(upbeat music) >> Hi everyone, and welcome back to managing risk across your extended attack service area with Armis Asset Intelligence Platform. I'm John Furrier, your host. We're here with the CISO Perspective. Alex Schuchman, who is the CISO of Colgate-Palmolive Company. Alex, thanks for coming on. >> Thanks for having me. >> You know, unified visibility across the enterprise service area is about knowing what you got to protect. You can't protect what you can't see. Tell me more about how you guys are able to centralize your view with network assets with Armis. >> Yeah, I think the most important part of any security program is really visibility. And that's one of the building blocks when you're building a security program. You need to understand what's in your environment, what you can control, what is being introduced new into the environment, and that's really what, any solution that gives you full visibility to your infrastructure, to your environment, to all the assets that are there, that's really one of your bread and butter pieces to your security program. >> What's been the impact on your business? >> You know, I think from an IT point of view, running the security program, you know, our key thing is really enabling the business to do their job better. So if we can give them visibility into all the assets that are available in their individual environments, and we're doing that in an automated fashion with no manual collection, you know, that's yet another thing that they don't have to worry about, and then we're delivering. Because really IT is an enabler for the business. And then they can focus really on what their job is, which is to deliver product. >> Yeah, and a lot of changes in their network. You got infrastructure, you got IOT devices, OT devices. So vulnerability management becomes more important. It's been around for a while, but it's not just IT devices anymore. There are gaps in vulnerability across the OT network. What can you tell us about Colgate's use of Armis' vulnerability management? What can you see now? What couldn't you see before? Can you share your thoughts on this? >> Yeah, I think what's really interesting about the kind of manufacturing environments today is, if you look back a number of years, most of the manufacturing equipment was really disconnected from the internet. It was really running in silos. So it was very easy to protect equipment that isn't internet-connected. You could put a firewall, you could segment it off. And it was really on an island on its own. Nowadays, you have a lot of IOT devices. you have a lot of internet-connected devices, sensors providing information to multiple different suppliers or vendor solutions. And you have to really then open up your ecosystem more, which, of course, means you have to change your security posture, and you really have to embrace if there's a vulnerability with one of those suppliers then how do you mitigate the risk associated to that vulnerability? Armis really helps us get a lot of information so that we can then make a decision with our business teams. >> That whole operational aspect of criticality is huge, on the assets knowing what's key. How has that changed the security workload for you guys? >> You know, for us, I mean, it's all about being efficient. If we can have the visibility across our manufacturing environments, then my team can easily consume that information. You know, if we spend a lot of time trying to digest the information, trying to process it, trying to prioritize it, that really hurts our efficiency as a team or as a function. What we really like is being able to use technology to help us do that work. We're not an IT shop. We're a manufacturing shop, but we're a very technical shop so we like to drive everything through automation and not be a bottleneck for any of the actions that take place. >> You know the old expression, is the juice worth the squeeze? It comes up a lot when people are buying tools around vulnerability management, and point for all this stuff. So SaaS solution is key with no agents to deploy. They have that. Talk about how you operationalize Armis in your environment. How quickly did it achieve time to value? Take us through that consumption of the product, and what was the experience like? >> Yeah, I'll definitely say in the security ecosystem, that's one of the biggest promises you hear across the industry. And when we started with Armis, we started with a very small deployment, and we wanted to make sure if it was really worth the lift, to your point. We implemented the first set of plants very quickly, actually even quicker than we had put in our project plan, which is not typical for implementing complex security solutions. And then we were so successful with that, we expanded to cover more of our manufacturing plants, and we were able to get really true visibility across our entire manufacturing organization in the first year, with the ability to also say that we extended that information, that visibility to our manufacturing organization, and they could also consume it just as easily as we could. >> That's awesome. How many assets did you guys discover? Just curious on the numbers? >> Oh, that's the really interesting part. You know, before we started this project we would've had to do a manual audit of our plants, which is typical in our industry. You know, when we started this project and we put in estimates, we really didn't have a great handle on what we were going to find. And what's really nice about the Armis solution is it's truly giving you full visibility. So you're actually seeing, besides the servers, and the PLCs, and all the equipment that you're familiar with, you're also connecting it to your wireless access points. You're connecting it to see any of those IOT devices as well. And then you're really getting full visibility through all the integrations that they offer. You're amazed how many devices you're actually seeing across your entire ecosystem. >> It's like Google maps for your infrastructure. You know, the street view. You want to look at it. You get the, you know, fake tree in there, whatever, but it gives you the picture. That's key. >> Correct. And with a nice visualization and an easy search engine, similar to your Google analogy, you know, everything is really at your fingertips. If you want to find something, you just go to the search bar, click a couple entries and boom, you get your list of the associated devices or the the associated locations devices. >> Well, Alex, I appreciate your time. I know you're super busy at CSIG a lot of your plate. Thanks for coming on sharing. Appreciate it. >> No problem, John. Thanks for having me. >> Okay. In a moment, Bryan Inman, a sales engineer at Armis will be joining me. You're watching theCUBE, the leader in high tech coverage. Thanks for watching. (upbeat music)

>> Okay, up next in the Lightning Talk Session is Brian Galligan; Mgr, Security and Operations at Brookfield Properties. Brian, great to see you. Thanks for coming on. >> Thanks for having me, John. >> So unified visibility across extended asset surface area is key these days. You can't secure what you can't see. So tell me more about how you were able to centralize your view of network assets with Armis and what impact that had on your business. >> Yeah, that's been a really key component of ours where we've actually owned multiple companies with them and are always acquiring companies from time to time. So it's always a question. What is actually out there and what do we need to be worried about. So from an inventory perspective it's definitely something that we've been looking into. Armis was a great partner in being able to get us the visibility into a lot of the IoT that we have out in the environment. And then also trying to find what we have and what's actually installed on those devices. What's running, who's talking to who. So that's definitely been a key component with our partnership with Armis. >> You know, we interview a lot of practitioners and companies and one things we found is vulnerability Management programs. There's a lot of gaps. You know, vulnerability management comes across more sometimes just IT devices, but not all assets. How has Armis Vulnerability Management made things better for your business? And what can you see now that you couldn't see before? >> Yeah, again, because we own multiple companies and they actually use different tools for vulnerability management. It's been a challenge to be able to compare apples to apples on when we have vulnerability. When we have risk out there, how do you put a single number to it? How do you prioritize different initiatives across those sectors? And being able to use Armis and have that one score, have that one visibility and also that one platform that you can query across all of those different companies, has been huge because we just haven't had the ability to say are we vulnerable to X, Y and Z across the board in these different companies? >> You know, it's interesting when you have a lot of different assets and companies, as you mentioned. It kind of increases the complexity and yeah we love the enterprise. You solve complexity by more complexity but that's not the playbook anymore. We want simplicity. We want to have a better solution. So when you take into account, the criticality of these businesses as you're integrating in, in real time and the assets within those business operations you got to keep focused on the right solutions. What has Armis done for you that's been correct and right for you guys? >> Yeah, so being able to see the different like be able to actually drill down into the nitty gritty on what devices are connecting to what. Being able to enforce policies that way, I think has been a huge win that we've been able to see from Armis. It's one of those things where we were able to see north-south traffic. No problem with our typical SIM tools, firewall tools and different logging sources but we haven't been able to see anything east-west and that's where we're going to be most vulnerable. That's where we've been actually found. We found some gaps in our coverage from a pen test perspective where we've found that where we don't have that visibility. Armis has allowed us to get into that communication to better fine tune the rules that we have across devices across sectors, across the data center to properties. Properties of the data center and then also to the cloud. >> Yeah, visibility into the assets is huge. But as you're in operations you got to operationalize these tools. I mean, some people sound like they've got a great sales pitch and all sounds like, "Wait a minute, I got to re-configure my entire operations." At the end of the day, you want to have an easy to use, but effective capability. So you're not taxed either personnel or operations. How easy has it been with Armis to implement from an ease of use, simplicity, plug and play? In other words, how quickly did you get to the time to value? Can you share your thoughts? >> This honestly is the biggest value that we've seen in Armis. I think a, a big kudos goes to the professional services group for getting us stood up being able to explain the tool, be able to dig into it and then get us to that time to value. Honestly, we've only scratched the surface on what Armis can give us which is great because they've given us so much already. So definitely taking that model of let's crawl, walk, run with what we're able to do. But the professional services team has given us so much assistance in getting from one collector to now many collectors. And we're in that deployment phase where we're able to gather more data and find those anomalies that are out there. I again, big props to the, the professional services team. >> Yeah, you know one of we'd add an old expression when you know when the whole democratization happened on the web here comes all the people, you know social media and whatnot now with IoT here comes all the devices. Here comes all the things- >> Yeah. >> Things >> More things are being attached to the network. So Armis has this global asset knowledge base that crowd-sources the asset intelligence. How has that been a game changer for you? And were you shocked when you discovered how many assets they were able to discover and what impact did that have for you? >> We have a large wifi footprint for guests, vendors, contractors that are working on site along with our corporate side, which has a lot of devices on it as well. And being able to see what devices are using what services on there and then be able to fingerprint them easily has been huge. I would say one of the best stories that I can tell is actually with a pen test that we ran recently. We were able to determine what the pen test device was and how it was acting anomalous and then fingerprint that device within five minutes opposed to getting on the phone with probably four or five different groups to figure out what is this device? It's not one of our normal devices. It's not one of our normal builds or anything. We were able to find that device within probably three to five minutes with Armis and the fingerprinting capability. >> Yeah, nothing's going to get by you with these port scans or any kind of activity, so to speak, jumping on the wifi. Great stuff. Anything else you'd like to share about Armis while I got you here? >> Yeah, I would say that something recently, we actually have an open position on our team currently. And one of the most exciting things is being able to share our journey that we've had with Armis over the last year, year and a half, and their eyes light up when they hear the capabilities of what Armis can do, what Armis can offer. And you see a little bit of jealousy of, you know, "Hey I really wish my current organization had that." And it's one of those selling tools that you're able to give to security engineers, security analysts saying, "Here's what you're going to have on the team to be able to do your job, right." So that you don't have to worry about necessarily the normal mundane things. You get to actually go do the cool hunting stuff, which Armis allows you to do. >> Well. Brian, thanks for the time here on this Lightning Talk, appreciate your insight. I'm John Furrier with theCUBE the leader in enterprise tech coverage. Up next in the Lightning Talk Session is Alex Schuchman. He's the CISO of Colgate-Palmolive Thanks for watching.

>>Hello, Ron. Welcome back to the manage risk across your extended attack service area with Armas asset intelligence platform. I'm Sean furier host we're here at the CSO perspective, Alex Chuck bin, who is the CSO of Colgate Colgate Palm mall of company. Alex, thanks for coming on. >>Thanks for having >>Me, you know, unified visibility across the enterprise surface area is about knowing what you gotta protect. You can't protect what you can't see. Tell me more about how you guys are able to centralize your view with network assets with Armas. >>Yeah, I think the, the most important part of any security program is really visibility. And, and that's one of, kind of the building blocks. When you're building a security program, you need to understand what's in your environment. What's what you control, what is being introduced new into the environment. And that's really what any solution that gives you full visibility to your infrastructure, to your environment, to all the assets that are there, that that's really one of your bread and butter pieces to your security program. >>What's been the impact on your business? >>You know, I, I think from, from an it point of view, running the security program, you know, our key thing is really enabling the business to do their job better. So if we can give them visibility into all the assets that are available in their individual environments, and we're doing that in an automated fashion with no manual collection, you know, that's yet another thing that they don't have to worry about. And then we're delivering because really it is an enabler for the business. And then they can focus really on what their job is, which is to, to deliver product. >>Yeah. And a lot of changes in their network. You got infrastructure, you got OT devices, OT devices. So vulnerability management becomes more important. It's been around for a while, but it's not just it devices anymore. There are gaps in vulnerability across the OT network. What can you tell us about Colgate's use of Armas as vulnerability management? What can you, can you see now what you couldn't you see before? Can you share your thoughts on this? >>Yeah, I, I think what's really interesting about the, the kind of manufacturing environments today is if you look back a number of years, most of the manufacturing equipment was really disconnected from the internet. It was really running in silos. So it was very easy to protect equipment that, that isn't internet connected. You could put a firewall, you could segment it off. And it was, it was really on an island on its own. Nowadays you have a lot of IOT devices. You have a lot of internet connected devices, sensors providing information to multiple different suppliers or vendor solutions. And you have to really then open up your ecosystem more, which of course means you have to change your security posture and you really have to embrace. If there's a vulnerability with one of those suppliers, then how do you mitigate the risk associated to vulnerability? Armas really helps us get a lot of information so that we can then make a decision with our business teams. >>That whole operational aspect of criticality is huge. How on the assets knowing what's what's key? How has that changed your, the, the security workload for you guys? >>Yeah, for us, I mean, it, it's all about being efficient. If we can have the, the visibility across our manufacturing environments, then, then my team can easily consume that information. You know, if we spend a lot of time trying to digest the information, trying to process it, trying to prioritize it, that, that, that really hurts our efficiency as, as a team where as a function, what we really like is being able to use technology to help us do that work. We're, we're not an it shop. We're a manufacturing shop, but we're a very technical shop so that we like to drive everything through automation and not be a bottleneck for any of the, the actions that take place. >>You know, the old expression is the juice worth. The squeeze. It comes up a lot when people are buying tools around vulnerability management and point, all this stuff. So SAS solution is key with no agents to deploy. They have that talk about how you operationalize Armas in your environment, how quickly did it AC achieve time to value, take us through that, that consumption of the product. And, and, and what was the experience like? >>Yeah, I I'll definitely say a in, in the security ecosystem that that's one of the, the biggest promises you hear across the industry. And when, when we started with Armas, we started with a very small deployment and we wanted to make sure if, if it was really worth the lift to your point, we implemented the, the first set of plants very quickly, actually, even quicker than we had put in our project plan, which is, is not typical for implementing complex security solutions. And then we were so successful with that. We expanded to cover more of our manufacturing plants, and we were able to get really true visibility across our entire manufacturing organization in the first year with the ability to also say that we extended that, that information, that visibility to our manufacturing organization, and they could also consume it just as easily as we could. >>That's awesome. How many assets did you guys discover? Just curious on the numbers? >>Oh, that, that's the really interesting part, you know, before we started this project, we would've had to do a, a manual audit of, of our plants, which is typical in, in our industry. You know, when, when we started this project and, and we put in estimates, we really, really didn't have a great handle on what we were gonna find. And what's really nice about the Arma solution is it it's truly giving you full visibility. So you're actually seeing, besides the servers and the PLCs and all the equipment that you're familiar with, you're also connecting it to your wireless access points. You're connecting it to see any of those IOT devices as well. And then you're really getting full visibility through all the integrations that they offer. You're amazed how many devices you're actually seeing across your entire ecosystem. >>It's like Google maps for your infrastructure. You get little street view. You wanna look at it, you get the, you know, fake tree in there, whatever, but it gives you the picture that's key, >>Correct. And with a nice visualization and an easy search engine, similar to your, your Google analogy, you know, everything is, is, is really at your fingertips. If you wanna find something, you just go to the search bar, click a couple entries and, and boom, you get your, your list of the associated devices or the, the associated locations devices. >>Well, I appreciate your time. I know you're super busy at CSIG a lot of your plate. Thanks for coming on sharing. Appreciate it. >>No problem, John. Thanks for having me. >>Okay. In a moment, Brian Inman, a sales engineer at Armas will be joining me. You're watching the cube, the leader in high tech coverage. Thanks for watching.

>>Hello, and welcome to the cube conversation here in Palo Alto, California. I'm John furier host of the cube. We got a great guest, a chief information security officer CISO, Alex Shukman who's with Colgate Paul mall of company, Alex. Thanks for coming on this cube conversation. >>Thanks for having me, >>John. So fresh off the heels of RSA in San Francisco was quite the spectacle people back in person. Um, a lot of great conversations, kind of the old conversations, moving to the new, uh, really good to see, but CISO, the CISO agenda was clear on everyone's mind, more attacks, no surface area. Perimeter's dead. You got cloud native shift left, SBOs open sourced, supply chain and technology. Uh, software's now open source. How do you deal with that? A lot of complicated issues all through the prism of constantly being hacked with ransomware, everything else going on, you're in the middle of it. You gotta protect manufacturing assets, people, assets, intellectual property, you're in the middle of it. What's, what's the view. What's your current scope, the problem that you're dealing with every day. >>Yeah, it's really interesting world we live in today. Um, and, and definitely, uh, you know, the key topics were jumping around in RSA. Um, you know, everyone seems to be really trying to understand the, the environment better. And, you know, I, I think in the past we saw a lot of attacks against financial sector, a a lot of, of tax against critical infrastructure, but now many of us in the private sector, uh, especially in the non-critical manufacturing areas, you know, we're seeing the same thing that those industries have seen for many years. And so the criminals are getting, you know, less picky about their targets and, and they're targeting, uh, publicly traded companies, as much as they're targeting critical infrastructure. They're not as, uh, picky as they used to be. >>Yeah. You know, you see healthcare, financial services, uh, manufacturing, um, all there, intellectual, property's a big one, but you have, you know, now as you guys have your business, you're dealing with a global, um, borderless environment. You know, that's a big thing. You also have service providers probably work with. So you gotta have the business operations run modern in a modern way at the same time, protect in the modern way. What is the top agenda item for you in your sector, in, in manufacturing, in this area? What's the main high level, um, important task that you usually face every day? >>Yeah. When we talk to a lot of our, our peer companies or peers in the security industry, uh, especially in, in, at RSA, you know, a lot of 'em are very focused on their, their us business, a as well as you know, how to protect themselves. You know, I think one of the things that's really interesting about FGI Pala is that we are a global company and we really do have operations everywhere, uh, both from an, an office presence, a business presence, as well as manufacturing. So, you know, everything that, that those companies have to deal with who are primarily us based, and maybe they're aligning with some us intelligence, uh, we have to, to really incorporate global threats into our security program. Uh, and, and I think that's one of the really interesting things about Colgate, especially for people, uh, maybe who are familiar with our products, cuz they grew up using them. Mm-hmm <affirmative>, uh, you know, we have products, uh, all over the world and depending on which area you're in, you know, we are the one security team who's responsible for protecting the entire Colgate world. >>How has the pandemic pulled forward issues or highlighted more necessity around certain areas? Obviously the work from home thing is pretty obvious for many people and who would've thought you'd have to provision a hundred percent VPNs or whatever endpoint protection. Um, what, how has that affected you, your, your area, your company and your sector, um, how has the pandemic impacted your security? >>Yeah, and I think this is a really interesting topic. You've I I've heard many other people, uh, talk about their response to the COVID 19 pandemic over the last few years. Um, you know, I, I think the, the, the best way to answer it from, from my personal perspective is if, if you were prepared for remote work or you were prepared for a partially remote workforce, then you really could have been very prepared for the pandemic. So even prior to the pandemic, you had people traveling on business and you needed to provide system access, but in a secure way, you had people doing short term assignments, you had a remote sales force and you had a number of different, especially being a global company, uh, people working out of an office, that's not their traditional office. Mm-hmm <affirmative>. If, if you look at all the security prepared, preparedness that you need to do to enable all that, it's not that much different than the pandemic, except that it's really on steroids and it's gone a hundred times further. >>It makes everyone work harder. Yeah. You have to prepare for the a hundred percent scenario, not, you know, not some, uh, um, estimate, um, good, good call out. And the other thing too, is that there's also these, these markets where it gets pulled forward, but then pulls back when the pandemic is over. Have you seen any of that as we kind of come into our third year of, I guess, hybrid being steady state, what has kind of gone away, fell off the plate? What's been, what's the steady state. How do you, have you seen anything kind of go back? >>Yeah, I, I think one of the things that kind of seems to ping pong back and forth is, is our ability to really rely on suppliers to, to deliver it equipment. So, you know, being a, a global company we're, we have employees all over the world, we have it infrastructure that we're supporting across the globe. And, and as you see, different countries go into lockdowns, as you see different suppliers faced with, with different pressures, you know, that seems to be something that kind of ebbs and flows over the last few years, uh, being able to get laptops, being able to get multiple devices, being able to get communications equipment. So, um, you know, I think some of those industries are still trying to evolve, uh, post pandemic. Right. >>You know, I always, I always like to ask the question privately, but I won't do it on camera, how much budget you have and how much you spend on cyber. Um, but you know, generally speaking, I think it's pretty safe to say the number's going up and up, um, cuz of the threats and you got more vectors coming in, but on the question of what tools and platforms work best for you, what are you looking for? What works best from your perspective, as you evaluate new things, right? You gotta look at the new, then you gotta keep up with the state of the art to, to be ahead of the bad guys and obvious you take risk management very seriously, as well as prepare. Right. So what are some of the tools that work for you? What do you see out there that that's getting your attention? >>Yeah, you know, I, I look at a lot of different vendor solutions. I think, uh, that's pretty prevalent in our industry. I look for solutions from large names, suppliers that have been around for a number of years, but I also like to, to look at startup companies who are really trying to innovate and, and make a solution, that number one is easy to implement. And number two is, is easy to keep working. If, if we're spending more time keeping a solution working than we are using the solution. I think that's one of the pain points that than other security, uh, programs are, are fighting with. You know, we try to really avoid those types of solutions, put something in, make sure that it works well so that we can really focus on getting the value out of the solution versus trying to keep it running. >>You know, the old SAS equation, helping the enterprise get better at the old enterprise playbook, which was how do you solve complexity by adding more complexity and, you know, lock in or, you know, <laugh> more costs, hidden costs under the water, so to speak or the shark fan or the iceberg, uh, cost of ownership. I mean, so it's a time to value shift, um, cuz your time's valuable and you've got staff and the hiring's not easy. This is a huge point. >>Yeah. We're a manufacturing organization. Obviously our, our goal as a company is to produce, to sell to consumers. You know, it is a cost center. We're trying to be as efficient as possible yet still support our business and keep it safe. So, uh, if we're investing in a security solution or if we're investing in, in a, a vendor solution that that does provide some layer of protection, you know, we wanna make sure that that's efficient as possible for us and, and that we get value out of it immediately. Uh, you know, that's always the, the hardest thing to try to find a solution that, that fits your business, but also delivers value to your organization. >>You know, it's interesting, you mention it as a cost center and you're talking about cyber security, which is the, the jewels of the company. You're talking about the criticality of the business model. One hat could really take down companies. So you, you it's really offense you're it's profit center in inherently. If you look at it that way. Um, and a lot of people are looking at this this way because you're a private company, you're not a government, you don't have a militia, you got cyber protection issues. So there's a real trend for CISOs to come together. And we're seeing this, uh, about sharing for instance, you know, sharing a threat information. So there's been a big movement in the CISO community. Uh, and I'm curious to get your reaction to this and what your conversations are, where sharing is really about collective intelligence and winning and ex and helping each other. And there's this, it's a, it's a, it's an enable user enablement, a CISO enablement kind of vibe. How do you have those conversations? What is, uh, when you huddle with your CISO buddies and friends and colleagues, what's the conversations like, is this sharing thing real is how do you do it effectively? Is it data rooms? Is it, how do you protect the information? Can you share your perspective on that? Cause this is a kind of a real cutting edge area right now. >>Yeah, I think in the, in the public sector, especially in, in, uh, in the government side, as well as critical manufacturing, critical infrastructure, you know, they really do it best in class and have done it for years out, out of necessity. Uh, what's really nice to see, especially on CS a and some of the latest initiatives like shields up is, is a lot more public private sharing going on. There's a lot more information available to us as a private company. Who's not part of, of the DIB or any of the intelligence community, but at the same time, we need to protect ourselves from the bad guys as much as they do. So, you know, I like the fact that that we're seeing CS a do more and more outreach to connect public and private sector, plus there's more and more sharing initiatives going on in the ISAC communities and making sure that barrier is low and, and they're, they're sharing, uh, threat Intel IOCs, but in a safe way among a, a community of security practitioners, security practitioners are, are great at sharing. They just need the permission to do so. >>Exactly. And then getting that, getting that mindset of, we're not just a cost setter, we're a critical division or group that protects the assets. And I think that's where I seen security elevate from the it world where yeah, King's born in it, cuz that's where that, where everything is, assets are all there. And then as assets change it, you guys have a lot of operational technology called OT on your manufacturing. You gotta deal with that. Now that's usually locked down. Pretty good. Right. <laugh> so as you bring OT and it together, you guys are in the middle of that industrial I OT world. >>Yeah. What's really interesting about my, uh, career at Colgate. I I've been here for, for 25 years and uh, actually the majority of my career has been in it supporting business applications, uh, either for our sales force or our manufacturing organization, our finance and HR teams. So I really got a, a good partnership with our business teams and really understood what they were trying to deliver. Then in the last few years, when I shifted over security, it really helped me bridge that gap and understand, you know, what the business systems are doing, what the OT systems are doing and then how to best secure them. >>Yeah, it's interesting. It's it kind of goes away. It's everything now it's digital, right? Digital digitization, digital transformation. This is what what's awesome. And this is what I love about the cloud scale and it's about bringing the two worlds together and the hybrid is a steady state. Now, both workforce and environment, Alex. Great to get your perspective. Um, thanks for sharing, um, insight here on the cube. Final question, give a plug for what you're working on. What's the cool projects you got going. If you can share a little bit without getting confidential information out there, what's going on at Colgate? Uh what's on your plate. What are you excited about? Put a plug. Are you looking for hiring, give a quick plug for what you got working on? >>I mean, we have a great team. Uh, we've been growing the team steadily, uh, building out our, our security program. Uh, you know, we're always looking to hire new talent, uh, from different industries. Uh, we've been very focused on making sure that that we're building a diverse talent group inside my security program. So I'm not just looking for, uh, security practitioners. Who've been doing this for 25 years, but I've been hiring from various places like, uh, infrastructure service provider consultants, pen testers, and really trying to build, uh, uh, the best team possible. >>Yeah, just as a side to real quick note is I was chatting with a friend of mine the other day were old, old Foggie. Um, the young guns have never racked gear before. Right. They don't, they've never loaded Linux on a box. So, you know, as you start hiring some of the young talent, what's it like, what are they coming in? Obviously they probably probably have a broader CS perspective. Maybe they're probably more familiar, but you know, some of the different really rack gear all. So what is it like, what, what are some of the new, new, new young folks looking at right now? What's the, what's the skill. >>Yeah, they they're, they're used to cloud consoles and right clicking to, uh, to spin up a computer. And in an our day we unboxed the computer, put racks on, you know, had to plug in power and network and figure out, uh, you know, the right way to, to, to hook everything up and even load an OS. I mean, uh, you know, you're right out of, uh, university today, you, you probably right. Click spin up a, uh, an image in, in one of the public clouds and the OS boom comes up automatically for you, like imagine. So they >>Probably are like fish to water on the, on the dashboards and the, on some of the security challenges I can imagine they have a nice fit there, >>But at the same time, uh, you know, they have a great understanding of, uh, containers. They have a great understanding of server list. So you can really, uh, kind of marry the, the old school technology with some of the new ways of working. >>Yeah. Great stuff. Great. We'll have to do a segment on, uh, on talent and what the new roles are. A lot of openings, a lot of new opportunities. It really is a great time to be in this new digital, I don't know what the call it's nearly not it anymore. It's just digital transformation. Uh, it's just, it's just the way it is. Thanks for coming on. Appreciate it, Alex. Thanks for your time. >>Thanks a lot, John. Okay. Take >>Care. Just a cube conversation here in Palo Alto. I'm John fur host of the cube. Thanks for watching.

>> Okay, up next in the Lightning Talk Session is Brian Galligan; Mgr, Security and Operations at Brookfield Properties. Brian, great to see you. Thanks for coming on. >> Thanks for having me, John. >> So unified visibility across extended asset surface area is key these days. You can't secure what you can't see. So tell me more about how you were able to centralize your view of network assets with Armis and what impact that had on your business. >> Yeah, that's been a really key component of ours where we've actually owned multiple companies with them and are always acquiring companies from time to time. So it's always a question. What is actually out there and what do we need to be worried about. So from an inventory perspective it's definitely something that we've been looking into. Armis was a great partner in being able to get us the visibility into a lot of the IoT that we have out in the environment. And then also trying to find what we have and what's actually installed on those devices. What's running, who's talking to who. So that's definitely been a key component with our partnership with Armis. >> You know, we interview a lot of practitioners and companies and one things we found is vulnerability Management programs. There's a lot of gaps. You know, vulnerability management comes across more sometimes just IT devices, but not all assets. How has Armis Vulnerability Management made things better for your business? And what can you see now that you couldn't see before? >> Yeah, again, because we own multiple companies and they actually use different tools for vulnerability management. It's been a challenge to be able to compare apples to apples on when we have vulnerability. When we have risk out there, how do you put a single number to it? How do you prioritize different initiatives across those sectors? And being able to use Armis and have that one score, have that one visibility and also that one platform that you can query across all of those different companies, has been huge because we just haven't had the ability to say are we vulnerable to X, Y and Z across the board in these different companies? >> You know, it's interesting when you have a lot of different assets and companies, as you mentioned. It kind of increases the complexity and yeah we love the enterprise. You solve complexity by more complexity but that's not the playbook anymore. We want simplicity. We want to have a better solution. So when you take into account, the criticality of these businesses as you're integrating in, in real time and the assets within those business operations you got to keep focused on the right solutions. What has Armis done for you that's been correct and right for you guys? >> Yeah, so being able to see the different like be able to actually drill down into the nitty gritty on what devices are connecting to what. Being able to enforce policies that way, I think has been a huge win that we've been able to see from Armis. It's one of those things where we were able to see north-south traffic. No problem with our typical SIM tools, firewall tools and different logging sources but we haven't been able to see anything east-west and that's where we're going to be most vulnerable. That's where we've been actually found. We found some gaps in our coverage from a pen test perspective where we've found that where we don't have that visibility. Armis has allowed us to get into that communication to better fine tune the rules that we have across devices across sectors, across the data center to properties. Properties of the data center and then also to the cloud. >> Yeah, visibility into the assets is huge. But as you're in operations you got to operationalize these tools. I mean, some people sound like they've got a great sales pitch and all sounds like, "Wait a minute, I got to re-configure my entire operations." At the end of the day, you want to have an easy to use, but effective capability. So you're not taxed either personnel or operations. How easy has it been with Armis to implement from an ease of use, simplicity, plug and play? In other words, how quickly did you get to the time to value? Can you share your thoughts? >> This honestly is the biggest value that we've seen in Armis. I think a, a big kudos goes to the professional services group for getting us stood up being able to explain the tool, be able to dig into it and then get us to that time to value. Honestly, we've only scratched the surface on what Armis can give us which is great because they've given us so much already. So definitely taking that model of let's crawl, walk, run with what we're able to do. But the professional services team has given us so much assistance in getting from one collector to now many collectors. And we're in that deployment phase where we're able to gather more data and find those anomalies that are out there. I again, big props to the, the professional services team. >> Yeah, you know one of we'd add an old expression when you know when the whole democratization happened on the web here comes all the people, you know social media and whatnot now with IoT here comes all the devices. Here comes all the things- >> Yeah. >> Things >> More things are being attached to the network. So Armis has this global asset knowledge base that crowd-sources the asset intelligence. How has that been a game changer for you? And were you shocked when you discovered how many assets they were able to discover and what impact did that have for you? >> We have a large wifi footprint for guests, vendors, contractors that are working on site along with our corporate side, which has a lot of devices on it as well. And being able to see what devices are using what services on there and then be able to fingerprint them easily has been huge. I would say one of the best stories that I can tell is actually with a pen test that we ran recently. We were able to determine what the pen test device was and how it was acting anomalous and then fingerprint that device within five minutes opposed to getting on the phone with probably four or five different groups to figure out what is this device? It's not one of our normal devices. It's not one of our normal builds or anything. We were able to find that device within probably three to five minutes with Armis and the fingerprinting capability. >> Yeah, nothing's going to get by you with these port scans or any kind of activity, so to speak, jumping on the wifi. Great stuff. Anything else you'd like to share about Armis while I got you here? >> Yeah, I would say that something recently, we actually have an open position on our team currently. And one of the most exciting things is being able to share our journey that we've had with Armis over the last year, year and a half, and their eyes light up when they hear the capabilities of what Armis can do, what Armis can offer. And you see a little bit of jealousy of, you know, "Hey I really wish my current organization had that." And it's one of those selling tools that you're able to give to security engineers, security analysts saying, "Here's what you're going to have on the team to be able to do your job, right." So that you don't have to worry about necessarily the normal mundane things. You get to actually go do the cool hunting stuff, which Armis allows you to do. >> Well. Brian, thanks for the time here on this Lightning Talk, appreciate your insight. I'm John Furrier with theCUBE the leader in enterprise tech coverage. Up next in the Lightning Talk Session is Alex Schuchman. He's the CISO of Colgate-Palmolive Thanks for watching.

>> Narrator: Live from Silicon Valley, it's theCUBE, covering Google Cloud, Next 17. >> Hey, welcome back everyone. We're here live in the Palo Alto Studios, SiliconANGLE Media, is theCUBE's new 4400 square foot studio, here in our studio, this is our sports center. I'm here with Stu Miniman, analyst at Wikibon on the team. I was at the event all day today, drove down to Palo Alto to give us the latest in-person updates, as well as, for the past two days, Stu has been at the Analyst Summit, which is Google's first analyst summit, Google Cloud. And Stu, we're going to break down day one in the books. Certainly, people starting to get onto there. After-meetups, parties, dinners, and festivities. 10,000 people came to the Google Annual Cloud Next Conference. A lot of customer conversations, not a lot of technology announcements, Stu. But we got another day tomorrow. >> John, first of all, congrats on the studio here. I mean, it's really exciting. I remember the first time I met you in Palo Alto, there was the corner in ColoSpace-- >> Cloud Air. >> A couple towards down for fries, at the (mumbles) And look at this space. Gorgeous studio. Excited to be here. Happy to do a couple videos. And I'll be in here all day tomorrow, helping to break down. >> Well, Stu, first allows us to, one, do a lot more coverage. Obviously, Google Next, you saw, was literally a blockbuster, as Diane Greene said. People were around the block, lines to get in, mass hysteria, chaos. They really couldn't scale the event, which is Google's scale, they nailed the scale software, but scaling event, no room for theCUBE. But we're pumping out videos. We did, what? 13 today. We'll do a lot more tomorrow, and get more now. So you're going to be coming in as well. But also, we had on-the-ground, cause we had phone call-ins from Akash Agarwal from SAP. We had an exclusive video with Sam Yen, who was breaking down the SAP strategic announcement with Google Cloud. And of course, we have a post going on siliconangle.com. A lot of videos up on youtube.com/siliconangle. Great commentary. And really the goal was to continue our coverage, at SiliconANGLE, theCUBE, Wikibon, in the Cloud. Obviously, we've been covering the Cloud since it's really been around. I've been covering Google since it was founded. So we have a lot history, a lot of inside baseball, certainly here in Palo Alto, where Larry Page lives in the neighborhood, friends at Google Earth. So the utmost respect for Google. But really, I mean, come on. The story, you can't put lipstick on a pig. Amazon is crushing them. And there's just no debate about that. And people trying to put that out there, wrote a post this morning, to actually try to illustrate that point. You really can't compare Google Cloud to AWS, because it's just two different animals, Stu. And my point was, "Okay, you want to compare them? "Let's compare them." And we're well briefed on the Cloud players, and you guys have the studies coming out of Wikibon. So there it is. And my post pretty much sums up the truth, which is, Google's really serious about the enterprise. Their making steps, there's some holes, there's some potential fatal flaws in how they allow customers to park their data. They have some architectural differences. But Stu, it's really a different animal. I mean, it's apples and oranges in the Cloud. I don't think it's worthy complaining, because certainly Amazon has the lead. But you have Microsoft, you have Google, you have Oracle, IBM, SAP, they're all kind of in the cluster of this, I call "NASCAR Formation", where they're all kind of jocking around, some go ahead. And it really is a race to get the table stake features done. And really, truly be serious contender for the enterprise. So you can be serious about the enterprise, and say, "Hey, I'm serious about the enterprise." But to be serious winner and leader, are two different ball games. >> And a lot to kind of break down here, John. Because first of all, some of the (mumbles) challenges, absolutely, they scaled that event really big. And kudos to them, 10,000 people, a lot of these things came together last minute. They treated the press and analysts really well. We got to sit up front. They had some good sessions. You just tweeted out, Diane Greene, in the analyst session, and in the Q&A after, absolutely nailed it. I mean, she is an icon in the industry. She's brilliant, really impressive. And she's been pulling together a great team of people that understand the enterprise. But who is Google going after, and how do they compete against so of the other guys, is really interesting to parse. Because some people were saying in the keynote, "We heard more about G Suite "than we heard about some of the Cloud features." Some of that is because they're going to do the announcements tomorrow. And you keep hearing all this G Suite stuff, and it makes me think of Microsoft, not Amazon. It makes me think of Office 365. And we've been hearing out of Amazon recently, they're trying to go after some of those business productivity applications. They're trying to go there where Microsoft is embedded. We know everybody wants to go after companies like IBM and Oracle, and their applications. Because Google has some applications, but really, their strength is been on the data. The machine the AI stuff was really interesting. Dr. Fei-Fei Li from Stanford, really good piece in the keynote there, when they hired her not that long ago. The community really perked up, and is really interesting. And everybody seems to think that this could be the secret weapon for Google. I actually asked them like, in some of the one-on-ones, "Is this the entry point? "Are most people coming for this piece, "when it's around these data challenges in the analytics, "and coming to Google." And they're like, "Well, it's part of it. "But no, we have broad play." Everything from devices through G Suite. And last year, when they did the show, it was all the Cloud. And this year, it's kind of the full enterprise suite, that they're pulling in. So there's some of that sorting out the messaging, and how do you pull all of these pieces together? As you know, when you've got a portfolio, it's like, "Oh well, I got to have a customer for G Suite." And then when the customer's up there talking about G Suite for a while, it's like, "Wait, it's--" >> Wait a minute. Is this a software? >> "What's going on?" >> Is this a sash show? Is this a workplace productivity show? Or is this a Cloud show? Again, this is what my issue is. First of all, the insight is very clear. When you start seeing G Suite, that means that they've got something else that they are either hiding or waiting to announce. But the key though, that is the head customers. That was one important thing. I pointed out in my blog post. To me, when I'm looking for it's competitive wins, and I want to parse out the G Suite, because it's easy just to lay that on, Microsoft does it with 365 of Office, Oracle does it with their stuff. And it does kind of make the numbers fuzzy a little bit. But ultimately, where's the beef on infrastructure as a service, and platform as a service? >> And John, good customers out there, Disney, Colgate, SAP as a partner, HSBC, eBay, Home Depot, which was a big announcement with Pivotal, last year, and Verizon were there. So these are companies, we all know them. Dan Greene was joking, "Disney is going to bring their magic onto our magic. "And make that work." So real enterprise use cases. They seem to have some good push-around developers. They just acquired Kaggle, which is working in some of that space. >> Apogee. >> Yeah, Apogee-- >> I think Apogee's an API company, come on. What does that relate to? It has nothing to do with the enterprise. It's an API management solution. Okay, yes. I guess it fits the stack for Cloud-Native, and for developers. I get that. But this show has to nail the enterprise, Stu. >> And John, you remember back four years ago, when we went to the re:Invent show for the first time, and it was like, they're talking to all the developers, and they haven't gotten to the enterprise. And then they over-pivoted to enterprise. And I listen to the customers that were talking and keynote today, and I said, "You know, they're talking digital transformation, "but it's not like GE and Nike getting up on stage, "being like, "'We're going to be a software company, "'and we're hiring lots--'" >> John: Moving our data center over. >> They were pulling all of over stuff, and it's like, "Oh yeah, Google's a good partner. "And we're using them--" >> But to be fair, Stu. Let's be fair, for a second. First of all, let's break down the keynotes. And then we'll get to some of the things about being fair. And I think, one, people should be fair to Diane Greene, because I think that the press and the coverage of it, looking at the media coverage, is weak. And I'll tell you why it's weak. Cause everyone has the same story as, "Oh, Google's finally serious about Cloud. "That's old news. "Diane Greene from day one says "we're serious with the Cloud." That's not the story. The story is, can they be a serious contender? That's number one. On the keynote, one, customer traction, I saw that, the slide up there. Yeah, the G Suite in there, but at least they're talking customers. Number two, the SAP news was strategic for Google. SAP now has Google Cloud platform, I mean, Google Cloud support for HANA, and also the SAP Cloud platform. And three, the Chief Data Science from AIG pointed. To me, those were the three highlights of the keynote. Each one, thematically, represents at least a positive direction for Google, big time, which is, one, customer adoption, the customer focus. Two, partnerships with SAP, and they had Disney up there. And then three, the real game changer, which is, can they change the AI machine learning, TensorFlow has a ton of traction. Intel Xeon chips now are optimized with TensorFlow. This is Google. >> TensorFlow, Kubernetes, it's really interesting. And it's interesting, John, I think if the media listened to Eric Schmidt at the end, he was talking straight to them. He's like, "Look, bullet one. "17 years ago, I told Google that "this is where we need to go. "Bullet two, 30 billion dollars "I'm investing in infrastructure. "And yes, it's real, "cause I had to sign off on all of this money. And we've been all saying for a while, "Is this another beta from Google. "Is it serious? "There's no ad revenue, what is this?" And Diane Greene, in the Q&A afterwards, somebody talked about, "Perpetual beta seems to be Google." And she's like, "Look, I want to differentiate. "We are not the consumer business. "The consumer business might kill something. "They might change something. "We're positioning, "this a Cloud that the enterprise can build on. "We will not deprecate something. "We'll support today. "We'll support the old version. "We will support you going forward." Big push for channel, go-to-market service and support, because they understand that that-- >> Yeah, but that's weak. >> For those of us that used Google for years, understand that-- >> There's no support. >> "Where do I call for Google?" Come on, no. >> Yeah, but they're very weak on that. And we broke that down with Tom Kemp earlier, from Centrify, where Google's play is very weak on the sales and marketing side. Yeah, I get the service piece. But go to Diane Greene for a second, she is an incredible, savvy enterprise executive. She knows Cloud. She moved from server to virtualization. And now she can move virtualization to Cloud. That is her playbook. And I think she's well suited to do that. And I think anyone who rushes to judgment on her keynote, given the fail of the teleprompter, I think is a little bit overstepping their bounds on that. I think it's fair to say that, she knows what she's doing. But she can only go as fast as they can go. And that is, you can't like hope that you're further along. The reality is, it takes time. Security and data are the key points. On your point you just mentioned, that's interesting. Because now the war goes on. Okay, Kubernetes, the microservices, some of the things going on in the applications side, as trends like Serverless come on, Stu, where you're looking at the containerization trend that's now gone to Kubernetes. This is the battleground. This is the ground that we've been at Dockercon, we've been at Linux, CNCF has got huge traction, the Cloud Native Compute Foundation. This is key. Now, that being said. The marketplace never panned out, Stu. And I wanted to get your analysis on this, cause you cover this. Few years ago, the world was like, "Oh, I want to be like Facebook." We've heard, "the Uber of this, and the Airbnb of that." Here's the thing. Name one company that is the Facebook of their company. It's not happening. There is no other Facebook, and there is no other Google. So run like Google, is just a good idea in principle, horizontally scalable, having all the software. But no one is like Google. No one is like Facebook, in the enterprise. So I think that Google's got to downclock their messaging. I won't say dumb down, maybe I'll just say, slow it down a little bit for the enterprise, because they care about different things. They care more about SLA than pricing. They care more about data sovereignty than the most epic architecture for data. What's your analysis? >> John, some really good points there. So there's a lot of technology, where like, "This is really cool." And Google is the biggest of it. Remember that software-defined networking we spent years talking about? Well, the first big company we heard about was Google, and they got up of stage, "We're the largest SDN deployer in the world on that." And it's like, "Great. "So if you're the enterprise, "don't deploy SDN, go to somebody else "that can deliver it for you. "If that's Google, that's great." Dockercon, the first year they had, 2014, Google got up there, talked about how they were using containers, and containers, and they spin up and spin down. Two billion containers in a week. Now, nobody else needs to spin up two billion containers a week, and do that down. But they learned from that. They build Kubernetes-- >> Well, I think that's a good leadership position. But it's leadership position to show that you got the mojo, which again, this is again, what I like about Google's strategy is, they're going to play the technology card. I think that's a good card to play. But there are some just table stakes they got to nail. One is the certifications, the security, the data. But also, the sales motions. Going into the enterprise takes time. And our advice to Diane Greene was, "Don't screw the gold Google culture. "Keep that technology leadership. "And buy somebody, "buy a company that's got a full blown sales force." >> But John, one of the critiques of Google has always been, everything they create, they create like for Google, and it's too Googley. I talked to a couple of friends, that know about AWS for a while, and when they're trying to do Google, they're like, "Boy, this is a lot tougher. "It's not as easy as what we're doing." Google says that they want to do a lot of simplicity. You touched on pricing, it's like, "Oh, we're going to make pricing "so much easier than what Amazon's doing." Amazon Reserved Instances is something that I hear a lot of negative feedback in the community on, and Google's like, "It's much simpler." But when I've talked to some people that have been using it, it's like, "Well, generally it should be cheaper, "and it should be easier. "But it's not as predictable. "And therefore, it's not speaking to what "the CFO needs to have. "I can't be getting a rebate sometime down the road. "Based on some advanced math, "I need to know what I'm going to be getting, "and how I'm going to be using it." >> And that's a good point, Stu. And this comes down to the consumability of the Cloud. I think what Amazon has done well, and this came out of many interviews today, but it was highlighted by Val Bercovici, who pointed out that, Amazon has made their service consumable by the enterprise. I think that's important. Google needs to start thinking about how enterprises want to consume Cloud, and hit those points. The other thing that Val and I teased at, was kind of some new ground, and he coined the term, or used the term, maybe he coined it, I'm not sure, empathy. Enterprise empathy. Google has developer empathy, they understand the developer community. They're rock solid on open source. Obviously, their mojo's phenomenal on technology, AI, et cetera, TensorFlow, all that stuff's great. Empathy for the enterprise, not there. And I think that's something that they're going to have to work on. And again, that's just evolution. You mentioned Amazon, our first event, developer, developer, developer. Me and Pat Gelsinger once called it the developer Cloud. Now they're truly the enterprise Cloud. It took three years for Amazon to do that. So you just can't jump to a trajectory. There's a huge amount of diseconomies of scale, Stu, to try and just be an enterprise player overnight, because, "We're Google." That's just not going to fly. And whether it's sales motions, pricing and support, security, this is hard. >> And sorting out that go-to-market, is going to take years. You see a lot of the big SIs are there. PwC, everywhere at the show. Accenture, big push at the show. We saw that a year or two ago, at the Amazon show. I talked to some friends in the channel, and they're like, "Yeah, Google's still got work to do. "They're not there." Look, Amazon has work to do on the go-to-market, and Google is still a couple-- >> I mean, Amazon's not spring chicken here. They're quietly, slowly, ramming up. But they're not in a good position with their sales force, needs to be where they want to be. Let's talk about technology now. So tomorrow we're expecting to see a bunch of stuff. And one area that I'm super excited about with Google, is if they can have their identity identified, and solidified with the mind of the enterprise, make their product consumable, change or adjust or buy a sales force, that could go out and actually sell to the enterprise, that's going to be key. But you're going to hear some cool trends that I like. And if you look at the TensorFlow, and the relationship, Intel, we're going to see Intel on stage tomorrow, coming out during one of the keynotes. And you're going to start to see the Xeon chip come out. And now you're starting to see now, the silicon piece. And this has been a data center nuisance, Stu. As we talked about with James Hamilton at Amazon, which having a hardware being optimized for software, really is the key. And what Intel's doing with Xeon, and we talked to some other people today about it, is that the Cloud is like an operating system, it's a global computer, if you want look at that. It's a mainframe, the software mainframe, as it's been called. You want a diversity of chipsets, from two cores Atom to 72 cores Xeon. And have them being used in certain cases, whether it's programmable silicon, or whether it's GPUs, having these things in use case scenarios, where the chips can accelerate the software evolution, to me is going to be the key, state of the art innovation. I think if Intel continues to get that right, companies like Google are going to crush it. Now, Amazon, they do their own. So this is going to another interesting dynamic. >> Yeah, it was actually one of the differentiating points Google's saying, is like, "Hey, you can get the Intel Skylake chip, "on Google Cloud, "probably six months before you're going to be able to "just call up your favorite OEM of choice, "and get that in there." And it's an interesting move. Because we've been covering for years, John, Google does a ton of servers. And they don't just do Intel, they've been heavily involved in the openPOWER movement, they're looking at alternatives, they're looking at low power, they're looking at from their device standpoint. They understand how to develop to all these pieces. They actually gave to the influencers, the press, the analysts, just like at Amazon, we all walked home with Echo Dot, everybody's walking home with the Google Homes. >> John: Did you get one? >> I did get one, disclaimer. Yeah, I got one. I'll be playing with it home. I figured I could have Alexa and Google talking to each other. >> Is it an evaluation unit? You have to give it back, or do you get to keep? >> No, I'm pretty sure they just let us keep that. >> John: Tainted. >> But what I'm interested to see, John, is we talk like Serverless, so I saw a ton of companies that were playing with Alexa at re:Invent, and they've been creating tons of skills. Lambda currently has the leadership out there. Google leverages Serverless in a lot of their architecture, it's what drives a lot of their analytics on the inside. Coming into the show, Google Cloud Functions is alpha. So we expect them to move that forward, but we will see with the announcements come tomorrow. But you would think if they're, try to stay that leadership though there, I actually got a statement from one of the guys that work on the Serverless, and Google believes that for functions, that whole Serverless, to really go where it needs to be, it needs to be open. Google isn't open sourcing anything this week, as far as I know. But they want to be able to move forward-- >> And they're doing great at open source. And I think one of the things, that not to rush to judgment on Google, and no one should, by the way. I mean, certainly, we put out our analysis, and we stick by that, because we know the enterprise pretty well, very well actually. So the thing that I like is that there are new use cases coming out. And we had someone who came on theCUBE here, Tarun Thakur, who's with Datos, datos.io. They're reimagining data backup and recovery in the Cloud. And when you factor in IoT, this is a paradigm shift. So I think we're going to see use cases, and this is a Google opportunity, where they can actually move the goal post a bit on the market, by enabling these no-use cases, whether it's something as, what might seem pedestrian, like backup and recovery, reimagining that is huge. That's going to take impact as the data domains of the world, and what not, that (mumbles). These new uses cases are going to evolve. And so I'm excited by that. But the key thing that came out of this, Stu, and this is where I want to get your reaction on is, Multicloud. Clearly the messaging in the industry, over the course of events that we've been covering, and highlighted today on Google Next is, Multicloud is the world we are living in. Now, you can argue that we're all in Amazon's world, but as we start developing, you're starting to see the emergence of Cloud services providers. Cloud services providers are going to have some tiering, certainly the big ones, and then you're going to have secondary partner like service providers. And Google putting G Suite in the mix, and Office 365 from Microsoft, and Oracle put in their apps in their Clouds stuff, highlights that the SaaS market is going to be very relevant. If that's the case, then why aren't we putting Salesforce in there, Adobe? They all got Clouds too. So if you believe that there's going to be specialism around Clouds, that opens up the notion that there'll be a series of Multicloud architectures. So, Stu-- >> Stu: Yeah so, I mean, John, first of all-- >> BS? Real? I mean what's going on? >> Cloud is this big broad term. From Wikibon's research standpoint, SaaS, today, is two-thirds of the public Cloud market. We spend a lot of time talking-- >> In revenue? >> In revenue. Revenue standpoint. So, absolutely, Salesforce, Oracle, Infor, Microsoft, all up there, big dollars. If we look at the much smaller part of the world, that infrastructures a service, that's where we're spending a lot of time-- >> And platforms a service, which Gartner kind of bundles in, that's how Gartner looks at it. >> It's interesting. This year, we're saying PaaS as a category goes away. It's either SaaS plus, I'm sorry, it's SaaS minus, or infrastructure plus. So look at what Salesforce did with Heroku. Look at what company service now are doing. Yes, there are solutions-- >> Why is PaaS going away? What's the thesis? What's the premise of that for Wikibon research? >> If we look at what PaaS, the idea was it tied to languages, things like portability. There are other tools and solutions that are going to be able to help there. Look at, Docker came out of a PaaS company, DockCloud. There's a really good article from one of the Docker guys talking about the history of this, and you and I are going to be at Dockercon. John, from what I hear, we're going to spending a lot of time talking about Kubernetes, at Dockercon. OpenStack Summit is going to be talking a lot about-- >> By the way, Kubernetes originated at Google. Another cool thing from Google. >> All right, so the PaaS as a market, even if you talk to the Cloud Foundry people, the OpenShift people. The term we got, had a year ago was PaaS is Passe, the nice piffy line. So it really feeds into, because, just some of these categorizations are what we, as industry watchers have a put in there, when you talk to Google, it's like, "Well, why are they talking about G Suite, "and Google Cloud, and even some of their pieces?" They're like, "Well, this is our bundle "that we put together." When you talk to Microsoft, and talk about Cloud, it's like, "Oh, well." They're including Skype in that. They're including Office 365. I'm like, "Well, that's our productivity. "That's a part of our overall solutions." Amazon, even when you talk to Amazon, it's not like that there are two separate companies. There's not AWS and Amazon, it's one company-- >> Are we living in a world of alternative facts, Stu? I mean, Larry Ellison coined the term "Fake Cloud", talking about Salesforce. I'm not going to say Google's a fake Cloud, cause certainly it's not. But when you start blending in these numbers, it's kind of shifting the narrative to having alternative facts, certainly skewing the revenue numbers. To your point, if PaaS goes away because the SaaS minuses that lower down the stack. Cause if you have microservices and orchestration, it kind of thins that out. So one, is that the case? And then I saw your tweet with Sam Ramji, he formally ran Cloud Foundry, he's now at Google, knows his stuff, ex-Microsoft guy, very strong dude. What's he take? What's his take on this? Did you get a chance to chat with Sam at all? >> Yeah, I mean, it was interesting, because Sam, right, coming from Cloud Foundry said, what Cloud Foundry was one of the things they were trying to do, was to really standardize across the clouds. And of course, little bias that he works at Google now. But he's like, "We couldn't do that with Google, "cause Google had really cool features. And of course, when you put an abstraction layer on, can I actually do all the stuff? And he's like, "We couldn't do that." Sure, if you talked to Amazon, they'll be like, "Come on. "Thousand features we announced last year, "look at all the things we have. "It's not like you can just take all of our pieces, "and use it there." Yes, at the VM, or container, or application microservices layer, we can sit on a lot of different Clouds, public or private. But as we said today, the Cloud is not a utility. John, you've been in this discussion for years. So we've talked about, "Oh, I'm just going "to have a Cloud broker, "and go out in a service." It's like, this is not, I'm not buying from Domino's and Pizza Hut, and it's pepperoni pizza's a pepperoni pizza. >> Well, Multicloud, and moving workloads across Clouds, is a different challenge. Certainly, I might have to some stuff here, maybe put some data and edge my bets on leveraging other services. But this brings up the total cost of ownership problem. If you look at the trajectory, say OpenStack, just as a random example. OpenStack, at one point, had a great promise. Now it's kind of niched down into infrastructural service. I know you're going to be covering that summit in Boston. And it's going to be interesting to see how that is. But the word in the community is, that OpenStack is struggling because of the employment challenges involved with it. So to me, Google has an opportunity to avoid that OpenStack kind of concept. Because, talking about Sam Ramji, open source is the wildcard in all of this. So if you look at a open source, and you believe that that PaaS layer's thinning down, to infrastructure and SaaS, then you got to look at the open source community, and that's going to be a key area, that we're certainly watching, and we've identified, and we've mentioned it before. But here's my point. If you look at the total cost of ownership. If I'm a customer, Stu, I'm like, "Okay, if I'm just going to move to the Cloud, "I need to rely and lean on my partner, "my vendor, my supplier, "Amazon, or Google, or Microsoft, whoever, "to provide really excellent manageability. "Really excellent security. "Because if I don't, I have to build it myself." So it's becoming the shark fin, the tip of the iceberg, that you don't see the hidden cost, because I would much rather have more confidence in manageability that I can control. But I don't want to have to spend resources building manageability software, if the stuff doesn't work. So there's the issue about Multicloud that I'm watching. Your thoughts? Or is that too nuance? >> No, no. First of all, one of the things is that if I look at what I was doing on premises, before versus public Cloud, yes, there are some hidden costs, but in general I think we understand them a little bit better in public Cloud. And public Cloud gives us a chance to do a do-over for this like security, which most of us understand that security is good in public Cloud. Now, security overall, lots of work to do, challenges, not security isn't the same across all of them. We've talked to plenty of companies that are helping to give security across Clouds. But this Multicloud discussion is still something that is sorting out. Portability is not simple, but it's where we're going. Today, most companies, if I'm not really small, have some on-prem pieces. And they're leveraging at least one Cloud. They're usually using many SaaS providers. And there's this whole giant ecosystem, John, around the Cloud management platforms. Because managing across lots of environment, is definitely a challenge. There's so many companies that are trying to solve them. And there's just dozens and dozens of these companies, attacking everything from licensing, to the data management, to everything else. So there's a lot of challenges there, especially the larger you get as a company, the more things you need to worry about. >> So Stu, just to wrap up our segment. Great day. Wanted to just get some color on the day. And highlighting some parody from the web is always great. Just got a tweet from fake Andy Jassy, which we know really isn't Andy Jassy. But Cloud Opinion was very active to the hashtag, that Twitter handle Cloud Opinion. But he had a medium post, and he said, "Eric Schmidt was boring. "Diane Greene was horrible. "Unfortunately, day one keynote were missed opportunity, "that left several gaps, "failed to portray Google's vision for Google Cloud. "They could've done the following, A, "explain the vision for the Cloud, "where do they see Google Cloud going. "Identify customer use cases that show samples "and customer adoption." They kind of did that. So discount that. My favorite line is this one, "Differentiate from other Cloud providers. "'We're Google damn it,' isn't working so well. "Neither is indirect shots as S3 downtime, "didn't work either as well as either. "Where is the customer's journey going? "And what's the most compelling thing for customers?" This phrase, "We're Google damn it," has kind of speaks to the arrogance of Google. And we've seen this before, and always say, Google doesn't have a bad arrogance. I like the Google mojo. I think the technology, they run hard. But they can sometimes, like, "Customer support, self-service." You can't really get someone on the phone. It's hard to replies from Google. >> "Check out YouTube video. "We own that too, don't you know that?" >> So this is a perception of Google. This could fly in the face, and that arrogance might blow up in the enterprise, cause the enterprises aren't that sophisticated to kind of recognize the mojo from Google. And they, "Hey, I want support. "I want SLAs. "I want security. "I want data flexibility." What's your thoughts? >> So Cloud Opinion wrote, I thought a really thoughtful piece leading up to it, that I didn't think was satire. Some of what he's putting in there, is definitely satire-- >> John: Some of it's kind of true though. >> From the keynote. So I did not get a sense in the meetings I've been in, or watching the keynote, that they were arrogant. They're growing. They're learning. They're working with the community. They're reaching out. They're doing all the things we think they need to do. They're listening really well. So, yes, I think the keynote was a missed opportunity overall. >> John: But we've got to give, point out that was a teleprompter fail. >> That was a piece of it. But even, we felt with a little bit of polish, some of the interactions would've been a little bit smoother. I thought Eric Schmidt's piece was really good at end. As I said before, the AI discussion was enlightening, and really solid. So I don't give it a glowing rating, but I'm not ready to trash it. And tomorrow is when they're going to have the announcements. And overall, there's good buzz going at the show. There's lots going on. >> Give 'em a letter. Letter grade. >> For the keynote? Or the show in general? >> So far, your experience as an analyst, cause you had the, again, to give them credit, I agree with you. First analyst conference. They are listening. And the slideshow, you see what they're doing. They're being humble. They didn't take any real direct shots at its competitors. They were really humble. >> And that is something that I think they could've helped to focus one something that differentiated a little bit. Something we had to pry out of them in some of the one-on-ones, is like, "Come on, what are you doing?" And they're like, "We're winning 50, 60% of our competitive deals." And I'm like, "Explain to us why. "Because we're not hearing it. "You're not articulating it as well." It's not like we expect them, it's like, "Oh wait, they told us we're arrogant. "Maybe we should be super humble now." It's kind of-- >> I don't think they're thinking that way. I think my impression of Google, knowing the companies history, and the people involved there, and Diane Greene in particular, as you know from the Vmware days. She's kind of humble, but she's not. She's tough. And she's good. And she's smart. >> And she's bringing in really good people. And by the way, John, I want to give them kudos, really supported International Women's Day, I love the, Fei-Fei got up, and she talked about her, one of her compatriots, another badass woman up there, that got like one of the big moments of the keynote there. >> John: Did they have a woman in tech panel? >> Not at this event. Because Diane was there, Fei-Fei was there. They had some women just participating in it. I know they had some other events going on throughout the show. >> I agree, and I think it's awesome. I think one of the things that I like about Google, and again, I'll reiterate, is that apples and oranges relative to the other Cloud guys. But remember, just because Amazon's lead is so far ahead, that you still have this jocking of position between the other players. And they're all taking the same pattern. Again, this is the same thing we talked about at our other analysis, is that, certainly at re:Invent, we talked about the same thing. Microsoft, Oracle, IBM, and now Google, are differentiating with their apps. And I think that's smart. I don't think that's a bad move at all. It does telegraph a little bit, that maybe they got, they could add more to show, we'll see tomorrow. But I don't think that's a bad thing. Again, it does make the numbers a little messy, in terms of what's what. But I think it's totally cool for a company to differentiate on their offering. >> Yeah, definitely. And John, as you said, Google is playing their game. They're not trying to play Amazon's game. They're not, Oracle's thing was what? You kind of get a little bit of the lead, and kind of just make sure how you attack and stay ahead of what they're doing, going to the boating analogy there. But Google knows where they're going, moving themselves forward. That they've made some really good progress. The amount of people, the amount of news they have. Are they moving fast enough to really try to close a little bit on the Amazon's world, is something I want to come out of the show with. Where are customers going? >> And it's a turbulent time too. As Peter Burris, our own Peter Buriss at Wikibon, would say, is a turbulent time. And it's going to really put everyone on notice. There's a lot to cover, if you're an analyst. I mean, you have compute, network storage, services. I mean, there's a slew of stuff that's being rolled out, either in table stakes for existing enterprises, plus new stuff. I mean, I didn't hear a lot of IoT today. Did you hear much IoT? Is there IoT coming to you at the briefing? >> Come on. I'm sure there's some service coming out from Google, that'll help us be able to process all this stuff much faster. They'll just replace this with-- >> So you're in the analyst meeting. I know you're under NDA, but is there IoT coming tomorrow? >> IoT was a term that I heard this week, yes. >> So all right, that's a good confirmation. Stu cannot confirm or deny that IoT will be there tomorrow. Okay, well, that's going to end day one of coverage, here in our studio. As you know, we got a new studio. We have folks on the ground. You're going to start to see a new CUBE formula, where we have in-studio coverage, and out in the field, like our normal CUBE, our "game day", as we say. Getting all the signal, extracting it from that noise out there, for you. Again, in-studio allows us to get more content. We bring our friends in. We want to get the content. We're going to get the summaries, and share that with you. I'm John Furrier, Stu Miniman, day one coverage. We'll see you tomorrow for another full day of special coverage, sponsored by Intel, two days of coverage. I want to thank Intel for supporting our editorial mission. We love the enterprise, we love Cloud, we love big data, love Smart Cities, autonomous vehicles, and the changing landscape in tech. We'll be back tomorrow, thanks for watching.