>> From theCUBE studios in Palo Alto in Boston, bringing you data-driven insights from theCUBE in ETR. This is Breaking Analysis with Dave Vellante. >> Despite the more than $100 billion spent each year fighting Cyber-crime. When we do an end-of-the year look back and ask "How did we do?" The answer is invariably the same, "Worse than last year." Pre pandemic, the picture was disheartening, but since March of 2020 the situation has only worsened as cyber-criminals have become increasingly sophisticated, better funded and more brazen. SecOps pros continue to fight, but unlike conventional wars, this one has no end. Now the flip side of course, is that markets continue to value cybersecurity firms at significant premiums. Because this huge market will continue to grow by double digits for the foreseeable future. Hello and welcome to this week's Wikibon theCUBE Insights powered by ETR. In this Breaking Analysis, we look at the state of cybersecurity in 2021 and beyond. We'll update you with the latest survey data from enterprise technology research and share the fundamentals that have investors piling into the security space like never before. Let's start with the customer view. Cybersecurity remains the number one priority for CIOs and CSOs. This latest ETR survey, once again asked IT buyers to rank their top priorities for the next 12 months. Now the last three polling period dating back to last March. Cybersecurity has outranked every top spending category, including cloud, data analytics, productivity software, networking, AI, and automation or RPA. Now this shouldn't surprise anybody, but it underscores the challenges that organizations face. Not only are they in the midst of a non-optional digital transformation, but they have to also fund a cyber war that has no ceasefires, no truces, and no exit path. Now there's much more going on in cybersecurity than ransomware, but certainly that has the attention of executives. And it's becoming more and more lucrative for attackers. Here's a snapshot of some of the more well-documented attacks this decade many which have occurred in very recent months. CNA Financial, they got hit earlier this year and paid a $40 million ransom. The Ireland Health Service also got hit this year and refused to pay the ransom, but it's estimated that the cost to recover and the damage to the organization exceeded half a billion dollars. The request was for a $20 million ransom. The JBS meat company hack, they paid $11 million. CWT travel paid $5 million. The disruption from the Colonial Pipeline company, was widely reported they paid more than $4 million, as the Brenntag, the chemical company. The NBA got hit. Computer makers, Quanta and Acer also. More than 2,000 random attacks were reported to the FBI in the first seven months of 2021. Up more than 60% from 2020. Now, as I've said many times, you don't have to be a genius to be a ransomware as today. Anyone can go on the dark web, tap into ransomware as a service. Attackers, they have insidious names like darkside, evil, the cobalt, crime gang, wizard spider, the Lazarus gang, and numerous others. Criminals they have negotiation services is most typically the attackers, they'll demand a specific amount of money but they're willing to compromise in an exchange of cryptocurrency for decryption keys. And as mentioned, it's not just ransomware supply chain attacks like the solar winds hack hit organizations within the U.S government and companies like Mimecast this year. Now, while these attacks often do end up in a ransom situation. The attackers sometimes find it more lucrative to live off the land and stealth fashion and ex filtrates sensitive data that can be sold or in the case of many financial institution attacks they'll steal information from say a chief investment officer that signals an upcoming trading strategy and then the attackers will front run that trade in the stock market. Now, of course phishing, remains one of the most prominent threats. Only escalated by the work from home trend as users bring their own devices and of course home networks are less secure. So it's bad, worse than ever before. But you know, if there's a problem, entrepreneurs and investors, they're going to be there to solve it. So here's a LinkedIn post from one of the top investors in the business, Mike Speiser. He was a founding investor in Snowflake. He helped get pure storage to escape velocity and many, many other successes. This hit my LinkedIn feed the other day, his company Sutter Hill Ventures is co-leading a 1.3 Series D on an $8.3 billion valuation. They're putting in over $200 million. Now Lacework is a threat detection software company that looks at security as a data problem and they monitor exposures across clouds. So very timely. So watch that company. They're going to soar. Now the right hand chart shows venture investments in cybersecurity over the past several years. You can see it exploded in 2019 to $7.6 billion. And people thought the market was peaking at that time, if you recall. But then investments rose a little bit to $7.8 billion in 2020 right in the middle of lockdown. And then the hybrid work, the cloud, the new normal thesis kicked in big time. It's in full gear this year. You can see nearly $12 billion invested in cybersecurity in the first half of 2021 alone. So the money keeps coming in as the problem gets worse and the market gets more crowded. Now we'd like to show this slide from Optiv, it's their security taxonomy. It'll make your eyes cross. It's so packed with companies in different sectors. We'll put a link in our posts, so you can stare at this. We've used this truck before. It's pretty good. It's comprehensive and it's worth spending some time to see what that landscape looks like. But now let's reduce this down a bit and bring in some of the ETR data. This is survey data from October that shows net score or spending momentum on the vertical axis and market share or pervasiveness in the dataset on the horizontal axis. That's a measure of mentioned share if you will. Now this is just isolated on the information security sector within the ETR taxonomies. No filters in terms of the number of responses. So it's every company that ETR picks up in cybersecurity from its buyer surveys. Now companies above that red line, we consider them to have a highly elevated spending momentum for their products and services. And you can see, there are a lot of companies that are in this map first of all, and several above that magic mark. So you can see the momentum of Microsoft and Palo Alto. That's most impressive because of their size, their pervasiveness in the study, Cisco and Splunk are also quite prominent. They don't have as much spending momentum, but they're pretty respectable. And you can see the companies that have been real movers in this market that we've been reporting on for a while. Okta, CrowdStrike, Zscaler, CyberArk, SailPoint, Authzero, all companies that we've extensively covered in previous breaking analysis episodes as the up and comers. And isn't it interesting that Datadog is now showing up in the vertical axis. You see that in the left-hand side up high, they're becoming more and more competitive to Splunk in this space as an alternative and lines are blurring between observability, log analytics, security, and as we previously reported even backup and recovery. But now let's simplify this picture a bit more and filter down a little bit further. This chart shows the same X, Y view. Same data construct and framework, but we required more than a hundred responses to hit the chart. So the companies, they have to have a notable market presence in the ETR survey. It's perhaps a bit less crowded, but still very packed. Isn't it? You can see firms that are less prominent in the space like Datadog fell off. The big companies we mentioned, obviously still prominent Microsoft, Palo Alto, Cisco and Splunk and then those with real momentum, they stand out a little bit. There's somewhat smaller, but they're gaining traction in the market. As we felt they would Okta and Auth zero, which Okta acquired as we reported on earlier this year, both showing strength as our CrowdStrike, Zscaler, CyberArk, which does identity and competition with Okta and SentinelOne, which went public mid this year. The company SentinelOne uses AI to do threat detection and has been doing quite well. SalePoint and Proofpoint are right on that red elevated line and then there's a big pack in the middle. Look, this is not an easy market to track. It's virtually every company plays in security. Look, AWS says some of the most advanced security in the business but they're not in the chart specifically, but you see Microsoft is. Because much of AWS security is built into services. Amazon customers heavily rely on the Amazon ecosystem which is in the Amazon marketplace for security products. And often they associate their security spend with those partners and not necessarily Amazon. And you'll see networking companies you see right there, like Juniper and the bottom there and in the ETR data set and the players like VMware in the middle of the pack. They've been really acquisitive for example, with carbon black. And the, of course, you've got a lot of legacy players like McAfee and RSA and IBM. Look, virtually every company has a security story and that will only become more common in the coming years. Now here's another look at the ETR data it's in the raw form, but it'll give you a sense of two things; One is how the data from the previous chart is plotted. And two, it gives you a time series of the data. So the data lists the top companies in the ETR data sets sorted by the October net score in the right most column. Again, that measures spending momentum. So to make the cut here, you had to have more than a hundred mentions which is shown on the left-hand side of the chart that shared N, IE that's shared accounts in the dataset. And you can track the data from last October, July of this year and the most recent October, 2021 survey. So we, drew that red line just about at the 40% net score market coincidentally, there are 10 companies that are over that figure over that bar. We sometimes call out the four star companies. We give four stars to those companies that both are in the top 10 and spending momentum and the top in prominence are shared N in the dataset. So some of these 10 would fit into that profile by that methodology, specifically, Microsoft, Okta, CrowdStrike, and Palo Alto networks. They would be the four star companies. Now a couple of other things to point out here, DDoS attacks, they're still relevant, and they're real threat. So a company like CloudFlare which is just above that red line they play in that space. Now we've also shaded the companies in the fat middle. A lot of these companies like Cisco and Splunk for example, they're major players in the security space with very strong offerings and customer affinity. We sometimes give them two stars. So this is what makes this market so interesting. It's not like the high end discourage market where literally every vendor in the Gartner magic quadrant is up in the right, okay. And there's only five or four or five, six vendors there. This market is diverse with many, many segments and sub segments, and it's such a vital space. And there's so many holes to fill with an ever changing threat landscape as we've seen in the last two years. So this is in part which makes it such a good market for investors. There's a lot of room for growth and not just from stealing market share. That's certainly an opportunity there, but things like cloud, multi-cloud, shifting end points, the edge ,and so forth make this space really ripe for investments. And to underscore this, we put together this little chart of some of the pure play security firms to see how their stock performance has done recently. So you can see that here, you know, it's a little hard to read, but it's not hard to see that Okta, CrowdStrike, Zscaler on the left have been big movers. These charts where possible all show a cross here, starting at the lockdown last year. The only exception is SentinelOne which IPO mid this year. So that's the point March, 2020 when the whole world changed and security priorities really started to shift to accommodate the work from home. But it's quite obvious that since the pandemic, these six companies have been on a tear for the fundamental reason that hybrid work has created a shift in spending priorities for CSOs. No longer are organizations just spending on hardening a perimeter, that perimeter has been blown away. The network is flattening. Work is what you do, it's no longer a place. As such threats are on the rise and cloud, endpoint security, identity access tools there become increasingly vital and the vendors who provide them are on the rise. So it's no surprise that the players that we've listed here which play quite prominently in those markets are all on fire. So now in summary, I want to stress that while the picture is sometimes discouraging. The entire world is becoming more and more tuned in to the cyber threat. And that's a good thing. Money is pouring in. Look, technology got us into this problem and technology is a defensive weapon that will help us continue this fight. But it's going to take more than technology. And I want to share something. We get dozens and dozens of in bounds this time of the year because we do an annual predictions posts. So folks and they want to help us out. So now most of the in bounds and the predictions that we get, they're just kind of observations or frankly, non predictions that can't really be measured as like where you right, or where you're wrong. So for the most part I like predictions that are binary. For example, last December we predicted their IT spending in 2021 would rebound and grow at 4% relative to 2020. Well, it did rebound but that prediction really wasn't as accurate as I'd like. It was frankly wrong. We think it's actually the market's going to actually grow. Spending's going to grow more like 7% this year. Not to worry plenty of our predictions came true, but we'll leave that for another day. Anyway, I got an email from Dean Fisk of Fisk partners. It's a PR firm representing an individual named Lyndon Brown chief of strategy officer of Pondurance. Pondurance is a security consultancy. And the email had the standard, Hey, in case you're working on a predictions post this year end, blah, blah, blah. But instead of sharing with me, a bunch of non predictions, the notes said here's some trends in cybersecurity that might be worth thinking about. And there were a few predictions sprinkled in there, but I wanted to call it a couple of the comments from Linden Brown, whom I don't know, I never met the guy, but I really thought his trends were spot on. The first was a stat I'll share that the United Nations report cyber crime is up 600% due to the pandemic. If as if I couldn't feel worse already. His first point though was that the hybrid workplace will be the new frontier for cyber. Yes, we totally agree. There are permanent shifts taking place. And we actually predicted that last year, but he further cited that many companies went from zero to full digital transformation overnight and many are still on that journey. And his point is that hybrid work is going to require a complete overhaul of how we think about security. We think this is very true. Now the other point that stood out is that governments are going to crack down on this behavior. And we've seen this where criminals have had their critical infrastructure dismantled by governments. No doubt the U.S government has the capabilities to do so. And it is very much focused on this issue. But it's tricky as Robert Gates, who was the former defense secretary, told me a few years back in theCUBE. He said, well, we have the best offense. We also have the most to lose. So we have to be very careful, but Linden's key point was you are going to see a much more forward and aggressive public policy and new laws that give crime fighters more latitude . Again, it's tricky kind of like the Patriot act was tricky but it's coming. Now, another call-out from Linden shares his assertion that natural disasters will bring increased cyber risk. And I thought this was a really astute point because natural disasters they're on the rise. And when there's chaos, there's cash opportunities for criminals. And I'll add to this that the supply chain risk is far from over. This is going to be continuing theme this coming year and beyond. And one of the things that Linden Brown said in his note to me is essentially you can't take humans out of the equation. Automation alone can't solve the problem, but some companies operate as though they can. Just as bad human behavior, can tramp good security, Good human education and behavior is going to be a key weapon in this endless war. Now the last point is we're going to see continued escalation government crackdowns are going to bring retaliation and to Gates' point. The U.S has a lot at stake. So expect insurance premiums are going to go through the roof. That's assuming you can even get cyber insurance. And so we got to hope for the best, but for sure, we have to plan for the worst because it's coming. Deploy technology aggressively but people in process will ultimately be the other ingredients that allow us to live to battle for another day. Okay. That's a wrap for today. Remember these episodes they're all available as podcasts, wherever you listen just search "breaking analysis" podcast. Check out ETR his website at ETR.plus. We also publish a full report every week on Wikibond.com and siliconangle.com. You can get in touch. Email me @david.volante@tsiliconangle.com or you can DM me @dvellante. Comment on our LinkedIn posts. This is Dave Vellante for theCUBE insights powered by ETR. Have a great week. everybody stay safe, be well. And we'll see you next time. (techno music)

(lively music) >> Hello, and welcome to this special CUBE conversation. I'm John Furrier, founder of SiliconANGLE Media, co-host of theCUBE. We are here in our Palo Alto Studio to have a conversation around cloud computing, multi-cloud, hybrid cloud, the changes going on in the IT industry and for businesses across the globe as impacted by cloud computing, data, AI. All that's coming together, and a lot of people are trying to figure out how to architect their solution to scale globally but also take care of their businesses, not just cutting costs for information technologies, but delivering services that scale and benefit the businesses and ultimately their customers, the end users. I'm here with a very special guest, Donnie Berkholz, who's the VP of IT services delivery at CWT, Carlson Wagonlit Travel. Also the program chair of the Open Source summit, part of the Linux Foundation, formerly an analyst, a great friend of theCUBE. Donnie, great to see you. Thanks for joining us today. >> Well, thanks for having me on the show. I really appreciate it. >> So we've been having a lot of conversations around, obviously, cloud. We've been there, watching it, from day one. I know you have been covering it as an analyst. Part of that cloud ought to go back to 2007, '08 time frame roughly speaking, you know, even before that with Amazon. Just the massive growth certainly got everyone's attention. IBM once called Amazon irrelevant. Now going full cloud with buying Red Hat for billions and billions of dollars at a 63% premium. Open Source has grown significantly, and now cloud absolutely is the architectural linchpin for companies trying to change how they do business, gather more efficiencies, all built on the ethos of DevOps. That is now kind of going mainstream. So I want to get your thoughts and talk about this across a variety of touchpoints. One is what people are doing in your delivering services, IT services for CWT, and also trying to get positioned for the future. And then Open Source. You're on the Open Source program chair. Open Source driving all these benefits, now with IBM buying Red Hat, you've seen the commercialization of Open Source at a whole nother level which is causing a lot of conversation. So tell us what you're doing and what CWT is about and your role at the company. >> Absolutely, thank you. So CWT, we're in the middle of this journey we call CWT 3.0, which is really one about how do we take the old school green screens that you've seen when you've got travel agents or airline agents booking travel and bring people into the picture and blend together people with technology. So I joined about a year and a half ago to really help push things forward from the perspective of DevOps, because what we came to realize here was we can't deliver quickly and iterate quickly without the underlying platforms that give us the kind of agility that we need without the connections across a lot of our different product groups that led us, again, to iterate on the right things from the perspective of our customers. So I joined a year and a half ago. We've made a lot of strides since then in modernizing many of our technology platforms. The way I think about it here, it's a large enterprise. We've got hundreds of different applications. We've got many, many different product teams, and everything is on a spectrum. We've got some teams that are on the bleeding edge. Not even the leading edge, but I'd say the bleeding edge, trying out the very latest things that come out, experimenting with brand new Open Source tools, with brand new cloud offerings to see, can we incorporate that as quickly as possible so we can innovate faster than our competitors? Whether those are the traditional competitors or some of the new software companies coming into things from that angle. And then on the other end of the spectrum, we've got teams who are taking a much more conservative approach, and saying, "Let's wait and see what sticks "before we pick it up." And the fortunate thing, I think, about a company at the scale we are, is that we can have some of those groups really innovating and pushing the needle, and then other groups who can wait and see which parts stick before we start adopting those at scale. >> And so you've got to manage the production kind of stability versus kind of kicking the tires for the new functionality. So I've got to ask you first. Set up the architecture there. Are you guys on premise with cloud hybrid? Are you in the cloud-native? Do you have multiple clouds? Could you just give a sense of how you're deploying specifically with cloud? >> Yeah, absolutely. I think just like anything else, it's a spectrum of all we see here. There's a lot of different products. Some of them have been built cloud-native. They're using those serverless functions as service technologies from scratch. Brought in some leaders from Amazon to lead some of that drive here. They brought in a lot of good thinking, a lot of good culture, a lot of new perspective to the technologies we're adopting as a company that's not traditionally been a software company. But that is more and more so every day. So we've got some of that going on as completely cloud-native. We've got some going on that's more, I would say, hybrid cloud, where we're spanning between a public cloud environment back to our data centers, and then we've got some that are different applications across multiple different public clouds, because we're not in any one place right now. We're putting things in the best place to do the job. So that's very much the approach that we take, and it's one that, you know, back when I was in my analyst's world, as one of my colleagues called it, the best execution venue. What's the best place? What's the right place to do the right kind of task? We incorporate what are the best technologies we can adopt to help us differentiate more quickly, and where does the data live? What's the data gravity look like? Because we can't be shipping data back and forth. We can't have tons of transactions going back and forth all the time between different public clouds or between a public cloud and one of our data centers. So how do we best account for that when we're architecting what our applications should look like, whether they're brand new ones or whether they're ones we're in the middle of modernizing. >> Great, thanks for sharing, that's great, so yeah, I totally see that same thing. People put, you know, where the best cloud for the app, and if you're Microsoft Shop, you use Azure. If you want to kick the tires on Amazon, there's good roles for that, so we're seeing a lot of those multiple clouds. But while I've got you on the line here, I know you've been an analyst. I want you to just help me define something real quick because there's always kind of confusion between hybrid cloud and multi-cloud. Certainly the multi-cloud, we're getting a lot of hype on that. We're seeing with Kubernetes, with stateful applications versus stateless. You're seeing some conversations there. Certainly on Open Source, that's top of the agenda. Donnie, explain for folks watching the difference between hybrid cloud and multi-cloud, because there's some nuances there, and some people have different definitions. How do you guys look at that? Cause you have multiple clouds, but some aren't necessarily running a workload across clouds yet because of latency issues, so define what hybrid means to you guys and what multi-cloud means to you. >> All right, yeah, I think for us, hybrid cloud would be something where it's about integrating an on-prem workload off a more traditional workload with something in a public cloud environment. It's really, hybrid cloud to me is not two different public clouds working together or even the same application in two different public clouds. That's something a little bit different, and that's where you start to get, I think, into a lot of the questions of what is multi-cloud? We've seen that go through a lot of different transitions over the past decade or so. We've seen a lot of different, you know, vendors, going out there thinking they could sell multi-cloud management that, you know, panned out at different levels of success. I think for at least a decade, we've been talking about ideas like can we do cloud bursting? Has that ever really worked in practice? And I think it's almost as rare as a unicorn. You know, on-prem for the cost efficiencies and then we burst the cloud for the workload. Well, you know, to this day, I've never seen anything that gives you 100% functionality and 100% performance comparability between an on-prem workload and public cloud workload. There always seems to be some kind of difference, and this is a conversation that, I think, Randy Bias has actually been a great proponent of it's not just about the API compatibility. It's not just, you know, can I run Azure in their data centers or in mine? It's about what is the performance difference look like? What does the availability difference look like? Can I support that software in my data center as well as the engineers at Microsoft or at Amazon or at Google or wherever else they're supporting it today? Can I keep it up and running as well? Can I keep it performing as well? Can I find problems as quickly? And that's where it comes to the question of how do we focus on our differentiators and let the experts focus on theirs. >> That's a great point about Randy Bias. Love that great API debate. I was looking at some of that footage we had years ago. But this brings up a good point that I want to get your reaction to, because, you know, a lot of vendors going out there, saying, "Oh, our cloud's this. "We've got all this stuff going on," and there's a lot of hype and a lot of posturing and positioning. The great thing about cloud is that you really can't fake it until you make it. It's got to be working, right? So when you get into the kind of buying into the cloud. You say, "Okay, great, we're going to do some cloud," and maybe you get some cloud architects together. They say, "Okay, here's what it means to us. "In each environment, we'll have to, you know, "understand what that means and then go do it." The reality kind of kicks in, and this is what I'd like to get your reaction to. What is the realities when you say, "Okay, "I want to go to cloud," either for pushing the envelope and/or moving solid workloads that are in production into the cloud. What is the impact on the network, network security, and application performance? Because at the end of the day, those are going to be impacted. Those three areas come up a lot in conversations when all of the glam and all the bloom is off the rose, those are the things that are impacted. What's your thoughts on how practitioners should prepare for those three areas? The network impact, network security impact, and application performance? >> Yeah, I think preparation is exactly the right word there of how do we get the people we have up to speed? And how do we get more and more out of that kind of project mindset and into much more of the product mindset and whether that product is customer-facing or whether that product is some kind of infrastructure or platform product? That's the kind of thinking we're trying to have going into it of how do we get our people, who, you know, may run a Ci Cd pipeline, may run an on-prem container platform, may even be responsible for virtualization, may be responsible for on-prem networks or firewalls or security. How do we get them up to speed and turn them into real software engineers? That's a multi-year journey. That's not something that happens overnight. You can't bring in a team of consultants to fix that problem for you and say, "Oh, well, we came in and implemented it, "and now it's yours, and we walk out the door." It's no longer that, you know, build and operate mindset that you could take a little bit more with on-prem. Because everything is defined as code. And if you don't know how to deal with code, you're going to be in a real rough spot the next time you have to make a change to that stuff that that team of consultants came in and implemented for you. So I think it's turned into a much more long-term approach, which is very, very healthy for technology and for technology companies as a whole of how do we think about this long-term and in a sustainable way, think about scaling up our people. What do those training paths look like? What do those career paths look like? So we can decide, you know, how many people do we want certified? What kind of certifications should they have or equivalent skill sets? I remember hearing not too long ago that I think it was Capital One had over 10,000 people who were AWS certified, which is an enormously large number to think about, but that's the kind of transitions that we've been making as we become more and more cloud-native and cloud by default, is getting the right people. The people we have today trained up in these new kinds of skill sets instead of assuming that's something we can have some team fly in from magic land and implement and then fly away again afterwards. >> That's great, Don, thanks for sharing that insight. I also want to get your thoughts on the Open Source summit, but before we get there, I've got to ask you a question around some of the trends we've been seeing. Early on at DevOps we saw this together of the folks doing the hard work in the early pioneering days, where you saw the developers really getting closer to the front lines. They were becoming part of the business conversation. In the old world of IT, "Okay, here's our strategy. "Consolidate this, load some virtual machines," you know, "Get all this stuff up and running." The business decisions would then trickle down to the tech folks, then with the DevOps revolution, that's now cloud computing and all things, you know, IoT and everything else happening where the developers and the engineering side of it and the applications are on the front lines. They're in more of the business conversations, so I have to ask you. When you're at CWT, what are some of the business drivers and conversations that you guys are having with executive management around choices? Are they business drivers? Do you see an order of preference around agility? The transformation value for either customers or employees, compliance and security, are the top ones that people talk about generally. Of those business drivers, which ones do you guys see the most that are part of iterating through the architecture and ultimately the environment that you deploy? >> Yeah, I think as part of what I mentioned earlier, that we're on this journey we call CWT 3.0, and what's really new about that is bringing in speed and agility into the conversation of if we have something that we imagine as a five year transformation, how do we get to market quickly with new products so that we can start really executing and seeing the outcomes of it? So we've always had the expectations around availability, around security, around all these other factors. Those aren't going away. Instead, we're adding a new one, so we've got new conversations and a new balance to reach at an executive level of we now need a degree of speed that was not the expectation, let's say, a decade ago. It may not even have been the expectation in our industry five years ago, but is today. And so we're now incorporating speed into that balance of maybe we'll decide to very intentionally say, "We're not going to go over quite as many nine's today "so that we can be iterating more quickly on our software." Or, "We're going to invest more "in better release management approaches and tools," right? Like Canary releases, like, you know, Green-Blue releases, all these sorts of new techniques, feature flags, that sort of thing so that we can better deal with speed and better account for the risk and spread it to the smallest surface area possible. >> And you were probably doing those things also to understand the impact and look at kind of what's that's coming in that you're instrumenting in infrastructure because you don't want to have to put it out there and pray and hope that it works. Right, I mean? The old way. >> The product teams that are building it are really great and really quick at understanding about what the user experience looks like. And whether that's their Real User monitoring tools or through, you know, other tools and tricks that we may incorporate to understand what our users are doing on our tools in real time, that's the important part of this, is to shorten the iteration cycle and to understand what things look like in production. You've got to expose that back to the software engineers, to the business analysts, to the product managers who are building it or deciding what should be built in the first place. >> All right, so now that you're on the buyer's side, you've actually got people knocking on your door. "Hey, Donnie, buy my cloud. "Do this, you know, I've got all these solutions. "I've got all these tools. "I've got a toolshed full of," you know, the fool with the tool, as they say. You don't want to be that person, right? So ultimately you've got to pick an environment that's going to scale. When you look at the cloud, how do you evaluate the different clouds? You mentioned gravity or data gravity earlier. All kinds of new criteria is up there now in terms of cloud selection. You mentioned best cloud for the job. I get that. Is there certain things that you look for? Is there a list? Is there criteria on cloud selection that goes through your desk? >> Yeah, I think something that's been really healthy for me coming into the enterprise side from the analyst perspective is you get a couple of new criteria that start to rise up real quickly. You start thinking about things like what's that vendor relationship going to look like? How is the sales force? Are they willing to work with you? Are they willing to adapt to your needs? And then you can adapt back with them so you can build a really strong, healthy relationship with some of your strategic vendors, and to me, a public cloud vendor is absolutely a strategic vendor. That's one where you have to really care a lot and invest in that relationship and make sure things go well when you're sailing together, going in the same direction. And so to me, that's a little bit of a newer factor because it was easy to sit back and come in as the strategic advisor role and say, "Oh, you should go with this cloud. "You should go with that cloud "because of reasons X, Y, or Z," but that doesn't really account for a lot of things that happen behind the scenes, right? What's your sourcing and human department doing? How do they like to work with around contract, right? Will you negotiate a good MSA? All these sorts of things where you don't think about that when you're only thinking about technology and business value. You also have to think about the other, just the day to day, what does it look like? What's the blocking and tackling working with some of those strategic vendors? So you've got that to incorporate in addition to the other criteria around do they have great managed services? You know, self-service managed services that will work for your needs? For example, what do they have around data bases? What do they have around stream processing? What do they have around serverless platforms, right? Whatever it might be that suits the kinds of needs you have. Like for example, you might think about what does our business look like, and it's a graph, right? It's travelers, it's airports, it's planes, it's hotels. It's a bunch of different graphs all intersecting, and so we might imagine looking for a cloud provider that's really well-suited to processing those sorts of workloads. >> In the old days, the networking guys used to run the keys to the kingdom. Hey, you know, I'm going to rack and stack servers. I'm going to do all this stuff, but I've got to go talk to the networking guys, make sure all the routes are provisional and all that's locked down, mainly because that was a perimeter environment then. With cloud now, what's the impact of the networking? What's the role of the network? As we see DevOps notion of infrastructure as code, you've got to compute networking stores as three main pillars of all environments. Compute, check. Stores getting better. Networking, can you imagine Randy Bias? This was a big pet peeve for him. What's the role that cloud does? What's the role of the network with your cloud strategy? >> Yeah, I think something that I've seen following DevOps for the past decade or so has been that, you know, it really started as the ops doing development moved more into the developers and the ops working together and in many cases sharing roles in different ways, then incorporated, you know, QA, and incorporated product, to some extent. Most recently it's really been focused on security and how do we have that whole DevSecOps, SecDevOps thing going on. Something that's been trailing behind a little bit was network, absolutely. I had some very close friends about 10 years ago, maybe, who were getting into that, and they were the only people they knew and they only people they'd ever even heard of thinking beyond the level of using some kind of an expect script to automate your network interaction. But now I think networking as code is really starting to pick up. I mean, you look at what people are doing in public cloud environments. You look at what Open Source projects like Ansible are doing or on the new focus on network functionality. They're not alone in that. Many others are investing in that same kind of area. It's finally really starting to get up. Like for example, we have an internal DevOps Day that we run twice a year, and at the most recent one, guess who one of our speakers was? It was a network engineer talking about the kinds of automation they'd been starting to build against our network environments, not just in public cloud, but also on-premise. And so we're really investing in bringing them into our broader DevOps community, even though Net may not be in the name today. I don't think the name can ever extend to include all possible roles. But it is absolutely a big transition that more and more companies, I think, are going to see rolling along, and one that we've seen happening in public cloud externally for many, many years now. It's been inevitable that the network's going to get engaged in that automation piece. And the network teams are going to be more and more thinking about how do we focus our time in automation and on defining policy, and how do we enable the product teams to work in a self-service way, right? We set up the governance, but governance now means they can move at speed. It doesn't mean wait seven to 30 days for us to verify all of the port openings, match our requirements, and so on and so forth. That's defined up front. >> Yeah, and that's awesome, and I think that's the last leg of the stool in my opinion, and I think you nailed it. Making it operationally automation enabled, and then actually automating it. So, okay, before we get to the Open Source, one final question for you. You know, as you look at plan for the technologies around containers and microservices, what sounds a lot like networking constructs, provisioning, services. The role of stateless applications become a big part of that. As you look at those technologies, what are some of the things you're looking for and evaluating containers and microservices? And what role will that play in your environment and your job? >> I think something that we spend a lot of time focusing on is what is the day two experience going to look like? What is it going to be like? Not just to roll it out initially, but to, you know, operate on an ongoing basis, to make upgrades, to monitor it, to understand what's happening when things are going wrong, to understand, you know, the security stance we're at, right? How well are we locked down? Is everything up-to-date? How do we know that and verify it on a continuous basis instead of the, you know, older school approach of hey, we kind of do a ECI survey or an audit, you know, once a year, and that's the day we're in compliance, and then after that, we're not. Which I was just reading some stories the other day about companies saying, "Hey, there's a large percentage "of the time that you're out of compliance, "but you make sure to fix it just in time "for your quarterly surveys or scans or what have you." And so that's what we spend a lot of our time focusing on is not just the ease of installation, but the ease of ongoing operability and getting really good visibility into the security, into the health, of the underlying platforms that we're running. And in some cases, that may push us to, let's say, a cloud managed service. In some cases, we may say, "Well, that doesn't quite suit our needs." We might have some unique requirements, although I spend a lot of my time personally saying, "In most cases, we are not a snowflake, right?" We should be a snowflake where we differentiate as a company. We should not be a snowflake at the level of our monitoring tools. There's nothing unique we should really be doing in that area. So how can we make sure that we use, whether it's trusted vendors, trusted cloud providers, or trusted Open Source projects with a large and healthy community behind them to run that stuff instead of build it ourselves, 'cause that's not our forte. >> I love that. That's a great conversation I'd love to have with you another time around competitive advantage around IT which is coming back in vogue again. It hasn't been that way in awhile because of all the consolidation and outsourcing. You're seeing people really, really ramp up and say, "Wait a minute, we outsourced our core competency and IT," and now with cloud, there's a competitive advantage, so how do you balance the intellectual property that you need to build for the business and then also use the scale and agility with Open Source? So I want to move to that Open Source conversation. I think this is a good transition. Developers at the end of the day still have to build the apps and services they're going to run on these environments to add value. So Open Source has become, I won't say a professional circuit for developers. It really is become the place for developers because that's where now corporations and projects have been successful, and it's going to a whole nother level. Talk about how Open Source is changing, and specifically around it becoming a common vehicle for one, employees of companies to participate in as part of their job, and two, how it's going to a whole nother level with all this code that's flying around. You can't, you know, go dig without finding out that, you know, new TensorFlow library's been donated for Google, big code bases are being rolled in there, and still the same old success formula for Open Source is continuing to work. You're on the program chair for Open Source summit, which is part of the Linux foundation, which has been very, very successful in this modern era. How has that changed? What's going on in Open Source? And how does that help people who are trying to stand up architecture and build businesses? >> I think Open Source has gone through a lot of transitions over the past decade or so. All right, so it started, and in many ways it was driven by the end users. And now it's come back full circle so that it's again driven more and more by the end users in a way that there was a middle term there where Open Source was really heavily dominated by vendors, and it's started to come back around, and you see a lot of the web companies in particular, right? You're sort of Googles and Amazons and LinkedIns and Facebooks and Twitters, they're open sourcing tools on an almost daily basis, it feels like. I just saw another announcement yesterday, maybe the day before, about a whole set of kernel tools that I think it was Facebook had open sourced. And so you're seeing that pace just going so quickly, and you think back to the days of, for example, the Apache web server, right? Where did that come about from? It didn't come from a software vendor. It came from a coalition of end users all working together to develop the software that they needed because they felt like there's a big gap there and there's an opportunity to cooperate. So it's been really pleasing for me to see that kind of come back around full circle of now, you can hardly turn around and see a company that doesn't have some sort of Open Source program office or something along those lines where they start to develop a much more healthy approach to it. All right, the early 2000's, it was really heavy on that fear and uncertainty and doubt around Open Source. In particular by some vendors, but also a lot of uncertainty because it wasn't that common, or maybe it wasn't that visible inside of these Fortune 500 global 2000 companies. It may have been common, right? What we used to say back when I worked at RedMonk was you turned around, and you asked the database admins, you know, "Are you running MySQL? "Or are you running Postgres?" You asked the infrastructure engineers, "Are you running Linux here?" and you'll get a yes, nine times out of ten, but the CIO was the last to know. Well now, it's started to flip back around because the CIO's are seeing the business value and adopting Open Source and having a really healthy approach to it, and they're trying to kind of normalize the approach to it as a consequence to that, saying, "Look, it's awesome "that we're adopting Open Source. "We have to use this "so that we can get a competitive advantage "because every thousand lines of code we can adopt "is a thousand lines of code we don't have to write, "and we can focus on our own products instead." And then starting to balance that new model of it used to be, you know, is it buy versus built? And then Sass came around, and it's buy versus build versus rent. And now there's Open Source, and it's buy versus build versus rent versus adopt. So every one of these just shifts conversation a little bit of how do you make the right choice at the right time at the right level of the stack? >> Yeah, that's a great observation, and it's awesome insight. It feels like dumping a little bit, a lot of dumping going on in Open Source, and you worry that the flood of vendor-contributed code is the new tactic, but if you look at all the major inflection points from the web, you know, through bitcoin, which is now 10 years old this year, it all started out as organic community projects or conversations on a message board. So there's still a revolution, and I think you're right. Their script is flipping around. I love that comment about the CIO's were last to know about Open Source. I think now that might be flipping around to the CIO's will be last to know about some proprietary advantage that might come out. So it's interesting to see the trend where you're starting to see smart people look at using Open Source but really identifying how they can use their engineering and their intellectual capital to build something proprietary within Open Source for IT advantage. Are you seeing that same trend? Is that on the radar at all? Is that just more of a fantasy on my part? >> I think it's always on the radar, and I think especially with Open Source projects that might be just a little bit below the surface of where a company's line of business is, that's where it will happen the most often. And so, you know, if you were building an analytics product, and you decided to build it on top of, you know, maybe there's the ELK Stack or the Elastic Stack, or maybe there's Graylog. There's a bunch of tools in that space, right? Maybe, you know, Solar, that sort of thing. And you're building an analytics tool or some kind of graph tool or whatever it might be, yeah, you might be inclined to say, "Well, the functionality's not quite there. "Maybe we need to build a new plugin. "Maybe we need to enhance a little bit." And I think this is the same conversation that a lot of the Linux kernel embedded group went through some number of years ago, which is, it's long term a higher burden to maintain a lot of those forks in-house and keep updating them forever than it is to bring some of that functionality back upstream. That's a good, healthy dialogue that hopefully will be happening more and more inside a lot of these companies that are taking Open Source and enhancing it for their own purposes, is taking the right level of those enhancements, deciding what that right level is, and contributing those back upstream and building a really healthy upstream participation regardless of whether you're a software vendor or an adopter of that software that uses it as a really critical part of their product stack. >> Awesome, Donnie, thanks for spending the time chatting with me today. Great to see you, great to connect over our remote here in our studio in Palo Alto. A final question for you. Are you having fun, these days? And what are you most excited about because, again, you've seen. You've been on multiple sides of the table. You've seen what the vendors have. You actually had the realities of doing your job to build value for Carlson Wagonlit Travel, CWT. What are you excited about right now? What's hot for you? What's jazzing you these days? >> Yeah, I think what's hot for me is, you know, to me there's nothing or very little that's revolutionary in technology. A lot of it is evolutionary, right? So you can't say nothing's new. There's always something a little bit different. And so the serverless is another example of something that it's a little bit different. It's a little bit new. It's similar to some previous takes, but you got new angles, specifically around the financials and around, you know, how do you pay? How is it priced? How do you get really almost closer to the metal, right? Get the things you need to happen closer to the way you're paying for them or the way they're running. That's remains a really exciting area for me. I've been going to Serverlessconf for probably since the first or second one now. I haven't been to the most recent one, but you know, there's so much value left in there to be tapped that I'm not yet really on to say, "What's next? What's next?" I've helped myself move out of that analyst world of getting excited about what's next, and for me it's now, "What's ready now?" Where can I leverage some value today or tomorrow or next week? And not think about what's coming down the pipe. So for me, that's, "Well, what went GA?" Right? What can I pick up? What can I scale inside our company so that we can drive the kinds of change we're looking for? So, you know, you asked me what am I the most excited about right now, and it's being here a year and a half and seeing the culture change that I've been driving since day one start to come back. Seeing teams that have never built automation in their lives independently go and learn it and build some automation and save themselves 80 hours a month. That's one example that just came out of our group a couple months back. That's what's valuable for me. That's what I love to see happen. >> Automation's addicting. It's almost an addictive flywheel. We automate something. Oh, that's awesome. I can move on to something else, something better. That was grunt work. Why do I want to do that again? Donnie, thanks so much, and again, thanks for the insight. I appreciate you taking the time and sharing with theCUBE here in our studio. Donnie Berkholz is the VP of IT source of CWT, a great guest. I'm John Furrier here inside theCUBE studio in Palo Alto. Thanks for watching. (lively music)