>> Announcer: Live from Nashville, Tennessee, it's theCUBE. Covering Commvault GO 2018. Brought to you by Commvault. >> Welcome back to Nashville, Tennessee. This is Commvault GO, and you are watching theCUBE. I'm Stu Miniman, with my co-host Keith Townsend. Happy to welcome to the program, this is a user conference, so we love digging in with the users. I've got David Mccurdy, who's the CTO from the great state of Colorado. Thanks so much for joining us. >> Great to be here. It's a great event, I'm happy to be here. We're here to evangelize the great work Colorado's been doing, with Commvault, and just in general. >> Alright great, so we're from Chicago, Boston, and Colorado, Denver. So we're not going to talk football, but tell us a little bit about, you know, you're CTO, love talking to the CTOs. What's your technology charter? Give us a little bit of the thumbnail, as to kind of, you know, what divisions you support, how many people you have, that sort of thing. >> Yeah, so the way the state's set up is I work underneath the Governor. We're an office of the Governor, so it's actually the Governor's Office of Information Technology. We support all the traditional branches of government, that people think of, in terms of agencies, like the Department of Health and Human Services, Medicaid, Department of Corrections, DMV, Department of Revenue. So all the big agencies all fall under our department. And then about 800 of the 900 staff inside of OIT report to me directly. And that's all the infrastructure and application stacks, all the strategy. Chief Data office, Chief Transformation office. A lot of responsibility, lots of fun, lots of long weekends, but it's been a good row for the last four years. >> David before we dig into some of the data protection stuff, I love, you talk about innovation. You talk about technology transformation. First of all, IT in general, and government specifically, often get, you know, labeled with the, oh well they do things the old way, and they've got no budgets, and they never make any changes. I've had some great case studies. I've talked with people in roles like yours, so give us a little bit of, what's it like to be working under state government this day and age, with 2018, with technology. >> It's very exciting. It's very exciting to work for Colorado specifically. I don't know if it translates to all other states. I've talked to other CIOs and CTOs around the country, but we have a very supportive governor. He just announced his campaign to run for president, maybe, we'll see how that goes. But outside of that, he's very innovative. He took a business trip to Israel, came back, and set up a cyber security lab in the state, because he thinks there's a major need for more cyber security and those disciplines. In Colorado, today, we're running negative 14% unemployment for security jobs, so it's just, huge opportunity. Outside of that, my boss, Suma Nallapati, is state CIO. Right underneath him, is all about innovation. How can we make Colorado number one in everything we do. And that's really the goal. What the governor said, the way he talks about technology, he wants technology to be elegant. That's not word you hear a lot. But when you think about that and apply it to technology, there's a very specific outcome you're trying to get out of that. >> Alright, well David, at this show, we're all talking about data. And everybody's, you know, it's what can I do with my data? And how do I make sure that things don't get wrong? Well, anybody that's been in the IT for a while is, Murphy's Law sometimes does play out. So you've actually had a couple of experiences. Some good things you've learned, but some challenges that you had, maybe share with us what happened. >> Yeah, I mean one of the things I'm here to talk about is we kicked off an initiative called Backup Colorado. And what it was is, it was consolidating all the backup and recovery services for all those agencies I just named, plus some more, right. Monster project, monster task. It was all born out of a major data failure the state had. We were a fairly new organization. We were immature. We were still running things in a siloed environment. Most of the country, most large organizations have gone down the IT consolidation path. We were a few years down the road, and we got hit with a major data loss event. And it was specific to marijuana data, which makes some people smile, some people frown, but it's a very interesting topic. It wasn't interesting to lose customer data though. I don't care if you're a private organization, or a public organization, this was real data loss. And it highlighted the need for a focused approach to solving those problems. So we went about just kind of transforming the whole space. First, put a proposal on the table. Going to the general assembly. Going to the Governor saying, this is what we need to do. They signed off on it, and then we implemented it, right. We got tens if not hundreds of people together around the state. We coordinated agencies. We got people on board that didn't want to be on board. They liked the silo approach. They liked their agencies doing their own thing. But you can't do anything right 16 different ways. You don't have to do it one way, but it can't be 16. But we took a standardized approach, and we worked with Commvault as our partner to deploy a complete backup and recovery system for the state. Highly successful project. Rolled out, standardized. Everything you could want. While we're doing that, we are completely changing our application and infrastructure stacks. We are consolidating all of our servers into three data centers in the state. We're bursting into the cloud. We're replatforming on software, the service. You know, all those. I'm responsible for each one of those stacks. My guidance was just go and change the world, right. In a very non-senile way, we went out there, and we were like, how can we do this thoughtfully. How can we do it, but push, blaze new trails, that type of thing. And the story that I've been sharing is, we got to see the end results of that. What kicked it off, was a public disaster, but the state was hit with a ransomware attack. Very targeted, very coordinated. They hit one of our larger agencies. We had good security in place, but there's always stuff that can happen, as you've kind of eluded to. And because of this project, because of the team coordinated effort, because of the technology, because of the stuff we were leveraging, we were able to bring that agency back whole. Which a lot of organizations cannot say. A lot of the technologies cannot say, with as many systems that were impacted for the time period they were, to bring that agency back whole, and actually have the executive director of that agency, doing very similar conversations as we're doing now. How can dots around the country, roll out a plan very similar to this? >> Well David, people process technology, you guys are changing processes, you're changing technology, extremely disruptive. Talk about the impact on your people. What mindset, or what changes did you have to make organization wide. 800 people was a lot of people to get in line. What did you start, what did you do? What was successful, well not so much. >> Well first I had to get my customers on board, right. And compelling events helped bring customers on board. I don't think that's the best way of doing it, but always leverage a compelling event. In this case, we had a compelling event. We had the onus from our executive branch and a legislative branch. So we had the hammer if we needed it to get it done. The team actually came together. We ran a very successful RFP. We baked off competitors in the space. And it was a beautiful thing to see all my server engineers, all my desktop guys, all my database guys and gals comin' in and working together to make this project happen. I didn't have to sell them on it. They came to me and said, we think this is the best technology stack for the state. When I recognized, when I heard them, they all got on board and we were able to roll it out. And so I think it was that team approach, not top down, but you know, let's all come together and find the right thing for the state. I think that was why it was so successful. It was a team approach, and we had executive buy in, we were able to get it done. >> You talked about how Commvault helped with that transition, 16 different backup products, if the state was like any other organization, there's at least 15, 16 different backup products, people like what they use. And transitioning to something new requires training, support. How did Commvault help you guys in that transition? >> You know, they were a great partner, all the way through the RFP process, to bringing it in and doing training. We have a big thing at the state, the technology stack, we do luncheon learns, so there's lots of training. Commvault brought a lot of resources. We had engineers specifically assigned from Commvault to help with the project, the roll out, and then the transition. So a very effective partner, in terms of helping us along the way. It never helps to have that kind of hammer, as I said before, to push it forward. I really couldn't have asked for anything more. I spoke a little bit about this the other day. When we had this compelling event with the ransomware this year, I picked up the phone, and I got an answer right away. And I said we're going to need you once again. And they showed up. Commvault showed up. The great thing was, we didn't need them, right. My engineers had an effective turnover and training. They got the initial alerts before anybody did, before any of our security groups, anybody, Commvault detected this ransomware really before any of my tool suites because of the way it came into our organization. Which was kind of cool. But just in general, a great partnership. They were there all the way through the recovery of CDOT as support for our team. Really weren't needed just because of the effective transition. >> That's an interesting point. You talk about, you would think it would be the security tool that would be alerting you. Commvault and companies like it, sit in an interesting position. You've got data, you've got metadata. That surprise you that that was the tool that helped alert you in the first? >> Shocked me, shocked me, right. I mean we spent a lot of money building stacks of tools to protect the state, and very effective tools. There's nothing against those tool suites specifically. We were actually rolling out another tool that week that ultimately would've prevented it. That being said, stuff happens and the way this ransomware came in, bypassed that visibility. But Commvault, looking at our backups every night, taking differentials of 'em, saw encrypted files on disk, sent out an alert. The teams knew exactly what to do. Got executives on the phone. Got security ops on the phone. And it kicked off from there, so yeah, shocked, you know, happy that we caught it. Not the way I would have wanted, but that's why you've got layers of security. That's why you've got layers of teams to support each other. >> So specifies, outside of the support capability that Commvault provided and one, helping you guys get alerted to the event, and then the support reacting to the event, talk to us. What did they take to recover from the event? Was this a multi-month thing? Multi-week, multi-hour? How did you guys recover and how much did you recover? >> It took us a little over a month to recover. It's actually a great conversation maybe for another time. But building a structure in an open attack. Like when you have a coordinated resources from other countries, trying to do the United States, or the state of Colorado harm, the first thing you're going to do is make sure they're outside of your environment. So for about the first two weeks, we had everybody from the National Guard to the Defense Department there, helping us evaluate the situation. Getting it to a place where we felt comfortable bringing the department back up. Once we reached that point, and there is never a clear line in the sand. There's a role for the CIO and the CTO in that place to say, hey, now's time we've done everything we can and then we've very methodically started bringing desktops online and servers online. And Commvault played a huge role in that as well as some other vendors. But, in all, we restored about 192 servers. Some were infected, some weren't, but just from a sensibility stake, we wanted to go back to clean backups, clean restores, a place where the customer felt comfortable. We were able to do it in a way that there was no data loss to the customer or at least manage data loss. Meaning, in some cases, their systems, they wanted to go really back on, because their data didn't change very much in there. My biggest pinpoint in this whole process is, I want to bring that department up much faster, right. There's two sides that you're looking at: How do you protect the department in the short term? And how do you protect them in the long term? So I had to look at both sides of it. Very interesting experience. Don't wish it on anybody. >> David, last thing I want to ask is, the role of data, how do you, inside the state of Colorado, look at the role of data and the changing role of data? And if you look at Commvault, they are really expanding where they play. They're playing in multi-cloud. They've got artificial intelligence helping them. They're helping with governance and compliance. How do you see them lined up? Where do you see your relationship going with them in the future? >> Well, obviously, I like to stay with partners that take care of me, so there's obviously an affinity there, in terms of how they've helped the state in the last year. The data is really two parts, the agencies data, and then the resident, and the customers of the state of Colorado's data, right. So you first got to look at who owns and who is the steward of the data. And as IT for the state, our role is protecting that data, both in the short and long term. But as it becomes more and more of an asset, and we all know data is an asset today, it's almost the most critical asset. So protecting it is just as important as how you're going to innovate with it. So we are very excited about how we're going to be leveraging data in the future. Some of the issues we're talking about, the Department of Transportation wants to take their data for Road X and change how people drive. You know, very similar as to how you may use Waze and stuff like that. The DOTs around the country want to take that data and leverage it all over the place. So you're not only taking an asset that was leveraged for a very different purpose 10 years ago and completely transforming industries, you're doing that all across state government, right. The impetus, the need for protecting it, using it, I'm very excited with where they're going and how they look at data, Commvault specifically. I had a great conversation with our CTO last year about, I'm storing all this data on FASTDISK anyway. Why can't I use this as a data lake? How can I get metadata for your customers? How can I take this in places where maybe the founders of this company didn't even envision 20 years ago. It's very exciting how they're looking at the technology and where they can take it. AI is one of my focus areas for the year. I'm going to listen to everybody's pitch and I'm going to choose the right ones, because I do think it's transformative. If they can do it correctly and ultimately lessen the burden on IT, that's what we're looking for, right. That's what AI should bring to the table, is the ability for IT to do more with less. So that's what we're looking for and I'm excited what they're going to do with it. >> Alright, well David Mccarthy, we really appreciate you joining us, sharing your story. For Keith Townsend, I'm Stu Miniman. We'll be back with more coverage here from Commvault GO in Nashville, Tennessee. Thanks for watching theCUBE. >> David: Thank you. (lively tech music)

(relaxing music) >> Hello everyone and welcome back to theCUBE's continuing coverage of AWS re:Invent. My name is Savannah Peterson and I am absolutely thrilled for this segment. We are joined by leaders at Cisco AppDynamics as well as Royal Caribbean. The two have been working together for over five years, leveraging full stack observability. We're going to dig in, but first of all please welcome Alice from Royal Caribbean and Greg from Cisco AppDynamics to the show. Hey friends. >> Hi. How are you doing? >> I'm excited, clearly. How are you doing, Greg? >> I'm doing fantastic. Thanks for having me on the show today. >> Hey, it's our, it is absolutely our pleasure. Alice, I have to start with you. I don't think there are too many industries that have gotten as much coverage as cruising has over the last couple of years. You've been working with Royal Caribbean for over a decade so you've seen it through the stormy seas of the pandemic, if you will. What has the last few years and the last few months been like for you? >> You know, it's really been a wild ride. To your point, we were sailing high, and then I don't think any other industry experienced what we did in COVID, that you walked in one day and then that day the whole industry shut down. So it was a big challenge for us. And then as soon as we shut down and we weathered the storm with COVID, then we had what we called our healthy return to service. So as quickly as it stopped, we had to start sailing again. So it's really been a challenge but we're happy to be back on our feet and heading in the right direction now. >> I really hope we can continue the sailing metaphors throughout the course of this interview. And you nailed that for a segment, Alice, I'm so here for it. I want to talk about how you've worked together but I want to give Greg a second to chime in here. So, Greg, you're the executive CTO at Cisco AppDynamics. How have you and the team weathered the last two and a half years? >> Well, you know, it's interesting, the pandemic really brought together an interesting conundrum, right? So on one hand, you had, you know, the consumers, the end users that became very reliant on digital services. They had a function in a way that was very performing, right? So, 84% of the respondents that we had come back through a report called the App Attention Index, came back and said that digital services were really instrumental for them to get back to some level of normalcy. But the interesting part that came about that is that out of those respondents, 60% of them blamed the brand if the application did not work the way they expected it. So they didn't really care about the complex- >> Wow. >> In the back end, right? So when you look at- >> Yeah. >> You look at the shift in the IT department, the IT department had to go out and quickly innovate. Quickly start to introduce new services, which ultimately brought together a sprawl in their technology stack. So, when you're adding to it you're not taking things away, you're continuously growing. So finding that the problems or the root cause of an application issue became more difficult. So that's where, you know, from a Cisco AppDynamics perspective, you know we're one of the leading observability and application performance monitoring tools. So, we help customers like Royal Caribbean to be able to zero in on root cause and ensure that their end users have that best experience. >> It's, I'm smiling as someone who was a former waitress and I can remember the amount of times I was scolded for something that happened that was far out of my control in the complex layers of the kitchen. (Greg laughs) And I think that anyone who's had a poor customer experience while interacting with a brand may or may not intentionally, you know, I think it's actually sometimes very unintentional to your point, get frustrated with said brand. I can imagine that is an experience and a priority that you have at Royal Caribbean, Alice. How has full stack observability played a role in your team's ability to serve the customers and keep your community engaged during this very kind of wobbly time? >> Yeah, you know, we have really worked hard to improve and remove friction from our guest vacation. And we want to keep them on vacation and having a great time. You know, we say we don't really sell a cruise. We sell an experience. So we use AppDynamics to monitor those key applications that our guests are interacting with to ensure that they're having that experience that we expect. You know, we've learned that just because a system or a server says, hey I'm up 99% of the time, that doesn't mean that my guests are experiencing that same type of stability, you know? So once again, we really worked well with AppDynamics. They've partnered with us to ensure that, you know, our guests are getting that vacation experience they're looking for. >> Do you think, just a follow up there, do you think that you would have advanced in the ways that you have working with Cisco AppDynamics and across functions over the last few years, without this crunch? Was necessity the mother of invention for you to any degree? >> You know, I don't think that the crunch brought it on 'cause we, like I said, we started this journey back in 2017. And we're not unlike a lot of companies where we're on this maturity ride where we want to go from being reactive, where our guests are telling us something is broken, to being preventive. Definitely, you know, COVID played into this because I think we learned to do less, you know, more with less. So, you know, it's very hard in the cruise industry. We did take a hit but we were able to use the AppDynamics tools to ensure that our systems were running with having less people also watching those systems. So less eyes on glass, more automation. >> And that's more stability, more credibility, and more transparency is definitely something that we're all looking forward. And it's nice to see that implemented, especially at scale when you're dealing with so many customers from all over the world trying to access your service and wanting that personalized experience. Greg, what does it feel like for you as a leader to hear someone like Alice say how powerful your tool has been in ensuring that customer experience? >> Yeah, that's, you know, it's absolutely fantastic. And especially, you know, Alice is absolutely right. You know, the cruise industry was really, had a very unique challenge in front of them. And I really applaud the folks at Royal Caribbean for stepping up to make sure that when the pandemic eased, so to speak, that the experience to the customer was actually even better, right? So when we were able to work and partner together to make sure that, you know, the user experience is topnotch, the availability's there, the resiliency of their platform is there. So, by working with customers like Royal Caribbean is really one of the shining stars that we can talk about that really helped make a big difference in, you know that post pandemic era to be able to really do what's right for the customer. >> How often are you engaging with customers like Alice as a team? How big is that feedback in your product roadmap? >> Oh, personally, I'm engaged with customers on a daily basis. And I see it across the map from many different industries. And, you know, a lot of folks had different challenges, but the ultimate commonality that I've seen across, you know, multiple industries is that, you know, when we're in that pandemic state, digital services were the only way that their customers were interacting with them. So, you know, when you're looking at a bank or you're looking at, you know, different types of travel agencies and organizations that, you know like Royal Caribbean as well, that really had that opportunity to focus on what's the most valuable thing to them which is user experience. It's a very, very common trend that we saw. And, you know, you see an expedited path of digital transformation happen. And really that's where we partner with, you know, customers like Royal Caribbean and many others across different industries to make sure that the business outcomes were being driven towards the proper direction as well as that, you know, the user experience. And I don't think I can emphasize user experience as being so critically important, anymore than I already have. But it's really one of the most valuable currencies most organizations have. >> One of my favorite lines is community is your first defensible asset. And you know, you can talk about user experience as much as you want on here, at the end of the day. If people aren't having a positive interaction with your brand or your product, it's probably not going to last super long unless it's legacy. And we don't have to go down that rabbit hole today. >> Especially if I can add, there's a lot of competition there. >> Of course. >> Right? There's a lot of competition out there. So if your applications do not perform or your digital services do not perform the end user has the quick ability to just quickly delete and move on. And the same thing with what Alice sees in the cruise industry, you know. You have an opportunity to rise to the top and I really applaud them for taking advantage of that opportunity. >> Yeah. Well, I'm here for both of you cheering each other on. Certainly, the water level rises together. >> That's right. >> Alice, what sort of challenges are you taking on currently that you're able to disclose? What sort of leaps do you think or it doesn't have to be leaps, but what kind of experience are you hoping to continue to enhance for Royal Caribbean customers? >> You know, right now, you know with our current connectivity it's all about managing that bandwidth. You know, we're hoping to go to that state where bandwidth isn't at a high cost. So now we're going to be even able to watch our user interaction more from ship to shore. You know, and we're maybe moving to that area where we're thinking cloud first from a shift. If you think about it, we've got 50 plus data centers floating around the world. So that connectivity is key. Now we're opening up that bandwidth. Now I need to see how the transactions are performing as we come off ship. You know, with that, once again, that cloud first mentality. It's a super exciting time for us. And I really see, you know, AppD is going to play a role in that. >> I love that visual just for a second of 50 data centers with also, surrounded by people having a very wonderful time on board. What a nice thought. I can't say that every data center I've ever been to is as glamorous, fun or sexy as being on a Royal Caribbean ship. However, I hope that we move perhaps in that direction. We were just at Super Computing a few weeks ago and it was great to see all the hardware there. So you never know. What role do you see yourself and the team and Cisco AppDynamics playing in that future for companies like Royal Caribbean, Greg? >> You know, it's really, it's really staying right lockstep with our customers as they move through that digital transformation efforts. The key piece is that we look at it from that full stack view. So we offer full stack observability, which, you know, if you look at the challenges that we want to go after. Traditional IT departments were historically siloed pretty significantly between, you know network and infrastructure, security, app dev. So I mean, ensuring that we can get our customers to be able to have that common view that shows what's the real important pieces across all domains. So when they start moving down the path of digital transformation, that's an opportunity to also revamp how their processes are, the people interact and the technology that they use to be able to deliver the proper business outcomes. So we talk a lot with our customers around full stack observability, but the key part is business context. So if you have a big effort for digital transformation, you're starting to add new services to it. How do you know if it's actually impacting the business in a positive or negative way? So by us implementing the business context to ensure that you understand the investments being made, that you can show to your business leaders, is showing an uptake in the business outcomes you're going after. It's really, really about a strong partnership with our customers. But also ensuring that their business is being positively impacted by our technology to be able to help them really align the teams and be able to have the right desired outcomes. >> I love that Greg and I love that customer first, that community first attitude. It's something that you both share. Final question for the two of you. And I'm going to start with you, Alice, since I suspect you've probably been on more cruises than Greg and I combined. Though I could be making a wild assumption. Where are you cruising to next? >> You know, I just got off a cruise. So next stop, I want to revisit the Galapagos. I think the Galapagos is the best place to go. And if you haven't done it that's absolutely where you should go. >> Oh, it's a beautiful trip. Greg, have you ever done the Galapagos? Is that going to be your next Royal Caribbean cruise? >> I have never done the Galapagos, but that may just have made it to my list. >> Fantastic. Well, I second Alice's endorsement on that. I had the pleasure of going about a decade ago. Very magical place that teaches you a lot about nature. Much like the two of you have taught us very extensively about full stack observability, how it applies to user experience, customer experience and the ocean that I am currently staring at here in Pacifica, California. Alice, thank you so much for joining us from Miami. Greg, to you in Colorado. I hope that you both continue to work in harmony together and that we can all see each other on the friendly seas soon. Thank you all for tuning in to our AWS re:Invent coverage. This is theCUBE. My name's Savannah Peterson. And we look forward to seeing you for our next segment. (relaxing music)

>>Hello everyone and welcome back to The Cube's Continuing coverage of AWS Reinvent. My name is Savannah Peterson and I am absolutely thrilled for this segment. We are joined by leaders at Cisco App Dynamics, as well as Royal Caribbean. The two have been working together for over five years, leveraging full stack observability. We're gonna dig in, but first of all, please welcome Alice from Royal Caribbean and Greg from Cisco App, app Dynamics to the show. Hey friends. >>Hi. How are you doing? >>I'm excited, clearly. How are you doing, Greg? >>I'm doing fantastic. Thanks for having me on the show today. >>Hey, it's our, it is absolutely our pleasure. Alice, I have to start with you. I don't think there are too many industries that have gotten as much coverage as cruising has over the last couple of years. You've been working with Royal Caribbean for over a decade, so you've seen it through the stormy seas of the pandemic, if you will. What has the last few years and the last few months been like for you? >>You know, it's, it's really been a wild ride. To your point, we were sailing high and then I don't think any other industry experience what we did in Covid, that you walked in one day and then that day the whole industry shut down. So it was a, it was a big challenge for us. And then as soon as we shut down and we weathered the storm with Covid, then we have what we called our healthy and return to service. So as quickly as it stopped, we had to start sailing again. So it's, it's really been a challenge, but we're happy to be back on our feet and heading in the right direction now. >>I, I really hope we can continue the sailing metaphors throughout the course of this interview. And you, you nailed that for a segment. Alice, I'm, I'm, I'm so, I'm so here for it. I, I, I wanna talk about how you've worked together, but I wanna give Greg a second to chime in here. So Greg, you're the executive CTO at Cisco App Dynamics. How, how have you and the team, whether the last two and a half years? >>Well, you, you know, it's interesting, the, the pandemic really brought together an interesting conundrum, right? So on, on one hand, you had, you know, the, the, the consumers, the end users that became very reliant on digital services. They had a function in a way that was very performing, right? So, 84% of the respondents that we had come back through a report called the App Attention Index, came back and said that digital services were, were really instrumental for them to, to get back to some level of normalcy. But the interesting part that came about that is that out of those respondents, 60% of them blame the brand if the, if the application did not work the way they expected it. So they didn't really care about the, it's in the back end, right? So when you look at, yeah, you look at the shift in the IT department, the IT department had to go out and, and quickly innovate, quickly start to introduce new services, which ultimately brought together a, a sprawl in their technology stack. So when you're adding to it, you're not taking things away, you're continuously growing. So finding that that, that the problems or the, the root cause of an application issue became more difficult. So that's where, you know, from an app, Cisco AppDynamics perspective, you know, we're one of the leading observability and app application performance monitoring tools. So we help customers like Ro Caribbean to be able to zero in on root cause and ensure that their end users have that best experience. It's, >>It's, it's, I I'm smiling as someone who was a, a former waitress and I can remember the amount of times I was scolded for something that happened that was far out of my control and the complex layers of the kitchen. And I think that, that anyone who's, who's had a, a poor customer experience while interacting with a brand may or may not intentional, I think it's actually sometimes very unintentional to your point, get frustrated with said brand. I can imagine that is an experience and a priority that you have at Royal Caribbean. Alice, how, how has Full Stack Observability played a role in your, in your team's ability to, to serve the customers and your, and keep your community engaged during this, this very kind of wobbly time? >>Yeah, you know, we have, have really worked hard to improve and remove friction from our guest vacation. And we wanna keep them on vacation and having a great time. You know, we say we don't really sell a cruise. We sell an experience. So we use App AppDynamics to monitor those key applications that our guests are interacting with to ensure that they're having that experience that we expect, you know, we've learned that just because a system or a server says, Hey, I'm up 99% of the time, that doesn't mean that my guests are experiencing that same type of stability, you know? So once again, we really worked well with App Dynamics. They've partnered with us to ensure that, you know, our guests are getting that vacation experience they're looking for. >>Do you think, just a follow up there, do you think that you would have advanced in the ways that you have working with Cisco App Dynamics and across functions over the last few years without this crunch, was necessity the mother of invention for you to any degree? >>You know, I don't, I don't think that the Crunch brought it on cuz we, like I said, we started this journey back in 2017 and we're not unlike a lot of companies where we're on this maturity ride where we wanna go from being reactive, where our guests are telling us something is broken to being preventive. Definitely, you know, COVID played into this because I think we learned to do less, you know, more with less. So, you know, we, you know, it's very hard in the cruise industry. We did take a hit, but we were able to use the app dynamics tools to ensure that our systems were running with having less people also watching those systems. So less eyes on glass, more automation, >>And that's a more, with more, more stability, more credibility, and more transparency is definitely something that we're all looking forward. And, and it's nice to see that implemented, especially at scale when you're dealing with so many customers from all over the world trying to access your service and, and wanting that personalized experience. Greg, what does it feel like for you as a leader to hear someone like Alice say how powerful your tool has been in ensuring that customer experience? >>Yeah, that's, you know, it's absolutely fantastic and especially, you know, Alice is absolutely right. You know, the, the, the cruise industry was really, had a very unique challenge in front of them, and I, I really applaud the folks at Royal Caribbean for stepping up to make sure that when the pandemic eased, so to speak, that they, that the experience to the customer was actually even better, right? So when we were able to work and partner together to make sure that, you know, the, the, the user experience is topnotch, the availability is there, the, the, the, the resiliency of their platform is there. So by, by working with customers like Royal CRI and is really one of the, the, the shining stars that we can talk about that really help make a big difference in, you know, that post pandemic era to be able to really do what's right for the customer. >>How often are you engaging with customers like Alice as a team? How big is that feedback in your product roadmap? >>Oh, personally, I, I'm, I'm engaged with customers on a daily basis and I see it fr across the map from many different industries. And, you know, a lot of folks had different challenges, but the, the ultimate commonality that I've seen across, you know, multiple industries is that, you know, when you, when we're in that pandemic state, digital services were the only way that they, their customers were interacting with, with them. So, you know, when you, when you're looking at a, at a bank or you're looking at a, you know, different types of travel agencies and organizations that, you know, like rural Caribbean as well, that, that really had that opportunity to, to focus on what's the most valuable thing to them, which is user experience. It's a very, very common common trend that we saw. And, you know, you see an expedited path of, of, of digital transformation happen. And really that's where we partner with, you know, customers like Royal Caribbean and, and many others across different industries to make sure that that, that the, the business outcomes were being driven towards the, the proper direction. As well as that, you know, the, the user experience, and I don't think I can emphasize user experience as being so critically important anymore than I've already have, but it's really the, one of the most valuable currencies most organizations have. >>I, one of my favorite lines is, is community is your first defensible asset. And you know, I, you can, you can talk about user experience as much as you want on here. At the end of the day, if people aren't having a positive interaction with your brand or your product, it's probably not going to last super long unless it's legacy. And we won't have to go down that rabbit hole today, >>Especially if I can add there's a lot of competition there. Course, right? There's a lot of competition out there. So if your applications do not perform, or your digital services do not perform, the end user has the quick ability to just quickly delete and move on. And, and the same thing with, with what Alice sees in the, in the cruise industry, you know, you have an opportunity to rise to the top and I, I really applaud them for taking advantage of that, that opportunity. Community. >>Community. Yeah. Well, I'm, I'm here for both of you cheering each other on certainly the, the water level rises together. That's >>Right. Alice, >>What sort of, what sort of challenges are you taking on currently that you're able to disclose? What, what sort of leaps do you think, or doesn't have to be leaps, but what, what kind of experience are you hoping to continue to enhance for Royal Caribbean customers? >>So I think, you know, one of our big challenges that we've, you know, we've announced that we do have a relationship with starlink, so that's going to improve our satellite connectivity, and it really is a game changer for our industry. It's very exciting and, and, but it puts the, it puts the user back in the forefront once again. You know, right now, you know, with our current connectivity, it's all about managing that bandwidth. You know, we're hoping to go to that state where bandwidth isn't at a high cost, so now we're gonna be even able to watch our user interaction more from ship to shore, you know, and you're, and you're, we're maybe moving to that area where we're thinking cloud first from a shift. If you think about it, we've got 50 plus data centers floating around the world, so that connectivity is key. Now we're opening up that bandwidth now I need to see how that, how the transactions are performing as we come off ship. You know, with that, once again, that cloud first mentality, it's a super exciting time for us. And I really see, you know, AppD is gonna play a role in that. >>I, I I, I love that visual just for a second of 50 data centers with also surrounded by people having a very wonderful time on board. What a, what a nice spot. I, I can't say that every data center I've ever been to is, is glamorous, fun or sexy as being on a Royal Caribbean ship. However, I, I hope that we move perhaps in that direction. We were just at super computing a few weeks ago and it was great to see all the hardware there. So you never know. What role do you see yourself in the team and, and Cisco app Dynamics playing in that future for companies like Royal Caribbean, Greg? >>You know, it's really, it's really staying right lockstep with our customers as they move through that digital transformation efforts. The key piece is that we look at it from that full stack view. So we offer full stack observability, which, you know, if you look at the challenges that we want to go after is traditional IT departments were historically siloed pretty significantly between, you know, network and infrastructure security app dev. So ensuring that we can get our customers to, to be able to have that common view that shows what's the real important pieces across all domains. So when they start moving down the path of digital transformation, that's an opportunity to also revamp how their processes are that people interact and the technology that they use to be able to deliver the proper business outcomes. So we talk a lot with our customers around full stack observability, but the key part is business context. >>So if you have a big effort for digital transformation, you're starting to add new services to it, how do you know if it's actually impacting the business in a positive or negative way? So by us implementing the, the business context to ensure that you understand the investments being made that you can show to your business leaders is showing an uptick and the business outcomes you're, you're going after, it's really, really about a strong partnership with our customers, but also ensuring that their business is being positively impacted by our technology to be able to help them really align the teams and be able to have the right desired outcomes. >>I love that Greg and I love that customer first. That community first attitude, it's something that you both share. Final question for the two of you, and I'm gonna start with you, Alice, since I suspect you've probably been on more cruises than Greg and I combined, though I could be making a wild assumption. Where are you cruising to next? >>You know, I just got off the cruise, so next up I wanna revisit the Galapagos. I think the Galapagos is the best place to go, and if you haven't done it, that's absolutely where you should go. >>Oh, it's a beautiful trip. Greg, have you ever done the Galapagos? Is that gonna be your next Royal Caribbean cruise? >>I have never done the Galapagos, but I may just have made it to my list. >>Fantastic. Well, I second Alice's endorsement on that. I, I had the pleasure of going about a decade ago. Very magical place that teaches you a lot about nature, much like the two of you have taught us very extensively about full stack absorbability, how it applies to user experience, customer experience, and the ocean that I am currently staring at here in Pacifica, California. Alice, thank you so much for joining us from Miami Greg to you in Colorado. I hope that you both continue to work in harmony together and that we can all see each other on the friendly sees soon. Thank you all for tuning in to our AWS reinvent coverage. This is the cube. My name's Savannah Peterson, and we look forward to seeing you for our next segment.

foreign [Music] to the special presentation of cloud native at scale the cube and Platform 9 special presentation going in and digging into the next generation super cloud infrastructure as code and the future of application development we're here with dick Lee who's the Chief Architect and co-founder of platform nine pick great to see you Cube alumni we we met at openstack event in about eight years ago or later earlier uh when openstack was going great to see you and great congratulations on the success of platform nine thank you very much yeah you guys been at this for a while and this is really the the Year we're seeing the the crossover of kubernetes because of what happens with containers everyone now was realized and you've seen what docker's doing with the new Docker the open source Docker now just the success of containerization and now the kubernetes layer that we've been working on for years is coming bearing fruit this is huge exactly yes and so as infrastructure as code comes in we talked to baskar talking about super cloud I met her about you know the new Arlo our our lawn um you guys just launched the infrastructure's code is going to another level and it's always been devops infrastructure is code that's been the ethos that's been like from day one developers just code I think you saw the rise of serverless and you see now multi-cloud or on the horizon connect the dots for us what is the state of infrastructure as code today so I think I think um I'm glad you mentioned it everybody or most people know about infrastructure as code but with kubernetes I think that project has evolved at the concept even further and these days it's um infrastructure as configuration right so which is an evolution of infrastructure as code so instead of telling the system here's how I want my infrastructure by telling it you know do step a b c and d uh instead with kubernetes you can describe your desired State declaratively using things called manifest resources and then the system kind of magically figures it out and tries to converge the state towards the one that you specify so I think it's it's a even better version of infrastructure as code yeah and that really means it's developer just accessing resources okay that declare okay give me some compute stand me up some turn the lights on turn them off turn them on that's kind of where we see this going and I like the configuration piece some people say composability I mean now with open source so popular you don't have to have to write a lot of code this code being developed and so it's integration it's configuration these are areas that we're starting to see computer science principles around automation machine learning assisting open source because you've got a lot of code that's what you're hearing software supply chain issues so infrastructure as code has to factor in these new Dynamics can you share your opinion on these new dynamics of as open source grows the glue layers the configurations the integration what are the core issues I think one of the major core issues is with all that power comes complexity right so um You know despite its expressive Power Systems like kubernetes and declarative apis let you express a lot of complicated and complex Stacks right but you're dealing with um hundreds if not thousands of these yaml files or resources and so I think you know the emergence of systems and layers to help you manage that complexity is becoming a key Challenge and opportunity in this space I wrote a LinkedIn post today those comments about you know hey Enterprise is the new breed the trend of SAS companies moving uh our consumer consumer-like thinking into the Enterprise has been happening for a long time but now more than ever you're seeing it the old way used to be solve complexity with more complexity and then lock the customer in now with open source it's speed simplification and integration right these are the new Dynam power dynamics for developers so as companies are starting to now deploy and look at kubernetes what are the things that need to be in place because you have some I won't say technical debt but maybe some shortcuts some scripts here that make it look like infrastructure as code people have done some things to simulate or or make infrastructures code happen yes but to do it at scale yes is harder what's your take on this what's your view it's hard because there's a proliferation of of methods tools Technologies so for example today it's a very common for devops and platform engineering tools I mean sorry teams to have to deploy a large number of kubernetes clusters but then apply the applications and configurations on top of those clusters and they're using a wide range of tools to do this right for example maybe ansible or terraform or bash scripts to bring up the infrastructure and then the Clusters and then they may use a different set of tools such as Argo CD or other tools to apply configurations and applications on top of the Clusters so you have this sprawl of tools you also you also have this sprawl of configurations and files because the more objects you're dealing with the more resources you have to manage and there's a risk of drift that people call that where you know you think you have things under control but some people from various teams will make changes here and there and then before the end of the day systems break and you have no idea of tracking them so I think there's real need to kind of unify simplify and try to solve these problems using a smaller more unified set of tools and methodology apologies and that's something that we try to do with this new project Arlon yeah so so we're going to get to our line in a second I want to get to the yr lawn you guys announced that at argocon which was put on here in Silicon Valley at the community meeting by Intuit they had their own little day over their headquarters but before we get there um Bhaskar your CEO came on and he talked about super cloud at our inaugural event what's your definition of super cloud if you had to kind of explain that to someone at a cocktail party or someone in the industry technical how would you look at the super cloud Trend that's emerging has become a thing what's your what would be your contribution to that definition or the narrative well it's it's uh funny because I've actually heard of the term for the first time today speaking to you earlier today but I think based on what you said I I already get kind of some of the the gist and the the main Concepts it seems like uh super cloud the way I interpret that is you know um clouds and infrastructure um programmable infrastructure all of those things are becoming commodity in a way and everyone's got their own flavor but there's a real opportunity for people to solve real business Problems by perhaps trying to abstract away you know all of those various implementations and then building uh um better abstractions that are perhaps business or application specific to help companies and businesses solve real business problems yeah I remember it's a great great definition I remember not to date myself but back in the old days you know IBM had its proprietary Network operating system so the deck for the mini computer vintage deck net and sna respectively um but tcpip came out of the OSI the open systems interconnect and remember ethernet beat token ring out so not to get all nerdy for all the young kids out there look just look up token ring you'll see if I never heard of it it's IBM's you know a connection for the internet at the layer two is Amazon the ethernet right so if TCP could be the kubernetes and containers abstraction that made the industry completely change at that point in history so at every major inflection point where there's been serious industry change and wealth creation and business value there's been an abstraction Yes somewhere yes what's your reaction to that I think um this is um I think a saying that's been heard many times in this industry and I forgot who originated it but um I think the saying goes like there's no problem that can't be solved with another layer of indirection right and we've seen this over and over and over again where Amazon and its peers have inserted this layer that has simplified you know Computing and infrastructure management and I believe this trend is going to continue right the next set of problems are going to be solved with these insertions of additional abstraction layers I think that that's really a yeah it's going to continue it's interesting just when I wrote another post today on LinkedIn called the Silicon Wars AMD stock is down arm has been on the rise we've been reporting for many years now that arm's going to be huge it has become true if you look at the success of the infrastructure as a service layer across the clouds Azure AWS Amazon's clearly way ahead of everybody the stuff that they're doing with the Silicon and the physics and the atoms the pro you know this is where the Innovation they're going so deep and so strong at is the more that they get that gets gone they have more performance so if you're an app developer wouldn't you want the best performance and you'd want to have the best abstraction layer that gives you the most ability to do infrastructures code or infrastructure for configuration for provisioning for managing services and you're seeing that today with service meshes a lot of action going on in the service mesh area in this community of kubecon which we'll be covering so that brings up the whole what's next you guys just announced our lawn at argocon which came out of Intuit we've had Mariana Tesla out our supercloud event she's a CTO you know they're all in the cloud so there contributed that project where did Arlon come from what was the origination what's the purpose why our lawn why this announcement yeah so um the the Inception of the project this was the result of um us realizing that problem that we spoke about earlier which is complexity right with all of this these clouds these infrastructure all the variations around and you know compute storage networks and um the proliferation of tools we talked about the ansibles and terraforms and kubernetes itself you can think of that as another tool right we saw a need to solve that complexity problem and especially for people and users who use kubernetes at scale so when you have you know hundreds of clusters thousands of applications thousands of users spread out over many many locations there there needs to be a system that helps simplify that management right so that means fewer tools more expressive ways of describing the state that you want and more consistency and and that's why um you know we built um Arlon and we built it um recognizing that many of these problems or sub problems have already been solved so Arlon doesn't try to reinvent the wheel it instead rests on the shoulders of several Giants right so for example kubernetes is one building block get Ops and Argo CD is another one which provides a very structured way of applying configuration and then we have projects like cluster API and cross-plane which provide apis for describing infrastructure so Arlon takes all of those building blocks and um builds a thin layer which gives users a very expressive way of defining configuration and desired state so that's that's kind of the Inception and what's the benefit of that what does that give what does that give the developer the user in this case the developers the the platform engineer team members the devops engineers they uh get a ways to provision not just infrastructure and clusters but also applications and configurations they get away a system for provisioning configuring deploying and doing life cycle Management in a in a much simpler way okay especially as I said if you're dealing with a large number of applications so it's like an operating fabric if you will yes for them okay so let's get into what that means for up above and below the the abstraction or thin layer below is the infrastructure we talked a lot about what's going on below that yeah above our workloads at the end of the day and I talked to cxos and um I.T folks that are now devops Engineers they care about the workloads and they want the infrastructure's code to work they want to spend their time getting in the weeds figuring out what happened when someone made a push that that happened or something happened they need observability and they need to to know that it's working that's right and as my workloads running if effectively so how do you guys look at the workload side because now you have multiple workloads on these fabric right so workloads so kubernetes has defined kind of a standard way to describe workloads and you can you know tell kubernetes I want to run this container this particular way or you can use other projects that are in the kubernetes cloud native ecosystem like k-native where you can express your application in more at a higher level right but what's also happening is in addition to the workloads devops and platform engineering teams they need to very often deploy the applications with the Clusters themselves clusters are becoming this commodity it's it's becoming this um host for the application and it kind of comes bundled with it in many cases it's like an appliance right so devops teams have to provision clusters at a really incredible rate and they need to tear them down clusters are becoming more extremely like an ec2 instance spin up a cluster we've heard people used words like that that's right and before Arlon you kind of had to do all of that using a different set of tools as I explained so with our own you can kind of express everything together you can say I want a cluster with a health monitoring stack and a logging stack and this Ingress controller and I want these applications and these security policies you can describe all of that using something we call the profile and then you can stamp out your app your applications and your clusters and manage them in a very essentially standard that creates a mechanism it's standardized declarative kind of configurations and it's like a Playbook you just deploy it now what's this between say a script like I have scripts I can just automate Scripts or yes this is where that um declarative API and um infrastructures configuration comes in right because scripts yes you can automate scripts but the order in which they run matters right they can break things can break in the middle and um and sometimes you need to debug them whereas the declarative way is much more expressive and Powerful you just tell the system what you want and then the system kind of uh figures it out and there are these things called controllers which will in the background reconcile all the state to converge towards your desire to say it's a much more powerful expressive and reliable way of getting things done so infrastructure as configuration is built kind of on it's a superset of infrastructures code because different Evolution you need Edge restaurant's code but then you can configure The Code by just saying do it you're basically declaring and saying go go do that that's right okay so all right so Cloud native at scale take me through your vision of what that means someone says hey what is cloud native at scale mean what's success look like how does it roll out in the future as you that future next couple years I mean people are now starting to figure out okay it's not as easy as it sounds kubernetes has value we're going to hear this year kubecon a lot of this what is cloud native at scale mean yeah there are different interpretations but if you ask me when people think of scale they think of a large number of deployments right geographies many you know supporting thousands or tens or millions of users there's that aspect to scale there's also um an equally important aspect of scale which is also something that we try to address with Arlon and that is just complexity for the people operating this or configuring this right so in order to describe that desired State and in order to perform things like maybe upgrades or updates on a very large scale you want the humans behind that to be able to express and direct the system to do that in in relatively simple terms right and so we want uh the tools and the abstractions and the mechanisms available to the user to be as powerful but as simple as possible so there's I think there's going to be a number and there have been a number of cncf and Cloud native projects that are trying to attack that complexity problem as well and Arlon kind of Falls in in that category okay so I'll put you on the spot where I've got kubecon coming up and obviously this will be shipping this seg series out before what do you expect to see at kubecon issue it's the big story this year what's the what's the most important thing happening is it in the open source community and also within a lot of the the people jockeying for leadership I know there's a lot of projects and still there's some white space on the overall systems map about the different areas get runtime and observability in all these different areas what's the where's the action where's the smoke where's the fire where's the piece where's the tension yeah so uh I think uh one thing that has been happening over the past couple of coupons and I expect to continue and and that is uh the the word on the street is kubernetes getting boring right which is good right or I mean simple well um well maybe yeah invisible no drama right so so the rate of change of the kubernetes features and and all that has slowed but in a positive way um but um there's still a general sentiment and feeling that there's just too much stuff if you look at a stack necessary for uh hosting applications based on kubernetes they're just still too many moving Parts too many uh components right too much complexity I go I keep going back to the complexity problem so I expect kubecon and all the vendors and the players and the startups and the people there to continue to focus on that complexity problem and introduce a further simplifications uh to to the stack yeah Vic you've had a storied career VMware over decades with them uh obviously 12 years for the 14 years or something like that big number co-founder here platform I think it's been around for a while at this game uh we man we'll talk about openstack that project you we interviewed at one of their events so openstack was the beginning of that this new Revolution I remember the early days was it wasn't supposed to be an alternative to Amazon but it was a way to do more cloud cloud native I think we had a Colorado team at that time I mean it's a joke we you know about about the dream it's happening now now at platform nine you guys have been doing this for a while what's the what are you most excited about as the Chief Architect what did you guys double down on what did you guys pivot from or two did you do any pivots did you extend out certain areas because you guys are in a good position right now a lot of DNA in Cloud native um what are you most excited about and what is platform nine bring to the table for customers and for people in the industry watching this yeah so I think our mission really hasn't changed over the years right it's been always about taking complex open source software because open source software it's powerful it solves new problems you know every year and you have new things coming out all the time right openstack was an example within kubernetes took the World by storm but there's always that complexity of you know just configuring it deploying it running it operating it and our mission has always been that we will take all that complexity and just make it you know easy for users to consume regardless of the technology right so the successor to kubernetes you know I don't have a crystal ball but you know you have some indications that people are coming up of new and simpler ways of running applications there are many projects around there who knows what's coming uh next year or the year after that but platform will a Platform 9 will be there and we will you know take the Innovations from the the community we will contribute our own Innovations and make all of those things uh very consumable to customers simpler faster cheaper always a good business model technically to make that happen yeah I think the reigning in the chaos is key you know now we have now visibility into the scale final question before we depart you know this segment um what is that scale how many clusters do you see that would be a high a watermark for an at scale conversation around an Enterprise um is it workloads we're looking at or or clusters how would you yeah how would you describe that and when people try to squint through and evaluate what's a scale what's the at scale kind of threshold yeah and the number of clusters doesn't tell the whole story because clusters can be small in terms of the number of nodes or they can be large but roughly speaking when we say you know large-scale cluster deployments we're talking about um maybe a hundreds uh two thousands yeah and final final question what's the role of the hyperscalers you've got AWS continuing to do well but they got their core I asked they got a pass they're not too too much putting assess out there they have some SAS apps but mostly it's the ecosystem they have marketplaces doing over two billion dollars billions of transactions a year um and and it's just like just sitting there it has really they're now innovating on it but that's going to change ecosystems what's the role the cloud play and the cloud native at scale the the hyperscale yeah Abus Azure Google you mean from a business they have their own interests that you know that they're uh they will keep catering to they they will continue to find ways to lock their users into their ecosystem of uh services and and apis um so I don't think that's going to change right they're just going to keep well they got great uh performance I mean from a from a hardware standpoint yes that's going to be key right yes I think the uh the move from x86 being the dominant away and platform to run workloads is changing right that that that and I think the the hyperscalers really want to be in the game in terms of you know the the new risk and arm ecosystems and platforms yeah that joking aside Paul maritz when he was the CEO of VMware when he took over once said I remember our first year doing the cube the cloud is one big distributed computer it's it's hardware and you've got software and you got middleware and uh he kind of over these kind of tongue-in-cheek but really you're talking about large compute and sets of services that is essentially a distributed computer yes exactly it's we're back in the same game Vic thank you for coming on the segment appreciate your time this is uh Cloud native at scale special presentation with platform nine really unpacking super cloud rlon open source and how to run large-scale applications uh on the cloud cloud native philadelph4 developers and John Furrier with the cube thanks for watching and we'll stay tuned for another great segment coming right up foreign [Music]

>>Hey everyone. Welcome to the cubes presentation of the AWS startup showcase. This is season two, episode four of our ongoing series that features exciting startups within the AWS ecosystem. This episode's theme, cybersecurity protect and detect against threats. I'm your host, Lisa Martin, and I'm pleased to welcome back. One of our alumni chase joins me the principal strategist at jump cloud chase. It's great to have you back on the >>Perfect Michael, thank you so much for having me again, >>Tell the audience just a little quick refresher on jump cloud, open directory platform. We just give them that little bit of context. >>You bet. So jump cloud provides an open directory platform and what we mean by that is we help manage all of your employees, identities, the devices that they operate on, and then all the access that they need in order to get their work done in a modern it environment. >>So from a target, a market segment perspective, this is really targeted at small medium enterprise SMEs managed security providers. MSPs, talk to me a little bit about that and some of the what's in it for me, for those folks. >>Yeah, absolutely. And when we are thinking about specifically within that market, so small, medium enterprises and the it, or the managed service providers that help support those organizations, there's a lot of different technologies that you use in order to make sure that you have a secure organization. And within that group specifically, there's a lot less of a luxury right of an enterprise budget or kind of all these different personnel that you might have available to you. And it's really kind of down to maybe one team or just a couple folks or just one person wearing a lot of different hats. And so we've designed the open directory platform to help accommodate for a lot of those different pieces where we're bringing in multiple different types of technologies from identity access management, device management and MDM, MFA access through single sign on all of those different pieces and more that help kind of come into one platform. >>So not only do you have all the technology there at your disposable, but also all the visibility and analytics of folks that are getting in and just trying to get their job done. But now all of those pieces are, are consolidated into one platform and it really helps support a lot of those organizations, right? And keep in mind, you know, small, medium businesses are the most common businesses, not everyone's coming in from an enterprise. And so here we're able to layer on levels of security and making sure that you have best practices, no matter what size you're operating in. >>So consolidating it management, securing employees, access to a variety of it. Resources is really kind of in a nutshell. >>Absolutely. And just making sure that you're combining that combination of securely accessing all the things that you need, but also making sure that from an end user perspective, it's really easy and you have all those things kind of built in from the get go. >>So how are SSEs and MSPs leveraging jump cloud right now? What are some of the outcomes that you are helping them to achieve? Anything stand out to you? >>I think there's a couple different areas that we help support organizations. One is you can think about just the whole employee life cycle. So when, when someone joins an organization from onboarding, you know, where does that identity come from? How can we make sure that they're productive, you know, effective human beings as they come into it, but then the whole life cycle, as they're accessing or changing resources within their role, all the way to the end, where they might be leaving the organization and we can securely off board that person. And so that whole flow that you might have from an organization standpoint is one aspect. Another area is as companies continue to grow, they might be going after, you know, maybe audits, level compliance, other pieces that might help them grow. And there's a lot of layers that you need to think about or different types of technologies and processes to have those certifications and credentials. >>And so we help support those organizations again, by consolidating all those different technologies into one spot. It makes it a lot easier for people to get up to par in how they think that their security standards should be set within an organization. And finally too, I'd say just ease of mind. There's a lot of pieces when you're thinking about, you know, where people might be coming in from how do I get visibility into all those different aspects? And when you have all that under one roof, it adds a lot of, I'd say, you know, less mental stress in terms of one, how all those technologies should be working together effectively, also securely, but then also making sure that you have time in the day to tackle big projects and let some of the, let's say, run rate security out of the way. >>Yeah. That's really important to be able to assign resources that are able to make the biggest impact across the organization, moving things off the plate that are not necessary or more mundane twice a year. I understand jump cloud does a survey with SMEs where you really are aimed at understanding kind of where they are in the market today, their concerns, trends, challenges, budgets. Then I saw you just published results from a survey in June of 2022. Talk to me a little bit about the demographics of the survey, who, who are you talking to within SMEs? And then we can kind of crack open some of those really interesting findings that came out this year. >>Yeah. So we love to get a pulse check of what's happening within the industry, but specifically within that small, medium size, if you will. And so for that survey that we ran, we talked to 400 different roles, kind of that touch it from security. So from vice president of the CCSO all the way down to it, admins and anyone else in between, and we're really looking at organizations that had about 500 employees or less, cuz there's a lot of information out there, especially from the enterprise of, you know, Hey, here's best practices. Here's all the things that you can do. But for smaller organizations, it's not as clear cut or you have less of an understanding of what your peers might be going through or kind of what their concerns are. And so when we're running that survey, that's one thing that we like to keep in mind is it's really meant for organizations at that size because there's, there's some commonalities that you start to see in suss out. >>And it's not to say that those aren't the same concerns that the enterprise folks have as well, because a lot of the things that will come out, you know, they are security based say, Hey, what's top of mind, or what's kind of keeping you up at night. There were some clear indicators and especially well from kind of, as we do this survey, you know, every six months or kind of even year over year, you start to see some trends that are emerging. And so a, a lot of the big ones are, you know, ransomware software, vulnerability and network security. Those are kind of the top three aspects when we're looking at, Hey, what are specifics that are keeping you up? And those are easy to say because ransomware is obviously in the news. Even this week, there are three different organizations just kind of pick out. >>So brussel who does dental manufacturing, they had ransomware in trust, which is another cybersecurity organization. They were breached. But then also Fremont county here in Colorado as a government organization, all three of those were hit by ransomware. And you might not say, Hey, there's, you know, they're all kind of random and they're not put together, but under the hood really it's a lot of the same different technologies that are powering, how people get access into things. Do they have the right levels of credentials? Are there conditions set within that type of access, especially if it's privilege. And so you start to consolidate and bubble down all those different things that can lead up to those concerns. And then even on the software vulnerability side, Mac release, two different vulnerabilities this week. And so now it quickly becomes, okay, great. How can I make sure that my employees are using not only a secure device, but a secure device, that's up to date because it's a dynamic field as all of these things coming through. >>And these are a lot of the gotchas that can keep, you know, small, medium enterprises up at night because if something happens a security event like that, it could be a, you know, a career ending event, but also a company ending event. When you think about that. And so that becomes a really high level of importance because no one wants to see their name in the news, but it also takes a lot of different steps in order to create the layers that are necessary in order to achieve, you know, really solid round stand on for organization to do that. And so that's where we like to come in and help and making sure that a lot of those layers are actually easier to implement than you thought. And it's not this huge project, but you're doing it in a way that's conscious and also not really getting the way of kind of battling users or making sure that their experience is a nightmare as well in order to achieve these goals that you have as an organization, >>You bring up ransomware, it's become a household term that I think probably every generation alive right now in some form or fashion understands what it is to a, to some degree it's now security threats in general. Now no longer if we get hit, it's a matter of one. You gave three great examples of SMEs that were hit recently and organizations. We wouldn't think really them everybody's vulnerable. You talked about the different, you know, some of the, the concerns, software, vulnerable vulnerability, exploits, the use of unsecured networks, people, and this is so common using the same password across applications that SSEs and enterprises too are dealing with. They have to be able to lean on MSPs, for example, in the SME space to say, help us with these obvious vulnerabilities, we need to make sure that our employees are productive. They're working together. We can onboard and offboard people in a secure way. How did this survey uncover how SMEs are leaning more on MSPs to help solve some of those risks that you've talked about? >>I think one of the more interesting trends that we've seen is just the ability and the ramp for organizations to lean on managed service providers. You saw a lot of this during kind of the, the beginning of the pandemic or kind of this really shift to remote work where people kind of have this mentality of, okay, it might be a cost center and, and will have, but it it's always felt this importance to making sure that people are on site. They understand their culture. They understand the, the ways that the organization works. However, now, a lot more organizations are stepping back and saying, well, if I can't see anyone in the office or if there's only half or maybe 10% that are showing up, you know, are there other economies of scale almost that I can get from leveraging a managed service provider bringing in other expertise, right? >>And so it might be valuable to say, Hey, it's not only just managing my organization, but five others. And so now you can start to see and kind of lean on best practices that they've evolved over time. And I think one of the more interesting stats is we see that, you know, almost nine out of 10 organizations that we surveyed are either leveraging an MSP or have considered it. And one of those things that's actually pulling them back or some organizations say, Hey, I've looked at it, but I'm not quite ready to commit to outsourcing this section of my organization that, or kind of bringing in someone to manage it fully alongside with me almost in a co-managed type of environment is a third of 'em say, Hey, I, I don't know how secure the MSPs are themselves. How do they think about their own internal practices? >>And what does that look like? Because again, you, you're thinking about handing over the crown jewels over to someone and say, Hey, here's some of our, our most vulnerable or critical assets that we need to have secured and, and making sure that that's part of the organization. And so it's a, it's an honest conversation that a lot of owners have with MSPs and say, look, are, are you up to snuff, right? Because if something happens, sure, I might have one person to go after, or you might have SLAs that I can, I can go. But it still means me as an organization has been targeted. What does that look like in our types of relationship? And so a lot of the partners that we have on the jump outside, it's a very common conversation that they have with our clients and saying, walking them through and say, Hey, here's our, our security plan. >>Here's how we approach that. Here's all the different tools that we have at, at our disposal that are working alongside jump cloud in order to make sure that not only do you have good posture, I'd say good areas where the organization is set up for success, where you're thinking about not sharing passwords or there's password complexity, or there's other technologies like single sign on that, help reduce that. But in addition to what type of network scanning do you have available? What type of antivirus do you leverage? What are all the other pieces that create that holistic security structure? And so sometimes it's a lot easier for MSPs to deliver that and package it up instead of having, you know, an overburdened it, admin said, great, this is another project that I have to go through and think about and look at pricing and kind of other those components, because it helps speed up. I'd say your time to being more secure. And that's a really real conversation for organizations as they think about planning, as they think about budgets and what impact that might have on organization, making sure that employees can get work done. But we're also thinking about in a very secure mindset within the organization. >>That's so critical as we talked about every or every organization of every size in every industry is vulnerable. There's just no weight getting around it. These days. You talked about an interesting stat, about 90% of the SME surveyed some written we're yes, we're relying on MSV, but we still worry about security. Talk to me from the jump cloud, AWS perspective. How do you help though? That's cause that's a big number, the 90% of SMEs that are still concerned about security, how do you help them dial that down? >>I think it's really understanding, you know, you mentioned AWS, so what are the critical access and what are those points that look like that we need to get a handle on? And how can we make that easier? Cause I think one of the pieces that will often come at and say, Hey, we really wanna make this approach work. We really wanna make sure that when you, when you wake up and you need to get into Q and a environments or, or production or whatever, that might be, that it's a seamless experience, but we as an organization have visibility into what's going on and Hey, if you're getting promoted or your role is changing, we wanna make sure that those attributes or kind of those pieces that are associated to you and your identity are changing with it. And so making sure that there's this dynamic motion available to folks, as they start thinking about, you know, where a majority of their IP lives, it's no longer in some server closet and yes, it might still be on a, on a manufacturing floor, but it's those components that become the most critical for organizations you've heard, I'd say, you know, certainly within the last five years and probably even goes further back where a lot of traditional organizations say, Hey, we're a software company now we're, you know, kind of insert for innovation, making sure we can do that. >>And I think a lot of organizations are still going through that transition, but right behind it and what's coming next. And certainly a lot of organizations start to say, not only are we a software company, but we're a security company. And with that, that comes the mindset. Not only of here's how we tactically get into the things that we need to do our job, but the why behind it. And I think that's one of the elements that might be missing or is certainly one of, I know that we have a lie attainment kind of take that approach of, yes, we're gonna be implementing, we need to have your device passion updated because there's vulnerabilities. But for everyone else kind of on the end user side, it's like, well, okay, well why, why do we need to do that? And so by having that security first type of mentality, that allows everyone to be on the same page, play on the same team and making sure that when, you know, those requests are coming in both back and forth between end users and its security team, anyone else that might be involved within that process, you all understand that say, Hey, it's not, you know, it, it's not my job. >>It's everyone's job, right? We're all in this together because that's some of the parts where it can start to fall down too. You might have a team that has the best practices and in, you know, in intentions, but if the implementation and the follow through isn't bought in from everyone, then you're also playing against the speed of the organization to adopt it. And that's really the timeline that you're battling, especially when you're thinking about ransomware or someone who already might be in it is how can we help mitigate a lot of those different pieces. So by combining all those different elements into a thought process, into a mentality of being a security first organization, that's really kind of helps within the ripple effect all the way down into, you know, the critical resources like AWS. >>It has to be a holistic view. There's really no other choice these days. And it also has to be done in a timely fashion. What did, as we wrap up kind of talking about the survey here, what were some of the trends, the future trends it uncovered as we are still in a remote and distributed work environment. It probably always will be. We've seen challenges and everyone's mental health in terms of, of strapped resources. What did the survey uncover as to what these folks saw as future trends? >>So I'd say there's a, there's a couple, there there's a lot, but we'll break it down and say, I'd say three core trends that you saw across every organization that we talked to, including our own base of over 180,000 organizations that rely on gem cloud is, Hey, security is number one, right? And we we've talked to that about at length device management is another extension of that. I'm sorry, making sure that, Hey, this is the only piece of hardware I have from the company in front of me. I wanna make sure that I can manage secure it, make sure it's patched as well as we kind of operate in this dynamic and environment, making sure that we're resilient as an organization. And then I'd say finally, as those pieces start to evolve, there's still some organizations that are how trying to understand kind of truly manage what does hybrid and remote and kind of what does that look like for me as an organization? >>Cause I think we're now out of this panic mode and now organizations are now setting up. Okay, what are some of the long term structures as I think about that, and you hear a lot about too, from other organizations that are mandating folks to come back or okay. Maybe it's just a couple days a week or all of those decisions have impacts on the it organization. So that is very alive and well, I'd say one of the other pieces you mentioned mental health is that we are starting to understand a little bit more, you know, kind of who's behind the computer. Who's, who's behind the keyboard. What does the impact have for them? Because in this type of work environment as well, you know, it's still challenging to find really good talent. And so you might be strapped for resources. You might be the only person that's trying to implement these processes or the security protocol, or trying to help get us up into a good compliance posture, all of those different pieces kind of on it. >>And so you can start to think about man, how do I, how do I make progress? And I think that's one of the other pieces that is really important for folks kind of from that perspective is, you know, always understand that you're making progress, even though the, the tickets might be coming at you and you, there's never ending in sight. All those steps that you take for an organization are critically important. And so, and it's not always just a people answer cuz you might, might not be in the position to say, Hey, we need an extra five hands on this in order to make it done. It might have to be more of a conversation of, Hey, here are the pieces that we need to automate. Here are the business processes that we really need to think about in order to have a fundamental impact on what we can do. >>And then you can come back and say, great. And if we have this, it might actually look like one and a half people. You can't really hire a half person, but you come into those types of mentality with a really solid argument of here's what we need to have in order to make this happen. And I think too, getting that type of buy-in again, making sure, Hey, we are a security company after all, we're all in this together that allows everyone to kind of help pitch in because if you don't have that piece, then you know, everything can feel much more burdensome, right? And the level of burnout increases the, the level of mental health in general, across the teams that are acting as supporting functions for an organization, start to get burnout. And it might not always be as Hey, as important as, as revenue or Hey, we're getting this marketing campaign out, but it's this underwriting thing in terms of really, truly important infrastructure that the company needs to think about. >>And when you can involve all of those different pieces, then people feel like they can make a positive impact. They feel more empowered. They have, you know, emojis attached to tickets and say, Hey, it was so great to help you out today. And a lot of those I'd say interpersonal connections that you might be missing in a remote only type of world in organization. And so bringing all those little tidbits back into, you know, how to, how to be a good person, how to be a good human and how to make sure that there's some personality involved with it. And it's not just this ongoing process. I think there's a little bit of give and take, but that's one other thing that we've surfaced is really just understanding a better picture of who's implementing all these amazing things around the world. >>That's so important. There's so many different levers to the pull here where becoming a security company is concerned. Where can folks go to one chase, get the surveying two, some final thoughts. What, where can folks go to actually test out jump drive? >>Yeah, absolutely >>Jump out. Excuse me. >>So within everything that we talked about, some from various different technologies from identity management, device management, SSO, MFA, and many, many more. So you can go to jumpcloud.com, create a free organization. It's free up to 10 users, 10 devices. So even for really small organizations, even if you're a startup, we can help leverage enterprise grade security technology for you to implement as well as more detailed on the reports. And so if you wanna get a better sense of kind of how we look at the world types of information that we can bring back and making sure that you're learning from your peers and how to implement and put your best foot forward within the organization, we always have a ton of amazing resources and content that really looks at, you know, who's doing the work. Why are they doing the work? And how is that work impactful within multiple different organizations and not only just the organizations themselves, but those that are supporting it like managed service providers of the world. >>Got it. Awesome. Chase. Thank you so much for joining me on this episode of the AWS startup showcase, talking to us about what jump cloud is uncovered with respect to the concerns that SMEs have, how MSPs are helping, how jump cloud is also a facilitator of really helping to organizations to become security organizations. We appreciate your time. >>Absolutely. Thank you so much for having me again. >>Our pleasure. We wanna you for watching. Keep it right here on the, for more action. The, is your leader in live coverage?

>>Okay, welcome back everyone. This is the Cube's coverage here in Las Vegas. Back at events re Mars, Amazon re Mars. I'm your host, John fur with the cube. Mars stands for machine learning, automation, robotics, and space. It's great event brings together a lot of the industrial space machine learning and all the new changes in scaling up from going on the moon to, you know, doing great machine learning. And we've got two great guests here with kinda called lunar outpost, Justin Sears, CEO, Lauren, man. He's the co-founder and chief strategy officer lunar outpost. They're right next to us, watching their booth. Love the name, gentlemen. Welcome to the cube. >>Yeah. Thanks for having us, John. >>All right. So lunar outpost, I get the clues here. Tell us what you guys do. Start with that. >>Absolutely. So lunar outpost, we're a company based outta Colorado that has two missions headed to the moon over the course of the next 24 months. We're currently operating on Mars, which forest will tell you a little bit more about here in a second. And we're really pushing out towards expanding the infrastructure on the lunar surface. And then we're gonna utilize that to provide sustainable access to other planetary bodies. >>All right, far as teeing it up for you. Go, how cool is this? We don't, we wanna use every minute. What's the lunar surface look like? What's the infrastructure roads. You gonna pave it down. You what's going on. Well, >>Where we're going. No one has ever been. So, um, our first mission is going to Shackleton connecting Ridge on the south pole, the moon, and that's ripe to add infrastructure such as landing pads and other things. But our first Rover will be primarily driving across the surface, uh, exploring, uh, what the material looks like, prospecting for resources and testing new technologies. >>And you have a lot of technology involved. You're getting data in, you're just doing surveillance. What's the tech involved there. >>Yeah. So the primary technology that we're demonstrating is a 4g network for NOK. Um, we're providing them mobility services, which is basically like the old Verizon commercial. Can you hear me now? Uh, where the Rover drives farther and farther away from the Lander to test their signal strength, and then we're gonna have some other payloads ride sharing along with us for the ride >>Reminds me the old days of wifi. We used to call it war drive and you go around and try to find someone's wifi hotspot <laugh> inside the thing, but no, this is kind of cool. It brings up the whole thing. Now on lunar outpost, how big is the company? What's how what's to some of the stats heres some of the stats. >>Absolutely. So lunar outpost, 58 people, uh, growing quite quickly on track to double. So any of you watching, you want a job, please apply <laugh>. But with lunar outpost, uh, very similar to how launch companies provide people access to different parts of space. Lunar outpost provides people access to different spots on planetary bodies, whether it's the moon, Mars or beyond. So that's really where we're starting. >>So it's kinda like a managed service for all kinds of space utilities. If you kind of think about it, you're gonna provide services. Yeah, >>Absolutely. Yeah. It, it's definitely starting there and, and we're pushing towards building that infrastructure and that long term vision of utilizing space resources. But I can talk about that a little bit more here in a sec. >>Let's get into that. Let's talk about Mars first. You guys said what's going on with >>Mars. Absolutely. >>Yeah. So right now, uh, lunar outpost is part of the science team for, uh, Moxi, which is an instrument on the perseverance Rover. Yeah. Moxi is the first demonstration of space resource utilization on another planet. And what space resource utilization is basically taking resources on another planet, turning them into something useful. What Moxi does is it takes the CO2 from the atmosphere of Mars and atmosphere of Mars is mostly CO2 and it uses a process called solid oxide electrolysis to basically strip oxygen off of that CO2 to produce oh two and carbon monoxide. >>So it's what you need to self sustain on the surface. >>Exactly. It's not just sustaining, um, the astronauts, but also for producing oxygen for propellant. So it'll actually produce, um, it's a, it's a technology that'll produce a propellant for return rockets, um, to come back for Mars. So >>This is the real wildcard and all this, this, this exploration is how fast can the discoveries invent the new science to provide the life and the habitat on the surface. And that seems to be the real focus in the, in the conversations I heard on the keynote as well, get the infrastructure up so you can kinda land and, and we'll pull back and forth. Um, where are we on progress? You guys have the peg from one zero to 10, 10 being we're going, my grandmother's going, everyone's going to zero. Nothing's moving. >>We're making pretty rapid >>Progress. A three six, >>You know, I'll, I'll put it on an eight, John an >>Eight, I'll put it on >>Eight. This is why the mission force was just talking about that's launching within the next 12 months. This is no longer 10 years out. This is no longer 20 years away, 12 months. And then we have mission two shortly after, and that's just the beginning. We have over a dozen Landers that are headed to line surface this decade alone and heavy lift Landers and launchers, uh, start going to the moon and coming back by 2025. >>So, and you guys are from Colorado. You mentioned before you came on camera, right with the swap offices. So you got some space in Colorado, then the rovers to move around. You get, you get weird looks when people drive by and see the space gear. >>Oh yeah, definitely. So we have, um, you know, we have our facility in golden and our Nevada Colorado, and we'll take the vehicles out for strolls and you'll see construction workers, building stuff, and looking over and saying, what's >>Good place to work too. So you're, you're hiring great. You're doubling on the business model side. I can see a lot of demand. It's cheaper to launch stuff now in space. Is there becoming any rules of engagement relative to space? I don't wanna say verified, but like, you know, yet somehow get to the point where, I mean, I could launch a satellite, I could launch something for a couple hundred grand that might interfere with something legitimate. Do you see that on the radar because you guys are having ease of use so smaller, faster, cheaper to get out there. Now you gotta refine the infrastructure, get the services going. Is there threats from just random launches? >>It's a, it's a really interesting question. I mean, current state of the art people who have put rovers on other planetary bodies, you're talking like $3 billion, uh, for the March perseverance Rover. So historically there hasn't been that threat, but when you start talking about lowering the cost and the access to some of these different locations, I do think we'll get to the point where there might be folks that interfere with large scale operations. And that's something that's not very well defined in international law and something you won't really probably get any of the major space powers to agree to. So it's gonna be up to commercial companies to operate responsibly so we can make that space sustainable. And if there is a bad actor, I think it they'll weed themselves out over time. >>Yeah. It's gonna be of self govern, I think in the short term. Good point. Yeah. What about the technology? Where are we in the technology? What are some of the big, uh, challenges that we're overcoming now and what's that next 20 M stare in terms of the next milestone? Yeah, a tech perspective. >>Yeah. So the big technology technological hurdle that has been identified by many is the ability to survive the LUN night. Um, it gets exceptionally cold, uh, when the sun on the moon and that happens every 14 days for another, for, you know, for 14 days. So these long, cold lunar nights, uh, can destroy circuit boards and batteries and different components. So lunar outpost has invested in developing thermal technologies to overcome this, um, both in our offices, in the United States, but we also have opened a new office in, uh, Luxembourg in Europe. That's focusing specifically on thermal technologies to survive the lunar night, not just for rovers, but all sorts of space assets. >>Yeah. Huge. That's a hardware, you know, five, nine kind of like meantime between failure conversation, right. >><laugh> and it's, it gets fun, right? Because you talk five nines and it's such like, uh, you know, ingrained part of the aerospace community. But what we're pitching is we can send a dozen rovers for the cost of one of these historical rovers. So even if 25% of 'em fail, you still have eight rovers for the cost of one of the old rovers. And that's just the, economy's a scale. >>I saw James Hamilton here walking around. He's one of the legendary Amazonians who built out the data center. You might come by the cube. That's just like what they did with servers. Hey, if one breaks throw it away. Yeah. Why buy the big mainframe? Yeah. That's the new model. All right. So now about, uh, space space, that's a not space space, but like room to move around when you start getting some of these habitats going, um, how does space factor into the size of the location? Um, cuz you got the, to live there, solve some of the thermal problems. How do I live on space? I gotta have, you know, how many people gonna be there? What's your forecast? You think from a mission standpoint where there'll be dozens of people or is it still gonna be small teams? >>Yeah. >>Uh, what's that look like? >>I mean you >>Can guess it's okay. >>I mean, my vision's thousands of people. Yep. Uh, living and working in space because it's gonna be, especially the moon I think is a destination that's gonna grow, uh, for tourism. There's an insane drive from people to go visit a new destination. And the moon is one of the most unique experiences you could imagine. Yep. Um, in the near term for Artis, we're gonna start by supporting the Artis astronauts, which are gonna be small crews of astronauts. Um, you know, two to six in the near term. >>And to answer your question, uh, you know, in a different way, the habitat that we're actually gonna build, it's gonna take dozens of these robotic systems to build and maintain over time. And when we're actually talking, timelines, force talks, thousands of people living and working in space, I think that's gonna happen within the next 10 to 15 years. The first few folks are gonna be on the moon by 2025. And we're pushing towards having dozens of people living and working in space and by 2030. >>Yeah. I think it's an awesome goal. And I think it's doable question I'll have for you is the role of software in all this. I had a conversation with, uh, space nerd and we were talking and, and I said open sources everywhere now in the software. Yeah. How do you repair in space? Does you know, you don't want to have a firmware be down. So send down backhoe back to the United States. The us, wait a minute, it's the planet. I gotta go back to earth. Yeah. To get apart. So how does break fix work in space? How, how do you guys see that problem? >>So this one's actually quite fun. I mean, currently we don't have astronauts that can pick up a or change a tire. Uh, so you have to make robots that are really reliable, right. That can continuously operate for years at a time. But when you're talking about long-term repairs, there's some really cool ideas and concepts about standardization of some of these parts, you know, just like Lu knots on your car, right? Yeah. If everyone has the same Lu knots on their wheel, great. Now I can go change it out. I can switch off different parts that are available on the line surface. So I think we're moving towards, uh, that in the long >>Term you guys got a great company. Love the mission. Final question for both of you is I noticed that there's a huge community development around Mars, living on Mars, living on the moon. I mean, there's not a chat group that clubhouse app used, used to be around just kind of dying. But now it's when the Twitter spaces Reddit, you name it, there's a fanatical fan base that loves to talk about an engineer and kind of a collective intelligence, not, may not be official engineering, but they just love to talk about it. So there's a huge fan base for space. How does someone get involved if they really want to dive in and then how do you nurture that audience? How does that, is it developing? What's your take on this whole movement? It's it's beyond just being interested. It's it's become, I won't say cult-like but it's been, there's very, a lot of people in young people interested in space. >>Yeah. >>Yeah. There's, there's a whole, lots of places to get involved. There's, you know, societies, right? Like the Mar society there's technical committees, um, there's, you know, even potentially learning about these, you know, taking a space, resources master program and getting into the field and, and joining the company. So, um, we really, uh, thrive on that energy from the community and it really helps press us forward. And we hope to, uh, have a way to take everyone with us on the mission. And so stay tuned, follow our website. We'll be announcing some of that stuff soon. >>Awesome. And just one last, uh, quick pitch for you, John, I'll leave you with one thought. There are two things that space has an infinite amount of the first is power and the second is resources. And if we can find a way to access either of those, we can fundamentally change the way humanity operates. Yeah. So when you're talking about living on Mars long term, we're gonna need to access the resource from Mars. And then long term, once we get the transportation infrastructure in place, we can start bringing those resources back here to earth. So of course there are gonna be those people that sign up for that first mission out to Mars with SpaceX. But, uh, we'd love for folks to join on with us at lunar outpost and be a part of that kind of next leap accessing those resources. >>I love the mission, as always said, once in the cube, everything in star Trek will be invented someday. <laugh>, we're almost there except for the, the, uh, the transporter room. We don't have that done yet, but almost soon be there. All right. Well, thanks for coming. I, I really appreciate Justin for us for sharing. Great story. Final minute. Give a plug for the company. What are you guys looking for? You said hiring. Yep. Anything else you'd like to share? Put a plug in for lunar outpost. >>Absolutely. So we're hiring across the board, aerospace engineering, robotics engineering, sales marketing. Doesn't really matter. Uh, we're doubling as a company currently around 58 people, as we said, and we're looking for the top people that want to make an impact in aerospace. This is truly a unique moment. First time we've ever had continuous reliable operations. First time NASA is pushing really hard on the public private partnerships for commercial companies like ours to go out and create this sustainable presence on the moon. So whether you wanna work with us, our partner with us, we'd be excited to talk to you and, uh, yeah. Please contact us at info. Lunar outpost.com. >>We'll certainly follow up. Thanks for coming. I love the mission we're behind you and everyone else is too. You can see the energy it's gonna happen. It's the cube coverage from re Mars new actions happening in space on the ground, in the, on the moon you name it's happening right here in Vegas. I'm John furrier. Thanks for watching.

>>Welcome back to NYC the Cube's coverage of Mongo DB 2022, a few thousand people here at least bigger than many people, perhaps expected, and a lot of buzz going on and we're gonna talk devs. I'm really excited to welcome back. Robbie Bellson who's the developer relations lead at Verizon and Ian Massingham. Who's the vice president of developer relations at Mongo DB Jens. Good to see you. Great >>To be here. >>Thanks having you. So Robbie, we just met a few weeks ago at the, the red hat summit in Boston and was blown away by what Verizon is doing in, in developer land. And of course, Ian, you know, Mongo it's rayon Detra is, is developers start there? Why is Mongo so developer friendly from your perspective? >>Well, it's been the ethos of MongoDB since day one. You know, back when we launched the first version of MongoDB back in 2009, we've always been about making developers lives easier. And then in 2016, we announced and released MongoDB Atlas, which is our cloud managed service for MongoDB, you know, starting with a small number of regions built on top of AWS and about 2,500 adoption events per week for MongoDB Atlas. After the first year today, MongoDB Atlas provides a managed service for MongoDB developers around the world. We're present in almost a hundred cloud regions across S DCP and Azure. And that adoption number is now running at about 25,000 developers a week. So, you know, the proof are in proof is really in the metrics. MongoDB is an incredibly popular platform for developers that wanna build data-centric applications. You just can't argue with the metrics really, >>You know, Ravi, sometimes there's an analyst who come up with these theories and one of the theories I've been spouting for a long time is that developers are gonna win the edge. And now to, to see you at Verizon building out this developer community was really exciting to me. So explain how you got this started with this journey. >>Absolutely. As you think about Verizon 5g edge or mobile edge computing portfolio, we knew from the start that developers would play a central role and not only consuming the service, but shaping the roadmap for what it means to build a 5g future. And so we started this journey back in late 20, 19 and fast forward to about a year ago with Mongo, we realized, well, wait a minute, you look at the core service offerings available at the edge. We didn't know really what to do with data. We wanted to figure it out. We wanted the vote of confidence from developers. So there I was in an apartment in Colorado racing, your open source Mongo against that in the region edge versus region, what would you see? And we saw tremendous performance improvements. It was so much faster. It's more than 40% faster for thousands and thousands of rights. And we said, well, wait a minute. There's something here. So what often starts is an organic developer, led intuition or hypothesis can really expand to a much broader go to market motion that really brings in the enterprise. And that's been our strategy from day one. Well, >>It's interesting. You talk about the performance. I, I just got off of a session talking about benchmarks in the financial services industry, you know, amazing numbers. And that's one of the hallmarks of, of Mongo is it can play in a lot of different places. So you guys both have developer relations in your title. Is that how you met some formal developer relations? >>We were a >>Program. >>Yeah, I would say that Verizon is one of the few customers that we also collaborate with on a developer relations effort. You know, it's in our mutual best interest to try to drive MongoDB consumption amongst developers using Verizon's 5g edge network and their platform. So of course we work together to help, to increase awareness of MongoDB amongst mobile developers that want to use that kind of technology. >>But so what's your story on this? >>I mean, as I, as I mentioned, everything starts with an organic developer discovery. It all started. I just cold messaged a developer advocate on Twitter and here we are at MongoDB world. It's amazing how things turn out. But one of the things that's really resonated with me as I was speaking with one of, one of your leads within your organization, they were mentioning that as Mongo DVIA developed over the years, the mantra really became, we wanna make software development easy. Yep. And that really stuck with me because from a network perspective, we wanna make networking easy. Developers are not gonna care about the internals of 5g network. In fact, they want us to abstract away those complexities so that they can focus on building their apps. So what better co-innovation opportunity than taking MongoDB, making software easy, and we make the network easy. >>So how do you think about the edge? How does you know variety? I mean, to me, you know, there's a lot of edge use cases, you know, think about the home Depot or lows. Okay, great. I can put like a little mini data center in there. That's cool. That's that's edge. Like, but when I think of Verizon, I mean, you got cell towers, you've got the far edge. How do you think about edge Robbie? >>Well, the edge is a, I believe a very ambiguous term by design. The edge is the device, the mobile device, an IOT device, right? It could be the radio towers that you mentioned. It could be in the Metro edge. The CDN, no one edge is better than the other. They're all just serving different use cases. So when we talk about the edge, we're focused on the mobile edge, which we believe is most conducive to B2B applications, a fleet of IOT devices that you can control a manufacturing plant, a fleet of ground and aerial robotics. And in doing so you can create a powerful compute mesh where you could have a private network and private mobile edge computing by way of say an AWS outpost and then public mobile edge computing by way of AWS wavelength. And why keep them separate. You could have a single compute mesh even with MongoDB. And this is something that we've been exploring. You can extend Atlas, take a cluster, leave it in the region and then use realm the mobile portfolio and spread it all across the edge. So you're creating that unified compute and data mesh together. >>So you're describing what we've been expecting is a new architecture emerging, and that's gonna probably bring new economics of new use cases, right? Where are we today in that first of all, is that a reasonable premise that this is a sort of a new architecture that's being built out and where are we in that build out? How, how do you think about the, the future of >>That? Absolutely. It's definitely early days. I think we're still trying to figure it out, but the architecture is definitely changing the idea to rip out a mobile device that was initially built and envisioned for the device and only for the device and say, well, wait a minute. Why can't it live at the edge? And ultimately become multi-tenant if that's the data volume that may be produced to each of those edge zones with hypothesis that was validated by developers that we continue to build out, but we recognize that we can't, we can't get that static. We gotta keep evolving. So one of our newest ideas as we think about, well, wait a minute, how can Mongo play in the 5g future? We started to get really clever with our 5g network APIs. And I, I think we talked about this briefly last time, 5g, programmability and network APIs have been talked about for a while, but developers haven't had a chance to really use them and our edge discovery service answering the question in this case of which database is the closest database, doesn't have to be invoked by the device anymore. You can take a thin client model and invoke it from the cloud using Atlas functions. So we're constantly permuting across the entire portfolio edge or otherwise for what it means to build at the edge. We've seen such tremendous results. >>So how does Mongo think about the edge and, and, and playing, you know, we've been wondering, okay, which database is actually gonna be positioned best for the edge? >>Well, I think if you've got an ultra low latency access network using data technology, that adds latency is probably not a great idea. So MongoDB since the very formative years of the company and product has been built with performance and scalability in mind, including things like in memory storage for the storage engine that we run as well. So really trying to match the performance characteristics of the data infrastructure with the evolution in the mobile network, I think is really fundamentally important. And that first principles build of MongoDB with performance and scalability in mind is actually really important here. >>So was that a lighter weight instance of, of Mongo or not >>Necessarily? No, not necessarily. No, no, not necessarily. We do have edge cashing with realm, the mobile databases Robbie's already mentioned, but the core database is designed from day one with those performance and scalability characteristics in mind, >>I've been playing around with this. This is kind of a, I get a lot of heat for this term, but super cloud. So super cloud, you might have data on Preem. You might have data in various clouds. You're gonna have data out at the edge. And, and you've got an abstraction that allows a developer to, to, to tap services without necessarily if, if he or she wants to go deep into the S great, but then there's a higher level of services that they can actually build for their customers. So is that a technical reality from a developer standpoint, in your view, >>We support that with the Mongo DB multi-cloud deployment model. So you can place Mongo DB, Atlas nodes in any one of the three hyperscalers that we mentioned, AWS, GCP or Azure, and you can distribute your data across nodes within a cluster that is spread across different cloud providers. So that kinds of an kind of answers the question about how you do data placement inside the MongoDB clustered environment that you run across the different providers. And then for the abstraction layer. When you say that I hear, you know, drivers ODMs the other intermediary software components that we provide to make developers more productive in manipulating data in MongoDB. This is one of the most interesting things about the technology. We're not forcing developers to learn a different dialect or language in order to interact with MongoDB. We meet them where they are by providing idiomatic interfaces to MongoDB in JavaScript in C sharp, in Python, in rust, in that in fact in 12 different pro programming languages that we support as a first party plus additional community contributed programming languages that the community have created drivers for ODMs for. So there's really that model that you've described in hypothesis exist in reality, using >>Those different Compli. It's not just a series of siloed instances in, >>In different it's the, it's the fabric essentially. Yeah. >>What, what does the Verizon developer look like? Where does that individual come from? We talked about this a little bit a few weeks ago, but I wonder if you could describe it. >>Absolutely. My view is that the Verizon or just mobile edge ecosystem in general for developers are present at this very conference. They're everywhere. They're building apps. And as Ian mentioned, those idiomatic interfaces, we need to take our network APIs, take the infrastructure that's being exposed and make sure that it's leveraging languages, frameworks, automation, tools, the likes of Terraform and beyond. We wanna meet developers where they are and build tools that are easy for them to use. And so you had talked about the super cloud. I often call it the cloud continuum. So we, we took it P abstraction by abstraction. We started with, will it work in one edge? Will it work in multiple edges, public and private? Will it work in all of the edges for a given region, public or private, will it work in multiple regions? Could it work in multi clouds? We've taken it piece by piece by piece and in doing so abstracting way, the complexity of the network, meaning developers, where they are providing those idiomatic interfaces to interact with our API. So think the edge discovery, but not in a silo within Atlas functions. So the way that we're able to converge portfolios, using tools that dev developers already use know and love just makes it that much easier. Do, >>Do you feel like I like the cloud continuum cause that's really what it is. The super cloud does the security model, how does the security model evolve with that? >>At least in the context of the mobile edge, the attack surface is a lot smaller because it's only for mobile traffic not to say that there couldn't be various configuration and human error that could be entertained by a given application experience, but it is a much more secure and also reliable environment from a failure domain perspective, there's more edge zones. So it's less conducive to a regionwide failure because there's so many more availability zones. And that goes hand in hand with security. Mm. >>Thoughts on security from your perspective, I mean, you added, you've made some announcements this week, the, the, the encryption component that you guys announced. >>Yeah. We, we issued a press release this morning about a capability called queryable encryption, which actually as we record this Mark Porter, our CTO is talking about in his keynote, and this is really the next generation of security for data stored within databases. So the trade off within field level encryption within databases has always been very hard, very, very rigid. Either you have keys stored within your database, which means that your memory, so your data is decrypted while it's resident in memory on your database engine. This allow, of course, allows you to perform query operations on that data. Or you have keys that are managed and stored in the client, which means the data is permanently OBS from the engine. And therefore you can't offload query capabilities to your data platform. You've gotta do everything in the client. So if you want 10 records, but you've got a million encrypted records, you have to pull a million encrypted records to the client, decrypt them all and see performance hit in there. Big performance hit what we've got with queryable encryption, which we announced today is the ability to keep data encrypted in memory in the engine, in the database, in the data platform, issue queries from the client, but use a technology called structural encryption to allow the database engine, to make decisions, operate queries, and find data without ever being able to see it without it ever being decrypted in the memory of the engine. So it's groundbreaking technology based on research in the field of structured encryption with a first commercial database provided to bring this to market. >>So how does the mobile edge developer think about that? I mean, you hear a lot about shifting left and not bolting on security. I mean, is this, is this an example of that? >>It certainly could be, but I think the mobile edge developer still stuck with how does this stuff even work? And I think we need to, we need to be mindful of that as we build out learning journeys. So one of my favorite moments with Mongo was an immersion day. We had hosted earlier last year where we, our, from an enterprise perspective, we're focused on BW BS, but there's nothing stopping us. You're building a B2C app based on the theme of the winner Olympics. At the time, you could take a picture of Sean White or of Nathan Chen and see that it was in fact that athlete and then overlaid on that web app was the number of medals they accrued with the little trumpeteer congratulating you for selecting that athlete. So I think it's important to build trust and drive education with developers with a more simple experience and then rapidly evolve overlaying the features that Ian just mentioned over time. >>I think one of the keys with cryptography is back to the familiar messaging for the cloud offloading heavy lifting. You actually need to make it difficult to impossible for developers to get this wrong, and you wanna make it as easy as possible for developers to deal with cryptography. And that of course is what we're trying to do with our driver technology combined with structure encryption, with query encryption. >>But Robbie, your point is lots of opportunity for education. I mean, I have to say the developers that I work with, it's, I'm, I'm in awe of how they solve problems and I, and the way they solve problems, if they don't know the answer, they figure out how to go get it. So how, how are your two communities and other communities, you know, how are they coming together to, to solve such problems and share whether it's best practices or how do I do this? >>Well, I'm not gonna lie in person. Events are a bunch of fun. And one of the easiest domain knowledge exchange opportunities, when you're all in person, you can ideate, you can whiteboard, you can brainstorm. And often those conversations are what leads to that infrastructure module that an immersion day features. And it's just amazing what in person events can do, but community groups of interest, whether it's a Twitch stream, whether it's a particular code sample, we rely heavily on digital means today to upscale the developer community, but also build on by, by means of a simple port request, introduce new features that maybe you weren't even thinking of before. >>Yeah. You know, that's a really important point because when you meet people face to face, you build a connection. And so if you ask a question, you're more likely perhaps to get an answer, or if one doesn't exist in a, in a search, you know, you, oh, Hey, we met at the, at the conference and let's collaborate on this guys. Congratulations on, on this brave new world. You're in a really interesting spot. You know, developers, developers, developers, as Steve bomber says screamed. And I was glad to see Dave was not screaming and jumping up and down on the stage like that, but, but the message still resonates. So thank you, definitely appreciate. All right, keep it right there. This is Dave ante for the cubes coverage of Mago DB world 2022 from New York city. We'll be right back.

(light music playing) >> Welcome back to VEEAMON 2022 in Las Vegas. We're at the Aria. This is theCUBE and we're covering two days of VEEAMON. We've done a number of VEEAMONs before, we did Miami, we did New Orleans, we did Chicago and we're, we're happy to be back live after two years of virtual VEEAMONs. I'm Dave Vellante. My co-host is David Nicholson. Eric Herzog is here. You think he's, Eric's been on theCUBE, I think more than any other guest, including Pat Gelsinger, who at one point was the number one guest. Eric Herzog, CMO of INFINIDAT great to see you again. >> Great, Dave, thank you. Love to be on theCUBE. And of course notice my Hawaiian shirt, except I now am supporting an INFINIDAT badge on it. (Dave laughs) Look at that. >> Is that part of the shirt or is that a clip-on? >> Ah, you know, one of those clip-ons but you know, it looks good. Looks good. >> Hey man, what are you doing at VEEAMON? I mean, you guys started this journey into data protection several years ago. I remember we were actually at one of their competitors' events when you first released it, but tell us what's going on with Veeam. >> So we do a ton of stuff with Veeam. We do custom integration. We got some integration on the snapshotting side, but we do everything and we have a purpose built backup appliance known as InfiniGuard. It works with Veeam. We also actually have some customers who use our regular primary storage device as a backup target. The InfiniGuard product will do the data reduction, the dedupe compression, et cetera. The standard product does not, it's just a standard high performance array. We will compress the data, but we have customers that do it either way. We have a couple customers that started with the InfiniBox and then transitioned to the InfiniGuard, realizing that why would you put it on regular storage? Why not go to something that's customized for it? So we do that. We do stuff in the field with them. We've been at all the VEEAMONs since the, since like, I think the second one was the first one we came to. We're doing the virtual one as well as the live one. So we've got a little booth inside, but we're also doing the virtual one today as well. So really strong work with Veeam, particularly at the field level with the sales guys and in the channel. >> So when INFINIDAT does something, you guys go hardcore, high end, fast recovery, you just, you know, reliable, that's kind of your brand. Do you see this movement into data protection as kind of an adjacency to your existing markets? Is it a land and expand strategy? Can you kind of explain the strategy there. >> Ah, so it's actually for us a little bit of a hybrid. So we have several accounts that started with InfiniBox and now have gone with the InfiniGuard. So they start with primary storage and go with secondary storage/modern data protection. But we also have, in fact, we just got a large PO from a Fortune 50, who was buying the InfiniGuard first and now is buying our InfiniBox. >> Both ways. Okay. >> All flash array. And, but they started with backup first and then moved to, so we've got them moving both directions. And of course, now that we have a full portfolio, our original product, the InfiniBox, which was a hybrid array, outperformed probably 80 to 85% of the all flash arrays, 'cause the way we use DRAM. And what's so known as our mural cash technology. So we could do very well, but there is about, you know, 15, 20% of the workloads we could not outperform the competition. So then we had an all flash array and purpose built backup. So we can do, you know, what I'll say is standard enterprise storage, high performance enterprise storage. And then of course, modern data protection with our partnerships such as what we do with Veeam and we've incorporated across the entire portfolio, intense cyber resilience technology. >> Why does the world, Eric, need another purpose built backup appliance? What do you guys bring that is filling a gap in the marketplace? >> Well, the first thing we brought was much higher performance. So when you look at the other purpose built backup appliances, it's been about our ability to have incredibly high performance. The second area has been CapEx and OpEx reduction. So for example, we have a cloud service provider who happens to be in South Africa. They had 14 purpose built backup appliances from someone else, seven in one data center and seven in another. Now they have two InfiniGuards, one in each data center handling all of their backup. You know, they're selling backup as a service. They happen to be using Veeam as well as one other backup company. So if you're the cloud provider from their perspective, they just dramatically reduce their CapEx and OpEx. And of course they've made it easier for them. So that's been a good story for us, that ability to consolidation, whether it be on primary storage or secondary storage. We have a very strong play with cloud providers, particularly those meeting them in small that have to compete with the hyperscalers right. They don't have the engineering of Amazon or Google, right? They can't compete with what the Azure guys have got, but because the way both the InfiniGuard and the InfiniBox work, they could dramatically consolidate workloads. We probably got 30 or 40 midsize and actually several members of the top 10 telcos use us. And when they do their clouds, both their internal cloud, but actually the clouds that are actually running the transmissions and the traffic, it actually runs on InfiniBox. One of them has close to 200 petabytes of InfiniBox and InfiniBox, all flash technology running one of the largest telcos on the planet in a cloud configuration. So all that's been very powerful for us in driving revenue. >> So phrases of the week have been air gap, logical air gap, immutable. Where does InfiniGuard fit into that universe? And what's the profile of the customer that's going to choose InfiniGuard as the target where they're immutable, Write Once Read Many, data is going to live. >> So we did, we announced our InfiniSafe technology first on the InfiniGuard, which actually earlier this year. So we have what I call the four legs of the stool of cyber resilience. One is immutable snapshots, but that's only part of it. Second is logical air gapping, and we can do both local and remote and we can provide and combine local with remote. So for example, what that air gap does is separate the management plane from the actual data plane. Okay. So in this case, the Veeam data backup sets. So the management cannot touch that immutable, can't change it, can't delete it. can't edit it. So management is separated once you start and say, I want to do an immutable snap of two petabytes of Veeam backup dataset. Then we just do that. And the air gap does it, but then you could take the local air gap because as you know, from inception to the end of an attack can be close to 300 days, which means there could be a fire. There could be a tornado, there could be a hurricane, there could be an earthquake. And in the primary data center, So you might as well have that air gap just as you would do- do a remote for disaster recovery and business continuity. Then we have the ability to create a fenced forensic environment to evaluate those backup data sets. And we can do that actually on the same device. That is the purpose built backup appliance. So when you look at the architectural, these are public from our competitors, including the guys that are in sort of Hopkinton/Austin, Texas. You can see that they show a minimum of two physical devices. And in many cases, a third, we can do that with one. So not only do we get the fence forensic environment, just like they do, but we do it with reduction, both CapEx and OpEx. Purpose built backup is very high performance. And then the last thing is our ability to recover. So some people talk about rapid recovery, I would say, they dunno what they're talking about. So when we launched the InfiniGuard with InfiniSafe, we did a live demo, 1.5 petabytes, a Veeam backup dataset. We recovered it in 12 minutes. So once you've identified and that's on the InfiniGuard. On the InfiniBox, once you've identified a good copy of data to do the recovery where you're free of malware ransomware, we can do the recovery in three to five seconds. >> Okay. >> So really, really quick. Actually want to double click on something because people talk about immutable copies, immutable snapshots in particular, what have the actual advances been? I mean, is this simply a setting that maybe we didn't set for retention at some time in the past, or if you had to engineer something net new into a system so to provide that logical air gap. >> So what's net new is the air gapping part. Immutable snapshots have been around, you know, before we were on screen, you talked about WORM, Write Once Read Many. Well, since I'm almost 70 years old, I actually know what that means. When you're 30 or 40 or 50, you probably don't even know what a WORM is. Okay. And the real use of immutable snapshots, it was to replace WORM which was an optical technology. And what was the primary usage? Regulatory and compliance, healthcare, finance and publicly traded companies that were worried about. The SEC or the EU or the Japanese finance ministry coming down on them because they're out of compliance and regulatory. That was the original use of immutable snap. Then people were, well, wait a second. Malware ransomware could attack me. And if I got something that's not changeable, that makes it tougher. So the real magic of immutability was now creating the air gap part. Immutability has been around, I'd say 25 years. I mean, WORMs sort of died back when I was at Mac store the first time. So that was 1990-ish is when WORMs sort of fell away. And there have been immutable snapshots from most of the major storage vendors, as well as a lot of the small vendors ever since they came out, it's kind of like a checkbox item because again, regulatory and compliance, you're going to sell to healthcare, finance, public trade. If you don't have the immutable snapshot, then they don't have their compliance and regulatory for SEC or tax purposes, right? With they ever end up in an audit, you got to produce data. And no one's using a WORM drive anymore to my knowledge. >> I remember the first storage conference I ever went to was in Monterey. It had me in the early 1980s, 84 maybe. And it was a optical disc drive conference. The Jim Porter of optical. >> Yep. (laughs) >> I forget what the guy's name was. And I remember somebody coming up to me, I think it was like Bob Payton rest his soul, super smart strategy guy said, this is never going to happen because of the cost and that's what it was. And now you've got that capability on flash, you know, hard disk, et cetera. >> Right. >> So the four pillars, immutability, the air gap, both local and remote, the fence forensics and the recovery speed. Right? >> Right. Pick up is one thing. Recovery is everything. Those are the four pillars, right? >> Those are the four things. >> And your contention is that those four things together differentiate you from the competition. You mentioned, you know, the big competition, but how unique is this in the marketplace, those capabilities and how difficult is it to replicate? >> So first of all, if someone really puts their engineering hat to it, it's not that hard to replicate. It takes a while. Particularly if you're doing an enterprise, for example, our solutions all have a hundred percent availability guarantee. That's hard to do. Most guys have seven nines. >> That's hard. >> We really will guarantee a hundred percent availability. We offer an SLA that's included when you buy. We don't charge extra for it. It's like if you want it, like you just get it. Second thing is really making sure on the recovery side is the hardest part, particularly on a purpose built backup appliance. So when you look at other people and you delve into their public material, press releases, white paper, support documentation. No one's talking about. Yeah, we can take a 1.5 petabyte Veeam backup data set and make it available in 12 minutes and 12 seconds, which was the exact time that we did on our live demo when we launched the product in February of 2022. No one's talking that. On primary storage, you're hearing some of the vendors such as my old employer that also who, also starts with an "I", talk about a recovery time of two to three hours once you have a known good copy. On primary storage, once we have a known good copy, we're talking three to five seconds for that copy to be available. So that's just sort of the power of the snapshot technology, how we manage our metadata and what we've done, which previous to cyber resiliency, we were known for our replication capability and our snapshot capability from an enterprise class data store. That's what people said. INFINIDAT really knows how to do the replication snapshot. I remember our founder was one of the technical founders of EMC for a product known as the Symmetric, which then became the DMAX, the VMAX and is now is the PowerMax. That was invented by the guy who founded INFINIDAT. So that team has the real chops at enterprise high-end storage to the global fortune 2000. And what are the key feature checkbox items they need that's in both the InfiniBox and also in the InfiniGuard. >> So the business case for cyber resiliency is changing. As Dave said, we've had a big dose last several months, you know, couple years actually, of the importance of cyber resiliency, given all the ransomware tax, et cetera. But it sounds like the business case is shifting really focused on avoiding that risk, avoiding that downtime time versus the cost. The cost is always important. I mean, you got a consolidation play here, right? >> Yeah, yeah. >> Dedupe, does dedupe come into play? >> So on the InfiniGuard we do both dedupe and compression. On the InfiniBox we only do compression. So we do have data reduction. It depends on which product you're using from a Veeam perspective. Most of that now is with the InfiniGuard. So you get the block level dedupe and you get compression. And if you can do both, depending on the data set, we do both. >> How does that affect recovery time? >> Yeah, good question. >> So it doesn't affect recovery times. >> Explain why. >> So first of all, when you're doing a backup data set, the final final recovery, you recovered the backup data set, whether it's Veeam or one of their competitors, you actually make it available to the backup administrator to do a full restore of a backup data set. Okay. So in that case, we get it ready and expose it to the Veeam admin or some other backup admin. And then they launch the Veeam software or the other software and do a restore. Okay. So it's really a two step process on the secondary storage model and actually three. First identifying a known good backup copy. Second then we recover, which is again 12, 13 minutes. And then the backup admin's got to do a, you know, a restore of the backup 'cause it's backup data set in the format of backup, which is different from every backup vendor. So we support that. We get it ready to go. And then whether it's a Veeam backup administrator and quite honestly, from our perspective, most of our customers in the global fortune 2000, 25% of the fortune 50 use INIFINIDAT products. 25% and we're a tiny company. So we must have some magic fairy dust that appeals to the biggest companies on the planet. But most of our customers in that area and actually say probably in the fortune 500 actually use two to three different backup packages. So we can support all those on a single InfiniGuard or multiples depending on how big their backup data sets. Our biggest InfiniGuard is 50 petabytes counting the data reduction technology. So we get that ready. On the InfiniBox, the recovery really is, you know, a couple of seconds and in that case, it's primary data in block format. So we just make that available. So on the InfiniBox, the recovery is once, well two. Identifying a known good copy, first step, then just doing recovery and it's available 'cause it's blocked data. >> And that recovery doesn't include movement of a whole bunch of data. It's essentially realignment of pointers to where the good data is. >> Right. >> Now in the InfiniBox as well as in InfiniGuard. >> No, it would be, So in the case of that, in the case of the InfiniGuard, it's a full recovery of a backup data set. >> Okay. >> So the backup software just launches and it sees, >> Okay. >> your backup one of Veeam and just starts doing a restore with the Veeam restoration technology. Okay? >> Okay. >> In the case of the block, as long as the physical InfiniBox, if that was the primary storage and then filter box is not damaged when you make it available, it's available right away to the apps. Now, if you had an issue with the app side or the physical server side, and now you're pointing new apps and you had to reload stuff on that side, you have to point it at that InfiniBox which has the data. And then you got to wait for the servers and the SAP or Oracle or Mongo, Cassandra to recognize, oh, this is my primary storage. So it depends on the physical configuration on the server side and the application perspective, how bad were the apps damaged? So let's take malware. Malware is even worse because you either destroying data or messing, playing with the app so that the app is now corrupted as well as the data is corrupted. So then it's going to take longer the block data's ready, the SAP workload. And if the SAP somehow was compromised, which is a malware thing, not a ransomware thing, they got to reload a good copy of SAP before it can see the data 'cause the malware attacked the application as well as the data. Ransomware doesn't do that. It just holds it for ransom and it encrypts. >> So this is exactly what we're talking about. When we talk about operational recovery and automation, Eric is addressing the reality that it doesn't just end at the line above some arbitrary storage box, you know, reaching up real recovery, reaches up into the application space and it's complicated. >> That's when you're actually recovered. >> Right. >> When the application- >> Well, think of it like a disaster. >> Okay. >> Yes, right. >> I'll knock on woods since I was born and still live in California. Dave too. Let's assume there's a massive earthquake in the bay area in LA. >> Let's not. >> Okay. Let's yes, but hypothetically and the data center's cat five. It doesn't matter what they're, they're all toast. Okay. Couple weeks later it's modern. You know, people figure out what to do and certain buildings don't fall down 'cause of the way earthquake standards are in California now. So there's data available. They move into temporary space. Okay. Data's sitting there in the Colorado data center and they could do a restore. Well, they can't do a restore. How many service did they need? Had they reloaded all of the application software to do a restoration. What happened to the people? If no one got injured, like in the 1989 earthquake in California, very few people got injured yet cost billions of dollars. But everyone was watching this San Francisco giants played in Oakland, >> I remember >> so no one was on the road. >> Al Michael's. >> Epic moment. >> Imagine it's in the middle of commute time in LA and San Francisco, hundreds of thousands of people. What if it's your data center team? Right? So there's a whole bunch around disaster recovery and business country that have nothing to do with the storage, the people, what your process. So I would argue that malware ransomware is a disaster and it's exactly the same thing. You know, you got the known good copy. You've got okay. You're sure that the SAP and Oracle, especially on the malware side, weren't compromised. On the ransomware side, you don't have to worry about that. And those things, you got to take a look at just as if it, I would argue malware and ransomware is a disaster and you need to have a process just like you would. If there was an earthquake, a fire or a flood in the data center, you need a similar process. That's slightly different, but the same thing, servers, people, software, the data itself. And when you have that all mapped out, that's how you do successful malware ransomeware recovery. It's a different type of disaster. >> It's absolutely a disaster. It comes down to business continuity and be able to transact business with as little disruption as possible. We heard today from the keynotes and then Jason Buffington came on about the preponderance of ransomware. Okay. We know that. But then the interesting stat was the percentage of customers that paid the ransom about a third weren't able to recover. And so 'cause you kind of had this feeling of all right, well, you know, see it on, you know, CNBC, should you pay the ransom or not? You know, pay the ransom. Okay. You'll get back. But no, it's not the case. You won't necessarily get back. So, you know, Veeam stated, Hey, our goal is to sort of eliminate that problem. Are you- You feel like you guys in a partnership can actually achieve that. >> Yes. >> So, and you have customers that have actually avoided, you know, been hit and were able to- >> We have people who won't publicly say they've been hit, but the way they talk about what they did, like in a meeting, they were hit and they were very thankful. >> (laughs) Yeah. >> And so that's been very good. I- >> So we got proof. >> Yes, we absolutely have proof. And quite honestly, with the recent legislation in the United States, malware and ransomware actually now is also regulatory and compliance. >> Yeah. >> Because the new law states mid-March that whether it's Herzog's bar and grill to bank of America or any large foreign company doing business in the US, you have to report to the United States federal government, any attack, same with the county school district with any local government, any agency, the federal government, as well as every company from the tiniest to the largest in the world that does, they're supposed to report it 'cause the government is trying to figure out how to fight it. Just the way if you don't report burglary, how they catch the burglars. >> Does your solution simplify testing in any way or reduce the risk of testing? >> Well, because the recovery is so rapid, we recommend that people do this on a regular basis. So for example, because the recovery is so quick, you can recover in 12 minutes while we do not practice, let's say once a month or once every couple weeks. And guess what? It also allows you to build a repository of known good copies. Remember when you get ransomeware, no one's going to come say, Hey, I'm Mr. Rans. I'm going to steal your stuff. It's all done surreptitiously. They're all James Bond on the sly who doesn't say "By the way, I'm James Bond". They are truly underneath the radar. And they're very slowly encrypting that data set. So guess what? Your primary data and your backup data that you don't want to be attacked can be attacked. So it's really about finding a known good copy. So if you're doing this on a regular basis, you can get an index of known good copies. >> Right. >> And then, you know, oh, I can go back to last Tuesday and you know that that's good. Otherwise you're literally testing Wednesday, Thursday, Friday, Saturday to try to find a known good copy, which delays the recovery process 'cause you really do have to test. They make sure it's good. >> If you increase that frequency, You're going to protect yourself. That's why I got to go. Thanks so much for coming on theCUBEs. Great to see you. >> Great. Thank you very much. I'll be wearing a different Hawaiian shirt next to. >> All right. That sounds good. >> All right, Eric Herzog, Eric Herzog on theCUBE, Dave Vallante for David Nicholson. We'll be right back at VEEAMON 2022. Right after this short break. (light music playing)

from the cube studios in palo alto in boston bringing you data-driven insights from the cube and etr this is breaking analysis with dave vellante the pandemic not only accelerated the shift to digital but also highlighted a rush of cyber criminal sophistication collaboration and chaotic responses by virtually every major company in the planet the solar winds hack exposed supply chain weaknesses and so-called island hopping techniques that are exceedingly difficult to detect moreover the will and aggressiveness of well-organized cyber criminals has elevated to the point where incident responses are now met with counterattacks designed to both punish and extract money from victims via ransomware and other criminal activities the only upshot is the cyber security market remains one of the most enduring and attractive investment sectors for those that can figure out where the market is headed and which firms are best positioned to capitalize hello everyone and welcome to this week's wikibon cube insights powered by etr in this breaking analysis we'll provide our quarterly update of the security industry and share new survey data from etr and thecube community that will help you navigate through the maze of corporate cyber warfare we'll also share our thoughts on the game of 3d chest that octa ceo todd mckinnon is playing against the market now we all know this market is complicated fragmented and fast moving and this next chart says it all it's an interactive graphic from optiv a denver colorado based si that's focused on cyber security they've done some really excellent research and put together this awesome taxonomy and mapped vendor names therein and this helps users navigate the complex security landscape and there are over a dozen major sectors high-level sectors within the security taxonomy in nearly 60 sub-sectors from monitoring vulnerability assessment identity asset management firewalls automation cloud data center sim threat detection and intelligent endpoint network and so on and so on and so on but this is a terrific resource and can help you understand where players fit and help you connect the dots in the space now let's talk about what's going on in the market the dynamics in this crazy mess of a landscape are really confusing sometimes now since the beginning of cyber time we've talked about the increasing sophistication of the adversary and the back and forth escalation between good and evil and unfortunately this trend is unlikely to stop here's some data from carbon black's annual modern bank heist report this is the fourth and of course now vmware's brand highlights the carbon black study since the acquisition and it catalyzed the creation of vmware's cloud security division destructive malware attacks according to the recent study are up 118 percent from last year now one major takeaway from the report is that hackers aren't just conducting wire fraud they are 57 of the bank surveyed saw an increase in wire fraud but the cyber criminals are also targeting non-public information such as future trading strategies this allows the bad guys to front run large block trades and profit it's become very lucrative practice now the prevalence of so-called island hopping is up 38 from already elevated levels this is where a virus enters a company's supply chain via a partner and then often connects with other stealthy malware downstream these techniques are more common where the malware will actually self-form with other infected parts of the supply chain and create actions with different signatures designed to identify and exfiltrate valuable information it's a really complex problem of major concern is that 63 of banking respondents in the study reported that responses to incidents were then met with retaliation designed to intimidate or initiate ransomware attacks to extract a final pound of flesh from the victim notably the study found that 75 percent of csos reported to the cio which many feel is not the right regime the study called for a rethinking of the right cyber regime where the cso has increased responsibility in a direct reporting line to the ceo or perhaps the co with greater exposure to boards of directors so many thanks to vmware and tom kellerman specifically for sharing this information with us this past week great work by your team now some of the themes that we've been talking about for several quarters are shown in the lower half of the chart cloud of course is the big driver thanks to work from home and the pandemic to pandemic and the interesting corollary of course is we see a rapid rethinking of endpoint and identity access management and the concept of zero trust in a recent esg survey two-thirds of respondents said that their use of cloud computing necessitated a change in how they approach identity access management now as shown in the chart from optiv the market remains highly fragmented and m a is of course way up now based on our research it looks like transaction volume has increased more than 40 percent just in the last five months so let's dig into the m a the merger and acquisition trends for just a moment we took a five month snapshot and we were able to count about 80 deals that were completed in that time frame those transactions represented more than 20 billion dollars in value some of the larger ones are highlighted here the biggest of course being the toma bravo taking proof point private for a 12 plus billion dollar price tag the stock went from the low 130s and is trading in the low 170s based on 176 dollar per share offer so there's your arbitrage folks go for it perhaps the more interesting acquisition was auth 0 by octa for 6.5 billion which we're going to talk about more in a moment there's more private equity action we saw as insight bought armis and iot security play and cisco shelled out 730 million dollars for imi mobile which is more of an adjacency to cyber but it's going to go under cisco's security and applications business run by g2 patel but these are just the tip of the iceberg some of the themes that we see connecting the dots of these acquisitions are first sis like accenture atos and wipro are making moves in cyber to go local they're buying secops expertise as i say locally in places like france germany netherlands canada and australia that last mile that belly-to-belly intimate service israel israeli-based startups chalked up five acquired companies in the space over the last five months also financial services firms are getting into the act with goldman and mastercard making moves to own its own part of the stack themselves to combat things like fraud and identity theft and then finally numerous moves to expand markets octa with zero crowdstrike buying a log management company palo alto picking up devops expertise rapid seven shoring up its kubernetes chops tenable expanding beyond insights and going after identity interesting fortinet filling gaps in a multi-cloud offering sale point extending to governance risk and compliance grc zscaler picked up an israeli firm to fill gaps in access control and then vmware buying mesh 7 to secure modern app development and distribution services so tons and tons of activity here okay so let's look at some of the etr data to put the cyber market in context etr uses the concept of market share it's one of the key metrics which is a measure of pervasiveness in the data set so for each sector it calculates the number of respondents for that sector divided by the total to get a sense for how prominent the sector is within the cio and i.t buyer communities okay this chart shows the full etr sector taxonomy with security highlighted across three survey periods april last year january this year in april this year now you wouldn't expect big moves in market share over time so it's relatively stable by sector but the big takeaway comes from observing which sectors are most prominent so you see that red line that dotted line imposed at the sixty percent level you can see there are only six sectors above that line and cyber security is one of them okay so we know that security is important in a large market but this puts it in the context of the other sectors however we know from previous breaking analysis episodes that despite the importance of cyber and the urgency catalyzed by the pandemic budgets unfortunately are not unlimited and spending is bounded it's not an open checkbook for csos as shown in this chart this is a two-dimensional graphic showing market share in the horizontal axis or pervasiveness and net score in the vertical axis net score is etr's measurement of spending velocity and we've superimposed a red line at 40 percent because anything over 40 percent we consider extremely elevated we've filtered and limited the number of sectors to simplify the graphic and you can see in the sectors that we've highlighted only the big four four are above that forty percent line ai containers rpa and cloud they exceed that sort of forty percent magic water line information security you can see that is highlighted and it's respectable but it competes for budget with other important sectors so this of course creates challenges for organization because not only are they strapped for talent as we've reported they like everyone else in it face ongoing budget pressures research firm cybersecurity ventures estimates that in 2021 6 trillion dollars worldwide will be lost on cyber crime conversely research firm canalis pegs security spending somewhere around 60 billion dollars annually idc has it higher around 100 billion so either way we're talking about spending between one to one point six percent annually of how much the bad guys are taking out that's peanuts really when you consider the consequences so let's double click into the cyber landscape a bit and further look at some of the companies here's that same x y graphic with the company's etr captures from respondents in the cyber security sector that's what's shown on the chart here now the usefulness of the red lines is 20 percent on the horizontal indicates the largest presence in the survey and the magic 40 percent line that we talked about earlier shows those firms with the most elevated momentum only microsoft and palo alto exceed both high water marks of course splunk and cisco are prominent horizontally and there are numerous companies to the left of the 20 percent line and many above that 40 percent high water mark on the vertical axis now in the bottom left quadrant that includes many of the legacy names that have been around for a long time and there are dozens of companies that show spending momentum on their platforms i.e above single digits so that picture is like the first one we showed you very very crowded space but so let's filter it a bit and only include companies in the etr survey that had at least a hundred responses so an n of a hundred or greater so it's a little easy to read but still it's kind of crowded when you think about it okay so same graphic and we've superimposed the data that determined the plot position over in the bottom right there so it's net score and shared n including only companies with more than 100 n so what does this data tell us about the market well microsoft is dominant as always it seems in all dimensions but let's focus on that red line for a moment some of the names that we've highlighted over the past two years show very well here first i want to talk about palo alto networks pre-covet as you might recall we highlighted the valuation divergence between palo alto and fortinet and we said fortinet was executing better on its cloud strategy and palo alto was at the time struggling with the transition especially with its go to market and its sales force compensation and really refreshing its portfolio but we told you that we were bullish on palo alto networks at the time because of its track record and the fact that cios consistently told us that they saw palo alto as a thought leader in the space that they wanted to work with they said that palo alto was the gold standard the best especially larger company cisos so that gave us confidence that palo alto a very well-run company was going to get its act together and perform better and palo alto has just done just that as we expected they've done very well and they've been rapidly moving customers to the next generation of platforms and we're very impressed by the company's execution and the stock has generally reflected that now some other names that hit our radar and the etr data a couple of years ago continue to perform well crowdstrike z-scaler sales sail point and cloudflare a cloudflare just reported and beat earnings but was off the stock fell on headwinds for tech overall the big rotation but the company is doing very well and they're growing rapidly and they have momentum as you can see from the etr data and we put that double star around proof point to highlight that it was worthy of fetching 12 and a half billion dollars from private equity firm so nice exit there supporting the continued control consolidation trend that we've predicted in cyber security now let's turn our attention to octa and auth zero this is where it gets interesting and is a clever play for octa we think and we want to drill into it a bit octa is acquiring auth zero for big money why well we think todd mckinnon octa ceo wants to run the table on identity and then continue to expand his tam he has to do that to justify his lofty valuation so octa's ascendancy around identity and single sign sign-on is notable the fragmented pictures that we've shown you they scream out for simplification and trust and that's what octa brings but it competes with some major players most notably microsoft with active directory so look of course microsoft is going to dominate in its massive customer base but the rest of the market that's like jump ball it's wide open and we think mckinnon saw the opportunity to go dominate that sector now octa comes at this from an enterprise perspective bringing top-down trust to the equation and throwing a big blanket over all the discrete sas platforms and unifying employee access octa's timing was perfect it was founded in 2009 just as the massive sasification trend was happening around crm and hr and service management and cloud etc but the one thing that octa didn't have that auth 0 does is serious developer chops while octa was crushing it with its enterprise sales strategy auth 0 was laser focused on developers and building a bottoms up approach to identity by acquiring auth0 octa can dominate both sides of the barbell and then capture the fat middle so yes it's a pricey acquisition but in our view it's a great move by mckinnon now i don't know mckinnon personally but last week i spoke to arun shrestha who's the ceo of security specialist beyond id they're a platinum services partner of octa and there a zero trust expert he worked for octa for a number of years and shared with me a bit about mckinnon's style and think big approach arun said something that caught my attention he said firewalls used to be the perimeter now people are and while that's self-serving to octa and probably beyond id it's true people apps and data are the new perimeter and they're not in one location and that's the point now unfortunately i had lined up an interview with dia jolly who was the chief product officer at octa in a cube alum for this past week knowing that we were running this segment in this episode but she unfortunately fell ill the day of our interview and had to cancel but i want to follow up with her and understand how she's thinking about connecting the dots with auth 0 with devs and enterprises and really test our thesis there this is a really interesting chess match that's going on let's look a little deeper into that identity space this chart here shows some of the major identity players it has some of the leaders in the identity market and there's a breakdown of etr's net score now net score comprises five elements the lime green is we're adding the platform new the forest green is we're spending six percent or more relative to last year the gray is flat send plus or minus flat spend plus or minus five percent the pinkish is spending less and the bright red is where exiting the platform retiring now you subtract the red from the green and that gets you the result for net score which you can see superimposed on the right hand chart at the bottom that first column there the far column is shared in which informs and indicates the number of responses and is a proxy for presence in the market oh look at the top two players in terms of spending momentum now sales sale point is right there but auth 0 combined with octa's distribution channel will extend octa's lead significantly in our view and then there's microsoft now just a caveat this includes all of microsoft's security offerings not just identity but it's there for context and cyber arc as well includes its acquisition of adaptive but also other parts of cyberarks portfolio so you can see some of the other names that are there many of which you'll find in the gartner magic quadrant for identity and as we said we really like this move by octa it combines positive market forces with lead offerings from very well-run companies that have winning dna and passionate people now to further emphasize emphasize what what's happening here take a look at this this chart shows etr data for octa within sale point and cyber arc accounts out of the 230 cyber and sale point customers in the data set there are 81 octa accounts that's a 35 overlap and the good news for octa is that within that base of sale point in cyber arc accounts octa is shown by the net score line that green line has a very elevated spending and momentum and the kicker is if you read the fine print in the right hand column etr correctly points out that while sailpoint and cyberarc have long been partners with octa at the recent octane 21 event octa's big customer event the company announced that it was expanding into privileged access management pam and identity governance hello and welcome to coopetition in the 2020s now our current thinking is that this bodes very well for octa and cyberark and sailpoint well they're going to have to make some counter moves to fend off the onslaught that is coming now let's wrap up with what has become a tradition in our quarterly security updates looking at those two dimensions of net score and market share we're going to see which companies crack the top 10 for both measures within the etr data set we do this every quarter so here on the left we have the top 20 sorted by net score or spending momentum and on the right we sort by shared n so again top 20 which informs shared end and forms the market share metric or presence in the data set that red horizontal lines those two lines on each separate the top 10 from the remaining 10 within those top 20. in our method what we do is we assign four stars to those companies that crack the top ten for both metrics so again you see microsoft palo alto networks octa crowdstrike and fortinet fortinet by the way didn't make it last quarter they've kind of been in and out and on the bubble but you know this company is very strong and doing quite well only the other four did last quarter there was same four last quarter and we give two stars to those companies that make it in both categories within the top 20 but didn't make the top 10. so cisco splunk which has been steadily decelerating from a spending momentum standpoint and z-scaler which is just on the cusp you know we really like z-scaler and the company has great momentum but that's the methodology it is what it is now you can see we kept carbon black on the rightmost chart it's like kind of cut off it's number 21 only because they're just outside looking in on netscore you see them there they're just below on on netscore number 11. and vmware's presence in the market we think that carbon black is really worth paying attention to okay so we're going to close with some summary and final thoughts last quarter we did a deeper dive on the solar winds hack and we think the ramifications are significant it has set the stage for a new era of escalation and adversary sophistication now major change we see is a heightened awareness that when you find intruders you'd better think very carefully about your next moves when someone breaks into your house if the dog barks or if you come down with a baseball bat or other weapon you might think the intruder is going to flee but if the criminal badly wants what you have in your house and it's valuable enough you might find yourself in a bloody knife fight or worse what's happening is intruders come to your company via island hopping or inside or subterfuge or whatever method and they'll live off the land stealthily using your own tools against you so they can you can't find them so easily so instead of injecting new tools in that send off an alert they just use what you already have there that's what's called living off the land they'll steal sensitive data for example positive covid test results when that was really really sensitive obviously still is or other medical data and when you retaliate they will double extort you they'll encrypt your data and hold it for ransom and at the same time threaten to release the sensitive information to crushing your brand in the process so your response must be as stealthy as their intrusion as you marshal your resources and devise an attack plan you face serious headwinds not only is this a complicated situation there's your ongoing and acute talent shortage that you tell us about all the time many companies are mired in technical debt that's an additional challenge and then you've got to balance the running of the business while actually affecting a digital transformation that's very very difficult and it's risky because the more digital you become the more exposed you are so this idea of zero trust people used to call it a buzzword it's now a mandate along with automation because you just can't throw labor at the problem this is all good news for investors as cyber remains a market that's ripe for valuation increases and m a activity especially if you know where to look hopefully we've helped you squint through the maze a little bit okay that's it for now thanks to the community for your comments and insights remember i publish each week on wikibon.com and siliconangle.com these episodes they're all available as podcasts all you do is search breaking analysis podcast put in the headphones listen when you're in your car out for your walk or run and you can always connect on twitter at divalante or email me at david.valante at siliconangle.com i appreciate the comments on linkedin and in clubhouse please follow me so you're notified when we start a room and riff on these topics and others and don't forget to check out etr.plus for all the survey data this is dave vellante for the cube insights powered by etr be well and we'll see you next time [Music] you

>> From The Cube Studios in Palo Alto in Boston, bringing you data-driven insights from The Cube in ETR. This is "Breaking Analysis" with Dave Vellante >> The pandemic not only accelerated the shift to digital but it also highlighted a rush of cyber criminal sophistication, collaboration, and chaotic responses by virtually every major company in the planet. The SolarWinds hack exposed supply chain weaknesses and so-called island hopping techniques that are exceedingly difficult to detect. Moreover, the will and aggressiveness of well-organized cybercriminals has elevated to the point where incident responses are now met with counter attacks, designed to both punish and extract money from victims via ransomware and other criminal activities. The only upshot is the cybersecurity market remains one of the most enduring and attractive investment sectors for those that can figure out where the market is headed and which firms are best positioned to capitalize. Hello, everyone. And welcome to this week's Wikibon Cube Insights powered by ETR. In this "Breaking Analysis" we'll provide our quarterly update of the security industry, and share new survey data from ETR and the Cube community that will help you navigate through the maze of corporate cyber warfare. We'll also share our thoughts on the game of 3D chess that Okta CEO, Todd McKinnon, is playing against the market. Now, we all know this market is complicated, fragmented and fast moving. And this next chart says it all. It's an interactive graphic from Optiv, a Denver, Colorado-based SI that's focused on cybersecurity. They've done some really excellent research and put together this awesome taxonomy, and it mapped vendor names therein. And this helps users navigate the complex security landscape. And there are over a dozen major sectors, high-level sectors within the security taxonomy and nearly 60 subsectors. From monitoring, vulnerability assessment, identity, asset management, firewalls, automation, cloud, data center, sim, threat detection and intelligent endpoint network, and so on and so on and so on. But this is a terrific resource, and going to help you understand where players fit and help you connect the dots in the space. Now let's talk about what's going on in the market. The dynamics in this crazy mess of a landscape are really confusing sometimes. Now, since the beginning of cyber time, we've talked about the increasing sophistication of the adversary, and the back and forth escalation between good and evil. And unfortunately, this trend is unlikely to stop. Here's some data from Carbon Black's annual modern bank heist report. This is the fourth, and of course now, VMware's brand, highlights the Carbon Black study since the acquisition, and to catalyze the creation of VMware's cloud security division. Destructive malware attacks, according to the recent study are up 118% from last year. Now, one major takeaway from the report is that hackers aren't just conducting wire fraud, they are. 57% of the banks surveyed, saw an increase in wire fraud, but the cybercriminals are also targeting non-public information such as future trading strategies. This allows the bad guys to front-run large block trades and profit. It's become a very lucrative practice. Now the prevalence of so-called island hopping is up 38% from already elevated levels. This is where a virus enters a company supply chain via a partner, and then often connects with other stealthy malware downstream. These techniques are more common where the malware will actually self-form with other infected parts of the supply chain and create actions with different signatures, designed to identify and exfiltrate valuable information. It's a really complex problem. Of major concern is that 63% of banking respondents in the study reported that responses to incidents were then met with retaliation designed to intimidate, or initiate ransomware tax to extract a final pound of flesh from the victim. Notably, the study found that 75% of CISOs reported to the CIO, which many feel is not the right regime. The study called for a rethinking of the right cyber regime where the CISO has increased responsibility and a direct reporting line to the CEO, or perhaps the COO, with greater exposure to boards of directors. So, many thanks to VMware and Tom Kellerman specifically for sharing this information with us this past week. Great work by your team. Now, some of the themes that we've been talking about for several quarters are shown in the lower half of the chart. Cloud, of course is the big driver thanks to work-from-home and to the pandemic. And the interesting corollary of course, is we see a rapid rethinking of end point and identity access management, and the concept of zero trust. In a recent ESG survey, two thirds of respondents said that their use of cloud computing necessitated a change in how they approach identity access management. Now, as shown in the chart from Optiv, the market remains highly fragmented, and M&A is of course, way up. Now, based on our research, it looks like transaction volume has increased more than 40% just in the last five months. So let's dig into the M&A, the merger and acquisition trends for just a moment. We took a five-month snapshot and we were able to count about 80 deals that were completed in that timeframe. Those transactions represented more than $20 billion in value. Some of the larger ones are highlighted here. The biggest of course, being the Thoma Bravo, taking Proofpoint private for a $12 plus billion price tag. The stock went from the low 130s and is trading in the low 170s based on the $176 per share offer. So there's your arbitrage, folks. Go for it. Perhaps the more interesting acquisition was Auth0 by Optiv for 6.5 billion, which we're going to talk about more in a moment. There was more private equity action we saw as Insight bought Armis, an IOT security play, and Cisco shelled out $730 million for IMImobile, which is more of an adjacency to cyber, but it's going to go under Cisco security and applications business run by Jeetu Patel. But these are just the tip of the iceberg. Some of the themes that we see connecting the dots of these acquisitions are first, SIs like Accenture, Atos and Wipro are making moves in cyber to go local. They're buying SecOps expertise, as I say, locally in places like France, Germany, Netherlands, Canada, and Australia, that last mile, that belly to belly intimate service. Israeli-based startups chocked up five acquired companies in the space over the last five months. Also financial services firms are getting into the act with Goldman and MasterCard making moves to own its own part of the stack themselves to combat things like fraud and identity theft. And then finally, numerous moves to expand markets. Okta with Auth0, CrowdStrike buying a log management company, Palo Alto, picking up dev ops expertise, Rapid7 shoring up it's Coobernetti's chops, Tenable expanding beyond Insights and going after identity, interesting. Fortinet filling gaps in a multi-cloud offering. SailPoint extending to governance risk and compliance, GRC. Zscaler picked up an Israeli firm to fill gaps in access control. And then VMware buying Mesh7 to secure modern app development and distribution service. So tons and tons of activity here. Okay, so let's look at some of the ETR data to put the cyber market in context. ETR uses the concept of market share, it's one of the key metrics which is a measure of pervasiveness in the dataset. So for each sector, it calculates the number of respondents for that sector divided by the total to get a sense for how prominent the sector is within the CIO and IT buyer communities. Okay, this chart shows the full ETR sector taxonomy with security highlighted across three survey periods; April last year, January this year, and April this year. Now you wouldn't expect big moves in market share over time. So it's relatively stable by sector, but the big takeaway comes from observing which sectors are most prominent. So you see that red line, that dotted line imposed at the 60% level? You can see there are only six sectors above that line and cyber security is one of them. Okay, so we know that security is important in a large market. But this puts it in the context of the other sectors. However, we know from previous breaking analysis episodes that despite the importance of cyber, and the urgency catalyzed by the pandemic, budgets unfortunately are not unlimited, and spending is bounded. It's not an open checkbook for CSOs as shown in this chart. This is a two-dimensional graphic showing market share in the horizontal axis, or pervasiveness in net score in the vertical axis. Net score is ETR's measurement of spending velocity. And we've superimposed a red line at 40% because anything over 40%, we consider extremely elevated. We've filtered and limited the number of sectors to simplify the graphic. And you can see, in the sectors that we've highlighted, only the big four are above that 40% line; AI, containers, RPA, and cloud. They exceed that sort of 40% magic waterline. Information security, you can see that as highlighted and it's respectable, but it competes for budget with other important sectors. So this is of course creates challenges for organization, because not only are they strapped for talent as we've reported, they like everyone else in IT face ongoing budget pressures. Research firm, Cybersecurity Ventures estimates that in 2021, $6 trillion worldwide will be lost on cyber crime. Conversely, research firm, Cannolis peg security spending somewhere around $60 billion annually. IDC has at higher, around $100 billion. So either way, we're talking about spending between 1 to 1.6% annually of how much the bad guys are taking out. That's peanuts really when you consider the consequences. So let's double-click into the cyber landscape a bit and further look at some of the companies. Here's that same X/Y graphic with the companies ETR captures from respondents in the cybersecurity sector. That's what's shown on the chart here. Now, the usefulness of the red lines is 20% on the horizontal indicates the largest presence in the survey, and the magic 40% line that we talked about earlier shows those firms with the most elevated momentum. Only Microsoft and Palo Alto exceed both high watermarks. Of course, Splunk and Cisco are prominent horizontally. And there are numerous companies to the left of the 20% line and many above that 40% high watermark on the vertical axis. Now in the bottom left quadrant, that includes many of the legacy names that have been around for a long time. And there are dozens of companies that show spending momentum on their platforms, i.e above single digits. So that picture is like the first one we showed you, very, very crowded space. But so let's filter it a bit and only include companies in the ETR survey that had at least 100 responses. So an N of 100 or greater. So it was a little easier to read but still it's kind of crowded when you think about it. Okay, so same graphic, and we've superimposed the data that determined the plot position over in the bottom right there. So there's net score and shared in, including only companies with more than 100 N. So what does this data tell us about the market? Well, Microsoft is dominant as always, it seems in all dimensions but let's focus on that red line for a moment. Some of the names that we've highlighted over the past two years show very well here. First, I want to talk about Palo Alto Networks. Pre-COVID as you might recall, we highlighted the valuation divergence between Palo Alto and Fortinet. And we said Fortinet was executing better on its cloud strategy, and Palo Alto was at the time struggling with the transition especially with its go-to-market and its Salesforce compensation, and really refreshing its portfolio. But we told you that we were bullish on Palo Alto Networks at the time because of its track record, and the fact that CIOs consistently told us that they saw Palo Alto as a thought leader in the space that they wanted to work with. They said that Palo Alto was the gold standard, the best, especially larger company CISOs. So that gave us confidence that Palo Alto, a very well-run company was going to get its act together and perform better. And Palo Alto has just done just that. As we expected, they've done very well and rapidly moving customers to the next generation of platforms. And we're very impressed by the company's execution. And the stock has generally reflected that. Now, some other names that hit our radar in the ETR data a couple of years ago, continue to perform well. CrowdStrike, Zscaler, SailPoint, and CloudFlare. Now, CloudFlare just reported and beat earnings but was off, the stock fell on headwinds for tech overall, the big rotation. But the company is doing very well and they're growing rapidly and they have momentum as you can see from the ETR data. Now, we put that double star around Proofpoint to highlight that it was worthy of fetching $12.5 billion from private equity firm. So nice exit there, supporting the continued consolidation trend that we've predicted in cybersecurity. Now let's turn our attention to Okta and Auth0. This is where it gets interesting, and is a clever play for Okta we think, and we want to drill into it a bit. Okta is acquiring Auth0 for big money. Why? Well, we think Todd McKinnon, Okta CEO, wants to run the table on identity and then continue to expand as TAM has to do that, to justify his lofty valuation. So Okta's ascendancy around identity and single sign-on is notable. The fragmented pictures that we've shown you, they scream out for simplification and trust, and that's what Okta brings. But it competes with some major players, most notably Microsoft with active directory. So look, of course, Microsoft is going to dominate in its massive customer base, but the rest of the market, that's like (indistinct) wide open. And we think McKinnon saw the opportunity to go dominate that sector. Now Okta comes at this from an enterprise perspective bringing top-down trust to the equation, and throwing a big blanket over all the discreet SaaS platforms and unifying employee access. Okta's timing was perfect. It was founded in 2009, just as the massive SaaSifiation trend was happening around CRM and HR, and service management and cloud, et cetera. But the one thing that Okta didn't have that Auth0 does is serious developer chops. While Okta was crushing it with its enterprise sales strategy, Auth0 was laser-focused on developers and building a bottoms up approach to identity. By acquiring Auth0, Okta can dominate both sides of the barbell and then capture the fat middle. So yes, it's a pricey acquisition, but in our view, it's a great move by McKinnon. Now, I don't know McKinnon personally, but last week I spoke to Arun Shrestha, who's the CEO of security specialist, BeyondID, they're a platinum services partner of Okta. And they're a zero trust expert. He worked for Okta for a number of years and shared with me a bit about McKinnon's style, and think big approach. Arun said something that caught my attention. He said, firewalls used to be the perimeter, now people are. And while that's self-serving to Okta and probably BeyondID, it's true. People, apps and data are the new perimeter, and they're not in one location. And that's the point. Now, unfortunately, I had lined up an interview with Diya Jolly, who was the chief product officer at Okta and a Cube alum for this past week, knowing that we were running this segment in this episode but she unfortunately fell ill the day of our interview and had to cancel. But I want to follow up with her, and understand how she's thinking about connecting the dots with Auth0 with devs and enterprises and really test our thesis there. This is a really interesting chess match that's going on. Let's look a little deeper into that identity space. This chart here shows some of the major identity players. It has some of the leaders in the identity market, and is a breakdown at ETR's net score. Now net score comprises five elements. The lime green is, we're adding the platform new. The forest green is we're spending 6% or more relative to last year. The gray is flat send plus or minus flat spend, plus or minus 5%. The pinkish is spending less. And the bright red is we're exiting the platform, retiring. Now you subtract the red from the green, and that gets you the result for net score which you can see super-imposed on the right hand chart at the bottom, that first column there. The far column is shared in which informs and indicates the number of responses and is a proxy for presence in the market. Oh, look at the top two players in terms of spending momentum. Now SailPoint is right there, but Auth0 combined with Okta's distribution channel will extend Okta's lead significantly in our view. And then there's Microsoft. Now just a caveat, this includes all of Microsoft's security offerings, not just identity, but it's there for context. And CyberArk as well includes this acquisition of adaptive, but also other parts of CyberArk's portfolio. So you can see some of the other names that are there, many of which you'll find in the Gartner magic quadrant for identity. And as we said, we really like this move by Okta. It combines positive market forces with lead offerings from very well-run companies that have winning DNA and passionate people. Now, to further emphasize what's happening here, take a look at this. This chart shows ETR data for Okta within SailPoint and CyberArk accounts. Out of the 230 CyberArk and SailPoint customers in the dataset, there are 81 Okta accounts. That's a 35% overlap. And the good news for Okta is that within that base of SailPoint and CyberArk accounts, Okta is shown by the net score line, that green line has a very elevated spending in momentum. And the kicker is, if you read the fine print in the right hand column, ETR correctly points out that while SailPoint and CyberArk have long been partners with Okta, at the recent Octane21 event, Okta's big customer event, The company announced that it was expanding into privileged access management, PAM, and identity governance. Hello, and welcome to co-opetition in the 2020s. Now, our current thinking is that this bodes very well for Okta and CyberArk and SailPoint. Well, they're going to have to make some counter moves to fend off the onslaught that is coming. Now, let's wrap up with what has become a tradition in our quarterly security updates. Looking at those two dimensions of net score and market share, we're going to see which companies crack the top 10 for both measures within the ETR dataset. We do this every quarter. So here in the left, we have the top 20, sorted by net score spending momentum and on the right, we sort by shared N. So it's again, top 20, which informs, shared N informs the market share metric or presence in the dataset. That red horizontal lines, those two lines on each separate the top 10 from the remaining 10 within those top 20. And our method, what we do is we assign four stars to those companies that crack the top 10 for both metrics. So again, you see Microsoft, Palo Alto Networks, Okta, CrowdStrike, and Fortinet. Fortinet by the way, didn't make it last quarter. They've kind of been in and out and on the bubble, but company is very strong, and doing quite well. Only the other four did last quarter. They were the same for last quarter. And we give two stars to those companies that make it in both categories within the top 20 but didn't make the top 10. So Cisco, Splunk, which has been steadily decelerating from a spending momentum standpoint, and Zscaler, which is just on the cusp. We really like Zscaler and the company has great momentum, but that's the methodology. That is what it is. Now you can see, we kept Carbon Black on the right most chart, it's like kind of cut off, it's number 21. Only because they're just outside looking in on net score. You see them there, they're just below on net score, number 11. And VMware's presence in the market we think, that Carbon Black is right really worth paying attention to. Okay, so we're going to close with some summary and final thoughts. Last quarter, we did a deeper dive on the SolarWinds hack, and we think the ramifications are significant. It has set the stage for a new era of escalation and adversary sophistication. Now, major change we see is a heightened awareness that when you find intruders, you'd better think very carefully about your next moves. When someone breaks into your house, if the dog barks, or if you come down with a baseball bat or other weapon, you might think the intruder is going to flee. But if the criminal badly wants what you have in your house and it's valuable enough, you might find yourself in a bloody knife fight or worse. Well, what's happening is intruders come to your company via island hopping or insider subterfuge or whatever method. And they'll live off the land stealthily using your own tools against you so that you can't find them so easily. So instead of injecting new tools in that send off an alert, they just use what you already have there. That's what's called living off the land. They'll steal sensitive data, for example, positive COVID test results when that was really, really sensitive, obviously still is, or other medical data. And when you retaliate, they will double-extort you. They'll encrypt your data and hold it for ransom, and at the same time threaten to release the sensitive information, crushing your brand in the process. So your response must be as stealthy as their intrusion, as you marshal your resources and devise an attack plan. And you face serious headwinds. Not only is this a complicated situation, there's your ongoing and acute talent shortage that you tell us about all the time. Many companies are mired in technical debt, that's an additional challenge. And then you've got to balance the running of the business while actually effecting a digital transformation. That's very, very difficult, and it's risky because the more digital you become, the more exposed you are. So this idea of zero trust, people used to call it a buzzword, it's now a mandate along with automation. Because you just can't throw labor at the problem. This is all good news for investors as cyber remains a market that's ripe for valuation increases and M&A activity, especially if you know where to look. Hopefully we've helped you squint through the maze a little bit. Okay, that's it for now. Thanks to the community for your comments and insights. Remember I publish each week on wikibon.com and siliconangle.com. These episodes, they're all available as podcasts. All you got to do is search breaking analysis podcasts, put in the headphones, listen when you're in your car, or out for your walk or run, and you can always connect on Twitter @DVellante, or email me at david.vellante@siliconangle.com. I appreciate the comments on LinkedIn and in Clubhouse, please follow me, so you're notified when we start a room and riff on these topics and others. And don't forget to check out etr.plus for all the survey data. This is Dave Vellante for The Cube Insights powered by ETR. Be well, and we'll see you next time. (light instrumental music)

>> Narrator: From theCUBE's Studios in Palo Alto and Boston connecting with thought leaders all around the world, this is theCUBE conversation. >> Welcome to this CUBE conversation with Commvault, I'm Lisa Martin, looking forward to having a spirited conversation with my two guests, please welcome Janet Giesen, the VP of Operations and Programs for Metallic, A Commvault Venture. Janet, welcome to theCUBE. >> Yeah, it's happy to be here. >> And joining us from EMEA is Mark Jow, the EMEA VP of Technical Sales at Commvault. Hey Mark, good afternoon to you. >> Good afternoon Lisa, it's great to be here with you. >> So just about a year or so ago, theCUBE had the pleasure of being at Commvault GO 2019 and where Metallic was launched, so happy birthday to Metallic. Some evolution and some recent news. Janet, walk us through what you guys have accomplished recently. >> Absolutely, so last year we launched with three product offerings to Metallic, Office 365 Backup, Endpoint Backup and Backup of Core data like VMs and files. In that year since we started with US only, we're now in Canada and Australia, as well as now in our first set of countries in EMEA which Mark will talk about it a little bit and we've greatly expanded our product offerings. One of the things we did, we just launched the discovery, which is a big deal for folks especially looking for compliance applications and their data protection. So we've had a real journey here and just this quarter, as you see we are doubling our product offerings to Metallic and tripling our country availability. So we're doing a lot and we're a leader in the data protection as a service space. >> A lot accomplished in just a 12 month time period, give me a little bit of a preview Janet, why was metallic launched last year for North America, US expanded to Canada and then I see it was announced... It was launched in Australia, New Zealand in the late summer 2020. I know that the cloud market... Their cloud adoption is quite high but give us a little bit of an overview of the actual go to market sequence from a regional perspective. >> Absolutely, and I'll want Mark to really take this one as well. We started in US only in our initial launch, that's where our first launch event was. That's where a lot of our pilot customers were, and then we expanded to Canada, Australia now EMEA, and this is very thoughtful. You have one chance to really launch in a geography. And we wanted it to take all the steps, whether it was compliance, trademarking, cloud storage availability. We leveraged our partnership with Microsoft and Azure for these launches. And really making sure we had everything lined up to best serve our customers. Mark what would you say about this strategy as well? >> Yeah, I think certainly, I mean the strategy is the right one, it's the right one for following reasons. If you look back to 12 months ago, I think in Colorado, I had a GO user event when we launched Metallic, I was fortunate enough to be hosting a number of EMEA partners and customers, and they were clamoring for the product, they're excited by it, they wanted it. We were (indistinct) some cases pressured to think about releasing it earlier. But all those customers wanted a product that was reversed, secure and coping with specific EMEA requirements that they have for the product in particular GDPR and supporting levels of compliance and data privacy that EMEA has rigorous standards for. And I think if you look at Commvault as a company, you know we take our customer's data extremely seriously. We've got one channels to get this right as Janet said, and I expect our customers absolutely expect and deserve right first time. And so when we launch a product like Metallic with the diversity of workloads, the rigorous high performance and secure environments, we want to make sure it's tested properly, it's compliant in all the jurisdictions. And even in Europe, we think about Europe, it's not one given country, even the EU have different countries with different legal and tax nuances. We want to make sure that when our customers get Metallic, 'cause our customers thankfully first launch in EMEA now can. That purchasing, that user experience is seamless sales and frictionless, and the product stands the promises that we make to those customers. So fully behind half phased release for Metallic as are some of our initial early adopter customers in the geographies that we've launched in already. >> So let's talk about some of the massive changes that we've all experienced since last year, Mark I would stick with you, talk to us about some of the changes that you seen from EMEA customers with respect to data protection and data security 'cause we've seen a lot of things going on globally, ransomware on the rise, every 11 seconds there's a ransomware attack. What are some of the recent challenges that you're hearing from customers that you believe Metallic EMEA is going to resolve? >> Yeah, I mean certainly even before the current COVID crisis, we were seeing a huge increase in uptake of customers wanting to use SaaS applications and to protect SaaS workloads. And the growth thing adoption of Office 365 clearly has driven the need for compelling SaaS based solutions for that market. You overlay on that, the situation that COVID has created for us all. Which in reality is denying our customers with its two most valuable important assets, access to premises and access to staff. And increasingly the staff it does have access to a storing, protecting, generating and creating data, not in the data center, not in the cloud but on laptops. So really for us it's a perfect opportunity and we're seeing an increase in demand from our customers wanting rapid solutions to protecting and managing data, to have low footprint in terms of skills and staff and to reduce the need for them to buy physical infrastructure and to expand an already at capacity set premises. And in many cases they can't even get access to, so it's very much a perfect storm for the solution that Metallic provides. >> Yeah Janet, following onto that and just in terms of when Mark mentioned, you know especially when this first happened, not being able to get access to the premises, this massive pivot to work from home and suddenly millions of endpoints scattered globally. Talk to us about some of the things that you saw here in North America in terms of customer demands changing. >> Oh that's a great question, we absolutely saw changes. I mean I go back to what Satya Nadella said, the CEO of Microsoft. He even said in April and may that what we are seeing is two years of digital transformation happening in a two month period. And that's absolutely what we're seeing, so the interest in fact as Mark mentioned, and then interest in protecting endpoints, your laptops and your desktop, as you have an increasingly remote and distributed workforce has completely changed. I mean when we spoke to you last year ago, we had endpoint backup more for completeness to round out our portfolio. We didn't expect it to be a lead offering and take off the way it has. But now with the changes everyone's seeing and with what IT teams need to do with what security teams and cloud architects need to do, we're absolutely seeing that need for endpoint protection grow. >> Yeah, and just to add to that Lisa is the endpoint potentially is also seeing a change and a shift in the types of markets that are looking to Metallic as a solution, recall that we originally targeted Metallic and SMB mid market, market where people were looking for simple, predictable, low cost but yet still scalable infrastructure. The massive drive to protect endpoints and to maintain compliance and control of data there, is actually driving large enterprise customers to Commvault and Metallic as a solution for protecting not hundreds of endpoints, not thousands, not tens of thousands but hundreds of thousands of endpoints for some of the customers that we're not talking to. >> And that's probably going to be something that we see becomes permanent. You know we're seeing so many leaders, Satya Nadella you mentioned Janet, we've heard other ones, Antonio Neri from HPE saying you know I expect at least 50% of the workforce to stay remote. So this is... Was a big need, it was a big boom and a good amount of this is probably not going to change. How is Metallic positioned to help your customers not just survive this time but be able to thrive and become the winners of tomorrow? >> I think one real advantage of Metallic is the two technologies that it's built on top of, one is Metallic part of Commvault, so what we can do is evolve with the needs of our customers, take all that IP, all those patents decide what workloads are going to help our customers through this times and release those as new offerings delivered as PaaS, it allows us to be agile and to pivot as needed. And that's what you see as I said we're doubling our product offering, we're taking that feedback in real time and that's something we'll be announcing very soon, next month. In addition to that, we're also build on top of Microsoft Azure. So we're leveraging certainly their enterprise scalability, the trust and security that they have because we're really something that flexes from the one terabyte dataset to the 10,000 terabyte as you're looking to scale and protect your infrastructure. So we are poised to take on that agility, that time like these demand. >> Do you think, oh go ahead Mark. >> I think just to add to that as well is if you look at our existing customers that have been traditionally using on-prem Commvault complete software or they bought on a perpetual or subscription basis. A number of those have been looking for Metallic to protect some specific workloads, like endpoint for example, but the way we've done this is, the Metallic solution on the on-prem solution are manageable from a single Commvault interface, a command central interface. So it's not a temporary decision to move to SaaS and then that customer then has to move it back in order to control and manage it in an on-prem environment. They get the best of both worlds from two solutions fit for the purpose they are intended from a company that has a 20 year reputation in designing, building and selling scalable, secure data protection infrastructure. >> Reasonable question in terms of the management console. So for example Mark, the situation that you're talking about customers that may have been using Commvault on-prem for a long time now have had in the last year and now in EMEA the opportunity to leverage SaaS data protection for Office Microsoft 365 for example, endpoints. Talk to me a little bit about the management of that, if a customer, legacy Commvault customer has been using on-prem and now they add Metallic for SaaS, data protection for say Microsoft 365, is that managed by a single console? >> Exactly, it's managed by a command center console. So they can see, manage, control report, all of data that exists within the Metallic SaaS based solution, and that sits within that on-prem or their hybrid cloud environment, giving them that, that total flexibility. And with the recent announcement, the launch earlier in October of MCSS on Microsoft, sorry at Metallic Cloud Storage Solution, that also helps their customers that aren't yet looking to move to metallic, to make the step, to put some of their on-prem data rapidly and easily into cloud as a target, as a metallic cloud storage service. And that's a future stepping stone to a full metallic software as a service solution, should they so choose for a 365 or endpoint? So we're giving customers the ability to move from self-manage to fully managed with a SaaS solution in the middle. >> And for that target market perspective, Mark, some of the things that we've seen globally that are new targets, you mentioned ransomware on the rise, healthcare organizations, schools and governments, are there any specific industries that are going to be leading edge for Metallic in EMEA. >> What we've seen from the initial market data and the market uptake by segment from the America's names that launched is interest from every sector, but a particular interest from the sectors where technology is a key differentiator, particularly finance, banking, insurance, and the telco sector, the tech sector and the retail sector. Interestingly enough, we're also seeing in the government and public services sector from our recent Azure launch and some of the demand and interest in EMEA is validating this, customers in public sector organizations, central and local government who traditionally have been fixated on the CapEx buying model and on-prem solutions, moving and starting to look increasingly at SaaS to get solutions up running, protected and secured rapidly in the cloud. And so we're seeing an encouraging up-taking public sector organizations, which are using SaaS as a way to move from CapEx to OPEX models which is particularly reassuring. >> And Janet question for you if we look at data protection as a service, the fastest growing market segment rather in data protection market, what are some of the things that knowing Metallic's first year in the evolution, the changes that the world has seen, but also this demand for data protection as a service, what are some of the things that we can expect in Metallic's second year? >> Yeah so, first you're absolutely right. Data protection as a service is becoming increasingly popular. You know these are cloud based solutions, also known as backup as a service. And I think what we're finding as we talk to customers is everyone has a cloud based initiative, whether they're starting it or they're well on their way. So having a data protection as a service solution like Metallic can either be your first move into the cloud starting with your backup targets and leveraging MCSS as Mark explained as one way to do that, or it can just be another point in a customer's hybrid story. How they're starting to leverage data protection as a service, SaaS delivery. And there's this whole notion now of SaaS for SaaS. Now you need SaaS backup for your SaaS application to follow how the data moves, and that's what we're doing for Office 365. In the second year, we're certainly aiming to continue increasing our workload, supported the products that... And continuing our geo-expansion as we are right now with the EMEA, this is certainly critical as we continue. We'll also be looking to engage local partners, we work with resellers and distributors today, and we're also going to continue expanding our offerings in Azure marketplace. We went live in Azure marketplace last quarter and we're seeing transactions come through there and we want to continue building out our marketplace model as well. >> Last question Janet, you mentioned SaaS for SaaS and there's been a lot of talk about that recently with customers in every segment. And there was this sort of this a shared responsibility model that Microsoft has in Salesforce right in box. But it's been interesting and a lot of customers I've spoken with in the last few months in salesforce ended support for the data recovery service I think in end of July going, wait we thought it was in the cloud, we have to back it up. So is that another direction in terms of Metallics future of being able to protect more types of SaaS workloads besides Microsoft 365? >> Well that's certainly the idea and starting with Office 365, is how do we compliment what Microsoft already offers. Office 365 Salesforce, all of these tools, they are workflow tools, they're integral in organizations or they're just holding critical data. So how do we compliment that through data backup and protection that give them the controls they need. Whether it's policy customization, smart configurations to help them through this and now E discovery on top to be able to search and manage compliance needs. So we really want to be that kind of extra security blanket for all of these SaaS applications and that's really what we're aiming to do over time but Office 365 is our focus right now. >> Yeah, I think just pick out Lisa on Janet's point about the two points of scale for us about scaling out and launching in new markets and bringing new workloads into the Metallic portfolio. You know one of the things that we understand is we clearly we've seen significant demand for Office 365 and endpoint ussually as for Metallic. But let's also not lose sight of the fact that a number of organizations are coming to us to protect their VMs and their file server environments so being initially in small environments. And they're starting to ask us specifically about our plans to incorporate additional enterprise type on-prem workloads in a Metallic environment. And the fact that we've built 20 years of expertise in IOP in that space, we've been probably the quickest to launch the most innovative and wide this range of workloads in our on-prem and subscription based software makes it far easier for us to pivot and to extend over time rapidly, the workloads that Metallic supports for customers wanting to move traditionally on-prem workloads. That I'll just say 365 endpoint but VMs and other database workloads into the cloud. And that's a unique differentiator for where Metallic can take our customers, not just geographically but in terms of the diversity of workloads that we'll be able to cover. >> Great point Mark, absolutely. >> Well thank you both for explaining the evolution of Metallic, A Commvault Venture in its first year, giving us an insight into some of the recent new announcements and a peek into what's to come. Janet, Mark, we appreciate your time. >> Yeah, thank you. >> That's being a pleasure, thank you. >> For my guests, I'm Lisa Martin, you're watching theCUBE conversation. (upbeat music)

>> Announcer: From theCUBE Studios in Palo Alto and Boston, connecting with thought leaders all around the world, this is a CUBE Conversation. >> Hey, welcome back, everybody. Jeff Frick here with theCUBE coming to you from our Palo Alto studios for a CUBE Conversation. We're talking about the Citrix Workspace Summit. It happened earlier today. And we've got one of the experts in the field, CUBE alumni and always a really fun guest to have on. Let's give a welcome to Tamara McCleary. She's coming to us from Colorado. She's the CEO of Thulium but you know her from social media and seeing her at all the conferences and speaking. And Tamara, it's great to see you again >> Jeff, it's so good to be here. Hey, next best thing to being in person, right? >> Absolutely. I mean, there is some good stuff. Neither of us had to get on an airplane today and we were able just to connect via the magic of the internet, which I think people forget how magic it truly is. So I looked up, we last spoke, it was mid-April. We were about a month into this thing after the kind of shutdown. And really the topic there was about this light switch moment on the work from home front. Now we're seven months into this, eight months into this, and clearly it's not going away anytime soon. And even when it does, it's not going to go back exactly to the way it was. So first off, how are you doing? 'Cause I know you spend a lot of time at conferences and traveling all over the world, so your life's been changed quite a bit. And then two, just your kind of perspective as we've moved from the light switch moment to the, that this is the new normal and will be the new normal going forward. Maybe not exactly how it is today, but we're not going back to the way that it was before. >> You couldn't be more spot on, Jeff. In fact, when you said April, to me, it almost feels like not seven months. It feels much longer ago. And since the last time I got on an airplane was the end of February, and that was a huge disruption to me in my life. I had always been in three, four cities a week, every week, and haven't traveled on an airplane since February. So the world is different, and it has shifted, and there's no going back. We can't step in the river twice and hit that same spot. I totally messed up that quote, but that's me. You're used to that already. >> Jeff: Exactly. >> But some things don't change. But I think when we look at work, and what we were talking about back in April is that now we're looking at the potential for kind of a hybrid approach, whether we're talking about work or even kids, some kids going back to school, there's a hybrid approach. And with that comes its own set of complexities that we have to consider. So not only has the culture shifted into a place where you have your workforce who has gotten used to working remotely, and there's a lot of things with working remotely that we didn't have when office was the centrical focus for the workplace. So there's a lot of flexibility when you work from home. And I think one of the interesting things with the Citrix Workspace Summit was when CEO David Henshall talked about how it's the people, right? So it's our workforce, our employees who are our most valuable, but also our most costly assets. So we have to make sure that the employee experience is one that is pleasing and helps us to have not only talent acquisition, but also talent retention in a really dynamic, competitive atmosphere. And I'm sure I just posed this question so we could go a million different places with this. Where do you want to go with it, Jeff? >> Well, I was going to say, and of course we can go forever, and we don't have forever, so at some point we'll have to stop talking at the end of this interview. But I just love having you on. And what I want to drill in is as we've talked about the new way to work for a very, very long time. This is not a new topic. And we've had remote work tools and we've had VPNs and we've had mobile phones now since 2007, but we didn't have this forcing function, and I think that's what's really different here is that now it wasn't a choice anymore. There was no more planning and talking about it and maybe or maybe not. Work from home was kind of a first-class citizen in terms of priority. COVID changed all that dramatically overnight. And it's driven home this other kind of concept which we talk a lot about generically in terms of the customer experience as they interact with our applications, which is the way that now they actually interact with the company. And we've talked a little bit about new way to work, but now it's really driven to the forefront, because as you said, there's a lot of benefits from working from home. You could eat dinner with your family, maybe can pick up a few more of the kids' activities, whether it's a sports game in the middle of the afternoon or something in the evening, but there's also a lot of stress. There's a lot of kind of this always on and this constant notifications, whether it's coming from email or text or Slack or Teams or Asana or whatever. So refocusing on the employee experience and elevating that up into a much more important thing, as you said, for both wellness and employee satisfaction, but also retention and getting new employees. It's really changed the priority of that whole set of, kind of point of view around the employee experience that wasn't there kind of pre-COVID. >> Absolutely. And I think you just tapped onto something that I think affects all of us who are juggling these multifaceted lives, and that is the constant interruption and distraction, and that costs money. And I think about that as the CEO of our organization is that how many of these distractions could be avoided to create efficiency and productivity. It also creates happiness for the individual. I don't think anybody likes to be constantly distracted, but when you have a bunch of different applications and you don't have them in one accessible place and you're constantly having to flip between these applications, it can cause a lot of friction and frustration. And I think genuinely that was my very first introduction to Citrix was the ability to really streamline and have everything in one place on a beautiful dashboard that was personalized to the individual. Not everybody in the organization needs to have all the applications, right? Some of your employees only need a few, and it just depends on who they are and what they're doing within the organization. And so I think decreasing that friction, making it easier for people, and certainly ensuring not only a frictionless experience at home but also ensuring security is huge. I mean, how many times have we talked about cybersecurity is not a bolt on afterwards. It has to be all the way up through the stack. And certainly we did have an increased threat landscape with work from home situations because there were all these security breaches and issues and vulnerabilities. So I know we're not talking security today, but I'm wild about it. But I think that all of these things, what I like about what Citrix is doing, and I enjoy the Summit, is the fact that they're blending everything into a single solution so that it just gets done. Work gets done from wherever you are, whether you're at home, you're in office, or in your car, work gets done. >> And not only work but I thought the theme that's interesting that came out in David's keynote is our best work. It's good work and high-value work. And there's really kind of two aspects of that. One, as you just said, is please help me with the distractions and use machine learning and artificial intelligence and this unified platform to decide whether I should or should not be distracted. Also help me prioritize what I should be working on kind of right now, which, again, a great opportunity for AI and ML to elevate that which is most important to the top of my inbox. But even more in one of the keynotes was integrating the concept of wellness, and not just wellness in the HR manual at the back after vision and dental and getting your health checks, but wellness even where the application suggests that you take a two-hour window in this particular period of time to be thoughtful and do some deep thinking. And someone mentioned the people we talk about in automation and getting rid of drudgery and errors and all the bad stuff that comes from doing crappy work, not only is it not fun, but super error prone. This is a really different to use technology to help the employee, as you said, not only just get work done, but get good work done, get high-value work done, prioritize good stuff, and not just deal with the incessant henpecking that is the notification world that it's really easy to fall into if you don't turn some of that stuff off or at least tone them down a little bit. >> That's so true. I don't know if you saw this, but there a study by Stanford of, I think it was 16,000 workers, and over a nine-month period, they did this study, and it was a study looking at work from home and whether productivity was increased. And every, 'cause at first you remember what it was, Jeff. I mean, in the old regime, we would thought, oh dear, we don't want a remote workforce because everybody's going to be hanging out in their pajamas and screwing around and not doing work. And that's not true. What ends up happening is that this study showed that productivity increased by 13%. And, I mean, that's huge, right? So there was a huge bump in performance. And in this particular study, the variables that they cited was perhaps that they had a quieter workspace. I mean, you're not getting barraged by all the endless meetings, unless you have endless Zoom meetings, but that's a whole nother conversation. But you're having more time to focus and flexibility on when you work, which also increases focus. But I thought what you mentioned, the wellness piece was important, because then if you look at other studies, there was a Forbes article that cited that the average worker starts at 8:32 a.m. or something like that and works until 5:38 p.m. And I think the days of the week that were the most productive were Tuesday, Wednesdays, and Thursdays. But this was interesting, I thought. Telephone calls were up by 230%, so the calls that employees were making, and CRM activity was up by 176% and email up by 57% and chats up by 9%. So what we're seeing is that people are trying to find creative ways to remain connected and communicate, but in different ways. And I think that's where the wellness piece comes in and kind of what you were saying with that. I think it's a microapp that Citrix has on their Workspace, their workspace dashboard that pops up a reminder and says, hey, you think you should take a break or get up from your desk. But I think that what's nice about that is it's easy to get sucked into your computer all day. I'm guilty. I will definitely say I can start off pretty darn early in the morning or usually around by five and go till late at night. But, and it's all in front of the computer screen. So maybe I need that Citrix workspace solution to tap me on the shoulder and tell me to go take a meditation break. >> At least one of those watches that'll tell you to get up and twist around. Well, let's shift gears a little bit. They had Satya Nadella on, and Satya is a phenomenal executive, been super successful turning that big, very large boat, Microsoft, into really a cloud company and a SaaS company, and nothing but great success. Always happy to hear him. He had some interesting comments I want to run by you. One of them he said is we were dogmatic about work before, but don't replace what we were with just a new dogma. And what he really highlighted, A, obviously without the technology platform and cloud and all these tools that we have in place, this couldn't have happened. But more importantly, he said it really highlights the need for flexibility and resiliency, and to really, again, kind of elevate those as the first class citizens as to what you should be optimizing for. And really the highlight within this sudden shift with COVID that if you've got those capabilities, you're going to be successful, and if you don't, you're in real trouble >> I'm glad you brought Satya up, because he also said something really cool that I think is true, and that is we are running right now, currently we are running a global scale experiment. Do you remember him saying that? >> Yeah. >> And it's so true. I think right now the social scientists are going wild because finally they've got their captive collection of their study, their guinea pigs. But the other thing he was saying, too, is that we're going to be harnessing all these technologies to be able to re-skill and up-skill. And how long have we been talking about this, Jeff, with the future of work, that it will be a re-skilling and up-skilling of the workforce. He even mentioned holographic technology. He didn't go into it, but just the mention of it got me thinking about how we are currently using some of those nascent technologies to be able to up-skill and re-skill our workforces and also protect a workforce that doesn't necessarily need to be on scene on the edge of it all. And then he gave an example of an engineer being able to communicate with a first-line worker without having to be actually in the physical presence. And so I think this crucible that we're in called a global pandemic, forcing our hand, really, to do all the things that we've been talking about at all these conferences that we've been to, for me, maybe the past two decades, is that it's show, don't tell. So we're not talking about it anymore. We actually have to do it. And another thing that Satya said was that nine to five is definitely not true anymore with work. It's flexibility. And it's really... He also mentioned this EEG study into meeting fatigue. >> Jeff: Yes. >> I thought it was pretty wild. An EEG study into meeting fatigue. And I bet even without reading that study, all of us who are on video conferencing systems can probably tell what the outcome of that was. But concentration wanes very quickly. In fact, I think in that study it was after 20 minutes. But, so kudos to Citrix for putting on their summits, because did you notice for once we had the enjoyment of all these just really contents, deliciously packed segments that were short. >> Jeff: Right. >> Whereas at live events, they went on way too long. I mean, even customer stories went on way too long. And I really love the staccato nature of these customer stories and partnerships and what was working, and I just thought that they did a really nice job, and it was interesting because it met perfectly with staying underneath that 20-minute window before attention wanes. >> Right, right. And they even broke it up into three conferences, right? It was Citrix Synergy before. >> Right. >> Now it's workspaces, it's cloud, and then the third one will be security. But I want to double down on another concept. We talked about it last time with you and with Amy about measuring work and about kind of old work paradigms in terms of measuring performance that were really based more on activity than output. And this concept that work is an output, not a place. And it kind of makes you think of talking about cloud and a cloud-centric way of thinking about things. It's not necessarily the delivery method. It's about adopting quick change and rapid pace and having everything available that you need anywhere you are at the same time. So it seems strange to me that it took this to drive people to figure out that they should be measuring output and not activity. And were some early applications that came out when this all went down that are going to report back as to how often are you looking at your Zoom calls and how often are you sitting in front of your desk and all this silly stuff that just, again, misses the point. And I think this whole employee experience is, as you said, make 'em happy, make 'em feel fulfilled. They want to do meaningful work. They want to do high-value work. They just don't want to be an integration machine between the email system and the accounts receivable system and the accounts payable system. There's so much of an opportunity to get more value from the people, which, oh, by the way, makes for happier people. So do you think finally we're at a point where we can start getting away from just measuring activity unless that's your job to put a widget on a screw and really focus on output and high-value output and innovative output and deep thinking output versus just checking another box and passing the paper down the line? >> You know, Jeff, that reminds me of what Erica Volini, I think she's global human capital practice at Deloitte. I really loved her presentation. I also like the fact that I felt like she was speaking from her home, and she mentioned she's a new mom, and so there was this warmth and connection there which also I think is something really that we don't think about being, but it is a gift since we've all had to work from home is being able to see kind of executive individuals in a regular environment, and it humanizes it all, right? She said something really interesting in her talk. She was talking about rearchitecting the future of work, and she was talking about essentially, the premise was that human beings need, crave, have to have work that's meaningful and real. And part of this whole experience piece, part of this removing the friction from the experience of the employee and providing opportunities, stimulating growth opportunities for employees to give them that sense of meaning. But also she talked about the relationships. I mean, work is a huge part of the relationships in our life. And so this meaningful relationships and connections and in her architecting the work of the future, it's harnessing technology in service to humans to do a better job. And I think the word she used was augmentation, right? So the augmentation piece would be as we think about reinventing or re-imagining or re-architecting, we look at what's going to happen when we have the human working with the machine, but the machine in service to augmenting that human being to do, potential is what she was talking about, to really reach their potential. And so it's not about being replaced by technology. It's not being replaced by artificial intelligence, with machine learning algorithms. It's actually working in tandem so that technology potentiates the human that is using the technology. And I think that was a really good way of putting it. >> Right, right. I mean, we talk, it's one of our taglines, right? To separate the signal from the noise. And the problem is with so many systems now, and I forget, you may know off the top of your head, the average number of applications that people have to interact with every day to get their job done. >> Too many. >> Too many. >> Too many. >> It's a lot. So, so there is a lot of noise, but there's also some signal. And so if you're not paying attention, you can miss the signal that might be super, super important because you're overwhelmed by the noise. And so I think it is a real interesting challenge. It's a technology challenge to apply the machine learning and artificial intelligence, to sort through the total flow, to be able to prioritize and separate the signal from the noise to make sure we're working on the stuff that we should be working on. And I think it's a growing challenge as we just seem to always be adding new applications and adding new notifications and adding new systems that we have to interact with versus taking them away. So Citrix has this approach where we're just going to bring it all in together under one place. And so whether it's your Salesforce notification or your Slack notification or Zoom meeting, whatever, to have it orchestrated as a single place so I don't have 18 tabs, 14 browsers, and two laptops running just to get my day job done. >> You're going to make me self-conscious of all the tabs I have right now. Thanks a lot, Jeff. But, it's kind of, I like hearing stories, right? I think stories communicate to me kind of these practical applications. And I think Citrix did a brilliant job in the Workspace Summit of highlighting some of these customer stories that were really inspiring during the pandemic. One of 'em was City National Bank and Ariel Carrion? This is a test of my memory. He's the CTO, right, of City National Bank. And he's talking about that they had already had a partial migration to the cloud prior to the pandemic. So obviously there was an advantage for those organizations that already had their toe in the water. So, but when the pandemic hit, then it really catalyzed that movement all the way into the cloud and essentially creating a digital bank. And what was really interesting to me is that they funded 9600 loans and taking on new clients during that time of transformation to a digital bank. And one of the coolest things that he said to me was that in a regular program, it would've taken, mind you, get this. It would've taken 14 years, 14 years to accomplish what they did in three months. >> That's a long time. >> I was blown away, right? Just to me, that speaks a lot, because what we're talking about here is their clients are small business, and who do you think was impacted most during the pandemic? Small business. So the ability to get loans was critically important to the survival of a lot of companies. And the same story they had with eBay and David Lessor was talking, he's a senior manager in the office of the CIO, I think I remember. And he was talking about how obviously eBay is a digital platform, right? But if you think about the pandemic when we were all had these shelter in place orders, lots of people were able to still make money and earn a living because they were able to do business on eBay. And both eBay and City National Bank are obviously customers of Citrix. But I just found this to be really inspiring, because for eBay pre-pandemic, it was like, I don't know. I think they said they had 11,000 connected users prior to the pandemic, and a lot of those were in physical call centers. >> Jeff: Right. >> And then post-pandemic, I think he was reaching, saying end of Q4 was going to be something like 14,000 connected users. That's huge from 11 to 14. >> Yeah. >> And again, to your point, it's kind of forcing our hand into really not only pivoting, but increasing our speed in this ever-changing dynamic environment. >> Right. >> You know, one of the other things that came up, before I let you go, that it's always nice to have frameworks. Sometimes it just helps us organize our thoughts and it's kind of a mental cheat sheet. And they talked about the four Cs, connectivity, content, collaboration, and culture. And I would have to say they're in inverse order of how I would potentially have prioritized them. But I just wanted to zero in on the culture piece, 'cause I don't think people focus enough on culture. And one of the things I think we talked about in April, and I've certainly talked about a number of times going through this thing in leadership in these crazy times is that the frequency and the type and the topics in communication within your internal world have gone up dramatically. I think we had the, we had a CMO on the other day, and she said internal comms, this is a big company, prior to COVID was important, but not that important within the list of the CMO's activity. But then once this thing hit, right, suddenly internal communications, again, in terms of frequency and the types of topics you're talking about and the forums that you talk about and the actual vehicles in which you talk about, whether it's a all hands Zoom call or it's more frequent one-on-ones with your manager, really, really increase the importance of culture, and then I think probably is going to show over time the people that have it right, getting some separation distance from the people that got it wrong. I wonder if you could just talk about, 'cause you're a big culture person and you know how important the people part of the whole thing is. >> Yeah, culture drives everything. You're right. And that was Citrix's CIO who gave those four Cs, I think, Meerah Rajavel. >> Yeah, yeah. >> She gave those four Cs. And you couldn't be, you couldn't have tapped into something that I think is the soft underbelly of the organization, which is what is the culture. And anyone who's worked in an organization with a sick culture knows that it's just, it's cancerous, right? It grows and it causes decay. And I don't care how much innovation you have. If the culture is sick, you just, you're going to lose your best people. It's hard to work in a sick culture. And so I think what we had to do is when we all started working remotely, that was a culture shift, because we were siloed off of it. We weren't actually hanging out in physical space. Some of the things that we enjoyed about meeting with other human beings physically changed. And so it really behooved organizations to take a look at how they were going to foster culture digitally, how they were going to create that sense of bonding between not only those within your departmental area, but cross over into other areas. And I think that creating that culture that says I don't have to be in the exact same physical space, but we can still connect. I mean, you and I are doing this. We're not in the same physical space. >> Jeff: Right. >> But I'm still going to feel like we met today. >> Jeff: Right. >> You can create that for your employees. And it also means that we learned that we don't have to be in that same physical space, right? And I thought that was a really interesting position when Hayden Brown, the CEO of Upwork, was talking at the summit and saying that even when we look at creating culture with employees who aren't necessarily, maybe it's a workforce from all over the world that you're using, a remote workforce. And when you're using things like employees, if you've got work to do and you can find a really good talent and you can grab them for what it is that you need, you're actually increasing your ability to be able to deliver on things versus having to worry about whether you have that person in house, but you still can create that culture where everyone is inclusive, where someone can be in Australia and someone's in San Francisco and someone's in the UK, and you still have to create a cohesive, inclusive culture. And it matters not anymore whether or not you are a full-time employee or if you're a contract worker. I think in today's space, and certainly in those future of work conversations, it's more about, to the very first thing you said at the beginning, it's more about output. How's that for tying it back up again? >> Jeff: Yeah, very good. >> And that was totally unplanned. But it is about output, and that's going to be the future of work culture. It's not going to be the title that you have, whether or not you're a full-time employee or a part-time employee or a contract worker. It's going to be who are you meeting with? Who are you having these digital interfaces with and Slacking with or using any sort of platform application that you want to use. It's remaining in touch and in communication, and no longer is it about a physical space. It's a digital space. >> Right, right. All right, well, I'm going to give you the last word. You are a super positive person, and there's reasons, and for people that haven't watched your TED Talk, they should. I think it's super impactful and it really changed the way I look at you. So of all the negatives, wrap us up with some positives that you see as we come out of COVID that going through this experience will make in our lives, both our work lives as well as our personal lives. >> Well, since you're going to allow me to go deep here, I would say one of the things that COVID has brought us is pause. It caused us to go in. And with any dark night of the soul, we have to wrestle with the things that are real for us, and the things that fall away are those that were false, false perceptions, false ideas, illusions of even thinking who we are, what we're doing. And we had to come home to ourselves. And I think one of the things that COVID gave us through uncertainty was finding a center in that uncertainty. And maybe we got to know our beloveds a bit more. Maybe we got to know our kids a bit more, even if they drive us crazy sometimes. But in the end, I think maybe we all got to know ourselves a little bit more. And for that, I think we can harness those seeds of wisdom and make better choices in the future to co-create together a future that we are all pleased to wake up in, one that is fair, one that is equal, one that is inclusive, and one that we can be proud to have contributed to. And that's what I hope we've taken from this extremely hard time. >> Well, Tamara, thanks for sharing your wisdom with us. Really appreciate it. And great to see ya. >> Good to see you, too, thank you. >> All right, she's Tamara, I'm Jeff. You're watching theCUBE. Thanks for watching. We'll see you next time. (bright music)

(upbeat music) >> Narrator: From around the globe, it's theCUBE with digital coverage of AWS Public Sector Online brought to you by Amazon Web Services. >> Welcome back to theCUBE's coverage of AWS Public Sector Summit Online. I'm John Furrier, your host of theCUBE. I wish we could be there in person, but we're doing remote because of the COVID and the pandemic. We've got a great guest, Paul Grist. Worldwide Public Sector, Head of Education International for AWS. Paul, thank you for coming on remotely. >> Great to be here, John. >> There's a lot of disruption in the education space this year with universities and schools still uncertain about what the future will look like. What are some of the biggest trends you're seeing? >> John, what we've seen is the rapid adoption of technology and the growth of flexible online learning, learning that can take place anytime, anywhere. What we've seen is universities, national education systems, and schools rapidly migrating systems and content to the cloud, spinning up new applications. And we've seen companies that provide technology and content and platforms, the ed techs and publishers of the world, increasing their capacity, increasing their capability to deliver new applications to education. >> What is some of this research that you're finding out there? >> Yeah. You know, a time of much change and things happening very, very fast. We responded fast to the changes, John. Got a load of customer conversations together, looking at speeches by educationalists who were responding to the changes at some of the online events that spun up very quickly at places like the University of Buckingham, ASU, JSV, Inside Higher Education, places like Blackboard World. And really just talked to those leaders about their responses to the change, what kinds of things they were doing, and brought that together into the research. It's underpinned by some in-depth research and insights from education reports and articles too. >> Thanks Paul, really appreciate it. Having that research is critical. I know you guys do a lot of work on that. I know you got some news, take a quick plug for the new research that's coming out. You guys just put out today, just take a minute to quickly explain what it's about and how to find it. >> We're publishing today some new research that shows the seven key emerging trends in this new world of education. Check it out on the AWS website. Two key trends, flexible learning and the new world of employability. >> So you guys got a lot of data. It's great with Amazon, got a lot of customers. Good to see you guys getting that research. The question I have for you Paul is, what amount of the research shows really the COVID situation? Because there's before COVID, there's kind of during, and then there's going to be a post-COVID mode. Was that prior research in place with COVID or after COVID? Can you share kind of the update on the relevance of your research? >> Yeah, I think the sector has changed. The sector has gone through the fastest change it's ever gone through. And undoubtedly most of the issues, most of the challenges and opportunities in the sector, predate the pandemic. But what we've seen is COVID accelerate many of the challenges and the opportunities, but also bring new opportunities. >> Yeah, one of the things we've seen with education is the disruption, and the forcing function with COVID. There's a problem, we all know what it is. It's important, there's consequences for those. And you can quantify the disruption with real business value and certainly student impact. There's been downsides with remote education. More teacher-parent involvement and students having to deal with isolation, less social interaction. How do you guys see that? Or what is Amazon doing to solve these problems? Can you talk about that? >> Yeah. I think you know, education is very much a people business. And what we've been trying to do is partner with organizations to ensure that the people are kept at the center of the business. So working with organizations such as LS, sorry, Los Angeles United School District in the US to spin up a call center to allow students to contact their tutors. And parents to interact with tutors, to get questions answered. >> So one of the challenges these academic institutions are facing is speed, it's pace of change. What's going on with competition? How are they competing? How are universities and colleges staying relevant? Obviously there's a financial crisis involved. There's also the actual delivery aspect of it. More and more mergers. You're starting to see ecosystem changes. Can you talk about what's going on in the educational ecosystem? >> Yeah I mean, educational institutions are being forced to rethink their business models. It's an international marketplace in higher education. It's been a growing marketplace for many, many years. That suddenly stopped overnight, so every university has had to rethink about where their revenues are coming from, where the students are coming from. There's been some surprises too. I mean in the UK, actually international enrollments are up post-COVID because one of the strange side effects of COVID is without being able to travel, there's actually a cost saving for students. And so we've seen universities in the UK benefit from students who want to study, perhaps travel and the cost of study was too high previously. Now being able to study remotely. It's an unexpected and unintended consequence. But it kind of shows how there are opportunities for all organizations during this time. >> Many countries had to cancel exams altogether this year, which has been a big, huge problem. I mean people are outraged and people want to learn. It's been, you know, the silver lining in all this is that you have the internet (laughs). You have the cloud. I want to get your thoughts. How are universities and schools dealing with this challenge? Because you have a multi-sided marketplace. You've got the institutions, you've got the students, you got the educators, they all have to be successful. How are universities dealing with this challenge? >> Yeah I think, you know, teaching and learning has been online for 20, 30 years. And I think a lot of organizations have adopted online teaching and learning. But I think assessment is the one big area of education that remains to be made available at scale at low cost. So most assessment is still a pen-and-paper-based. There's big trust and identity issues. And what we're seeing through this COVID change is organizations really getting to grip with both of those issues. So, having the confidence to put assessment online, to make it available at scale, and then also having the confidence to tackle trust and identity questions. So who is taking the exam, where are they sitting? Can we be sure that it's actually that person taking that exam? So you know, the rise of things like proctoring technologies giving organizations the opportunity to assess remotely. >> How has this crisis affected research at academic institutions? Because certainly we know that if you need a lab or something, certainly we're seeing students need to be physically in person. But with remote and all those changes going on with the scale and the pace of change, how has research at academic institutions been impacted? >> Yeah I mean, research has always been a really collaborative activity, but we've seen that collaboration increase. It's had to increase. Researchers have had to go remote. Many of them work in labs. They haven't been able to do that. They've needed to spin up applications and new technologies in the cloud to continue working. But what we're seeing is governments taking an increased interest in the research being applicable, making sure that it leads to innovation which is meaningful. Getting much more involved and insisting that the research is made available now. And of course there's no place that that's clearer than in health research and trying to find a cure for COVID. And then secondly, we're seeing that research is becoming much more collaborative not just across institutions but also countries. So one of the great projects we're involved in at the moment is with the University of Adelaide who are collaborating with researchers from the Breeding and Acclimatization Institute in Poland on a project to study the increase in crop yield of wheat. >> One of the things that's coming out of this, whether it's research or students is open online courses, virtual capabilities. But a concept called stackable learning. Can you explain what that is? >> Yeah. We're in a global marketplace in education and there's increased competition between universities and education providers to make new types of certificates and online badges available. We know that employers are looking for ever more agile methods of scaling and upskilling. And stackable learning is a concept that's been around for a couple of decades now, where learning is broken down into smaller chunks, put together in a more personalized way from a number of different providers. Spun up very, very quickly to respond to need and then delivered to students. We're seeing some of the big providers like edX and Coursera who, again have been around for over a decade become really prominent in the provision of some of these stackable credentials. Their systems run on the cloud. They're easy to access, in many, many cases they're free. We're seeing an increasing number of employers and education institutions adopt and embed these types of delivery systems into their curriculum. >> Totally a fan of stackable learning, it's called the Lego model, whatever I call it. But also online brings the nonlinear progressions. The role of data is super important. So I'm very bullish on education being disrupted by cloud providers and new apps. So you know, I wanted to call that out because I think it's super important. Let me get to a really important piece that it has to be addressed, and I want to get your thoughts on. Cyber security. Okay, cyber attacks and privacy of students are two areas that are super important for institutions to address. What's your reaction to that? >> Yeah, I mean the use of more technology becomes, you know again, a target for cyber attack and unfortunately it's an increasing phenomenon. Simply put, every organization needs to put security first. Needs to operate as a security-first organization. They need to adopt technologies, people and processes that can protect their investments. And work with data management vendors, cloud vendors who've got the compliances and the common privacy and security frameworks such as GDPR in place to make sure that they provide secure services. AWS's security offerings include auditing, login and identity management, data encryption capabilities that offer more transparency and control, to allow institutions protect student data. >> Super important, thanks for sharing. Finally, what's the steps institutions can take to close the digital divide because now some people are taking gap years. Research is changing. People might not even have PCs or internet connections. There's still, this exposes the haves and have nots. What steps can institutions take to do their part? >> Yeah, digital learning is here to stay, John. We've learned that many learners do not have access to technology necessary for online learning. Whether those are devices or a reliable internet connection. But again, you know governments, states, educational authorities have all turned their attention to these issues over the last few months. And we're seeing organizations partner with technology providers that can provide internet connections. Partners in AWS, such as Kajeet who've installed hotspot devices on buses to deploy in areas with no connectivity. You know whether that's a place like Denver, Colorado or whether it's a place, you know, in Nigeria in Africa, remote connection remains a problem everywhere. And we're seeing everybody addressing that issue now. >> Paul, great to have you on theCUBE and sharing your insights on what's going on in international education. Final question for you. In your own words, why is this year at the AWS Public Sector Summit Online important? What's the most important story that people should walk away in this educational industry? >> The most important story, John, is it's a time of incredible change but also incredible opportunity. And we're seeing organizations who have wanted to change, who've wanted to deliver more to their students, who want to deliver a greater experience, who want to access more students and have much greater reach. Now with the appetite to do that. re:Invent is a great opportunity to work with AWS, to understand what's going on with our partners, with our customers. And look at some of the common solutions for the challenges that they're looking to solve. >> Paul Grist, thank you for coming on theCUBE. Really appreciate it. Worldwide Head of Education for International AWS. Thank you for sharing. >> Thanks John, great to be here. >> Okay, this is theCUBE's coverage of AWS Public Sector Online Summit. Remote, virtual, this is theCUBE virtual. I'm John Furrier, your host. Thanks for watching. (upbeat music)

>>covering the space and cybersecurity symposium 2020 hosted by Cal poly. Hold on. Welcome to this special presentation with Cal poly hosting the space and cybersecurity symposium, 2020 virtual, um, John for your host with the cube and Silicon angle here in our Palo Alto studios with our remote guests, we couldn't be there in person, but we're going to be here remotely. Got a great session and a panel for one hour topic preparing students for the jobs of today and tomorrow, but a great lineup. Bill Britain, Lieutenant Colonel from the us air force, retired vice president for information technology and CIO and the director of the California cyber security Institute for Cal poly bill. Thanks for joining us, dr. Amy Fisher, who's the Dean of the college of engineering at Cal poly and trunk fam professor and researcher at the U S air force Academy. Folks, thanks for joining me today. >>Our pleasure got a great, great panel. This is one of my favorite topics preparing students for the next generation, the jobs for today and tomorrow. We've got an hour. I'd love you guys to start with an opening statement, to kick things off a bill. We'll start with you. Well, I'm really pleased to be, to start on this. Um, as the director for the cybersecurity Institute and the CIO at Cal poly, it's really a fun, exciting job because as a Polytechnic technology, as such a forefront in what we're doing, and we've had a, a wonderful opportunity being 40 miles from Vandenberg air force base to really look at the nexus of space and cyber security. And if you add into that, uh, both commercial government and civil space and cybersecurity, this is an expanding wide open time for cyber and space. In that role that we have with the cyber security Institute, we partner with elements of the state and the university. >>And we try to really add value above our academic level, which is some of the highest in the nation and to really merge down and go a little lower and start younger. So we actually are running the week prior to this showing a cybersecurity competition for high schools or middle schools in the state of California, that competition this year is based on a scenario around hacking of a commercial satellite and the forensics of the payload that was hacked and the networks associated with it. This is going to be done using products like Wireshark autopsy and other tools that will give those high school students. What we hope is a huge desire to follow up and go into cyber and cyber space and space and follow that career path. And either come to Cal poly or some other institution that's going to let them really expand their horizons in cybersecurity and space for the future >>Of our nation. >>Bill, thanks for that intro, by the way, it's gonna give you props for an amazing team and job you guys are doing at Cal poly, that Dex hub and the efforts you guys are having with your challenge. Congratulations on that great work. Thank you >>Star team. It's absolutely amazing. You find that much talent in one location. And I think Amy is going to tell you she's got the same amount of talent in her staff. So it's, it's a great place to be. >>Amy flasher. You guys have a great organization down there, amazing curriculum, grazing people, great community, your opening statement. >>Hello everybody. It's really great to be a part of this panel on behalf of the Cal poly college of engineering here at Cal poly, we really take preparing students for the jobs of today and tomorrow completely seriously. And we claim that our students really graduate. So they're ready day one for their first real job, but that means that in getting them to that point, we have to help them get valuable and meaningful job experience before they graduate, but through our curriculum and through multiple internship or summer research opportunities. So we focus our curriculum on what we call a learn by doing philosophy. And this means that we have a combination of practical experience and learn by doing both in and out of the classroom. And we find that to be really critical for preparing students for the workforce here at Cal poly, we have more than 6,000 engineering students. >>We're one of the largest undergraduate engineering schools in the country. Um, and us news ranks us the eighth best undergraduate engineering program in the, in the country and the top ranked state school. We're really, really proud that we offer this impactful hands on engineering education that really exceeds that of virtually all private universities while reaching a wider audience of students. We offer 14 degree programs and really we're talking today about cyber and space. And I think most of those degree programs can really make an impact in the space and cybersecurity economy. And this includes not only things like Aero and cyber directly, but also electrical engineering, mechanical engineering, computer engineering, materials, engineering, even manufacturing, civil and biomedical engineering. As there's a lot of infrastructure needs that go into supporting launch capabilities. Our aerospace program graduates hundreds of aerospace engineers, and most of them are working right here in California. >>I'm with many of our corporate partners, including Northrop Grumman, Lockheed, Boeing, Raytheon space, X, Virgin, galactic JPL, and so many other places where we have Cal poly engineer's impacting the space economy. Our cybersecurity focus is found mainly in our computer science and software engineering programs. And it's really a rapidly growing interest among our students. Computer science is our most popular major and industry interest and partnerships are integrated into our curriculum. And we do that oftentimes through support from industry. So we have partnerships with Northrop Grumman for professorship and a cyber lab and from PG and E for critical infrastructure, cybersecurity lab, and professorship. And we think that industry partnerships like these are really critical to preparing students for the future as the field's evolving so quickly and making sure we adapt our facilities and our curriculum to stay in line with what we're seeing in industry is incredibly important. >>In our aerospace program, we have an educational partnership with the air force research labs. That's allowing us to install new high performance computing capabilities and a space environments lab. That's going to enhance our satellite design capabilities. And if we talk about satellite design, Cal poly is the founding home of the cube sat program, which pioneered small satellite capabilities. And we remain the worldwide leader in maintaining the cube set standard. And our student program has launched more cube sets than any other program. So here again, we have this learn by doing experience every year for dozens of aerospace, electrical, computer science, mechanical engineering students, and other student activities that we think are just as important include ethical hacking through our white hat club, Cal poly space systems, which does really, really big rocket launches and our support program for women in both of these fields like wish, which is women in software and hardware. >>Now, you know, really trying to bring in a wide variety of people into these fields is incredibly important and outreach and support to those demographics. Traditionally underrepresented in these fields is going to be really critical to future success. So by drawing on the lived experiences by people with different types of backgrounds, while we develop the type of culture and environment where all of us can get to the best solution. So in terms of bringing people into the field, we see that research shows, we need to reach kids when they're in late elementary and middle schools to really overcome that cultural bias that works against diversity in our fields. And you heard bill talking about the cyber cybersec, the California cybersecurity institutes a year late cyber challenge. There's a lot of other people who are working to bring in a wider variety of, uh, of people into the field, like girl Scouts, which has introduced dozens of new badges over the past few years, including a whole cybersecurity series of badges and a concert with Palo Alto networks. So we have our work cut out for us, but we know what we need to do. And if we're really committed to prep properly preparing the workforce for today and tomorrow, I think our future is going to be bright. I'm looking forward to our discussion today. >>Yeah, you got a flashy for great, great comment, opening statement and congratulations. You got the right formula down there, the right mindset, and you got a lot of talent and community as well. Thank thank you for that opening statement. Next step from Colorado Springs, trunk fam, who's a professor and researcher. The us air force Academy is doing a lot of research around the areas that are most important for the intersection of space and technology trunk. >>Good afternoon, first electric and Cal poli for the opportunity. And today I want to go briefly about cyber security in S application. Whenever we talk about cyber security, the impression is got yes, a new phew that is really highly complex involving a lot of technical area. But in reality, in my personal opinion, it is in be complex because involve many disciplines. The first thing we think about is computer engineering and computer networking, but it's also involving communication sociology, law practice. And this practice of cyber security goes in on the info computer expert, but it's also info everybody else who has a computing device that is connected to the internet. And this participation is obviously every body in today's environment. When we think about the internet, we know that is a good source of information, but come with the convenience of information that we can access. >>We are constantly faced in being from the internet. Some of them, we might be aware of some of them we might not be aware of. For example, when we search on the internet, a lot of time, our browser will be saved and gotten this site is not trusted. So we will be more careful. What about the sites that we trusted? We know getting those salad chicken sites, but they're not a hundred percent good at proof. What happened? It was all side, uh, attack by hacker. And then they will be a silent source that we might not be aware of. So in the reality, we need to be more practicing the, um, cyber security from our SIBO point of view and not from a technical point of view. When we talk about space application, we should know that all the hardware, a computer based tool by computer system and therefore the hardware and the software must go through some certification process so that they can be record that air with the flight. >>What the, when we know that in the certification process is focusing on the functionality of the hardware and software, but one aspect that is explicitly and implicitly required is the security of those components. And we know that those components have to be connected with the ground control station and be communication is through the air, through the layby or signal. So anybody who has access to those communication regular signal will be able to control the space system that we put up there. And we certainly do not want our system to be hijacked by a third party. >>I'm not going to aspect of cybersecurity is we try to design the space system in a very strong manner. So it's almost impossible to hack in, but what about some August week system that might be connected to so strong system? For example, the spare system will be connected to the ground control station and on the ground control station, we have the human controller in those people have cell phone. They are allowed to use cell phones for communication, but at the same time, they are connected to the internet, to the cell phone and their cell phone might be connected to the computer that control the flight software and hardware. So what I want to say is that we try to build strong system and we protected them, but there will be some weaker system that we could not intended, but exists to be connected to our strong system. And those are the points that hacker will be trying to attack. If we know how to control the access to those points, we will be having a much better system for the space system. And when we see the cybersecurity that is requiring the participation everywhere, it's important to Merck that there is a source of opportunity for students to engage the workforce. To concede the obviously student in engineering can focus their knowledge and expertise to provide technological solution, to protect the system that we view. But we also >>Have students in business who can focus to write a business plan to reach the market. We also have student in law who can focus policy governing the cyber security. And we also have student in education who can focus the expert. She should be saying how to teach cyber security practice and students can focus the effort to implement security measures and it implies job opportunity. >>Thank you trunk for those great comments, great technology opportunities, but interesting as well as the theme that we're seeing across the entire symposium and in the virtual hallways that we're hearing conversations and you pointed out some of them, dr. Fleischer did as well. And bill, you mentioned it. It's not one thing. It's not just technology, it's different skills. And, um, Amy, you mentioned that computer science is the hottest degree, but you have the hottest aerospace program in the world. I mean, so all of this is kind of balancing it's interdisciplinary. It's a structural change before we get into some of the, um, how they prepare the students. Can you guys talk about some of the structural changes that are modern now in preparing, um, in these opportunities because societal impact is a law potentially impact it's, it's how we educate there's no cross-discipline skillsets. It's not just get the degree, see out in the field bill, you want to start. >>Well, what's really fun about this job is, is that in the air force, uh, I worked in the space and missile business and what we saw was a heavy reliance on checklist format, security procedures, analog systems, and what we're seeing now in our world, both in the government and the commercial side, uh, is a move to a digital environment. And the digital environment is a very quick and adaptive environment. And it's going to require a digital understanding. Matter of fact, um, the, uh, under secretary of the air force for acquisition, uh, rev recently referenced the need to understand the digital environment and how that's affecting acquisition. So as, as both Amy, um, and trunk said, even business students are now in the >>Cybersecurity business. And, and so, again, what we're seeing is, is the change. Now, another phenomenon that we're seeing in the space world is there's just so much data. Uh, one of the ways that we addressed that in the past was to look at high performance computing. It was a lot stricter control over how that worked, but now what we're seeing these adaptation of cloud cloud technologies in space support, space, data, command, and control. Uh, and so what we see is a modern space engineer who asked to understand digital, has to understand cloud and has to understand the context of all those with a cyber environment. That's really changing the forefront of what is a space engineer, what is a digital engineer and what does a future engineer, both commercial or government? So I think the opportunity for all of these things is really good, particularly for a Polytechnic air force Academy and others that are focusing on a more, uh, widened experiential level of cloud and engineering and other capabilities. >>And I'll tell you the part that as the CIO, I have to remind everybody, all this stuff works for the it stuff. So you've got to understand how your it infrastructures are tied and working together. Um, as we noted earlier, one of the things is, is that these are all relays from point the point, and that architecture is part of your cybersecurity architecture. So again, every component has now become a cyber aware cyber knowledgeable, and in what we'd like to call as a cyber cognizant citizen, where they have to understand the context, patients chip software, that the Fleischer talk about your perspective, because you mentioned some of the things that computer science. Remember when I'm in the eighties, when I got my computer science degree, they call the software engineers, and then you became software developers. And then, so again, engineering is the theme. If you're engineering a system, there's now software involved, um, and there's also business engineering business models. So talk about some of your comments was, you mentioned, computer science is hot. You got the aerospace, you've got these multidisciplines you got definitely diversity as well. It brings more perspectives in as well. Your thoughts on these structural interdisciplinary things. >>I think this is, this is really key to making sure that students are prepared to work in the workforce is looking at the, the blurring between fields no longer are you just a computer scientist, no longer are you just an aerospace engineer? You really have to have an expertise where you can work with people across disciplines. All of these, all of these fields are just working with each other in ways we haven't seen before. And bill brought up data, you know, data science is something that's cross cutting across all of our fields. So we want engineers that have the disciplinary expertise so that they can go deep into these fields, but we want them to be able to communicate with each and to be able to communicate across disciplines and to be able to work in teams that are across disciplines. You can no longer just work with other computer scientists or just work with other aerospace engineers. >>There's no part of engineering that is siloed anymore. So that's how we're changing. You have to be able to work across those, those disciplines. And as you, as Tron pointed out, you know, ethics has to come into this. So you can no longer try to fully separate what we would traditionally have called the, the liberal arts and say, well, that's over there in general education. No ethics is an important part of what we're doing and how we integrate that into our curriculum. So it was communication. So is working on public policy and seeing where all of these different aspects tied together to make the impact that we want to have in the world. So it, you no longer can work solo in these fields. >>Great point. And bill also mentioned the cloud. One thing about the cloud that showed us as horizontal scalability has created a lot of value and certainly data is now horizontal Trung. You mentioned some of the things about cryptography for the kids out there. I mean, you can look at the pathway for career. You can do a lot of tech and, but you don't have to go deep. Sometimes you can go, you can go as deep as you want, but there's so much more there. Um, what technology do you see, how it's going to help students in your opinion? >>Well, I'm a professor in computer science, so I'd like to talk out a little bit about computer programming. Now we, uh, working in complex project. So most of the time we design a system from scratch. We view it from different components and the components that we have either we get it from or some time we get it from the internet in the open source environment, it's fun to get the source code and then work to our own application. So now when we are looking at a Logie, when we talk about encryption, for example, we can easily get the source code from the internet. And the question is, is safe to use those source code. And my, my, my question is maybe not. So I always encourage my students to learn how to write source score distribution, where that I learned a long time ago before I allow them to use the open source environment. And one of the things that they have to be careful, especially with encryption is be quote that might be hidden in the, in the source, get the download here, some of the source. >>So open source, it's a wonderful place to be, but it's also that we have to be aware of >>Great point before we get into some of the common one quick thing for each of you like to get your comments on, you know, the there's been a big movement on growth mindset, which has been a great, I'm a big believer in having a growth mindset and learning and all that good stuff. But now that when you talk about some of these things that we're mentioning about systems, there's, there's an, there's a new trend around a systems mindset, because if everything's now a system distributed systems, now you have space in cyber security, you have to understand the consequences of changes. And you mentioned some of that Trung in changes in the source code. Could you guys share your quick opinions on the, the idea of systems thinking, is that a mindset that people should be looking at? Because it used to be just one thing, Oh, you're a systems guy or galley. There you go. You're done. Now. It seems to be in social media and data. Everything seems to be systems. What's your take dr. Fleischer, we'll start with you. >>Uh, I'd say it's a, it's another way of looking at, um, not being just so deep in your discipline. You have to understand what the impact of the decisions that you're making have on a much broader, uh, system. And so I think it's important for all of our students to get some exposure to that systems level thinking and looking at the greater impact of the decision that they're making. Now, the issue is where do you set the systems boundary, right? And you can set the systems boundary very close in and concentrate on an aspect of a design, or you can continually move that system boundary out and see, where do you hit the intersections of engineering and science along with ethics and public policy and the greater society. And I think that's where some of the interesting work is going to be. And I think at least exposing students and letting them know that they're going to have to make some of these considerations as they move throughout their career is going to be vital as we move into the future. Bill. What's your thoughts? >>Um, I absolutely agree with Amy and I think there's a context here that reverse engineering, um, and forensics analysis and forensics engineering are becoming more critical than ever, uh, the ability to look at what you have designed in a system and then tear it apart and look at it for gaps and holes and problem sets, or when you're given some software that's already been pre developed, checking it to make sure it is, is really going to do what it says it's going to do. That forensics ability becomes more and more a skillset that also you need the verbal skills to explain what it is you're doing and what you found. So the communication side, the systems analysis, >>The forensics analysis side, >>These are all things that are part of that system >>Approach that I think you could spend hours on. And we still haven't really done great job on it. So it's a, it's. One of my fortes is the really the whole analysis side of forensics and it reverse engineering >>Try and real quick systems thinking. >>Well, I'd like to share with you my experience. When I worked in the space patient program at NASA, we had two different approaches. One is a down approach where we design it from the system general point of view, where we put components to complex system. But at the same time, we have the bottom up approach where we have Ken Chile who spent time and effort the individual component. And they have to be expert in those Chinese component. That might be general component the gallery. And in the space station program, we bring together the welcome up engineer, who designed everything in detail in the system manager who manage the system design from the top down. And we meet in the middle and took the idea with compromise a lot of differences. Then we can leave a display station that we are operating to be okay, >>Great insight. And that's the whole teamwork collaboration that, that was mentioning. Thanks so much for that insight. I wanted to get that out there because I know myself as a, as a parent, I'm always trying to think about what's best for my kids in their friends, as they grow up into the workforce. I know educators and leaders in industry would love to know some of the best practices around some of the structural changes. So thanks for that insight, but this topics about students and helping them prepare. Uh, so we heard, you know, be, be multiple discipline, broaden your horizons, think like systems top down, bottom up, work together as a team and follow the data. So I got to ask you guys, there's a huge amount of job openings in cybersecurity. It's well documented and certainly at the intersection of space and cyber, it's only gonna get bigger, right? You're going to see more and more demand for new types of jobs. How do we get high school and college students interested in security as a career at the flagship? We'll start with you in this one. >>I would say really one of the best ways to get students interested in the career is to show them the impact that it's going to have. There's definitely always going to be students who are going to want to do the technology for the technology sake, but that will limit you to a narrow set of students. And by showing that the greater impact that these types of careers are going to have on the types of problems that you're going to be able to solve and the impact you're going to be able to have on the world, around you, that's the word that we really need to get out. And a wide variety of students really respond to these messages. So I think it's really kind of reaching out at the, uh, the elementary, the middle school level, and really kind of getting this idea that you can make a big difference, a big positive difference in the field with some of these careers is going to be really critical. >>Real question, follow up. What do you think is the best entry point? You mentioned middle squad in here, elementary school. This comes, there's a lot of discussions around pipelining and we're going to get into women in tech and under-represented matters later, but you know, is it too early or what's the, what's your feeling on this? >>My feeling is the earlier we can normalize it the better the, uh, if you can normalize an interest in, in computers and technology and building an elementary school, that's absolutely critical. But the dropoff point that we're seeing is between what I would call like late elementary and early middle school. Um, and just kind of as an anecdote, I, for years ran an outreach program for girl Scouts in grades four and five and grade six, seven, and eight. And we had a hundred slots in each program. And every year the program would sell out for girls in grades four and five, and every year we'd have spots remaining in grades six, seven, and eight. And that's literally where the drop-off is occurring between that late elementary and that middle school range. So that's the area that we need to target to make sure we keep those young women involved and interested as we move forward. >>Bill, how are we going to get these kids interested in security? You mentioned a few programs you got. Yeah. I mean, who wants to, who wouldn't want to be a white hat hacker? I mean, yeah, that sounds exciting. Yeah. Great questions. Let's start with some basic principles though. Is let me ask you a question, John, a name for me, one white hat, good person hacker. The name who works in the space industry and is an exemplar for students to look up to, um, you, um, Oh man. I'm hearing really. I can't, I can't, I can't, I can't imagine because the answer we normally get is the cricket sound. So we don't have individuals we've identified in those areas for them to look up to. I was going to be snarky and say, most white hackers won't even use their real name, but, um, there's a, there's an aura around their anonymity here. >>So, so again, the real question is, is how do we get them engaged and keep them engaged? And that's what Amy was pointing out too. Exactly the engagement and sticking with it. So one of the things that we're trying to do through our competition on the state level and other elements is providing connections. We call them ambassadors. These are people in the business who can contact the students that are in the game or in that, uh, challenge environment and let them interact and let them talk about what they do and what they're doing in life would give them a challenging game format. Um, a lot of computer based training, um, capture the flag stuff is great, but if you can make it hands on, if you can make it a learn by doing experiment, if you can make it am personally involved and see the benefit as a result of doing that challenge and then talk to the people who do that on a daily basis, that's how you get them involved. >>The second part is as part of what we're doing is, is we're involving partnership companies in the development of the teams. So this year's competition that we're running has 82 teams from across the state of California, uh, of those 82 teams at six students team, middle school, high school, and many of those have company partners. And these are practitioners in cybersecurity who are working with those students to participate. It's it's that adult connectivity, it's that visualization. Um, so at the competition this year, um, we have the founder of Def con red flag is a participant to talk to the students. We have Vince surf as who is of course, very well known for something called the internet to participate. It's really getting the students to understand who's in this. Who can I look up to and how do I stay engaged with them? >>There's definitely a celebrity aspect of it. I will agree. I mean, the influencer aspect here with knowledge is key. Can you talk about, um, these ambassadors and, and, and how far along are you on that program? First of all, the challenge stuff is anything gamification wise. We've seen that with hackathons is just really works well. Grades, bonding, people who create together kinda get sticky and get very high community aspect to it. Talking about this ambassador thing. What does that industry is that academic >>Absolutely partners that we've identified? Um, some of which, and I won't hit all of them. So I'm sure I'll short changes, but, uh, Palo Alto, Cisco, um, Splunk, um, many of the companies in California and what we've done is identified, uh, schools, uh, to participate in the challenge that may not have a strong STEM program or have any cyber program. And the idea of the company is they look for their employees who are in those school districts to partner with the schools to help provide outreach. It could be as simple as a couple hours a week, or it's a team support captain or it's providing computers and other devices to use. Uh, and so again, it's really about a constant connectivity and, uh, trying to help where some schools may not have the staff or support units in an area to really provide them what they need for connectivity. What that does gives us an opportunity to not just focus on it once a year, but throughout the year. So for the competition, all the teams that are participating have been receiving, um, training and educational opportunities in the game of education side, since they signed up to participate. So there's a website, there's learning materials, there's materials provided by certain vendor companies like Wireshark and others. So it's a continuum of opportunity for the, >>You know, I've seen just the re randomly, just going to random thought, you know, robotics clubs are moving den closer into that middle school area, in fact Fleischer. And certainly in high schools, it's almost like a varsity sport. E-sports is another one. My son just combined made the JV at the college Dean, you know, it's big and it's up and serious. Right. And, um, it's fun. This is the aspect of fun. It's hands on. This is part of the culture down there you learn by doing, is there like a group? Is it like, um, is it like a club? I mean, how do you guys organize these bottoms up organically interest topics? >>So, so here in the college of engineering, uh, when we talk about learning by doing, we have learned by doing both in the classroom and out of the classroom. And if we look at the, these types of, out of the classroom activities, we have over 80 clubs working on all different aspects of many of these are bottom up. The students have decided what they want to work on and have organized themselves around that. And then they get the leadership opportunities. The more experienced students train in the less experienced students. And it continues to build from year after year after year with them even doing aspects of strategic planning from year to year for some of these competitions. So, yeah, it's an absolutely great experience. And we don't define for them how their learned by doing experiences should be, we want them to define it. And I think the really cool thing about that is they have the ownership and they have the interest and they can come up with new clubs year after year to see which direction they want to take it. And, you know, we will help support those clubs as old clubs fade out and new clubs come in >>Trunk real quick. Before we go on the next, uh, talk track, what, what do you recommend for, um, middle school, high school or even elementary? Um, a little bit of coding Minecraft. I mean, what, how do you get them hooked on the fun and the dopamine of, uh, technology and cybersecurity? What's your, what's your take on that? >>On, on this aspect, I like to share with you my experience as a junior high and high school student in Texas, the university of Texas in Austin organized a competition for every high school in Texas. If we phew from poetry to mathematics, to science, computer engineering, but it's not about with university of Texas. The university of Texas is on the serving SSN for the final competition that we divide the competition to be strict and then regional, and then spit at each level, we have local university and colleges volunteering to host it competition and make it fun. >>Also students with private enterprises to raise funding for scholarship. So students who see the competition they get exposed to so they can see different option. They also get a scholarship when they attend university in college. So I've seen the combination in competition aspect would be a good thing to be >>Got the engagement, the aspiration scholarship, you know, and you mentioned a volunteer. I think one of the things I'll observe is you guys are kind of hitting this as community. I mean, the story of Steve jobs and was, was building the Mac, they call it bill Hewlett up in Palo Alto. It was in the phone book and they scoured some parts from them. That's community. This is kind of what you're getting at. So this is kind of the formula we're seeing. So the next question I really want to get into is the women in technology, STEM, underrepresented minorities, how do we get them on cybersecurity career path? Is there a best practices there, bill, we'll start with you? >>Well, I think it's really interesting. First thing I want to add is if I could have just a clarification, what's really cool that the competition that we have and we're running, it's run by student from Cal poly. Uh, so, you know, Amy referenced the clubs and other activities. So many of the, uh, organizers and developers of the competition that we're running are the students, but not just from engineering. So we actually have theater and liberal arts majors and technology for liberal arts majors who are part of the competition. And we use their areas of expertise, set design, and other things, uh, visualization of virtualization. Those are all part of how we then teach and educate cyber in our game effication and other areas. So they're all involved in their learning as well. So we have our students teaching other students. So we're really excited about that. And I think that's part of what leads to a mentoring aspect of what we're providing, where our students are mentoring the other students. And I think it's also something that's really important in the game. Um, the first year we held the game, we had several all girl teams and it was really interesting because a, they, they didn't really know if they could compete. I mean, this is their, their reference point. We don't know if they did better than anybody. I mean, they, they knocked the ball out >>Of the park. The second part then is building that confidence level that they can going back and telling their cohorts that, Hey, it's not this thing you can't do. It's something real that you can compete and win. And so again, it's building that comradery, that spirit, that knowledge that they can succeed. And I think that goes a long way and an Amy's programs and the reach out and the reach out that Cal poly does to schools to develop. Uh, I think that's what it really is going to take. It. It is going to take that village approach to really increase diversity and inclusivity for the community. >>That's the flusher. I'd love to get your thoughts. You mentioned, um, your, your outreach program and the dropoff, some of those data, uh, you're deeply involved in this. You're passionate about it. What's your thoughts on this career path opportunity for STEM? >>Yeah, I think STEM is an incredible career path opportunity for so many people. There's so many interesting problems that we can solve, particularly in cyber and in space systems. And I think we have to meet the kids where they are and kind of show them, you know, what the exciting part is about it, right. But, you know, bill was, was alluding to this. And when he was talking about, you know, trying to name somebody that you can can point to. And I think having those visible people where you can see yourself in that is, is absolutely critical and those mentors and that mentorship program. So we use a lot of our students going out into California, middle schools and elementary schools. And you want to see somebody that's like you, somebody that came from your background and was able to do this. So a lot of times we have students from our national society of black engineers or a society of Hispanic professional engineers or our society of women engineers. >>We have over a thousand members, a thousand student members in our society of women engineers who were doing these outreach programs. But like I also said, it's hitting them at the lower levels too. And girl Scouts is actually distinguishing themselves as one of the leading STEM advocates in the country. And like I said, they developed all these cybersecurity badges, starting in kindergarten. There's a cybersecurity badge for kindergarten and first graders. And it goes all the way up through late high school, the same thing with space systems. And they did the space systems in partnership with NASA. They did the cybersecurity and partnership with Palo Alto networks. And what you do is you want to build these, these skills that the girls are developing. And like bill said, work in and girl led teams where they can do it. And if they're doing it from kindergarten on, it just becomes normal. And they never think, well, this is not for me. And they see the older girls who are doing it and they see a very clear path leading them into these careers. >>Yeah. It's interesting. You used the word normalization earlier. That's exactly what it is. It's life, you get life skills and a new kind of badge. Why wouldn't learn how to be a white, white hat hacker, or have fun or learn new skills just in, in the, in the grind of your fun day. Super exciting. Okay. Trung your thoughts on this. I mean, you have a diverse diversity. It brings perspective to the table in cybersecurity because you have to think like the other, the adversary, you got to be the white headed hippie, a white hat, unless you know how black hat thinks. So there's a lot of needs here for more, more, more points of view. How are we going to get people trained on this from under represented minorities and women? What's your thoughts? >>Well, as a member of, I took a professional society of directed pool in the electronic engineer. You have the, uh, we participate in the engineering week. We'll be ploy our members to local junior high school and high school to talk about our project, to promote the discovery of engineering. But at the same time, we also participate in the science fair that we scaled up flex. As the squad organizing our engineer will be mentoring students, number one, to help them with the part check, but number two, to help us identify talents so that we can recruit them further into the field of STEM. One of the participation that week was the competition of the, what they call future CV. We're still going, we'll be doing a CT on a computer simulation. And in recent year we promote ops smart CV where CT will be connected the individual houses to be added in through the internet. >>And we want to bring awareness of cybersecurity into competition. So we deploy engineer to supervise the people, the students who participate in the competition, we bring awareness, not in the technical be challenged level, but in what we've called the compound level. So speargun will be able to know what is, why to provide cyber security for the smart city that they are building. And at the same time, we were able to identify talent, especially talent in the minority and in the room. And so that we can recruit them more actively. And we also raise money for scholarship. We believe that scholarship is the best way to get students to continue education in Epic college level. So with scholarship, it's very easy to recruit them, to give you and then push them to go further into the cyber security Eylea. >>Yeah. I mean, you know, I see a lot of the parents like, Oh, my kid's going to go join the soccer team, >>Private lessons, and maybe look at a scholarship >>Someday. Well, they only do have scholarships anyway. I mean, this is if they spent that time doing other things, it's just, again, this is a new lifestyle, like the girl Scouts. And this is where I want to get into this whole silo breaking down because Amy, you brought this up and bill, you were talking about as well, you've got multiple stakeholders here with this event. You got, you know, public, you got private and you've got educators. It's the intersection of all of them. It's again, that those, if those silos break down the confluence of those three stakeholders have to work together. So let's, let's talk about that. Educators. You guys are educating young minds, you're interfacing with private institutions and now the public. What about educators? What can they do to make cyber better? Cause there's no real manual. I mean, it's not like this court is a body of work of how to educate cybersecurity is maybe it's more recent, it's cutting edge, best practices, but still it's an, it's an evolving playbook. What's your thoughts for educators, bill? We'll start with you. >>Well, I don't really, I'm going to turn it off. >>I would say, I would say as, as educators, it's really important for us to stay on top of how the field is evolving, right? So what we want to do is we want to promote these tight connections between educators and our faculty and, um, applied research in industry and with industry partnerships. And I think that's how we're going to make sure that we're educating students in the best way. And you're talking about that inner, that confluence of the three different areas. And I think you have to keep those communication lines open to make sure that the information on where the field is going and what we need to concentrate on is flowing down into our educational process. And that, that works in both ways that, you know, we can talk as educators and we can be telling industry what we're working on and what are types of skills our students have and working with them to get the opportunities for our students to work in industry and develop those skills along the way as well. >>And I think it's just all part of this is really looking at, at what's going to be happening and how do we get people talking to each other and the same thing with looking at public policy and bringing that into our education and into these real hands on experiences. And that's how you really cement this type of knowledge with students, not by not by talking to them and not by showing them, but letting them do it. It's this learn by doing and building the resiliency that it takes when you learn by doing. And sometimes you learn by failing, but you just up and you keep going. >>And these are important skills that you develop along the way >>You mentioned, um, um, sharing too. That's the key collaborating and sharing knowledge. It's an open, open world and everyone's collaborating feel private public partnerships. I mean, there's a real private companies. You mentioned Palo Alto networks and others. There's a real intersection there there's, they're motivated. They could, the scholarship opportunities, trunk points to that. What is the public private educator view there? How do companies get involved? What's the benefit for them? >>Well, that's what a lot of the universities are doing is to bring in as part of either their cyber centers or institutes, people who are really focused on developing and furthering those public private partnerships. That's really what my role is in all these things is to take us to a different level in those areas, uh, not to take away from the academic side, but to add additional opportunities for both sides. Remember in a public private partnership, all entities have to have some gain in the process. Now, what I think is really interesting is the timing on particularly this subject space and cyber security. This has been an absolute banner year for space. The Stanhope of space force, the launch of commercial partnership, leaving commercial platforms, delivering astronauts to the space station, recovering them and bringing back the ability of a commercial satellite platform to be launched a commercial platforms that not only launch, but return back to where they're launched from. >>These are things that are stirring the hearts of the American citizens, the kids, again, they're getting interested, they're seeing this and getting enthused. So we have to seize upon that and we have to find a way to connect that public private partnerships is the answer for that. It's not one segment that can handle it all. It's all of them combined together. If you look at space, space is going to be about commercial. It's going to be about civil moving from one side of the earth, to the other via space. And it's about government. And what's really cool for us. All those things are in our backyard. Yeah. That's where that public private comes together. The government's involved, the private sector is involved. The educators are involved and we're all looking at the same things and trying to figure out like this forum, what works best to go to the future. >>You know, if people are bored and they want to look for an exciting challenge, he couldn't have laid it out any clearer. It's the most exciting discipline. It hits everything. I mean, we just talk about space. GPS is everything we do is well tested. Do with satellites. >>I have to tell you a story on that, right? We have a very unique GPS story right in our backyard. So our sheriff is the son of the father of GPS for the air force. So you can't get better than that when it comes to being connected to all those platforms. So we, we really want to say, you know, this is so exciting for all of us because >>It gives everybody a job for a long time. >>You know, the kids that don't think tick toxic, exciting, wait til they see what's going on here with you guys, this program, trunk final word on this from the public side, you're at the air force. You're doing research. Are you guys opening it up? Are you integrating into the private and educational sectors? How do you see that formula playing out? And what's the best practice for students and preparing them? >>I think it's the same in athlete university CP in the engineering program will require our students to be final project before graduation. And in this kind of project, we send them out to work in the private industry. The private company got sponsor. Then they get the benefit of having an intern working for them and they get the benefit of reviewing the students as the prospective employee in the future. So it's good for the student to gain practical experience working in this program. Some, some kind of, we call that a core program, some kind, we call that a capstone program and the company will accept the students on a trial PRCS, giving them some assignment and then pay them a little bit of money. So it's good for the student to earn some extra money, to have some experience that they can put on their resume when they apply for the final of the job. >>So the collaboration between university and private sector is really important. We, when I joined a faculty, normally they already exist that connection. It came from. Normally it came from the Dean of engineering who would whine and dine with companies. We work relationship and sign up women, but it's approach to do a good performance so that we can be credibility to continue the relationship with those company and the students that we selected to send to those company. We have to make sure that they will represent the university. Well, they will go a good job and they will make a good impression. >>Thank you very much for great insight, trunk, bill, Amy, amazing topic. I'd like to end this session with each of you to make a statement on the importance of cybersecurity to space. We'll go Trung bill and Amy Truong, the importance of cybersecurity space statement. >>We know that it's affecting components that we are using and we are connecting to. And normally we use them for personal purpose. But when we connect to the important system that the government public company put into space, so it's really important to practice cyber security and a lot of time, it's very easy to know concept. We have to be careful, but in reality, we tend to forget to partnership the way we forget how to ride safely. And with driving a car, we have a program called defensive driving that requires every two or three years to get. We can get discount. >>We are providing the cyber security practice, not to tell people about the technology, but to remind them not practicing cybersecurity. And it's a requirement for every one of us, bill, the importance of cyber security to space. It's not just about young people. It's about all of us as we grow and we change as I referenced it, you know, we're changing from an analog world to a digital world. Those of us who have been in the business and have hair that looks like mine. We need to be just as cognizant about cybersecurity practice as the young people, we need to understand how it affects our lives and particularly in space, because we're going to be talking about people, moving people to space, moving payloads, data, transfer all of those things. And so there's a whole workforce that needs to be retrained or upskilled in cyber that's out there. So the opportunity is ever expensive for all of us, Amy, the importance of cybersecurity space, >>Uh, and the, the emphasis of cybersecurity is space. Just simply, can't be over emphasized. There are so many aspects that are going to have to be considered as systems get ever more complex. And as we pointed out, we're putting people's lives at stake here. This is incredibly, incredibly complicated and incredibly impactful, and actually really exciting the opportunities that are here for students and the workforce of the future to really make an enormous impact on the world around us. And I hope we're able to get that message out to students, to children >>Today. But these are my really interesting fields that you need to consider. >>Thank you very much. I'm John foray with the cube and the importance of cybersecurity and space is the future of the world's all going to happen in and around space with technology, people and society. Thank you to Cal poly. And thank you for watching the Cypress of computer security and space symposium 2020.