>>Hey everyone, welcome to this cube conversation. I'm your host Lisa Martin, and I have the pleasure of welcoming back our most prolific guest on the cube in its history, the CMO of Fin Ad, Eric Herzog. Eric, it's great to see you. Welcome back, >>Lisa. It's great to be here. Love being on the cube. I think this might be number 55 or 56. Been doing 'em a long time with the Cube. You guys are great. >>You, you have, and we always recognize you lately with the Hawaiian shirts. It's your brand that's, that's the Eric Hizo brand. We love it. But I like the pin, the infin nut pin on brand. Thank you. >>Yeah. Oh, gotta be on brand. >>Exactly. So talk about the current IT landscape. So much change we've seen in the last couple of years. Specifically, what are some of the big challenges that you are talking with enterprise customers and cloud service providers? About what, what are some of those major things on their minds? >>So there's a couple things. First of all is obviously with the Rocky economy and even before covid, just for storage in particular, CIOs hate storage. I've been doing this now since 1986. I have never, ever, ever met a CIO at any company I've bid with. And I've been with four of the biggest storage companies on this planet. Never met a cio. Used to be a storage guy. So they know they need it, but boy, they really don't like it. So the storage admins have to manage more and more storage. Exabytes, exabytes, it just ballooning for what a storage admin has to do. Then you then have the covid and is it recession? No. Is it a growth? And then clearly what's happened in the last year with what's going on in Europe and the, is it a recession, the inflation. So they're always looking to, how do we cut money on storage yet still get what we need for our applications, workloads, and use cases. So that's definitely the biggest, the first topic. >>So never met a CIO that was a storage admin or as a fan, but as you point out, they need it. And we've seen needs changing in customer landscapes, especially as the threat landscape has changed so dramatically the last couple of years. Ransomware, you've said it before, I say it too. It's no longer if it's when it's how often. It's the frequency. We've gotta be able to recover. Backups are being targeted. Talk to me about some of, in that landscape, some of the evolutions of customer challenges and maybe those CIOs going, We've gotta make sure that our, our storage data is protected. >>So it's starting to change. However, historically with the cio and then when they started hiring CISOs or security directors, whatever they had, depending on the company size, it was very much about protecting the edge. Okay, if you will, the moat and the wall of the castle. Then it was the network in between. So keep the streets inside the castle clean. Then it was tracking down the bad guy. So if they did get over, the issue is, if I remember correctly, the sheriff of Nottingham never really caught Robinhood. So the problem is the dwell time where the ransomware malware's hidden on storage could be as much as 200 days. So I think they're starting to realize at the security level now, forget, forget the guys on the storage side, the security guys, the cso, the CIO, are starting to realize that if you're gonna have a comprehensive cybersecurity strategy, must include storage. And that is new >>That, well, that's promising then. That's new. I mean obviously promising given the, the challenges and the circumstances. So then from a storage perspective, customers that are in this multi-cloud hybrid cloud environment, you talked about the the edge cloud on-prem. What are some of the key things from a storage perspective that customers have to achieve these days to be secure as data volumes continue to grow and spread? >>So what we've done is implement on both primary storage and secondary storage and technology called infin safe. So Infin Safe has the four legs of the storage cyber security stool. So first of all is creating an air gap. In this case, a logical air gap can be local or remote. We create an immutable snapshot, which means it can't be changed, it can't be altered, so you can't change it. We have a fenced forensic environment to check out the storage because you don't wanna recover. Again, malware and rans square can is hidden. So you could be making amenable snapshots of actually malware, ransomware, and never know you're doing it right. So you have to check it out. Then you need to do a rapid recovery. The most important thing if you have an attack is how fast can you be up and going with recovery? So we have actually instituted now a number of cyber storage security guarantees. >>We will guarantee the SLAs on a, the snapshot is absolutely immutable. So they know that what they're getting is what they were supposed to be getting. And then also we are guaranteeing recovery times on primary storage. We're guaranteeing recovery of under one minute. We'll make the snapshot available under one minute and on secondary storage under 20 minutes. So those are things you gotta look for from a security perspective. And then the other thing you gotta practice, in my world, ransomware, malware, cyber tech is basically a disaster. So yes, you got the hurricane, yes, you got the flood, yes, you got the earthquake. Yes, you got the fire in the building. Yes you got whatever it may be. But if you don't practice malware, ransomware, recoveries and protection, then it might as well be a hurricane or earthquake. It will take your data, >>It will take your data on the numbers of customers that pay ransom is pretty high, isn't it? And and not necessarily able to recover their data. So it's a huge risk. >>So if you think about it, the government documented that last year, roughly $6 trillion was spent either protecting against ransomware and malware or paying ransomware attacks. And there's been several famous ones. There was one in Korea, 72 million ransom. It was one of the Korea's largest companies. So, and those are only the ones that make the news. Most of 'em don't make the news. Right. >>So talk to me then, speaking and making the news. Nobody wants to do that. We, we know every industry is vulnerable to this. Some of the ones that might be more vulnerable, healthcare, government, public sector education. I think the Los Angeles Unified School district was just hit as well in September. They >>Were >>What, talk to me about how infin out is helping customers really dial down the risk when the threat actors are becoming more and more sophisticated? >>Well, there's a couple things. First of all, our infin safe software comes free on our main product. So we have a product called infin Guard for Secondary Storage and it comes for free on that. And then our primary storage product's called the Infin Box. It also comes for free. So they don't have to use it, but we embed it. And then we have reference architectures that we give them our ses, our solutions architects and our technical advisors all up to speed on why they should do it, how they should do it. We have a number of customers doing it. You know, we're heavily concentrated the global Fortune 2000, for example, we publicly announced that 26% of the Fortune 50 use our technology, even though we're a small company. So we go to extra lengths to a B, educated on our own front, our own teams, and then B, make sure they portray that to the end users and our channel partners. But the end users don't pay a dime for the software that does what I just described, it's free, it's included when you get you're Infin box or you're ingar, it's included at no charge. >>That's pretty differentiating from a competitive standpoint. I might, I would guess >>It is. And also the guarantee. So for example, on primary storage, okay, whether you'd put your Oracle or put your SAP or I Mongo or your sequel or your highly transactional workloads, right? Your business finance workload, all your business critical stuff. We are the first and only storage company that offers a primary guarantee on cyber storage resilience. And we offer two of them on primary storage. No other vendor offers a guarantee, which we do on primary storage. Whether you the first and right now as of here we are sitting in the middle of October. We are still the only vendor that offers anything on primary storage from a guaranteed SLA on primary storage for cyber storage resilience. >>Let's talk about those guarantees. Walk me through what you just announced. There's been a a very, a lot of productivity at Infin DAT in 2022. A lot of things that you've announced but on crack some of the things you're announcing. Sure. Talk to me specifically about those guarantees and what's in it for me as a customer. It sounds pretty obvious, but I'd love to hear it from you. >>Okay, so we've done really three different types of guarantees. The first one is we have a hundred percent availability guarantee on our primary storage. And we've actually had that for the last, since 2019. So it's a hundred percent availability. We're guaranteed no downtime, a hundred percent availability, which for our customer base being heavily concentrated, the global Fortune 2000 large government enterprises, big universities and even smaller companies, we do a lot of business with CSPs and MSPs. In fact, at the Flash Memory Summit are Infin Box ssa All Flash was named the best product for hyperscaler deployment. Hyperscaler basically means cloud servers provider. So they need a hundred percent availability. So we have a guarantee on that. Second guarantee we have is a performance guarantee. We'll do an analysis, we look at all their workloads and then we will guarantee in writing what the performance should be based on which, which of our products they want to buy are Infin Box or Infin Box ssa, which is all flash. >>Then we have the third one is all about cyber resilience. So we have two on our Infin box, our Infin box SSA for primary storage, which is a one the immutability of the snapshot and immediately means you can't erase the data. Right? Camp tamper with it. Second one is on the recovery time, which is under a minute. We just announced in the middle of October that we are doing a similar cyber storage resilience guarantee on our ARD secondary product, which is designed for backup recovery, et cetera. We will also offer the immutably snapshot guarantee and also one on the recoverability of that data in under 20 minutes. In fact, we just did a demo at our live launch earlier this week and we demoed 20 petabytes of Veeam backup data recovered in 12 minutes. 12 >>Minutes 2012. >>20 petabytes In >>12 bytes in 12 minutes. Yes. That's massive. That's massively differentiating. But that's essential for customers cuz you know, in terms of backups and protecting the data, it's all about recovery >>A and once they've had the attack, it's how fast you get back online, right? That that's what happens if they've, if they can't stop the attack, can't stop the threat and it happens. They need to get that back as fast as they can. So we have the speed of recovery on primary stores, the first in the industry and we have speed on the backup software and we'll do the same thing for a backup data set recovery as well. Talk >>To me about the, the what's in it for me, For the cloud service providers, they're obviously the ones that you work with are competing with the hyperscalers. How does the guarantees and the differentiators that Fin out is bringing to market? How do you help those cloud SPS dial up their competitiveness against the big cheeses? >>Well, what we do is we provide that underlying infrastructure. We, first of all, we only sell things that are petabyte in scale. That's like always sell. So for example, on our in fitter guard product, the raw capacity is over four petabytes. And the effective capacity, cuz you do data reduction is over 85 petabytes on our newest announced product, on our primary storage product, we now can do up to 17 petabytes of effective capacity in a single rack. So the value to the service rider is they can save on what slots? Power and floor. A greener data center. Yeah, right. Which by the way is not just about environmentals, but guess what? It also translate into operational expense. >>Exactly. CapEx office, >>With a lot of these very large systems that we offer, you can consolidate multiple products from our competitors. So for example, with one of the competitors, we had a deal that we did last quarter 18 competitive arrays into one of ours. So talk about saving, not just on all of the operational expense, including operational manpower, but actually dramatically on the CapEx. In fact, one of our Fortune 500 customers in the telco space over the last five years have told us on CapEx alone, we've saved them $104 million on CapEx by consolidating smaller technology into our larger systems. And one of the key things we do is everything is automated. So we call it autonomous automation use AI based technology. So once you install it, we've got several public references who said, I haven't touched this thing in three or four years. It automatically configures itself. It automatically adjusts to changes in performance and new apps. When I put in point a new app at it automatically. So in the old days the storage admin would optimize performance for a new application. We don't do that, we automatically do it and autonomously the admin doesn't even click a button. We just sense there's new applications and we automate ourselves and configure ourselves without the admin having to do anything. So that's about saving operational expense as well as operational manpower. >>Absolutely. I was, one of the things that was ringing in my ear was workforce productivity and obviously those storage admins being able to to focus on more strategic projects. Can't believe the CIOs aren't coming around yet. But you said there's, there's a change, there's a wave coming. But if we think about the the, the what's in it for me as a customer, the positive business outcomes that I'm hearing, lower tco, your greener it, which is key. So many customers that we talk to are so focused on sustainability and becoming greener, especially with an on-prem footprint, workforce productivity. Talk about some of the other key business outcomes that you're helping customers achieve and how it helps them to be more competitive. >>Sure. So we've got a, a couple different things. First of all, storage can't go down. When the storage goes down, everyone gets blamed. Mission. When an app goes down, no one really thinks about it. It's always the storage guy's fault. So you want to be a hundred percent available. And that's today's businesses, and I'd actually argue it's been this way for 20 years are 24 by seven by 365. So that's one thing that we deliver. Second thing is performance. So we have public references talk about their SAP workload that used to take two hours, now takes 20 minutes, okay? We have another customer that was doing SAP queries. They improved their performance three times, Not 3%, not 3%, three times. So 300% better performance just by using our storages. They didn't touch the sap, they didn't touch the servers. All they do is to put our storage in there. >>So performance relates basically to applications, workloads and use cases and productivity beyond it. So think the productivity of supply chain guys, logistics guys, the shipping guys, the finance guys, right? All these applications that run today's enterprises. So we can automate all that. And then clearly the cyber threat. Yeah, that is a huge issue. And every CIO is concerned about the cyber threat. And in fact, it was interesting, Fortune magazine did a survey of CEOs, and this was last May, the number one concern, 66% in that may survey was cyber security number one concern. So this is not just a CIO thing, this is a CEO thing and a board level >>Thing. I was gonna say it's at at the board level that the cyber security threats are so real, they're so common. No one wants to be the next headline, like the colonial pipeline, right? Or the school districts or whatnot. And everybody is at risk. So then what you're enabling with what you've just announced, the all the guarantees on the SLAs, the massively fast recovery times, which is critical in cyber recovery. Obviously resilience is is key there. Modern data protection it sounds like to me. How do you define that and and what are customers looking for with respect to modern cyber resilience versus data protection? >>Yeah, so we've got normal data protection because we work with all the backup vendors. Our in ARD is what's known as a purpose built backup appliance. So that allows you to back at a much faster rate. And we work all the big back backup vendors, IBM spectrum Protect, we work with veritas vem com vault, oracle arm, anybody who does backup. So that's more about the regular side, the traditional backup. But the other part of modern data protection is infusing that with the cyber resilience. Cuz cyber resilience is a new thing. Yes, from a storage guy perspective, it hasn't been around a long time. Many of our competitors have almost nothing. One or two of our competitors have a pretty robust, but they don't guarantee it the way we guarantee it. So they're pretty good at it. But the fact that we're willing to put our money where our mouth is, we think says we price stand above and then most of the other guys in the storage industry are just starting to get on the bandwagon of having cyber resilience. >>So that changes what you do from data protection, what would call modern data protection is a combination of traditional backup recovery, et cetera. Now with this influence and this infusion of cybersecurity cyber resilience into a storage environment. And then of course we've also happened to add it on primary storage as well. So whether it's primary storage or backup and archive storage, we make sure you have that right cyber resilience to make it, if you will, modern data protection and diff different from what it, you know, the old backup of your grandfather, father, son backup in tape or however you used to do it. We're well beyond that now we adding this cyber resilience aspect. Well, >>From a cyber resilience perspective, ransomware, malware, cyber attacks are, that's a disaster, right? But traditional disaster recovery tools aren't really built to be able to pull back that data as quickly as it sounds like in Trinidad is able to facilitate. >>Yeah. So one of the things we do is in our reference architectures and written documentation as well as when we do the training, we'd sell the customers you need to practice, if you practice when there's a fire, a flood, a hurricane, an earthquake or whatever is the natural disaster you're practicing that you need to practice malware and ran somewhere. And because our recovery is so rapid and the case of our ingar, our fenced environment to do the testing is actually embedded in it. Several of our competitors, if you want the fenced environment, you have to buy a second product with us. It's all embedded in the one item. So A, that makes it more effective from a CapEx and opex perspective, but it also makes it easier. So we recommend that they do the practice recoveries monthly. Now whether they do it or not separate issue, but at least that's what we're recommending and say, you should be doing this on a monthly basis just like you would practice a disaster, like a hurricane or fire or a flood or an earthquake. Need to be practicing. And I think people are starting to hear it, but they don't still think more about, you know, the flood. Yeah. Or about >>The H, the hurricane. >>Yeah. That's what they think about. They not yet thinking about cybersecurity as really a disaster model. And it is. >>Absolutely. It is. Is is the theme of cyber resilience, as you said, this is a new concept, A lot of folks are talking about it, applying it differently. Is that gonna help dial up those folks just really being much more prepared for that type of cyber disaster? >>Well, we've made it so it's automated. Once you set up the immutable snapshots, it just does its thing. You don't set it and forget it. We create the logical air back. Once you do it, same thing. Set it and forget it. The fence forensic environment, easy to deploy. You do have to just configure it once and then obviously the recovery is almost instantaneous. It's under a minute guaranteed on primary storage and under 20 minutes, like I told you when we did our launch this week, we did 20 petabytes of Veeam backup data in 12 minutes. So that's pretty incredible. That's a lot of data to have recovered in 12 minutes. So the more automated we make it, which is what our real forte is, is this autonomous automation and automating as much as possible and make it easy to configure when you do have to configure. That's what differentiates what we do from our perspective. But overall in the storage industry, it's the recognition finally by the CISOs and the CIOs that, wait a second, maybe storage might be an essential part of my corporate cybersecurity strategy. Yes. Which it has not been historically, >>But you're seeing that change. Yes. >>We're starting to see that change. >>Excellent. So talk to me a little bit before we wrap here about the go to market one. Can folks get their hands on the updates to in kindergar and Finn and Safe and Penta box? >>So all these are available right now. They're available now either through our teams or through our, our channel partners globally. We do about 80% of our business globally through the channel. So whether you talk to us or talk to our channel partners, we're there to help. And again, we put our money where your mouth is with those guarantees, make sure we stand behind our products. >>That's awesome. Eric, thank you so much for joining me on the program. Congratulations on the launch. The the year of productivity just continues for infinit out is basically what I'm hearing. But you're really going in the extra mile for customers to help them ensure that the inevitable cyber attacks, that they, that they're complete storage environment on prem will be protected and more importantly, recoverable Very quickly. We appreciate your insights and your input. >>Great. Absolutely love being on the cube. Thank you very much for having us. Of >>Course. It's great to have you back. We appreciate it. For Eric Herzog, I'm Lisa Martin. You're watching this cube conversation live from Palo Alto.

>>Welcome to this cube conversation with 40 net. I'm your host. Lisa Martin, Derek Minky is back. He's the chief security insights and global threat alliances at 40 minutes, 40 guard labs, Derek. Welcome back to the program. >>Likewise, we've talked a lot this year. And of course, when I saw that there are, uh, you guys have predictions from 40 guard labs, global threat intelligence and research team about the cyber threat landscape for 2022. I thought it was going to be a lot to talk about with Derek here. So let's go ahead and dig. Right in. First of all, one of the things that caught my attention was the title of the press release about the predictions that was just revealed. The press release says 40 guard labs, predict cyber attacks aimed at everything from crypto wallets to satellite internet, nothing. There is no surface that is safe anymore. Talk to me about some of the key challenges that organizations in every industry are facing. >>Yeah, absolutely. So this is a, as you said, you, you had the keyword there surface, right? That, and that attack surface is, is open for attack. That's the attack surface that we talk about it is literally be pushed out from the edge to space, like a lot of these places that had no connection before, particularly in OT environments off grid, we're talking about, uh, you know, um, uh, critical infrastructure, oil and gas, as an example, there's a lot of these remote units that were living out there that relied on field engineers to go in and, uh, you know, plug into them. They were air gapped, those such low. Those are the things that are going to be accessible by Elio's low earth orbit satellites. And there are 4,000 of those out there right now. There's going to be over 30,000. We're talking Starlink, we're talking at least four or five other competitors entering this space, no pun intended. And, um, and that's a big deal because that it's a gateway. It opens the door for cyber criminals to be able to have accessibility to these networks. And so security has to come, you know, from, uh, friends of mine there, right. >>It absolutely does. We've got this fragmented perimeter tools that are siloed, the expand and very expanded attack surface, as you just mentioned, but some of the other targets, the 5g enabled edge, the core network, of course, the home environment where many of us still are. >>Yeah, yeah, definitely. So that home environment like the edge, it is a, uh, it's, it's the smart edge, right? So we have things called edge access Trojans. These are Trojans that will actually impact and infect edge devices. And if you think about these edge devices, we're talking things that have machine learning and, and auto automation built into them a lot of privilege because they're actually processing commands and acting on those commands in a lot of cases, right? Everything from smart office, smart home option, even until the OT environment that we're talking about. And that is a juicy target for attackers, right? Because these devices naturally have more privileged. They have APIs and connectivity to a lot of these things where they could definitely do some serious damage and be used as these pivot within the network from the edge. Right. And that's, that's a key point there. >>Let's talk about the digital wallet that we all walk around with. You know, we think out so easy, we can do quick, simple transactions with apple wallet, Google smart tab, Venmo, what have you, but that's another growing source of that, where we need to be concerned, right? >>Yeah. So I, I I've, I've worn my cyber security hat for over 20 years and 10 years ago, even we were talking all about online banking Trojans. That was a big threat, right? Because a lot of financial institutions, they hadn't late ruled out things like multifactor authentication. It was fairly easy to get someone's bank credentials go in siphoned fans out of an account. That's a lot harder nowadays. And so cyber criminals are shifting tactics to go after the low hanging fruit, which are these digital wallets and often cryptocurrency, right? We've actually seen this already in 40 guard labs. Some of this is already starting to happen right now. I expect this to happen a lot more in 20, 22 and beyond. And it's because, you know, these wallets are, um, hold a lot of whole lot of value right now, right. With the crypto. And they can be transferred easily without having to do a, like a, you know, EFT is a Meijer transfers and all those sorts of things that includes actually a lot of paperwork from the financial institutions. And, you know, we saw something where they were actually hijacking these wallets, right. Just intercepting a copy and paste command because it takes, you know, it's a 54 character address people aren't typing that in all the time. So when they're sending or receiving funds, they're asking what we've actually seen in malware today is they're taking that, intercepting it and replacing it with the attackers. Well, it's simple as that bypassing all the, you know, authentication measures and so forth. >>And is that happening for the rest of us that don't have a crypto wallet. So is that happening for folks with apple wallets? And is that a growing threat concern that people need to be? It is >>Absolutely. Yeah. So crypto wallets is, is the majority of overseeing, but yeah, no, no digital wallet is it's unpatched here. Absolutely. These are all valid targets and we are starting to see activity in. I am, >>I'm sure going after those stored credentials, that's probably low-hanging fruit for the attackers. Another thing that was interesting that the 2022 predictions threat landscape, uh, highlighted was the e-sports industry and the vulnerabilities there. Talk to me about that. That was something that I found surprising. I didn't realize it was a billion dollar revenue, a year industry, a lot of money, >>A lot of money, a lot of money. And these are our full-blown platforms that have been developed. This is a business, this isn't, you know, again, going back to what we've seen and we still do see the online gaming itself. We've seen Trojans written for that. And oftentimes it's just trying to get into, and user's gaming account so that they can steal virtual equipment and current, you know, there there's virtual currencies as well. So there was some monetization happening, but not on a grand scale. This is about a shift attackers going after a business, just like any organization, big business, right. To be able to hold that hostage effectively in terms of DDoSs threats, in terms of vulnerabilities, in terms of also, you know, crippling these systems with ransomware, like we've already seen starting to hit OT, this is just another big target. Right. Um, and if you think about it, these are live platforms that rely on low latency. So very quick connections, anything that interrupts that think about the Olympics, right on sports environment, it's a big deal to them. And there's a lot of revenue that could be lost in cybercriminals fully realizes. And this is why, you know, we're predicting that e-sports is going to be a, um, a big target for them moving forward. >>Got it. And tell, let's talk about what's going on with brands. So when you and I spoke a few months ago, I think it was ransomware was up nearly 11 X in the first half of a calendar year, 2021. What are you seeing from an evolution perspective, uh, in the actual ransomware, um, actions themselves as well as what the, what the cyber criminals are evolving to. >>Yeah. So to where it's aggressive, destructive, not good words, right. But, but this is what we're seeing with ransomware. Now, again, they're not just going after data as the currency, we're seeing, um, destructive capabilities put into ransomware, including wiper malware. So this used to be just in the realm of, uh, APTT nation state attacks. We saw that with should moon. We saw that with dark soil back in 2013, so destructive threats, but in the world of apt and nation state, now we're seeing this in cyber crime. We're seeing it with ransomware and this, I expect to be a full-blown tactic for cyber criminals simply because they have the, the threat, right. They've already leveraged a lot of extortion and double extortion schemes. We've talked about that. Now they're going to be onboarding this as a new threat, basically planting these time bombs. He's ticking time bombs, holding systems for, for, for ransom saying, and probably crippling a couple of, to show that they mean business and saying, unless you pay us within a day or two, we're going to take all of these systems offline. We're not just going to take them offline. We're going to destroy them, right. That's a big incentive for people to, to, to pay up. So they're really playing on that fear element. That's what I mean about aggressive, right? They're going to be really shifting tactics, >>Aggressive and destructive, or two things you don't want in a cybersecurity environment or to be called by your employer. Just wanted to point that out. Talk to me about wiper malware. Is this new emerging, or is this something that's seeing a resurgence because this came up at the Olympics in the summer, right? >>Absolutely. So a resurgence in, in a sort of different way. Right. So, as I said, we have seen it before, but it's been not too prevalent. It's been very, uh, it's, it's been a niche area for them, right. It's specifically for these very highly targeted attack. So yes, the Olympics, in fact, two times at the Olympics in Tokyo, but also in the last summer Olympics as well. We also saw it with, as I mentioned in South Korea at dark school in 2013, we saw it an OT environment with the moon as an example, but we're talking handfuls here. Uh, unfortunately we have blogged about three of these in the last month to month and a half. Right. And that, and you know, this is starting to be married with ransomware, which is particularly a very dangerous cause it's not just my wiper malware, but couple that with the ransom tactics. >>And that's what we're starting to see is this new, this resurgent. Yes. But a completely new form that's taking place. Uh, even to the point I think in the future that it could, it could severely a great, now what we're seeing is it's not too critical in a sense that it's not completely destroying the system. You can recover the system still we're talking to master boot records, those sorts of things, but in the future, I think they're going to be going after the formal firmware themselves, essentially turning some of these devices into paperweights and that's going to be a very big problem. >>Wow. That's a very scary thought that getting to the firmware and turning those devices into paperweights. One of the things also that the report talked about that that was really interesting. Was that more attacks against the supply chain and Linux, particularly talk to us about that. What did you find there? What does it mean? What's the threat for organizations? >>Yeah. So we're seeing a diversification in terms of the platforms that cyber criminals are going after. Again, it's that attack surface, um, lower hanging fruit in a sense, uh, because they've, you know, for a fully patched versions of windows, 10 windows 11, it's harder, right. For cyber criminals than it was five or 10 years ago to get into those systems. If we look at the, uh, just the prevalence, the amount of devices that are out there in IOT and OT environments, these are running on Linux, a lot of different flavors and forms of Linux, therefore this different security holes that come up with that. And that's, that's a big patch management issue as an example too. And so this is what we, you know, we've already seen it with them or I bought net and this was in our threat landscape report, or I was the number one threat that we saw. And that's a Linux-based bot net. Now, uh, Microsoft has rolled out something called WSL, which is a windows subsystem for Linux and windows 10 and windows 11, meaning that windows supports Linux now. So that all the code that's being written for botnets, for malware, all that stuff is able to run on, on new windows platforms effectively. So this is how they're trying to expand their, uh, attack surface. And, um, that ultimately gets into the supply chain because again, a lot of these devices in manufacturing and operational technology environments rely quite heavily actually on Linux. >>Well, and with all the supply chain issues that we've been facing during the pandemic, how can organizations protect themselves against this? >>Yeah. So this, this is a big thing, right? And we talked about also the weaponization of artificial intelligence, automation and all of these, there's a lot going on as you know, right from the threats a lot to get visibility on a lot, to be able to act quickly on that's a big key metric. There is how quick you can detect these and respond to them for that. You need good threat intelligence, of course, but you also truly need to enable, uh, uh, automation, things like SD wan, a mesh architecture as well, or having a security fabric that can actually integrate devices that talk to each other and can detect these threats and respond to them quickly. That's a very important piece because if you don't stop these attacks well, they're in that movement through the attack chain. So the kill chain concept we talk about, um, the risk is very high nowadays where, you know, everything we just talked about from a ransomware and destructive capabilities. So having those approaches is very important. Also having, um, you know, education and a workforce trained up is, is equally as important to, to be, you know, um, uh, to, to be aware of these threats. >>I'm glad you brought up that education piece and the training, and that's something that 49 is very dedicated to doing, but also brings up the cybersecurity skills gap. I know when I talked with Kenzie, uh, just a couple months ago at the, um, PGA tournament, it was talking about, you know, big investments in what 40 guard, 40, 40 net is doing to help reduce that gap. But the gap is still there. How do I teach teams not get overloaded with the expanding service? It seems like the surface, the surface has just, there is no limit anymore. So how does, how does it teams that are lean and small help themselves in the fact that the threat is landscape is, is expanding. The criminals are getting smarter or using AI intelligent automation, what our it teams do >>Like fire with fire. You got to use two of the same tools that they're using on their side, and you need to be able to use in your toolkit. We're talking about a security operation center perspective to have tools like, again, this comes to the threat intelligence to get visibility on these things. We're talking Simmons, sor uh, we have, you know, 40 AI out now, uh, deception products, all these sorts of things. These are all tools that need that, that, uh, can help, um, those people. So you don't have to have a, you know, uh, hire 40 or 50 people in your sock, right? It's more about how you can work together with the tools and technology to get, have escalation paths to do more people, process procedure, as we talk about to be able to educate and train on those, to be able to have incident response planning. >>So what do you do like, because inevitably you're going to be targeted, probably interacts where attack, what do you do? Um, playing out those scenarios, doing breach and attack simulation, all of those things that comes down to the skills gaps. So it's a lot about that education and awareness, not having to do that. The stuff that can be handled by automation and AI and, and training is you're absolutely right. We've dedicated a lot with our NSC program at 49. We also have our 40 net security academy. Uh, you know, we're integrating with those secondary so we can have the skillsets ready, uh, for, for new graduates. As an example, there's a lot of progress being made towards that. We've even created a new powered by 40 guard labs. There is a 40 guard labs play in our NSC seven as an example, it's, uh, you know, for, um, uh, threat hunting and offensive security as an example, understanding really how attackers are launching their, their campaigns and, um, all those things come together. But that's the good news actually, is that we've come a long way. We actually did our first machine learning and AI models over 10 years ago, Lisa, this isn't something new to us. So the technology has gone a long way. It's just a matter of how we can collaborate and obviously integrate with that for the, on the skills gap. >>And one more question on the actual threat landscape, were there any industries that came up in particular, as we talked about e-sports we talked about OT and any industries that came up in particular as, as really big hotspots that companies and organizations really need to be aware of. >>Yeah. So also, uh, this is part of OT about ICS critical infrastructure. That's a big one. Uh, absolutely there we're seeing, uh, also cyber-criminals offering more crime services now on dark web. So CAS, which is crime as a service, because it used to be a, again, a very specialized area that maybe only a handful of organized criminal organizations could actually, um, you know, launch attacks and, and impact to those targets where they're going after those targets. Now they're offering services right on to other coming cyber criminals, to be able to try to monetize that as well. Again, we're seeing this, we actually call it advanced persistent cybercrime APC instead of an apt, because they're trying to take cyber crime to these targets like ICS, critical infrastructure, um, healthcare as well is another one, again, usually in the realm of APMT, but now being targeted more by cybercriminals in ransomware, >>I've heard of ransomware as a service, is that a subcategory of crime as a service? >>Absolutely. Yeah. It is phishing as a service ransomware as, and service DDoSs as a service, but not as, as many of these subcategories, but a ransomware as a service. That's a, another big problem as well, because this is an affiliate model, right. Where they hire partners and pay them commission, uh, if they actually get payments of ransom, right? So they have literally a middle layer in this network that they're pushing out to scale their attacks, >>You know, and I think that's the last time we talked about ransomware, we talked about it's a matter of, and I talk to customers all the time who say, yes, it's a matter of when, not, if, is, is this the same sentiment? And you think for crime as a service in general, the attacks on e-sports on home networks, on, uh, internet satellites in space, is this just a matter of when, not if across the board? >>Well, yeah, absolutely. Um, you know, but the good news is it doesn't have to be a, you know, when it happens, it doesn't have to be a catastrophic situation. Again, that's the whole point about preparedness and planning and all the things I talked about, the filling the skills gap in education and having the proper, proper tools in place that will mitigate that risk. Right. And that's, and that's perfectly acceptable. And that's the way we should handle this from the industry, because we process we've talked about this, people are over a hundred billion threats a day in 40 guard labs. The volume is just going to continue to grow. It's very noisy out there. And there's a lot of automated threats, a lot of attempts knocking on organizations, doors, and networks, and, you know, um, phishing emails being sent out and all that. So it's something that we just need to be prepared for just like you do for a natural disaster planning and all these sorts of other things in the physical world. >>That's a good point. It doesn't have to be aggressive and destructive, but last question for you, how can, how is 4d guard helping companies in every industry get aggressive and disruptive against the threats? >>Yeah. Great, great, great question. So this is something I'm very passionate about, uh, as you know, uh, where, you know, we, we don't stop just with customer protection. Of course, that is as a security vendor, that's our, our primary and foremost objective is to protect and mitigate risk to the customers. That's how we're doing. You know, this is why we have 24 7, 365 operations at 40 guy labs. Then we're helping to find the latest and greatest on threat intelligence and hunting, but we don't stop there. We're actually working in the industry. Um, so I mentioned this before the cyber threat Alliance to, to collaborate and share intelligence on threats all the way down to disrupt cybercrime. This is what big target of ours is, how we can work together to disrupt cyber crime. Because unfortunately they've made a lot of money, a lot of profits, and we need to reduce that. We need to send a message back and fight that aggressiveness and we're we're on it, right? So we're working with Interpol or project gateway with the world economic forum, the partnership against cyber crime. It's a lot of initiatives with other, uh, you know, uh, the, uh, the who's who of cyber security in the industry to work together and tackle this collaboratively. Um, the good news is there's been some steps of success to that. There's a lot more, we're doing the scale of the efforts. >>Excellent. Well, Derek as always great and very informative conversation with you. I always look forward to these seeing what's going on with the threat landscape, the challenges, the increasing challenges, but also the good news, the opportunities in it, and what 40 guard is doing 40 left 40 net, excuse me, I can't speak today to help customers address that. And we always appreciate your insights and your time we look forward to talking to you and unveiling the next predictions in 2022. >>All right. Sounds good. Thanks, Lisa. >>My pleasure for Derek manky. I'm Lisa Martin. You're watching this cube conversation with 40 net. Thanks for watching.

>>Well, hi everybody, John Walls here on the cube. And thank you for joining us here for this cube conversation today. And we're talking about data. Of course, it's a blessing and the respect that it's become such a valuable asset. So many companies around the world, it's also a curse, obviously, because it is certainly can be vulnerable. It is under attack and Druva is all about protecting your data and preventing those attacks. And with us to talk about that a little bit more in depth as Jaspreet Singh, who is the founder and CEO at Druva and Steven Manley, who was the company's CTO. Gentlemen, thanks for being with us here on the queue. Good to see you. >>Thank you. Thank you, John. >>So Jaspreet, let me just begin with you. Let's, let's talk about the larger picture of data these days. And, and we read, it seems as though every day about some kind of invasion, you know, where some ransomware attack it's become all too commonplace. So if you wouldn't maybe just set the stage a little bit for the state of ransomware here in 2021. >>That's right. John, I think Lansing has now a new national security threat and at the scene, uh, all around us, this, uh, almost every single day, we hear about businesses getting hit with a, a new ransomware attack, uh, ransomware 1.0 was more a malware situation impacting our data. And as you know, the pandemic transformed the entire data landscape, like the application, the terror, the entire supply chain delivery model as to be more online, more connected, which, you know, for this mortar stores, this whole approach towards a malware coming in, we're also seeing ransomware 2.0, it is all about like insider techs or, or, or in general security misconfiguration, which could lead to data being exfiltrated or traded off in the market. So in general, as data is far more connected, far more expected to be online security techs from either malware or human oriented security issues are becoming more and more dominant threat to, to our, our entire data landscape. Right? >>Yeah. So, so Steven, if you would, I'd like you to just to follow up on this, this, uh, uh, will the landscape to take one of Jaspreet's terms here about what you're seeing in terms of, of kind of these evolving threats now, um, used to be probably, I don't know, five, six years ago, it was a very different, uh, set of problems and challenges and companies maybe weren't as laser focused as they are now. Um, maybe take us through that, that process, what has happened with regard to the client base that you see and you're working with in terms of their recognition and other steps that they need to take going forward as they modernize their operations? >>Yeah. You know, I th I think there's, there's two things we see from, uh, from sort of a technical perspective. The first one is in just pre-call that ransomware 1.0, ransomware 1.0, uh, is mainstream at this point, you know, so, so you, you can go out there and you don't have to be an expert hacker there's ransomware as a service. You know, your average, your average teenager can basically download a ransomware attack kit, uh, you know, get, get a pretty lightweight cloud account and attack school districts, hospitals, municipal organizations, whatever it is, you know, with what we would consider the traditional ransomware and, and that's become ubiquitous. And that's why we see all these reports of, there are multiple ransomware attacks every minute, you know, in the United States and around the world. So, so that's, that's, that's one part which is you're going to get hit. >>Now you'll probably get heading in with the more traditional ransomware, but, you know, like any industry, the ransomware people have evolved. And so it's as just breed said, they are constantly innovating. And so what we're seeing now from, uh, from sort of a marketplace standpoint is, you know, getting smarter about the ransomware attack. So, so laying low, longer, uh, you know, sort of corrupting or attacking data a little bit more slowly. So it's harder to detect specifically attacking backup infrastructure so that you won't be able to recover exfiltrating data. So that, so that now you can have sort of two types of threats, one that your data is encrypted, and the other is if you don't pay us, we're just going to post it on the internet. So, so you've got stage one, which is ubiquitous, and you've got to protect yourself against that because anyone can be attacked at any time. And then you've got stage two where it's getting smarter and that's where organizations then have to step up their game and say, I've got to keep my backup safer. Uh, I've got to be able to detect things a little bit more easily, and I need to start really understanding my data footprint. So I understand what can be exfiltrated and what that's going to mean to me as a business. >>So, Jess, um, to that point, that Steven was just talking about how the organizations need to get smarter in terms of your communications that you're having with the folks in the C-suite, um, is that point, is that you, if they readily identified today, I mean, are, do they get it, um, are the, is the communication going out to their stakeholders, are the business priorities being aligned appropriately? I mean, what, what are organizations and specifically on that executive level, what are they doing right now? Um, in terms of, of preparation in terms of protections that, that, uh, again, are so necessary, I would think. >>Yeah, absolutely. So I think we do see customers truly making strides to solving the problem. There's not a one facet that, you know, one solution fits all problem either, right? So there's, there's, there's, there's a whole productive nature of preventing ransomware detection and response. There's a readiness aspect of it, but what happens when you do get here now that recovery element to it, how do I recover in time in shape from a attack like this, the customers are evolving. They're understanding at the same time, they actually deploying appropriate technologies to, to put all the three aspects of solving the solution. What does Stickney like any of the security challenge? This is, uh, you know, there's not a one application solve all problems. Typically the OLAP and controls built by a multiple group and multiple parties to make sure you're ready to response towards a tech like this. >>And just to jump in, because one of the things I find fascinating as we go through this, the customer conversations I have, I've I've been doing, you know, sort of data protection for a long time. We won't get into that, but, but most of my time I'd spent talking to, you know, VPs of it. Maybe I'd see a CIO. It's fascinating. Now we will have conversations with boards of directors because it becomes such a big issue. And the focus is, is, is so different, right? Because they understand that this isn't just like a usual backup and recovery, or even the traditional disaster recovery that you might do from a natural disaster or some sort of hardware outage. They're seeing that there are so many stages now to an orchestrator recovery. These customers we work with where it's, it's, it's not just about, I need a little bit to technology. They're really looking for how do I operationalize all of this? You know, because once you're up at the board of directors, this is no longer a which product is better than X, Y, or Z. It's a discussion about who can really insulate me from the risk, because these, these can be business sending events. If you're not careful, >>Right? I mean, you're ready. This is a great point. And actually, Steven, I hadn't really thought about these fiduciary responsibilities that boards have. And obviously we think about operations. We think about PNL, right? We think about all, but I hadn't really thought about how also data protection. And I want to talk about data resiliency, how those come into play, as well as those board decisions are made. So let's talk about resiliency. I want you guys to explain this concept to me. Um, so the, you know, what, what's the distinction between protection and resiliency because to me, they're, they're maybe not exactly synonymous, but they're kind of cousins in some respects. So a Jaspreet, if you will talk about resiliency and how you define that. >>Sure. So I just see what I mentioned, right? The prediction was more about how do I actually save guard my data to actually, you know, recover from an incident right there, didn't say residency is all about being ready to respond in time, right? The forward-leaning pusher of making sure, you know, am I ready to not just recover from a very, uh, you know, age, old problem of application failure or, or human errors, but also a cyber attack or a, you know, a true age incident or a cyber recovery or security incident, which I'm prepared to respond in a appropriate SLA across the board. Right. Uh, and resiliency also goes beyond, you know, just the nature of data itself, right? You're, you're talking about applications, environments ecosystem to truly understand that the enterprise operation needs it. Data needs to be holistic. We talked through how do I get my business online, faster. Right. And that's the two nature of differentiation between, uh, protection going towards resiliency. >>And then as obviously driving a lot of your product development. Right. And, and, and I know you've got the data resilience, resiliency, cloud, um, service that you're offering now. So Steven blitz blitz, let's dive into that a little bit. Um, what was the Genesis of that offering and, and what do you see as its primary advantages to your clients? >>Yeah, so, so I think, I think there's, there's really those, those tier two key words there it's resiliency and it's cloud. So just brief, kind of walked about how your resiliency is that step forward. It's that shift left, whatever term you want to use. To me, the best part about the cloud is, and like I said, I've been doing this for a long time and I've yet to meet a customer. Who's come to me and said, I really wish I could spend more money and more time on my data protection infrastructure. I love sticking together, multiple separate products. It's just a great use of my time. Right? Nobody says that what they really say is, could you just solve this problem for me? This is, this is hard capacity planning and patching and upgrades and tying together all the different components from up to seven different vendors. >>This is hard work. And I just need this to work. I need this to work seamlessly. And so we, we, we looked at that cloud part and we said, well, when you think of cloud, you think of something that's flexible. You think of something that's on demand. You think of something that does the job for you. And so, you know, when we talk about this data resiliency cloud, it's about, you know, moving onto your front foot, getting aggressive, being ready for what's coming, but having, you know, frankly, Druva do it for you as opposed to saying here's some technology, good luck. You know, Mr. And Mrs. Customer, you know, we've got this solved for you, it's our job to take care of it. >>And to add to it, you know, this entire resiliency question cannot be solved to a simple, a software is approach is a fundamental belief because the same network, the same principles of operation, the same people involved, you know, what, what those are involved around the primary application that the resiliency aspect has to be air gap appropriately, not just at the data level, but ID and operations limit as well. Right? So a notion of a cloud, almost a social distancing for your data, right? And you're in your ego to the enterprise that, Hey, if anything happens to my primary network application stack data, my second Bree cloud, my redundancy cloud is ready to respond inappropriate, define SNDs to recover my Buddhist business holistically as a combination of integrating with SecOps as a combination of truly integrating disaster recovery elements with cyber recovery elements, truly understanding application recovery from a backup and recovery point of view. So holistically understanding the notion of resiliency and simplifying it to the elements of public cloud. Yes, sir. >>How do you bend that for your clients? Because as you both pointed out, they have different needs, right? And they have, they have different obviously different that they're involved in different sectors of different operations with different priorities and all that. How is the data resiliency cloud, uh, providing them with the kind of flexibility and aid, the kind of adaptability that you need in order to conform it for what you need and not necessarily, you know, what someone else in another sector is, is all about. >>So, so for me, there's a couple of things that, that is great about, about being the data resiliency cloud. One is that we've got well over 3,500 customers, which means that no matter what segment you're looking in, you're not going to be alone, right? If you're, if you're healthcare, if you're finance, if you're a manufacturing, Druva, Druva understands, you know, what you, and many of, of your similar sort of companies look like, which enables us to work in a lot of ways and enables us to understand what trends are happening across your industry, whether it's, you know, ransomware attacks that are coming across, you know, say manufacturing space and how those look or what data growth looks like, or what type of applications are important in those industries. So it's, it's really useful for us to be able to say, we understand these different verticals because we've got such a broad customer base. >>I think the second thing that comes in then is every customer. I meet the number one question they asked me, and Amanda might not be the first one, but it's the one they want to ask. It's always, how am I doing compared to everybody else? And so it's really useful to, to be able to sit down and say, look in your industry. This is what we see as the standards right now. So this is where you fall. You're sort of maybe a stage two, everybody else's at stage three will help you move forward. You, our industry as a whole is actually ahead of many of the other industries, but this is what's coming next for it for others. And so it's really useful for those customers to understand where they sit in respect to, to sort of the broader marketplace. And so that's one of the values I think we bring is that we do have such a broad understanding of our customers because we are a service as opposed to just selling software. >>Yeah. And those customers too, um, as you've talked about, they're looking maybe at their, their, their competitive landscape and trying to decide, okay, are we keeping up with the Joneses, so to speak? Um, but all of you, all of us, we're all trying to, we're trying to keep up with the bad guys. And so in terms of that going forward, what does that challenge for you at Druva in terms of being anticipatory in terms of trying to recognize, uh, their trends and their movements and, and therefore we're thinking so that you can be that, that great, uh, protective mechanism, you can be that prophylactic measure that stands between a company and something bad from happening. >>So I I'll start. And then, uh, it's funny cause, uh, you know, just breed and I had just this morning, we were actually talking about some of the future of ransomware protection and one of the things that we are using a lot in driven, and I get every company says they're doing it is the use of AIML, especially in detecting, uh, sort of unusual trends. Um, but, but you know, but I think we're different than most because the AIML we use is again, across, you know, two and a half billion backups every year, right? Because we, we get, we get visibility across everybody. So it's not just isolated, but we're looking at things like, you know, unusual access patterns in the data and usual access patterns based on administrators, because like Jaspreet said, said at the beginning, one of the things we see the ransomware attackers doing is they're trying to get entire control of your environment because if I control your environment, if I control your phone system, your email, I can get control of your backup application and delete everything. >>So we're even doing things to sort of prevent, oh, you know, we were getting unusual administrative access patterns. Let's stop that. We're getting unusual recovery patterns. Maybe that's somebody trying to steal data out. Let's track that. So our use of AIML is across a much broader data set than anybody else. And it's looking at a lot more than just, you know, sort of data, data pattern changes took to a much broader set of things. And, and basically, again, it's, it's sort of a, a bi-weekly meeting we have where Jaspreet comes in with more ideas that basically for our, for, for our team to start to go, what else can we do? Because the landscape keeps changing. >>And on top of it, I think also if you think about data protection or even data storage was never designed from a security point of view, it was always designed from a point of view of recoverability of data tool. Application issues are basically not corruption, but security or the thinking help us also fundamentally understand how do we think about elements of zero trust all around the platform and how do you make sure to what Steven mentioned, if your IDP gets compromised, if you do have a bad actor, enter a data protection solution, make us, how do you still make sure levels of automatization immutability like multiple levels of control that it plays to make sure no bad actor take construct control and true recoverability resiliency is possible across a variety of scenarios and Trudy customer driven SLA. So both foundationally, uh, we've, we've truly built something which is now, uh, it's very deep in and focused on security. The same time as Steven mentioned to understanding of customer landscape really helps us understand bad actors thought more, better, and more faster than many of our, uh, in the industry competition. >>Well, the need is great. That's for sure. And gentlemen, I want to thank you for the time today to talk about, uh, what Druva is doing and wish you continued success down the road. Thanks to you both. >>Thank >>You. All right. We've been talking about data, keeping it safe, keeping your data safe. That's what Druva is all about. And I'm John Walls and you've been watching the cube.

(upbeat music) >> Welcome to this CUBE Conversation. My name is Dave Vellante and we're going to talk about data protection in the age of ransomware. It's a top of mind topic. And with me are two great guests and CUBE alumnus, David Noy, Vice Presidents of Product Management at Dell Technologies and Rob Emsley, Director of Data Protection Product Marketing at Dell. Guys, welcome back to the CUBE, it's good to see you both. >> Oh, thanks so much, I appreciate it. Thanks for having us. >> Yeah, thanks a lot Dave. >> Hey David, let me start with you. Maybe we could look at the macro, the big picture at Dell for cyber security. What are you seeing out there? >> You know, I'm seeing an enormous amount of interest in cybersecurity obviously driven by a string of recent events and the presidential executive order around cybersecurity. Look, we're in unprecedented times where, you know, disaster readiness is not just about being prepared for a wildfire or a sprinkler going off in your data center. It's around a new class of malicious attacks that people just have to be ready for. And it's not even a question of if it's going to happen, it's a question of when it's going to happen. We know it's going to happen, you're going to get hit by them. And so we go beyond just thinking about, hey, how do you build in technical capabilities into the product to make it difficult for attackers? We actually want to get predictive. We want to use advanced technologies and capabilities like artificial intelligence and machine learning to go out and scan users environments and look at their data which is really the lifeblood of a business and say, hey, we can see that there is potentially an attack looming. We can start to look for dormant attack vectors. And as soon as something bad is happening because we know something bad is going to happen, we can help you quickly recover the restore or figure out which restore point to recover from so you can get your business back and operational as soon as possible. >> Great, thank you for that, David. Hey Rob, good to see you. You know, we've seen a lot of changes recently kind of as David was referencing, it used to be okay, cybersecurity, that's the domain of the SecOps team and, you know, the rest of the company said, okay, it's their problem. You know, data protection or backup, that was the backup admin. Those two worlds are kind of colliding together. We use terms like cyber resiliency now. It's a sort of super set of, if you will, of the traditional cybersecurity. So how can organizations get ahead of these cyber threats when you engage with customers? Do you have any sort of specific angles or tooling that you use to help? >> Yeah, Dave, there's a couple of things to unpack there. You know, I think one of the things that you call out is cyber resiliency. You know, I think there's a balancing act that customers are all working through between cybersecurity and cyber resiliency. On the left-hand side of the balancing act, it's, you know, how can I keep bad things out of my network? And the reality is that it's very difficult, you know, to do that. You know, there's many applications that customers have deployed to protect the perimeter. But as you know, many cyber threats, you know, are manifested from inside of the perimeter. So what we're seeing is customers starting to invest more in making themselves cyber resilient organizations, you know, and as David mentioned, it's not the if, it's the when. The question is, how do you respond to when a cyber attack hits you? So one of the things that we introduced pointing back six months ago is a globally available cyber resiliency assessment. And we worked in collaboration with the Enterprise Strategy Group and we put out a free online assessment tool to allow customers to really answer questions around, you know, a big part of the NIST framework, around detection, protection and recovery. And we give customers the opportunity to get themselves evaluated on, are they prepared? Are they vulnerable? Or are they just, you know, black and white exposed? You know, what we found over the last six months is that over 70% of the people that have taken this cyber resiliency assessment fall into that category of they're vulnerable or they're exposed. >> Right, thank you for that. Yeah, the guys at ESG do a good job in that they have deep expertise in that space. And David, Rob just talked about sort of the threats from inside the perimeter and, you know, any person, you don't even need a high school diploma to be a ransomwarist, you can go on the dark web. You can acquire ransomware as a service. If you have access to a server and are willing to put a stick in there and do some bad things or give credentials out, hopefully you'll end up in handcuffs. You know, but more often than not, people are getting away with really, you know, insidious crime. So how is Dell, David helping customers respond to the threat of ransomware? >> So, you know, as I mentioned earlier, the product approach is pretty sophisticated. You know, you're right, somebody can come and just put a USB stick into a machine or if they have administrative access, they can figure out a code that they've either been given because, you know, the trust has been placed in the wrong place or they've somehow socially engineered out of someone. Look, it's not enough to just say, I'm going to go lock down my system. Someone who's gained access can potentially gain access to other systems by hopping through them. We take a more of a vault based approach which means that when you create a cyber vault, it's essentially locked down from the rest of your environment. Your cyber criminal is not able to get to that solution because it's been air gapped. It's kept somewhere else completely separate from other network but it also has keys and to the keys to the kingdom or that it opens up only at a certain time of day so it's not vulnerable to coming in at any time. It goes and requests data, it pulls the data and then it keeps that immutable copy in the vault itself. So the vault is essentially like a gated off, modded off environment that an attacker cannot get into. If you find that there was an attack or if an attack has occurred in which an attack will occur sooner or later, you then can basically prevent that attacker from getting access into that vaulted environment before that next opening event occurs. We also have to go back and look at time because sometimes these attackers don't instantiate all at once, I'm going to basically go and encrypt all your data. They take a more of a graduated approach. And so you have to go and look at patterns, access patterns of how data has actually changed and not just look at the metadata, say, okay, well, it looks like the data changed at a certain time. You have to look at the data contents. You have to look at the, if there's a file type. Often times, you can actually analyze that as well and say, hey, this given file whether it's a PowerPoint file or an Excel file or one of the a hundred or a thousand different file types should look like this, it doesn't look like that inside. What are many of the solutions that look for these attackers do is they're just looking at metadata access and then potentially just entropies or how fast things are changing. Well, it's changing faster than it normally would. That's not enough. And the attackers are just going to get smarter about how they go and change things. They're going to change it so that they don't change file suffixes or they don't change them with a very high entropy rate. And without using some kind of a system that's actually constantly tuning itself to say, hey, this is how these attack vectors are evolving over time, you're going to miss out on these opportunities to go and protect yourself. So we have also a constantly evolving and learning capability to go in and say, okay, as we see how these attack vectors are evolving to adapt to the way that we defend against them, we're going to also (audio glitches) other practices to make sure that we account for the new models. So it's a very adaptable kind of, it really is artificial intelligence form of protecting yourself. >> Can I ask you a question, David, just a follow-up on the immutable copy? Where does that live? Is it kind of live on prem? Is it in the cloud, either? >> Both, so we have the ability to put that on prem. We have the ability to put that in a second data center. We have the ability to keep that actually in a colo site so basically, completely out of your data center. And we've got the ability to keep that in the cloud as well. >> The reason I ask is because I just, you know, putting my paranoid SecOps hat on and I'm no expert here but I've talked to organizations that say, oh yeah, it's in the cloud, it's a service. Say, okay, but it's immutable? Yeah, it's write once, read many. You can't erase it. I go, okay, can I turn it off? Well, no, not really. Well, what if I stopped paying for the service? Well, we'd send a notice out. I said, okay, wait a minute. So am I just being too paranoid here? How do you handle that objection? >> Of turning it off? >> Yeah, can I turn it off or can you make it so that nobody can turn it off? >> Oh yeah, that's a good question. So actually what we're building into the product roadmap is the ability to that product actually self inspect and to look at. Whether or not even the underlying, so for example, if the service is running in a virtual machine. Well, the attacker could say, let me just go attack the virtual machine and it infect it and basically turn itself off even in an on-prem, nevermind in the cloud. And so we're looking at building or we're building into the roadmap, a lot more self inspection capabilities to make sure that somebody isn't going to just shut down the service. And so that kind of self resiliency is critical even to a vaulted solution which is air gapped, right? To your point. You don't want someone going, well, I can just get around your solution. I'm just going to go shut it down. That's something that we're getting at. >> So this talks, I think for the audience, this talks it's like an ongoing game of escalation and you want to have a partner who has the resources to keep up with the bad guys cause it's just the constantly, you know, upping the ante, Rob, you guys do a survey every year, the Global Data Protection Index. Tell us about that. What are the latest results? You survey a lot of people. I'm interested in, you know, the context of things like remote work and hybrid work, it's escalated the threat. What are you seeing there? >> Yeah, so as you mentioned, the Global Data Protection Index, we survey over a thousand IT executives, you know, around the globe. And in the most recent study, we absolutely started to ask questions specifically around, you know, customer's concerns with regards to cybersecurity. And we found that over 60% of the customer surveyed, you know, really are concerned that they don't feel that they are adequately prepared to respond to cyber threats that they see, unfortunately on a day-to-day basis. You know, certainly, you know, as you mentioned, the work from anywhere, learn from anywhere reality that many customers are dealing with, you know, one of the concerns that they have is the increased attack surface that they now have to deal with. I mean, the perimeter of the network is now, you know, much broader than it ever has been in the past. You know, so I think all of this leads, Dave, to cybersecurity discussions and cyber resiliency discussions being top of mind for really any CIO, their CSO in any industry. You know, in the days of old, you know, we used to focus at the financial services industry, you know, as, you know, a bunch of customers that we, you know, could have very relevant conversations with but now, you know, that is now cross industry-wide. There isn't a vertical that isn't concerned about the threats of cyber security and cyber attacks. So, you know, when we think about our business especially around data vaulting with our PowerProtect portfolio but also with our PowerScale portfolio, with our unstructured data storage solutions. You know, when we're really having constant conversations of brand, how do you make your environment more cyber resilient? And, you know, we've been seeing, you know, rapid growth in both of those solution areas, both implementing extensions of customers, backup and recovery solutions, you know, but also, you know, in the environments where, you know, we're deploying, you know, large scale unstructured storage infrastructure, you know, the ability to have real-time monitoring of those environments and also to extend that to delivering a vaulted solution for your unstructured storage are all things that are leading us to, you know, work with customers to actually help them become more cyber resilient. >> Great, thanks. The last question and maybe for both of you. Maybe Rob you start and David you can chime in. I'm interested in what's exciting you guys, what's new in the portfolio, are there new features that you're delivering that map to the current market conditions? I mean, your unique value proposition and your capabilities have shifted. You have to respond to the market changes over the left last 18 to 24 months whether it's cyber, ransomware, the digital transformation, what's new in the portfolio and what's exciting you guys. >> So Dave, yes, so quite recently we, you know, as well as, you know, running an event specifically to talk about protection and the age of ransomware and to discuss many of the things that we've covered on this call. You know, data protection is still a foundational technology to help customers become, you know, more secure and, you know, reduce their risk profiles. So innovation that we delivered very recently, you know, it's really in three specific areas, you know, VMware Data Protection, NAS Data Protection and then, you know, also, you know, we introduced a tech preview of a direction that we're taking to expand the scalability and manageability of our PowerProtect appliances. So transparent snapshots delivers capabilities to help customers better protect their VMware environment without the concern of disrupting their production applications when they're doing backup and recovery of virtual machines. Dynamic NAS protection moves away from the age old mechanism of NDMP and provides a much more performance and scalable solution for protecting all of that unstructured data running on NAS infrastructure. And then last but not least to say the tech preview of Smart Scale which is our new solution and architecture to allow customers to pull together multiple power of attack appliances within their data sensors and give them a much easier way of managing the PowerProtect appliances that they have and scaling them environment by implementing a federated namespace to align on them to get support in that environment. >> Nice, some great innovations there. All right, David bring us home. What's exciting you? You shared a little bit with the roadmap of... >> Yeah, look, I think all of this is about operations today. Every enterprise is 24/7. It doesn't matter what vertical you're in, right? Downtime is unacceptable. And whether that means whether it's downtime because you got hit by a malicious attacker, it means downtime because you were caused by disruption of virtual machine instances to Rob's point during the backup process. And we can't interrupt those processes, we can't impact their performance. It means, you know, making sure that your largest unstructured repositories in NAS deployments can be backed up in a time that makes sense so that you can meet your own SLAs. And it means that with a smart scale product there are ability to go and say, okay, as you're expanding your backup target environment, we can do that in a seamless fashion without disrupting your backup operations and your day-to-day operations. All of this is around making sure that we minimize the amount of disruption that our end users experience either because of malicious attacks or because of day-to-day operations and making, you know, making sure that those businesses really can operate 24/7. And that is the crux of a really true enterprise solution for data protection >> Guys, very important topic, really appreciate you coming on the CUBE. Great conversation and keep up the good work of protecting our data. >> Well, Dave, thanks. >> Thanks Dave. >> All right, and thanks everybody for watching this CUBE conversation. This is Dave Vellante and we'll see you next time. (gentle music)

[Music] hello and welcome to this power panel where we go deep with three storage industry vets two from infinidat in an analyst view to find out what's happening in the high-end storage business and what's new with infinidat which has recently added significant depth to its executive ranks and we're going to review the progress on infinidat's infinibox ssa a low-latency all-solid state system designed for the most intensive enterprise workloads to do that we're joined by phil bullinger the chief executive officer of it finidet ken steinhardt is the field cto at infinidat and we bring in the analyst view with eric bergener who's the vice president of research infrastructure systems platforms and technologies group at idc all three cube alums gents welcome back to the cube good to see you thanks very much dave good to be here thanks david as always a pleasure phil let me start with you as i mentioned up top you've been top grading your team we covered the herzog news beefing up your marketing and also upping your game and emea and apj go to market recently give us the business update on the company since you became ceo earlier this year yeah dave i'd be happy to you know the uh i joined the company in january and it's been a it's been a fast 11 months uh exciting exciting times at infinidad as you know really beginning last fall the company has gone through quite a renaissance a change in the executive leadership team uh i was really excited to join the company we brought on you know a new cfo new chief human resources officer new chief legal officer operations head of operations and most recently as has been you know widely reported we brought in eric to head up our marketing organization as a cmo and then last week richard bradbury in in london to head up international sales so very excited about the team we brought together it's uh it's resulted in or it's been the culmination of a lot of work this year to accelerate the growth of infinidat and that's exactly what we've done it's the company has posted quarter after quarter of significant revenue growth we've been accelerating our rate and pace of adding large new fortune 500 global 2000 accounts and the results show it definitely the one of the most exciting things i think this year has been infinidat has pretty rapidly evolved from a single product line uh company around the infinibox architecture which is what made us unique at the start and still makes us very unique as a company and we've really expanded out from there on that same common software-defined architecture to the ssa the solid state array which we're going to talk about in some in some depth today and then our backup appliance our data protection appliance as well all running the same software and what we see now in the field uh many customers are expanding quickly beyond you know the traditional infinibox business uh to the other parts of our portfolio and our sales teams in turn are expanding their selling motion from kind of an infinibox approach to a portfolio approach and it's it's really helping accelerate the growth of the company yeah that's great to hear you really got a deep bench and of course you you know a lot of people in the industry so you're tapping a lot of your your colleagues okay let's get into the market i want to bring in uh the analyst perspective eric can you give us some context when we talk about things like ultra low latency storage what's the market look like to you help us understand the profile of the customer the workloads the market segment if you would well you bet so i'll start off with a macro trend which is clearly there's more real-time data being captured every year in fact by 2024 24 of all of the data captured and stored will be real-time and that puts very different performance requirements on the storage infrastructure than what we've seen in years past a lot of this is driven by digital transformation we've seen new workload types come in big data analytics real-time big data analytics and obviously we've got legacy workloads that need to be handled as well one other trend i'll mention that is really pointing up this need for low latency consistent low latency is workload consolidation we're seeing a lot of enterprises look to move to fewer storage platforms consolidate more storage workloads onto fewer systems and to do that they really need low latency consistent low latency platforms to be able to achieve that and continue to meet their service level agreements great thank you for that all right ken let's bring you into the conversation steiny what are the business impacts of of latency i want you to help us understand when and why is high latency a problem what are the positive impacts of having a consistent low latency uh opportunity or option and what kind of workloads and customers need that right the world has really changed i mean when when dinosaurs like me started in this industry the only people that really knew about performance were the people in the data center and then as things moved into online computing over the years then people within your own organization would care about performance if things weren't going well and it was really the erp revolution the 1990s that sort of opened uh people's eyes to the need for performance particularly for storage performance where now it's not just your internal users but your suppliers are now seeing what your systems look like fast forward to today in a web-based internet world everyone can see with customer facing applications whether you're delivering what they want or not and to answer your question it really comes down to competitive differentiation for the users that can deliver a better user customer experience if you and i'm sure everybody can relate if you go online and try to place an order especially with the holiday season coming up if there's one particular site that is able to give you instantaneous response you're more likely to do business there than somebody where you're going to be waiting and it literally is that simple it used to be that we cared about bandwidth and we used to care about ios per second and the third attribute latency really has become the only one that really matters going forward we found that most customers tell us that these days almost anyone can meet their requirements for bandwidth and ios per second with very few outlying cases where that's not true but the ever unachievable zero latency instantaneous response that's always going to be able to give people competitive differentiation in everything that they do and whoever can provide that is going to be in a very good position to help them serve their customers better yeah eric that stat you threw out of 24 real time uh and that that sort of underscores the need but phil i wonder how how this fits if you could talk about how that fits into your tam expansion strategy i think that's the job of of every ceo is to think about the expanding the tam it seems like you know a lot of people might say it's not necessarily the largest market but it's strategic and maybe opens up some downstream opportunities is that how you're thinking about it or based on what ken just said you expect this to to grow over time oh we definitely expect it to grow uh dave you know the the history of infinidat has been around our infinibox product targeting the primary storage market at the at the higher end of that market you know it's we've enjoyed operating in a eight nine 10 billion dollar tan through the years and that it continues to grow and we continue to outpace market growth within that tam which is exciting what this uh what the ssa really does is it opens up a tier of workload performance that we see more and more emerging in the primary data center the infinibox classic infinibox architecture we have very very fast as we say it typically outperforms most of our all-flash uh array competitors but clearly there there are a tier of workloads that are growing in the data center that require very very tight tail latencies and and that segment is certainly growing it's where some of the most demanding workloads are on the infinibox ssa was really built to expand our participation in those segments of the market and as i mentioned up front at the same time also taking that that software architecture and moving it into the the data protection space as well which is a whole nother market space that we're opening up for the company so we really see our tam this year with more of the this portfolio approach expanding quite a bit eric how how do you see it well those real-time applications that you talked about that require that consistent ultra-low latency grow kind of in in parallel with that that time curve you know will they become a bigger part of that the the overall storage team and and the workload mix how does idc see it yeah so so they actually are going to be growing over time and a lot of that's driven by the fact of the expectations that um steinhart mentioned a little bit earlier just on the part of customers right what they expect when they interact with your i.t infrastructure so we see that absolutely growing going forward i will make a quick comment about you know when all flash arrays first hit back in 2012 um in the 10 years since they started shipping they now generate over 80 of the primary revenues out there in in the primary storage arena so clearly they've taken over an interesting aspect of what's going on here is that a lot of companies now write rfps specifically requiring an all-flash array and what's going to be interesting for infinidat is despite the fact that they could deliver better performance than many of those systems in the past they couldn't really go after the business where that rfp was written for an afa spec well now they'll certainly have the opportunity to do that in my estimation that's going to give them access to about an additional 5 billion in tam by 2025 so this is big for them as a company yeah that's a 50 increase in tamp so okay well eric you just set up my my follow-up question to you ken was going to be the tougher questions uh which we've you and i have had some healthy debates about this but i know you'll have answers so so for years you've argued that your cached architecture and magic sauce algorithms if i caught that could outperform all flash arrays we're using spinning disks so eric talked about the sort of check off item but are there other reasons for the change of heart why and why does the world need another afa doesn't this cut against your petabyte scale messaging i wonder if you could sort of add some color to that sure a great question and the good news is infinibox still does typically outperform all flash arrays but usually that's for average of latency performance and we're tending to get because we're a a caching architecture not a tiered architecture and we're caching to dram which is an order of magnitude faster than flash or even storage class memory technologies it's our software magic and that software defined storage approach that we've had that now effectively is extended to solid state arrays and some customers told us that you know we love your performance it's incredible but if you could let us effectively be confident that we're seeing you know some millisecond sub half millisecond performance consistently for every single io you're going to give us competitive differentiation and this is one of the reasons why we chose to call the product a solid state array as opposed to merely an all-flash array the more common ubiquitous term and it's because we're not dependent on a specific technology we're using dram we can use virtually any technology on the back end and in this case we've chosen to use flash but it's the software that is able to provide that caching to the front end dram that makes things different so that's one aspect is it's the software that really makes the difference it's been the software all along and still on this architecture still mentions going to across the multiple products it's still the software it's also that in that class of ultra high performance architecturally because it is based on the infinibox architecture we're able to deliver 100 availability which is another aspect that the market has evolved to come to expect and it's not rocket science or magic how we do it the godfather of computer science john von neumann all the way back in the 1950s theorized all the way back then that the right way to do ultra high availability and integrity in i.t systems of any type is in threes triple redundancy and in our case amazingly we're the only architecture that uses triple redundant active active components for every single mission critical component on the system and that gives a level of confidence to people from an availability perspective to go with that performance that is just unmatched in the market and then bring all of that together with a set it and forget it mentality for ease of use and simplicity of management and as phil mentioned being able to have a single architecture that can address now not only the ultra high performance but across the entire swath of as eric mentioned consolidation which is a key aspect as well driving this in addition to those real-time applications that he mentioned and even being able to take it down into our our infiniguard data protection device but all with the same common base of software common interface common user experience and unmatched availability and we've got something that we really think people are going to like and they've certainly been proving that of late well i was going to ask you you know what makes the the infinibox ssa different but i think you just laid it out but your contention is this is totally unique in the marketplace is that right ken yes indeed this is a unique architecture and i i literally as a computer scientist myself truly am genuinely surprised that no other vendor in the market has taken the wisdom of the godfather of computer science john von neumann and put it into practice except in the storage world for this particular architecture which transcends our entire realm all the way from the performance down to the data protection phil i mean you have a very wide observation space in this industry and a good strong historical perspective do you think the expectations for performance and this notion of ultra low latencies you know becoming more demanding is is there a parallel so first of all why is that we've talked about a little bit but is there a parallel to the way availability remember you could have escalated over the years um because it was such a problem and now it's really become table stakes and that last mile is so hard but what are your thoughts on that i i think i think absolutely dave you know the the hallmark of infinidat is this white glove concierge level customer experience that we deliver and it's it's affirmed uh year after year in unsolicited enterprise customer feedback uh above every other competitor in our space uh infinidat sets itself apart for this um and i think that's a big part of what continues to drive and fuel the growth and success of the company i just want to touch on a couple things that ken and and eric mentioned the ssa absolutely opens up our tan because we get to we get a lot more at bats now but i think a lot of the industry looks at infinidat as well those guys are are hard drive zealots right they've their architecture is all based on rotating disk that's what they believe in and it's a hybrid versus afa world out there and they were increasingly not on the right bus and that's just absolutely not true in that our our neural cache and what ken talked about what made us unique at the start i think actually only increasingly differentiates us going forward in terms of the the set it and forget it the intelligence of our architecture the ability of that dram based cache to adapt so dynamically without any knobs and and configuration changes to massive changes in workload scale and user scale and it does it with no drama in fact most of our customers the most common feedback we get is that your platform just kind of disappears into our data infrastructure we don't think about it we don't worry about it when we install an infiniti an infinidat rack our intentions are never to come back you know we're not there showing up with trays of disk under our arms trying to upgrade a mission-critical platform that's just not our model what the ssa does is it gives our customers choice it's not about infinidat saying that used to be the shiny object now this is our new shiny object please everybody now go buy that what where where we position our ssa is it's a it's a tco latency sla choice that they can make between exactly identical customer experiences so instead of an old hybrid and a new afa we've got that same software architecture set it and forget it the neural cache and customers can choose what back-end persistent store they want based on the tco and the sla that they want to deliver to a given set of applications so probably the most significant thing that i've seen happen in the last six months at infinidat is a lot of our largest customers the the fortune 15s the fortune 50s the fortune 100s who have been long-standing infinidat customers are now on almost every sort of re-tranche of or trancha purchase orders into us we're now seeing a mix we're seeing a mix of some ssa and some classic infinibox because they're mixing and matching in a given data center down a given row these applications need this sla these applications need this la and we're able to give them that choice and frankly we don't we don't intentionally try to steer them one direction or the other they they're smart they do the math they can pick and choose what experience they want knowing that irrespective of what front door they go through into the infinidat portfolio they're going to get that same experience so i'm hearing it's not just a an rfp check off item it's more than that the market is heading in that direction eric's data on on real time and we're certainly seeing that the data-driven applications the injection of ai and you know systems making decisions in in real time um and i i'm also hearing phil that you're building on your core principles i'm hearing the white glove service the media agnostic the set it and forget it sort of principles that you guys were founded on is you're carrying that through to this this opportunity we absolutely are in the reason and you ask a good question before and i want to more completely answer it i think availability and customer experience are incredibly important today more so than ever because data center economics and data center efficiency um are more important than ever before is as customers evaluate what workloads belong in the public cloud what workloads do i want on-prem irrespective of those decisions they're trying to optimize their their operational expenses their capex expenses and so one thing that infinidat has always excelled at is consolidation bringing multiple users multiple workloads into the same common platform in the data center it says floor space and watts and and uh you know storage administration resources but to do consolidation well you've got to be incredibly reliable and incredibly predictable without a lot of fuss and drama associated with it and so i think the thing that has made infinidat really strong through the years with being a very good consolidation platform is more important now than ever before in in the enterprise storage space because it is really about data center efficiency and uh administration efficiency associated with that yeah thank you for that phil now actually ken let me come back to you i want to ask you a question about consolidation and you and i and and doc our business friend rest his soul have had some some great conversations about this over time but but as you consolidate people are sometimes worried about the blast radius could you address that concern sure well um phil alluded to software and uh it is the cornerstone of everything we bring to the table and it's not just that deep learning that transcends all the intelligence phil talked about in terms of that full wide range of product it's also protection of data across multiple sites and in multiple ways so we were very fortunate in that when we started to create this product since it is a modern product we got to start with a clean sheet of paper and basically look at everything that had been done before and even with some of the very people who created some of the original software for replication in the market were able to then say if i could do it again how would i do it today and how would it be better so we started with local replication and snapshot technology which is the foundation for being able to do full active active replication across two sites today where you can have true zero rpo no data loss even in the face of any kind of failure of a site of a server of a network of a storage device of a connection as well as zero rto immediate consistent operation with no human intervention and we can extend from that out to remote sites literally anywhere in the world in multiples where you can have additional copies of information and at any of them you can be using not only for protection against natural disasters and floods and things like that but from a cyber security perspective immutable snapshots being able to provide data that you know the bad actors can't compromise in multiple locations so we can protect today against virtually any kind of failure scenario across the swath of infinibox or infinibox ssa you can even connect infinite boxes and infinibox ssas because they are the same architecture exactly as phil said what we're seeing is people deploying mostly infinibox because it addresses the wide swath from a consolidation perspective and usually just infinibox ssa for those ultra high performance environments but the beauty of it is it looks feels runs and operates as that one single simple environment that's set it and forget it and just let it run okay so you can consolidate with with confidence uh let's end with the the independent analyst perspective eric you know how do you see this offering what do you think it means for the market is this a new category is it an extension to an existing space how do you look at that uh so i don't see it as a new category i mean it clearly falls into the current definition of afas i think it's more important from the point of view of the customer base that likes this architecture likes the availability the functionality the flexibility that it brings to the table and they can leverage it with tier zero workloads which was something that in the past they didn't have that latency consistency to do that you know i'll just make one one final comment on the software side as well so the reason software is eating the world mark andreessen is basically because of the flexibility the ease of use and the economics and if you take a look at how this particular vendor infinidat designed their product with a software-based definition they were able to swap out underneath and create a different set of characteristics with this new platform because of the flexibility in the software design and that's critical one if you think about how software is dominating so today for 2021 68 of the revenue in the external storage market that's the size of the software defined storage market that's going to be going to almost 80 by 2024 so clearly things are moving in the direction of systems that are defined in a software-defined manner yeah and data is eating software which is why you're going to need ultra low latency um okay we got to wrap it eric you've just published a piece uh this summer called enterprise storage vendor infinidat expands total available market opportunities with all flash system introduction i'm sure they can get that on your website here's a little graphic that shows you how to get that but so guys thanks so much for coming on the cube congratulations on the progress and uh we'll be watching thanks steve thanks very much dave thank you as always a pleasure all right thank you for watching this cube conversation everybody this is dave vellante and we'll see you next time [Music] you

(upbeat music) >> The cloud is evolving. You know, it's no longer a set of remote services somewhere off in the cloud, in the distance. It's expanding. It's moving to on-prem. On-prem workloads are connecting to the cloud. They're spanning clouds in a way that hides the plumbing and simplifies deployment, management, security, and governance. So hybrid multicloud is the next big thing in infrastructure, and at the recent Nutanix .NEXT conference, we got a major dose of that theme, and with me to talk about what we heard at that event, what we learned, why it matters, and what it means to customers are Monica Kumar, who's the senior vice president of marketing and cloud go-to-market at Nutanix, and Tarkan Maner, who's the chief commercial officer at Nutanix. Guys, great to see you again. Welcome to the theCUBE. >> Great to be back here. >> Great to see you, Dave. >> Okay, so you just completed another .NEXT. As an analyst, I like to evaluate the messaging at an event like this, drill into the technical details to try to understand if you're actually investing in the things that you're promoting in your keynotes, and then talk to customers to see how real it is. So with that as a warning, you guys are all in on hybrid multicloud, and I have my takeaways that I'd be happy to share, but, Tarkan, what were your impressions, coming out of the event? >> Look, you had a great entry. Our goal, as Monica is going to outline, too, cloud is not a destination. It's an operating model. Our customers are basically using cloud as a business model, as an operating model. It's not just a bunch of techno mumbo-jumbo, as, kind of, you outlined. We want to make sure we make cloud invisible to the customer so they can focus on what they need to focus on as a business. So as part of that, we want to make sure the workloads, the apps, they can run anywhere the way the customer wants. So in that context, you know, our entire story was bringing customer workloads, use-cases, partner ecosystem with ISVs and cloud providers and service providers and ISPs we're working with like Citrix on end user computing, like Red Hat on cloud native, and also bringing the right products, both in terms of infrastructure capability and management capability for both operators and application developers. So bringing all these pieces together and make it simple for the customer to use the cloud as an operating model. That was the biggest goal here. >> Great, thank you. Monica, anything you'd add in terms of your takeaways? >> Well, I think Tarkan said it right. We are here to make cloud complexity invisible. This was our big event to get thousands of our customers, partners, our supporters together and unveil our product portfolio, which is much more simplified, now. It's a cloud platform. And really have a chance to show them how we are building an ecosystem around it, and really bringing to life the whole notion of hybrid multicloud computing. >> So, Monica, could you just, for our audience, just summarize the big news that came out of .NEXT? >> Yeah, we actually made four different announcements, and most of them were focused around, obviously, our product portfolio. So the first one was around enhancements to our cloud platform to help customers build modern, software-defined data centers to speed their hybrid multicloud deployments while supporting their business-critical applications, and that was really about the next version of our flagship, AOS six, availability. We announced the general availability of that, and key features really included things like built-in virtual networking, disaster recovery enhancements, security enhancements that otherwise would need a lot of specialized hardware, software, and skills are now built into our platform. And, most importantly, all of this functionality being managed through a single interface, right? Which significantly decreases the operational overhead. So that was one announcement. The second announcement was focused around data services and really making it easy for customers to simplify data management, also optimize big data and database workloads. We announced capability that now improves performances of database workloads by 2x, big data workloads by 3x, so lots of great stuff there. We also announced a new service called Nutanix Data Lens, which is a new unstructured data governance service. So, again, I don't want to go into a lot of details here. Maybe we can do it later. That was our second big announcement. The third announcement, which is really around partnerships, and we'll talk more about that, is with Microsoft. We announced the preview of Nutanix Clusters and Azure, and that's really taking our entire flagship Nutanix platform and running it on Azure. And so, now, we are in preview on that one, and we're super excited about that. And then, last but not least, and I know Tarkan is going to go into a lot more detail, is we announced a strategic partnership with Citrix around the whole future of hybrid work. So lots of big news coming out of it. I just gave you a quick summary. There's a lot more around this, as well. >> Okay. Now, I'd like to give you my honest take, if you guys don't mind, and, Tarkan, I'll steal one of your lines. Don't hate me, okay? So the first thing I'm going to say is I think, Nutanix, you have the absolute right vision. There's no question in my mind. But what you're doing is not trivial, and I think it's going to play out. It's going to take a number of years. To actually build an abstraction layer, which is where you're going, as I take it, as a platform that can exploit all the respective cloud native primitives and run virtually any workload in any cloud. And then what you're doing, as I see it, is abstracting that underlying technology complexity and bringing that same experience on-prem, across clouds, and as I say, that's hard. I will say this: the deep dives that I got at the analyst event, it convinced me that you're committed to this vision. You're spending real dollars on focused research and development on this effort, and, very importantly, you're sticking to your true heritage of making this simple. Now, you're not alone. All the non-hyperscalers are going after the multicloud opportunity, which, again, is really challenging, but my assessment is you're ahead of the game. You're certainly focused on your markets, but, from what I've seen, I believe it's one of the best examples of a true hybrid multicloud-- you're on that journey-- that I've seen to date. So I would give you high marks there. And I like the ecosystem-building piece of it. So, Tarkan, you could course-correct anything that I've said, and I'd love for you to pick up on your comments. It takes a village, you know, you're sort of invoking Hillary Clinton, to bring the right solution to customers. So maybe you could talk about some of that, as well. >> Look, actually, you hit all the right points, and I don't hate you for that. I love you for that, as you know. Look, at the end of the day, we started this journey about 10 years ago. The last two years with Monica, with the great executive team, and overall team as a whole, big push to what you just suggested. We're not necessarily, you know, passionate about cloud. Again, it's a business model. We're passionate about customer outcomes, and some of those outcomes sometimes are going to also be on-prem. That's why we focus on this terminology, hybrid multicloud. It is not multicloud, it's not just private cloud or on-prem and non-cloud. We want to make sure customers have the right outcomes. So based on that, whether those are cloud partners or platform partners like HPE, Dell, Supermicro. We just announced a partnership with Supermicro, now, we're selling our software. HPE, we run on GreenLake. Lenovo, we run on TruScale. Big support for Lenovo. Dell's still a great partner to us. On cloud partnerships, as Monica mentioned, obviously Azure. We had a big session with AWS. Lots of new work going on with Red Hat as an ISV partner. Tying that also to IBM Cloud, as we move forward, as Red Hat and IBM Cloud go hand in hand, and also tons of workarounds, as Monica mentioned. So it takes a village. We want to make sure customer outcomes deliver value. So anywhere, for any app, on any infrastructure, any cloud, regardless standards or protocols, we want to make sure we have an open system coverage, not only for operators, but also for application developers, develop those applications securely and for operators, run and manage those applications securely anywhere. So from that perspective, tons of interest, obviously, on the Citrix or the UC side, as Monica mentioned earlier, we also just announced the Red Hat partnership for cloud services. Right before that, next we highlighted that, and we are super excited about those two partnerships. >> Yeah, so, when I talked to some of your product folks and got into the technology a little bit, it's clear to me you're not wrapping your stack in containers and shoving it into the cloud and hosting it like some do. You're actually going much deeper. And, again, that's why it's hard. You could take advantage of those things, but-- So, Monica, you were on the stage at .NEXT with Eric Lockhart of Microsoft. Maybe you can share some details around the focus on Azure and what it means for customers. >> Absolutely. First of all, I'm so grateful that Eric actually flew out to the Bay Area to be live on stage with us. So very super grateful for Eric and Azure partnership there. As I said earlier, we announced the preview of Nutanix Clusters and Azure. It's a big deal. We've been working on it for a while. What this means is that a select few organizations will have an opportunity to get early access and also help shape the roadmap of our offering. And, obviously, we're looking forward to then announcing general availability soon after that. So that's number one. We're already seeing tremendous interest. We have a large number of customers who want to get their hands on early access. We are already working with them to get them set up. The second piece that Eric and I talked about really was, you know, the reason why the work that we're doing together is so important is because we do know that hybrid cloud is the preferred IT model. You know, we've heard that in spades from all different industries' research, by talking to customers, by talking to people like yourselves. However, when customers actually start deploying it, there's lots of issues that come up. There's limited skill sets, resources, and, most importantly, there's a disparity between the on-premises networking security management and the cloud networking security management. And that's what we are focused on, together as partners, is removing that barrier, the friction between on-prem and Azure cloud. So our customers can easily migrate their workloads in Azure cloud, do cloud disaster recovery, create a burst into cloud for elasticity if they need to, or even use Azure as an on-ramp to modernize applications by using the Azure cloud services. So that's one big piece. The second piece is our partnership around Kubernetes and cloud native, and that's something we've already provided to the market. It's GA with Azure and Nutanix cloud platform working together to build Kubernetes-based applications, container-based applications, and run them and manage them. So there's a lot more information on nutanix.com/azure. And I would say, for those of our listeners who want to give it a try and who want their hands on it, we also have a test drive available. You can actually experience the product by going to nutanix.com/azure and taking the test drive. >> Excellent. Now, Tarkan, we saw recently that you announced services. You've got HPE GreenLake, Lenovo, their Azure service, which is called TruScale. We saw you with Keith White at HPE Discover. I was just with Keith White this week, by the way, face to face. Awesome guy. So that's exciting. You got some investments going on there. What can you tell us about those partnerships? >> So, look, as we talked through this a little bit, the HPE relationship is a very critical relationship. One of our fastest growing partnerships. You know, our customers now can run a Nutanix software on any HPE platform. We call it DX, is the platform. But beyond that, now, if the customers want to use HPE service as-a-service, now, Nutanix software, the entire stack, it's not only hybrid multicloud platform, the database capability, EUC capability, storage capability, can run on HPE's service, GreenLake service. Same thing, by the way, same way available on Lenovo. Again, we're doing similar work with Dell and Supermicro, again, giving our customers choice. If they want to go to a public club partner like Azure, AWS, they have that choice. And also, as you know, I know Monica, you're going to talk about this, with our GSI partnerships and new service provider program, we're giving options to customers because, in some other regions, HPE might not be their choice or Azure not be choice, and a local telco might the choice in some country like Japan or India. So we give options and capability to the customers to run Nutanix software anywhere they like. >> I think that's a really important point you're making because, as I see all these infrastructure providers, who are traditionally on-prem players, introduce as-a-service, one of the things I'm looking for is, sure, they've got to have their own services, their own products available, but what other ecosystem partners are they offering? Are they truly giving the customers choice? Because that's, really, that's the hallmark of a cloud provider. You know, if we think about Amazon, you don't always have to use the Amazon product. You can use actually a competitive product, and that's the way it is. They let the customers choose. Of course, they want to sell their own, but, if you innovate fast enough, which, of course, Nutanix is all about innovation, a lot of customers are going to choose you. So that's key to these as-a-service models. So, Monica, Tarkan mentioned the GSIs. What can you tell us about the big partners there? >> Yeah, definitely. Actually, before I talk about GSIs, I do want to make sure our listeners understand we already support AWS in a public cloud, right? So Nutanix totally is available in general, generally available on AWS to use and build a hybrid cloud offering. And the reason I say that is because our philosophy from day one, even on the infrastructure side, has been freedom of choice for our customers and supporting as large a number of platforms and substrates as we can. And that's the notion that we are continuing, here, forward with. So to talk about GSIs a bit more, obviously, when you say one platform, any app, any cloud, any cloud includes on-prem, it includes hyperscalers, it includes the regional service providers, as well. So as an example, TCS is a really great partner of ours. We have a long history of working together with TCS, in global 2000 accounts across many different industries, retail, financial services, energy, and we are really focused, for example, with them, on expanding our joint business around mission critical applications deployment in our customer accounts, and specifically our databases with Nutanix Era, for example. Another great partner for us is HCL. In fact, HCL's solution SKALE DB, we showcased at .NEXT just yesterday. And SKALE DB is a fully managed database service that HCL offers which includes a Nutanix platform, including Nutanix Era, which is our database service, along with HCL services, as well as the hardware/software that customers need to actually run their business applications on it. And then, moving on to service providers, you know, we have great partnerships like with Cyxtera, who, in fact, was the service provider partner of the year. That's the award they just got. And many other service providers, including working with, you know, all of the edge cloud, Equinix. So, I can go on. We have a long list of partnerships, but what I want to say is that these are very important partnerships to us. All the way from, as Tarkan said, OEMs, hyperscalers, ISVs, you know, like Red Hat, Citrix, and, of course, our service provider, GSI partnerships. And then, last but not least, I think, Tarkan, I'd love for you to maybe comment on our channel partnerships as well, right? That's a very important part of our ecosystem. >> No, absolutely. You're absolutely right. Monica. As you suggested, our GSI program is one of the best programs in the industry in number of GSIs we support, new SP program, enterprise solution providers, service provider program, covering telcos and regional service providers, like you suggested, OVH in France, NTT in Japan, Yotta group in India, Cyxtera in the US. We have over 50 new service providers signed up in the last few months since the announcement, but tying all these things, obviously, to our overall channel ecosystem with our distributors and resellers, which is moving very nicely. We have Christian Alvarez, who is running our channel programs globally. And one last piece, Dave, I think this was important point that Monica brought up. Again, give choice to our customers. It's not about cloud by itself. It's outcomes, but cloud is an enabler to get there, especially in a hybrid multicloud fashion. And last point I would add to this is help customers regardless of the stage they're in in their cloud migration. From rehosting to replatforming, repurchasing or refactoring, rearchitecting applications or retaining applications or retiring applications, they will have different needs. And what we're trying to do, with Monica's help, with the entire team: choice. Choice in stage, choice in maturity to migrate to cloud, and choice on platform. >> So I want to close. First of all, I want to give some of my impressions. So we've been watching Nutanix since the early days. I remember vividly standing around the conference call with my colleague at the time, Stu Miniman. The state-of-the-art was converged infrastructure, at the time, bolting together storage, networking, and compute, very hardware centric. And the founding team at Nutanix told us, "We're going to have a software-led version of that." And you popularized, you kind of created the hyperconverged infrastructure market. You created what we called at the time true private cloud, scaled up as a company, and now you're really going after that multicloud, hybrid cloud opportunity. Jerry Chen and Greylock, they just wrote a piece called Castles on the Cloud, and the whole concept was, and I say this all the time, the hyperscalers, last year, just spent a hundred billion dollars on CapEx. That's a gift to companies that can add value on top of that. And that's exactly the strategy that you're taking, so I like it. You've got to move fast, and you are. So, guys, thanks for coming on, but I want you to both-- maybe, Tarkan, you can start, and Monica, you can bring us home. Give us your wrap up, your summary, and any final thoughts. >> All right, look, I'm going to go back to where I started this. Again, I know I go back. This is like a broken record, but it's so important we hear from the customers. Again, cloud is not a destination. It's a business model. We are here to support those outcomes, regardless of platform, regardless of hypervisor, cloud type or app, making sure from legacy apps to cloud native apps, we are there for the customers regardless of their stage in their migration. >> Dave: Right, thank you. Monica? >> Yeah. And I, again, you know, just the whole conversation we've been having is around this but I'll remind everybody that why we started out. Our journey was to make infrastructure invisible. We are now very well poised to helping our customers, making the cloud complexity invisible. So our customers can focus on business outcomes and innovation. And, as you can see, coming out of .NEXT, we've been firing on all cylinders to deliver this differentiated, unified hybrid multicloud platform so our customers can really run any app, anywhere, on any cloud. And with the simplicity that we are known for because, you know, our customers love us. NPS 90 plus seven years in a row. But, again, the guiding principle is simplicity, portability, choice. And, really, our compass is our customers. So that's what we are focused on. >> Well, I love not having to get on planes every Sunday and coming back every Friday, but I do miss going to events like .NEXT, where I meet a lot of those customers. And I, again, we've been following you guys since the early days. I can attest to the customer delight. I've spent a lot of time with them, driven in taxis, hung out at parties, on buses. And so, guys, listen, good luck in the next chapter of Nutanix. We'll be there reporting and really appreciate your time. >> Thank you so much. >> Thank you so much, Dave. >> All right, and thank you for watching, everybody. This is Dave Vellante for theCUBE, and, as always, we'll see you next time. (light music)

(upbeat music) >> Welcome everybody to this CUBE Conversation. My name is Dave Vellante, and we're here to talk about Object storage and the momentum in the space. And what Dell Technologies is doing to compete in this market, I'm joined today by Anahad Dhillon, who's the Product Manager for Dell, EMC's ECS, and new ObjectScale products. Anahad, welcome to theCUBE, good to see you. >> Thank you so much Dave. We appreciate you having me and Dell (indistinct), thanks. >> Its always a pleasure to have you guys on, we dig into the products, talk about the trends, talk about what customers are doing. Anahad before the Cloud, Object was this kind of niche we seen. And you had simple get, put, it was a low cost bit bucket essentially, but that's changing. Tell us some of the trends in the Object storage market that you're observing, and how Dell Technology sees this space evolving in the future please. >> Absolutely, and you hit it right on, right? Historically, Object storage was considered this cheap and deep place, right? Customers would use this for their backup data, archive data, so cheap and deep, no longer the case, right? As you pointed out, the ObjectSpace is now maturing. It's a mature market and we're seeing out there customers using Object or their primary data so, for their business critical data. So we're seeing big data analytics that we use cases. So it's no longer just cheap and deep, now your primary workloads and business critical workloads being put on with an object storage now. >> Yeah, I mean. >> And. >> Go ahead please. >> Yeah, I was going to say, there's not only the extend of the workload being put in, we'll also see changes in how Object storage is being deployed. So now we're seeing a tighter integration with new depth models where Object storage or any storage in general is being deployed. Our applications are being (indistinct), right? So customers now want Object storage or storage in general being orchestrated like they would orchestrate their customer applications. Those are the few key trends that we're seeing out there today. >> So I want to dig into this a little bit with you 'cause you're right. It used to be, it was cheap and deep, it was slow and it required sometimes application changes to accommodate. So you mentioned a few of the trends, Devs, everybody's trying to inject AI into their applications, the world has gone software defined. What are you doing to respond to all these changes in these trends? >> Absolutely, yeah. So we've been making tweaks to our object offering, the ECS, Elastic Cloud Storage for a while. We started off tweaking the software itself, optimizing it for performance use cases. In 2020, early 2020, we actually introduced SSDs to our notes. So customers were able to go in, leverage these SSD's for metadata caching improving their performance quite a bit. We use these SSDs for metadata caching. So the impact on the performance improvement was focused on smaller reads and writes. What we did now is a game changer. We actually went ahead later in 2020, introduced an all flash appliance. So now, EXF900 and ECS all flash appliance, it's all NVME based. So it's NVME SSDs and we leveraged NVME over fabric xx for the back end. So we did it the right way did. We didn't just go in and qualified an SSD based server and ran object storage on it, we invested time and effort into supporting NVME fabric. So we could give you that performance at scale, right? Object is known for scale. We're not talking 10, 12 nodes here, we're talking hundreds of nodes. And to provide you that kind of performance, we went to ahead. Now you've got an NVME based offering EXF900 that you can deploy with confidence, run your primary workloads that require high throughput and low latency. We also come November 5th, are releasing our next gen SDS offering, right? This takes the Troven ECS code that our customers are familiar with that provides the resiliency and the security that you guys expect from Dell. We're re platforming it to run on Kubernetes and be orchestrated by Kubernetes. This is what we announced that VMware 2021. If you guys haven't seen that, is going to go on-demand for VMware 2021, search for ObjectScale and you get a quick demo on that. With ObjectScale now, customers can quickly deploy enterprise grade Object storage on their existing environment, their existing it infrastructure, things like VMware, infrastructure like VMware and infrastructure like OpenShift. I'll give you an example. So if you were in a VMware shop that you've got vSphere clusters in your data center, with ObjectScale, you'll be able to quickly deploy your Object enterprise grid Object offering from within vSphere. Or if you are an OpenShift customer, right? If you've got OpenShift deployed in your data center and your Red Hat shop, you could easily go in, use that same infrastructure that your applications are running on, deploy ObjectScale on top of your OpenShift infrastructure and make available Object storage to your customers. So you've got the enterprise grade ECS appliance or your high throughput, low latency use cases at scale, and you've got this software defined ObjectScale, which can deploy on your existing infrastructure, whether that's VMware or Red Hat OpenShift. >> Okay, I got a lot of follow up questions, but let me just go back to one of the earlier things you said. So Object was kind of cheap, deep and slow, but scaled. And so, your step one was metadata caching. Now of course, my understanding is with Object, the metadata and the data within the object. So, maybe you separated that and made it high performance, but now you've taken the next step to bring in NVME infrastructure to really blow away all the old sort of scuzzy latency and all that stuff. Maybe you can just educate us a little bit on that if you don't mind. >> Yeah, absolutely. Yeah, that was exactly the stepped approach that we took. Even though metadata is tightly integrated in Object world, in order to read the actual data, you still got to get to the metadata first, right? So we would cache the metadata into SSDs reducing that lookup that happens for that metadata, right? And that's why it gave you the performance benefit. But because it was just tied to metadata look-ups, the performance for larger objects stayed the same because the actual data read was still happening from the hard drives, right? With the new EXF900 which is all NVME based, we've optimized the our ECS Object code leveraging VME, data sitting on NVME drives, the internet connectivity, the communication is NVME over fabric, so it's through and through NVME. Now we're talking milliseconds and latency and thousands and thousands of transactions per second. >> Got it, okay. So this is really an inflection point for Objects. So these are pretty interesting times at Dell, you got the cloud expanding on prem, your company is building cloud-like capabilities to connect on-prem to the cloud across cloud, you're going out to the edge. As it pertains to Object storage though, it sounds like you're taking a sort of a two product approach to your strategy. Why is that, and can you talk about the go-to market strategy in that regard? >> Absolutely, and yeah, good observation there. So yes and no, so we continued to invest in ECS. ECS continues to stay a product of choice when customer wants that traditional appliance deployment model. But this is a single hand to shape model where you're everything from your hardware to your software the object solution software is all provided by Dell. ECS continues to be the product where customers are looking for that high performance, fine tune appliance use case. ObjectScale comes into play when the needs are software defined. When you need to deploy the storage solution on top of the same infrastructure that your applications are run, right? So yes, in the short-term, in the interim, it's a two product approach of both products taking a very distinct use case. However, in the long-term, we're merging the two quote streams. So in the long-term, if you're an ECS customer and you're running ECS, you will have an in-place data upgrade to ObjectScale. So we're not talking about no forklift upgrades, we're not talking about you're adding additional servers and do a data migration, it's a code upgrade. And then I'll give you an example, today on ECS, we're at code variation 3.6, right? So if you're a customer running ECS, ECS 3.X in the future, and so we've got a roadmap where 3.7 is coming out later on this year. So from 3.X, customers will upgrade the code data in place. Let's call it 4.0, right? And that brings them up to ObjectScale. So there's no nodes left behind, there's an in-place code upgrade from ECS to the ObjectScale merging the two code streams and the long-term, single code, short-term, two products for both solving the very distinct users. >> Okay, let me follow up, put on my customer hat. And I'm hearing that you can tell us with confidence that irrespective of whether a customer invested ECS or ObjectScale, you're not going to put me into a dead-end. Every customer is going to have a path forward as long as their ECS code is up-to-date, is that correct? >> Absolutely, exactly, and very well put, yes. No nodes left behind, investment protection, whether you've got ECS today, or you want to invest into ECS or ObjectScale in the future, correct. >> Talk a little bit more about ObjectScale. I'm interested in kind of what's new there, what's special about this product, is there unique functionality that you're adding to the product? What differentiates it from other Object stores? >> Absolutely, my pleasure. Yeah, so I'll start by reiterating that ObjectScale it's built on that Troven ECS code, right? It's the enterprise grid, reliability and security that our customers expect from Dell EMC, right? Now we're re platforming ECS who allow ObjectScale to be Kubernetes native, right? So we're leveraging that microservices-based architecture, leveraging that native orchestration capabilities of Kubernetes, things like resource isolation or seamless (indistinct), I'm sorry, load balancing and things like that, right? So the in-built native capabilities of Kubernetes. ObjectScale is also build with scale in mind, right? So it delivers limitless scale. So you could start with terabytes and then go up to petabytes and beyond. So unlike other file system-based Object offerings, ObjectScale software would have a limit on your number of object stores, number of buckets, number of objects you store, it's limitless. As long as you can provide the hardware resources under the covers, the software itself is limitless. It allows our customers to start small, so you could start as small as three node and grow their environment as your business grows, right? Hundreds of notes. With ObjectScale, you can deploy workloads at public clouds like scale, but with the reliability and control of a private cloud data, right? So, it's then your own data center. And ObjectScale is S3 compliant, right? So while delivering the enterprise features like global replication, native multi-tenancy, fueling everything from Dev Test Sandbox to globally distributed data, right? So you've got in-built ObjectScale replication that allows you to place your data anywhere you got ObjectScale (indistinct). From edge to core to data center. >> Okay, so it fits into the Kubernetes world. I call it Kubernetes compatible. The key there is automation, because that's the whole point of containers is, right? It allows you to deploy as many apps as you need to, wherever you need to in as many instances and then do rolling updates, have the same security, same API, all that level of consistency. So that's really important. That's how modern apps are being developed. We're in a new age year. It's no longer about the machines, it's about infrastructure as code. So once ObjectScale is generally available which I think is soon, I think it's this year, What should customers do, what's their next step? >> Absolutely, yeah, it's coming out November 2nd. Reach out to your Dell representatives, right? Get an in-depth demo on ObjectScale. Better yet, you get a POC, right? Get a proof of concept, have it set up in your data center and play with it. You can also download the free full featured community edition. We're going to have a community edition that's free up to 30 terabytes of usage, it's full featured. Download that, play with it. If you like it, you can upgrade that free community edition, will license paid version. >> And you said that's full featured. You're not neutering the community edition? >> Exactly, absolutely, it's full featured. >> Nice, that's a great strategy. >> We're confident, we're confident in what we're delivering, and we want you guys to play with it without having your money tied up. >> Nice, I mean, that's the model today. Gone are the days where you got to get new customers in a headlock to get them to, they want to try before they buy. So that's a great little feature. Anahad, thanks so much for joining us on theCUBE. Sounds like it's been a very busy year and it's going to continue to be so. Look forward to see what's coming out with ECS and ObjectScale and seeing those two worlds come together, thank you. >> Yeah, absolutely, it was a pleasure. Thank you so much. >> All right, and thank you for watching this CUBE Conversation. This is Dave Vellante, we'll see you next time. (upbeat music)

>> Welcome to this Cube Conversation, I'm Lisa Martin. I'm joined by Derek Manky next, the Chief Security Insights and Global Threat Alliances at Fortiguard Labs. Derek, welcome back to the program. >> Hey, it's great to be here again. A lot of stuff's happened since we last talked. >> So Derek, one of the things that was really surprising from this year's Global Threat Landscape Report is a 10, more than 10x increase in ransomware. What's going on? What have you guys seen? >> Yeah so this is massive. We're talking over a thousand percent over a 10x increase. This has been building Lisa, So this has been building since December of 2020. Up until then we saw relatively low high watermark with ransomware. It had taken a hiatus really because cyber criminals were going after COVID-19 lawyers and doing some other things at the time. But we did see a seven fold increase in December, 2020. That has absolutely continued this year into a momentum up until today, it continues to build, never subsided. Now it's built to this monster, you know, almost 11 times increase from, from what we saw back last December. And the reason, what's fueling this is a new verticals that cyber criminals are targeting. We've seen the usual suspects like telecommunication, government in position one and two. But new verticals that have risen up into this third and fourth position following are MSSP, and this is on the heels of the Kaseya attack of course, that happened in 2021, as well as operational technology. There's actually four segments, there's transportation, automotive, manufacturing, and then of course, energy and utility, all subsequent to each other. So there's a huge focus now on, OT and MSSP for cyber criminals. >> One of the things that we saw last year this time, was that attackers had shifted their focus away from enterprise infrastructure devices, to home networks and consumer grade products. And now it looks like they're focusing on both. Are you seeing that? >> Yes, absolutely. In two ways, so first of all, again, this is a kill chain that we talk about. They have to get a foothold into the infrastructure, and then they can load things like ransomware on there. They can little things like information stealers as an example. The way they do that is through botnets. And what we reported in this in the first half of 2021 is that Mirai, which is about a two to three-year old botnet now is number one by far, it was the most prevalent botnet we've seen. Of course, the thing about Mirai is that it's an IOT based botnet. So it sits on devices, sitting inside consumer networks as an example, or home networks, right. And that can be a big problem. So that's the targets that cyber criminals are using. The other thing that we saw that was interesting was that one in four organizations detected malvertising. And so what that means Lisa, is that cyber criminals are shifting their tactics from going just from cloud-based or centralized email phishing campaigns to web born threats, right. So they're infecting sites, waterhole attacks, where, you know, people will go to read their daily updates as an example of things that they do as part of their habits. They're getting sent links to these sites that when they go to it, it's actually installing those botnets onto those systems, so they can get a foothold. We've also seen scare tactics, right. So they're doing new social engineering lures, pretending to be human resource departments. IT staff and personnel, as an example, with popups through the web browser that look like these people to fill out different forms and ultimately get infected on home devices. >> Well, the home device use is proliferate. It continues because we are still in this work from home, work from anywhere environment. Is that, you think a big factor in this increase from 7x to nearly 11x? >> It is a factor, absolutely. Yeah, like I said, it's also, it's a hybrid of sorts. So a lot of that activity is going to the MSSP angle, like I said to the OT. And to those new verticals, which by the way, are actually even larger than traditional targets in the past, like finance and banking, is actually lower than that as an example. So yeah, we are seeing a shift to that. And like I said, that's, further backed up from what we're seeing on with the, the botnet activity specifically with Mirai too. >> Are you seeing anything in terms of the ferocity, we know that the volume is increasing, are they becoming more ferocious, these attacks? >> Yeah, there is a lot of aggression out there, certainly from, from cyber criminals. And I would say that the velocity is increasing, but the amount, if you look at the cyber criminal ecosystem, the stakeholders, right, that is increasing, it's not just one or two campaigns that we're seeing. Again, we're seeing, this has been a record cases year, almost every week we've seen one or two significant, cyber security events that are happening. That is a dramatic shift compared to last year or even, two years ago too. And this is because, because the cyber criminals are getting deeper pockets now. They're becoming more well-funded and they have business partners, affiliates that they're hiring, each one of those has their own methodology, and they're getting paid big. We're talking up to 70 to 80% commission, just if they actually successfully, infect someone that pays for the ransom as an example. And so that's really, what's driving this too. It's a combination of this kind of perfect storm as we call it, right. You have this growing attack surface, work from home environments and footholds into those networks, but you have a whole bunch of other people now on the bad side that are orchestrating this and executing the attacks too. >> So what can organizations do to start- to slow down or limit the impacts of this growing ransomware as a service? >> Yeah, great question. Everybody has their role in this, I say, right? So if we look at, from a strategic point of view, we have to disrupt cyber crime, how do we do that? It starts with the kill chain. It starts with trying to build resilient networks. So things like ZTA and a zero trust network access, SD-WAN as an example for protecting that WAN infrastructure. 'Cause that's where the threats are floating to, right. That's how they get the initial footholds. So anything we can do on the preventative side, making networks more resilient, also education and training is really key. Things like multi-factor authentication are all key to this because if you build that preventatively and it's a relatively small investment upfront Lisa, compared to the collateral damage that can happen with these ransomware paths, the risk is very high. That goes a long way, it also forces the attackers to- it slows down their velocity, it forces them to go back to the drawing board and come up with a new strategy. So that is a very important piece, but there's also things that we're doing in the industry. There's some good news here, too, that we can talk about because there's things that we can actually do apart from that to really fight cyber crime, to try to take the cyber criminals offline too. >> All right, hit me with the good news Derek. >> Yeah, so a couple of things, right. If we look at the botnet activity, there's a couple of interesting things in there. Yes, we are seeing Mirai rise to the top right now, but we've seen big problems of the past that have gone away or come back, not as prolific as before. So two specific examples, EMOTET, that was one of the most prolific botnets that was out there for the past two to three years, there is a take-down that happened in January of this year. It's still on our radar but immediately after that takedown, it literally dropped to half of the activity it had before. And it's been consistently staying at that low watermark now at that half percentage since then, six months later. So that's very good news showing that the actual coordinated efforts that were getting involved with law enforcement, with our partners and so forth, to take down these are actually hitting their supply chain where it hurts, right. So that's good news part one. Trickbot was another example, this is also a notorious botnet, takedown attempt in Q4 of 2020. It went offline for about six months in our landscape report, we actually show that it came back online in about June this year. But again, it came back weaker and now the form is not nearly as prolific as before. So we are hitting them where it hurts, that's that's the really good news. And we're able to do that through new, what I call high resolution intelligence that we're looking at too. >> Talk to me about that high resolution intelligence, what do you mean by that? >> Yeah, so this is cutting edge stuff really, gets me excited, keeps me up at night in a good way. 'Cause we we're looking at this under the microscope, right. It's not just talking about the what, we know there's problems out there, we know there's ransomware, we know there's a botnets, all these things, and that's good to know, and we have to know that, but we're able to actually zoom in on this now and look at- So we, for the first time in the threat landscape report, we've published TTPs, the techniques, tactics, procedures. So it's not just talking about the what, it's talking about the how, how are they doing this? What's their preferred method of getting into systems? How are they trying to move from system to system? And exactly how are they doing that? What's the technique? And so we've highlighted that, it's using the MITRE attack framework TTP, but this is real time data. And it's very interesting, so we're clearly seeing a very heavy focus from cyber criminals and attackers to get around security controls, to do defense innovation, to do privilege escalation on systems. So in other words, trying to be common administrator so they can take full control of the system. As an example, lateral movement, there's still a preferred over 75%, 77 I believe percent of activity we observed from malware was still trying to move from system to system, by infecting removable media like thumb drives. And so it's interesting, right. It's a brand new look on these, a fresh look, but it's this high resolution, is allowing us to get a clear image, so that when we come to providing strategic guides and solutions in defense, and also even working on these takedown efforts, allows us to be much more effective. >> So one of the things that you said in the beginning was we talked about the increase in ransomware from last year to this year. You said, I don't think that we've hit that ceiling yet, but are we at an inflection point? Data showing that we're at an inflection point here with being able to get ahead of this? >> Yeah, I would like to believe so, there is still a lot of work to be done unfortunately. If we look at, there's a recent report put out by the Department of Justice in the US saying that, the chance of a criminal to be committing a crime, to be caught in the US is somewhere between 55 to 60%, the same chance for a cyber criminal lies less than 1%, well 0.5%. And that's the bad news, the good news is we are making progress in sending messages back and seeing results. But I think there's a long road ahead. So, there's a lot of work to be done, We're heading in the right direction. But like I said, they say, it's not just about that. It's, everyone has their role in this, all the way down to organizations and end users. If they're doing their part of making their networks more resilient through this, through all of the, increasing their security stack and strategy. That is also really going to stop the- really ultimately the profiteering that wave, 'cause that continues to build too. So it's a multi-stakeholder effort and I believe we are getting there, but I continue to still, I continue to expect the ransomware wave to build in the meantime. >> On the end-user front, that's always one of the vectors that we talk about, it's people, right? There's so much sophistication in these attacks that even security folks and experts are nearly fooled by them. What are some of the things that you're saying that governments are taking action on some recent announcements from the White House, but other organizations like Interpol, the World Economic Forum, Cyber Crime Unit, what are some of the things that governments are doing that you're seeing that as really advantageous here for the good guys? >> Yeah, so absolutely. This is all about collaboration. Governments are really focused on public, private sector collaboration. So we've seen this across the board with Fortiguard Labs, we're on the forefront with this, and it's really exciting to see that, it's great. There's always been a lot of will to work together, but we're starting to see action now, right? Interpol is a great example, they recently this year, held a high level forum on ransomware. I actually spoke and was part of that forum as well too. And the takeaways from that event were that we, this was a message to the world, that public, private sector we need. They actually called ransomware a pandemic, which is what I've referred to it as before in itself as well too. Because it is becoming that much of a problem and that we need to work together to be able to create action, action against this, measure success, become more strategic. The World Economic Forum were leading a project called the Partnership Against Cyber Crime Threat Map Project. And this is to identify, not just all this stuff we talked about in the threat landscape report, but also looking at, things like, how many different ransomware gangs are there out there. What do the money laundering networks look like? It's that side of the supply chain to map out, so that we can work together to actually take down those efforts. But it really is about this collaborative action that's happening and it's innovation and there's R&D behind this as well, that's coming to the table to be able to make it impactful. >> So it sounds to me like ransomware is no longer a- for any organization in any industry you were talking about the expansion of verticals. It's no longer a, "If this happens to us," but a matter of when and how do we actually prepare to remediate, prevent any damage? >> Yeah, absolutely, how do we prepare? The other thing is that there's a lot of, with just the nature of cyber, there's a lot of connectivity, there's a lot of different, it's not just always siloed attacks, right. We saw that with Colonial obviously, this year where you have attacks on IT, that can affect consumers, right down to consumers, right. And so for that very reason, everybody's infected in this. it truly is a pandemic I believe on its own. But the good news is, there's a lot of smart people on the good side and that's what gets me excited. Like I said, we're working with a lot of these initiatives. And like I said, some of those examples I called up before, we're actually starting to see measurable progress against this as well. >> That's good, well never a dull day I'm sure in your world. Any thing that you think when we talk about this again, in a few more months of the second half of 2021, anything you predict crystal ball wise that we're going to see? >> Yeah, I think that we're going to continue to see more of the, I mean, ransomware, absolutely, more of the targeted attacks. That's been a shift this year that we've seen, right. So instead of just trying to infect everybody for ransom, as an example, going after some of these new, high profile targets, I think we're going to continue to see that happening from the ransomware side and because of that, the average costs of these data breaches, I think they're going to continue to increase, it already did in 2021 as an example, if we look at the cost of a data breach report, it's gone up to about $5 million US on average, I think that's going to continue to increase as well too. And then the other thing too is, I think that we're going to start to see more, more action on the good side like we talked about. There was already a record amount of takedowns that have happened, five takedowns that happened in January. There were arrests made to these business partners, that was also new. So I'm expecting to see a lot more of that coming out towards the end of the year too. >> So as the challenges persist, so do the good things that are coming out of this. Where can folks go to get this first half 2021 Global Threat Landscape? What's the URL that they can go to? >> Yeah, you can check it out, all of our updates and blogs including the threat landscape reports on blog.fortinet.com under our threat research category. >> Excellent, I read that blog, it's fantastic. Derek, always a pleasure to talk to you. Thanks for breaking this down for us, showing what's going on. Both the challenging things, as well as the good news. I look forward to our next conversation. >> Absolutely, it was great chatting with you again, Lisa. Thanks. >> Likewise for Derek Manky, I'm Lisa Martin. You're watching this Cube Conversation. (exciting music)

>>Welcome to this cube conversation. I'm Lisa Martin. I'm joined by Derek manky next, the chief security insights and global threat alliances at 40 guard labs. Derek. Welcome back. >>Yeah, it's great to be here again. So then, uh, uh, a lot of stuff's happened since we last talked. >>One of the things that was really surprising from this year's global threat landscape report is a 10 more than 10 X increase in ransomware. What's going on? What have you guys seen? >>Yeah, so, uh, th th this is, is massive. We're talking about a thousand percent over a 10, a 10 X increase. This has been building police. So this, this has been building since, uh, December of 2020 up until then we saw relatively low, uh, high watermark with ransomware. Um, it had taken a hiatus really because cyber criminals were going after COVID-19 lawyers and doing some other things at the time, but we did see us a seven fold increase in December, 2020. That is absolutely continued. Uh, continued this year into a momentum up until today. It continues to build never subsided. Now it's built to this monster, you know, almost 11 times increase from, from what we saw back last December and what the, uh, the reason what's fueling. This is a new verticals that cyber criminals are targeting. We've seen the usual suspects like telecommunication government and, uh, position one and two, but new verticals that have risen up into this, uh, third and fourth position following our MSSP. And this is on the heels of the Casia attack. Of course, that happened in 2021, as well as operational technology. There's actually four segments, there's transportation, uh, automotive manufacturing, and then of course, energy and utility all subsequent to each other. So there's a huge focus now on, on OTA and MSSP for cybercriminals. >>One of the things that we saw last year, this time was that attackers had shifted their focus away from enterprise infrastructure devices, to home networks and consumer grade products. And now it looks like they're focusing on both. Are you seeing that? >>Yes, absolutely. I in two ways. So first of all, again, this is a kill chain that we talk about. They have to get a foothold into the infrastructure, and then they can load things like ransomware on there. They can little things like information Steelers as an example, the way they do that is through botnets. And, uh, what we reported in this, um, in the first half of 2021 is that Mariah, which is about a two to three-year old button that now is, is number one by far, it was the most prevalent bond that we've seen. Of course, the thing about Mariah is that it's an IOT based bot net. So it sits on devices, uh, sitting inside a consumer networks as an example, or home networks, right? And that, that can be a big problem. So that's the targets that cyber criminals are using. The other thing that we saw that was interesting was that one in four organizations detected malvertising. >>And so what that means at least, is that cyber criminals are shifting their tactics from going just from cloud-based or centralized email phishing campaigns to a web born threats, right? So they're infecting sites, waterhole attacks, where people would go to read their, their, their daily updates as an example of things that they do as part of their habits. Um, they're getting sent links to these sites that when they go to it, it's actually installing those botnets onto those systems. So they can get a foothold. We've also seen scare tactics, right? So they're doing new social engineering Lewis pretending to be human resource departments, uh, you know, uh, uh, it staff and personnel, as an example, with pop-ups through the web browser that looked like these people to fill out different forms and ultimately get infected on, on a home devices. >>Well, the home device we use is proliferate. It continues because we are still in this work from home work, from anywhere environment. Is that when you think a big factor in this increased from seven X to nearly 11 X, >>It is a factor. Absolutely. Yeah. Like I said, it's, it's also, it's a hybrid of sorts. So, so a lot of that activity is going to the MSSP, uh, angle, like I said, uh, to, to the OT. And so to those verticals, which by the way, are actually even larger than traditional targets in the past, like, uh, finance and banking is actually lower than that as an example. So yeah, we are seeing a shift to that. And like I said, that's, that's further, uh, backed up from what we're seeing on with the, the, the, the botnet activity specifically with Veronica too. Are >>You seeing anything in terms of the ferocity? We know that the volume is increasing. Are they becoming more ferocious? These attacks? >>Yeah. Yeah. There, there is. There's a lot of aggression out there, certainly from, from criminals. And I would say that the velocity is increasing, but the amount of, if you look at the cyber criminal ecosystem, the, the stakeholders, right. Um, that is increasing, it's not just one or two campaigns that we're seeing. Again, we're seeing, this has been a record cases here almost every week. We've seen one or two significant, you know, cyber security events that are happening. That is a dramatic shift compared to, to, to last year or even, you know, two years ago too. And this is because, um, because the cyber criminals are getting deeper pockets now, they're, they're becoming more well-funded and they have business partners, affiliates that they're hiring each one of those has their own methodology, and they're getting paid big. We're talking up to 70 to 80% commission, just if they actually successfully, you know, in fact, someone that pays for the ransom as an example. And so that's really, what's driving this too. It's, it's, it's a combination of this kind of perfect storm as we call it. Right. You have this growing attack surface and work from home, uh, environments, um, and footholds into those networks. But you have a whole bunch of other people now on the bad side that are orchestrating this and executing the attacks too. >>What can organizations do to start to slow down or limit the impacts of this growing ransomware as a service? >>Yeah, great question. Um, everybody has their role in this, I say, right? So, uh, if we look at, from a strategic point of view, we have to disrupt cyber crime. How do we do that? Um, it starts with the kill chain. It starts with trying to build resilient networks. So things like a ZTE and a zero trust network access, a SD LAN as an example, as an example for producting that land infrastructure on, because that's where the threats are floating to, right? That's how they get the initial footholds. So anything we can do on the, on the, you know, preventative, preventative side, making, uh, networks more resilient, um, also education and training is really key. Things like multi-factor authentication are all key to this because if you build that, uh, uh, preventatively and that's a relatively small investment upfront, Lisa compared to the collateral damage that can happen with these ransomware, it passes, the risk is very high. Um, that goes a long way. It also forces the attackers to it slows down their velocity. It forces them to go back to the drawing board and come up with a new strategy. So that is a very important piece, but there's also things that we're doing in the industry. There's some good news here too, uh, that we can talk about because there's, there's things that we can actually do. Um, apart from that to, to really fight cyber crime, to try to take the cyber criminal cell phone. >>All right. Hit me with the good news Derek. >>Yeah. So, so a couple of things, right. If we look at the bot net activity, there's a couple of interesting things in there. Yes, we are seeing Mariah rise to the top right now, but we've seen big problems of the past that have gone away or come back, not as prolific as before. So two specific examples, a motel that was one of the most prolific botnets that was out there for the past two to three years, there is a take-down that happened in January of this year. Uh, it's still on our radar, but immediately after that takedown, it literally dropped to half of the activity. It hadn't before. And it's been consistently staying at that low watermark now had that half percentage since, since that six months later. So that's very good news showing that the actual coordinated efforts that we're getting involved with law enforcement, with our partners and so forth to take down, these are actually hitting their supply chain where it hurts. >>Right. So that's good news part one trick. Bob was another example. This is also a notorious spot net take down attempt in Q4 of 2020. It went offline for about six months. Um, in our landscape report, we actually show that it came back online, uh, in about June this year. But again, it came down, it came back weaker and another form is not nearly as prolific as before. So we are hitting them where it hurts. That's, that's the really good news. And we're able to do that through new, um, what I call high resolution intelligence. >>Talk to me about that high resolution intelligence. What do you mean by that? >>Yeah, so this is cutting edge stuff really gets me excited and keeps, keeps me up at night in a good way. Uh, cause we're, we're looking at this under the microscope, right? It's not just talking about the why we know there's problems out there. We know there's, there's ransomware. We know there's the botnets, all these things, and that's good to know, and we have to know that, but we're able to actually zoom in on this now and look at it. So we, for the first time in the threat landscape report, we've published TTPs, the techniques, tactics procedures. So it's not just talking about the, what it's talking about, the how, how are they doing this? What's their preferred method of getting into systems? How are they trying to move from system to system and exactly how are they doing that? What's the technique. And so we've highlighted that it's using the MITRE attack framework TTP, but this is real-time data. >>And it's very interesting. So we're clearly seeing a very heavy focus from cyber criminals and attackers to get around security controls, to do defensive, Asian, to do privilege escalation on systems. So in other words, trying to be common administrator so they can take full control of the system. Uh, as an example, a lateral movement on there's still a preferred over 75%, 77, I believe percent of activity we observed from malware was still trying to move from system to system by infecting removable media like thumb drives. And so it's interesting, right? It's a brand new look on the, these a fresh look, but it's this high resolution is allowing us to get a clear image so that when we come to providing strategic guidance and solutions of defense, and also even working on these, take down that Fritz, it allows us to be much more effective. So >>One of the things that you said in the beginning was we talked about the increase in ransomware from last year to this year. You said, I don't think that we've hit that, that ceiling yet, but are we at an inflection points, the data showing that we're at an inflection point here with being able to get ahead of this? >>Yeah, I, I, I would like to believe so. Um, it, there is still a lot of work to be done. Unfortunately, if we look at, you know, there is a, a recent report put out by the department of justice in the S saying that, you know, the chance of, uh, criminal, uh, to be committing a crime, but to be caught in the U S is somewhere between 55 to 60%, the same chance for a cyber criminal lies less than 1% above 0.5%. And that's the bad news. The good news is we are making progress and sending messages back and seeing results. But I think there's a long road ahead. So, um, you know, there there's a lot of work to be done. We're heading in the right direction. But like I said, they say, it's not just about that. It's everyone has, has their role in this all the way down to organizations and end users. If they're doing their part and making their networks more resilient through this, through all the, you know, increasing their security stack and strategy, um, that is also really going to stop the, you know, really ultimately the profiteering, uh, that, that wave, you know, cause that continues to build too. So it's, it's a multi-stakeholder effort and I believe we are, we are getting there, but I continue to still, uh, you know, I continue to expect the ransomware wave to build. In the meantime, >>On the end user front, that's always one of the vectors that we talk about it's people, right? It's there's so there's so much sophistication in these attacks that even security folks and experts are nearly fooled by them. What are some of the things that you're saying that governments are taking action on some recent announcements from the white house, but other organizations like Interpol, the world, economic forum, cyber crime unit, what are some of the things that governments are doing that you're seeing that as really advantageous here for the good guys? >>Yeah, so absolutely. This is all about collaboration. Governments are really focused on public private sector collaboration. Um, so we've seen this across the board, uh, with 40 guard labs, we're on the forefront with this, and it's really exciting to see that it's great. Uh, there, there, there's always been a lot of will work together, but we're starting to see action now. Right. Um, Interpol is a great example. They recently this year held a high level forum on ransomware. I was actually spoken was part of that forum as well too. And the takeaways from that event were that we, this was a message to the world, that public private sector we need. They actually called ransomware a pandemic, which is what I've referred to it as before in itself as well too, because it is becoming that much of a problem and that we need to work together to be able to create action, action action against this measure, success become more strategic. >>The world economic forum, uh, were, were, uh, leading a project called the partnership against cyber crime threat map project. And this is to identify not just all this stuff we talked about in the threat landscape report, but also looking at, um, you know, things like how many different ransomware gangs are there out there. Uh, what are their money laundering networks look like? It's that side of the side of the supply chains of apple so that we can work together to actually take down those efforts. But it really is about this collaborative action that's happening and it's, um, innovation and there's R and D behind this as well. That's coming to the table to be able to make, you know, make it impactful. >>So it sounds to me like ransomware is no longer a for any organization in any, any industry you were talking about the expansion of verticals, it's no longer a, if this happens to us, but a matter of when and how do we actually prepare to remediate prevent any damage? Yeah, >>Absolutely. How do we prepare? The other thing is that there's a lot of, um, you know, with just the nature of, of, of cyber, there's a lot of, uh, connectivity. There's a lot of different, uh, it's not just always siloed attacks. Right? We saw that with colonial obviously this year where you have the talks on, on it that can affect consumers right now to consumers. Right. And so for that very reason, um, everybody's infected in this, uh, it, it truly is a pandemic, I believe on its own. Uh, but the good news is there's a lot of smart people, uh, on the good side and, you know, that's what gets me excited. Like I said, we're working with a lot of these initiatives and like I said, some of those examples I called up before, we're actually starting to see measurable progress against this as well. >>That's good. Well, never adult day, I'm sure. In your world, any thing that you think when we talk about this again, in a few more months of the second half of 2021, anything that, that you predict crystal ball wise that we're going to see? >>Yeah. I think that we're going to continue to see more of the, I mean, ransomware, absolutely. More of the targeted attacks. That's been a shift this year that we've seen. Right. So instead of just trying to infect everybody for ransom, but as an example of going after some of these new, um, you know, high profile targets, I think we're going to continue to see that happening from there. Add some more side on, on, and because of that, the average costs of these data breaches, I think they're going to continue to increase. Um, they had already did, uh, in, uh, 20, uh, 2021, as an example, if we look at the cost of the data breach report, it's gone up to about $5 million us on average, I think that's going to continue to increase as well too. And then the other thing too, is I think that we're going to start to see more, um, more, more action on the good side. Like we talked about, there was already a record amount of take downs that have happened five take downs that happened in January. Um, there were, uh, arrests made to these business partners that was also new. So I'm expecting to see a lot more of that coming out, uh, uh, towards the end of the year, too. >>So as the challenges persist, so do the good things that are coming out of this. They're working folks go to get this first half 2021 global threat landscape. What's the URL that they can go to. >>Yeah, you can check it all, all of our updates and blogs, including the threat landscape reports on blog about 40 nine.com under our threat research category. >>Excellent. I read that blog. It's fantastic. Derek, always a pleasure to talk to you. Thanks for breaking this down for us showing what's going on. Both the challenging things, as well as the good news. I look forward to our next conversation. >>Absolutely. It's great. Chatting with you again, Lisa. Thanks. >>Likewise for Derek manky. I'm Lisa Martin. You're watching this cube conversation.

(soft music) >> There are many constants in the storage business, relentlessly declining cost per bit, innovations that perpetually battled the laws of physics, a seemingly endless flow of venture capital, despite the intense competition. And there's one other constant in the storage business, Eric Hertzog, and he joins us today in this CUBE video exclusive to talk about IBM's recent storage announcements. Eric, welcome back to theCUBE. >> Great, Dave, thanks very much, we love being on theCUBE and you guys do a great job of informing the industry about what's going on in storage and IT in general. >> Well, thank you for that. >> Great job. >> We're going to cover a lot of ground today. IBM Storage, made a number of announcements the past month around data resilience, a new as-a-service model, which a lot of folks are doing in the industry, you've made performance enhancements. Can you give us the top line summary of the hard news, Eric? >> Sure, the top line summary is of course cyber security is on top of mind for everybody in the recent Fortune 500 list that came out, you probably saw, there was a survey of CEOs of Fortune 500 companies, they named cybersecurity as their number one concern, not war, not pandemic, but cybersecurity. So we've got an announcement around data resilience and cyber resiliency built on our FlashSystem family with our new offering, Safeguarded Copy. And the second thing is the move to a new method of storage consumption. Storage-as-a-Service, a pay-as-you-go model, cloud-like the way people buy cloud storage, that's what you can do now from IBM Storage with our Storage-as-a-Service. Those are the key, two takeaways, Dave. >> Yeah and I want to stay on the trends that we're seeing in cyber for a moment, the work from home pivot in the hybrid work approach has really created a new exposures, people aren't as secure outside of the walled garden of the offices and we've seen a dramatic escalation in the adversaries capabilities and techniques, another least of which is island hopping, in other words, putting code fragments in the digital supply chain, they reform once they're inside the company and it's almost like this organic creepy thing that occurs. They're also living as you know, stealthily for many, many months, sometimes years, exfiltrating data, and then just waiting and then when companies respond, the incidents response trigger a ransomware incident. So they escalate the cyber crime and it's just a really, really bad situation for victims. What are you seeing in that regard and the trends? >> Well, one of the key things we see as everyone is very concerned about cybersecurity. The Biden administration has issued (indistinct) not only to the government sector, but to the private sector, cyber security is a big issue. Other governments across the world have done the same thing. So at IBM Storage, what we see is taking a comprehensive view. Many people think that cybersecurity is moat with the alligators, the castle wall and then of course the sheriff of Nottingham to catch the bad guys. And we know the sheriff of Nottingham doesn't do a good job of catching Robin Hood. So it takes a while as you just pointed out, sitting there for months or even longer. So one of the key things you need to do in an overall cybersecurity strategy is don't forget storage. Now our announcement around Safeguarded Copy is very much about rapid recovery after an attack for malware or ransomware. We have a much broader set of cyber security technology inside of IBM Storage. For example, with our FlashSystem family, we can encrypt data at rest with no performance penalty. So if someone steals that data, guess what? It's encrypted. We can do anomalous pattern detection with our backup product, Spectrum Protect Plus, why would you care? Well, if theCUBE's backup was taking two hours on particular datasets and all of a sudden it was taking four hours, Hmm maybe someone is encrypting those backup data sets. And so we notify. So what we believe at IBM is that an overarching cybersecurity strategy has to keep the bad guys out, threat detection, anomalous pattern behavior on the network, on the servers, on the storage and all of that, chasing the bad guy down once they breach the wall, 'cause that does happen, but if you don't have cyber and data resilience built into your storage technology, you are leaving a gap that the bad guys can explain, whether that be the malware ransomware guys oh by the way, Dave, there still is internal IT theft that there was a case about 10 years ago now where 10 IT guys stole $175 million. I kid you not, $175 million from a bunch of large banks across the country, and that was an internal IT theft. So between the internal IT issues that could approach you malware and ransomware, a comprehensive cybersecurity strategy, must include storage. >> So I want to ask you about come back to Safeguarded Copy and you mentioned some features and capabilities, encrypting data at rest, your anomalous pattern recognition inferring, you're taking a holistic approach, but of course you've got a storage centricity, what's different about your cyber solution? What's your unique value probability to your (indistinct) . >> Well, when you look at Safeguarded Copy, what it does is it creates immutable copies that are logically air-gapped, but logically air-gapped locally. So what that means is if you have a malware or ransomware attack and you need to do a recovery, whether it be a surgical recovery or a full-on recovery, because they attacked everything, then we can do recovery in a couple hours versus a couple of days or a couple of weeks. Now, in addition to the logical local air-gapping with Safeguarded Copy, you also could do remote logical air-gapping by snapping out to the cloud, which we also have on our FlashSystem products and you also of course, could take our FlashSystem products and back up to tape, giving you a physical air gap. In short, we give our customers three different ways to help with malware and ransomware. >> Let me ask you- >> Are air-gapped locally. >> Yeah, please continue, I'm sorry. >> So our air-gapping locally for rapid recovery, air-gapping remotely, which again, then puts it on the cloud provider network, so hopefully they can't breach that. And then clearly a physical air gap going out to tape all three and on the mainframe, we have Safeguarded Copy already, Dave and several of our mainframe customers actually do two of those things, they'll do Safeguarded Copy or rapid recovery locally, but they'll also take that Safeguarded Copy and either put it out to tape or put it out to a cloud provider with a remote logical air-gap using a snapshot. >> I want to ask you a question about management 'cause when you ask CSOs, what's your number one challenge, they'll say lack of talent, We've got all these tools and all this lack of skills to really do all this stuff. Can't hire people fast enough and they don't have the skills. So when you think about it, and so what you do is you bring a lot of automation into the orchestration and management. My question is this, when you set up air gaps, do you recommend, or what do you see in terms of not, of logically and physically not only physically separating the data, but also the management and orchestration and automation does that have to be logically air-gapped as well or can you use the same management system? What's best practice there? >> Ah, so what we do is we work with our copy management software, which will manage regular copies as well, but Safeguarded Copies are immutable. You can't write to them, you can't get rid of them and they're logically air-gapped from the local hosts. So the hosts, for the Safeguarded Copies that immutable copy, you just made, the hosts don't even know that it's there. So you manage that with our copy management software, which by the way, we'll manage regular snapshots and replicas as well, but what that allows you to do is allows you to automate, for example, you can automate recovery across multiple FlashSystem arrays, the copy services manager will allow you to set different parameters for different Safeguarded Copies. So a certain Safeguarded Copy, you could say, make me a copy every four hours. And then on another volume on a different data set, you could say, make me a copy every 12 hours. Once you set all that stuff update, it's completely automated, completely automated. >> So, I want to come back to something you mentioned about anomalous pattern recognition and how you help with threat detection. So a couple of a couple of quick multi-part question here. First of all, the backup corpus is an obvious target. So that's an area that you have to protect. And so can, and you're saying, you've used the example if your backups taking too long, but so how do you do that? What's the technology behind that? And then can you go beyond, should you go beyond just the backup corpus, with primary data or copies on-prem, et cetera? Two part questions. >> So when we look at it, the anomalous pattern detection is part of our backup software, say Spectrum Protect and what it does it uses AI-based technology, it recognizes a pattern. So it knows that the backup dataset for the queue takes two hours and it recognizes that, and it sees that as the normal state of events. So if all of a sudden that backup that theCUBE was doing used to take two hours and starts taking four, what it does is that's an anomalous pattern, it's not a normal pattern. It'll send a note to the backup admin, the storage admin, whoever you designate it to and say the backup data set for theCUBE that used to take two hours, it's taken four hours, you probably ought to check that. So when we view cyber resiliency from a storage perspective, it's broad. We just talked about anomalous pattern detection in Spectrum Protect. We were talking most of the conversation about our Safeguarded Copy, which is available on the mainframe for several years and is now available on FlashSystems, making immutable local air-gap copies, that can be rapidly recovered and are immutable and can help you recover for a malware or ransomware attack. Our data at rest encryption happens to be with no performance penalty. So when you look at it, you need to create an overarching strategy for cybersecurity and then when you look at your storage estate, you need to look at your secondary storage, backup, replicas, snaps, archive, and have a strategy there to protect that and then you need a strategy to protect your primary storage, which would be things like Safeguarded Copy and encryption. So then you put it all together and in fact, Dave, one of the things we offer is a free cyber resilience assessment. It's not only for IBM Storage, but it happens to be a cyber resilience assessment that conforms to the NIST Framework and it's heterogeneous. So if you're a big company, you've got IBM EMC and HP Storage, guess what? It's all about the data sets not about the storage. So we say, you said these 10 data sets are critical, why are you not encrypting them? These data sets are XYZ, why are you not air-gapping them? So we come up based on the NIST Framework, a set of recommendations that are not IBM specific, but they are storage specific. Here's how you make your storage more resilient, both your secondary storage and your primary storage. That's how we see the big thing and Safeguarded Copy of course fits in on the primary storage side, A on the mainframe, which we've had for several years now and B in the Linux world, the Unix world and the Windows Server world on our FlashSystem portfolio with the announcement we did on July 20th. >> Great, thank you for painting that picture. Eric, are you seeing any use case patterns emerge in this space? >> Well, we see a couple of things. First of all, is A most resellers and most end-users, don't see storage an overarching part of the cybersecurity strategy, and that's starting to change. Second thing we're seeing is more and more storage companies are trying to get into this bailiwick of offering cyber and data resilience. The value IBM brings of course is much longer experience to that and we even integrate with other products. So for example, IBM offers a product called QRadar from the security divisions not a storage product, a security product, and it helps you with early data breach recognition. So it looks at servers, network access, it looks at the storage and it actually integrates now with our Safeguarded Copy. So, part of the value that we bring is this overarching strategy of a comprehensive data and cyber resilience across our whole portfolio, including Safeguarded Copy our July 20th announcement. But also integration beyond storage now with our QRadar product from IBM security division. And there will be future announcements coming in both Q4 and Q1 of additional integration with other security technologies, so you can see how storage can be a vital COD in the corporate cybersecurity strategy. >> Got it, thank you. Let's pivot to the, as-a-service it's, cloud obviously is brought in that as-a-service. Now, it seems like everybody has one now. You guys have announced obviously HPE, Dell, Lenovo, Cisco, Pure, everybody's gotten out there as-a-service model, what do we need to know about your as-a-service solution and why is it different from the others? >> Sure. Well, one of the big differences is we actually go on actual storage, not effective. So when you look at effective storage, which most of them do that includes creating the (indistinct) data sets and other things, so you're basically paying for that. Second thing we do is we have a bigger margin. So for example, if theCUBE says we want SLA-3 and we sell it by the SLA, Dave, SLA-1, two and three. So let's say theCUBE needs SLA-3 and the minimum capacity is a 100 terabytes, but let's say you think you need 300 terabytes. No problem. You also have a variable. One of the key differences is unlike many of our competitors, the rate for the base and the rate for the variable are identical. Several of our competitors, when you're in the base, you pay a certain amount, when you go into the variable, they charge you a premium. The other key differentiator is around data reduction. Some of our competitors and all storage companies have data reduction technology. Block-level D do thin provisioning, compression, we all offer those features. The difference is with IBM's pay-as-you-grow, Storage-as-a-Service model, if you have certain data sets that are not very deducible, not very compressible, we absorbed that with our competitors, most of them, if the dataset is not easily deducible, compressible, and they don't see the value, they actually charge you a premium for that. So that is a huge difference. And then the last big difference is our a 100% availability guarantee. We have that on our FlashSystem product line, we're the only one offering 100% availability guarantee. We also against many of the competitors offer a better base nines, as you know, availability characteristics. We offer six nines of availability, which is five minutes and 26 seconds of downtime and a 100% availability of offering. Some of our competitors only offer four nines of availability and if you want five or six, they charge you extra. We give you six nines base in which has only five minutes and change of downtime in a year. So those are the key difference between us and the other as-a-service models out there. >> So, the basic concept I think, is if you commit to more and buy more, you pay less per. I mean, that's the basic philosophy of these things, right? So, if- >> Yes. >> I commit to you X, let's say, I want to just sort of start small and I commit to you to X and great. I'm in now in, maybe I sign up for a multi-year term, I commit this much, whatever, a 100 terabytes or whatever the minimum is. And then I can say, Hey, you know what? This is working for me. The CFO likes it and the IT guys can provision more seamlessly, we got our chargeback or showback model goes, I want to now make a bigger commitment and I can, and I want to sort of, can I break my three-year term and come back and then renegotiate, kind of like reserved instances, maybe bigger and pay less? How do you approach that? >> Well, what you do is we do a couple of things. First of all, you could always add additional capacity, and you just call up. We assign a technical account manager to every account. So in addition to what you get from the regular sales team and what you get from our value business partners, by the way, we did factor in the business partners, Dave, into this, so business partners will have a great pay-as-you-go Storage-as-a-Service solution, that includes partners and their ability to leverage. In fact, several of our partners that do have both MSP and MHP businesses are working right now to leverage our Storage-as-a-Service, and then add on their own value with their own MSP and MHP capability. >> And they can white label that? Is that right or? >> Well, you'd still have Storage-as-a-Service from IBM. They would resell that to theCUBE and then they'd add in their own MHP or MSP. >> Got it. >> That said partners interested in doing a white label, we would certainly entertain that capability. >> Got it. I interrupted you, carry on please. >> Yeah, you can go ahead and add more capacity, not a problem. You also can change the SLA. So theCUBE, one of the leading an industry analyst firms, you bought every analyst firm in the world, and you're using IBM Storage-as-a-Service, pay-as-you-go cloud-like model. So what you do is you call up the technical account manager and say, Eric, we bought all these other companies they're using on-prem storage, we'd like to move to Storage-as-a-Service for all the companies we acquire. We can do that, so that would up your capacity. And then you could say, now we've been at SLA-2, but because we're adding all these new applications of workloads from our acquired companies, we want some of it to be at SLA-1. So we can have some of your workloads on SLA-2, others on SLA-1, you could switch everything to SLA-1, and you just call your technical account manager and they'll make that happen for you or your business partner, obviously, if you bought through the channel. >> I get it, the hard question is what if all those other companies theCUBE acquired are also IBM Storage-as-a-Service customers? Can I, what's that discussion like? Hey, can I consolidate those and get a better deal? >> Yeah, there are all Storage-as-a-Service customers and Dave I love that thought, we would just figure out a way to consolidate the agreement. The agreements are one through five years. What I think also that's very unique is let's say for whatever reason, and we all love finance people. Let's say the IT guys have called the finance and say, we did a one-year contract, we now like to do a three-year contract. The one year is coming up and guess what? Finance's delayed for whatever reason, the PO doesn't go through. So the ITI calls up the technical account manager, we love your service, it's delayed in finance. We will let them stay on their Storage-as-a-Service, even though they don't have a contract. Now, of course they've told us they want to do one, but if they exceed the contract by a quarter or two, because they can't get the finance guys are messing with the IT guys, that's fine. What the key differentiators? Exactly the same price. Several of our competitors will also extend without a contract, but until you do a contract, they charge you a premium, we do not, whatever, if you're an SLA-3, you're SLA-3, we'll extend you and no big deal. And then you do your contract, when the finance guys get their act together and you're ready to go. So that is something we can do and we'll do on a continual basis. >> Last question. Let's go way out. So, we're not doing any time, near-term forecasts, I'm trying to understand how popular you think as-a-service is going to be. I mean, if you think about the end of the decade, let's think industry total, IBM specific, how popular do you think as-a-service models will be? Do you think it will be the majority of the transacted business or it's kind of more of a, just one of many? >> So I think there will be many, some people will still have bare metal on-premises. Some people will still do virtualization on-premises or in a hybrid cloud configuration. What I do think though is Storage-as-a-Service will be over 50% by the end. Remember, we're sitting at 2021. So we're talking now 2029. >> Right. >> So I think Storage-as-a-Service will be over 50%. I think most of that Storage-as-a-Service will be in a hybrid cloud model. I think the days of a 100% cloud, which is the way it started. I think a lot of people realize that a 100% cloud actually is more expensive than a hybrid cloud or fully on-prem. I was at a major university in New York, they are in the healthcare space and I know their CIO from one of my past lives. I was talking to him, they did a full on analysis of all the cloud providers going a 100% cloud. And their analysis showed that a 100% cloud, particularly for highly transactional workloads was 50% more expensive than buying it, paying the maintenance and paying their employees. So we did an all in view. So what I think it's going to be is Storage-as-a-Service will be over 50%. I think most of that Storage-as-a-Service will be in a hybrid cloud configuration with storage on-prem or in a colo, like what our IBM pay-as-you-go service will do and then it will be accessed and available through a hybrid cloud configuration with IBM Cloud, Google, Amazon as or whoever the cloud provider is. So I do think that you're looking at over 50% of the storage being as-a-service, but I do think the bulk of that as-a-service will be as-a-service through someone like IBM or our competitors and then part of it will be from the cloud providers. But I do think you're going to see a mix because right now the expense of going a 100% cloud cloud storage is dramatically understated and when someone does an analysis like that major university in New York did, they had a guy from finance, help them do the analysis and it was 50% more expensive than doing on-premise either on-prem or on-prem as-a-service, both were way cheaper. >> But you own the asset, right? >> Yes. >> As-a-service model. >> We, right, we own the asset. >> And I would bet, >> I would bet that over the lifetime value of the spend and it as-a-service model, just like the cloud, if you do this with IBM or any of your competitors, I would bet that overall you're going to spend more just like you've seen in the cloud, but you get the benefit is the flexibility that you get. >> Yeah, yeah. If you compare it to the, so obviously the number one model would be to buy. That's probably going to be the least expensive. >> Right. >> But it's also the least flexible. Then you also have leasing, more flexibility, but leasing usually is more expensive. Just like when you lease your car, if you add up all the lease payments and then you, at the end, pay that balloon payment to buy, it's cheaper to buy the car up front than it is to lease a car. Same thing with any IT asset, now storage network servers, all are available on leasing, the net is at the bottom line, that's more than buying it upfront. And then Storage-as-a-Service will also be more expensive than buying it, my friend, but ultimate capability, altering SLAs, adding new capacity, being able to handle an app very quickly. We can provision the storage, as you mentioned, the IT guys can easily provision. We provision, the storage in 10 minutes, if you bought from IBM Storage or any competitor you bought and you need more storage, A you got to put a PO through your system and if you're not theCUBE, but you're a giant global Fortune 500, sometimes it takes weeks to get the PO done. Then the PO has to go to the business partner, the business partner has got to give a PO to the distributor and a PO to IBM. So it can take you weeks to actually get the additional storage that you need. With Storage-as-a-Service from IBM with our pay-as-you-go, cloud-like model, all you have to do is provision and you're done. And by the way, we provide a 50% overage for free. So if they end up needing more storage, that 50% is actually sitting on-prem already and if they get to 75% utilization of the total amount of storage, we then call them up, the technical account manager would call them up and their business partner and say, Dave, do you know that you guys are at 75% full? We'd like to come add some additional storage to get you back down to a 50% margin. And by the way, most of our competitors only do a 25% margin. So again, another differentiator for IBM Storage-as-a-Service. >> What about, I said, last question, but I have another question. What about day one? Like how long does it take, if I want to start fresh with as-a-service? >> Get it. >> How long does it take to get up and running? >> Basically you put the PO through, whatever it takes on your side or through your business partner, we then we'll sign the technical account manager, will call you up because you need to tell us, do you want to, in a colo facility that you're working with or do you want to put it on on-prem? And then once we do that, we just schedule a time for your IT guys do the install. So, probably two weeks. >> Yeah. >> It all depends because you've got to call back and say, Eric, we'd like it at our colo partner, our colo partners, ABC, we got to call ABC and then get back to you or on-prem , we're going to have guys in the office, a good day when it's not going to be too busy. Could you come two weeks from Thursday? Which now would be three weeks for sake of argument. But that would be, we interface with the customer, with the technical account manager to do it on your schedule on your time, whether you do it in your own facility or use a colo provider. >> Yeah, but once you tell, once I tell you, once we get through all that stuff, it's two weeks from when that's all agreed. >> Yeah. >> It's like the Xerox copier salesman, (Dave chuckles) Where are you going to put it? Once you decide where you're going to put it, then it's a couple of weeks. It's not a month or two months or yeah. >> Yeah, it's not. And we need additional capacity, remember there's a 50% margin sitting there. So if you need to go into the variable and use it, and when we hit a 75%, we actually track it with our storage insights pro. So we'll call you up and say, Dave, you're at 76%. We'd like to add more storage to give you better margin of extra storage and you would say, great, when can we do it? So, yeah, we're proactive about that to make sure that you stay at that 50% margin. Again, our competitors, all do only have 25% margin. So we're giving you that better margin, a larger margin in case you really have a high capacity demand for that quarter and we proactively will call you up, if we think you need more based on monitoring your storage usage. >> Great. Eric got to go, thank you so much for taking us through that great detail, I really appreciate it. Always good to see you. >> Great, thanks Dave, really appreciate it. >> Alright, thank you for watching this CUBE conversation, this is Dave Vellante and we'll see you next time. (soft music)

(upbeat music) >> The Cloud essentially turned the data center into an API and ushered in the era of programmable infrastructure, no longer do we think about deploying infrastructure in rigid silos with a hardened, outer shell, rather infrastructure has to facilitate digital business strategies. And what this means is putting data at the core of your organization, irrespective of its physical location. It also means infrastructure generally and storage specifically must be accessed as sets of services that can be discovered, deployed, managed, secured, and governed in a DevOps model or OpsDev, if you prefer. Now, this has specific implications as to how vendor product strategies will evolve and how they'll meet modern data requirements. Welcome to this Cube conversation, everybody. This is Dave Vellante. And with me to discuss these sea changes is Ajay Singh, the Chief Product Officer of Pure Storage, Ajay welcome. >> Thank you, David, gald to be on. >> Yeah, great to have you, so let's talk about your role at Pure. I think you're the first CPO, what's the vision there? >> That's right, I just joined up Pure about eight months ago from VMware as the chief product officer and you're right, I'm the first our chief product officer at Pure. And at VMware I ran the Cloud management business unit, which was a lot about automation and infrastructure as code. And it's just great to join Pure, which has a phenomenal all flash product set. I kind of call it the iPhone or flash story super easy to use. And how do we take that same ease of use, which is a heart of a Cloud operating principle, and how do we actually take it up to really deliver a modern data experience, which includes infrastructure and storage as code, but then even more beyond that and how do you do modern operations and then modern data services. So super excited to be at Pure. And the vision, if you may, at the end of the day, is to provide, leveraging this moderate experience, a connected and effortless experience data experience, which allows customers to ultimately focus on what matters for them, their business, and by really leveraging and managing and winning with their data, because ultimately data is the new oil, if you may, and if you can mine it, get insights from it and really drive a competitive edge in the digital transformation in your head, and that's what be intended to help our customers to. >> So you joined earlier this year kind of, I guess, middle of the pandemic really I'm interested in kind of your first 100 days, what that was like, what key milestones you set and now you're into your second a 100 plus days. How's that all going? What can you share with us in and that's interesting timing because the effects of the pandemic you came in in a kind of post that, so you had experience from VMware and then you had to apply that to the product organization. So tell us about that sort of first a 100 days and the sort of mission now. >> Absolutely, so as we talked about the vision, around the modern data experience, kind of have three components to it, modernizing the infrastructure and really it's kudos to the team out of the work we've been doing, a ton of work in modernizing the infrastructure, I'll briefly talk to that, then modernizing the data, much more than modernizing the operations. I'll talk to that as well. And then of course, down the pike, modernizing data services. So if you think about it from modernizing the infrastructure, if you think about Pure for a minute, Pure is the first company that took flash to mainstream, essentially bringing what we call consumer simplicity to enterprise storage. The manual for the products with the front and back of a business card, that's it, you plug it in, boom, it's up and running, and then you get proactive AI driven support, right? So that was kind of the heart of Pure. Now you think about Pure again, what's unique about Pure has been a lot of our competition, has dealt with flash at the SSD level, hey, because guess what? All this software was built for hard drive. And so if I can treat NAND as a solid state drive SSD, then my software would easily work on it. But with Pure, because we started with flash, we released went straight to the NAND level, and as opposed to kind of the SSD layer, and what that does is it gives you greater efficiency, greater reliability and create a performance compared to an SSD, because you can optimize at the chip level as opposed to at the SSD module level. That's one big advantage that Pure has going for itself. And if you look at the physics, in the industry for a minute, there's recent data put out by Wikibon early this year, effectively showing that by the year 2026, flash on a dollar per terabyte basis, just the economics of the semiconductor versus the hard disk is going to be cheaper than hard disk. So this big inflection point is slowly but surely coming that's going to disrupt the hardest industry, already the high end has been taken over by flash, but hybrid is next and then even the long tail is coming up over there. And so to end to that extent our lead, if you may, the introduction of QLC NAND, QLC NAND powerful competition is barely introducing, we've been at it for a while. We just recently this year in my first a 100 days, we introduced the flasher AC, C40 and C60 drives, which really start to open up our ability to go after the hybrid story market in a big way. It opens up a big new market for us. So great work there by the team,. Also at the heart of it. If you think about it in the NAND side, we have our flash array, which is a scale-up latency centric architecture and FlashBlade which is a scale-out throughput architecture, all operating with NAND. And what that does is it allows us to cover both structured data, unstructured data, tier one apps and tier two apps. So pretty broad data coverage in that journey to the all flash data center, slowly but surely we're heading over there to the all flash data center based on demand economics that we just talked about, and we've done a bunch of releases. And then the team has done a bunch of things around introducing and NVME or fabric, the kind of thing that you expect them to do. A lot of recognition in the industry for the team or from the likes of TrustRadius, Gartner, named FlashRay, the Carton Peer Insights, the customer choice award and primary storage in the MQ. We were the leader. So a lot of kudos and recognition coming to the team as a result, Flash Blade just hit a billion dollars in cumulative revenue, kind of a leader by far in kind of the unstructured data, fast file an object marketplace. And then of course, all the work we're doing around what we say, ESG, environmental, social and governance, around reducing carbon footprint, reducing waste, our whole notion of evergreen and non-disruptive upgrades. We also kind of did a lot of work in that where we actually announced that over 2,700 customers have actually done non-disruptive upgrades over the technology. >> Yeah a lot to unpack there. And a lot of this sometimes you people say, oh, it's the plumbing, but the plumbing is actually very important too. 'Cause we're in a major inflection point, when we went from spinning disk to NAND. And it's all about volumes, you're seeing this all over the industry now, you see your old boss, Pat Gelsinger, is dealing with this at Intel. And it's all about consumer volumes in my view anyway, because thanks to Steve Jobs, NAND volumes are enormous and what two hard disk drive makers left in the planet. I don't know, maybe there's two and a half, but so those volumes drive costs down. And so you're on that curve and you can debate as to when it's going to happen, but it's not an if it's a when. Let me, shift gears a little bit. Because Cloud, as I was saying, it's ushered in this API economy, this as a service model, a lot of infrastructure companies have responded. How are you thinking at Pure about the as a service model for your customers? What's the strategy? How is it evolving and how does it differentiate from the competition? >> Absolutely, a great question. It's kind of segues into the second part of the moderate experience, which is how do you modernize the operations? And that's where automation as a service, because ultimately, the Cloud has validated and the address of this model, right? People are looking for outcomes. They care less about how you get there. They just want the outcome. And the as a service model actually delivers these outcomes. And this whole notion of infrastructure as code is kind of the start of it. Imagine if my infrastructure for a developer is just a line of code, in a Git repository in a program that goes through a CICD process and automatically kind of is configured and set up, fits in with the Terraform, the Ansibles, all that different automation frameworks. And so what we've done is we've gone down the path of really building out what I think is modern operations with this ability to have storage as code, disability, in addition modern operations is not just storage scored, but also we've got recently introduced some comprehensive ransomware protection, that's part of modern operations. There's all the threat you hear in the news or ransomware. We introduced what we call safe mode snapshots that allow you to recover in literally seconds. When you have a ransomware attack, we also have in the modern operations Pure one, which is maybe the leader in AI driven support to prevent downtime. We actually call you 80% of the time and fix the problems without you knowing about it. That's what modern operations is all about. And then also Martin operations says, okay, you've got flash on your on-prem side, but even maybe using flash in the public Cloud, how can I have seamless multi-Cloud experience in our Cloud block store we've introduced around Amazon, AWS and Azure allows one to do that. And then finally, for modern applications, if you think about it, this whole notion of infrastructure's code, as a service, software driven storage, the Kubernetes infrastructure enables one to really deliver a great automation framework that enables to reduce the labor required to manage the storage infrastructure and deliver it as code. And we have, kudos to Charlie and the Pure storage team before my time with the acquisition of Portworx, Portworx today is truly delivers true storage as code orchestrated entirely through Kubernetes and in a multi-Cloud hybrid situation. So it can run on EKS, GKE, OpenShift rancher, Tansu, recently announced as the leader by giggle home for enterprise Kubernetes storage. We were really proud about that asset. And then finally, the last piece are Pure as a service. That's also all outcome oriented, SLS. What matters is you sign up for SLS, and then you get those SLS, very different from our competition, right? Our competition tends to be a lot more around financial engineering, hey, you can buy it OPEX versus CapEx. And, but you get the same thing with a lot of professional services, we've really got, I'd say a couple of years and lead on, actually delivering and managing with SRE engineers for the SLA. So a lot of great work there. We recently also introduced Cisco FlashStack, again, flash stack as a service, again, as a service, a validation of that. And then finally, we also recently did a announcement with Aquaponics, with their bare metal as a service where we are a key part of their bare metal as a service offering, again, pushing the kind of the added service strategy. So yes, big for us, that's where the buck is skating, half the enterprises, even on prem, wanting to consume things in the Cloud operating model. And so that's where we're putting it lot. >> I see, so your contention is, it's not just this CapEx to OPEX, that's kind of the, during the economic downturn of 2007, 2008, the economic crisis, that was the big thing for CFOs. So that's kind of yesterday's news. What you're saying is you're creating a Cloud, like operating model, as I was saying upfront, irrespective of physical location. And I see that as your challenge, the industry's challenge, be, if I'm going to effect the digital transformation, I don't want to deal with the Cloud primitives. I want you to hide the underlying complexity of that Cloud. I want to deal with higher level problems, but so that brings me to digital transformation, which is kind of the now initiative, or I even sometimes call it the mandate. There's not a one size fits all for digital transformation, but I'm interested in your thoughts on the must take steps, universal steps that everybody needs to think about in a digital transformation journey. >> Yeah, so ultimately the digital transformation is all about how companies are gain a competitive edge in this new digital world or that the company are, and the competition are changing the game on, right? So you want to make sure that you can rapidly try new things, fail fast, innovate and invest, but speed is of the essence, agility and the Cloud operating model enables that agility. And so what we're also doing is not only are we driving agility in a multicloud kind of data, infrastructure, data operation fashion, but we also taking it a step further. We were also on the journey to deliver modern data services. Imagine on a Pure on-prem infrastructure, along with your different public Clouds that you're working on with the Kubernetes infrastructures, you could, with a few clicks run Kakfa as a service, TensorFlow as a service, Mongo as a service. So me as a technology team can truly become a service provider and not just an on-prem service provider, but a multi-Cloud service provider. Such that these services can be used to analyze the data that you have, not only your data, your partner data, third party public data, and how you can marry those different data sets, analyze it to deliver new insights that ultimately give you a competitive edge in the digital transformation. So you can see data plays a big role there. The data is what generates those insights. Your ability to match that data with partner data, public data, your data, the analysis on it services ready to go, as you get the digital, as you can do the insights. You can really start to separate yourself from your competition and get on the leaderboard a decade from now when this digital transformation settles down. >> All right, so bring us home, Ajay, summarize what does a modern data strategy look like and how does it fit into a digital business or a digital organization? >> So look, at the end of the day, data and analysis, both of them play a big role in the digital transformation. And it really comes down to how do I leverage this data, my data, partner data, public data, to really get that edge. And that links back to a vision. How do we provide that connected and effortless, modern data experience that allows our customers to focus on their business? How do I get the edge in the digital transformation? But easily leveraging, managing and winning with their data. And that's the heart of where Pure is headed. >> Ajay Singh, thanks so much for coming inside theCube and sharing your vision. >> Thank you, Dave, it was a real pleasure. >> And thank you for watching this Cube conversation. This is Dave Vellante and we'll see you next time. (upbeat music)

(gentle music) >> Welcome to the new abnormal. Yes, you know, the pandemic, it did accelerate the shift to digital, but it's also created disorder in our world. I mean, every day it seems that companies are resetting their office reopening playbooks. They're rethinking policies on large gatherings and vaccination mandates. There's an acute labor shortage in many industries, and we're seeing an inventory glutton in certain goods, like bleach and hand sanitizer. Airline schedules and pricing algorithms, they're all unsettled. Is inflation transitory? Is that a real threat to the economy? GDP forecasts are seesawing. In short, the world is out of whack and the need for fast access to quality, trusted and governed data has never been greater. Can coherent data strategies help solve these problems, or will we have to wait for the world to reach some type of natural equilibrium? And how are companies, like Google, helping customers solve these problems in critical industries, like financial services, retail, manufacturing, and other sectors? And with me to share his perspectives on data is a long-time CUBE alum, Bruno Aziza. He's the head of data analytics at Google. Bruno, my friend, great to see you again, welcome. >> Great to see you, thanks for having me, Dave. >> So you heard my little narrative upfront, how do you see this crazy world of data today? >> I think you're right. I think there's a lot going on in the world of data analytics today. I mean, certainly over the last 30 years, we've all tried to just make the life of people better and give them access more readily to the information that they need. But certainly over the last year and half, two years, we've seen an amazing acceleration in digital transformation. And what I think we're seeing is that even after three decades of investment in the data analytics world, you know, the opportunity is still really out wide and is still available for organizations to get value out of their data. I was looking at some of the latest research in the market, and, you know, only 32% of companies are actually able to say that they get tangible, valuable insights out of their data. So after all these years, we still have a lot of opportunity ahead of us, of course, with the democratization of access to data, but also the advent in machine learning and AI, so that people can make better decisions faster than their competitors. >> So do you think that the pandemic has heightened that sort of awareness as they were sort of forced to pivot to digital, that they're maybe not getting enough out of their data strategies? That maybe their whatever, their organization, their technology, their way they were thinking about data was not adequate and didn't allow them to be agile enough? Why do you think that only 32% are getting that type of value? >> I think it's true. I think, one, digital transformation has been accelerated over the last two years. I think, you know, if you look at research the last two years, I've seen almost a decade of digital acceleration, you know, happening. But I also think that we're hitting a particular time where employees are expecting more from their employers in terms of the type of insights that can get. Consumers are now evolving, right? So they want more information. And I think now technology has evolved to a point where it's a lot easier to provision a data cloud environment so you can get more data out to your constituents. So I think the connection of these three things, expectation of employees, expectation of customers to better customer experiences, and, of course, the global environment, has accelerated quite a bit, you know, where the space can go. And for people like me, you know, 20 years ago, nobody really cared about databases and so forth. And now I feel like, you know, everybody's, you know, understands the value that we can get out of it. And we're kind of getting, you know, in the sexy territory, finally, data now is sexy for everyone and there's a lot of interest in the space. >> You and I met, of course, in the early days of Hadoop. And there were many things about Hadoop that were profound and, of course, many things that, you know, just were overly complex, et cetera. And one of the things we saw was this sort of decentralization. We thought that Hadoop was going to send five megabytes of code to petabytes of data. And what happened is everything, you know, came into this centralized repository and that centralized thinking, the data pipeline organization was very centralized. Are you seeing companies rethink that? I mean, has the cloud changed their thinking? You know, especially as the cloud expands to the edge, on-prem, everywhere. How are you seeing organizations rethink their regimes for data? >> Yeah, I think, you know, we've seen over the last three decades kind of the pendulum, right, from really centralizing everything and making the IT organization kind of the center of excellence for data analytics, all the way to now, you know, providing data as a self-service, you know, application for end-users. And I think what we're seeing now is there's a few forces happening. The first one is, of course, multicloud, right? So the world today is clearly multicloud and it's going to be multicloud for many, many years. So I think not only are now people considering their on-prem information, but they're also looking at data across multiple clouds. And so I think that is a huge force for chief data officers to consider is that, you know, you're not going to have data centralized in one place, nicely organized, because sometimes it's going to be a factor of where you want to be as an organization. Maybe you're going to be partnering with other organizations that have data in other clouds. And so you want to have an architecture that is modern and that accommodates this idea of an open cloud. The second problem that we see is this idea around data governance, intelligent data governance, right? So the world of managing data is becoming more complex because, of course, you're now dealing with many different speeds, you're dealing with many different types of data. And so you want to be able to empower people to get access to the information, without necessarily having to move this data, so they can make quick decisions on the data. So this idea of a data fabric is becoming really important. And then the third trend that we see, of course, is this idea around data sharing, right? People are now looking to use their own data to create a data economy around their business. And so the ability to augment their existing data with external data and create data products around it is becoming more and more important to the chief data officers. So it's really interesting we're seeing a switch from, you know, this chief data officer really only worried about governance, to this we're now worried about innovation, while making sure that security and governance is taken care of. You know, we call this freedom within the framework, which is a great challenge, but a great opportunity for many of these data leaders. >> You mentioned several things there. Self-service, multicloud, the governance key, especially if we can federate that governance in a decentralized world. Data fabric is interesting. I was talking to Zhamak Dehghani this weekend on email. She coined the term data mesh. And there seems to be some confusion, data mesh, data fabric. I think Gartner's using the term fabric. I know like NetApp, I think coined that term, which to me is like an infrastructure layer, you know. But what do you mean by data fabric? >> Well, the first thing that I would say is that it's not up to the vendors to define what it is. It really is up to the customer. The problem that we're seeing these customers trying to fix is you have a diversity of data, right? So you have data stored in the data mart, in a data lake, in a data warehouse, and they all have their specific, you know, reasons for being there. And so this idea of a data fabric is that without moving the data, can you, one, govern it intelligently? And, two, can you provide landing zones for people to actually do their work without having to go through the pain of setting up new infrastructure, or moving information left and right, and creating new applications? So it's this idea of basically taking advantage of your existing environment, but also governing it centrally, and also now providing self-service capabilities so people can do their job easily. So, you know, you might call it a data mesh, you might call it a data fabric. You know, the terminology to me, you know, doesn't seem to be the barrier. The issue today is how do we enable, you know, this freedom for customers? Because, you know, I think what we've seen with vendors out there is they're trying to just take the customer down to their paradigms. So if they believe in all the answers need to be in a data warehouse, they're going to guide the customer there. If they believe that, you know, everything needs to be in a data lake, they're going to guide the customer there. What we believe in is this idea of choice. You should be able to do every single use case. And we should be able to enable you to manage it intelligently, both from an access standpoint, as well as a governance standpoint. >> So when you think about those different, and I like that, you're making it somewhat technology agnostic, so whether it's a data warehouse, or a data lake, or a data hub, a data mart, those are nodes within the mesh or the fabric, right? That are discoverable, accessible, I guess, governed. I think that there's got to be some kind of centralized governance edict, but in a federated governance model so you don't have to move the data around. Is that how you're thinking about it? >> Absolutely, you know, in our recent event, in the Data Cloud Summit, we had Equifax. So the gentleman there was the VP of data governance and data fabric. So you can start seeing now these roles, you know, created around this problem. And really when you listen to what they're trying to do, they're trying to provide as much value as they can without changing the habits of their users. I think that's what's key here, is that the minute you start changing habits, force people into paradigms that maybe, you know, are useful for you as a vendor, but not so useful to the customer, you get into the danger zone. So the idea here is how can you provide a broad enough platform, a platform that is deep enough, so the data can be intelligently managed and also distributed and activated at the point of interaction for the end-user, so they can do their job a lot easier? And that's really what we're about, is how do you make data simpler? How do you make, you know, the process of getting to insight a lot more fluid without changing habits necessarily, both on the IT side and the business side? >> I want to get to specifics on what Google is doing, but the last sort of uber-trends I want to ask you about 'cause, again, we've known each other for a long time. We've seen this data world grow up. And you're right, 20, 30 years ago, nobody cared about database. Well, maybe 30 years ago. But 20 years ago, it was a boring market, right now it's like the hottest thing going. But we saw, you know, bromide like data is the new oil. Well, we found out, well, actually data is more valuable than oil 'cause you can use, you know, data in a lot of different places, oil you can use once. And then the term like data as an asset, and you said data sharing. And it brings up the notion that, you know, you don't want to share your assets, but you do want to share your data as long as it can be governed. So we're starting to change the language that we use to describe data and our thinking is changing. And so it says to me that the next 10 years, aren't going to be like the last 10 years. What are your thoughts on that? >> I think you're absolutely right. I think if you look at how companies are maturing their use of data, obviously the first barrier is, "How do I, as a company, make sure that I take advantage of my data as an asset? How do I turn, you know, all this information into a sustainable, competitive advantage, really top of mind for organizations?" The second piece around it is, "How do I create now this innovation flywheel so that I can create value for my customers, and my employees, and my partners?" And then, finally, "How do I use data as the center of a product that I can then further monetize and create further value into my ecosystem?" I think the piece that's been happening that people have not talked a lot about I think, with the cloud, what's come is it's given us the opportunity to think about data as an ecosystem. Now you and I are partnering on insights. You and I are creating assets that might be the combination of your data and my data. Maybe it's an intelligent application on top of that data that now has become an intelligent, rich experience, if you will, that we can either both monetize or that we can drive value from. And so I think, you know, it's just scratching the surface on that. But I think that's where the next 10 years, to your point, are going to be, is that the companies that win with data are going to create products, intelligent products, out of that data. And they're just going to take us to places that, you know, we are not even thinking about right now. >> Yeah, and I think you're right on. That is going to be one of the big differences in the coming years is data as product. And that brings up sort of the line of business, right? I mean the lines of business heads historically have been kind of removed from the data group, that's why I was asking you about the organization before. But let's get into Google. How do you describe Google's strategy, its approach, and why it's unique? >> You know, I think one of the reasons, so I just, you know, started about a year ago, and one of the reasons for why I found, you know, the Google mission interesting, is that it's really rooted at who we are and what we do. If you think about it, we make data simple. That's really what we're about. And we live that value. If you go to google.com today, what's happening? Right, as an end-user, you don't need any training. You're going to type in whatever it is that you're looking for, and then we're going to return to you highly personalized, highly actionable insights to you as a consumer of insights, if you will. And I think that's where the market is going to. Now, you know, making data simple doesn't mean that you have to have simple infrastructure. In fact, you need to be able to handle sophistication at scale. And so simply our differentiation here is how do we go from highly sophisticated world of the internet, disconnected data, changing all the time, vast volume, and a lot of different types of data, to a simple answer that's actionable to the end-user? It's intelligence. And so our differentiation is around that. Our mission is to make data simple and we use intelligence to take the sophistication and provide to you an answer that's highly actionable, highly relevant, highly personalized for you, so you can go on and do your job, 'cause ultimately the majority of people are not in the data business. And so they need to get the information just like you said, as a business user, that's relevant, actionable, timely, so they can go off and, you know, create value for their organization. >> So I don't think anybody would argue that Google, obviously, are data experts, arguably the best in the world. But it's interesting, some of the uniqueness here that I'm hearing in your language. You used the word multicloud, Amazon doesn't, you know, use that term. So that's a differentiation. And you sell a cloud, right? You sell cloud services, but you're talking about multicloud. You sell databases, but, of course, you host other databases, like Snowflake. So where do you fit in all this? Do you see your role, as the head of data analytics, is to sort of be the chef that helps combine all these different capabilities? Or are you sort of trying to help people adopt Google products and services? How should we think about that? >> Yeah, the best way to think about, you know, I spend 60 to 70% of my time with customers. And the best way I can think about our role is to be your innovation partner as an organization. And, you know, whichever is the scenario that you're going to be using, I think you talked about open cloud, I think another uniqueness of Google is that we have a very partner friendly, you know, approach to the business. Because we realized that when you walk into an enterprise or a digital native, and so forth, they already have a lot of assets that they have accumulated over the years. And it might be technology assets, but also might be knowledge, and know-how, right? So we want to be able to be the innovation vendor that enables you to take these assets, put them together, and create simplicity towards the data. You know, ultimately, you can have all types of complexity in the backend. But what we can do the best for you is make that really simple, really integrated, really unified, so you, as a business user, you don't have to worry about, "Where is my data? Do I need to think about moving data from here to there? Are there things that I can do only if the data is formatted that way and this way?" We want to remove all that complexity, just like we do it on google.com, so you can do your job. And so that's our job, and that's the reason for why people come to us, is because they see that we can be their best innovation partner, regardless where the data is and regardless, you know, what part of the stack they're using. >> Well, I want to take an example, because my example, I mean, I don't know Google's portfolio like you do, obviously, but one of the things I hear from customers is, "We're trying to inject as much machine intelligence into our data as possible. We see opportunities to automate." So I look at something like BigQuery, which has a strong affinity in embedded machine learning and machine intelligence, as an example, maybe of that simplification. But maybe you could pick up on that and give us some other concrete examples. >> Yeah, specifically on products, I mean, there are a lot products we can talk about, and certainly BigQuery has tremendous market momentum. You know, and it's really anchored on this idea that, you know, the idea behind BigQuery is that just add data and we'll do the rest, right? So that's kind of the idea where you can start small and you can scale at incredible, you know, volumes without really having to think about tuning it, about creating indexes, and so forth. Also, we think about BigQuery as the place that people start in order to build their ecosystem. That's why we've invested a lot in machine learning. Just a few years ago, we introduced this functionality called BigQuery Machine Learning, or BigQuery ML, if you're familiar with it. And you notice out of the top 100 customers we have, 80% of these customers are using machine learning right out of, you know, BigQuery. So now why is that? Why is it that it's so easy to use machine learning using BigQuery is because it's built in. It was built from the ground up. Instead of thinking about machine learning as an afterthought, or maybe something that only data scientists have access to that you're going to license just for narrow scenarios, we think about you have your data in a warehouse that can scale, that is equally awesome at small volume as very large volume, and we build on top of that. You know, similarly, we just announced our analytics exchange, which is basically the place where you can now build these data analytics assets that we discussed, so you can now build an ecosystem that creates value for end-users. And so BigQuery is really at the center of a lot of that strategy, but it's not unlike any of the other products that we have. We want to make it simple for people to onboard, simple to scale, to really accomplish, you know, whatever success is ahead of them. >> Well, I think ecosystems is another one of those big differences in the coming decade, because you're able to build ecosystems around data, especially if you can share that data, you know, and do so in a governed and secure way. But it leads to my question on industries, and I'm wondering if you see any patterns emerging in industries? And each industry seems to have its own unique disruption scenario. You know, retail obviously has been, you know, disrupted with online commerce. And healthcare with, of course, the pandemic. Financial services, you wonder, "Okay, are traditional banks going to lose control of payment systems?" Manufacturing you see our reliance on China's supply chain in, of course, North America. Are you seeing any patterns in industry as it pertains to data? And what can you share with us in terms of insights there? >> Yeah, we are. And, I mean, you know, there's obviously the industries that are, you know, very data savvy or data hungry. You think about, you know, the telecommunication industry, you think about manufacturing, you think about financial services and retail. I mean, financial services and retailers are particularly interesting, because they're kind of both in the retail business and having to deal with this level of complexity of they have physical locations and they also have a relationship with people online, so they really want to be able to bring these two worlds together. You know, I think, you know, about those scenarios of Carrefour, for instance. It's a large retailer in Europe that has been able to not only to, you know, onboard on our platform and they're using, you know, everything from BigQuery, all the way to Looker, but also now create the data assets that enable them to differentiate within their own industry. And so we see a lot of that happening across pretty much all industries. It's difficult to think about an industry that is not really taking a hard look at their data strategy recently, especially over the last two years, and really thought about how they're creating innovation. We have actually created what we call design patterns, which are basically blueprints for organization to take on. It's free, it's free guidance, it's free datasets and code that can accelerate their building of these innovative solutions. So think about the, you know, ability to determine propensity to purchase. Or build, you know, a big trend is recommendation systems. Another one is anomaly detection, and this was great because anomaly detection is a scenario that works in telco, but also in financial services. So we certainly are seeing now companies moving up in their level of maturity, because we're making it easier and simpler for them to assemble these technologies and create, you know, what we call data-rich experiences. >> The last question is how you see the emerging edge, IoT, analytics in that space? You know, a lot of the machine learning or AI today is modeling in the cloud, as you well know. But when you think about a lot of the consumer applications, whether it's voice recognition or, you know, or fingerprinting, et cetera, you're seeing some really interesting use cases that could bleed into the enterprise. And we think about AI inferencing at the edge as really driving a lot of value. How do you see that playing out and what's Google's role there? >> So there's a lot going on in that space. I'll give you just a simple example. Maybe something that's easy for the community to understand is there's still ways that we define certain metrics that are not taking into account what actually is happening in reality. I was just talking to a company whose job is to deliver meals to people. And what they have realized is that in order for them to predict exactly the time it's going to take them from the kitchen to your desk, they have to take into account the fact that distance sometimes it's not just horizontal, it's also vertical. So if you're distributing and you're delivering meals, you know, in Singapore, for instance, high density, you have to understand maybe the data coming from the elevators. So you can determine, "Oh, if you're on the 20th floor, now my distance to you, and my ability to forecast exactly when you're going to get that meal, is going to be different than if you are on the fifth floor. And, particularly, if you're ordering at 11:32, versus if you're ordering at 11:58." And so what's happening here is that as people are developing these intelligent systems, they're now starting to input a lot of information that historically we might not have thought about, but that actually is very relevant to the end-user. And so, you know, how do you do that? Again, and you have to have a platform that enables you to have a large diversity of use cases, and that thinks ahead, if you will, of the problems you might run into. Lots and lots of innovation in this space. I mean, we work with, you know, companies like Ford to, you know, reinvent the connected, you know, cars. We work with companies like Vodafone, 700 use cases, to think about how they're going to deal with what they call their data ocean. You know, I thought you would like this term, because we've gone from data lakes to data oceans. And so there is certainly a ton of innovation and certainly, you know, the chief data officers that I have the opportunity to work with are really not short of ideas. I think what's been happening up until now, they haven't had this kind of single, unified, simple experience that they can use in order to onboard quickly and then enable their people to build great, rich-data applications. >> Yeah, we certainly had fun with that over the years, data lake or data ocean. And thank you for remembering that, Bruno. Always a pleasure seeing you. Thanks so much for your time and sharing your perspectives, and informing us about what Google's up to. Can't wait to have you back. >> Thanks for having me, Dave. >> All right, and thank you for watching, everybody. This is Dave Vellante. Appreciate you watching this CUBE Conversation, and we'll see you next time. (gentle music)

(upbeat music) >> There are many constants in the storage business, relentlessly declining costs per bit. Innovations that perpetually battle the laws of physics, a seemingly endless flow of venture capital, very intense competition. And there's one other constant in the storage industry, Eric Herzog. And he joins us today in this CUBE video exclusive to talk about IBM's recent storage announcements. Eric, welcome back to theCUBE. Great to see you, my friend. >> Great Dave, thank you very much. Of course, IBM always loves to participate with theCUBE and everything you guys do. Thank you very much for inviting us to come today. >> Really our pleasure. So we're going to cover a lot of ground. IBM Storage made a number of announcements this month around data resilience. You've got a new as a service model. You've got performance enhancements. Eric, can you give us, give us the top line summary of the hard news? >> Yeah. Top line. IBM is enhancing data and cyber resiliency across all non mainframe platforms. We already have it on the mainframe of course, and we're changing CapEx to OpEx with our storage as a service. Those are the key takeaways and the hot ticket items from an end user perspective. >> So maybe we could start with sort of the cyber piece. I mean, wow. I mean the last 18 months have been incredible and you're just seeing, you know, new levels of threats. The work from home pivot has created greater exposure. Organizations are kind of rethinking hybrid. You're seeing the ascendancy of some of the sort of hot cyber startups, but, but you're also seeing the, not only of the attack vectors winded, but the, the techniques are different. You know, threat hunting has become much more important. Your responses to threats. You have to be really careful the whole ransomware thing. So what are some of the big trends that you guys are seeing that are kind of informing how you approach the market? >> Well, first of all, it's gotten a lot worse. In fact, Fortune magazine just released the Fortune 500 a couple of weeks ago, and they had a survey that's public of CEOs, and they said, "What's the number one threat to your business? With no list just what's the number one threat?" Cyber security was number one 66% of the Fortune 500 Chief Executive Officers. Not CIOs not CTOs, but literally the CEOs of the biggest companies in the world. However, it's not just big companies. It hits the mid size, the small companies, everyone is open now to cyber threats and cyber attacks. >> Yeah. So for sure. And it's (chuckles) across the board. Let's talk about your solution, the announcement that you made here. Safeguard Copy, I think is what the branding is. >> Yeah. So what we've done is we've got a number of different technologies within our storage portfolio. For example, with our Spectrum Protect product, we can see anomalous pattern detection and backup data sets. Why would that matter? If I am going to hold theCUBE for ransom, if I don't get control of your secondary storage, snaps, replicas, and backups, you can just essentially say, I'm not paying you. You could just do a recovery, right? So we have anomalous protection there. We see encryption, we encrypt at rest with no performance penalty with our FlashSystem's family. We do air gapping. And in case of safeguarded copy, it's a form of air gapping. So we see physical air gapping with tape. logical air gapping, but to a remote location with snaps or replicas to your Cloud provider, and then local logical on-prem, which is what safeguarded copy does. We've had this technology for many years now on the mainframe platform. And we brought it down to the non mainframe environments, Linux, UNIX, and the Windows Server world by putting safeguarded copy on our FlashSystem's portfolio. >> So, okay. So part of the strategy is air gapping. So you're taking a copy, your air gapping it. You probably, you probably take those snaps, you know, at different intervals, you mix that up, et cetera. How do you manage the copies? How do you ensure if I have to do a recovery that you've got kind of a consistent data set? >> Yeah. So a couple things, first of all, we can create on a single FlashSystem array the full array up to 15,000 immutable copies, essentially they're weren't, you can't delete them, you can't change them. On a per volume basis, you can have 255. This is all managed with our storage copy manager, which can automate the entire process. Creation, deletion, frequency, and even recovery mode. So for example, I could have volume one and volume one perhaps I need to make immutable copies every four hours, while at 255 divided by four a day, I can go for many months and still be making those immutable copies. But with our Copy Services Manager, you can set up to be only 30 days, 60 days, you can set the frequency and once you set it up, it's all automated. And you can even integrate with IBM's QRadar, which is a threat detection and breach software from the security division of IBM. And when certain threats hit, it can actually automatically kick off a safeguarded copy. So what we do is make sure you've got that incredibly rapid recovery. And in fact, you can get air gapping, remotely. We have this on the main frame and a number of large global Fortune 500's actually do double air gapping, local logical, right? So they can do recovery in just a couple hours if they have an attack. And then they take that local logical and either go remote logical. Okay. Which gives them a second level of protection, or they'll go out to tape. So you can use this in a myriad of ways. You can have multiple protection. We even, by the way Dave, have three separate different admin levels. So you can have three different types of admins. One admin can't delete, one admin can. So that way you're also safe from what I'll call industrial espionage. So you can never know if someone's going to be stealing stuff from inside with multiple administrative capabilities, it makes it more difficult for someone to steal your data and then sell it to somebody. >> So, okay. Yeah, right. Because immutable is sort of, well, you're saying that you can set it up so that only one admin has control over that, is that right? If you want it... >> There's three, there's three admins with different levels of control. >> Right. >> And the whole point of having a three admins with different levels of control, is you have that extra security from an internal IT perspective versus one person, again, think of the old war movies, you know, nuclear war movies. Thank God it's never happened. Where two guys turn the key. So you've got some protection, we've got multiple admin level to do that as well. So it's a great solution with the air gapping. It's rapid recovery because it's local, but it is fully logically air gapped separated from the host. It's immutable, it's WORM, Write Once, Read Many can't delete can't change. Can't do anything. And you can automate all the management with our Copy Services Manager software that will work with safeguard copy. >> You, you talked about earlier, you could detect anomalous behavior. So, so presumably this can help with, with detecting threats, is that? >> Well, that's what our spectrum protect product does. My key point was we have all levels of data resiliency across the whole portfolio, whether it be encrypting data at rest, with our VTLs, we can encrypt in-flight. We have safeguarded copy on the mainframe, safeguarded copy on FlashSystems, any type of storage, including our competitor storage. You could air gap it to tape, right? With our spectrum virtualized software in our SAN Volume Controller, you could actually air gap out to a Cloud for 500 arrays that aren't even ours. So what we've done is put in a huge set of data and cyber resiliency across the portfolio. One thing that I've noticed, Dave, that's really strange. Storage is intrinsic to every data center, whether you're big, medium, or small. And when most people think about a cybersecurity strategy from a corporate perspective, they usually don't even think about storage. I've been shocked, but I've been in meetings with CEOs and VPs and they said, "oh, you're right, storage is, is a risk." I don't know why they don't think of it. And clearly many of the security channel partners, right? You have channel that are very focused on security and security consultants, they often don't think about the storage gaps. So we're trying to make sure, A, we've got broad coverage, primary storage, secondary storage, backup, you know, all kinds of things that we can do. And we make sure that we're talking to the end users, as well as the channel to realize that if you don't have data resilience storage, you do not have a corporate cybersecurity strategy because you just left out the storage part. >> Right on. Eric, are you seeing any use case patterns emerge in the customer base? >> Well, the main use case is prioritizing workloads. Obviously, as you do the immutable copies, you chew up capacity. Right now there's a good reason to do that. So you've got these immutable copies, but what they're doing is prioritizing workloads. What are the workloads? I absolutely have to have up and going rapidly. What are other workloads that are super important, but I could do maybe remote logical air gapping? What ones can I put out to tape? Where I have a logical, where I have a true physical air gap. But of course tape can take a long recovery time. So they're prioritizing their applications, workloads and use case to figure out what they need to have a safeguarded copy with what they could do. And by the way, they're trying to do that as well. You know, with our FlashSystem products, we could encrypt data at rest with no performance penalty. So if you were getting, you know, 30,000 database records and they were taken, you know, 10 seconds for sake of argument, when you encrypt, normally you slow that down. Well, guess what, when you encrypt with our FlashSystem product. So in fact, you know, it's interesting Dave, we have a comprehensive and free cyber resiliency assessment, no charge to the end-user, no charge to a business partner if they want to engage with us. And we will look at based on the NIST framework, any gaps. So for example, if theCUBE said, these five databases are most critical databases, then part of our cyber resilience assess and say, "ah, well, we noticed that you're not encrypting those. Why are you not encrypting those?" And by the way, that cyber resilience assessment works not only for IBM storage, but any storage estate they've got. So if they're homogenous, we can evaluate that if they're heterogeneous in their storage estate would evaluate that, and it is vendor agnostic and conforms to the NIST framework, which of course is adopted all over the world. And it's a great thing for people to get free, no obligation. You don't have to buy a single thing from IBM. It's just a free assessment of their storage and what cyber security exposure they have in their storage estate. And that's a free thing that we offer that includes safeguarded copy, encryption, air gapping, all the various functionality. And we'll say, "why are you not encrypting? Why are you not air gapping?" That if it's that important, "what, why are you leaving these things exposed?" So that's what our free cyber resilience assessment does. >> Got to love those freebies take advantage of those for sure. A lot of, a lot of organizations will charge big bucks for those. You know, maybe not ridiculously huge bucks, but you're talking tens of thousands. Sometimes you'll get up to hundreds of thousands of dollars for that type of type of assessment. So that's, you've got to take advantage of that if you're a customer out there. You know, I, I wanted to ask you about just kind of shift topics here and get into the, as a service piece of it. So you guys announced your, your as a service for storage, a lot of people have also done that. What do we need to know about the IBM Solution? And what's different from the others, maybe two part question, but what's the first part. What do we need to know? >> A couple of thing is, from an overall strategy perspective, you don't buy storage. It's a full OpEx model. IBM retains legal title. We own it. We'll do the software upgrades as needed. We may even go ahead and swap the physical system out. You buy an SLA, a tier if you will. You buy capacity, performance, we own it. So let's take an easy one. Our tier two, we give you our worst case performance at 2,250 IOPS per terabyte. Our competitors by the way, when you look at their contracts and look what they're putting out there, they will give you their best case number. So if they're two is 2,250, that's the best case. With us it's our worst case, which means if your applications or workloads get 4,000 IOPS per terabyte, it's free. We don't charge you for that. We give you the worst case scenario and our numbers are higher than our competition. So we make sure that we're differentiated true OpEx model. It's not a modified Lease model. So it's truly converts CapEx into operational expense. We have a base as everybody does, but we have a variable. And guess what? There's the base price and the variable price are the same. So if you don't use the variable, we don't charge you. We bill you for 1/4 in arrears, every feature function that's on our FlashSystem technology such as safeguarded copy, which we just talked about. AI based tiering, data at rest encryption with no performance penalty, data in compression with no performance, all those features you get, all of them, all we're doing is giving you an option. We still let you buy CapEx. We will let you lease with IBM Global Financial Services. And guess what? You could do a full OpEx model. The technology though, our flash core modules, our spectrum virtualized software is all the same. So it's all the same feature function. It's not some sort of stripped down model. We even offer Dave, 100% availability option. We give Six Nines of availability as a default, several of the competitor, which is only five minutes and 26 seconds of downtime, several of our competitors, guess what they give? Fournines. If you want five or six, you got to pay for it. We just give you six as a default differentiator, but then we're the only vendor to offer 100% availability guarantee. Now that is an option. It's the one option. But since we're already at Six Nines, when our competitors are at Four or Five Nines, we already have better availability with our storage as a service than the competition does. >> So let me just make this, make sure I'm clear on this. So you got Six Nines as part of the service. That's >> Absolutely >> Fundamental. And I get, I can pay up for 100% availability option. And, >> Yes you can. >> So what does that, what does that mean? Practically? You're putting in redundancies and, >> Right, right. So we have a technology known as HyperSwap. We have several public references by the way, at ibm.com. We've been shipping HyperSwap on both the mainframe, probably eight or nine years now. We brought it to our FlashSystem product probably five years ago. As I mentioned, we've got public references. You don't pay for the software by the way, you do have to have a dual node cluster. And HyperSwap allows you to do that. But you can do that as a service. You can buy it. You can do as CapEx, right? When you need the additional FlashSystem to go with it again, the software is free. So you're not to pay for the software. You just have to pay for the additional system level componentry, but you can do that as a service and have it completely be an OpEx model as well. We even assign a technical account manager to every account. Every account gets a technical account manager. If you will, concierge service comes with every OpEx version of our storage as a service. >> So what does that mean? What does that concierge do? Just paying attention to (indistinct) >> Concierge service will do a quarterly, a quarterly review with you. So let's say theCUBE bought 10,000 other analyst firms in the industry. You're now the behemoth. And you at theCUBE are using IBM storage as a service. You call up your technical account manager to say, "Guess what? We just bought these companies. We're going to convert them all to storage as a service, A, we need a higher tier, you could upgrade the tier B, we have a one-year contract, but you know what we'd like to extend it to two, C, we think we need more capacity." You tell your technical account manager, they'll take care of all of that for you, as well as giving you best practices. For example, if you decide you want to do safeguarded copy, which you can do, because it's built into our spectrum virtualized software, which is part of our storage as a service, we can give you best practices on that he would tell you, or she would tell you about our integration with our security visions, QRadar. So those are various best practices. So the technical account manager makes sure the software is always up to date, right? All the little things that you would have to do yourself if you own it, we take care of, because we legally own it, which is allow you to buy it as a service. So it is a true OpEx model from a financial perspective. >> In the term of the contracts are what? One, two and three years. >> One to five. >> Yeah. Okay. >> If you don't renew and you don't cancel, we'll automatically re up you at the exact tier you're at, at the exact same price. Several of our competitors, by the way, if you do that, they actually charge you a premium until you sign a contract. We do not. So if you have a contract based on tier two, right? We go buy SLA tier one, tier two, tier three. So if I have a tier two contract at theCUBE, and you forgot to get the contract done at the end of two years, but you still want it, you can go for the next 2/4. I mean, well our business partner as I should say, "Dave, don't you want to sign a contract, you said you like it." Obviously you would, but we will let you stay. You just say, now I want to keep it without a contract. And we don't charge your premium. Our competitors if you don't have a contract, they charge your premium. If you keep it installed without putting a contract in place. So little things like that clearly differentiate what we do. We don't charge a premium. If you go above the base. One of the competitors, in fact, when you go into the variable space, okay? And by the way, we provide 50% extra capacity. We over-provision. The other competitors usually do 25%. We do 50%. No charge, is just part of the service. So the other vendors, if you go into the variable space, they raised the price. So if it's $5, you know, for X capacity and you go into the, which is your base, and then you go above that, they charge you $7 and 50 cents. We don't. It's $5 at the base and $5 at the variable. Now obviously your variable can be very big or very small, but whatever the variable is, we charge you. But we do not charge you an a bigger price. Couple of competitors when you go into the variable world, they charge you more. Guess what it gets you to do, raise your base capacity. (Eric laughs) >> Yeah. I mean, that's, that should, the math should be the opposite of that, in my view. If you make a commitment to a vendor, say, okay, I'm going to commit to X. You have a nice chart on this, actually in your, in your deck. If I'm going to commit to X, and then I'm going to add on, I would think the add on price per bit should be at the same or lower. It shouldn't be higher. Right? And I get, I get what you're saying there. They're forcing you to jack up the base, but then you're taking all the risk. That's not a shared risk model. I get... >> And that's why we made sure that we don't do that. In fact, Dave, you can, you know, the fact that we don't charge you a premium if you go beyond your contract period and say, "I still wanted to do it, but I haven't done the contract yet." The other guys charge you a premium, if you go beyond your contract period. We don't do that either. So we try to be end-user friendly, customer friendly, and we've also factored in our business partners can participate in this program. At least one of our competitors came out with a program and guess what? Partners could not participate. It was all direct. And that company by happens to have about 80% of their business through the channel and their partners were basically cut out of the model, which by the way, is what a lot of Cloud providers had done in the past as well. So it was not a channel friendly model, we're channel friendly, we're end user-friendly, it's all about ease of use. In fact, when you need more capacity, it takes about 10 minutes to get the new capacity up and going, that's it? >> How long does it take to set up? How long does it take to set up initially? And how long does it take to get new capacity? >> So, first of all, we deploy either in a Colo facility that you've contracted with, including Equinix, Equinix, is part of our press release, or we install on your site. So the technical account managers is assigned, he would call up theCUBE and say, "When is it okay for us to come install the storage?" We install it. You don't install anything. You just say, here's your space. Go ahead and install. We do the installation. You then of course do the normal rationing of the capacity to this goes to this Oracle, this goes to SAP. This goes to Mongo or Cassandra, right? You do that part, but we install it. We get it up and going. We get it turned on. We hook it up to your switching infrastructure. If you've got switching infrastructure, we do all of that. And then when you need more capacity, we use our storage insights pro which automatically monitors capacity, performance, and potential tech support problems. So we give you 50% extra, right? If you drop that to 25%, so you now don't have 50% extra anymore, you only have 25% extra, we'll, the technical account manager would call you and say, "Dave, do you know that we'd like to come install extra capacity at no charge to get you back up to that 50% margin?" So we always call because it's on your site or in your Colo facility, right? We own the asset, but we set it up and you know, it takes a week or two, whatever it takes to ship to whatever location. Now by the way, our storage as a service for 2021 will be in North America and Europe only, we are really expanding our storage as a service outside into Asia and into Latin America, et cetera, but not until 2022. So we'll start out with North America and Europe first. >> So I presume part of that is figuring out just the compensation models right? And so how, how did you solve that? I mean, you can't, you know, you don't seem to be struggling with that. Like some do. I think there's some people dipping their toes in the water. Was that because, you know, IBM's got experience with like SAS pricing or how were you thinking about that and how did you deal with kind of the internal (indistinct) >> Sure. So, first of all, we've had for several years, our storage utility model. >> Right? >> Our storage utility model has been sort of a hybrid part CapEx and part OpEx. So first of all, we were already halfway there to an OpEx model with our storage utility model that's item, number one. It also gave us the experience of the billing. So for example, we bill you for a full quarter. We don't send you a monthly bill. We send you a quarterly bill. And guess what, we always bill you in arrears. So for example, since theCUBE is going to be a customer this quarter, we will send you a bill for this quarter in October for the October quarter, we'll send you a bill for that quarter in January. Okay. And if it goes up, it goes up. If it goes down, it goes down. And if you don't use any variable, there's no bill. Because what we do is the base you pay for once a year, the variable you pay for by on a quarterly basis. So if you, if you are within the base, we don't send you a bill at all because there's no bill. You didn't go into the variable capacity area at all. >> I love that. >> When you have a variable It can go up and down. >> Is that unique to some, do some competitors try to charge you up front? Like if it's a one-year term. (Dave laughs) >> Everbody charges, everybody builds yearly on the base capacity. Pretty much everyone does that. >> Okay, so upfront you pay for the base? Okay. >> Right. And the variable can be zero. If you really only use the base, then there is no variable. We only bill for it's a pay for what you use model. So if you don't use any of the variable, we never charge you for variable. Now, you know, because you guys have written about it, storage grows exponentially. So the odds of them ending up needing some of the variable is moderately high. The other thing we've done is we didn't just look at what we've done with our storage utility model, but we actually looked at Cloud providers. And in fact, not only IBM storage, but almost every of our competitors does a comparison to Cloud pricing. And when you do apples to apples, Cloud vendors are more expensive than storage as a services, not just from us, but pretty much for a moment. So let's take an example. We're Six Nines by default. Okay. So as you know, most Cloud providers provide three or Fournines as the default. They'll let you get five or Six Nines, but guess what? They charge you extra. So item number one. Second thing, performance, as you know, the performance of Cloud storage is usually very weak, but you can make it faster if you want to. They charge extra for that. We're sitting at 2,250 terabytes per IOPS, excuse me, per terabytes. That's incredible performance If you've got 100 terabytes, okay. And if your applications and workloads and that's the worst case, by the way, which differentiates from our competitors who usually quote the best case, we quote you the worst case and our worst case by the way, is almost always higher than their best cases in each of the tiers. So at their middle tier, our worst case is usually better than their best case. But the point is, if you get 4,000 IOPS per terabyte and you're on a tier two contract, it's a two-tier contract. And in fact, let's say that theCUBE has a five-year deal. And we base this on our FlashSystem technology. And so let's say for tier two, for sake of argument, FlashSystem, 7,200. We come out two years after theCUBE has it installed with the FlashSystem, 7,400. And let's say the FlashSystem, 7,400, won't deliver a 2,250 IOPS per terabyte, but 5,000, if we choose to replace it, 'cause remember it's our physical property. We own it. If we choose to replace that 7,200 with a 7,400, and now you get 5,000 IOPS per terabyte, it's free. You signed a tier two contract for five years. So two years later, if we decide to put a different physical system there and it's faster, or has four more software features, we don't charge you for any of that. You signed an SLA for tier two. >> You haven't Paid for capacity, right? All right. >> You are paying for the capacity (indistinct) performance, you don't pay for that. If we swap it out and the, the array is physically faster, and has got five new software features. You pay nothing, you pay what your original contract was based on the capacity. >> What I'm saying is you're learning from the Cloud providers 'cause you are a Cloud provider. But you know, a lot of the Cloud providers always sort of talk about how they lower prices. They lower prices, but you know, well, you worked at storage companies your whole life and they, they lower prices on a regular basis because they 'cause the cost of the curve. And so. >> Right. The cost of storage to Cloud, I mean, the average price decline in the storage industry is between 15 and 25%, depending on the year, every single year. >> Right. >> As, you know, you used to be with one of those analysts firms that used to track it by the numbers. So you've seen the numbers. >> For sure. Absolutely. >> On average it drops 15 to 25% every year. >> So, what's driving this then? If it's, it's not necessarily, is it the shift from, from CapEx to OPEX? Is it just a more convenient model than on a Cloud like model? How do you see that? >> So what's happened in IT overall is of course it started with people like salesforce.com. Well, over 10 years ago, and of course it's swept the software industry software as a service. So once that happened, then you now see infrastructure as a service, servers, switches, storage, and an IBM with our storage as a service, we're providing that storage capability. So that as a service model, getting off of the traditional licensing in the software world, which still is out there, but it's mostly now is mostly software as a service has now moved into the infrastructure space. From our perspective, we are giving our business partners and our customers, the choice. You still want to buy it. No problem. You want to lease it? No problem. You want a full OpEx model. No problem. So for us, we're able to offer any of the three options. The, as a service model that started in software has moved now into the systems world. So people want to change often that CapEx into OpEx, we can even see Global Fortune 500s where one division is doing something and a different division might do something else, or they might do it different by geography. In a certain geography, they buy our FlashSystem products and other geographies they lease them. And in other geographies it's, as a service. We are delivering the same feature, function, benefit from a performance availability software function. We just give them a different way to procure. Do you want CapEx you want leasing or OpEx you pick what you want, we'll deliver the right solution for you. >> So, you got the optionality. And that's great. You've thought that out, but, but the reason I'm asking Eric, is I'm trying to figure out this is not just for you for everybody. Is this a check-off item or is this going to be the prevailing way in which storage is consumed? So if you had, if you had a guess, let's go far out. So we're not making any near-term forecast, but end of the decade, is this going to be the dominant model or is it going to be, you know, one of the few. >> It will be one of a few, but it'll be a big few. It'll be the big, one of the biggest. So for sake of argument, there we'll still be CapEx, they'll still be OpEx they'll still be, or there will be OpEx and they're still be leasing, but I will bet you, you know, at the end of this decade, it'll be 40 to 50% will be on the OpEx model. And the other two will have the other 50%. I don't think it's going to move to everything 'cause remember, it's a little easier during the software world. In the system world, you've got to put the storage, the servers, or the networking on the prem, right? Otherwise you're not truly, you know, you got to make it a true OpEx model. There's legal restrictions. You have to make it OpEx, if not, then, you know, based on the a country's practice, depending on the country, you're in, they could say, "Well, no, you really bought that. It's not really a service model." So there's legal constraints that the software worldwise easier to get through and easier to get to bypass. Right? So, and remember, now everything is software as a service, but go back when salesforce.com was started, everyone in the enterprise was doing ELAs and all the small companies were buying some sort of contract, right, or buying by the (indistinct) basis. It took a while for that to change. Now, obviously the predominant model is software as a service, but I would argue given when salesforce.com started, which was, you know, 2007 or so, it took a good 10 years for software as a service to become the dominant level. So I think A, it won't take 10 full years because the software world has blazed a trail now for the systems world. But I do think you'll see, right. We're sitting here know halfway through 2021, that you're going to have a huge percentage. Like I said, the dominant percentage will be OpEx, but the other two will still be there as well. >> Right. >> By the way, you know in software, almost, no one's doing ELAs these days, right? A few people still do, but it's very rare, right? It's all software as a service. So we see that over time doing the same thing in the, in the infrastructure side, but we do think it will be slower. And we'll, we'll offer all three as, as long as customers want it. >> I think you're right. I think it's going to be mixed. Like, do I care more about my income statement or my balance sheet and the different companies or individual different divisions are going to have different requirements. Eric, you got to leave it there. Thanks much for your time and taking us through this announcement. Always great to see you. >> Great. Thank you very much. We really appreciate our time with theCUBE. >> All right. Thank you for watching this CUBE conversation. This is Dave Vellante and we'll see you next time. (upbeat music)

(gentle upbeat music) >> People hate to be sold, but they love to buy. We become what we think about, think, and grow rich. If you want to gather honey, don't kick over the beehive. The world is replete with time-tested advice and motivational ideas for aspiring salespeople, Dale Carnegie, Napoleon Hill, Norman Vincent Peale, Earl Nightingale, and many others have all published classics with guidance that when followed closely, almost always leads to success. More modern personalities have emerged in the internet era, like Tony Robbins, and Gary Vaynerchuk, and Angela Duckworth. But for the most part, they've continued to rely on book publishing, seminars, and high value consulting to peddle their insights and inspire action. Welcome to this video exclusive on theCUBE. This is Dave Vellante, and I'm pleased to welcome back Professor Mark Roberge, who is one of the Managing Directors at Stage 2 Capital, and Paul Fifield, who's the CEO and Co-Founder of Sales Impact Academy. Gentlemen, welcome. Great to see you. >> You too Dave and thanks. >> All right, let's get right into it. Paul, you guys are announcing today a $4 million financing round. It comprises $3 million in a seed round led by Stage 2 and a million dollar in debt financing. So, first of all, congratulations. Paul, why did you start Sales Impact Academy? >> Cool, well, I think my background is sort of two times CRO, so I've built two reasonably successful companies. Built a hundred plus person teams. And so I've got kind of this firsthand experience of having to learn literally everything on the job whilst delivering these very kind of rapid, like achieving these very rapid growth targets. And so when I came out of those two journeys, I literally just started doing some voluntary teaching in and around London where I now live. I spend a bunch of time over in New York, and literally started this because I wanted to sort of kind of give back, but just really wanted to start helping people who were just really, really struggling in high pressure environments. And that's both leadership from sense of revenue leadership people, right down to sort of frontline SDRs. And I think as I started just doing this voluntary teaching, I kind of realized that actually the sort of global education system has done is a massive, massive disservice, right? I actually call it the greatest educational travesty of the last 50 years, where higher education has entirely overlooked sales as a profession. And the knock-on consequences of that have been absolutely disastrous for our profession. Partly that the profession is seen as a bit sort of embarrassing to be a part of. You kind of like go get a sales job if you can't get a degree. But more than that, the core fundamental within revenue teams and within sales people is now completely lacking 'cause there's no structured formal kind of like learning out there. So that's really the problem we're trying to solve on the kind of like the skill side. >> Great. Okay. And mark, always good to have you on, and I got to ask you. So even though, I know this is the wheelhouse for you and your partners, and of course, you've got a deep bench of LPs, but lay out the investment thesis here. What's the core problem that you saw and how are you looking at the market? >> Yeah, sure, Dave. So this one was a special one for me. We've spoken in the past. I mean, just personally I've always had a similar passion to Paul that it's amazing how important sales execution is to all companies, nevermind just the startup ecosystem. And I've always personally been motivated by anything that can help the startup ecosystem increase their success. Part of why I teach at Harvard and try to change some of the stuff that Paul's talking about, which is like, it's amazing how little education is done around sales. But in this particular one, not only personally was I excited about, but from a fun perspective, we've got to look at the economic outcomes. And we've been thinking a lot about the sales tech stack. It's evolved a ton in the last couple of decades. We've gone from the late '90s where every sales VP was just, they had a thing called the CRM that none of their reps even used, right? And we've come so far in 20 years, we've got all these amazing tools that help us cold call, that help us send emails efficiently and automatically and track everything, but nothing's really happened on the education side. And that's really the enormous gap that we've seen is, these organizations being much more proactive around adopting technology that can prove sales execution, but nothing on the education side. And the other piece that we saw is, it's almost like all these companies are reinventing the wheel of looking in the upcoming year, having a dozen sales people to hire, and trying to put together a sales enablement program within their organization to teach salespeople sales 101. Like how to find a champion, how to develop a budget, how to develop sense of urgency. And what Paul and team can do in the first phase of essay, is can sort of centralize that, so that all of these organizations can benefit from the best content and the best instructors for their team. >> So Paul, exactly, thank you, mark. Exactly what do you guys do? What do you sell? I'm curious, is this sort of, I'm thinking in my head, is this E-learning, is it really part of the sales stack? Maybe you could help us understand that better. >> Well, I think this problem of having to upscale teams has been around like forever. And kind of going back to the kind of education problem, it's what's wild is that we would never accept this of our lawyers, our accountants, or HR professionals. Imagine like someone in your finance team arriving on day one and they're searching YouTube to try and work out how to like put a balance sheet together. So it's a chronic, chronic problem. And so the way that we're addressing this, and I think the problem is well understood, but there's always been a terrible market, sort of product market fit for how the problem gets solved. So as mark was saying, typically it's in-house revenue leaders who themselves have got massive gaps in their knowledge, hack together some internal learning that is just pretty poor, 'cause it's not really their skillset. The other alternative is bringing in really expensive consultants, but they're consultants with a very single worldview and the complexity of a modern revenue organization is very, very high these days. And so one consultant is not going to really kind of like cover every topic you need. And then there's the kind of like fairly old fashioned sales training companies that just come in, one big hit, super expensive and then sort of leave again. So the sort of product market fit to solve, has always been a bit pretty bad. So what we've done is we've created a subscription model. We've essentially productized skills development. The way that we've done that is we teach live instruction. So one of the big challenges Andreessen Horowitz put a post out around this so quite recently, one of the big problems of online learning is that this kind of huge repository of online learning, which puts all the onus on the learner to have the discipline to go through these courses and consume them in an on-demand way is actually they're pretty ineffective. We see sort of completion rates of like 7 to 8%. So we've always gone from a live instruction model. So the sort of ingredients are the absolute very best people in the world in their very specific skill teaching live classes just two hours per week. So we're not overwhelming the learners who are already in work, and they have targets, and they've got a lot of pressure. And we have courses that last maybe four to like 12 hours over two to sort of six to seven weeks. So highly practical live instruction. We have 70, 80, sometimes even 90% completion rates of the sort of live class experience, and then teams then rapidly put that best practice into practice and see amazing results in things like top of funnel, or conversion, or retention. >> So live is compulsory and I presume on-demand? If you want to refresh you have an on demand option? >> Yeah, everything's recorded, so you can kind of catch up on a class if you've missed it, But that live instruction is powerful because it's kind of in your calendar, right? So you show up. But the really powerful thing, actually, is that entire teams within companies can actually learn at exactly the same pace. So we teach it eight o'clock Pacific, 11 o'clock Eastern, >> 4: 00 PM in the UK, and 5:00 PM Europe. So your entire European and North American teams can literally learn in the same class with a world-class expert, like a Mark, or like a Kevin Dorsey, or like Greg Holmes from Zoom. And you're learning from these incredible people. Class finishes, teams can come back together, talk about this incredible best practice they've just learned, and then immediately put it into practice. And that's where we're seeing these incredible, kind of almost instant impact on performance at real scale. >> So, Mark, in thinking about your investment, you must've been thinking about, okay, how do we scale this thing? You've got an instructor component, you've got this live piece. How are you thinking about that at scale? >> Yeah, there's a lot of different business model options there. And I actually think multiple of them are achievable in the longer term. That's something we've been working with Paul quite a bit, is like, they're all quite compelling. So just trying to think about which two to start with. But I think you've seen a lot of this in education models today. Is a mixture of on-demand with prerecorded. And so I think that will be the starting point. And I think from a scalability standpoint, we were also, we don't always try to do this with our investments, but clearly our LP base or limited partner base was going to be a key ingredient to at least the first cycle of this business. You know, our VC firm's backed by over 250 CRO CMOs heads of customer success, all of which are prospective instructors, prospective content developers, and prospective customers. So that was a little nicety around the scale and investment thesis for this one. >> And what's in it for them? I mean, they get paid. Obviously, you have a stake in the game, but what's in it for the instructors. They get paid on a sort of a per course basis? How does that model work? >> Yeah, we have a development fee for each kind of hour of teaching that gets created So we've mapped out a pretty significant curriculum. And we have about 250 hours of life teaching now already written. We actually think it's going to be about 3000 hours of learning before you get even close to a complete curriculum for every aspect of a revenue organization from revenue operations, to customer success, to marketing, to sales, to leadership, and management. But we have a development fee per class, and we have a teaching fee as well. >> Yeah, so, I mean, I think you guys, it's really an underserved market, and then when you think about it, most organizations, they just don't invest in training. And so, I mean, I would think you'd want to take it, I don't know what the right number is, 5, 10% of your sales budget and actually put it on this and the return would be enormous. How do you guys think about the market size? Like I said before, is it E-learning, is it part of the CRM stack? How do you size this market? >> Well, I think for us it's service to people. A highly skilled sales rep with an email address, a phone and a spreadsheet would do really well, okay? You don't need this world-class tech stack to do well in sales. You need the skills to be able to do the job. But the reverse, that's not true, right? An unskilled person with a world-class tech stack won't do well. And so fundamentally, the skill level of your team is the number one most important thing to get right to be successful in revenue. But as I said before, the product market for it to solve that problem, has been pretty terrible. So we see ourselves 100%. And so if you're looking at like a com, you look at Gong, who we've just signed as a customer, which is fantastic. Gong has a technology that helps salespeople do better through call recording. You have Outreach, who is also a customer. They have technologies that help SDRs be more efficient in outreach. And now you have Sales Impact Academy, and we help with skills development of your team, of the entirety of your revenue function. So we absolutely see ourselves as a key part of that stack. In terms of the TAM, 60 million people in sales are on, according to LinkedIn. You're probably talking 150 million people in go to market to include all of the different roles. 50% of the world's companies are B2B. The TAM is huge. But what blows my mind, and this kind of goes back to this why the global education system has overlooked this because essentially if half the world's companies are B2B, that's probably a proxy for the half of the world's GDP, Half of the world's economic growth is relying on the revenue function of half the world's companies, and they don't really know what they're doing, (laughs) which is absolutely staggering. And if we can solve that in a meaningfully meaningful way at massive scale, then the impact should be absolutely enormous. >> So, Mark, no lack of TAM. I know that you guys at Stage 2, you're also very much focused on the metrics. You have a fundamental philosophy that your product market fit and retention should come before hyper growth. So what were the metrics that enticed you to make this investment? >> Yeah, it's a good question, Dave, 'cause that's where we always look first, which I think is a little different than most early stage investors. There's a big, I guess, meme, triple, triple, double, double that's popular in Silicon Valley these days, which refers to triple your revenue in year one, triple your revenue in year two, double in year three, and four, and five. And that type of a hyper growth is critical, but it's often jumped too quickly in our opinion. That there's a premature victory called on product market fit, which kills a larger percentage of businesses than is necessary. And so with all our investments, we look very heavily first at user engagement, any early indicators of user retention. And the numbers were just off the charts for SIA in terms of the customers, in terms of the NPS scores that they were getting on their sessions, in terms of the completion rate on their courses, in terms of the customers that started with a couple of seats and expanded to more seats once they got a taste of the program. So that's where we look first as a strong foundation to build a scalable business, and it was off the charts positive for SIA. >> So how about the competition? If I Google sales training software, I'll get like dozens of companies. Lessonly, and MindTickle, or Brainshark will come up, that's not really a fit. So how do you think about the competition? How are you different? >> Yeah, well, one thing we try and avoid is any reference to sales training, 'cause that really sort of speaks to this very old kind of fashioned way of doing this. And I actually think that from a pure pedagogy perspective, so from a pure learning design perspective, the old fashioned way of doing sales training was pull a whole team off site, usually in a really terrible hotel with no windows for a day or two. And that's it, that's your learning experience. And that's not how human beings learn, right? So just even if the content was fantastic, the learning experience was so terrible, it was just very kind of ineffective. So we sort of avoid kind of like sales training, The likes of MindTickle, we're actually talking to them at the moment about a partnership there. They're a platform play, and we're certainly building a platform, but we're very much about the live instruction and creating the biggest curriculum and the broadest curriculum on the internet, in the world, basically, for revenue teams. So the competition is kind of interesting 'cause there is not really a direct subscription-based live like learning offering out there. There's some similar ish companies. I honestly think at the moment it's kind of status quo. We're genuinely creating a new category of in-work learning for revenue teams. And so we're in this kind of semi and sort of evangelical sort of phase. So really, status quo is one of the biggest sort of competitors. But if you think about some of those old, old fashioned sort of Miller Heimans, and then perhaps even like Sandlers, there's an analogy perhaps here, which is kind of interesting, which is a little bit like Siebel and Salesforce in the sort of late '90s, where in Siebel you have this kind of old way of doing things. It was a little bit ineffective. It was really expensive. Not accessible to a huge space of the market. And Salesforce came along and said, "Hey, we're going to create this cool thing. It's going to be through the browser, it's going to be accessible to everyone, and it's going to be really, really effective." And so there's some really kind of interesting parallels almost between like Siebel and Salesforce and what we're doing to completely kind of upend the sort of the old fashioned way of delivering sort of sales training, if you like. >> And your target customer profile is, you're selling to teams, right? B2B teams, right? It's not for individuals. Is that correct, Paul? >> Currently. Yeah, yeah. So currently we've got a big foothold in series A to series B. So broadly speaking out, our target market currently is really fast growth technology companies. That's the sector that we're really focusing on. We've got a very good strong foothold in series A series B companies. We've now won some much larger later stage companies. We've actually even won a couple of corporates, I can't say names yet, but names that are very, very, very familiar and we're incredibly excited by them, which could end up being thousand plus seat deals 'cause we do this on a per seat basis. But yeah, very much at the moment it's fast growth tech companies, and we're sort of moving up the chain towards enterprise. >> And how do you deal with the sort of maturity curve, if you will, of your students? You've got some that are brand new, just fresh out of school. You've got others that are more seasoned. What do you do, pop them into different points of the curriculum? How do you handle it? >> Yeah we have, I'll say we have about 30 courses right now. We have about another 15 in development where post this fundraise, we want to be able to get to around about 20 courses that we're developing every quarter and getting out to market. So we're literally, we've sort of identified about 20 to 25 key roles across everything within revenue. That's, let's say revenue ops, customer success, account management, sales, engineering, all these different kinds of roles. And we are literally plotting the sort of skills development for these individuals over multiple, multiple years. And I think what we've never ceases to amaze me is actually the breadth of learning in revenue is absolutely enormous. And what kind of just makes you laugh is, this is all of this knowledge that we're now creating it's what companies just hope that their teams somehow acquire through osmosis, through blogs, through events. And it's just kind of crazy that there is... It's absolutely insane that we don't already exist, basically. >> And if I understand it correctly, just from looking at your website, you've got the entry level package. I think it's up to 15 seats, and then you scale up from there, correct? Is it sort of as a seat-based license model? >> Yeah, it's a seat-based model, as Mark mentioned. In some cases we sell, let's say 20 or $30,000 deal out the gate and that's most of the team. That will be maybe a series A, series B deal, but then we've got these land and expand models that are working tremendously well. We have seven, eight customers in Q1 that have doubled their spend Q2. That's the impact that they're seeing. And our net revenue retention number for Q2 is looking like it's going to be 177% to think exceeds companies like Snowflakes. Well, our underlying retention metrics, because people are seeing this incredible impact on teams and performance, is really, really strong. >> That's a nice metric compare with Snowflake (Paul laughs) It's all right. (Dave and Paul laugh) >> So, Mark, this is a larger investment for Stage 2 You guys have been growing and sort of upping your game. And maybe talk about that a little bit. >> Yeah, we're in the middle of Fund II right now. So, Fund I was in 2018. We were doing smaller checks. It was our first time out of the gate. The mission has really taken of, our LP base has really taken off. And so this deal looks a lot like more like our second fund. We'll actually make an announcement in a few weeks now that we've closed that out. But it's a much larger fund and our first investments should be in that 2 to $3 million range. >> Hey, Paul, what are you going to do with the money? What are the use of funds? >> Put it on black, (chuckles) we're going to like- (Dave laughs) >> Saratoga is open. (laughs) (Mark laughs) >> We're going to, look, the curriculum development for us is absolutely everything, but we're also going to be investing in building our own technology platform as well. And there are some other really important aspects to the kind of overall offering. We're looking at building an assessment tool so we can actually kind of like start to assess skills across teams. We certify every course has an exam, so we want to get more robust around the certification as well, because we're hoping that our certification becomes the global standard in understanding for the first time in the industry what individual competencies and skills people have, which will be huge. So we have a broad range of things that we want to start initiating now. But I just wanted to quickly say Stage 2 has been nothing short of incredible in every kind of which way. Of course, this investment, the fit is kind of insane, but the LPs have been extraordinary in helping. We've got a huge number of them are now customers very quickly. Mark and the team are helping enormously on our own kind of like go to market and metrics. I've been doing this for 20 years. I've raised over 100 million myself in venture capital. I've never known a venture capital firm with such value add like ever, or even heard of other people getting the kind of value add that we're getting. So I just wanted to a quick shout out for Stage 2. >> Quite a testimony of you guys. Definitely Stage 2 punches above its weight. Guys, we'll leave it there. Thanks so much for coming on. Good luck and we'll be watching. Appreciate your time. >> Thanks, Dave. >> Thank you very much. >> All right, thank you everybody for watching this Cube conversation. This is Dave Vellante, and we'll see you next time.