attention what they're, you know, what they're participating in and what they want to be a part of. And certainly it's going to be a lot more around the data and AI. I think we're only at the beginning of that. So we will continue to, you know, learn from it and wield it and deal with the mass amount of data that's out there. >> Well, you saw TikTok just got banned by the European Commission today around their staff. Interesting times. >> It is. >> Meagen, thank you so much as always. You're a great tech athlete. Been following your career for a while, a long time. You're an amazing leader. Thank you for sharing your story here on theCUBE, celebration of International Women's Day. Every day is IWD and thanks for coming on. >> Thank you for having me. >> Okay. I'm John Furrier here in theCUBE Studios in Palo Alto. Thank you for watching, more to come stay with us. (bright music)

>> From the Cube Studios in Palo Alto in Boston, bringing you data-driven insights from The Cube and ETR. This is "Breaking Analysis" with Dave Vellante. >> The world's leading telcos are trying to shed the stigma of being monopolies lacking innovation. Telcos have been great at operational efficiency and connectivity and living off of transmission, and the costs and expenses or revenue associated with that transmission. But in a world beyond telephone poles and basic wireless and mobile services, how will telcos modernize and become more agile and monetize new opportunities brought about by 5G and private wireless and a spate of new innovations and infrastructure, cloud data and apps? Hello, and welcome to this week's Wikibon CUBE Insights powered by ETR. In this breaking analysis and ahead of Mobile World Congress or now, MWC23, we explore the evolution of the telco business and how the industry is in many ways, mimicking transformations that took place decades ago in enterprise IT. We'll model some of the traditional enterprise vendors using ETR data and investigate how they're faring in the telecommunications sector, and we'll pose some of the key issues facing the industry this decade. First, let's take a look at what the GSMA has in store for MWC23. GSMA is the host of what used to be called Mobile World Congress. They've set the theme for this year's event as "Velocity" and they've rebranded MWC to reflect the fact that mobile technology is only one part of the story. MWC has become one of the world's premier events highlighting innovations not only in Telco, mobile and 5G, but the collision between cloud, infrastructure, apps, private networks, smart industries, machine intelligence, and AI, and more. MWC comprises an enormous ecosystem of service providers, technology companies, and firms from virtually every industry including sports and entertainment. And as well, GSMA, along with its venue partner at the Fira Barcelona, have placed a major emphasis on sustainability and public and private partnerships. Virtually every industry will be represented at the event because every industry is impacted by the trends and opportunities in this space. GSMA has said it expects 80,000 attendees at MWC this year, not quite back to 2019 levels, but trending in that direction. Of course, attendance from Chinese participants has historically been very high at the show, and obviously the continued travel issues from that region are affecting the overall attendance, but still very strong. And despite these concerns, Huawei, the giant Chinese technology company. has the largest physical presence of any exhibitor at the show. And finally, GSMA estimates that more than $300 million in economic benefit will result from the event which takes place at the end of February and early March. And The Cube will be back at MWC this year with a major presence thanks to our anchor sponsor, Dell Technologies and other supporters of our content program, including Enterprise Web, ArcaOS, VMware, Snowflake, Cisco, AWS, and others. And one of the areas we're interested in exploring is the evolution of the telco stack. It's a topic that's often talked about and one that we've observed taking place in the 1990s when the vertically integrated IBM mainframe monopoly gave way to a disintegrated and horizontal industry structure. And in many ways, the same thing is happening today in telecommunications, which is shown on the left-hand side of this diagram. Historically, telcos have relied on a hardened, integrated, and incredibly reliable, and secure set of hardware and software services that have been fully vetted and tested, and certified, and relied upon for decades. And at the top of that stack on the left are the crown jewels of the telco stack, the operational support systems and the business support systems. For the OSS, we're talking about things like network management, network operations, service delivery, quality of service, fulfillment assurance, and things like that. For the BSS systems, these refer to customer-facing elements of the stack, like revenue, order management, what products they sell, billing, and customer service. And what we're seeing is telcos have been really good at operational efficiency and making money off of transport and connectivity, but they've lacked the innovation in services and applications. They own the pipes and that works well, but others, be the over-the-top content companies, or private network providers and increasingly, cloud providers have been able to bypass the telcos, reach around them, if you will, and drive innovation. And so, the right-most diagram speaks to the need to disaggregate pieces of the stack. And while the similarities to the 1990s in enterprise IT are greater than the differences, there are things that are different. For example, the granularity of hardware infrastructure will not likely be as high where competition occurred back in the 90s at every layer of the value chain with very little infrastructure integration. That of course changed in the 2010s with converged infrastructure and hyper-converged and also software defined. So, that's one difference. And the advent of cloud, containers, microservices, and AI, none of that was really a major factor in the disintegration of legacy IT. And that probably means that disruptors can move even faster than did the likes of Intel and Microsoft, Oracle, Cisco, and the Seagates of the 1990s. As well, while many of the products and services will come from traditional enterprise IT names like Dell, HPE, Cisco, Red Hat, VMware, AWS, Microsoft, Google, et cetera, many of the names are going to be different and come from traditional network equipment providers. These are names like Ericsson and Huawei, and Nokia, and other names, like Wind River, and Rakuten, and Dish Networks. And there are enormous opportunities in data to help telecom companies and their competitors go beyond telemetry data into more advanced analytics and data monetization. There's also going to be an entirely new set of apps based on the workloads and use cases ranging from hospitals, sports arenas, race tracks, shipping ports, you name it. Virtually every vertical will participate in this transformation as the industry evolves its focus toward innovation, agility, and open ecosystems. Now remember, this is not a binary state. There are going to be greenfield companies disrupting the apple cart, but the incumbent telcos are going to have to continue to ensure newer systems work with their legacy infrastructure, in their OSS and BSS existing systems. And as we know, this is not going to be an overnight task. Integration is a difficult thing, transformations, migrations. So that's what makes this all so interesting because others can come in with Greenfield and potentially disrupt. There'll be interesting partnerships and ecosystems will form and coalitions will also form. Now, we mentioned that several traditional enterprise companies are or will be playing in this space. Now, ETR doesn't have a ton of data on specific telecom equipment and software providers, but it does have some interesting data that we cut for this breaking analysis. What we're showing here in this graphic is some of the names that we've followed over the years and how they're faring. Specifically, we did the cut within the telco sector. So the Y-axis here shows net score or spending velocity. And the horizontal axis, that shows the presence or pervasiveness in the data set. And that table insert in the upper left, that informs as to how the dots are plotted. You know, the two columns there, net score and the ends. And that red-dotted line, that horizontal line at 40%, that is an indicator of a highly elevated level. Anything above that, we consider quite outstanding. And what we'll do now is we'll comment on some of the cohorts and share with you how they're doing in telecommunications, and that sector, that vertical relative to their position overall in the data set. Let's start with the public cloud players. They're prominent in every industry. Telcos, telecommunications is no exception and it's quite an interesting cohort here. On the one hand, they can help telecommunication firms modernize and become more agile by eliminating the heavy lifting and you know, all the cloud, you know, value prop, data center costs, and the cloud benefits. At the same time, public cloud players are bringing their services to the edge, building out their own global networks and are a disruptive force to traditional telcos. All right, let's talk about Azure first. Their net score is basically identical to telco relative to its overall average. AWS's net score is higher in telco by just a few percentage points. Google Cloud platform is eight percentage points higher in telco with a 53% net score. So all three hyperscalers have an equal or stronger presence in telco than their average overall. Okay, let's look at the traditional enterprise hardware and software infrastructure cohort. Dell, Cisco, HPE, Red Hat, VMware, and Oracle. We've highlighted in this chart just as sort of indicators or proxies. Dell's net score's 10 percentage points higher in telco than its overall average. Interesting. Cisco's is a bit higher. HPE's is actually lower by about nine percentage points in the ETR survey, and VMware's is lower by about four percentage points. Now, Red Hat is really interesting. OpenStack, as we've previously reported is popular with telcos who want to build out their own private cloud. And the data shows that Red Hat OpenStack's net score is 15 percentage points higher in the telco sector than its overall average. OpenShift, on the other hand, has a net score that's four percentage points lower in telco than its overall average. So this to us talks to the pace of adoption of microservices and containers. You know, it's going to happen, but it's going to happen more slowly. Finally, Oracle's spending momentum is somewhat lower in the sector than its average, despite the firm having a decent telco business. IBM and Accenture, heavy services companies are both lower in this sector than their average. And real quickly, snowflake's net score is much lower by about 12 percentage points relative to its very high average net score of 62%. But we look for them to be a player in this space as telcos need to modernize their analytics stack and share data in a governed manner. Databricks' net score is also much lower than its average by about 13 points. And same, I would expect them to be a player as open architectures and cloud gains steam in telco. All right, let's close out now on what we're going to be talking about at MWC23 and some of the key issues that we'll be unpacking. We've talked about stack disaggregation in this breaking analysis, but the key here will be the pace at which it will reach the operational efficiency and reliability of closed stacks. Telcos, you know, in a large part, they're engineering heavy firms and much of their work takes place, kind of in the basement, in the dark. It's not really a big public hype machine, and they tend to move slowly and cautiously. While they understand the importance of agility, they're going to be careful because, you know, it's in their DNA. And so at the same time, if they don't move fast enough, they're going to get hurt and disrupted by competitors. So that's going to be a topic of conversation, and we'll be looking for proof points. And the other comment I'll make is around integration. Telcos because of their conservatism will benefit from better testing and those firms that can innovate on the testing front and have labs and certifications and innovate at that level, with an ecosystem are going to be in a better position. Because open sometimes means wild west. So the more players like Dell, HPE, Cisco, Red Hat, et cetera, that do that and align with their ecosystems and provide those resources, the faster adoption is going to go. So we'll be looking for, you know, who's actually doing that, Open RAN or Radio Access Networks. That fits in this discussion because O-RAN is an emerging network architecture. It essentially enables the use of open technologies from an ecosystem and over time, look at O-RAN is going to be open, but the questions, you know, a lot of questions remain as to when it will be able to deliver the operational efficiency of traditional RAN. Got some interesting dynamics going on. Rakuten is a company that's working hard on this problem, really focusing on operational efficiency. Then you got Dish Networks. They're also embracing O-RAN. They're coming at it more from service innovation. So that's something that we'll be monitoring and unpacking. We're going to look at cloud as a disruptor. On the one hand, cloud can help drive agility, as we said earlier and optionality, and innovation for incumbent telcos. But the flip side is going to also do the same for startups trying to disrupt and cloud attracts startups. While some of the telcos are actually embracing the cloud, many are being cautious. So that's going to be an interesting topic of discussion. And there's private wireless networks and 5G, and hyperlocal private networks, they're being deployed, you know, at the edge. This idea of open edge is also a really hot topic and this trend is going to accelerate. You know, the importance here is that the use cases are going to be widely varied. The needs of a hospital are going to be different than those of a sports venue are different from a remote drilling location, and energy or a concert venue. Things like real-time AI inference and data flows are going to bring new services and monetization opportunities. And many firms are going to be bypassing traditional telecommunications networks to build these out. Satellites as well, we're going to see, you know, in this decade, you're going to have, you're going to look down at Google Earth and you're going to see real-time. You know, today you see snapshots and so, lots of innovations going in that space. So how is this going to disrupt industries and traditional industry structures? Now, as always, we'll be looking at data angles, right? 'Cause it's in The Cube's DNA to follow the data and what opportunities and risks data brings. The Cube is going to be on location at MWC23 at the end of the month. We got a great set. We're in the walkway between halls four and five, right in Congress Square, it's booths CS60. So we'll have a full, they're called Stan CS60. We have a full schedule. I'm going to be there with Lisa Martin, Dave Nicholson and the entire Cube crew, so don't forget to stop by. All right, that's a wrap. I want to thank Alex Myerson, who's on production and manages the podcast, Ken Schiffman as well. Kristin Martin and Cheryl Knight help get the word out on social media and in our newsletters. And Rob Hof is our editor-in-chief over at Silicon Angle, does some great stuff for us. Thank you all. Remember, all these episodes are available as podcasts. Wherever you listen, just search "Breaking Analysis" podcasts I publish each week on wikibon.com and silicon angle.com. And all the video content is available on demand at thecube.net. You can email me directly at david.vellante@silicon angle.com. You can DM me at dvellante or comment on my LinkedIn post. Please do check out etr.ai for the best survey data in the enterprise tech business. This is Dave Vellante for The Cube Insights powered by ETR. Thanks for watching and we'll see you at Mobile World Congress, and/or at next time on "Breaking Analysis." (bright music) (bright music fades)

>> From theCUBE studios in Palo Alto in Boston, bringing you data-driven insights from theCUBE and ETR. This is Breaking Analysis with Dave Vellante. >> Confidential computing is a technology that aims to enhance data privacy and security by providing encrypted computation on sensitive data and isolating data from apps in a fenced off enclave during processing. The concept of confidential computing is gaining popularity, especially in the cloud computing space where sensitive data is often stored and of course processed. However, there are some who view confidential computing as an unnecessary technology in a marketing ploy by cloud providers aimed at calming customers who are cloud phobic. Hello and welcome to this week's Wikibon CUBE Insights powered by ETR. In this Breaking Analysis, we revisit the notion of confidential computing, and to do so, we'll invite two Google experts to the show, but before we get there, let's summarize briefly. There's not a ton of ETR data on the topic of confidential computing. I mean, it's a technology that's deeply embedded into silicon and computing architectures. But at the highest level, security remains the number one priority being addressed by IT decision makers in the coming year as shown here. And this data is pretty much across the board by industry, by region, by size of company. I mean we dug into it and the only slight deviation from the mean is in financial services. The second and third most cited priorities, cloud migration and analytics, are noticeably closer to cybersecurity in financial services than in other sectors, likely because financial services has always been hyper security conscious, but security is still a clear number one priority in that sector. The idea behind confidential computing is to better address threat models for data in execution. Protecting data at rest and data and transit have long been a focus of security approaches, but more recently, silicon manufacturers have introduced architectures that separate data and applications from the host system. Arm, Intel, AMD, Nvidia and other suppliers are all on board, as are the big cloud players. Now the argument against confidential computing is that it narrowly focuses on memory encryption and it doesn't solve the biggest problems in security. Multiple system images updates different services and the entire code flow aren't directly addressed by memory encryption, rather to truly attack these problems, many believe that OSs need to be re-engineered with the attacker and hacker in mind. There are so many variables and at the end of the day, critics say the emphasis on confidential computing made by cloud providers is overstated and largely hype. This tweet from security researcher Rodrigo Branco sums up the sentiment of many skeptics. He says, "Confidential computing is mostly a marketing campaign for memory encryption. It's not driving the industry towards the hard open problems. It is selling an illusion." Okay. Nonetheless, encrypting data in use and fencing off key components of the system isn't a bad thing, especially if it comes with the package essentially for free. There has been a lack of standardization and interoperability between different confidential computing approaches. But the confidential computing consortium was established in 2019 ostensibly to accelerate the market and influence standards. Notably, AWS is not part of the consortium, likely because the politics of the consortium were probably a conundrum for AWS because the base technology defined by the the consortium is seen as limiting by AWS. This is my guess, not AWS's words, and but I think joining the consortium would validate a definition which AWS isn't aligned with. And two, it's got a lead with this Annapurna acquisition. This was way ahead with Arm integration and so it probably doesn't feel the need to validate its competitors. Anyway, one of the premier members of the confidential computing consortium is Google, along with many high profile names including Arm, Intel, Meta, Red Hat, Microsoft, and others. And we're pleased to welcome two experts on confidential computing from Google to unpack the topic, Nelly Porter is head of product for GCP confidential computing and encryption, and Dr. Patricia Florissi is the technical director for the office of the CTO at Google Cloud. Welcome Nelly and Patricia, great to have you. >> Great to be here. >> Thank you so much for having us. >> You're very welcome. Nelly, why don't you start and then Patricia, you can weigh in. Just tell the audience a little bit about each of your roles at Google Cloud. >> So I'll start, I'm owning a lot of interesting activities in Google and again security or infrastructure securities that I usually own. And we are talking about encryption and when encryption and confidential computing is a part of portfolio in additional areas that I contribute together with my team to Google and our customers is secure software supply chain. Because you need to trust your software. Is it operate in your confidential environment to have end-to-end story about if you believe that your software and your environment doing what you expect, it's my role. >> Got it. Okay. Patricia? >> Well, I am a technical director in the office of the CTO, OCTO for short, in Google Cloud. And we are a global team. We include former CTOs like myself and senior technologists from large corporations, institutions and a lot of success, we're startups as well. And we have two main goals. First, we walk side by side with some of our largest, more strategic or most strategical customers and we help them solve complex engineering technical problems. And second, we are devise Google and Google Cloud engineering and product management and tech on there, on emerging trends and technologies to guide the trajectory of our business. We are unique group, I think, because we have created this collaborative culture with our customers. And within OCTO, I spend a lot of time collaborating with customers and the industry at large on technologies that can address privacy, security, and sovereignty of data in general. >> Excellent. Thank you for that both of you. Let's get into it. So Nelly, what is confidential computing? From Google's perspective, how do you define it? >> Confidential computing is a tool and it's still one of the tools in our toolbox. And confidential computing is a way how we would help our customers to complete this very interesting end-to-end lifecycle of the data. And when customers bring in the data to cloud and want to protect it as they ingest it to the cloud, they protect it at rest when they store data in the cloud. But what was missing for many, many years is ability for us to continue protecting data and workloads of our customers when they running them. And again, because data is not brought to cloud to have huge graveyard, we need to ensure that this data is actually indexed. Again, there is some insights driven and drawn from this data. You have to process this data and confidential computing here to help. Now we have end to end protection of our customer's data when they bring the workloads and data to cloud, thanks to confidential computing. >> Thank you for that. Okay, we're going to get into the architecture a bit, but before we do, Patricia, why do you think this topic of confidential computing is such an important technology? Can you explain, do you think it's transformative for customers and if so, why? >> Yeah, I would maybe like to use one thought, one way, one intuition behind why confidential commuting matters, because at the end of the day, it reduces more and more the customer's thresh boundaries and the attack surface. That's about reducing that periphery, the boundary in which the customer needs to mind about trust and safety. And in a way, is a natural progression that you're using encryption to secure and protect the data. In the same way that we are encrypting data in transit and at rest, now we are also encrypting data while in use. And among other beneficials, I would say one of the most transformative ones is that organizations will be able to collaborate with each other and retain the confidentiality of the data. And that is across industry, even though it's highly focused on, I wouldn't say highly focused, but very beneficial for highly regulated industries. It applies to all of industries. And if you look at financing for example, where bankers are trying to detect fraud, and specifically double finance where you are, a customer is actually trying to get a finance on an asset, let's say a boat or a house, and then it goes to another bank and gets another finance on that asset. Now bankers would be able to collaborate and detect fraud while preserving confidentiality and privacy of the data. >> Interesting. And I want to understand that a little bit more but I'm going to push you a little bit on this, Nelly, if I can because there's a narrative out there that says confidential computing is a marketing ploy, I talked about this upfront, by cloud providers that are just trying to placate people that are scared of the cloud. And I'm presuming you don't agree with that, but I'd like you to weigh in here. The argument is confidential computing is just memory encryption and it doesn't address many other problems. It is over hyped by cloud providers. What do you say to that line of thinking? >> I absolutely disagree, as you can imagine, with this statement, but the most importantly is we mixing multiple concepts, I guess. And exactly as Patricia said, we need to look at the end-to-end story, not again the mechanism how confidential computing trying to again, execute and protect a customer's data and why it's so critically important because what confidential computing was able to do, it's in addition to isolate our tenants in multi-tenant environments the cloud covering to offer additional stronger isolation. They called it cryptographic isolation. It's why customers will have more trust to customers and to other customers, the tenant that's running on the same host but also us because they don't need to worry about against threats and more malicious attempts to penetrate the environment. So what confidential computing is helping us to offer our customers, stronger isolation between tenants in this multi-tenant environment, but also incredibly important, stronger isolation of our customers, so tenants from us. We also writing code, we also software providers will also make mistakes or have some zero days. Sometimes again us introduced, sometimes introduced by our adversaries. But what I'm trying to say by creating this cryptographic layer of isolation between us and our tenants and amongst those tenants, we're really providing meaningful security to our customers and eliminate some of the worries that they have running on multi-tenant spaces or even collaborating to gather this very sensitive data knowing that this particular protection is available to them. >> Okay, thank you. Appreciate that. And I think malicious code is often a threat model missed in these narratives. Operator access, yeah, maybe I trust my clouds provider, but if I can fence off your access even better, I'll sleep better at night. Separating a code from the data, everybody's, Arm, Intel, AMD, Nvidia, others, they're all doing it. I wonder if, Nelly, if we could stay with you and bring up the slide on the architecture. What's architecturally different with confidential computing versus how operating systems and VMs have worked traditionally. We're showing a slide here with some VMs, maybe you could take us through that. >> Absolutely. And Dave, the whole idea for Google and now industry way of dealing with confidential computing is to ensure that three main property is actually preserved. Customers don't need to change the code. They can operate on those VMs exactly as they would with normal non-confidential VMs, but to give them this opportunity of lift and shift or no changing their apps and performing and having very, very, very low latency and scale as any cloud can, something that Google actually pioneer in confidential computing. I think we need to open and explain how this magic was actually done. And as I said, it's again the whole entire system have to change to be able to provide this magic. And I would start with we have this concept of root of trust and root of trust where we will ensure that this machine, when the whole entire post has integrity guarantee, means nobody changing my code on the most low level of system. And we introduce this in 2017 called Titan. It was our specific ASIC, specific, again, inch by inch system on every single motherboard that we have that ensures that your low level former, your actually system code, your kernel, the most powerful system is actually proper configured and not changed, not tampered. We do it for everybody, confidential computing included. But for confidential computing, what we have to change, we bring in AMD, or again, future silicon vendors and we have to trust their former, their way to deal with our confidential environments. And that's why we have obligation to validate integrity, not only our software and our former but also former and software of our vendors, silicon vendors. So we actually, when we booting this machine, as you can see, we validate that integrity of all of the system is in place. It means nobody touching, nobody changing, nobody modifying it. But then we have this concept of AMD secure processor, it's special ASICs, best specific things that generate a key for every single VM that our customers will run or every single node in Kubernetes or every single worker thread in our Hadoop or Spark capability. We offer all of that. And those keys are not available to us. It's the best keys ever in encryption space because when we are talking about encryption, the first question that I'm receiving all the time, where's the key, who will have access to the key? Because if you have access to the key then it doesn't matter if you encrypted or not. So, but the case in confidential computing provides so revolutionary technology, us cloud providers, who don't have access to the keys. They sitting in the hardware and they head to memory controller. And it means when hypervisors that also know about these wonderful things saying I need to get access to the memories that this particular VM trying to get access to, they do not decrypt the data, they don't have access to the key because those keys are random, ephemeral and per VM, but the most importantly, in hardware not exportable. And it means now you would be able to have this very interesting role that customers or cloud providers will not be able to get access to your memory. And what we do, again, as you can see our customers don't need to change their applications, their VMs are running exactly as it should run and what you're running in VM, you actually see your memory in clear, it's not encrypted, but God forbid is trying somebody to do it outside of my confidential box. No, no, no, no, no, they would not be able to do it. Now you'll see cyber and it's exactly what combination of these multiple hardware pieces and software pieces have to do. So OS is also modified. And OS is modified such way to provide integrity. It means even OS that you're running in your VM box is not modifiable and you, as customer, can verify. But the most interesting thing, I guess, how to ensure the super performance of this environment because you can imagine, Dave, that encrypting and it's additional performance, additional time, additional latency. So we were able to mitigate all of that by providing incredibly interesting capability in the OS itself. So our customers will get no changes needed, fantastic performance and scales as they would expect from cloud providers like Google. >> Okay, thank you. Excellent. Appreciate that explanation. So, again, the narrative on this as well, you've already given me guarantees as a cloud provider that you don't have access to my data, but this gives another level of assurance, key management as they say is key. Now humans aren't managing the keys, the machines are managing them. So Patricia, my question to you is, in addition to, let's go pre confidential computing days, what are the sort of new guarantees that these hardware-based technologies are going to provide to customers? >> So if I am a customer, I am saying I now have full guarantee of confidentiality and integrity of the data and of the code. So if you look at code and data confidentiality, the customer cares and they want to know whether their systems are protected from outside or unauthorized access, and that recovered with Nelly, that it is. Confidential computing actually ensures that the applications and data internals remain secret, right? The code is actually looking at the data, the only the memory is decrypting the data with a key that is ephemeral and per VM and generated on demand. Then you have the second point where you have code and data integrity, and now customers want to know whether their data was corrupted, tampered with or impacted by outside actors. And what confidential computing ensures is that application internals are not tampered with. So the application, the workload as we call it, that is processing the data, it's also, it has not been tampered and preserves integrity. I would also say that this is all verifiable. So you have attestation and these attestation actually generates a log trail and the log trail guarantees that, provides a proof that it was preserved. And I think that the offer's also a guarantee of what we call ceiling, this idea that the secrets have been preserved and not tampered with, confidentiality and integrity of code and data. >> Got it. Okay, thank you. Nelly, you mentioned, I think I heard you say that the applications, it's transparent, you don't have to change the application, it just comes for free essentially. And we showed some various parts of the stack before. I'm curious as to what's affected, but really more importantly, what is specifically Google's value add? How do partners participate in this, the ecosystem, or maybe said another way, how does Google ensure the compatibility of confidential computing with existing systems and applications? >> And a fantastic question by the way. And it's very difficult and definitely complicated world because to be able to provide these guarantees, actually a lot of work was done by community. Google is very much operate in open, so again, our operating system, we working with operating system repository OSs, OS vendors to ensure that all capabilities that we need is part of the kernels, are part of the releases and it's available for customers to understand and even explore if they have fun to explore a lot of code. We have also modified together with our silicon vendors a kernel, host kernel to support this capability and it means working this community to ensure that all of those patches are there. We also worked with every single silicon vendor as you've seen, and that's what I probably feel that Google contributed quite a bit in this whole, we moved our industry, our community, our vendors to understand the value of easy to use confidential computing or removing barriers. And now I don't know if you noticed, Intel is pulling the lead and also announcing their trusted domain extension, very similar architecture. And no surprise, it's, again, a lot of work done with our partners to, again, convince, work with them and make this capability available. The same with Arm this year, actually last year, Arm announced their future design for confidential computing. It's called Confidential Computing Architecture. And it's also influenced very heavily with similar ideas by Google and industry overall. So it's a lot of work in confidential computing consortiums that we are doing, for example, simply to mention, to ensure interop, as you mentioned, between different confidential environments of cloud providers. They want to ensure that they can attest to each other because when you're communicating with different environments, you need to trust them. And if it's running on different cloud providers, you need to ensure that you can trust your receiver when you are sharing your sensitive data workloads or secret with them. So we coming as a community and we have this attestation sig, the, again, the community based systems that we want to build and influence and work with Arm and every other cloud providers to ensure that we can interrupt and it means it doesn't matter where confidential workloads will be hosted, but they can exchange the data in secure, verifiable and controlled by customers way. And to do it, we need to continue what we are doing, working open, again, and contribute with our ideas and ideas of our partners to this role to become what we see confidential computing has to become, it has to become utility. It doesn't need to be so special, but it's what we want it to become. >> Let's talk about, thank you for that explanation. Let's talk about data sovereignty because when you think about data sharing, you think about data sharing across the ecosystem and different regions and then of course data sovereignty comes up. Typically public policy lags, the technology industry and sometimes is problematic. I know there's a lot of discussions about exceptions, but Patricia, we have a graphic on data sovereignty. I'm interested in how confidential computing ensures that data sovereignty and privacy edicts are adhered to, even if they're out of alignment maybe with the pace of technology. One of the frequent examples is when you delete data, can you actually prove that data is deleted with a hundred percent certainty? You got to prove that and a lot of other issues. So looking at this slide, maybe you could take us through your thinking on data sovereignty. >> Perfect. So for us, data sovereignty is only one of the three pillars of digital sovereignty. And I don't want to give the impression that confidential computing addresses it all. That's why we want to step back and say, hey, digital sovereignty includes data sovereignty where we are giving you full control and ownership of the location, encryption and access to your data. Operational sovereignty where the goal is to give our Google Cloud customers full visibility and control over the provider operations, right? So if there are any updates on hardware, software stack, any operations, there is full transparency, full visibility. And then the third pillar is around software sovereignty where the customer wants to ensure that they can run their workloads without dependency on the provider's software. So they have sometimes is often referred as survivability, that you can actually survive if you are untethered to the cloud and that you can use open source. Now let's take a deep dive on data sovereignty, which by the way is one of my favorite topics. And we typically focus on saying, hey, we need to care about data residency. We care where the data resides because where the data is at rest or in processing, it typically abides to the jurisdiction, the regulations of the jurisdiction where the data resides. And others say, hey, let's focus on data protection. We want to ensure the confidentiality and integrity and availability of the data, which confidential computing is at the heart of that data protection. But it is yet another element that people typically don't talk about when talking about data sovereignty, which is the element of user control. And here, Dave, is about what happens to the data when I give you access to my data. And this reminds me of security two decades ago, even a decade ago, where we started the security movement by putting firewall protections and login accesses. But once you were in, you were able to do everything you wanted with the data. An insider had access to all the infrastructure, the data and the code. And that's similar because with data sovereignty we care about whether it resides, where, who is operating on the data. But the moment that the data is being processed, I need to trust that the processing of the data will abide by user control, by the policies that I put in place of how my data is going to be used. And if you look at a lot of the regulation today and a lot of the initiatives around the International Data Space Association, IDSA, and Gaia-X, there is a movement of saying the two parties, the provider of the data and the receiver of the data are going to agree on a contract that describes what my data can be used for. The challenge is to ensure that once the data crosses boundaries, that the data will be used for the purposes that it was intended and specified in the contract. And if you actually bring together, and this is the exciting part, confidential computing together with policy enforcement, now the policy enforcement can guarantee that the data is only processed within the confines of a confidential computing environment, that the workload is cryptographically verified that there is the workload that was meant to process the data and that the data will be only used when abiding to the confidentiality and integrity safety of the confidential computing environment. And that's why we believe confidential computing is one necessary and essential technology that will allow us to ensure data sovereignty, especially when it comes to user control. >> Thank you for that. I mean it was a deep dive, I mean brief, but really detailed. So I appreciate that, especially the verification of the enforcement. Last question, I met you two because as part of my year end prediction post, you guys sent in some predictions and I wasn't able to get to them in the predictions post. So I'm thrilled that you were able to make the time to come on the program. How widespread do you think the adoption of confidential computing will be in 23 and what's the maturity curve look like, this decade in your opinion? Maybe each of you could give us a brief answer. >> So my prediction in five, seven years, as I started, it'll become utility. It'll become TLS as of, again, 10 years ago we couldn't believe that websites will have certificates and we will support encrypted traffic. Now we do and it's become ubiquity. It's exactly where confidential computing is getting and heading, I don't know we deserve yet. It'll take a few years of maturity for us, but we will be there. >> Thank you. And Patricia, what's your prediction? >> I will double that and say, hey, in the future, in the very near future, you will not be able to afford not having it. I believe as digital sovereignty becomes evermore top of mind with sovereign states and also for multi national organizations and for organizations that want to collaborate with each other, confidential computing will become the norm. It'll become the default, if I say, mode of operation. I like to compare that today is inconceivable. If we talk to the young technologists, it's inconceivable to think that at some point in history, and I happen to be alive that we had data at rest that was not encrypted, data in transit that was not encrypted, and I think that will be inconceivable at some point in the near future that to have unencrypted data while in use. >> And plus I think the beauty of the this industry is because there's so much competition, this essentially comes for free. I want to thank you both for spending some time on Breaking Analysis. There's so much more we could cover. I hope you'll come back to share the progress that you're making in this area and we can double click on some of these topics. Really appreciate your time. >> Anytime. >> Thank you so much. >> In summary, while confidential computing is being touted by the cloud players as a promising technology for enhancing data privacy and security, there are also those, as we said, who remain skeptical. The truth probably lies somewhere in between and it will depend on the specific implementation and the use case as to how effective confidential computing will be. Look, as with any new tech, it's important to carefully evaluate the potential benefits, the drawbacks, and make informed decisions based on the specific requirements in the situation and the constraints of each individual customer. But the bottom line is silicon manufacturers are working with cloud providers and other system companies to include confidential computing into their architectures. Competition, in our view, will moderate price hikes. And at the end of the day, this is under the covers technology that essentially will come for free. So we'll take it. I want to thank our guests today, Nelly and Patricia from Google, and thanks to Alex Myerson who's on production and manages the podcast. Ken Schiffman as well out of our Boston studio, Kristin Martin and Cheryl Knight help get the word out on social media and in our newsletters. And Rob Hof is our editor-in-chief over at siliconangle.com. Does some great editing for us, thank you all. Remember all these episodes are available as podcasts. Wherever you listen, just search Breaking Analysis podcast. I publish each week on wikibon.com and siliconangle.com where you can get all the news. If you want to get in touch, you can email me at david.vellante@siliconangle.com or dm me @DVellante. And you can also comment on my LinkedIn post. Definitely you want to check out etr.ai for the best survey data in the enterprise tech business. I know we didn't hit on a lot today, but there's some amazing data and it's always being updated, so check that out. This is Dave Vellante for theCUBE Insights, powered by ETR. Thanks for watching and we'll see you next time on Breaking Analysis. (upbeat music)

>> From theCUBE Studios in Palo Alto in Boston, bringing you data-driven insights from theCUBE and ETR. This is Breaking Analysis with Dave Vellante. >> Confidential computing is a technology that aims to enhance data privacy and security, by providing encrypted computation on sensitive data and isolating data, and apps that are fenced off enclave during processing. The concept of, I got to start over. I fucked that up, I'm sorry. That's not right, what I said was not right. On Dave in five, four, three. Confidential computing is a technology that aims to enhance data privacy and security by providing encrypted computation on sensitive data, isolating data from apps and a fenced off enclave during processing. The concept of confidential computing is gaining popularity, especially in the cloud computing space, where sensitive data is often stored and of course processed. However, there are some who view confidential computing as an unnecessary technology in a marketing ploy by cloud providers aimed at calming customers who are cloud phobic. Hello and welcome to this week's Wikibon Cube Insights powered by ETR. In this Breaking Analysis, we revisit the notion of confidential computing, and to do so, we'll invite two Google experts to the show. But before we get there, let's summarize briefly. There's not a ton of ETR data on the topic of confidential computing, I mean, it's a technology that's deeply embedded into silicon and computing architectures. But at the highest level, security remains the number one priority being addressed by IT decision makers in the coming year as shown here. And this data is pretty much across the board by industry, by region, by size of company. I mean we dug into it and the only slight deviation from the mean is in financial services. The second and third most cited priorities, cloud migration and analytics are noticeably closer to cybersecurity in financial services than in other sectors, likely because financial services has always been hyper security conscious, but security is still a clear number one priority in that sector. The idea behind confidential computing is to better address threat models for data in execution. Protecting data at rest and data in transit have long been a focus of security approaches, but more recently, silicon manufacturers have introduced architectures that separate data and applications from the host system, ARM, Intel, AMD, Nvidia and other suppliers are all on board, as are the big cloud players. Now, the argument against confidential computing is that it narrowly focuses on memory encryption and it doesn't solve the biggest problems in security. Multiple system images, updates, different services and the entire code flow aren't directly addressed by memory encryption. Rather to truly attack these problems, many believe that OSs need to be re-engineered with the attacker and hacker in mind. There are so many variables and at the end of the day, critics say the emphasis on confidential computing made by cloud providers is overstated and largely hype. This tweet from security researcher Rodrigo Bronco, sums up the sentiment of many skeptics. He says, "Confidential computing is mostly a marketing campaign from memory encryption. It's not driving the industry towards the hard open problems. It is selling an illusion." Okay. Nonetheless, encrypting data in use and fencing off key components of the system isn't a bad thing, especially if it comes with the package essentially for free. There has been a lack of standardization and interoperability between different confidential computing approaches. But the confidential computing consortium was established in 2019 ostensibly to accelerate the market and influence standards. Notably, AWS is not part of the consortium, likely because the politics of the consortium were probably a conundrum for AWS because the base technology defined by the consortium is seen as limiting by AWS. This is my guess, not AWS' words. But I think joining the consortium would validate a definition which AWS isn't aligned with. And two, it's got to lead with this Annapurna acquisition. It was way ahead with ARM integration, and so it's probably doesn't feel the need to validate its competitors. Anyway, one of the premier members of the confidential computing consortium is Google, along with many high profile names, including Aem, Intel, Meta, Red Hat, Microsoft, and others. And we're pleased to welcome two experts on confidential computing from Google to unpack the topic. Nelly Porter is Head of Product for GCP Confidential Computing and Encryption and Dr. Patricia Florissi is the Technical Director for the Office of the CTO at Google Cloud. Welcome Nelly and Patricia, great to have you. >> Great to be here. >> Thank you so much for having us. >> You're very welcome. Nelly, why don't you start and then Patricia, you can weigh in. Just tell the audience a little bit about each of your roles at Google Cloud. >> So I'll start, I'm owning a lot of interesting activities in Google and again, security or infrastructure securities that I usually own. And we are talking about encryption, end-to-end encryption, and confidential computing is a part of portfolio. Additional areas that I contribute to get with my team to Google and our customers is secure software supply chain because you need to trust your software. Is it operate in your confidential environment to have end-to-end security, about if you believe that your software and your environment doing what you expect, it's my role. >> Got it. Okay, Patricia? >> Well, I am a Technical Director in the Office of the CTO, OCTO for short in Google Cloud. And we are a global team, we include former CTOs like myself and senior technologies from large corporations, institutions and a lot of success for startups as well. And we have two main goals, first, we walk side by side with some of our largest, more strategic or most strategical customers and we help them solve complex engineering technical problems. And second, we advice Google and Google Cloud Engineering, product management on emerging trends and technologies to guide the trajectory of our business. We are unique group, I think, because we have created this collaborative culture with our customers. And within OCTO I spend a lot of time collaborating with customers in the industry at large on technologies that can address privacy, security, and sovereignty of data in general. >> Excellent. Thank you for that both of you. Let's get into it. So Nelly, what is confidential computing from Google's perspective? How do you define it? >> Confidential computing is a tool and one of the tools in our toolbox. And confidential computing is a way how we would help our customers to complete this very interesting end-to-end lifecycle of the data. And when customers bring in the data to cloud and want to protect it as they ingest it to the cloud, they protect it at rest when they store data in the cloud. But what was missing for many, many years is ability for us to continue protecting data and workloads of our customers when they run them. And again, because data is not brought to cloud to have huge graveyard, we need to ensure that this data is actually indexed. Again, there is some insights driven and drawn from this data. You have to process this data and confidential computing here to help. Now we have end-to-end protection of our customer's data when they bring the workloads and data to cloud thanks to confidential computing. >> Thank you for that. Okay, we're going to get into the architecture a bit, but before we do Patricia, why do you think this topic of confidential computing is such an important technology? Can you explain? Do you think it's transformative for customers and if so, why? >> Yeah, I would maybe like to use one thought, one way, one intuition behind why confidential computing matters because at the end of the day, it reduces more and more the customer's thrush boundaries and the attack surface. That's about reducing that periphery, the boundary in which the customer needs to mind about trust and safety. And in a way is a natural progression that you're using encryption to secure and protect data in the same way that we are encrypting data in transit and at rest. Now, we are also encrypting data while in the use. And among other beneficials, I would say one of the most transformative ones is that organizations will be able to collaborate with each other and retain the confidentiality of the data. And that is across industry, even though it's highly focused on, I wouldn't say highly focused but very beneficial for highly regulated industries, it applies to all of industries. And if you look at financing for example, where bankers are trying to detect fraud and specifically double finance where a customer is actually trying to get a finance on an asset, let's say a boat or a house, and then it goes to another bank and gets another finance on that asset. Now bankers would be able to collaborate and detect fraud while preserving confidentiality and privacy of the data. >> Interesting and I want to understand that a little bit more but I got to push you a little bit on this, Nellie if I can, because there's a narrative out there that says confidential computing is a marketing ploy I talked about this up front, by cloud providers that are just trying to placate people that are scared of the cloud. And I'm presuming you don't agree with that, but I'd like you to weigh in here. The argument is confidential computing is just memory encryption, it doesn't address many other problems. It is over hyped by cloud providers. What do you say to that line of thinking? >> I absolutely disagree as you can imagine Dave, with this statement. But the most importantly is we mixing a multiple concepts I guess, and exactly as Patricia said, we need to look at the end-to-end story, not again, is a mechanism. How confidential computing trying to execute and protect customer's data and why it's so critically important. Because what confidential computing was able to do, it's in addition to isolate our tenants in multi-tenant environments the cloud offering to offer additional stronger isolation, they called it cryptographic isolation. It's why customers will have more trust to customers and to other customers, the tenants running on the same host but also us because they don't need to worry about against rats and more malicious attempts to penetrate the environment. So what confidential computing is helping us to offer our customers stronger isolation between tenants in this multi-tenant environment, but also incredibly important, stronger isolation of our customers to tenants from us. We also writing code, we also software providers, we also make mistakes or have some zero days. Sometimes again us introduce, sometimes introduced by our adversaries. But what I'm trying to say by creating this cryptographic layer of isolation between us and our tenants and among those tenants, we really providing meaningful security to our customers and eliminate some of the worries that they have running on multi-tenant spaces or even collaborating together with very sensitive data knowing that this particular protection is available to them. >> Okay, thank you. Appreciate that. And I think malicious code is often a threat model missed in these narratives. You know, operator access. Yeah, maybe I trust my cloud's provider, but if I can fence off your access even better, I'll sleep better at night separating a code from the data. Everybody's ARM, Intel, AMD, Nvidia and others, they're all doing it. I wonder if Nell, if we could stay with you and bring up the slide on the architecture. What's architecturally different with confidential computing versus how operating systems and VMs have worked traditionally? We're showing a slide here with some VMs, maybe you could take us through that. >> Absolutely, and Dave, the whole idea for Google and now industry way of dealing with confidential computing is to ensure that three main property is actually preserved. Customers don't need to change the code. They can operate in those VMs exactly as they would with normal non-confidential VMs. But to give them this opportunity of lift and shift though, no changing the apps and performing and having very, very, very low latency and scale as any cloud can, some things that Google actually pioneer in confidential computing. I think we need to open and explain how this magic was actually done, and as I said, it's again the whole entire system have to change to be able to provide this magic. And I would start with we have this concept of root of trust and root of trust where we will ensure that this machine within the whole entire host has integrity guarantee, means nobody changing my code on the most low level of system, and we introduce this in 2017 called Titan. So our specific ASIC, specific inch by inch system on every single motherboard that we have that ensures that your low level former, your actually system code, your kernel, the most powerful system is actually proper configured and not changed, not tempered. We do it for everybody, confidential computing included, but for confidential computing is what we have to change, we bring in AMD or future silicon vendors and we have to trust their former, their way to deal with our confidential environments. And that's why we have obligation to validate intelligent not only our software and our former but also former and software of our vendors, silicon vendors. So we actually, when we booting this machine as you can see, we validate that integrity of all of this system is in place. It means nobody touching, nobody changing, nobody modifying it. But then we have this concept of AMD Secure Processor, it's special ASIC best specific things that generate a key for every single VM that our customers will run or every single node in Kubernetes or every single worker thread in our Hadoop spark capability. We offer all of that and those keys are not available to us. It's the best case ever in encryption space because when we are talking about encryption, the first question that I'm receiving all the time, "Where's the key? Who will have access to the key?" because if you have access to the key then it doesn't matter if you encrypted or not. So, but the case in confidential computing why it's so revolutionary technology, us cloud providers who don't have access to the keys, they're sitting in the hardware and they fed to memory controller. And it means when hypervisors that also know about this wonderful things saying I need to get access to the memories, that this particular VM I'm trying to get access to. They do not decrypt the data, they don't have access to the key because those keys are random, ephemeral and per VM, but most importantly in hardware not exportable. And it means now you will be able to have this very interesting world that customers or cloud providers will not be able to get access to your memory. And what we do, again as you can see, our customers don't need to change their applications. Their VMs are running exactly as it should run. And what you've running in VM, you actually see your memory clear, it's not encrypted. But God forbid is trying somebody to do it outside of my confidential box, no, no, no, no, no, you will now be able to do it. Now, you'll see cyber test and it's exactly what combination of these multiple hardware pieces and software pieces have to do. So OS is also modified and OS is modified such way to provide integrity. It means even OS that you're running in your VM box is not modifiable and you as customer can verify. But the most interesting thing I guess how to ensure the super performance of this environment because you can imagine Dave, that's increasing and it's additional performance, additional time, additional latency. So we're able to mitigate all of that by providing incredibly interesting capability in the OS itself. So our customers will get no changes needed, fantastic performance and scales as they would expect from cloud providers like Google. >> Okay, thank you. Excellent, appreciate that explanation. So you know again, the narrative on this is, well, you've already given me guarantees as a cloud provider that you don't have access to my data, but this gives another level of assurance, key management as they say is key. Now humans aren't managing the keys, the machines are managing them. So Patricia, my question to you is in addition to, let's go pre-confidential computing days, what are the sort of new guarantees that these hardware based technologies are going to provide to customers? >> So if I am a customer, I am saying I now have full guarantee of confidentiality and integrity of the data and of the code. So if you look at code and data confidentiality, the customer cares and they want to know whether their systems are protected from outside or unauthorized access, and that we covered with Nelly that it is. Confidential computing actually ensures that the applications and data antennas remain secret. The code is actually looking at the data, only the memory is decrypting the data with a key that is ephemeral, and per VM, and generated on demand. Then you have the second point where you have code and data integrity and now customers want to know whether their data was corrupted, tempered with or impacted by outside actors. And what confidential computing ensures is that application internals are not tempered with. So the application, the workload as we call it, that is processing the data is also has not been tempered and preserves integrity. I would also say that this is all verifiable, so you have attestation and this attestation actually generates a log trail and the log trail guarantees that provides a proof that it was preserved. And I think that the offers also a guarantee of what we call sealing, this idea that the secrets have been preserved and not tempered with, confidentiality and integrity of code and data. >> Got it. Okay, thank you. Nelly, you mentioned, I think I heard you say that the applications is transparent, you don't have to change the application, it just comes for free essentially. And we showed some various parts of the stack before, I'm curious as to what's affected, but really more importantly, what is specifically Google's value add? How do partners participate in this, the ecosystem or maybe said another way, how does Google ensure the compatibility of confidential computing with existing systems and applications? >> And a fantastic question by the way, and it's very difficult and definitely complicated world because to be able to provide these guarantees, actually a lot of work was done by community. Google is very much operate and open. So again our operating system, we working this operating system repository OS is OS vendors to ensure that all capabilities that we need is part of the kernels are part of the releases and it's available for customers to understand and even explore if they have fun to explore a lot of code. We have also modified together with our silicon vendors kernel, host kernel to support this capability and it means working this community to ensure that all of those pages are there. We also worked with every single silicon vendor as you've seen, and it's what I probably feel that Google contributed quite a bit in this world. We moved our industry, our community, our vendors to understand the value of easy to use confidential computing or removing barriers. And now I don't know if you noticed Intel is following the lead and also announcing a trusted domain extension, very similar architecture and no surprise, it's a lot of work done with our partners to convince work with them and make this capability available. The same with ARM this year, actually last year, ARM announced future design for confidential computing, it's called confidential computing architecture. And it's also influenced very heavily with similar ideas by Google and industry overall. So it's a lot of work in confidential computing consortiums that we are doing, for example, simply to mention, to ensure interop as you mentioned, between different confidential environments of cloud providers. They want to ensure that they can attest to each other because when you're communicating with different environments, you need to trust them. And if it's running on different cloud providers, you need to ensure that you can trust your receiver when you sharing your sensitive data workloads or secret with them. So we coming as a community and we have this at Station Sig, the community-based systems that we want to build, and influence, and work with ARM and every other cloud providers to ensure that they can interop. And it means it doesn't matter where confidential workloads will be hosted, but they can exchange the data in secure, verifiable and controlled by customers really. And to do it, we need to continue what we are doing, working open and contribute with our ideas and ideas of our partners to this role to become what we see confidential computing has to become, it has to become utility. It doesn't need to be so special, but it's what what we've wanted to become. >> Let's talk about, thank you for that explanation. Let's talk about data sovereignty because when you think about data sharing, you think about data sharing across the ecosystem in different regions and then of course data sovereignty comes up, typically public policy, lags, the technology industry and sometimes it's problematic. I know there's a lot of discussions about exceptions but Patricia, we have a graphic on data sovereignty. I'm interested in how confidential computing ensures that data sovereignty and privacy edicts are adhered to, even if they're out of alignment maybe with the pace of technology. One of the frequent examples is when you delete data, can you actually prove the data is deleted with a hundred percent certainty, you got to prove that and a lot of other issues. So looking at this slide, maybe you could take us through your thinking on data sovereignty. >> Perfect. So for us, data sovereignty is only one of the three pillars of digital sovereignty. And I don't want to give the impression that confidential computing addresses it at all, that's why we want to step back and say, hey, digital sovereignty includes data sovereignty where we are giving you full control and ownership of the location, encryption and access to your data. Operational sovereignty where the goal is to give our Google Cloud customers full visibility and control over the provider operations, right? So if there are any updates on hardware, software stack, any operations, there is full transparency, full visibility. And then the third pillar is around software sovereignty, where the customer wants to ensure that they can run their workloads without dependency on the provider's software. So they have sometimes is often referred as survivability that you can actually survive if you are untethered to the cloud and that you can use open source. Now, let's take a deep dive on data sovereignty, which by the way is one of my favorite topics. And we typically focus on saying, hey, we need to care about data residency. We care where the data resides because where the data is at rest or in processing need to typically abides to the jurisdiction, the regulations of the jurisdiction where the data resides. And others say, hey, let's focus on data protection, we want to ensure the confidentiality, and integrity, and availability of the data, which confidential computing is at the heart of that data protection. But it is yet another element that people typically don't talk about when talking about data sovereignty, which is the element of user control. And here Dave, is about what happens to the data when I give you access to my data, and this reminds me of security two decades ago, even a decade ago, where we started the security movement by putting firewall protections and logging accesses. But once you were in, you were able to do everything you wanted with the data. An insider had access to all the infrastructure, the data, and the code. And that's similar because with data sovereignty, we care about whether it resides, who is operating on the data, but the moment that the data is being processed, I need to trust that the processing of the data we abide by user's control, by the policies that I put in place of how my data is going to be used. And if you look at a lot of the regulation today and a lot of the initiatives around the International Data Space Association, IDSA and Gaia-X, there is a movement of saying the two parties, the provider of the data and the receiver of the data going to agree on a contract that describes what my data can be used for. The challenge is to ensure that once the data crosses boundaries, that the data will be used for the purposes that it was intended and specified in the contract. And if you actually bring together, and this is the exciting part, confidential computing together with policy enforcement. Now, the policy enforcement can guarantee that the data is only processed within the confines of a confidential computing environment, that the workload is in cryptographically verified that there is the workload that was meant to process the data and that the data will be only used when abiding to the confidentiality and integrity safety of the confidential computing environment. And that's why we believe confidential computing is one necessary and essential technology that will allow us to ensure data sovereignty, especially when it comes to user's control. >> Thank you for that. I mean it was a deep dive, I mean brief, but really detailed. So I appreciate that, especially the verification of the enforcement. Last question, I met you two because as part of my year-end prediction post, you guys sent in some predictions and I wasn't able to get to them in the predictions post, so I'm thrilled that you were able to make the time to come on the program. How widespread do you think the adoption of confidential computing will be in '23 and what's the maturity curve look like this decade in your opinion? Maybe each of you could give us a brief answer. >> So my prediction in five, seven years as I started, it will become utility, it will become TLS. As of freakin' 10 years ago, we couldn't believe that websites will have certificates and we will support encrypted traffic. Now we do, and it's become ubiquity. It's exactly where our confidential computing is heeding and heading, I don't know we deserve yet. It'll take a few years of maturity for us, but we'll do that. >> Thank you. And Patricia, what's your prediction? >> I would double that and say, hey, in the very near future, you will not be able to afford not having it. I believe as digital sovereignty becomes ever more top of mind with sovereign states and also for multinational organizations, and for organizations that want to collaborate with each other, confidential computing will become the norm, it will become the default, if I say mode of operation. I like to compare that today is inconceivable if we talk to the young technologists, it's inconceivable to think that at some point in history and I happen to be alive, that we had data at rest that was non-encrypted, data in transit that was not encrypted. And I think that we'll be inconceivable at some point in the near future that to have unencrypted data while we use. >> You know, and plus I think the beauty of the this industry is because there's so much competition, this essentially comes for free. I want to thank you both for spending some time on Breaking Analysis, there's so much more we could cover. I hope you'll come back to share the progress that you're making in this area and we can double click on some of these topics. Really appreciate your time. >> Anytime. >> Thank you so much, yeah. >> In summary, while confidential computing is being touted by the cloud players as a promising technology for enhancing data privacy and security, there are also those as we said, who remain skeptical. The truth probably lies somewhere in between and it will depend on the specific implementation and the use case as to how effective confidential computing will be. Look as with any new tech, it's important to carefully evaluate the potential benefits, the drawbacks, and make informed decisions based on the specific requirements in the situation and the constraints of each individual customer. But the bottom line is silicon manufacturers are working with cloud providers and other system companies to include confidential computing into their architectures. Competition in our view will moderate price hikes and at the end of the day, this is under-the-covers technology that essentially will come for free, so we'll take it. I want to thank our guests today, Nelly and Patricia from Google. And thanks to Alex Myerson who's on production and manages the podcast. Ken Schiffman as well out of our Boston studio. Kristin Martin and Cheryl Knight help get the word out on social media and in our newsletters, and Rob Hoof is our editor-in-chief over at siliconangle.com, does some great editing for us. Thank you all. Remember all these episodes are available as podcasts. Wherever you listen, just search Breaking Analysis podcast. I publish each week on wikibon.com and siliconangle.com where you can get all the news. If you want to get in touch, you can email me at david.vellante@siliconangle.com or DM me at D Vellante, and you can also comment on my LinkedIn post. Definitely you want to check out etr.ai for the best survey data in the enterprise tech business. I know we didn't hit on a lot today, but there's some amazing data and it's always being updated, so check that out. This is Dave Vellante for theCUBE Insights powered by ETR. Thanks for watching and we'll see you next time on Breaking Analysis. (subtle music)

(bright, upbeat music) >> Hello, brilliant humans and welcome to this special programming on theCUBE featuring Women of the Cloud, brought to you by AWS. My name is Savannah Peterson, and I am very excited to be joined by a brilliant woman both in supply chain as well as digital transformation. Please welcome Jeanette Barlow, VP of Product at Instacart. Jeanette, thank you so much for joining us from Boston today. How you doing? >> Thank you. I'm doing well, thank you. And thank you to the Amazon team for letting me join you. I'm excited to participate in this. I think it's such an important topic to learn all about how as women we're helping shape the future of business, supply chain, consumer experiences. So thank you very much. >> That's fantastic to have you and to be really celebrating women of the cloud properly. To start us off, how long, let's just, let's run with this. How long have you been a woman of the cloud? (Jeanette and Savannah laugh) >> Oh, probably since there, before there was a cloud, actually I have spent my entire career in enterprise technology and I spent nearly 25 years actually with IBM. And, you know, I remember when the internet really took off as far as a highly accessible thing and then the very beginnings of e-commerce where it was really the wild west and it was such a different experience than you get now. And I've been very fortunate throughout that journey to have a variety of roles from sales, marketing, communications. I eventually landed in product management and that's pretty much where I stayed. >> Savannah: At least for now. >> At least for now. >> Sounds like you're very curious. I can tell that you are a very curious person. Since you've been around for what I would consider a, an impressive period of time in an industry, especially when there were not a ton of women to reference or receive mentorship from, what was the initial catalyst or spark or inspiration for you to pursue a career in technology? >> I'll be really honest, getting out of college with college debt, money. (Savannah laughs) The best salary, I'm not going to sugarcoat that but once I landed there, it just was so amazing how technological advance advances were fundamentally changing the way businesses would work or how humans could get things done. And that whole, my whole career trajectory has been very much working at the forefront of new areas whether that be collaboration, software or supply chain which is, obviously we're all well aware, such a deep and important area and even low-code workflow automation before I came to Instacart. >> I love the transparency there. It's a indicator of a great leader and that level of authenticity. Were there any hurdles that you felt you had to overcome in the beginning or was the curiosity enough to power through the initial first few years that are always tough for anyone, no matter their gender or career? >> I think I was a very fortunate person. I do want to say that, sure, there are a lot of long hours and I often felt that I had to be more prepared, maybe than some of my colleagues that were men back, way back in the day. But I had the very good fortune of working for companies throughout my history that really believed in an equitable and respectful workplace. And I had wonderful mentors, both women and men, along the way who really were there to help develop talent. So I never felt that I had sort of a glass ceiling. I definitely felt that I had to to sit there and assert a point of view, at times. >> Savannah: Mm-Hm. >> But, I've seen this whole industry and space change and it's not just gender, but also racial backgrounds educational backgrounds, that neurodiversity I'm now seeing much greater respect for listening to that chorus of voices because we do get better, much better outcomes that way. >> Absolutely. I couldn't agree more and I'm happy to hear that you've been supported along your journey. I think the industry can definitely get a bad rap and there are a lot of people paving the way for us. I want to talk a little bit about supply chain because I don't know about you, but for me I don't think there were as many people talking about the industry and probably what you do, say four years ago, as are now. How did you find your way into supply chain and what is it about helping that be more efficient that excites you? >> Yes. There's nothing like a shortage of toilet paper to get people to. (Savannah laughs) Or to understand what supply chain means. And I, as tough as those times were, especially at the beginning of the pandemic and the uncertainty, it was so exciting for those of us in supply chain because suddenly people got what we did like- >> Savannah: Mm-Hm. >> And they were interested in hearing about it. So I really, I really have, we did enjoy that. I got exposed to that because ultimately I served as the Vice President of Product Management and Strategy for IBM, Sterling Supply Chain which was a very large brand within the IBM portfolio, serving over 10,000 clients worldwide, really focused on their omnichannel order management and their other supply chain processes around order to cash, procure to pay, logistics and things like that. And when you start to learn about the intricacies and that choreography needed across so many players in the value chain, it's an absolutely fascinating puzzle. And- >> Savannah: Yeah. >> Often the further away from the consumer experience you got, the more analog it became. And so the opportunity to start to digitize and transform that was really something that was very, very intriguing. And now here at Instacart, the opportunity to sort of parlay that into one of probably the most complex supply chains that there are, grocery, food just adds another level- >> Yeah. >> Of excitement intrigue to the work. >> I can only imagine there are, I'm just thinking about it right now. I'm not sure there are many supply chains, if any that touch as many lives as food does, as, I mean so is that what brought you, you joined Instacart relatively recently if I'm not mistaken, within the last year. Is that what brought you to them? Was the complexity of that global challenge? >> Absolutely. That was definitely the start of it, was so intriguing to me to see, to, the more I learned about Instacart when they approached me was also they're really changing an industry that's been very static for many, many years, right? And they're fundamentally reshaping that industry. One that's, as you said, is crucial to the everyday lives of pretty much everyone. And I was intrigued by that. But I was also intrigued by the breadth at which they're approaching this, not just the marketplace, but how we are helping retailers through our Instacart platform actually reach their consumers in ways that they like to shop whether it's online or in the store. We are also very, very committed to not just serving from a convenience standpoint, but actually improving access to healthy and nutritious food for as many people as might need that. So it just, core to the complexity of the problem the criticality of it, but also just frankly speaking to the core of who Instacart is as a company, I, it just felt like it was like a culmination of a lot of things to have this opportunity to work here. >> Sounds like a fantastic opportunity. I want to dive a little bit deeper into the technology side there. How is Instacart's technology helping grocers with varying levels of scale and geographical challenges and I'm sure a variety of other things and even a digital skillset. How are you helping them navigate their digital transformation? >> You know, this is probably one of the sectors that lags behind other retail sectors as far as digital transformation. And when the progress that's been made over the last four years is tremendous. And the road ahead is still before us is still a long way to go. I mean Instacart built the world's largest grocery marketplace, if you want to think about that. And so we have more than 10 years of experience in understanding the complexity of that. With, again a supply chain that is very, very complex. So last spring we announced the Instacart platform as a way of really putting a name to a lot of work we were already doing. And it's all about opening up the capability and the technology that we have to help grocers reach their customers directly as well as through our marketplace. So we help grocers like Publix, Wegmans, The Fresh Market just hundreds of grocers build out their own storefronts, their own mobile apps and that we are actually powering for them. We help them create some very unique fulfillment models that might serve customers or be new market opportunities. Certainly we have the traditional full service shop, but we also have virtual convenience that can enable delivery in minutes. And in certain geographies and demographics, that's, you know, really important. We are even going in the store with our connected stores technologies that we announced earlier this year, and that is everything from smart cards to scan and pay to wayfinding that it just, it's a lot of very interesting work we're doing and we're very, very fortunate to be able to partner with some of the best and brightest grocery retailers out there as well as retailers and other verticals as well. But grocery store is sort of our core. >> Yeah, I can only imagine some of the conversations that you have and the user behaviors that you get to learn about as people are on their food journey. You teased a little bit there about what's coming next. What else do you think is in our food future? >> Well, I think, you know, the pandemic pushed the grocery industry to get online to start to digitally transform itself, but we believe it's not an either or. There are virtually no one that's exclusively online and we know more and more there's no one that's exclusively you know, only in the store. We really expect to have that blend and I think as long as we're very, very savvy about understanding the, our retailers' needs as well as their customers' needs on how they can really traverse seamlessly between whether they're online or in store, how they can have an engaging experience that's consistent to the brand of the retailer. >> Savannah: Mm-Hm. >> How they can be rewarded for their loyalty. How they can be encouraged to try new things and just have a much more engaging experience with that grocer because food is a very emotional sort of buy, right? I mean, it's a very sensory rich. And so how- >> Sort of? I think you can go ahead and just make that claim. Just for a lot of people, yeah, yeah. We'll endorse that. >> You're right, yeah, it is. Right, we're passionate about our brand of this or that or we want to touch or smell or do things like that. So there's a tremendous amount of innovation you get online, like personalization and other things that you don't get when you get, you walk into the store, everybody's got the same end cap like I see the same end cap as you see and we might be very different. And then vice versa. I get a very much a sensory experience when I'm in the store, right? That I don't have, how do we blend that? And so there's some really interesting things that we're working on with our retail partners to embrace that omnichannel approach. So we create that flywheel of experience and innovation between the two. So I think you're going to see a lot more focus on an omnichannel experience that traverses between the on and the in, online and the in-store. >> Yeah, I, so I love this because you know, we, there's a continued debate around remote and in-person, working remote and in-person events, but it sounds like hybrid is here to stay when it comes to food and and how we eat, which is very exciting. Last question for you, Jeanette. What would you say to someone, a woman of any age who is looking at this video or maybe dreaming about a career in cloud technology? What's your moment of inspiration? >> You know, I think my best advice is all, you know, stay curious. Just be in love with not even just the technology for technology's sake, but what the technology can unlock as far as an experience and focus on building those experiences. Not only for your direct customer in my case, retailers, grocers, but for their customer. Trying to understand that. And I think if you can connect those dots, you know the cloud is the limit, let's put it that way. (Jeanette and Savannah laugh) >> I'll take it upon that. I love that. Jeanette Barlow, thank you so much for joining us. The team at Instacart is lucky to have you. And thank you to our audience for joining us for this special program on theCUBE featuring Women of the Cloud. My name is Savannah Peterson and I look forward to celebrating more brilliant women like Jeanette with you all soon. (upbeat, happy music)

>> From the Cube Studios in Palo Alto in Boston bringing you data-driven insights from the Cube and ETR. This is Breaking Analysis with Dave Vellante. >> The unraveling of market enthusiasm continued in Q4 of 2022 with the earnings reports from the US hyperscalers, the big three now all in. As we said earlier this year, even the cloud is an immune from the macro headwinds and the cracks in the armor that we saw from the data that we shared last summer, they're playing out into 2023. For the most part actuals are disappointing beyond expectations including our own. It turns out that our estimates for the big three hyperscaler's revenue missed by 1.2 billion or 2.7% lower than we had forecast from even our most recent November estimates. And we expect continued decelerating growth rates for the hyperscalers through the summer of 2023 and we don't think that's going to abate until comparisons get easier. Hello and welcome to this week's Wikibon Cube Insights powered by ETR. In this Breaking Analysis, we share our view of what's happening in cloud markets not just for the hyperscalers but other firms that have hitched a ride on the cloud. And we'll share new ETR data that shows why these trends are playing out tactics that customers are employing to deal with their cost challenges and how long the pain is likely to last. You know, riding the cloud wave, it's a two-edged sword. Let's look at the players that have gone all in on or are exposed to both the positive and negative trends of cloud. Look the cloud has been a huge tailwind for so many companies like Snowflake and Databricks, Workday, Salesforce, Mongo's move with Atlas, Red Hats Cloud strategy with OpenShift and so forth. And you know, the flip side is because cloud is elastic what comes up can also go down very easily. Here's an XY graphic from ETR that shows spending momentum or net score on the vertical axis and market presence in the dataset on the horizontal axis provision or called overlap. This is data from the January 2023 survey and that the red dotted lines show the positions of several companies that we've highlighted going back to January 2021. So let's unpack this for a bit starting with the big three hyperscalers. The first point is AWS and Azure continue to solidify their moat relative to Google Cloud platform. And we're going to get into this in a moment, but Azure and AWS revenues are five to six times that of GCP for IaaS. And at those deltas, Google should be gaining ground much faster than the big two. The second point on Google is notice the red line on GCP relative to its starting point. While it appears to be gaining ground on the horizontal axis, its net score is now below that of AWS and Azure in the survey. So despite its significantly smaller size it's just not keeping pace with the leaders in terms of market momentum. Now looking at AWS and Microsoft, what we see is basically AWS is holding serve. As we know both Google and Microsoft benefit from including SaaS in their cloud numbers. So the fact that AWS hasn't seen a huge downward momentum relative to a January 2021 position is one positive in the data. And both companies are well above that magic 40% line on the Y-axis, anything above 40% we consider to be highly elevated. But the fact remains that they're down as are most of the names on this chart. So let's take a closer look. I want to start with Snowflake and Databricks. Snowflake, as we reported from several quarters back came down to Earth, it was up in the 80% range in the Y-axis here. And it's still highly elevated in the 60% range and it continues to move to the right, which is positive but as we'll address in a moment it's customers can dial down consumption just as in any cloud. Now, Databricks is really interesting. It's not a public company, it never made it to IPO during the sort of tech bubble. So we don't have the same level of transparency that we do with other companies that did make it through. But look at how much more prominent it is on the X-axis relative to January 2021. And it's net score is basically held up over that period of time. So that's a real positive for Databricks. Next, look at Workday and Salesforce. They've held up relatively well, both inching to the right and generally holding their net scores. Same from Mongo, which is the brown dot above its name that says Elastic, it says a little gets a little crowded which Elastic's actually the blue dot above it. But generally, SaaS is harder to dial down, Workday, Salesforce, Oracles, SaaS and others. So it's harder to dial down because commitments have been made in advance, they're kind of locked in. Now, one of the discussions from last summer was as Mongo, less discretionary than analytics i.e. Snowflake. And it's an interesting debate but maybe Snowflake customers, you know, they're also generally committed to a dollar amount. So over time the spending is going to be there. But in the short term, yeah maybe Snowflake customers can dial down. Now that highlighted dotted red line, that bolded one is Datadog and you can see it's made major strides on the X-axis but its net score has decelerated quite dramatically. Openshift's momentum in the survey has dropped although IBM just announced that OpenShift has a a billion dollar ARR and I suspect what's happening there is IBM consulting is bundling OpenShift into its modernization projects. It's got a, that sort of captive base if you will. And as such it's probably not as top of mind to the respondents but I'll bet you the developers are certainly aware of it. Now the other really notable call out here is CloudFlare, We've reported on them earlier. Cloudflare's net score has held up really well since January of 2021. It really hasn't seen the downdraft of some of these others, but it's making major major moves to the right gaining market presence. We really like how CloudFlare is performing. And the last comment is on Oracle which as you can see, despite its much, much lower net score continues to gain ground in the market and thrive from a profitability standpoint. But the data pretty clearly shows that there's a downdraft in the market. Okay, so what's happening here? Let's dig deeper into this data. Here's a graphic from the most recent ETR drill down asking customers that said they were going to cut spending what technique they're using to do so. Now, as we've previously reported, consolidating redundant vendors is by far the most cited approach but there's two key points we want to make here. One is reducing excess cloud resources. As you can see in the bars is the second most cited technique and it's up from the previous polling period. The second we're not showing, you know directly but we've got some red call outs there. Reducing cloud costs jumps to 29% and 28% respectively in financial services and tech telco. And it's much closer to second. It's basically neck and neck with consolidating redundant vendors in those two industries. So they're being really aggressive about optimizing cloud cost. Okay, so as we said, cloud is great 'cause you can dial it up but it's just as easy to dial down. We've identified six factors that customers tell us are affecting their cloud consumption and there are probably more, if you got more we'd love to hear them but these are the ones that are fairly prominent that have hit our radar. First, rising mortgage rates mean banks are processing fewer loans means less cloud. The crypto crash means less trading activity and that means less cloud resources. Third lower ad spend has led companies to reduce not only you know, their ad buying but also their frequency of running their analytics and their calculations. And they're also often using less data, maybe compressing the timeframe of the corpus down to a shorter time period. Also very prominent is down to the bottom left, using lower cost compute instances. For example, Graviton from AWS or AMD chips and tiering storage to cheaper S3 or deep archived tiers. And finally, optimizing based on better pricing plans. So customers are moving from, you know, smaller companies in particular moving maybe from on demand or other larger companies that are experimenting using on demand or they're moving to spot pricing or reserved instances or optimized savings plans. That all lowers cost and that means less cloud resource consumption and less cloud revenue. Now in the days when everything was on prem CFOs, what would they do? They would freeze CapEx and IT Pros would have to try to do more with less and often that meant a lot of manual tasks. With the cloud it's much easier to move things around. It still takes some thinking and some effort but it's dramatically simpler to do so. So you can get those savings a lot faster. Now of course the other huge factor is you can cut or you can freeze. And this graphic shows data from a recent ETR survey with 159 respondents and you can see the meaningful uptick in hiring freezes, freezing new IT deployments and layoffs. And as we've been reporting, this has been trending up since earlier last year. And note the call out, this is especially prominent in retail sectors, all three of these techniques jump up in retail and that's a bit of a concern because oftentimes consumer spending helps the economy make a softer landing out of a pullback. But this is a potential canary in the coal mine. If retail firms are pulling back it's because consumers aren't spending as much. And so we're keeping a close eye on that. So let's boil this down to the market data and what this all means. So in this graphic we show our estimates for Q4 IaaS revenues compared to the "actual" IaaS revenues. And we say quote because AWS is the only one that reports, you know clean revenue and IaaS, Azure and GCP don't report actuals. Why would they? Because it would make them look even, you know smaller relative to AWS. Rather, they bury the figures in overall cloud which includes their, you know G-Suite for Google and all the Microsoft SaaS. And then they give us little tidbits about in Microsoft's case, Azure, they give growth rates. Google gives kind of relative growth of GCP. So, and we use survey data and you know, other data to try to really pinpoint and we've been covering this for, I don't know, five or six years ever since the cloud really became a thing. But looking at the data, we had AWS growing at 25% this quarter and it came in at 20%. So a significant decline relative to our expectations. AWS announced that it exited December, actually, sorry it's January data showed about a 15% mid-teens growth rate. So that's, you know, something we're watching. Azure was two points off our forecast coming in at 38% growth. It said it exited December in the 35% growth range and it said that it's expecting five points of deceleration off of that. So think 30% for Azure. GCP came in three points off our expectation coming in 35% and Alibaba has yet to report but we've shaved a bid off that forecast based on some survey data and you know what maybe 9% is even still not enough. Now for the year, the big four hyperscalers generated almost 160 billion of revenue, but that was 7 billion lower than what what we expected coming into 2022. For 2023, we're expecting 21% growth for a total of 193.3 billion. And while it's, you know, lower, you know, significantly lower than historical expectations it's still four to five times the overall spending forecast that we just shared with you in our predictions post of between 4 and 5% for the overall market. We think AWS is going to come in in around 93 billion this year with Azure closing in at over 71 billion. This is, again, we're talking IaaS here. Now, despite Amazon focusing investors on the fact that AWS's absolute dollar growth is still larger than its competitors. By our estimates Azure will come in at more than 75% of AWS's forecasted revenue. That's a significant milestone. AWS is operating margins by the way declined significantly this past quarter, dropping from 30% of revenue to 24%, 30% the year earlier to 24%. Now that's still extremely healthy and we've seen wild fluctuations like this before so I don't get too freaked out about that. But I'll say this, Microsoft has a marginal cost advantage relative to AWS because one, it has a captive cloud on which to run its massive software estate. So it can just throw software at its own cloud and two software marginal costs. Marginal economics despite AWS's awesomeness in high degrees of automation, software is just a better business. Now the upshot for AWS is the ecosystem. AWS is essentially in our view positioning very smartly as a platform for data partners like Snowflake and Databricks, security partners like CrowdStrike and Okta and Palo Alto and many others and SaaS companies. You know, Microsoft is more competitive even though AWS does have competitive products. Now of course Amazon's competitive to retail companies so that's another factor but generally speaking for tech players, Amazon is a really thriving ecosystem that is a secret weapon in our view. AWS happy to spin the meter with its partners even though it sells competitive products, you know, more so in our view than other cloud players. Microsoft, of course is, don't forget is hyping now, we're hearing a lot OpenAI and ChatGPT we reported last week in our predictions post. How OpenAI is shot up in terms of market sentiment in ETR's emerging technology company surveys and people are moving to Azure to get OpenAI and get ChatGPT that is a an interesting lever. Amazon in our view has to have a response. They have lots of AI and they're going to have to make some moves there. Meanwhile, Google is emphasizing itself as an AI first company. In fact, Google spent at least five minutes of continuous dialogue, nonstop on its AI chops during its latest earnings call. So that's an area that we're watching very closely as the buzz around large language models continues. All right, let's wrap up with some assumptions for 2023. We think SaaS players are going to continue to be sticky. They're going to be somewhat insulated from all these downdrafts because they're so tied in and customers, you know they make the commitment up front, you've got the lock in. Now having said that, we do expect some backlash over time on the onerous and generally customer unfriendly pricing models of most large SaaS companies. But that's going to play out over a longer period of time. Now for cloud generally and the hyperscalers specifically we do expect accelerating growth rates into Q3 but the amplitude of the demand swings from this rubber band economy, we expect to continue to compress and become more predictable throughout the year. Estimates are coming down, CEOs we think are going to be more cautious when the market snaps back more cautious about hiring and spending and as such a perhaps we expect a more orderly return to growth which we think will slightly accelerate in Q4 as comps get easier. Now of course the big risk to these scenarios is of course the economy, the FED, consumer spending, inflation, supply chain, energy prices, wars, geopolitics, China relations, you know, all the usual stuff. But as always with our partners at ETR and the Cube community, we're here for you. We have the data and we'll be the first to report when we see a change at the margin. Okay, that's a wrap for today. I want to thank Alex Morrison who's on production and manages the podcast, Ken Schiffman as well out of our Boston studio getting this up on LinkedIn Live. Thank you for that. Kristen Martin also and Cheryl Knight help get the word out on social media and in our newsletters. And Rob Hof is our Editor-in-Chief over at siliconangle.com. He does some great editing for us. Thank you all. Remember all these episodes are available as podcast. Wherever you listen, just search Breaking Analysis podcast. I publish each week on wikibon.com, at siliconangle.com where you can see all the data and you want to get in touch. Just all you can do is email me david.vellante@siliconangle.com or DM me @dvellante if you if you got something interesting, I'll respond. If you don't, it's either 'cause I'm swamped or it's just not tickling me. You can comment on our LinkedIn post as well. And please check out ETR.ai for the best survey data in the enterprise tech business. This is Dave Vellante for the Cube Insights powered by ETR. Thanks for watching and we'll see you next time on Breaking Analysis. (gentle upbeat music)

>> Hey everyone. Welcome back to theCUBE's coverage day two of CloudNative Security CON 23. Lisa Martin here in studio in Palo Alto with John Furrier. John, we've had some great conversations. I've had a global event. This was a global event. We had Germany on yesterday. We had the Boston Studio. We had folks on the ground in Seattle. Lot of great conversations, a lot of great momentum at this event. What is your number one takeaway with this inaugural event? >> Well, first of all, our coverage with our CUBE alumni experts coming in remotely this remote event for us, I think this event as an inaugural event stood out because one, it was done very carefully and methodically from the CNCF. I think they didn't want to overplay their hand relative to breaking out from CUBE CON So Kubernetes success and CloudNative development has been such a success and that event and ecosystem is booming, right? So that's the big story is they have the breakout event and the question was, was it a good call? Was it successful? Was it going to, would the dog hunt as they say, in this case, I think the big takeaway is that it was successful by all measures. One, people enthusiastic and confident that this has the ability to stand on its own and still contribute without taking away from the benefits and growth of Kubernetes CUBE CON and CloudNative console. So that was the key. Hallway conversations, the sessions all curated and developed properly to be different and focused for that reason. So I think the big takeaway is that the CNCF did a good job on how they rolled this out. Again, it was very intimate event small reminds me of first CUBE CON in Seattle, kind of let's test it out. Let's see how it goes. Again, clearly it was people successful and they understood why they're doing it. And as we commented out in our earlier segments this is not something new. Amazon Web Services has re:Invent and re:Inforce So a lot of parallels there. I see there. So I think good call. CNCF did the right thing. I think this has legs. And then as Dave pointed out, Dave Vellante, on our last keynote analysis was the business model of the hackers is better than the business model of the industry. They're making more money, it costs less so, you know, they're playing offense and the industry playing defense. That has to change. And as Dave pointed out we have to make the cost of hacking and breaches and cybersecurity higher so that the business model crashes. And I think that's the strategic imperative. So I think the combination of the realities of the market globally and open source has to go faster. It's good to kind of decouple and be highly cohesive in the focus. So to me that's the big takeaway. And then the other one is, is that there's a lot more security problems still unresolved. The emphasis on developers productivity is at risk here, if not solved. You saw supply chain software, again, front and center and then down in the weeds outside of Kubernetes, things like BIND and DNS were brought up. You're seeing the Linux kernel. Really important things got to be paid attention to. So I think very good call, very good focus. >> I would love if for us to be able to, as the months go on talk to some of the practitioners that actually got to attend. There were 72 sessions, that's a lot of content for a small event. Obviously to your point, very well curated. We did hear from some folks yesterday who were just excited to get the community back together in person. To your point, having this dedicated focus on CloudNativesecurity is incredibly important. You talked about, you know, the offense defense, the fact that right now the industry needs to be able to pivot from being on defense to being on offense. This is a challenging thing because it is so lucrative for hackers. But this seems to be from what we've heard in the last couple days, the right community with the right focus to be able to make that pivot. >> Yeah, and I think if you look at the success of Kubernetes, 'cause again we were there at theCUBE first one CUBE CON, the end user stories really drove end user participation. Drove the birth of Kubernetes. Left some of these CloudNative early adopters early pioneers that were using cloud hyperscale really set the table for CloudNative CON. I think you're seeing that here with this CloudNative SecurityCON where I think we're see a lot more end user stories because of the security, the hairs on fire as we heard from Madrona Ventures, you know, as they as an investor you have a lot of use cases out there where customers are leaning in with getting the rolling up their sleeves, working with open source. This has to be the driver. So I'm expecting to see the next level of SecurityCON to be end user focused. Much more than vendor focused. Where CUBECON was very end user focused and then attracted all the vendors in that grew the industry. I expect the similar pattern here where end user action will be very high at the beginning and that will essentially be the rising tide for the vendors to be then participating. So I expect almost a similar trajectory to CUBECON. >> That's a good path that it needs to all be about all the end users. One of the things I'm curious if what you heard was what are some of the key factors that are going to move CloudNative Security forward? What did you hear the last two days? >> I heard that there's a lot of security problems and no one wants to kind of brag about this but there's a lot of under the hood stuff that needs to get taken care of. So if automation scales, and we heard that from one of the startups we've just interviewed. If automation and scale continues to happen and with the business model of the hackers still booming, security has to be refactored quickly and there's going to be an opportunity structurally to use the cloud for that. So I think it's a good opportunity now to get dedicated focus on fixing things like the DNS stuff old school under the hood, plumbing, networking protocols. You're going to start to see this super cloud-like environment emerge where data's involved, everything's happening and so security has to be re imagined. And I think there's a do over opportunity for the security industry with CloudNative driving that. And I think this is the big thing that I see as an opportunity to, from a story standpoint from a coverage standpoint is that it's a do-over for security. >> One of the things that we heard yesterday is that there's a lot of it, it's a pretty high percentage of organizations that either don't have a SOCK or have a very primitive SOCK. Which kind of surprised me that at this day and age the risks are there. We talked about that today's focus and the keynote was a lot about the software supply chain and what's going on there. What did you hear in terms of the appetite for organizations through the voice of the practitioner to say, you know what guys, we got to get going because there's going to be the hackers are they're here. >> I didn't hear much about that in the coverage 'cause we weren't in the hallways. But from reading the tea leaves and talking to the folks on the ground, I think there's an implied like there's an unlimited money from customers. So it's a very robust from the data infrastructure stack building we cover with the angel investor Kane you're seeing data infrastructure's going to be part of the solution here 'cause data and security go hand in hand. So everyone's got basically checkbook wide open everyone wants to have the answer. And we commented that the co-founder of Palo Alto you had on our coverage yesterday was saying that you know, there's no real platform, there's a lot of tools out there. People will buy anything. So there's still a huge appetite and spend in security but the answer's not going to more tool sprawling. It's going to more platform auto, something that enables automation, fix some of the underlying mechanisms involved and fix it fast. So to me I think it's going to be a robust monetary opportunity because of the demand on the business side. So I don't see that changing at all and I think it's going to accelerate. >> It's a great point in terms of the demand for the business side because as we know as we said yesterday, the next Log4j is out there. It's not a matter of if this happens again it's when, it's the extent, it's how frequent we know that. So organizations all the way up to the board have to be concerned about brand reputation. Nobody wants to be the next big headline in terms of breaches and customer data being given to hackers and hackers making all this money on that. That has to go all the way up to the board and there needs to be alignment between the board and the executives at the organization in terms of how they're going to deal with security, and now. This is not a conversation that can wait. Yeah, I mean I think the five C's we talked about yesterday the culture of companies, the cloud is an enabler, you've got clusters of servers and capabilities, Kubernetes clusters, you've got code and you've got all kinds of, you know, things going on there. Each one has elements that are at risk for hacking, right? So that to me is something that's super important. I think that's why the focus on security's different and important, but it's not going to fork the main event. So that's why I think the spin out was, spinout, or the new event is a good call by the CNCF. >> One of the things today that struck me they're talking a lot about software supply chain and that's been in the headlines for quite a while now. And a stat that was shared this morning during the keynote just blew my brains that there was a 742% increase in the software supply chain attacks occurring over the last three years. It's during Covid times, that is a massive increase. The threat landscape is just growing so amorphously but organizations need to help dial that down because their success and the health of the individuals and the end users is at risk. Well, Covid is an environment where everyone's kind of working at home. So there was some disruption to infrastructure. Also, when you have change like that, there's opportunities for hackers, they'll arbitrage that big time. But I think general the landscape is changing. There's no perimeter anymore. It's CloudNative, this is where it is and people who are moving from old IT to CloudNative, they're at risk. That's why there's tons of ransomware. That's why there's tons of risk. There's just hygiene, from hygiene to architecture and like Nick said from Palo Alto, the co-founder, there's not a lot of architecture in security. So yeah, people have bulked up their security teams but you're going to start to see much more holistic thinking around redoing security. I think that's the opportunity to propel CloudNative, and I think you'll see a lot more coming out of this. >> Did you hear any specific information on some of the CloudNative projects going on that really excite you in terms of these are the right people going after the right challenges to solve in the right direction? >> Well I saw the sessions and what jumped out to me at the sessions was it's a lot of extensions of what we heard at CUBECON and I think what they want to do is take out the big items and break 'em out in security. Kubescape was one we just covered. They want to get more sandbox type stuff into the security side that's very security focused but also plays well with CUBECON. So we'll hear more about how this plays out when we're in Amsterdam coming up in April for CUBECON to hear how that ecosystem, because I think it'll be kind of a relief to kind of decouple security 'cause that gives more focus to the stakeholders in CUBECON. There's a lot of issues going on there and you know service meshes and whatnot. So it's a lot of good stuff happening. >> A lot of good stuff happening. One of the things that'll be great about CUBECON is that we always get the voice of the customer. We get vendors coming on with the voice of the customer talking about and you know in that case how they're using Kubernetes to drive the business forward. But it'll be great to be able to pull in some of the security conversations that spin out of CloudNative Security CON to understand how those end users are embracing the technology. You brought up I think Nir Zuk from Palo Alto Networks, one of the themes there when Dave and I did their Ignite event in December was, of 22, was really consolidation. There are so many tools out there that organizations have to wrap their heads around and they need to be able to have the right enablement content which this event probably delivered to figure out how do we consolidate security tools effectively, efficiently in a way that helps dial down our risk profile because the risks just seem to keep growing. >> Yeah, and I love the technical nature of all that and I think this is going to be the continued focus. Chris Aniszczyk who's the CTO listed like E and BPF we covered with Liz Rice is one of the most three important points of the conference and it's just, it's very nerdy and that's what's needed. I mean it's technical. And again, there's no real standards bodies anymore. The old days developers I think are super important to be the arbiters here. And again, what I love about the CNCF is that they're developer focused and we heard developer first even in security. So you know, this is a sea change and I think, you know, developers' choice will be the standards bodies. >> Lisa: Yeah, yeah. >> They decide the future. >> Yeah. >> And I think having the sandboxing and bringing this out will hopefully accelerate more developer choice and self-service. >> You've been talking about kind of putting the developers in the driver's seat as really being the key decision makers for a while. Did you hear information over the last couple of days that validates that? >> Yeah, absolutely. It's clearly the fact that they did this was one. The other one is, is that engineering teams and dev teams and script teams, they're blending together. It's not just separate silos and the ones that are changing their team dynamics, again, back to the culture are winning. And I think this has to happen. Security has to be embedded everywhere in making it frictionless and to provide kind of the guardrail so developers don't slow down. And I think where security has become a drag or an anchor or a blocker has been just configuration of how the organization's handling it. So I think when people recognize that the developers are in charge and they're should be driving the application development you got to make sure that's secure. And so that's always going to be friction and I think whoever does it, whoever unlocks that for the developer to go faster will win. >> Right. Oh, that's what I'm sure magic to a developer's ear is the ability to go faster and be able to focus on co-development in a secure fashion. What are some of the things that you're excited about for CUBECON. Here we are in February, 2023 and CUBECON is just around the corner in April. What are some of the things that you're excited about based on the groundswell momentum that this first inaugural CloudNative Security CON is generating from a community, a culture perspective? >> I think this year's going to be very interesting 'cause we have an economic challenge globally. There's all kinds of geopolitical things happening. I think there's going to be very entrepreneurial activity this year more than ever. I think you're going to see a lot more innovative projects ideas hitting the table. I think it's going to be a lot more entrepreneurial just because the cycle we're in. And also I think the acceleration of mainstream deployments of out of the CNCF's main event CUBECON will happen. You'll see a lot more successes, scale, more clarity on where the security holes are or aren't. Where the benefits are. I think containers and microservices are continuing to surge. I think the Cloud scale hyperscale as Amazon, Azure, Google will be more aggressive. I think AI will be a big theme this year. I think you can see how data is going to infect some of the innovation thinking. I'm really excited about the data infrastructure because it powers a lot of things in the Cloud. So I think the Amazon Web Services, Azure next level gen clouds will impact what happens in the CloudNative foundation. >> Did you have any conversations yesterday or today with respect to AI and security? Was that a focus of anybody's? Talk to me about that. >> Well, I didn't hear any sessions on AI but we saw some demos on stage. But they're teasing out that this is an augmentation to their mission, right? So I think a lot of people are looking at AI as, again, like I always said there's the naysayers who think it's kind of a gimmick or nothing to see here, and then some are just going to blown away. I think the people who are alpha geeks and the industry connect the dots and understand that AI is going to be an accelerant to a lot of heavy lifting that was either manual, you know, hard to do things that was boring or muck as they say. I think that's going to be where you'll see the AI stories where it's going to accelerate either ways to make security better or make developers more confident and productive. >> Or both. >> Yeah. So definitely AI will be part of it. Yeah, definitely. One of the things too that I'm wondering if, you know, we talk about CloudNative and the goal of it, the importance of it. Do you think that this event, in terms of what we were able to see, obviously being remote the event going on in Seattle, us being here in Palo Alto and Boston and guests on from Seattle and Germany and all over, did you hear the really the validation for why CloudNative Security why CloudNative is important for organizations whether it's a bank or a hospital or a retailer? Is that validation clear and present? >> Yeah, absolutely. I think it was implied. I don't think there was like anyone's trying to debate that. I think this conference was more of it's assumed and they were really trying to push the ability to make security less defensive, more offensive and more accelerated into the solving the problems with the businesses that are out there. So clearly the CloudNative community understands where the security challenges are and where they're emerging. So having a dedicated event will help address that. And they've got great co-chairs too that put it together. So I think that's very positive. >> Yeah. Do you think, is it possible, I mean, like you said several times today so eloquently the industry's on the defense when it comes to security and the hackers are on the offense. Is it really possible to make that switch or obviously get some balances. As technology advances and industry gets to take advantage of that, so do the hackers, is that balance achievable? >> Absolutely. I mean, I think totally achievable. The question's going to be what's the environment going to be like? And I remember as context to understanding whether it's viable or not, is to look at, just go back 13 years ago, I remember in 2010 Amazon was viewed as an unsecure environment. Everyone's saying, "Oh, the cloud is not secure." And I remember interviewing Steve Schmidt at AWS and we discussed specifically how Amazon Cloud was being leveraged by hackers. They made it more complex for the hackers. And he said, "This is just the beginning." It's kind of like barbed wire on a fence. It's yeah, you're not going to climb it so people can get over it. And so since then what's happened is the Cloud has become more secure than on premises for a lot of either you know, personnel reasons, culture reasons, not updating, you know, from patches to just being insecure to be more insecure. So that to me means that the flip the script can be flipped. >> Yeah. And I think with CloudNative they can build in automation and code to solve some of these problems and make it more complex for the hacker. >> Lisa: Yes. >> And increase the cost. >> Yeah, exactly. Make it more complex. Increase the cost. That'll be in interesting journey to follow. So John, here we are early February, 2023 theCUBE starting out strong as always. What year are we in, 12? Year 12? >> 13th year >> 13! What's next for theCUBE? What's coming up that excites you? >> Well, we're going to do a lot more events. We got the theCUBE in studio that I call theCUBE Center as kind of internal code word, but like, this is more about getting the word out that we can cover events remotely as events are starting to change with hybrid, digital is going to be a big part of that. So I think you're going to see a lot more CUBE on location. We're going to do, still do theCUBE and have theCUBE cover events from the studio to get deeper perspective because we can then bring people in remote through our our studio team. We can bring our CUBE alumni in. We have a corpus of content and experts to bring to table. So I think the coverage will be increased. The expertise and data will be flowing through theCUBE and so Cube Center, CUBE CUBE Studio. >> Lisa: Love it. >> Will be a integral part of our coverage. >> I love that. And we have such great conversations with guests in person, but also virtually, digitally as well. We still get the voices of the practitioners and the customers and the vendors and the partner ecosystem really kind of lauded loud and clear through theCUBE megaphone as I would say. >> And of course getting the clips out there, getting the highlights. >> Yeah. >> Getting more stories. No stories too small for theCUBE. We can make it easy to get the best content. >> The best content. John, it's been fun covering CloudNative security CON with you with you. And Dave and our guests, thank you so much for the opportunity and looking forward to the next event. >> John: All right. We'll see you at Amsterdam. >> Yeah, I'll be there. We want to thank you so much for watching TheCUBES's two day coverage of CloudNative Security CON 23. We're live in Palo Alto. You are live wherever you are and we appreciate your time and your view of this event. For John Furrier, Dave Vellante, I'm Lisa Martin. Thanks for watching guys. We'll see you at the next show.

(upbeat music) >> Hello and welcome back to theCUBE. We're here in Palo Alto, California. I'm your host, John Furrier with a special guest here in the studio. As part of our Cloud Native SecurityCon Coverage we had an opportunity to bring in Jon Turow who is the partner at Madrona Venture Partners formerly with AWS and to talk about machine learning, foundational models, and how the future of AI is going to be impacted by some of the innovation around what's going on in the industry. ChatGPT has taken the world by storm. A million downloads, fastest to the million downloads there. Before some were saying it's just a gimmick. Others saying it's a game changer. Jon's here to break it down, and great to have you on. Thanks for coming in. >> Thanks John. Glad to be here. >> Thanks for coming on. So first of all, I'm glad you're here. First of all, because two things. One, you were formerly with AWS, got a lot of experience running projects at AWS. Now a partner at Madrona, a great firm doing great deals, and they had this future at modern application kind of thesis. Now you are putting out some content recently around foundational models. You're deep into computer vision. You were the IoT general manager at AWS among other things, Greengrass. So you know a lot about data. You know a lot about some of this automation, some of the edge stuff. You've been in the middle of all these kind of areas that now seem to be the next wave coming. So I wanted to ask you what your thoughts are of how the machine learning and this new automation wave is coming in, this AI tools are coming out. Is it a platform? Is it going to be smarter? What feeds AI? What's your take on this whole foundational big movement into AI? What's your general reaction to all this? >> So, thanks, Jon, again for having me here. Really excited to talk about these things. AI has been coming for a long time. It's been kind of the next big thing. Always just over the horizon for quite some time. And we've seen really compelling applications in generations before and until now. Amazon and AWS have introduced a lot of them. My firm, Madrona Venture Group has invested in some of those early players as well. But what we're seeing now is something categorically different. That's really exciting and feels like a durable change. And I can try and explain what that is. We have these really large models that are useful in a general way. They can be applied to a lot of different tasks beyond the specific task that the designers envisioned. That makes them more flexible, that makes them more useful for building applications than what we've seen before. And so that, we can talk about the depths of it, but in a nutshell, that's why I think people are really excited. >> And I think one of the things that you wrote about that jumped out at me is that this seems to be this moment where there's been a multiple decades of nerds and computer scientists and programmers and data thinkers around waiting for AI to blossom. And it's like they're scratching that itch. Every year is going to be, and it's like the bottleneck's always been compute power. And we've seen other areas, genome sequencing, all kinds of high computation things where required high forms computing. But now there's no real bottleneck to compute. You got cloud. And so you're starting to see the emergence of a massive acceleration of where AI's been and where it needs to be going. Now, it's almost like it's got a reboot. It's almost a renaissance in the AI community with a whole nother macro environmental things happening. Cloud, younger generation, applications proliferate from mobile to cloud native. It's the perfect storm for this kind of moment to switch over. Am I overreading that? Is that right? >> You're right. And it's been cooking for a cycle or two. And let me try and explain why that is. We have cloud and AWS launch in whatever it was, 2006, and offered more compute to more people than really was possible before. Initially that was about taking existing applications and running them more easily in a bigger scale. But in that period of time what's also become possible is new kinds of computation that really weren't practical or even possible without that vast amount of compute. And so one result that came of that is something called the transformer AI model architecture. And Google came out with that, published a paper in 2017. And what that says is, with a transformer model you can actually train an arbitrarily large amount of data into a model, and see what happens. That's what Google demonstrated in 2017. The what happens is the really exciting part because when you do that, what you start to see, when models exceed a certain size that we had never really seen before all of a sudden they get what we call emerging capabilities of complex reasoning and reasoning outside a domain and reasoning with data. The kinds of things that people describe as spooky when they play with something like ChatGPT. That's the underlying term. We don't as an industry quite know why it happens or how it happens, but we can measure that it does. So cloud enables new kinds of math and science. New kinds of math and science allow new kinds of experimentation. And that experimentation has led to this new generation of models. >> So one of the debates we had on theCUBE at our Supercloud event last month was, what's the barriers to entry for say OpenAI, for instance? Obviously, I weighed in aggressively and said, "The barriers for getting into cloud are high because all the CapEx." And Howie Xu formerly VMware, now at ZScaler, he's an AI machine learning guy. He was like, "Well, you can spend $100 million and replicate it." I saw a quote that set up for 180,000 I can get this other package. What's the barriers to entry? Is ChatGPT or OpenAI, does it have sustainability? Is it easy to get into? What is the market like for AI? I mean, because a lot of entrepreneurs are jumping in. I mean, I just read a story today. San Francisco's got more inbound migration because of the AI action happening, Seattle's booming, Boston with MIT's been working on neural networks for generations. That's what we've found the answer. Get off the neural network, Boston jump on the AI bus. So there's total excitement for this. People are enthusiastic around this area. >> You can think of an iPhone versus Android tension that's happening today. In the iPhone world, there are proprietary models from OpenAI who you might consider as the leader. There's Cohere, there's AI21, there's Anthropic, Google's going to have their own, and a few others. These are proprietary models that developers can build on top of, get started really quickly. They're measured to have the highest accuracy and the highest performance today. That's the proprietary side. On the other side, there is an open source part of the world. These are a proliferation of model architectures that developers and practitioners can take off the shelf and train themselves. Typically found in Hugging face. What people seem to think is that the accuracy and performance of the open source models is something like 18 to 20 months behind the accuracy and performance of the proprietary models. But on the other hand, there's infinite flexibility for teams that are capable enough. So you're going to see teams choose sides based on whether they want speed or flexibility. >> That's interesting. And that brings up a point I was talking to a startup and the debate was, do you abstract away from the hardware and be software-defined or software-led on the AI side and let the hardware side just extremely accelerate on its own, 'cause it's flywheel? So again, back to proprietary, that's with hardware kind of bundled in, bolted on. Is it accelerator or is it bolted on or is it part of it? So to me, I think that the big struggle in understanding this is that which one will end up being right. I mean, is it a beta max versus VHS kind of thing going on? Or iPhone, Android, I mean iPhone makes a lot of sense, but if you're Apple, but is there an Apple moment in the machine learning? >> In proprietary models, here does seem to be a jump ball. That there's going to be a virtuous flywheel that emerges that, for example, all these excitement about ChatGPT. What's really exciting about it is it's really easy to use. The technology isn't so different from what we've seen before even from OpenAI. You mentioned a million users in a short period of time, all providing training data for OpenAI that makes their underlying models, their next generation even better. So it's not unreasonable to guess that there's going to be power laws that emerge on the proprietary side. What I think history has shown is that iPhone, Android, Windows, Linux, there seems to be gravity towards this yin and yang. And my guess, and what other people seem to think is going to be the case is that we're going to continue to see these two poles of AI. >> So let's get into the relationship with data because I've been emerging myself with ChatGPT, fascinated by the ease of use, yes, but also the fidelity of how you query it. And I felt like when I was doing writing SQL back in the eighties and nineties where SQL was emerging. You had to be really a guru at the SQL to get the answers you wanted. It seems like the querying into ChatGPT is a good thing if you know how to talk to it. Labeling whether your input is and it does a great job if you feed it right. If you ask a generic questions like Google. It's like a Google search. It gives you great format, sounds credible, but the facts are kind of wrong. >> That's right. >> That's where general consensus is coming on. So what does that mean? That means people are on one hand saying, "Ah, it's bullshit 'cause it's wrong." But I look at, I'm like, "Wow, that's that's compelling." 'Cause if you feed it the right data, so now we're in the data modeling here, so the role of data's going to be critical. Is there a data operating system emerging? Because if this thing continues to go the way it's going you can almost imagine as you would look at companies to invest in. Who's going to be right on this? What's going to scale? What's sustainable? What could build a durable company? It might not look what like what people think it is. I mean, I remember when Google started everyone thought it was the worst search engine because it wasn't a portal. But it was the best organic search on the planet became successful. So I'm trying to figure out like, okay, how do you read this? How do you read the tea leaves? >> Yeah. There are a few different ways that companies can differentiate themselves. Teams with galactic capabilities to take an open source model and then change the architecture and retrain and go down to the silicon. They can do things that might not have been possible for other teams to do. There's a company that that we're proud to be investors in called RunwayML that provides video accelerated, sorry, AI accelerated video editing capabilities. They were used in everything, everywhere all at once and some others. In order to build RunwayML, they needed a vision of what the future was going to look like and they needed to make deep contributions to the science that was going to enable all that. But not every team has those capabilities, maybe nor should they. So as far as how other teams are going to differentiate there's a couple of things that they can do. One is called prompt engineering where they shape on behalf of their own users exactly how the prompt to get fed to the underlying model. It's not clear whether that's going to be a durable problem or whether like Google, we consumers are going to start to get more intuitive about this. That's one. The second is what's called information retrieval. How can I get information about the world outside, information from a database or a data store or whatever service into these models so they can reason about them. And the third is, this is going to sound funny, but attribution. Just like you would do in a news report or an academic paper. If you can state where your facts are coming from, the downstream consumer or the human being who has to use that information actually is going to be able to make better sense of it and rely better on it. So that's prompt engineering, that's retrieval, and that's attribution. >> So that brings me to my next point I want to dig in on is the foundational model stack that you published. And I'll start by saying that with ChatGPT, if you take out the naysayers who are like throwing cold water on it about being a gimmick or whatever, and then you got the other side, I would call the alpha nerds who are like they can see, "Wow, this is amazing." This is truly NextGen. This isn't yesterday's chatbot nonsense. They're like, they're all over it. It's that everybody's using it right now in every vertical. I heard someone using it for security logs. I heard a data center, hardware vendor using it for pushing out appsec review updates. I mean, I've heard corner cases. We're using it for theCUBE to put our metadata in. So there's a horizontal use case of value. So to me that tells me it's a market there. So when you have horizontal scalability in the use case you're going to have a stack. So you publish this stack and it has an application at the top, applications like Jasper out there. You're seeing ChatGPT. But you go after the bottom, you got silicon, cloud, foundational model operations, the foundational models themselves, tooling, sources, actions. Where'd you get this from? How'd you put this together? Did you just work backwards from the startups or was there a thesis behind this? Could you share your thoughts behind this foundational model stack? >> Sure. Well, I'm a recovering product manager and my job that I think about as a product manager is who is my customer and what problem he wants to solve. And so to put myself in the mindset of an application developer and a founder who is actually my customer as a partner at Madrona, I think about what technology and resources does she need to be really powerful, to be able to take a brilliant idea, and actually bring that to life. And if you spend time with that community, which I do and I've met with hundreds of founders now who are trying to do exactly this, you can see that the stack is emerging. In fact, we first drew it in, not in January 2023, but October 2022. And if you look at the difference between the October '22 and January '23 stacks you're going to see that holes in the stack that we identified in October around tooling and around foundation model ops and the rest are organically starting to get filled because of how much demand from the developers at the top of the stack. >> If you look at the young generation coming out and even some of the analysts, I was just reading an analyst report on who's following the whole data stacks area, Databricks, Snowflake, there's variety of analytics, realtime AI, data's hot. There's a lot of engineers coming out that were either data scientists or I would call data platform engineering folks are becoming very key resources in this area. What's the skillset emerging and what's the mindset of that entrepreneur that sees the opportunity? How does these startups come together? Is there a pattern in the formation? Is there a pattern in the competency or proficiency around the talent behind these ventures? >> Yes. I would say there's two groups. The first is a very distinct pattern, John. For the past 10 years or a little more we've seen a pattern of democratization of ML where more and more people had access to this powerful science and technology. And since about 2017, with the rise of the transformer architecture in these foundation models, that pattern has reversed. All of a sudden what has become broader access is now shrinking to a pretty small group of scientists who can actually train and manipulate the architectures of these models themselves. So that's one. And what that means is the teams who can do that have huge ability to make the future happen in ways that other people don't have access to yet. That's one. The second is there is a broader population of people who by definition has even more collective imagination 'cause there's even more people who sees what should be possible and can use things like the proprietary models, like the OpenAI models that are available off the shelf and try to create something that maybe nobody has seen before. And when they do that, Jasper AI is a great example of that. Jasper AI is a company that creates marketing copy automatically with generative models such as GPT-3. They do that and it's really useful and it's almost fun for a marketer to use that. But there are going to be questions of how they can defend that against someone else who has access to the same technology. It's a different population of founders who has to find other sources of differentiation without being able to go all the way down to the the silicon and the science. >> Yeah, and it's going to be also opportunity recognition is one thing. Building a viable venture product market fit. You got competition. And so when things get crowded you got to have some differentiation. I think that's going to be the key. And that's where I was trying to figure out and I think data with scale I think are big ones. Where's the vulnerability in the stack in terms of gaps? Where's the white space? I shouldn't say vulnerability. I should say where's the opportunity, where's the white space in the stack that you see opportunities for entrepreneurs to attack? >> I would say there's two. At the application level, there is almost infinite opportunity, John, because almost every kind of application is about to be reimagined or disrupted with a new generation that takes advantage of this really powerful new technology. And so if there is a kind of application in almost any vertical, it's hard to rule something out. Almost any vertical that a founder wishes she had created the original app in, well, now it's her time. So that's one. The second is, if you look at the tooling layer that we discussed, tooling is a really powerful way that you can provide more flexibility to app developers to get more differentiation for themselves. And the tooling layer is still forming. This is the interface between the models themselves and the applications. Tools that help bring in data, as you mentioned, connect to external actions, bring context across multiple calls, chain together multiple models. These kinds of things, there's huge opportunity there. >> Well, Jon, I really appreciate you coming in. I had a couple more questions, but I will take a minute to read some of your bios for the audience and we'll get into, I won't embarrass you, but I want to set the context. You said you were recovering product manager, 10 plus years at AWS. Obviously, recovering from AWS, which is a whole nother dimension of recovering. In all seriousness, I talked to Andy Jassy around that time and Dr. Matt Wood and it was about that time when AI was just getting on the radar when they started. So you guys started seeing the wave coming in early on. So I remember at that time as Amazon was starting to grow significantly and even just stock price and overall growth. From a tech perspective, it was pretty clear what was coming, so you were there when this tsunami hit. >> Jon: That's right. >> And you had a front row seat building tech, you were led the product teams for Computer Vision AI, Textract, AI intelligence for document processing, recognition for image and video analysis. You wrote the business product plan for AWS IoT and Greengrass, which we've covered a lot in theCUBE, which extends out to the whole edge thing. So you know a lot about AI/ML, edge computing, IOT, messaging, which I call the law of small numbers that scale become big. This is a big new thing. So as a former AWS leader who's been there and at Madrona, what's your investment thesis as you start to peruse the landscape and talk to entrepreneurs as you got the stack? What's the big picture? What are you looking for? What's the thesis? How do you see this next five years emerging? >> Five years is a really long time given some of this science is only six months out. I'll start with some, no pun intended, some foundational things. And we can talk about some implications of the technology. The basics are the same as they've always been. We want, what I like to call customers with their hair on fire. So they have problems, so urgent they'll buy half a product. The joke is if your hair is on fire you might want a bucket of cold water, but you'll take a tennis racket and you'll beat yourself over the head to put the fire out. You want those customers 'cause they'll meet you more than halfway. And when you find them, you can obsess about them and you can get better every day. So we want customers with their hair on fire. We want founders who have empathy for those customers, understand what is going to be required to serve them really well, and have what I like to call founder-market fit to be able to build the products that those customers are going to need. >> And because that's a good strategy from an emerging, not yet fully baked out requirements definition. >> Jon: That's right. >> Enough where directionally they're leaning in, more than in, they're part of the product development process. >> That's right. And when you're doing early stage development, which is where I personally spend a lot of my time at the seed and A and a little bit beyond that stage often that's going to be what you have to go on because the future is going to be so complex that you can't see the curves beyond it. But if you have customers with their hair on fire and talented founders who have the capability to serve those customers, that's got me interested. >> So if I'm an entrepreneur, I walk in and say, "I have customers that have their hair on fire." What kind of checks do you write? What's the kind of the average you're seeing for seed and series? Probably seed, seed rounds and series As. >> It can depend. I have seen seed rounds of double digit million dollars. I have seen seed rounds much smaller than that. It really depends on what is going to be the right thing for these founders to prove out the hypothesis that they're testing that says, "Look, we have this customer with her hair on fire. We think we can build at least a tennis racket that she can use to start beating herself over the head and put the fire out. And then we're going to have something really interesting that we can scale up from there and we can make the future happen. >> So it sounds like your advice to founders is go out and find some customers, show them a product, don't obsess over full completion, get some sort of vibe on fit and go from there. >> Yeah, and I think by the time founders come to me they may not have a product, they may not have a deck, but if they have a customer with her hair on fire, then I'm really interested. >> Well, I always love the professional services angle on these markets. You go in and you get some business and you understand it. Walk away if you don't like it, but you see the hair on fire, then you go in product mode. >> That's right. >> All Right, Jon, thank you for coming on theCUBE. Really appreciate you stopping by the studio and good luck on your investments. Great to see you. >> You too. >> Thanks for coming on. >> Thank you, Jon. >> CUBE coverage here at Palo Alto. I'm John Furrier, your host. More coverage with CUBE Conversations after this break. (upbeat music)

(lively music) >> Welcome back to our coverage of Cloud Native Security Con. I'm Dave Vellante, here in our Boston studio. We're connecting today, throughout the day, with Palo Alto on the ground in Seattle. And right now I'm here with Michael Foster with Red Hat. He's on the ground in Seattle. We're going to discuss the trends and containers and security and everything that's going on at the show in Seattle. Michael, good to see you, thanks for coming on. >> Good to see you, thanks for having me on. >> Lot of market momentum for Red Hat. The IBM earnings call the other day, announced OpenShift is a billion-dollar ARR. So it's quite a milestone, and it's not often, you know. It's hard enough to become a billion-dollar software company and then to have actually a billion-dollar product alongside. So congratulations on that. And let's start with the event. What's the buzz at the event? People talking about shift left, obviously supply chain security is a big topic. We've heard a little bit about or quite a bit about AI. What are you hearing on the ground? >> Yeah, so the last event I was at that I got to see you at was three months ago, with CubeCon and the talk was supply chain security. Nothing has really changed on that front, although I do think that the conversation, let's say with the tech companies versus what customers are actually looking at, is slightly different just based on the market. And, like you said, thank you for the shout-out to a billion-dollar OpenShift, and ACS is certainly excited to be part of that. We are seeing more of a consolidation, I think, especially in security. The money's still flowing into security, but people want to know what they're running. We've allowed, had some tremendous growth in the last couple years and now it's okay. Let's get a hold of the containers, the clusters that we're running, let's make sure everything's configured. They want to start implementing policies effectively and really get a feel for what's going on across all their workloads, especially with the bigger companies. I think bigger companies allow some flexibility in the security applications that they can deploy. They can have different groups that manage different ones, but in the mid to low market, you're seeing a lot of consolidation, a lot of companies that want basically one security tool to manage them all, so to speak. And I think that the features need to somewhat accommodate that. We talk supply chain, I think most people continue to care about network security, vulnerability management, shifting left and enabling developers. That's the general trend I see. Still really need to get some hands on demos and see some people that I haven't seen in a while. >> So a couple things on, 'cause, I mean, we talk about the macroeconomic climate all the time. We do a lot of survey data with our partners at ETR, and their recent data shows that in terms of cost savings, for those who are actually cutting their budgets, they're looking to consolidate redundant vendors. So, that's one form of consolidation. The other theme, of course, is there's so many tools out in the security market that consolidating tools is something that can help simplify, but then at the same time, you see opportunities open up, like IOT security. And so, you have companies that are starting up to just do that. So, there's like these countervailing trends. I often wonder, Michael, will this ever end? It's like the universe growing and tooling, what are your thoughts? >> I mean, I completely agree. It's hard to balance trying to grow the company in a time like this, at the same time while trying to secure it all, right? So you're seeing the consolidation but some of these applications and platforms need to make some promises to say, "Hey, we're going to move into this space." Right, so when you have like Red Hat who wants to come out with edge devices and help manage the IOT devices, well then, you have a security platform that can help you do that, that's built in. Then the messaging's easy. When you're trying to do that across different cloud providers and move into IOT, it becomes a little bit more challenging. And so I think that, and don't take my word for this, some of those IOT startups, you might see some purchasing in the next couple years in order to facilitate those cloud platforms to be able to expand into that area. To me it makes sense, but I don't want to hypothesize too much from the start. >> But I do, we just did our predictions post and as a security we put up the chart of candidates, and there's like dozens, and dozens, and dozens. Some that are very well funded, but I mean, you've seen some down, I mean, down rounds everywhere, but these many companies have raised over a billion dollars and it's like uh-oh, okay, so they're probably okay, maybe. But a lot of smaller firms, I mean there's just, there's too many tools in the marketplace, but it seems like there is misalignment there, you know, kind of a mismatch between, you know, what customers would like to have happen and what actually happens in the marketplace. And that just underscores, I think, the complexities in security. So I guess my question is, you know, how do you look at Cloud Native Security, and what's different from traditional security approaches? >> Okay, I mean, that's a great question, and it's something that we've been talking to customers for the last five years about. And, really, it's just a change in mindset. Containers are supposed to unleash developer speed, and if you don't have a security tool to help do that, then you're basically going to inhibit developers in some form or another. I think managing that, while also giving your security teams the ability to tell the message of we are being more secure. You know, we're limiting vulnerabilities in our cluster. We are seeing progress because containers, you know, have a shorter life cycle and there is security and speed. Having that conversation with the C-suites is a little different, especially when how they might be used to virtual machines and managing it through that. I mean, if it works, it works from a developer's standpoint. You're not taking advantage of those containers and the developer's speed, so that's the difference. Now doing that and then first challenge is making that pitch. The second challenge is making that pitch to then scale it, so you can get onboard your developers and get your containers up and running, but then as you bring in new groups, as you move over to Kubernetes or you get into more container workloads, how do you onboard your teams? How do you scale? And I tend to see a general trend of a big investment needed for about two years to make that container shift. And then the security tools come in and really blossom because once that core separation of responsibilities happens in the organization, then the security tools are able to accelerate the developer workflow and not inhibit it. >> You know, I'm glad you mentioned, you know, separation of responsibilities. We go to a lot of shows, as you know, with theCUBE, and many of them are cloud shows. And in the one hand, Cloud has, you know, obviously made the world, you know, more interesting and better in so many different ways and even security, but it's like new layers are forming. You got the cloud, you got the shared responsibility model, so the cloud is like the first line of defense. And then you got the CISO who is relying heavily on devs to, you know, the whole shift left thing. So we're asking developers to do a lot and then you're kind of behind them. I guess you have audit is like the last line of defense, but my question to you is how can software developers really ensure that cloud native tools that they're using are secure? What steps can they take to improve security and specifically what's Red Hat doing in that area? >> Yeah, well I think there's, I would actually move away from that being the developer responsibility. I think the job is the operators' and the security people. The tools to give them the ability to see. The vulnerabilities they're introducing. Let's say signing their images, actually verifying that the images that's thrown in the cloud, are the ones that they built, that can all be done and it can be done open source. So we have a DevSecOps validated pattern that Red Hat's pushed out, and it's all open source tools in the cloud native space. And you can sign your builds and verify them at runtime and make sure that you're doing that all for free as one option. But in general, I would say that the hope is that you give the developer the information to make responsible choices and that there's a dialogue between your security and operations and developer teams but security, we should not be pushing that on developer. And so I think with ACS and our tool, the goal is to get in and say, "Let's set some reasonable policies, have a conversation, let's get a security liaison." Let's say in the developer team so that we can make some changes over time. And the more we can automate that and the more we can build and have that conversation, the better that you'll, I don't say the more security clusters but I think that the more you're on your path of securing your environment. >> How much talk is there at the event about kind of recent high profile incidents? We heard, you know, Log4j, of course, was mentioned in the Keynote. Somebody, you know, I think yelled out from the audience, "We're still dealing with that." But when you think about these, you know, incidents when looking back, what lessons do you think we've learned from these events? >> Oh, I mean, I think that I would say, if you have an approach where you're managing your containers, managing the age and using containers to accelerate, so let's say no images that are older than 90 days, for example, you're going to avoid a lot of these issues. And so I think people that are still dealing with that aspect haven't set up the proper, let's say, disclosure between teams and update strategy and so on. So I don't want to, I think the Log4j, if it's still around, you know, something's missing there but in general you want to be able to respond quickly and to do that and need the tools and policies to be able to tell people how to fix that issue. I mean, the Log4j fix was seven days after, so your developers should have been well aware of that. Your security team should have been sending the messages out. And I remember even fielding all the calls, all the fires that we had to put out when that happened. But yeah. >> I thought Brian Behlendorf's, you know, talk this morning was interesting 'cause he was making an attempt to say, "Hey, here's some things that you might not be thinking about that are likely to occur." And I wonder if you could, you know, comment on them and give us your thoughts as to how the industry generally, maybe Red Hat specifically, are thinking about dealing with them. He mentioned ChatGPT or other GPT to automate Spear phishing. He said the identity problem is still not fixed. Then he talked about free riders sniffing repos essentially for known vulnerabilities that are slow to fix. He talked about regulations that might restrict shipping code. So these are things that, you know, essentially, we can, they're on the radar, but you know, we're kind of putting out, you know, yesterday's fire. What are your thoughts on those sort of potential issues that we're facing and how are you guys thinking about it? >> Yeah, that's a great question, and I think it's twofold. One, it's brought up in front of a lot of security leaders in the space for them to be aware of it because security, it's a constant battle, constant war that's being fought. ChatGPT lowers the barrier of entry for a lot of them, say, would-be hackers or people like that to understand systems and create, let's say, simple manifests to leverage Kubernetes or leverage a misconfiguration. So as the barrier drops, we as a security team in security, let's say group organization, need to be able to respond and have our own tools to be able to combat that, and we do. So a lot of it is just making sure that we shore up our barriers and that people are aware of these threats. The harder part I think is educating the public and that's why you tend to see maybe the supply chain trend be a little bit ahead of the implementation. I think they're still, for example, like S-bombs and signing an attestation. I think that's still, you know, a year, two years, away from becoming, let's say commonplace, especially in something like a production environment. Again, so, you know, stay bleeding edge, and then make sure that you're aware of these issues and we'll be constantly coming to these calls and filling you in on what we're doing and make sure that we're up to speed. >> Yeah, so I'm hearing from folks like yourself that the, you know, you think of the future of Cloud Native Security. We're going to see continued emphasis on, you know, better integration of security into the DevSecOps. You're pointing out it's really, you know, the ops piece, that runtime that we really need to shore up. You can't just put it on the shoulders of the devs. And, you know, using security focused tools and best practices. Of course you hear a lot about that and the continued drive toward automation. My question is, you know, automation, machine learning, how, where are we in that maturity cycle? How much of that is being adopted? Sometimes folks are, you know, they embrace automation but it brings, you know, unknown, unintended consequences. Are folks embracing that heavily? Are there risks associated around that, or are we kind of through that knothole in your view? >> Yeah, that's a great question. I would compare it to something like a smart home. You know, we sort of hit a wall. You can automate so much, but it has to actually be useful to your teams. So when we're going and deploying ACS and using a cloud service, like one, you know, you want something that's a service that you can easily set up. And then the other thing is you want to start in inform mode. So you can't just automate everything, even if you're doing runtime enforcement, you need to make sure that's very, very targeted to exactly what you want and then you have to be checking it because people start new workloads and people get onboarded every week or month. So it's finding that balance between policies where you can inform the developer and the operations teams and that they give them the information to act. And that worst case you can step in as a security team to stop it, you know, during the onboarding of our ACS cloud service. We have an early access program and I get on-calls, and it's not even security team, it's the operations team. It starts with the security product, you know, and sometimes it's just, "Hey, how do I, you know, set this policy so my developers will find this vulnerability like a Log4Shell and I just want to send 'em an email, right?" And these are, you know, they have the tools and they can do that. And so it's nice to see the operations take on some security. They can automate it because maybe you have a NetSec security team that doesn't know Kubernetes or containers as well. So that shared responsibility is really useful. And then just again, making that automation targeted, even though runtime enforcement is a constant thing that we talk about, the amount that we see it in the wild where people are properly setting up admission controllers and it's acting. It's, again, very targeted. Databases, cubits x, things that are basically we all know is a no-go in production. >> Thank you for that. My last question, I want to go to the, you know, the hardest part and 'cause you're talking to customers all the time and you guys are working on the hardest problems in the world. What is the hardest aspect of securing, I'm going to come back to the software supply chain, hardest aspect of securing the software supply chain from the perspective of a security pro, software engineer, developer, DevSecOps Pro, and then this part b of that is, is how are you attacking that specifically as Red Hat? >> Sure, so as a developer, it's managing vulnerabilities with updates. As an operations team, it's keeping all the cluster, because you have a bunch of different teams working in the same environment, let's say, from a security team. It's getting people to listen to you because there are a lot of things that need to be secured. And just communicating that and getting it actionable data to the people to make the decisions as hard from a C-suite. It's getting the buy-in because it's really hard to justify the dollars and cents of security when security is constantly having to have these conversations with developers. So for ACS, you know, we want to be able to give the developer those tools. We also want to build the dashboards and reporting so that people can see their vulnerabilities drop down over time. And also that they're able to respond to it quickly because really that's where the dollars and cents are made in the product. It's that a Log4Shell comes out. You get immediately notified when the feeds are updated and you have a policy in action that you can respond to it. So I can go to my CISOs and say, "Hey look, we're limiting vulnerabilities." And when this came out, the developers stopped it in production and we were able to update it with the next release. Right, like that's your bread and butter. That's the story that you want to tell. Again, it's a harder story to tell, but it's easy when you have the information to be able to justify the money that you're spending on your security tools. Hopefully that answered your question. >> It does. That was awesome. I mean, you got data, you got communication, you got the people, obviously there's skillsets, you have of course, tooling and technology is a big part of that. Michael, really appreciate you coming on the program, sharing what's happening on the ground in Seattle and can't wait to have you back. >> Yeah. Awesome. Thanks again for having me. >> Yeah, our pleasure. All right. Thanks for watching our coverage of the Cloud Native Security Con. I'm Dave Vellante. I'm in our Boston studio. We're connecting to Palo Alto. We're connecting on the ground in Seattle. Keep it right there for more coverage. Be right back. (lively music)