(upbeat music) >> From theCube Studios in Palo Alto in Boston, bringing you data driven insights from theCube and ETR. This is Breaking Analysis with Dave Vellante. >> While by no means a safe haven, the cybersecurity sector has outpaced the broader tech market by a meaningful margin, that is up until very recently. Cybersecurity remains the number one technology priority for the C-suite, but as we've previously reported the CISO's budget has constraints just like other technology investments. Recent trends show that economic headwinds have elongated sales cycles, pushed deals into future quarters, and just like other tech initiatives, are pacing cybersecurity investments and breaking them into smaller chunks. Hello and welcome to this week's Wikibon Cube Insights powered by ETR. In this Breaking Analysis we explain how cybersecurity trends are reverting to the mean and tracking more closely with other technology investments. We'll make a couple of valuation comparisons to show the magnitude of the challenge and which cyber firms are feeling the heat, which aren't. There are some exceptions. We'll then show the latest survey data from ETR to quantify the contraction in spending momentum and close with a glimpse of the landscape of emerging cybersecurity companies, the private companies that could be ripe for acquisition, consolidation, or disruptive to the broader market. First, let's take a look at the recent patterns for cyber stocks relative to the broader tech market as a benchmark, as an indicator. Here's a year to date comparison of the bug ETF, which comprises a basket of cyber security names, and we compare that with the tech heavy NASDAQ composite. Notice that on April 13th of this year the cyber ETF was actually in positive territory while the NAS was down nearly 14%. Now by August 16th, the green turned red for cyber stocks but they still meaningfully outpaced the broader tech market by more than 950 basis points as of December 2nd that Delta had contracted. As you can see, the cyber ETF is now down nearly 25%, year to date, while the NASDAQ is down 27% and change. Now take a look at just how far a few of the high profile cybersecurity names have fallen. Here are six security firms that we've been tracking closely since before the pandemic. We've been, you know, tracking dozens but let's just take a look at this data and the subset. We show for comparison the S&P 500 and the NASDAQ, again, just for reference, they're both up since right before the pandemic. They're up relative to right before the pandemic, and then during the pandemic the S&P shot up more than 40%, relative to its pre pandemic level, around February is what we're using for the pre pandemic level, and the NASDAQ peaked at around 65% higher than that February level. They're now down 85% and 71% of their previous. So they're at 85% and 71% respectively from their pandemic highs. You compare that to these six companies, Splunk, which was and still is working through a transition is well below its pre pandemic market value and 44, it's 44% of its pre pandemic high as of last Friday. Palo Alto Networks is the most interesting here, in that it had been facing challenges prior to the pandemic related to a pivot to the Cloud which we reported on at the time. But as we said at that time we believe the company would sort out its Cloud transition, and its go to market challenges, and sales compensation issues, which it did as you can see. And its valuation jumped from 24 billion prior to Covid to 56 billion, and it's holding 93% of its peak value. Its revenue run rate is now over 6 billion with a healthy growth rate of 24% expected for the next quarter. Similarly, Fortinet has done relatively well holding 71% of its peak Covid value, with a healthy 34% revenue guide for the coming quarter. Now, Okta has been the biggest disappointment, a darling of the pandemic Okta's communication snafu, with what was actually a pretty benign hack combined with difficulty absorbing its 7 billion off zero acquisition, knocked the company off track. Its valuation has dropped by 35 billion since its peak during the pandemic, and that's after a nice beat and bounce back quarter just announced by Okta. Now, in our view Okta remains a viable long-term leader in identity. However, its recent fiscal 24 revenue guide was exceedingly conservative at around 16% growth. So either the company is sandbagging, or has such poor visibility that it wants to be like super cautious or maybe it's actually seeing a dramatic slowdown in its business momentum. After all, this is a company that not long ago was putting up 50% plus revenue growth rates. So it's one that bears close watching. CrowdStrike is another big name that we've been talking about on Breaking Analysis for quite some time. It like Okta has led the industry in a key ETR performance indicator that measures customer spending momentum. Just last week, CrowdStrike announced revenue increased more than 50% but new ARR was soft and the company guided conservatively. Not surprisingly, the stock got absolutely crushed as CrowdStrike blamed tepid demand from smaller and midsize firms. Many analysts believe that competition from Microsoft was one factor along with cautious spending amongst those midsize and smaller customers. Notably, large customers remain active. So we'll see if this is a longer term trend or an anomaly. Zscaler is another company in the space that we've reported having great customer spending momentum from the ETR data. But even though the company beat expectations for its recent quarter, like other companies its Outlook was conservative. So other than Palo Alto, and to a lesser extent Fortinet, these companies and others that we're not showing here are feeling the economic pinch and it shows in the compression of value. CrowdStrike, for example, had a 70 billion valuation at one point during the pandemic Zscaler top 50 billion, Okta 45 billion. Now, having said that Palo Alto Networks, Fortinet, CrowdStrike, and Zscaler are all still trading well above their pre pandemic levels that we tracked back in February of 2020. All right, let's go now back to ETR'S January survey and take a look at how much things have changed since the beginning of the year. Remember, this is obviously pre Ukraine, and pre all the concerns about the economic headwinds but here's an X Y graph that shows a net score, or spending momentum on the y-axis, and market presence on the x-axis. The red dotted line at 40% on the vertical indicates a highly elevated net score. Anything above that we think is, you know, super elevated. Now, we filtered the data here to show only those companies with more than 50 responses in the ETR survey. Still really crowded. Note that there were around 20 companies above that red 40% mark, which is a very, you know, high number. It's a, it's a crowded market, but lots of companies with, you know, positive momentum. Now let's jump ahead to the most recent October survey and take a look at what, what's happening. Same graphic plotting, spending momentum, and market presence, and look at the number of companies above that red line and how it's been squashed. It's really compressing, it's still a crowded market, it's still, you know, plenty of green, but the number of companies above 40% that, that key mark has gone from around 20 firms down to about five or six. And it speaks to that compression and IT spending, and of course the elongated sales cycles pushing deals out, taking them in smaller chunks. I can't tell you how many conversations with customers I had, at last week at Reinvent underscoring this exact same trend. The buyers are getting pressure from their CFOs to slow things down, do more with less and, and, and prioritize projects to those that absolutely are critical to driving revenue or cutting costs. And that's rippling through all sectors, including cyber. Now, let's do a bit more playing around with the ETR data and take a look at those companies with more than a hundred citations in the survey this quarter. So N, greater than or equal to a hundred. Now remember the followers of Breaking Analysis know that each quarter we take a look at those, what we call four star security firms. That is, those are the, that are in, that hit the top 10 for both spending momentum, net score, and the N, the mentions in the survey, the presence, the pervasiveness in the survey, and that's what we show here. The left most chart is sorted by spending momentum or net score, and the right hand chart by shared N, or the number of mentions in the survey, that pervasiveness metric. that solid red line denotes the cutoff point at the top 10. And you'll note we've actually cut it off at 11 to account for Auth 0, which is now part of Okta, and is going through a go to market transition, you know, with the company, they're kind of restructuring sales so they can take advantage of that. So starting on the left with spending momentum, again, net score, Microsoft leads all vendors, typical Microsoft, very prominent, although it hadn't always done so, it, for a while, CrowdStrike and Okta were, were taking the top spot, now it's Microsoft. CrowdStrike, still always near the top, but note that CyberArk and Cloudflare have cracked the top five in Okta, which as I just said was consistently at the top, has dropped well off its previous highs. You'll notice that Palo Alto Network Palo Alto Networks with a 38% net score, just below that magic 40% number, is healthy, especially as you look over to the right hand chart. Take a look at Palo Alto with an N of 395. It is the largest of the independent pure play security firms, and has a very healthy net score, although one caution is that net score has dropped considerably since the beginning of the year, which is the case for most of the top 10 names. The only exception is Fortinet, they're the only ones that saw an increase since January in spending momentum as ETR measures it. Now this brings us to the four star security firms, that is those that hit the top 10 in both net score on the left hand side and market presence on the right hand side. So it's Microsoft, Palo Alto, CrowdStrike, Okta, still there even not accounting for a Auth 0, just Okta on its own. If you put in Auth 0, it's, it's even stronger. Adding then in Fortinet and Zscaler. So Microsoft, Palo Alto, CrowdStrike, Okta, Fortinet, and Zscaler. And as we've mentioned since January, only Fortinet has shown an increase in net score since, since that time, again, since the January survey. Now again, this talks to the compression in spending. Now one of the big themes we hear constantly in cybersecurity is the market is overcrowded. Everybody talks about that, me included. The implication there, is there's a lot of room for consolidation and that consolidation can come in the form of M&A, or it can come in the form of people consolidating onto a single platform, and retiring some other vendors, and getting rid of duplicate vendors. We're hearing that as a big theme as well. Now, as we saw in the previous, previous chart, this is a very crowded market and we've seen lots of consolidation in 2022, in the form of M&A. Literally hundreds of M&A deals, with some of the largest companies going private. SailPoint, KnowBe4, Barracuda, Mandiant, Fedora, these are multi billion dollar acquisitions, or at least billion dollars and up, and many of them multi-billion, for these companies, and hundreds more acquisitions in the cyberspace, now less you think the pond is overfished, here's a chart from ETR of emerging tech companies in the cyber security industry. This data comes from ETR's Emerging Technologies Survey, ETS, which is this diamond in a rough that I found a couple quarters ago, and it's ripe with companies that are candidates for M&A. Many would've liked, many of these companies would've liked to, gotten to the public markets during the pandemic, but they, you know, couldn't get there. They weren't ready. So the graph, you know, similar to the previous one, but different, it shows net sentiment on the vertical axis and that's a measurement of, of, of intent to adopt against a mind share on the X axis, which measures, measures the awareness of the vendor in the community. So this is specifically a survey that ETR goes out and, and, and fields only to track those emerging tech companies that are private companies. Now, some of the standouts in Mindshare, are OneTrust, BeyondTrust, Tanium and Endpoint, Net Scope, which we've talked about in previous Breaking Analysis. 1Password, which has been acquisitive on its own. In identity, the managed security service provider, Arctic Wolf Network, a company we've also covered, we've had their CEO on. We've talked about MSSPs as a real trend, particularly in small and medium sized business, we'll come back to that, Sneek, you know, kind of high flyer in both app security and containers, and you can just see the number of companies in the space this huge and it just keeps growing. Now, just to make it a bit easier on the eyes we filtered the data on these companies with with those, and isolated on those with more than a hundred responses only within the survey. And that's what we show here. Some of the names that we just mentioned are a bit easier to see, but these are the ones that really stand out in ERT, ETS, survey of private companies, OneTrust, BeyondTrust, Taniam, Netscope, which is in Cloud, 1Password, Arctic Wolf, Sneek, BitSight, SecurityScorecard, HackerOne, Code42, and Exabeam, and Sim. All of these hit the ETS survey with more than a hundred responses by, by the IT practitioners. Okay, so these firms, you know, maybe they do some M&A on their own. We've seen that with Sneek, as I said, with 1Password has been inquisitive, as have others. Now these companies with the larger footprint, these private companies, will likely be candidate for both buying companies and eventually going public when the markets settle down a bit. So again, no shortage of players to affect consolidation, both buyers and sellers. Okay, so let's finish with some key questions that we're watching. CrowdStrike in particular on its earnings calls cited softness from smaller buyers. Is that because these smaller buyers have stopped adopting? If so, are they more at risk, or are they tactically moving toward the easy button, aka, Microsoft's good enough approach. What does that mean for the market if smaller company cohorts continue to soften? How about MSSPs? Will companies continue to outsource, or pause on on that, as well as try to free up, to try to free up some budget? Adam Celiski at Reinvent last week said, "If you want to save money the Cloud's the best place to do it." Is the cloud the best place to save money in cyber? Well, it would seem that way from the standpoint of controlling budgets with lots of, lots of optionality. You could dial up and dial down services, you know, or does the Cloud add another layer of complexity that has to be understood and managed by Devs, for example? Now, consolidation should favor the likes of Palo Alto and CrowdStrike, cause they're platform players, and some of the larger players as well, like Cisco, how about IBM and of course Microsoft. Will that happen? And how will economic uncertainty impact the risk equation, a particular concern is increase of tax on vulnerable sectors of the population, like the elderly. How will companies and governments protect them from scams? And finally, how many cybersecurity companies can actually remain independent in the slingshot economy? In so many ways the market is still strong, it's just that expectations got ahead of themselves, and now as earnings forecast come, come, come down and come down to earth, it's going to basically come down to who can execute, generate cash, and keep enough runway to get through the knothole. And the one certainty is nobody really knows how tight that knothole really is. All right, let's call it a wrap. Next week we dive deeper into Palo Alto Networks, and take a look at how and why that company has held up so well and what to expect at Ignite, Palo Alto's big user conference coming up later this month in Las Vegas. We'll be there with theCube. Okay, many thanks to Alex Myerson on production and manages the podcast, Ken Schiffman as well, as our newest edition to our Boston studio. Great to have you Ken. Kristin Martin and Cheryl Knight help get the word out on social media and in our newsletters. And Rob Hof is our EIC over at Silicon Angle. He does some great editing for us. Thank you to all. Remember these episodes are all available as podcasts. Wherever you listen, just search Breaking Analysis podcast. I publish each week on wikibond.com and siliconangle.com, or you can email me directly David.vellante@siliconangle.com or DM me @DVellante, or comment on our LinkedIn posts. Please do checkout etr.ai, they got the best survey data in the enterprise tech business. This is Dave Vellante for theCube Insights powered by ETR. Thanks for watching, and we'll see you next time on Breaking Analysis. (upbeat music)

(upbeat music) >> Welcome back to Fal.Con 2022. My name is Dave Vallante. We're here with my co-host Dave Nicholson. On the last earnings call George Kurts made a really big emphasis on the relationship with managed service providers. CrowdStrike has announced a new service provider capability. The powered service provider program. Jason Cook is here. He is the president of cyber defense labs. He's joined by Mike Riolo. Who's the vice president of global system integrators and service providers at CrowdStrike gents. Welcome to TheCube. Good to see you. >> Thank you very much. >> Thank you >> Jason, tell us about cyber defense labs. What do you guys do? Give us the bumper sticker, please. >> Cyber defense labs uses the best technology in the world to put together services that help protect our clients >> Simple. Like it. What's XDR? (people laughing) >> I've not heard of that before, sorry. >> So Mike, we've seen the rise of service providers. I saw a stat, I don't know, six, seven months ago that 50% of us companies don't even have a SOC. We're talking about mid to large companies. So service providers are crucial. What's the CrowdStrike powered service provider program all about? >> Well, it's an evolution for us. We've been dealing with this market for some time. And the idea is, is like how do we expand the opportunity to stop reaches? I mean, that's what it's all about. Like how more routes to market, more partners like cyber defense labs that can really go in and bring our technology coupled with their services to power their offerings to their customers and just help us reach every end user out there, to stop reaches. >> So Jason, how do you guys differentiate? Cause I see, you know, as an analyst, I'll look back, I'll read the press releases and they'll see, okay. They just look so similar. So how do you differentiate from the competition? What do you tell customers? >> So when it comes to our selection of technology we test it, we work it, we literally put it into real world situations with our clients. And then we differentiate ourselves with expert services. It's a white glove service from us. We embed ourselves right in with our clients. That's why we call 'em our client partners. And they see us as part of their team and extension of their team. They don't have the time to play with technology and work out what's best. They don't know the time to select it or even then the expertise to use it effectively in the environment. So that's where the trust comes in with us. And then for us, likewise, we are the technology provider such as CrowdStrick, we need to know the technology works and it does what it says. >> I always ask CISOs; What's your number one challenge? And they'll say lack of talent. The only time I didn't get that answer was at... The Mongo DB CISO at reinforced. I'm like yeah, it's cause you're Mongo, I guess reinforced or AWS doesn't have the same problem, but do you... Obviously you see that problem. And you compliment that, is that a fair? >> Yeah, absolutely. Many, many companies mid-market enterprises are really struggling to find talent and then retain the talent. So for us where that's all we are about and then we are there to enable your business to do what your business does. It is just working and I think more and more so you're going to see an industry clearly CrowdStrike's going in that direction. That it's the service provider that becomes a critical element of that trusted circle. >> Does that translate into a market segment by size of organization typically or? You mentioned the ever never ending quest for talent which is critical regardless of size but what does your target market look like? >> So I, I think the biggest gap in the market frankly, is still the mid-market. Many smaller companies still are really just struggling with 'what is the problem.' At least in the mid-market, in the enterprises they really beginning to understand the problem and want to invest and lean in. And here's the irony. They now want to partner to solve the problem cause they recognize they can't do it on their own. >> So Mike, what are the critical aspects of this program? I mean, got the press release out there, but put some meat on the bone for us. >> So if you look at what we were doing to enable managed service providers to go in and, and be powered by CrowdStrike before it was in a corporate market segment it was a specific set of product from us to really enable MDR, you know, sort of that, that generation of services that a lot of customers looked at MSPs for. And what the big message about this is is we are now expanding that. We're taking it out of corporate, we're going upmarket, we're going enterprise. We can leverage partners like cyber defense labs to package our software into their offering and help them power them more than just endpoint. Right? We've had a lot of exciting announcements and probably more to come around identity, you know XDR, the new buzz, right? Like what does it mean? And in, if you look at our approach, it's a very platform centric approach and that's something that partners can monetize. That's something that partners can really help clients grow with is that it's not just about endpoint. It's more about how do I make sure that I'm in a position with a partner that allows me to grow as a market decides it's necessary. So things like identity, cloud on and on and on, that we're investing in and continuing to grow. We are making that available to the CrowdStrike powered service about our marketplace. >> So Jason, service providers historically outsourcing, okay. And it used to be a lot of; 'okay, you know, I'll take over your mess for less kind of thing.' Right? And so the pattern was you would have one of everything and then, that limited your scale. The bigger you got, you had this economies of scale. So am I hearing that, like how do you partner with CrowdStrike? Are you kind of standardizing on that platform or not necessarily cause you have to be agnostic. What's your posture on that? >> So there's a level of, you have to be technology agnostic. We pride ourselves in just using the best technology that's out there. But at the same time, very much with the Fal.Con platform they're building out and maturing in a way that's making significant risk mitigation abilities for a solution provider like us to say we'll take one of those, one of those and put our service around it because that's the best fit service to reduce the risk of this particular client. And having that flexibility for us to do that really allows us then to stay within the same sort of product suite rather than going outside when integration is still one of the biggest challenges that you have. >> So you're one of those organizations that's consolidating a bevy of point tools. Is that right? I mean, you're going through that transformation now. Have you already gone through that? What's your journey look like there? >> Oh, we help companies do that. That's how they mitigate and reduce their risk. >> Okay. But you're using tools as, as well. Are you not? So I mean, you've got to also I mean you're like an extension of those clients. >> Absolutely. So it comes down to a lot of the time do you have the right team? We have a team of experts that deliver expert services. You get to a level of skillset and experience, which goes what's just the best tool out there. And it becomes that's our insight. So one of the reasons why we like the Fal.Con product is because regardless of what the mess is, that's happening you can rapidly deploy stuff to make a difference. And then you then work out how to fix the mess which is quite a change from how traditionally things are done, which is let's analyze the problem. Let's look at options around it. And by the time you've done that time has passed and you can't afford to just allow time to pass these days. So having the right technology allows you to rapidly deploy. Of course, we use what we sell. So we are proud to say that we use a number of the Fal.Con products to protect ourselves and consolidate onto that technology as we then offer that out as a service to our clients. >> So Mike, I'm thinking about the program in general and specifically how you are implementing this program thinking about the path to bringing the customer on board. There are a finite number of strategic seats at any customer's table. So who is at the customer's table? Is it CDL saying; 'Hey, I'm going to bring in my folks from CrowdStrike to have a conversation with you.' Is it CrowdStrike saying; 'Hey, it looks like a service provider might be the best solution for you. Let's go talk to CDL.' How does that work? >> It's a great question. And I think we talk a lot about how there's a gap in people to support cyber efforts inside of companies. But we don't talk about the gap in like experts that can go in and actually sit down with CISOs, with CIOs, with CFOs. And so for us, like it's all about the flexibility. It's it's what do you need in the moment? Because at the end of the day, it comes down to the people. If Jason has a great trusted relationship, he's like; 'Hey I just need some content.' 'Help me push why we're powered by CrowdStrike in this moment.' Great, go run. If we have an opportunity where we know that cyber defense labs has a presence then we go in together, right? Like that flexibility is there. We've done a lot. When you build a program like this, like it's easy to tell the market what they need. It's easy to tell everybody, but it's also you're looking at a cultural shift and how CrowdStrike goes to market, right? Like this is all about how do we get every possible route to market to stop reaches for customers of all size. >> I would echo that. there's three ways that that's working for our two companies at the moment. Many times a lot of the relationships that we have are trusted advisor at the owner or board level of these mid-market and enterprise companies. They're looking to ask for a number of things. And one of the things that we then say is, Hey for your technology roadmap, hey we want to bring in co-present coded us, co-discuss co-strategize with you what your roadmap is. And so we often bring CrowdStrike into the conversations that cyber defense lab is having at the board level. Then on the other side, CrowdStrike obviously has a significant sales force and trusted advisors. They go in with the product and then it's apparent that the you know, the client wants way more than just the product. They say, this is great. I love it. I've made my decision, but I can't operate it effectively. And so we then get pulled in from that perspective >> You get to all the time from product companies, right? It's like, okay, now what? How do I do this? And you go, oh, I'll call somebody. So this is going to accelerate. You go to market. >> Well, and everybody looks at it like, you know how does your sales play with their sales, right? Everyone's going after the same thing. And I'm, you know, that's important, but you have to look at CrowdStrike as more than sales, right? We have an amazing threat intel group that are helping clients understand the risk factors and what bad people are trying to do to them. We can bring so many experts to the side of a cyber defense labs in, in that realm. You know, we've been doing this a long time. >> This is what's interesting to me when I think about your threat hunting, because you guys are experts and you guys are experts. But the... Correct me if I'm wrong. But the advantage I see at the CrowdStrike has is your cloud platform allows you to have such a huge observation space. You got a ton of data and you bring that to the relationship as well and then you benefit from that? >> It's two way. It's absolutely two way. CrowdStrike has a whole bunch of experts and expertise in this space. So do cyber defense labs. We call it for us because we're providing a service to multiple clients. Many of them have a global presence. We call it our global threat view. And absolutely we are exchanging real time threat telemetry data with, with our friends at CrowdStrike Which is impacting the value that we have and the ability to respond extremely quickly when something's happening to one of our clients. >> Well, I just add to that, you know if you look at all of our alliances, right? We've got solution providers, tech reliant, everything. The one thing that's really interesting about the CrowdStrike powered service provider program; it lives in alliances, It's a partnership program, but they're our customer. They have chosen to standardize on our platform, right. To help drive the best results for their customers. And so we treat them like a partner because it's not for internal use. There's unlimited aspect to it. And so as that treating like partnership we have to enable them with more than just product. Right? We want to bring the right experts. We want to bring the right, you know, vision of where the market's going the threats out there, things of that nature. And that's something that we do every day with you guys. >> And it was even expressed earlier with the keynote speech that George gave. Look there's an ecosystem of very good technologies, very good providers. And there there's that sort of friend-of-me view here. You put the best thing together for the client at the end of the day. And if we all acknowledge, which I think is the maturity of our partnership, that one plus one equals, I always say at 51 now, if you play it right, then the partner sees... That the client sees the value of the partnership. And so they want more of that. >> So it sounds like... We got to wrap, but I wonder if we could close on this. It sounds like this was happening just organically in the field. Now you've codified it. So my question to each of you is; What's your vision for the future? Where do you guys want to take this thing? >> What a wrap question right there. I love it. Honestly, like we look at it in... Look at what does it mean to be a CrowdStrike powered service provider. It is more than just the platform. It's the program in general, offering them tools to go in and do early assessments. One thing about service providers, they're in there before vendors, right? We're still a vendor at the end of the day. And so they have that relationship, like how do we enable them to leverage our platform leverage our tools, leverage our programs in order to help a client understand, like, what is your risk factor Could a breach come, things of that nature. And so it's really building in really enabling a partner like cyber defense labs to take on the full suite of programs, services, platform that we can provide to them as a customer, treated them like a partner. >> And Jason, from your perspective, bring us on if you would. >> So our partnership with CrowdStrike is really enabling cyber defense labs to increase our share of wallet, our presence in very specific market segments; The mid-market to enterprise especially around banking, financial services auto dealerships, healthcare, manufacturing, where last year we saw a significant progress there. And we think we're going to double it between this year and next year. >> Jason Cook, Mike Riolo. thanks for coming in TheCube. Great story. >> Thank you for having us >> Alright, thank you for watching. Keep it right there. Dave Vallante and Dave Nicholson will be back right after this short break from Fal.Con 22. You're watching TheCube. (soft electronic music)

>> From theCUBE Studios in Palo Alto in Boston, bringing you data driven insights from theCUBE and ETR. This is Breaking Analysis with Dave Vellante. >> Cybersecurity stocks have been sending mixed signals as of late, mostly negative like much of tech, but some such as Palo Alto Networks, despite a tough go of it recently have held up better than most tech names. Others like CrowdStrike, had been out performing Broader Tech in March, but then flipped in May. Okta's performance was pretty much tracking along with CrowdStrike for most of the past several months, a little bit below, but then the Okta hack changed the trajectory of that name. Zscaler has crossed the critical billion dollar ARR revenue milestone, and now sees a path to five billion dollars in revenue, but the company stock fell sharply after its last earnings report and has been on a down trend since last November. Meanwhile, CyberArk's recent beat and raise, was encouraging and the stock acted well after its last report. Security remains the number one initiative priority amongst IT organizations and the spending momentum for many high flying cyber names remain strong. So what gives in cyber security? Hello, and welcome to this week's Wikibon CUBE insights powered by ETR. In this breaking analysis, we focus on security and will update you on the latest data from ETR to try to make sense out of the market and read into what this all means in both the near and long term, for some of our favorite names in cyber. First, the news. There's always something happening in security news cycles. The big recent news is new President Rodrigo Chavez declared a national emergency in Costa Rica due to the preponderance of Russian cyber attacks on the country's critical infrastructure. Such measures are normally reserved for natural disasters like earthquakes, but this move speaks to the nature of today's cyber threats. Of no surprise is modern superpower warfare even for a depleted power like Russia almost certainly involves cyber warfare as we continue to see in Ukraine. Privately held Arctic Wolf Networks hired Dustin Williams as its new CFO. Williams has taken three companies to IPO, including Nutanix in 2016, a very successful IPO for that company. Whether AWN chooses to pull the trigger this year or will wait until markets are less choppy or obviously remains to be seen. But it's a pretty clear sign the company is headed to IPO at some point. Now, big point of discussion this week at Red Hat Summit in Boston and the prior week at Dell technologies world was security. In the case of Red Hat, securing the digital supply chain was the main theme. And from Dell building, many security features into its storage arrays and cyber resilience services into its as a service offering called Apex. And we're seeing a trend where buyers want to reduce the number of bespoke tools they use if they, in fact can. Here's IDC's Jim Mercer, sharing data from a recent survey they conducted on the topic. Play the clip. >> Interestingly, we did a survey, I think around last August or something. And one of the questions was around where do you want your security, right? Where do you want to get your DevSecOps security from? Do you want to get it from individual vendors, right? Or do you want to get it from like your platforms that you're using and deploying changes in Kubernetes? >> Great question. What did they say? >> The majority of them, they're hoping they can get it built into the platform. That's really what they want-- >> Now, whether that's actually achievable is debatable because you have so much innovation and investment going on from the likes of startups and for instance, lace work or sneak and security companies that you see even trying to build platforms, you've got CrowdStrike, Okta, Zscaler and many others, trying to build security platforms and put it all under their umbrella. Now the last point will hit here is there was a lot of buzz in the news about Okta. The reaction to what was a relatively benign hack was pretty severe and probably overblown, but Okta's stock is paying the price of what is generally considered a blown communications plan versus a technical failure. Remember, identity is not an easy thing to rip and replace and Okta remains a best-of-breed player and leader in the space. So we're going to look at some ETR data later in this segment to try and make sense of the recent action in the market and certain names. Speaking of which let's take a look at how some of the names in cybersecurity have fared relative to some of the indices and relative indicators that we like to look at. Here's a Google finance comparison for a number of stocks and names in the bottom there you can see we plot the hack ETF which tracks security stocks. This is a year to date view. And so we don't show it here but the tech heavy NASDAQ is off around 26% year to date whereas the cyber ETF that we're showing is down 18%, okay. So cyber holding up a little bit better than broader tech as we've reported earlier, was actually much better and still seems to be a gap there, but the data are mixed. You can see Okta is way off relative to its peers. That's a combination of the breach that we talked about but also the run up in the stock since COVID. CrowdStrike was actually faring better but broke this month, we'll see how it's upcoming earnings announcements are received when it announces on June 2nd after the close. Palo Alto in the light blue has done better than most and until recently was holding up quite well. And of course, Sailpoint is another identity specialist, it is kind of off the charts here because it's going private with the acquisition by Thoma Bravo at nearly seven billion dollars. So you see some mixed signals in cyber these past several months and weeks. And so we're trying to understand what that all means. So let's take a look at the survey data and see how spending momentum is holding up. As we've reported IT spending forecast, at the macro level, they've come off their 8% highs from the end of the year, the ETRS December survey, but robust tech spending is still there. It's expected at nearly seven percent and this is amongst 1200 ETR respondents. Here's a picture from the ETR survey of the cybersecurity landscape. That y-axis that's net score or a measure of spending momentum and that horizontal access is overlap. We used to talk about it as a market share which is a measure of pervasiveness in the data set. That dotted red line at 40% indicates an elevated spending momentum level on the vertical axis and we filter the names and limited to only those with a hundred or more responses in the ETR survey. Then the pictures still pretty crowded as you can see. You got lots of companies above the red dotted line, including Microsoft which is up into the right, they're so far off the chart, it's just amazing. But also Palo Alto and Okta, Auth0, which of course is now owned by Okta, Zscaler, CyberArk is making moves. Sailpoint and Cloudflare, they're all above that magic 40% line. Now, you look at Cisco, it shows a very large presence in the horizontal axis in the data set. And it's got pretty respectable momentum and you see Splunk doing okay, no before and tenable just below that 40% line and a lot of names in the very respectable 20% zone. And we've included some legacy names just for context that fall below the zero percent line with a negative net score. And that means a larger proportion, that negative net score means a larger proportion of their customers in the survey are spending less than those that are spending more. Now, typically for these legacy names you're going to have a huge proportion of customers who have flat spending that kind of fat middle and that's why they sort of don't have that highly elevated score, but they're still viable as they get the recurring revenue each year. But the bottom line is that spending remains robust for some of the top names that we've talked about earlier despite their rocky stock performance. Now, let's filter this data a bit more to make it a little bit easier to read. So to do that, we take out Microsoft because they're just so dominant and we cherry pick some names to make the data more consumable and scannable. The other data point we've added is Okta's net score breakdown, the multicolored rows there, that row in the bottom right. Net score, it measures the percent of customers that are adding the platform new, that's the lime green, at 18% for Okta. The forest green is at 42%. That's the percent of customers in the survey that are spending six percent or more. The gray is flat spending. That's 32% for Okta, this past survey. The pink is customers that are spending less, that's three percent. They're spending six percent or worse in the survey, so only three percent for Okta. And the bright red at three percent is decommissioning the platform. You subtract the reds from the greens and you get a net score, well, into the 50s for Okta and you can see. We highlight Okta here because it's a name that we've been following for quite some time and customers have given us really solid feedback on the technology and up until the hack, they're affinity to Okta, but that seems to be continuing. We'll talk more about that. This recent breach to Okta has caused us to take a closer look. And you may recall, we reported with our ETR colleague, Eric Bradley. The breach was announced right in the middle of ETR collecting data in the last survey. And while we did see a noticeable downtick right after the announcement, the exposure of the hack and Okta's net score just after the breach was disclosed, you can see the combination of Okta and Auth0 remains very strong. I asked Eric Bradley this morning what he thought about Okta, and he pointed out that you can't evaluate this company on its price to earnings ratio. But it's forward sales multiple is now below 7X. And while attractive, these high flyers at some point, Eric says, they got to start making a profit. So you going to hold that thought, we'll come back to that. Now, another cut of the ETR data to look at our four star security names here. A while back we developed a methodology to try and cut through the noise of the crowded security sector using the ETR data to evaluate two key metrics; net score and shared N. Net score again is, spending momentum, the latter is an indicator of presence in the data set which is a proxy for market presence. Okay, we assigned those companies that cracked the top 10 in both net score and shared N, we give them four stars, okay, if they make the top 10. This chart here shows the April survey data for those companies with an N that's greater than, equal to a hundred responses. So again, we're filtering on those with a hundred or more responses. The table on the left that you see there, that's sorted by net score, okay. So we're sorting by spending momentum. And then the one on the right is sorted by shared N, so their presence in the data set. Seven companies hit the top 10 for both categories; Palo Alto Network, Splunk, CrowdStrike Okta, Proofpoint, Fortinet and Zscaler. Now, remember, take a look, Okta excludes Auth0, in this little methodology that we came up with. Auth0 didn't make the cuts but it hits the top 10 for net score. So if you add in Auth0's 112 N there that you see on the right. You add that into Okta, we put Okta in the number two spot in the survey on the right most table with the shared N of 354. Only Cisco has a higher presence in the data set. And you can see Cisco in the left lands just below that red dotted line. That's the top 10 in security. So if we were to combine Okta and Auth0 as one, Cisco would make the cut and earn four stars. Now, some other notables are CyberArk, which is just below the red line on the right most chart with an impressive 177 shared N. Again, if you combine Auth0 and Okta, CyberArk makes the four star grade because it's in the top 10 for net score on the left. And Sailpoint is another notable with a net score above 50% and it's got a shared N of 122, which is respectable. So despite the market's choppy waters, we're seeing some positive signs in the survey data for some of the more prominent names that we've been following for the last couple of years. So what does this mean for the markets going forward? As always, when we see these confusing signs we like to reach out to the network and one of the sharpest traders out there is Chip Simonton. We've quoted him before and we like to share some of his insights. And so we're going to highlight some of that here. So technically, almost every good tech stock is oversold. And as such, he suggested we might see a bounce here. We certainly are seeing that on this Friday, the 13th. But the right call tactically has been to sell into the rally these past several months, so we'll see what happens on Monday. The key issue with the name like Okta and some other momentum names like CrowdStrike and Zscaler is that when money comes back into tech, it's likely going to go to the FAANG stocks, the Facebook, Apple, Amazon, Netflix, Google, and of course, you put Microsoft in there as well. And we'll see about Amazon, by the way, it's kind of out of favor right now, as everyone's focused on the retail side of the business meanwhile it's cloud business is booming and that's where all the profit is. We think that should be the real focus for Amazon. But the point is, for these momentum names in cybersecurity that don't make money, they face real headwinds, as growth is slowing overall and interest rates rise, that makes the net present value of these investments much less attractive. We've talked about that before. But longer term, we agree with Chip Simonton that these are excellent companies and they will weather the storm and we think they're going to lead their respective markets. And in cyber, we would expect continued M&A activity, which could act as a booster shot in the arms of these names. Now in 2019, we saw the ETR data, it pointed to CrowdStrike, Zscaler, Okta and others in the security space. Some of those names that really looked to us like they were moving forward and the pandemic just created a surge in these names and admittedly they got out over their skis. But the data suggests that these leading companies have continued momentum and the potential for stay in power. Unlike the SolarWinds hack, it seems at this point anyway that Okta will recover in the market. For the reasons that we cited, investors, they might stay away for some time but longer term, there's a shift in CSO security strategies that appear to be permanent. They're really valuing cloud-based modern platforms, these platforms will likely continue to gain share and carry their momentum forward. Okay, that's it for now, thanks to Stephanie Chan, who helps with the background research and with social, Kristen Martin and Cheryl Knight help get the word out and do some great work as well. Alex Morrison is on production and handles all of our podcast. Alex, thank you. And Rob Hof is our Editor in Chief at SiliconANGLE. Remember, all these episodes, they're available as podcast, you can pop in the headphones and listen, just search "Breaking Analysis Podcast." I publish each week on wikibon.com and SiliconANGLE.com. Don't forget to check out etr.ai, best in the business for real customer data. It's an awesome platform. You can reach me at dave.vellante@siliconangle.com or @dvellante. You can comment on our LinkedIn posts. This is Dave Vellante for the CUBEinsights powered by ETR. Thanks for watching. And we'll see you next time. (bright upbeat music)

>>Yeah. Hello and welcome to the Cubes Presentation of Women in text. Global event Celebrating International Women's Day I'm John for a host of the Cube were with Sally E. Senior Policy Advisor Global Foundation for Cyber Studies and Research. Sally, great to see you. Thanks for coming on the cue for International Women's Day. Appreciate it. >>Pleasure, John. Great speech again. >>Love your title. Global Foundation for Cyber Studies. Um, global is a big part of the theme this year. Uh, cyber studies. We're seeing a lot of cyber activity all around the world, networks, communities coming together, the role of data. I mean, everything is touching our lives. There are no boundaries anymore. What does it all mean? There's so much to talk about your in the middle of it before we get into it. Tell us about your career and your history. How you got interested in tech and what you're working on. >>Absolutely. I love it. Kind of this age of convergence coming together right now, isn't it? That's how I would describe it. And that's kind of a bit like my career. I think in many ways as well. So for the audience, really great to be here and share about that today, and I kind of say, three main palace, so one would be emergent technologies. So, you know, I started off right through from coding to advisory to CTO type roles as well also change management. And now I'm more advisors right across from a I to five G to to Iot and security, for example as well. Also passionate about education checking education for me. They always go hand in hand, some a professor at a number of universities and in my non for profit, we really do a lot of outreach around educational opportunities as well. And that third pillar opponent hinted at it already will be social impact. So really passionate about how we can use tech as a force for good things around sustainability right at the heart of that, but also around diversity equity and inclusion. So we do a lot of pro project your locally and globally around kind of reframing what a tech career looks like, giving people more democratised access. Those tech opportunities outside of that a bit like yourself, you know, podcast host and writer and speaker and things as well, so very much going to building that community around key tech topics. >>Well, folks watching should check it out on Twitter. She's that great content you mentioned Mobile World Congress. Before we get on camera, you mentioned convergence. I mean, we're at a time now. I got to ask you while I got you here before we get into the whole schools and career tech thing, we've seen this movie before, but never at this scale. The convergence and the confluence of education and scale of cloud computing, the ability to level up and get, um, I won't say democratised. That's kind of overused. But I'm just talking about like with cloud computing could be educated and in market with a job instantly. Um, the barriers just seem to be moving away because of the the openings and the roles are changing. So, more than ever, this whole new tech scene comes together in a way. Can you share your thoughts and vision because to me, we're seeing this happening at such a scale unprecedented in my career? >>It is. And that's one of those words that the part had been overused, unprecedented, but right now it really, really is. It's not just a speed of change. I think it's a scale of change as well. You know, I think previously we've talked about disciplines in silos to a certain extent. Haven't we know in terms of like, an AI special is, um or five g one or other disciplines as well? But really, now that convergence about what one tech enables another, it really is that smart technology coming together for more and more different use cases, but that residents around how important education is alongside that alongside process alongside culture and shared values as well it really is. It's kind of holistic integration of everything that matters at the moment. And it's evolving business models as well. You know, shared values rights centre stage around that MWC just come back from that, And the key topics there weren't just by G, it was the importance of ecosystem collaboration. For example, there are less tracks that were isolated on one technology. It was more this conflation of these different technologies coming together and what we can achieve from that from business but also for society so really exciting focus areas now things that maybe once or a few years ago, more than periphery. They're now absolutely centre stage. So it's good to see that progress in that area. And I love to advocate around that. >>And the education piece is so important, and we always stay here in Cuba. It's a data problem, right? Everything's a data problem when you look at schools and education is structured and unstructured data kind of our our systems right, So structured as schools, institutions, those kinds of career paths or education pathways. And then you haven't structured freeform communities, seeing a lot more education going on within groups. Um, off structured environments like schools, Can you and you do a lot with schools? Can you share more how you're doing? Um uh, work with schools specifically on the structured side to get girls into careers faster and tech? And then can you also comment on the other side? What's going on in the communities because it's it's kind of going on in parallel, but they're not mutually exclusive. >>No, absolutely community, absolutely key word that I love that, and I think when we're talking about diversity and technology, it's not just what we're doing now with what we're looking at is looking ahead, but also looking at future pipeline as well. So for me, I use this express a little bit. But change the narrative. That's what springs to mind for me when we're talking about that, and particularly for girls going into technology but also more broadly, diversity of experience. More broadly, we do have these drop offs, so UK is one example, but it is really representative of the global trends that we're seeing. Now. We get a drop off of girls in particular, taking ice subjects at GCSE level so kind of that subject choice choice at 12 to 14, that kind of area. We get the same thing at a level that's equivalent of 16 to 18 and then even safer university or even apprenticeships, whichever both equally valid. But even if people are taking those types of skills, they're not then choosing to apply them in their careers. So we're seeing these kind of three pillars where we need to intervene earlier. So for me, the more that we can do things you know from dedicated educational offers, but equally partnering with tech companies to do outreach around this area. We need to go in younger and younger is so important to address that. Why? Why are people thinking they can't? Why is his career not for me, for example, so addressing that is huge. And that's one of the things we do with my nonprofit that's called aspirational futures. We go into schools and two universities, but equally do things with older adults and re Skilling and up Skilling as well. Because again, we can't leave that behind either. There's something for all different kind of age groups and backgrounds here, but specifically, I think, in terms of getting people interested in this career, curiosity matters. You know, I think it's an underrated skills. So it's changing the narrative again. And what the tech career actually is, what skills are valid? You know, I mentioned, I have a coding background as a starter. But not all tech careers involve coding, particularly the rise of low code or no code, for example as well. So really valued skill. But so many other skills are valid as well, you know, creativity or emotional intelligence problem solving skills. So for me, I like to drive forward. All those skills can make a difference as an individual, as a team, so your you know your tech career. All those skills are valid and you can make a huge difference. And I also think, you know, just kind of really bringing to the fore what different types of projects you can be involved in in tech as well. And I found really resonating when you can talk about tech for good projects and show how you're making a difference about some of those big challenges. Um, that's kind of really kind of resonating responsible people as well. So again, the more we can show tangible projects where you can make a difference and the whole range of skills that are involved in that it really helps people to think differently and gain that skills confidence. So it's like, >>Well, that's awesome insight. I want to just double click on that for a second, because one the drop off. Can you just repeat the ages where you see the drop off with the drop offs are >>absolutely yeah, no problem, John. So it's kind of when you're making your first choices around your first kind of qualifications. Between that 12 to 14 age group, 16 to 18 and then 18 to 21 I think we've really got to tackle that So again the earlier we can go in the better and again supporting people within organisations as well. So I do a lot of work like internally, with organisations as well people looking to up skill and re skill. You mentioned about data and the importance of data literacy earlier on in the conversation as well. For example, going into organisations and really helping to support people in all roles, not just tech facing roles develop that skills, confidence as well. So for me it's access to skills really bringing forward the difference. You can make that holistic range of skills that makes a difference, but also the confidence to apply them as well. You know, we talk about agility, of organisations, a lot areas, one of those kind of words in the last 12 months. But maybe we don't talk about personal agility and team agility as well. So I kind of talked about it. This little toolbox, if we can give people more and more things to draw from it, the only constant is this rate of change. If you've got more things in your armoury to cope with that and be an agile to that. It takes that fear away about what happens next because you feel you've got more skills to dip into it and to apply. So for me, it's that that confidence, not just the access to the skills >>and the other thing, too, I thought was insightful. I want to just reiterate and bring to the surface again as skills, right? So you don't have to be a coder. And I see I have two daughters just with my family. Yeah, I do python. They kind of put their toe in the water cause it's cool. Maybe that's a path, and they kind of don't like, maybe get into it. But it's not about coding anymore because you said low code, no code. Certainly. Maybe AI writes the code. We all see that happening. It's problem solving. It's you could be in health care and you could be nerd native, as we say, as on some of the other interviews of that year at the problem, solving the aperture of skills is much broader now. Can >>you share more than >>more than because with your with your programme and your nonprofit, I know you're in the middle of it, and this is important to get that out there. >>Absolutely so skills. You know, I think we need to change the focus on what skills make a difference if you see what I mean. I think you're absolutely right. There's some misconceptions about, you know, you want to go into tech, you need to be a coda. And you're right with the upscale around low Skilling. Sorry, Low code and the code opportunities. Um, I think the niches around being a specialist. Koda. We're gonna get more roles in that area, but in other areas, we need to look at different skills gap. So I'm advising people to look at where the gaps are now. So cyber security is a key example of that testing architecture. Those gaps are getting bigger. Their amazing skills, opportunities. They're so focused on a particular discipline. But it's all those skills that surround that that make a difference as well. So as I mentioned, you know, e Q creativity, communication skills, because it's not just about having the skills to build the future, knew that imagination to refocus about what that could even be. You know, that was one of the MWC 20 to refrain, reimagine and I love to kind of galvanise that spirit and people that you can be part of that, you know, wherever you are now. And I actually run a little series called 365, and you mentioned something right at the start of our conversation about International Women's Day being such an important focus area. But also we need to think about this beyond that as well. So hence that's the title of the series that I run because it's a focus on that every single day of the year. You know, I interviewed people that could be a C suite roles, but equally I've had some amazing interviews with 12 to 14 year olds, even younger, the youngest of the seven year old. He's doing like an amazing project in their kitchen with a three D printer working with local school or a hospice doing something around Ukraine. Another project we're doing at the moment, actually, and it's so resonating it's trying to show people wherever you are now, wherever you want to be, there's somebody relatable that you can make. You can see whatever sector, in whatever age, whatever background, and I think it's to give that inspiration. Hey, you know what I can do that that can be me. So visibility of role models, it really matters. And to really broaden out what role model looks like, you know? >>And then I think people out there you see yourself. I mean, this is what we been >>proven right? >>It's proven I want to get into the aspirational futures thing that you have going on, and I know this is important to you, but also something else you said was, is that there's more jobs open and say cybersecurity than ever before. And you're seeing this trend where all these new roles are emerging because of the tech that weren't around years ago, right? And so we've been having conversations in the Cube saying, Hey, all these roles are new, but also problems are new to these New new problems are surfacing because of the this new environment we're in. So these new roles still have to solve problems, so we need people to solve those problems. This is the future. This is the conversation that people are trying to get zero in on misinformation, cybersecurity, you name it. Society is changing with >>new. You >>have new new problems and new opportunities. Could you share your aspirational future? How you vector into that? >>Yeah, absolutely. And for me it's just again that we're convergence around people in technology and partnership, and that's what we aim to do. We do projects at a very local level, but equally we do them at national and international level as well. And one of our kind of people assume I'm talking pillars a lot, but I like it as a framework. So one of those esteem learning. So putting an equal value on the arts as well as science, technology, engineering, mathematics because I think they are. You know, as I mentioned before, hand that imagination, creativity, curiosity, collaboration, skills. They're equally valid as a different types of tech skills as well. We need an equal value and all of them. I think that's hugely important, important today. I think over the last 5 to 10 years, maybe there's been less of a focus within curriculums on the arts area than the other areas. So for me, putting that equal focus back is hugely important to navigate change, you know, I think that's that's that's absolutely key. So we focus on that area and we do a whole range of tech for good projects, and that's the way we help people to learn, you know, for example, data 90% at the moment of data isn't touched again when it's archived after three months. How can we turn that into a learning opportunity? For example? Some of the projects we use some of this is not going to be used again. We do it in a very safe, secure way, but we use that as one of our training aids, and then we apply them for local projects. We have initiatives from hackathons and ideation right through to very tangible hubs that we've actually built out where people can go, learn up skill and kind of learn through play and experimentation as well. Because again, I think that sometimes under explored that type of value and that freedom to be able to do that. And we also do things, change management skills. We talk about agile learning, agile technology need agile change management as well. So it's a very holistic skills. Look at what you need to navigate that future and have the confidence to apply them. So steam is very much our focus, applying them for tech for good projects and doing that externally, but also within organisations as well. So that very much is shared value approach to good business, but good for society as well. So yes, that this toolbox, that technology I applied earlier we really try and give people that support. To be able to do that, to move forward with confidence and optimism. >>I think adding the aid to stem really for steam is really smart because entrepreneurship or any problem solving creativity is the spark of innovation. >>And that's a super >>important skill. And we've seen it, whether it's startup or in a big company or in society, so super, super insightful. So I got to ask you, as a policy senior policy advisor on cyber studies globally, what are the core issues you're looking at right now? What are you shutting the light on and what's the most important thing you're working on? And then what's the most important thing you're working that people aren't talking about, that people should pay attention to >>Absolutely so. One of my key roles of the foundation is is kind of share of global trust. Essentially, um, and again trust is that one of the key issues of our time? One thing that people are talking about so much that relates with that actually is there's there's research from a group called The Woman. They've been looking at this for about 17 years or so. The research that came out most recently and I've got some original research that kind of support this as well is that for the first time ever, consumers are looking at organisations like tech organisations and other large organisations, in particular the enterprise level, really, as the bastions of trust to a bigger extent than NGOs or even governments. And that's the first time we've seen it at that level. So trust really really matters. It's one of the biggest differentiators of our time, so we're trying to help people. How do you establish trust? How do you build transparency, commitment and accountability, particularly in areas where there's currently confusion, so as one example going back Security zero Trust That phrase is used an awful lot, isn't it? But it's sometimes causing some confusion. Actually, it against what it's trying to deliver if you see what to me. So now I just do something recently with SMB s in particular and there is a confusion that effectively, you know, you could You could buy off the shelf and it's once and done. Um, And then we're sorted for the zero Trust security. And obviously it's not like that. It's an ongoing journey, and there's so many different constituent parts. So there's some things I'm seeing at the moment in the market with there's confusion around around certain language, for example. So again it goes back to backing things up with the technology but also research and awareness so we can see where those skills gaps are. You can see where there's awareness gaps are we can help to fill them. So that's an important part of that particular role bringing the technology in the culture and the education hand in hand together. So it's something I'm really passionate about, and for me sort of related to this, Um, I do a lot of work around S G, um, to the sustainable development goals. In particular, environmental and social governance is something that's becoming much more of a bigger kind of centre stage conversation. I'm an action point in a moment which is fantastic because this is something I've been involved in kind as long as I can remember. So I work directly with organisations like, um Unesco, lots of different professional bodies. It's kind of a huge driver for me. So one thing to kind of look out for that's coming very soon. I'm seeing an issue around around measurement in this area. You know, we're seeing consumers becoming more and more conscious and employees, you know you want to work for by from advocate organisations that have that same value alignment that you have personally and professionally, hugely important. We're seeing some great reports coming out around better e S g measurement. But it can be hard to compare between different organisations, so we are getting more transparency. But it's difficult sometimes to make fare comparisons. Um, so what I'm trying to do a lot of work on at the moment is how you go beyond that transparency to commitment to accountability and that deeper level and that comparability. So I would say kind of to the audience moment, Look out for a bit of a new index. It's going to help people, I think, make those conscious choices make informed choices. So it's something I'm super, super passionate about. I want to try and take that to next level in terms of its actualisation. >>That's awesome. And certainly we'll link to it on our site. All the work you're doing on interviews will put links there as well. We'll make sure we'll follow up on that. Great to have you on. You're such an inspiration. Amazing work, cutting edge work. And I'm I'm super impressed with the cyber studies, and I think this is really important. I have to ask you a final question because you're in the middle of it again with covid and the unfortunate situations we've been living with Covid. And now, obviously with this Ukraine situation that the cyber has been pulled to the front of the agenda and you're seeing a cultural shift. You certainly got Web three. Cyber is now part of everyone's life, and they can see it. They've been seeing it living it. Everything's been pulled forward as a cultural shift happening, okay, and and it's really interesting right now, and I want to get your thoughts because this now people are now aware what cyberwar means cyber security cyber. At home, I have remote work. Cyber has become front and centre or digital. However you want to call it in our lives pulled forward. >>So I'm not even sure in some >>cases, maybe rightfully so, and others. What's your view on this whole cultural cyber being pulled forward? >>It is. It's really, really interesting. And so one of the things I do is I am now ready to a Cyber Insights magazine as well. So we're developing a lot of content pieces around this and lots of things I'm seeing here. So your covid point, I think one of the most interesting things there is around literacy. For example, you remember when we went back to 18 months ago? We're having daily briefings, whether that's from from UK Parliament or the U. S. Equivalent. And different phrases were coming into everyday language driven by the curve or driven by the data. And they're coming into everyday life and people family kitchen table. It was something that hasn't been spoken about before, but suddenly it was driving everyday decision making and what you could and couldn't do. And that's raised awareness. And I think it helped people to ask better questions and to challenge things that they're seeing. And where has that data come from? How has it been presented to have seen that there? I think similarly, where we're having that same understanding and raise of questioning around what we're hearing around cyber as well. You're looking at where that source has come from, and how can we look at that in a different way? So again, I think it's raising that awareness, which is really, really crucial, >>the >>other thing as well around cyber security in particular. And again, I don't think this is talked about as much. When we talk about aspects around inclusion, we talk about diversity equity. Um, I'll see inclusion. I talk about belonging a lot as well. I think there's other aspects around sustainability that Inter relate as well, because when we find, for example, communities that are not included, they tend to be more adversely affected by, for example, climate factors as well. There's an interrelation. They're equally We find that people that haven't got, for example, the same level of cybersecurity protection are also in that same. There's an interrelation across all those elements were not talking about that either. So that's the other thing. I want to kind of bring attention to their again. They aren't separate conversations is a huge crossover between these different conversations and actions that we can do to make a difference. So there's some positive aspects about things that have happened over the last period of time and also some challenges that if we're aware of them, we can work together again, that collaboration piece to be able to overcome them. You know, I've got I've got a book coming out, all for charity called Tech for Good and one of my kind of tag lines. There is around contagion of positive change. Again, let's reframe the language around what's been happening. And let's kind of put that together is something that's far more positive. >>Language is super important, great >>content here. So >>thanks so much for coming. I really appreciate all the great insight and taking the time out of your busy day to to join us here in the Cube. Women in tech Global Event. Thank you so much. >>My absolute pleasure. Thank you. Thank you all for watching. >>Okay. The cubes presentation of women in text. Global event Celebrating International Women's Day. I'm John for a host of the Cube. Thanks for watching

>> From theCUBE studios in Palo Alto and Boston, bringing you data-driven insights from theCUBE and ETR. This is Breaking Analysis with Dave Vellante. >> The pandemic precipitated what is shaping up to be a permanent shift in cybersecurity spending patterns. As a direct result of hybrid work, CSOs have vested heavily in endpoint security, identity access management, cloud security, and further hardening the network beyond the headquarters. We've reported on this extensively in this Breaking Analysis series. Moreover, the need to build security into applications from the start rather than bolting protection on as an afterthought has led to vastly high heightened awareness around DevSecOps. Finally, attacking security as a data problem with automation and AI is fueling new innovations in cyber products and services and startups. Hello and welcome to this week's Wikibon CUBE Insights powered by ETR. In this Breaking Analysis, we present our quarterly findings in the security industry, and share the latest ETR survey data on the spending momentum and market movers. Let's start with the most recent news in cybersecurity. Nary a week goes by without more concerning news. The latest focus in the headlines is, of course, Russia's relentless cyber attacks on critical infrastructure in the Ukraine, including banking, government websites, weaponizing information. The hacker group, BlackByte, put a double whammy on the San Francisco 49ers, meaning they exfiltrated data and they encrypted the organization's files as part of its ransomware attack. Then there's the best Super Bowl ad last Sunday, the Coinbase floating QR code. Did you catch that? As people rushed to scan the code and participate in the Coinbase Bitcoin giveaway, it highlights yet another exposure, meaning we're always told not to click on links that we don't trust or we've never seen, but so many people activated this random QR code on their smartphones that it crashed Coinbase's website. What does that tell you? In other news, Securonix raised a billion dollars. They did this raise on top of Lacework's massive $1.3 billion raise last November. Both of these companies are attacking security with data automation and APIs that can engage machine intelligence. Securonix, specifically in the announcement, mentioned the uptake from MSSPs, managed security service providers, something we've talked about in this series. And that's a trend that we see as increasingly gaining traction as customers are just drawing in and drowning in security incidents. Peter McKay's company, Snyk, acquired Fugue, a company focused on making sure security policies are consistent throughout the software development life cycle. It's a really an example of a developer-defined security approach where policy can be checked at the dev, deployment, and production phases to ensure the same policies are in place at all stages, including monitoring at runtime. Fugue, according to Crunchbase, had raised $85 million to date. In some other company news, Cisco was rumored to be acquiring Splunk for not much more than Splunk is worth today. And the talks reportedly broke down. This would be a major move in security by Cisco and underscores the pressure to consolidate. Cisco would get an extremely strong customer base and through efficiencies could improve Splunk's profitability, but it seems like the premium Cisco was willing to pay was not enough to entice board to act. Splunk board, that is. Datadog blew away its earnings, and the stock was up 12%. It's pulled back now, thanks to Putin, but it's one of those companies that is disrupting Splunk. Datadog is less than half the size of Splunk, revenue-wise, but its valuation is more than 2 1/2 times greater. Finally, Elastic, another Splunk disruptor, settled its trademark dispute with AWS, and now AWS will now stop using the name Elasticsearch. All right, let's take a high level look at how cyber companies have performed in the stock market over time. Here's a graph of the Cyber ETF, and you can see the March 1st crosshairs of 2020 signifying the start of the lockdown. The trajectory of cybersecurity stocks is shown by the orange and blue lines, and it surely has steepened post March of 2020. And, of course, it's been down with the market lately, but the run up, as you can see, was substantial and eclipsed the trajectory of the previous cycles over the last couple of years, owing much of the momentum to the spending dynamics that we talked about at our open. Let's now drill into some of the names that we've been following over the last few years and take a look at the firm level. This chart shows some data that we've been tracking since before the pandemic. The top rows show the S&P 500 and the NASDAQ prices, and the bottom rows show specific stocks. The first column is the index price or the market cap of the company just before the pandemic, then the same data one year later. Then the next column shows the peak value during the pandemic, and then the current value. Then it shows in the next column where it is today, in percentage terms, i.e., how far has it pulled back from the peak, then the delta from pre-pandemic, in other words, how much did the issue earn or lose during the pandemic for investors? We then compare the pre-pandemic revenue multiple using a trailing 12-month revenue metric. Sorry, that's what we used. It's easy to get. (laughs) And that's the revenue multiple compared to the August in 2020, when multiples were really high, and where they are today, and then a recent quarterly growth rate guide based on the last earnings report. That's the last column. Okay, so I'm throwing a lot of data at you here, but what does it tell us? First, the S&P and the NAS are well up from pre-pandemic levels, yet they're off 9% and 15%, respectively, from their peaks today. That was earlier on Friday morning. Now let's look at the names more closely. Splunk has been struggling. It definitely had a tailwind from the pandemic as all boats seem to rise, but its execution has been lacking. It's now 30% off from its pre-pandemic levels. (groans) And it's multiple is compressing, and perhaps Cisco thought it could pick up the company for a discount. Now let's talk about Palo Alto Networks. We had reported on some of the challenges the company faced moving into a cloud-friendly model. that was before the pandemic. And we talked about the divergence between Palo Alto's stock price and the valuations relative to Fortinet, and we said at the time, we fully expected Palo Alto to rebound, and that's exactly what happened. It rode the tailwinds of the last two years. It's up over 100% from its pre-COVID levels, and its revenue multiple is expanding, owing to the nice growth rates. Now Fortinet had been doing well coming into the pandemic. In fact, we said it was executing on a cloud strategy better than Palo Alto Networks, hence that divergence in valuations at the time. So it didn't get as much of a boost from the pandemic. Didn't get that momentum at first, but the company's been executing very well. And as you can see, with 155% increase in valuation since just before the pandemic, it's going more than okay for Fortinet. Now, Okta is a name that we've really followed closely, the identity access management specialist that rocketed. But since it's Auth0 acquisition, it's pulled back. Investors are concerned about its guidance and its profitability. And several analyst have downgraded their price targets on Okta. We still really like the company. The Auth0 acquisition gives Okta a developer vector, and we think the company is going hard after market presence and is willing to sacrifice short-term profitability. We actually like that posture. It's very Frank Slupin-like. This company spends a lot of money on R&D and go-to-market. The question is, does Okta have inherent profitability? The company, as they say, spends a ton in some really key areas but it looks to us like it's going to establish a footprint. It's guiding revenue CAGR in the mid-30s over the mid to long-term and near term should beat that benchmark handily. But you can see the red highlights on Okta. And even though Okta is up 59% from its pre-pandemic levels, it's far behind its peers shown in the chart, especially CrowdStrike and Zscaler, the latter being somewhat less impacted by the pullback in stocks recently, of course, due to the fears of inflation and interest rates, and, of course, Russian invasion escalation. But these high flyers, they were bound to pull back. The question is can they maintain their category leadership? And for the most part, we think they can. All right, let's get into some of the ETR data. Here's our favorite XY view with net score, or spending momentum on the Y-axis, and market share or pervasiveness in the data center on the horizontal axis. That red 40% line, that indicates a highly elevated spending level. And the chart inserts to the right, that shows how the data is plotted with net score and shared N in each of the columns by each company. Okay, so this is an eye chart, but there really are three main takeaways. One is that it's a crowded market. And this shows only the companies ETR captures in its survey. We filtered on those that had more than 50 mentions. So there's others in the ETR survey that we're not showing here, and there are many more out there which don't get reported in the spending data in the ETR survey. Secondly, there are a lot of companies above the 40% mark, and plenty with respectable net scores just below. Third, check out SentinelOne, Elastic, Tanium, Datadog, Netskope, and Darktrace. Each has under 100 N's but we're watching these companies closely. They're popping up in the survey, and they're catching our attention, especially SentinelOne, post-IPO. So we wanted to pare this back a bit and filter the data some more. So let's look at companies with more than 100 mentions in the same chart. It gets a little cleaner this picture, but it's still crowded. Auth0 leads everyone in net score. Okta is also up there, so that's very positive sign since they had just acquired Auth0. CrowdStrike SalePoint, Cyberark, CloudFlare, and Zscaler are all right up there as well. And then there's the bigger security companies. Palo Alto Network, very impressive because it's well above the 40% mark, and it has a big presence in the survey, and, of course, in the market. And Microsoft as well. They're such a big whale. They skew the data for everybody else to kind of mess up these charts. And the position of Cisco and Splunk make for an interesting combination. They get both decent net scores, not above the 40% line but they got a good presence in the survey as well. Thinking about the acquisition, Al Shugart was the CEO of of Seagate, and founder. Brilliant Silicon valley icon and engineer. Great business person. I was asking him one time, hey, you thinking about buying this company or that company? And of course, he's not going to tell me who he's thinking about buying or acquiring. He said, let me just tell you this. If you want to know what I'm thinking, ask yourself if it were free, would you take it? And he said the answer's not always obviously yes, because acquisitions can be messy and disruptive. In the case of Cisco and Splunk, I think the answer would be a definitive yes It would expand Cisco's portfolio and make it the leader in security, with an opportunity to bring greater operating leverage to Splunk. Cisco's just got to pay more if it wants that asset. It's got to pay more than the supposed $20 billion offer that it made. It's going to have to get kind of probably north of 23 billion. I pinged my ETR colleague, Erik Bradley, on this, and he generally agreed. He's very close to the security space. He said, Splunk isn't growing the customer base but the customers are sticky. I totally agree. Cisco could roll Splunk into its security suite. Splunk is the leader in that space, security information and event management, and Cisco really is missing that piece of the pie. All right, let's filter the data even more and look at some of the companies that have moved in the survey over the past year and a half. We'll go back here to July 2020. Same two-dimensional chart. And we're isolating here Auth0, Okta, SalePoint CrowdStrike, Zscaler, Cyberark, Fortinet, and Cisco. No Microsoft. That cleans up the chart. Okay, why these firms? Because they've made some major moves to the right, and some even up since last July. And that's what this next chart shows. Here's the data from the January 2022 survey. The arrow start points show the position that we just showed you earlier in July 2020, and all these players have made major moves to the right. How come? Well, it's likely a combination of strong execution, and the fact that security is on the radar of every CEO, CIO, of course, CSOs, business heads, boards of directors. Everyone is thinking about security. The market momentum is there, especially for the leaders. And it's quite tremendous. All right, let's now look at what's become a bit of a tradition with Breaking Analysis, and look at the firms that have earned four stars. Four-star firms are leaders in the ETR survey that demonstrate both a large presence, that's that X-axis that we showed you, and elevated spending momentum. Now in this chart, we filter the N's. Has to be greater than 100. And we isolate on those companies. So more than 100 responses in the survey. On the left-hand side of the chart, we sort by net score or spending velocity. On the right-hand side, we sort by shared N's or presence in the dataset. We show the top 20 for each of the categories. And the red line shows the top 10 cutoffs. Companies that show up in the top 10 for both spending momentum and presence in the data set earn four stars. If they show up in one, and make the top 10 in one, and make the top 20 in the other, they get two stars. And we've added a one-star category as honorable mention for those companies that make the top 20 in both categories. Microsoft, Palo Alto Networks, CrowdStrike, and Okta make the four-star grade. Okta makes it even without Auth0, which has the number one net score in this data set with 115 shared N to boot. So you can add that to Okta. The weighted average would pull Okta's net score to just above Cyberark's into fourth place. And its shared N would bump Okta up to third place on the right-hand side of the chart Cisco, Splunk, Proofpoint, KnowBe4, Zscaler, and Cyberark get two stars. And then you can see the honorable mentions with one star. Now thinking about a Cisco, Splunk combination. You'd get an entity with a net score in the mid-20s. Yeah, not too bad, definitely respectable. But they'd be number one on the right-hand side of this chart, with the largest market presence in the survey by far. Okay, let's wrap. The trends around hybrid work, cloud migration and the attacker escalation that continue to drive cybersecurity momentum and they're going to do so indefinitely. And we've got some bullet points here that you're seeing private companies, (laughs) they're picking up gobs of money, which really speaks to the fact that there's no silver bullet in this market. It's complex, chaotic, and cash-rich. This idea of MSSPs on the rise is going to continue, we think. About half the mid-size and large organization in the US don't have a SecOps, a security operation center, and outsourcing to one that can be tapped on a consumption basis, cloud-like, as a service just makes sense to us. We see the momentum that companies that we've highlighted over the many quarters of Breaking Analysis are forming. They're forming a strong base in the market. They're going for market share and footprint, and they're focusing on growth, at bringing in new talent. They have good balance sheets and strong management teams and we think they'll be leading companies in the future, Zscaler, CrowdStrike, Okta, SentinelOne, Cyberark, SalePoint, over time, joining the ranks of billion dollar cyber firms, when I say billion dollar, billion dollar revenue like Palo Alto Networks, Fortinet, and Splunk, if it doesn't get acquired. These independent firms that really focus on security. Which underscores the pressure and consolidation and M&A in the whole space. It's almost assured with the fragmentation of companies and so many new entrants fighting for escape velocity that this market is going to continue with robust M&A and consolidation. Okay, that's it for today. Thanks to my colleague, Stephanie Chan, who helped research this week's topics, and Alex Myerson on the production team. He also manages the Breaking Analysis podcast. Kristen Martin and Cheryl Knight, who get the word out. Thank you to all. Remember these episodes are all available as podcasts wherever you listen. All you do is search Breaking Analysis podcast. Check out ETR's website at etr.ai. We also publish a full report every week on wikibon.com and siliconangle.com. You can email me at david.vellante@siliconangle.com. @dvellante is my DM. Comment on our LinkedIn posts. This is Dave Vellante for theCUBE Insights powered by ETR. Have a great week. Be safe, be well, and we'll see you next time. (upbeat music)

(gentle music) >> High profile cyber attacks like the SolarWinds hack, the JBS meat and the Florida municipality breach, have heightened awareness of how exposed, critical infrastructure has become. Because the pandemic has shifted employees to remote modes of work, hackers now have a much easier target to fish for credentials and exploit less secure home networks. Take the recent Log4j vulnerability, that's yet another example, of how hackers can take advantage of weak links in the chain. Now data storage companies have an important role to play in fighting cyber crime. Ultimately, they provide the equivalent of a bank vault if you will, and are responsible for storing and protecting the data that cyber criminals are targeting to steal or encrypt, in an effort to hold companies hostage, in a ransomware attack. Now in an effort to help customers understand how to protect themselves from such vulnerabilities, and how one storage company is addressing these challenges, the Cube is hosting this special presentation InfiniGuard Cyber Resilience: New Cybercrime Solutions. And we're going to speak with Eric Herzog, who's the Chief Marketing Officer of Infinidat, and then we'll bring in Stan Wysocki who is the president of Mark III Systems who is either an expert in IT infrastructure and artificial intelligence. First, let me welcome Eric Herzog back to the Cube, hello, Eric. >> Great, Dave, thank you very much, always love talking to you and the Cube, about leading edge technology solutions for end users. >> Alright let's do it. So, first we want to address the transformation and big business progress of Infinidat. New CEO, he's injected new management, new head of marketing obviously, Phil Bullinger is really been focused on accelerating the company's original vision, and doing so, Eric, in the typically unconventional style of Infinidat, you just put out a press release, capping 2021, can you set the stage for us, and give us the business update? >> Sure, so of course we summarized our 2021 results. What a very, very strong year. What a very, very strong year. We increased our bookings over 40% year to year. Even in Q4, we increased our bookings over 68%. And over 25% of the fortune 50 use an Infinidat solution, either our InfiniBox, or InfiniBox SSA, all flash array, or our Infiniguard, which is the focus of the launch we're doing today, on February 9th. >> Yeah, so I always said that Infinidat is one of the best kept secrets in the storage business. So let's talk about that hard news, what you launched on February 9th, and why it's important. >> Well, what we've done is we've got a high end enterprise purpose-built backup appliance, the InfiniGuard. We made some substantial advances in that. The key is focused on cyber resilience with what we call our infinisafe technology. Infinisafe incorporates a number of subsets, of cyber resilience from immutable snapshots, to logical air gapping, to fenced isolated networks, to almost instantaneous recovery for your backup data sets. In addition, we also dramatically improved the performance of the backup and recovery, which means, for example, if a backup window was taking three hours, now the backup window on that primary backup dataset could take only an hour and a half, which of course, as we all know backup dramatically impacts the performance of your primary applications, your primary servers, and your primary storage. So we've done both the cyber resilience aspect and then, on modern data protection, making sure that the backup and recovery are faster, for a traditional backup workload. >> So tell us a little bit more about Infinisafe, and specifically, Eric I'm interested in how it's different from other solutions, don't make me a liar, I had said, you guys always kind of take nonconventional approaches so tell us, add a little color to Infinisafe and how is it really unique from competitors? >> Sure, well Infinisafe incorporates as I mentioned, several different aspects. First of all, the immutable snapshots. So immutable snapshots can not be deleted, they cannot be altered, you cannot accelerate the rate, you can set the rate of immutable stuff, do I want to do it once a day? Do I want to do it twice a day? And obviously if a hacker could get in, you could accelerate that. Our immutable snaps are physically separated from the management schema. So the inside of an Infiniguard, we have what we call a data dedupe appliance, and that data dedupe engine, it goes ahead and it applies data reduction technology, to that back up data set. But we've divorced the immutable snapshots from the management of what we now call a DDE. So the DDE has kind of access of giving you that gap, that logical gap between the management schema of a DDE, and of course the immutable snapshot. We also combine that with this air gap technology, you've got the immutability and the air gap, which is local in that instance, but we also can do it remotely. So we can replicate from one Infiniguard in data center A, to a different Infiniguard in data center B. You then can configure that backup data set with the same immutable snapshot, and the same length, one day, half a day, six hours, whatever you choose, and then of course it'll have that same capability. The third thing we've done is very unique. We have a fenced isolated network to perform forensics. So, if the Cube has a cyber or malware attack, you need to make sure that once you've cleaned it up, off the primary storage, the primary servers, that you recover, a known good data set. So we set up this isolated fence network in which to perform that forensic analysis, to give you the appropriate good recover point. However, unlike many of our competitors, we can do it with a single InfiniBox. Some of our competitors, right on their websites say, you need two of their purpose-built backup appliances, to do cyber resilience. Meaning, twice the CapEx and twice the OpEx, which we can do with a single Infiniguard solution. And then lastly is our near instantaneous recovery. As you know, we're recovering backup data sets. We can make between 15 and 30 minutes time, the backup data set fully accessible to the backup admin or the storage admin to use their Commvault, their Veeam, their Veritas, their IBM Spectrum Protect, or whatever their backup software is, to do recovery from the InfiniGuard box, back to the primary storage using of course the backup software that they created the original dataset with. That is very unique. When you look out in the industry and look at, whether it be purpose-built backup competitors, or whether you look at primary storage competitors, almost no one talks about the speed of their recovery, and the one or two that do, talk about recovering the data set. We recover the entire environment. We are ready to go, and the backup admin, if they were, for example, Commvault, Veeam or Veritas, they could immediately start the backup, as soon as we did our recovery, which again, takes between 15 and 30 minutes, independent of the data set size. That could be 50 terabytes, it could be a petabyte, it could be two petabytes. And even two petabytes of data can be available in 15 to 30 minutes. And then of course, the backup admin can restore from that backup dataset. Very powerful and very unique in those aspects. >> Whilst the reason why this is so important is like I said, it's like the bank vault, because hackers are going to go after that backup corpus that's where the gold is, that's where all the data is. So this all really sounds good. But there's more than Infinisafe in this launch. What else should we know? >> Well, the other thing we've done is dramatically improved the performance of the purpose-built backup plants at the core. So for example, the last time we publicly announced our numbers, we were at 74 terabytes an hour, now we're 180 terabytes an hour. So of course, as we all know, when you do a backup, it impacts the performance of the primary applications, the primary servers and the primary storage. So if that backup window was taking three hours, now that we've more than doubled the performance, you could be up to 50% better. So a three hour backup window, if that's what the dataset took to be backed up, now we can get that down to an hour and a half or even faster. So that of course minimizes the impact on primary storage, primary applications, and of course your primary storage, making it much, much more efficient, from a backup perspective, and of course less impact on the primary applications, the primary servers, and primary storage. >> So I've talked to a number of Infinidat customers, they're very loyal and kind of passionate. So I wonder if you could kind of put that perspective on this discussion. The impact that InfiniGuard, this announcement, that's going to have for your customers, paint a picture as to how it's going to change their business. >> Sure, so let me give you an example. One of our customers is a cloud service buyer, in North America, they focus only on healthcare. So here's a couple of key benefits that they got. First of all, they use our integration with two different backup vendors. They don't have one, they have two. So we're tightly integrated with our backup software partners. They got a 40% cost savings on CapEX, compared to the previous vendor that they had. And, they used to be able to do 30,000 backup per day, now they can do 90,000 backup a day. And by the way, that's all with the previous version of InfiniGuard, not the version we just announced on the 9th. One of our other customers, which is in AMEA and they happened to be an energy company, they were using purpose-built backup from the other vendor, and they had 14 of them, seven in data center one, and seven in data center two. With InfiniGuard, they've got one in data center one, and one in data center two. So 14 purpose-built backup appliances consolidated down into two. And on top of that, those purpose-built backup appliances from the other vendor actually had a couple recovery failures, where they were not able to recover the data. They've been installed for a year now, they've had zero recovers, zero recovery failures, whereas the previous vendor had some. And lastly, let's talk about a large global fortune financial services. So, one of the biggest in the industry, their cost savings from their previous vendor was 46%. In addition, when you look at their cyber resilience design, they were using one of those vendors that probably talks about needing two system products to do their cyber resiliency. They again were able to take those two systems out, and use one InfiniGuard solution. Again, reducing both their capital expenditure, two going to one. And then the operational expenditure, they only have to manage one InfiniGuard versus two of the other guys appliances. Those are just three examples all over the world. One in cloud service providing, one in the energy space, and one a global fortune 500 financial services company. Just some real world examples. And all those by the way, Dave, were before the enhancements of Infinisafe, and before the additional performance we've added in the launch of InfiniGuard on February 9th. >> So like I'm just kind of sketching out the business case, you know, put my CFO hat on. So you're lowering costs cause you're consolidating, so that means I need less hardware and software. But also there's probably labor costs associated with that. If I could do it faster with less resources, I got less stuff to manage. You're accelerating the backup time, so that frees up resources that I can apply elsewhere, recovery, you know, is really important. So I'm inferring faster recovery, all this lowers my risk, and then I can sort of calculate the probability of having data loss, and then what that means to my business. Am I getting that right? >> Yeah, yeah. And in fact, the other impact is on your primary service and your primary storage. If the backup window shrinks, then you're not slowing down that SAP app, that Oracle app, you know, that SQL app, whatever you're running, whether that be the financials, whether that be your logistics, whether it be your manufacturing system, every time you turn on that backup, to do that backup, that backup window slows you down. So cutting that in half has an impact on the real-world application side, which obviously most storage guys, you know, it's hard for us to quantify. But you are taking the impact of backup, and basically reducing it, if you will shrinking the backup window, so their primary applications don't get hammered as much by the backup while they're still trying to run that SAP, that Oracle or that SQL workload. >> And you're not a backup software vendor, so I have optionality there. I can pretty much choose all the popular, you know. >> Absolutely, so Veeam, Veritas, Commvault, IBM Spectrum Protect, all the majors. And in fact, one of the players I mentioned, as you were talking about the end-users, they use two different backup packages, two of 'em. So, two of the major vendors that I named, we work with them just within one account. So, we're very flexible, the user picks what they want from a backup software perspective, and we can work with anything. So, whatever they want to use, is fine with us. We integrate with all of them, we have integration, for example, also with VMware, for vVols and other aspects in container integration, so you know, whether it be our purpose-built backup appliance, InfiniGuard, or what we do with the InfiniBox, we always make sure we integrate with the surrounding environment. 'Cause storage is not an island, storage needs to exist in your data center, or your hybrid cloud data center, or what you're doing for containers. So we make sure we have integration with our InfiniBox, our InfiniBox SSA, all flash. And of course the product we're enhancing today, the InfiniGuard. >> Yeah, integration is super important in the enterprise. Enterprises want solutions, they're busy. (laughs) They don't have unlimited budget to go, you know, plugging stuff together. So, okay Eric, we got to leave it there. Thank you so much. >> Great, thank you very much Dave. Always love talking to the Cube. >> Okay, in a moment Stan Wysocki is coming in. He's the president of Mark III Systems. He's going to join us for a drill down on how InfiniGuard is impacting customers. You're watching the Cube, your global leader, in enterprise tech coverage. (gentle music)

>> (upbeat music) >> Okay, we just covered some of the critical aspects from Infinidat recent announcement and the importance of cyber resilience and fast recovery. Eric Hertzog is back and joining us is Stan Wysocki, who's president of Mark III Systems. Stan, welcome to the Cube, good to see you. >> Thank you, pleasure to be here. >> Tell us about Mark III Systems. You specialize in IT infrastructure and artificial intelligence. It says in your website. I'd love to hear more about your business. >> Yeah, yeah, definitely. You know, I think we're a little bit unique in our industry, right? There've been business partners resellers around for, we've been around for 26 years. And in 26 years, we've supported some of largest enterprise customers in the Southeast, with server storage networking virtualization. We have VCP number 94, so we've been doing that from the very beginning. But about six years ago, we realized that IT was changing, that business was changing, that the demands of the customers was changing and we needed to create the full stack message and a full-stack practice. So we hired data scientists and developers in DevOps, MLOps and gave them the environments and the tools that they could use to build experience around AI, ML deep learning. So now when we engage with our customers, not only can we handle the entire enterprise stack that they have, but we can help accelerate them on their adoption of open-source technologies, cloud native development and AI and integrating that into their business processes. >> I love it. You got to keep moving. You've been around for a long time, but you're not just sitting still. I wonder if you could comment in an Eric, I want you to comment as well. From your customer's perspective Stan, what are the big trends that you see that are impacting their business and the challenges that they're facing? >> Yeah, that's great. So kind of ties into what I just said. Today we live in a data-driven society. Everything that we do is really driven by how the customer wants to engage. And that's both an internal customer and your end user customers, on how they want to engage, how they want to consume and how they want to interact with everything out there in the world, right? So the real trends is really around engaging with the customer, but that means that you need to be data-driven, you need to adopt AI platforms, you need to adopt a more holistic view of what you're doing with your customers. That drives up the importance of the data that you have in your shop, right? So then cybersecurity becomes extremely important, not just because of the technical skills of the hacker is getting better and better, but because we're becoming more reliant on the data that we have moving forward and we're proud to partner with Infinidat in leveraging InfiniGuard and Infinni safe to really protect our customer's data. >> Great. Eric, thinking about the trends and some of the issues that Stan just mentioned, when you think about the launch and the announcement that you just made, how do you see it fitting in to Stan's business? How's how it's going to help the end customers? >> Well, I think there's one key aspect. As noted in the fortune survey of CEOs in 2021. The number one concern of CEOs of the fortune 500, was cybersecurity and they saw that as biggest threat to their business. As Stan pointed out, that becomes of the importance of the digital data, that all companies generate, of all types, financial services, healthcare, government institutions, manufacturing, you name it. So one of the key things you've got to do, is make sure that your storage estate, fits into an overall cybersecurity strategy. And with InfiniGuard, or Ifini safe technologies, we can ensure that Stan's customers and customers of our other business partners all over the world, can make sure that the data is safe, protected and can help them form a malware or ransomware attack, against that valuable data set. >> Well then you know, one of you guys could come with, I mean, we talked to CSOs and they've told us that there be could in part due to the pandemic, largely actually, their whole strategy has changed. Their spending strategies changed, no longer than just sort of putting up hardware firewalls. They're shifting their focus to two different areas, obviously endpoint, you know, cloud security is a big deal, identity access management, but ransomware, is just top of mind for everybody. And as we talked about earlier, the exposure, now the weak links, whether you're working from home, or Stan you mentioned greater sophistication of hacker. So what are you hearing from customers in this regard, Stan? >> Well, you know I think you have that, right? But then you always have, we've been doing this for 26 years. I've never heard of an IT budget that that's gone up, in any year, right? So, with the sophistication of these hackers that are coming out and the different angles that they're using to get in, it is extremely important for our customers to be very efficient and choose their security strategy and products very wisely, right? I think I read an article a year or so ago that the average enterprise had like something like 27 different security products and imagine a CSO and his team, who is struggling with their budget to manage that. So for us to be able to leverage InfiniGuard and Infini safe and to be able to provide, you know the immutable snapshots. The logical air gas, the physical air backs and offense network for recovery. That's all extremely easy to manage. I mean I talked to my customers on why they have chosen Infinidat, you know through us, right? And one of the things that they always talk about is how easy and how amazing the support is. How easy it is to install, how easy it is to manage. And normally when you have a simple product, right, you think you can sell that to an unsophisticated customers. But my most technical customers really appreciate this, because of the way Infinidat manages itself and provides the tools saying, just for example, the host tools, right? It does it in the way that they do it, so they trust it, so that they can focus on the more important tasks, rather than the tier and feeding other storage environment. >> Yeah, thank you and then when you talk to CSOs, you ask them what's the number one problem, they'll tell you lack of talent and you just nailed it. You've got on average 27 different tools, new tools coming out every day, you're getting billion dollar, VC investments and more and more companies are getting into it. It just adds to that confusion. So Stan, I wonder if you could talk about, specifically InfiniGuard, how it fits into your stack like where and how you're applying it? Maybe you could talk about some specific use cases. >> Oh yeah definitely, you know we have customers in pretty much every vertical, that we're supporting their stores environments and Infinidat plays and all of those verticals with all of our customers. One in particular a healthcare account, one of our very first Infinidat customers and over the years, is become the de facto standard, stores platform that they have. And they also now have InfiniGuard as the backup target for commovault. And this is one of those examples of the very technical discerning customer, that really demands excellence, right? So they love, you know, the three controller setup versus a dual controller set up, they love the availability and the resiliency, but then when it comes to the cybersecurity, before they moved on to this platform, they did have some ransomware attacks and they did have to pay out and it was very public. And, you know, since they've gone onto this platform, they feel much more comfortable. >> Excellent. So Eric, I want to bring you in. So let's talk through some of the options that customers have. You and I were talking earlier about, you know, the local air gap, what is that? You know, the logical air gap if you will and then the physical labor, what patterns are you seeing with customers to really try to protect themselves against some of this ransomware? How are they approaching it? >> Well, first of all, obviously, we with the InfiniGuard, has a purpose built backup appliance can work with all the various backup vendors. But because backup, is one of the first things these sophisticated ransomware, or malware it entity is going to attack. right? Otherwise the CIO will just call up say, hey, do we have a good backup? Let's recover from that. So secondary storage, AK their backup estate, is exactly the first thing they're going to target. And they do it certain viciously of course. So what are the key things we do, is we allow them to take those backup datasets, commvault for example and in Stan's example, or Vain or veritas or IBM Spectrum Protector, many other packages, even directly with databases like with Oracle Armin and allow them to create a mutable snapshots. Can't delete them, can't change them, can alter them. And then we air gap them locally, from the management framework. So in an InfiniGuard, we have a technology known as our day-to-day dupe engines ODDES. Those are really the management scanner for the entire solution. So when we create an immutable snapshots, we create a logical air gap, with ODDES, cannot alter the immutability characteristics, they cannot shorten them, they can not lengthen them, in short we take that management scheme away and create this separation. But we also allow them to replicate those backup datasets to a remote InfiniGuard box. You would set up the exact same parameters, I want to make an immutable snap every day, every 12 hours, every six hours and then you've got the duplicate. Remember the average length, from breach to closure on a cyber attack is 287 days. So once the attack starts, you don't know until they ask you for the ransom, it could be going on for 50 days, a hundred days, 150 days. And it's all done, if you will on the download, hidden. So if by the way, you happen to have a data center fire, or you happen to have a tornado or an earthquake, or some other natural disaster, you still want that data replicated to a secondary site, but then you still want the capability of the cyber resilience, as Stan pointed out. So you can do that. We can create a then a isolated fence network and we can do that on one InfiniGarden. Most of our competitors require two data protection appliances and it's public it's right on their websites. So we save you on some CapEx there and then we can do this near instantaneous recovery. And that's not just of the dataset. Some of the cyber reasons, technology you'll see out there, including on primary storage, only recovers the dataset. We can recover the entire backup data set and all the surrounding environment. So to second that Vain or Veritas, IBM spectrum protect commvault, backup is available. The backup admins or the storage admins, could immediately restored, it's ready to go. And we can do that in 15 to 30 minutes. Now that is being fast to react to a problem. >> So thank you for that. So Stan, I wonder if you could talk about the best practice Eric was just sharing, the local air gap and then the secondary, is that really in the case of a disaster, or is it also to isolate the network? What are you seeing as the gold standard that customers are applying with your advice? >> Yeah, definitely the gold standard would be three sites. We do have a lot of our customers. The one healthcare customer in particular is splits it between two sides and they are actually working with us right now to architect the third site. Just for that fact, we are down in Texas, hurricanes can come in 60, 70, 80 miles on in land. And then there's, you know, hurricane Harvey, right with all the flooding and stuff like that. So they do want to set up a third side. I think that gives them the peace of mind. And you know the whole thing about it is right. You know, having an environment like this means the CSO and his team can focus on preventing attacks, while they're very confident that their infrastructure team, can handle anything that slips by them. >> Okay, great. Thank you. We're about out of time but Eric, I wonder if you could kind of bring us home, give us a summary of, how you see InfiniGuard impacting customers, you know where's that value that business case for them. I wonder if you could just tie that note for us. >> Sure. We want to make sure that we tie everything back, normally technical value, as Stan very eloquently did with several different customers, but what we can do from a business value perspective. So as an example, one of our infiniGuard customers, is a global financial services company and they were using a solution from a different purpose-built backup appliance provider. They switched to us, not only they're able to increase the number of daily backups, from 30,000 to 90,000. So they get better data protection, but on top of that, they cut 40% of their costs. So you want to make sure that while you're doing this, you're doing things like consolidation. One of our other customers, which is in EMEA, in the European area, they had 14 purpose-built backup appliances, seven in one data center and set seven and a second data center. Now they've got two, one in one data center, one of the other, they of course do the local backups right then and there. And then they replicate, from one data center to the other data center. As both data centers are both active data centers, but differ for the other data center. So from their perspective, dramatic reduction of OPEX and CapEx, 14 physical boxes down to two. And of course the associated management of both the manpower side, but why I love to call the watch slots, power and floor. All of those things that go into an OPEX budget, they were cut dramatically, 'cause there's only two systems now, to power cool, et cetera et cetera. Floor space, Rackspace from 14. So wow, did they save money. So I think, it's not only providing that data protection and cyber resilience technology, but doing it in a cost-effective way. And as Stan pointed out, in a highly automated way, that cuts back on the manpower they need to manage these systems, because they're overworked and they need to focus on as Stan pointed out, their AI infrastructure, where they're doing for AI applications, don't have time to deal with it. So the more we automate, the better it is for them and the easier it is for everyone from the end-user perspective, as well as up in through their entire IT chain of command. >> Okay, if you want more information, you can go to infinidatguard.com or it's markiisis.com and check it out, learn about their full stack solution. A little bit about AI. Gentlemen, thanks so much for the conversation today, great to have you. >> Mark and Steve: Thank you, Dave. Now in a moment, I'm going to have some closing thoughts on the market and what we heard today. Thank you for watching the cube. You're a leader in enterprise tech coverage.

(upbeat music) >> Okay, we just covered some of the critical aspects from Infinidat recent announcement and the importance of cyber resilience and fast recovery. Eric Hertzog is back and joining us is Stan Wysocki, who's president of Mark Three Systems. Stan, welcome to the Cube, good to see you. >> Thank you, pleasure to be here. >> Tell us about Mark Three Systems. You specialize in IT infrastructure and artificial intelligence. It says in your website. I'd love to hear more about your business. >> Yeah, yeah, definitely. You know, I think we're a little bit unique in our industry, right? There've been business partners resellers around for, we've been around for 26 years. And in 26 years, we've supported some of largest enterprise customers in the Southeast, with server storage networking virtualization. We have VCP number 94, so we've been doing that from the very beginning. But about six years ago, we realized that IT was changing, that business was changing, that the demands of the customers was changing and we needed to create the full stack message and a full-stack practice. So we hired data scientists and developers in DevOps, MLOps and gave them the environments and the tools that they could use to build experience around AI, ML deep learning. So now when we engage with our customers, not only can we handle the entire enterprise stack that they have, but we can help accelerate them on their adoption of open-source technologies, cloud native development and AI and integrating that into their business processes. >> I love it. You got to keep moving. You've been around for a long time, but you're not just sitting still. I wonder if you could comment in an Eric, I want you to comment as well. From your customer's perspective Stan, what are the big trends that you see that are impacting their business and the challenges that they're facing? >> Yeah, that's great. So kind of ties into what I just said. Today we live in a data-driven society. Everything that we do is really driven by how the customer wants to engage. And that's both an internal customer and your end user customers, on how they want to engage, how they want to consume and how they want to interact with everything out there in the world, right? So the real trends is really around engaging with the customer, but that means that you need to be data-driven, you need to adopt AI platforms, you need to adopt a more holistic view of what you're doing with your customers. That drives up the importance of the data that you have in your shop, right? So then cybersecurity becomes extremely important, not just because of the technical skills of the hacker is getting better and better, but because we're becoming more reliant on the data that we have moving forward and we're proud to partner with Infinidat in leveraging InfiniGuard and Infinni safe to really protect our customer's data. >> Great. Eric, thinking about the trends and some of the issues that Stan just mentioned, when you think about the launch and the announcement that you just made, how do you see it fitting in to Stan's business? How's how it's going to help the end customers? >> Well, I think there's one key aspect. As noted in the fortune survey of CEOs in 2021. The number one concern of CEOs of the fortune 500, was cybersecurity and they saw that as biggest threat to their business. As Stan pointed out, that becomes of the importance of the digital data, that all companies generate, of all types, financial services, healthcare, government institutions, manufacturing, you name it. So one of the key things you've got to do, is make sure that your storage estate, fits into an overall cybersecurity strategy. And with InfiniGuard, or Ifini safe technologies, we can ensure that Stan's customers and customers of our other business partners all over the world, can make sure that the data is safe, protected and can help them form a malware or ransomware attack, against that valuable data set. >> Well then you know, one of you guys could come with, I mean, we talked to CSOs and they've told us that there be could in part due to the pandemic, largely actually, their whole strategy has changed. Their spending strategies changed, no longer than just sort of putting up hardware firewalls. They're shifting their focus to two different areas, obviously endpoint, you know, cloud security is a big deal, identity access management, but ransomware, is just top of mind for everybody. And as we talked about earlier, the exposure, now the weak links, whether you're working from home, or Stan you mentioned greater sophistication of hacker. So what are you hearing from customers in this regard, Stan? >> Well, you know I think you have that, right? But then you always have, we've been doing this for 26 years. I've never heard of an IT budget that that's gone up, in any year, right? So, with the sophistication of these hackers that are coming out and the different angles that they're using to get in, it is extremely important for our customers to be very efficient and choose their security strategy and products very wisely, right? I think I read an article a year or so ago that the average enterprise had like something like 27 different security products and imagine a CSO and his team, who is struggling with their budget to manage that. So for us to be able to leverage InfiniGuard and Infini safe and to be able to provide, you know the immutable snapshots. The logical air gas, the physical air backs and offense network for recovery. That's all extremely easy to manage. I mean I talked to my customers on why they have chosen Infinidat, you know through us, right? And one of the things that they always talk about is how easy and how amazing the support is. How easy it is to install, how easy it is to manage. And normally when you have a simple product, right, you think you can sell that to an unsophisticated customers. But my most technical customers really appreciate this, because of the way Infinidat manages itself and provides the tools saying, just for example, the host tools, right? It does it in the way that they do it, so they trust it, so that they can focus on the more important tasks, rather than the tier and feeding other storage environment. >> Yeah, thank you and then when you talk to CSOs, you ask them what's the number one problem, they'll tell you lack of talent and you just nailed it. You've got on average 27 different tools, new tools coming out every day, you're getting billion dollar, VC investments and more and more companies are getting into it. It just adds to that confusion. So Stan, I wonder if you could talk about, specifically InfiniGuard, how it fits into your stack like where and how you're applying it? Maybe you could talk about some specific use cases. >> Oh yeah definitely, you know we have customers in pretty much every vertical, that we're supporting their stores environments and Infinidat plays and all of those verticals with all of our customers. One in particular a healthcare account, one of our very first Infinidat customers and over the years, is become the de facto standard, stores platform that they have. And they also now have InfiniGuard as the backup target for commovault. And this is one of those examples of the very technical discerning customer, that really demands excellence, right? So they love, you know, the three controller setup versus a dual controller set up, they love the availability and the resiliency, but then when it comes to the cybersecurity, before they moved on to this platform, they did have some ransomware attacks and they did have to pay out and it was very public. And, you know, since they've gone onto this platform, they feel much more comfortable. >> Excellent. So Eric, I want to bring you in. So let's talk through some of the options that customers have. You and I were talking earlier about, you know, the local air gap, what is that? You know, the logical air gap if you will and then the physical labor, what patterns are you seeing with customers to really try to protect themselves against some of this ransomware? How are they approaching it? >> Well, first of all, obviously, we with the InfiniGuard, has a purpose built backup appliance can work with all the various backup vendors. But because backup, is one of the first things these sophisticated ransomware, or malware it entity is going to attack. right? Otherwise the CIO will just call up say, hey, do we have a good backup? Let's recover from that. So secondary storage, AK their backup estate, is exactly the first thing they're going to target. And they do it certain viciously of course. So what are the key things we do, is we allow them to take those backup datasets, commvault for example and in Stan's example, or Vain or veritas or IBM Spectrum Protector, many other packages, even directly with databases like with Oracle Armin and allow them to create a mutable snapshots. Can't delete them, can't change them, can alter them. And then we air gap them locally, from the management framework. So in an InfiniGuard, we have a technology known as our day-to-day dupe engines ODDES. Those are really the management scanner for the entire solution. So when we create an immutable snapshots, we create a logical air gap, with ODDES, cannot alter the immutability characteristics, they cannot shorten them, they can not lengthen them, in short we take that management scheme away and create this separation. But we also allow them to replicate those backup datasets to a remote InfiniGuard box. You would set up the exact same parameters, I want to make an immutable snap every day, every 12 hours, every six hours and then you've got the duplicate. Remember the average length, from breach to closure on a cyber attack is 287 days. So once the attack starts, you don't know until they ask you for the ransom, it could be going on for 50 days, a hundred days, 150 days. And it's all done, if you will on the download, hidden. So if by the way, you happen to have a data center fire, or you happen to have a tornado or an earthquake, or some other natural disaster, you still want that data replicated to a secondary site, but then you still want the capability of the cyber resilience, as Stan pointed out. So you can do that. We can create a then a isolated fence network and we can do that on one InfiniGarden. Most of our competitors require two data protection appliances and it's public it's right on their websites. So we save you on some CapEx there and then we can do this near instantaneous recovery. And that's not just of the dataset. Some of the cyber reasons, technology you'll see out there, including on primary storage, only recovers the dataset. We can recover the entire backup data set and all the surrounding environment. So to second that Vain or Veritas, IBM spectrum protect commvault, backup is available. The backup admins or the storage admins, could immediately restored, it's ready to go. And we can do that in 15 to 30 minutes. Now that is being fast to react to a problem. >> So thank you for that. So Stan, I wonder if you could talk about the best practice Eric was just sharing, the local air gap and then the secondary, is that really in the case of a disaster, or is it also to isolate the network? What are you seeing as the gold standard that customers are applying with your advice? >> Yeah, definitely the gold standard would be three sites. We do have a lot of our customers. The one healthcare customer in particular is splits it between two sides and they are actually working with us right now to architect the third site. Just for that fact, we are down in Texas, hurricanes can come in 60, 70, 80 miles on in land. And then there's, you know, hurricane Harvey, right with all the flooding and stuff like that. So they do want to set up a third side. I think that gives them the peace of mind. And you know the whole thing about it is right. You know, having an environment like this means the CSO and his team can focus on preventing attacks, while they're very confident that their infrastructure team, can handle anything that slips by them. >> Okay, great. Thank you. We're about out of time but Eric, I wonder if you could kind of bring us home, give us a summary of, how you see InfiniGuard impacting customers, you know where's that value that business case for them. I wonder if you could just tie that note for us. >> Sure. We want to make sure that we tie everything back, normally technical value, as Stan very eloquently did with several different customers, but what we can do from a business value perspective. So as an example, one of our infiniGuard customers, is a global financial services company and they were using a solution from a different purpose-built backup appliance provider. They switched to us, not only they're able to increase the number of daily backups, from 30,000 to 90,000. So they get better data protection, but on top of that, they cut 40% of their costs. So you want to make sure that while you're doing this, you're doing things like consolidation. One of our other customers, which is in EMEA, in the European area, they had 14 purpose-built backup appliances, seven in one data center and set seven and a second data center. Now they've got two, one in one data center, one of the other, they of course do the local backups right then and there. And then they replicate, from one data center to the other data center. As both data centers are both active data centers, but differ for the other data center. So from their perspective, dramatic reduction of OPEX and CapEx, 14 physical boxes down to two. And of course the associated management of both the manpower side, but why I love to call the watch slots, power and floor. All of those things that go into an OPEX budget, they were cut dramatically, 'cause there's only two systems now, to power cool, et cetera et cetera. Floor space, Rackspace from 14. So wow, did they save money. So I think, it's not only providing that data protection and cyber resilience technology, but doing it in a cost-effective way. And as Stan pointed out, in a highly automated way, that cuts back on the manpower they need to manage these systems, because they're overworked and they need to focus on as Stan pointed out, their AI infrastructure, where they're doing for AI applications, don't have time to deal with it. So the more we automate, the better it is for them and the easier it is for everyone from the end-user perspective, as well as up in through their entire IT chain of command. >> Okay, if you want more information, you can go to infinidatguard.com or it's markiisis.com and check it out, learn about their full stack solution. A little bit about AI. Gentlemen, thanks so much for the conversation today, great to have you. >> Thank you, Dave. Now in a moment, I'm going to have some closing thoughts on the market and what we heard today. Thank you for watching the cube. You're a leader in enterprise tech coverage.

(gentle music) >> High profile cyber attacks like the SolarWinds hack, the JBS meat and the Florida municipality breach, have heightened awareness of how exposed, critical infrastructure has become. Because the pandemic has shifted employees to remote modes of work, hackers now have a much easier target to fish for credentials and exploit less secure home networks. Take the recent Log4j vulnerability, that's yet another example, of how hackers can take advantage of weak links in the chain. Now data storage companies have an important role to play in fighting cyber crime. Ultimately, they provide the equivalent of a bank vault if you will, and are responsible for storing and protecting the data that cyber criminals are targeting to steal or encrypt, in an effort to hold companies hostage, in a ransomware attack. Now in an effort to help customers understand how to protect themselves from such vulnerabilities, and how one storage company is addressing these challenges, the Cube is hosting this special presentation InfiniGuard Cyber Resilience: New Cybercrime Solutions. And we're going to speak with Eric Herzog, who's the Chief Marketing Officer of Infinidat, and then we'll bring in Stan Wysocki who is the president of Mark III Systems who is either an expert in IT infrastructure and artificial intelligence. First, let me welcome Eric Herzog back to the Cube, hello, Eric. >> Great, Dave, thank you very much, always love talking to you and the Cube, about leading edge technology solutions for end users. >> Alright let's do it. So, first we want to address the transformation and big business progress of Infinidat. New CEO, he's injected new management, new head of marketing obviously, Phil Bullinger is really been focused on accelerating the company's original vision, and doing so, Eric, in the typically unconventional style of Infinidat, you just put out a press release, capping 2021, can you set the stage for us, and give us the business update? >> Sure, so of course we summarized our 2021 results. What a very, very strong year. What a very, very strong year. We increased our bookings over 40% year to year. Even in Q4, we increased our bookings over 68%. And over 25% of the fortune 50 use an Infinidat solution, either our InfiniBox, or InfiniBox SSA, all flash array, or our Infiniguard, which is the focus of the launch we're doing today, on February 9th. >> Yeah, so I always said that Infinidat is one of the best kept secrets in the storage business. So let's talk about that hard news, what you launched on February 9th, and why it's important. >> Well, what we've done is we've got a high end enterprise purpose-built backup appliance, the InfiniGuard. We made some substantial advances in that. The key is focused on cyber resilience with what we call our infinisafe technology. Infinisafe incorporates a number of subsets, of cyber resilience from immutable snapshots, to logical air gapping, to fenced isolated networks, to almost instantaneous recovery for your backup data sets. In addition, we also dramatically improved the performance of the backup and recovery, which means, for example, if a backup window was taking three hours, now the backup window on that primary backup dataset could take only an hour and a half, which of course, as we all know backup dramatically impacts the performance of your primary applications, your primary servers, and your primary storage. So we've done both the cyber resilience aspect and then, on modern data protection, making sure that the backup and recovery are faster, for a traditional backup workload. >> So tell us a little bit more about Infinisafe, and specifically, Eric I'm interested in how it's different from other solutions, don't make me a liar, I had said, you guys always kind of take nonconventional approaches so tell us, add a little color to Infinisafe and how is it really unique from competitors? >> Sure, well Infinisafe incorporates as I mentioned, several different aspects. First of all, the immutable snapshots. So immutable snapshots can not be deleted, they cannot be altered, you cannot accelerate the rate, you can set the rate of immutable stuff, do I want to do it once a day? Do I want to do it twice a day? And obviously if a hacker could get in, you could accelerate that. Our immutable snaps are physically separated from the management schema. So the inside of an Infiniguard, we have what we call a data dedupe appliance, and that data dedupe engine, it goes ahead and it applies data reduction technology, to that back up data set. But we've divorced the immutable snapshots from the management of what we now call a DDE. So the DDE has kind of access of giving you that gap, that logical gap between the management schema of a DDE, and of course the immutable snapshot. We also combine that with this air gap technology, you've got the immutability and the air gap, which is local in that instance, but we also can do it remotely. So we can replicate from one Infiniguard in data center A, to a different Infiniguard in data center B. You then can configure that backup data set with the same immutable snapshot, and the same length, one day, half a day, six hours, whatever you choose, and then of course it'll have that same capability. The third thing we've done is very unique. We have a fenced isolated network to perform forensics. So, if the Cube has a cyber or malware attack, you need to make sure that once you've cleaned it up, off the primary storage, the primary servers, that you recover, a known good data set. So we set up this isolated fence network in which to perform that forensic analysis, to give you the appropriate good recover point. However, unlike many of our competitors, we can do it with a single InfiniBox. Some of our competitors, right on their websites say, you need two of their purpose-built backup appliances, to do cyber resilience. Meaning, twice the CapEx and twice the OpEx, which we can do with a single Infiniguard solution. And then lastly is our near instantaneous recovery. As you know, we're recovering backup data sets. We can make between 15 and 30 minutes time, the backup data set fully accessible to the backup admin or the storage admin to use their Commvault, their Veeam, their Veritas, their IBM Spectrum Protect, or whatever their backup software is, to do recovery from the InfiniGuard box, back to the primary storage using of course the backup software that they created the original dataset with. That is very unique. When you look out in the industry and look at, whether it be purpose-built backup competitors, or whether you look at primary storage competitors, almost no one talks about the speed of their recovery, and the one or two that do, talk about recovering the data set. We recover the entire environment. We are ready to go, and the backup admin, if they were, for example, Commvault, Veeam or Veritas, they could immediately start the backup, as soon as we did our recovery, which again, takes between 15 and 30 minutes, independent of the data set size. That could be 50 terabytes, it could be a petabyte, it could be two petabytes. And even two petabytes of data can be available in 15 to 30 minutes. And then of course, the backup admin can restore from that backup dataset. Very powerful and very unique in those aspects. >> Whilst the reason why this is so important is like I said, it's like the bank vault, because hackers are going to go after that backup corpus that's where the gold is, that's where all the data is. So this all really sounds good. But there's more than Infinisafe in this launch. What else should we know? >> Well, the other thing we've done is dramatically improved the performance of the purpose-built backup plants at the core. So for example, the last time we publicly announced our numbers, we were at 74 terabytes an hour, now we're 180 terabytes an hour. So of course, as we all know, when you do a backup, it impacts the performance of the primary applications, the primary servers and the primary storage. So if that backup window was taking three hours, now that we've more than doubled the performance, you could be up to 50% better. So a three hour backup window, if that's what the dataset took to be backed up, now we can get that down to an hour and a half or even faster. So that of course minimizes the impact on primary storage, primary applications, and of course your primary storage, making it much, much more efficient, from a backup perspective, and of course less impact on the primary applications, the primary servers, and primary storage. >> So I've talked to a number of Infinidat customers, they're very loyal and kind of passionate. So I wonder if you could kind of put that perspective on this discussion. The impact that InfiniGuard, this announcement, that's going to have for your customers, paint a picture as to how it's going to change their business. >> Sure, so let me give you an example. One of our customers is a cloud service buyer, in North America, they focus only on healthcare. So here's a couple of key benefits that they got. First of all, they use our integration with two different backup vendors. They don't have one, they have two. So we're tightly integrated with our backup software partners. They got a 40% cost savings on CapEX, compared to the previous vendor that they had. And, they used to be able to do 30,000 backup per day, now they can do 90,000 backup a day. And by the way, that's all with the previous version of InfiniGuard, not the version we just announced on the 9th. One of our other customers, which is in AMEA and they happened to be an energy company, they were using purpose-built backup from the other vendor, and they had 14 of them, seven in data center one, and seven in data center two. With InfiniGuard, they've got one in data center one, and one in data center two. So 14 purpose-built backup appliances consolidated down into two. And on top of that, those purpose-built backup appliances from the other vendor actually had a couple recovery failures, where they were not able to recover the data. They've been installed for a year now, they've had zero recovers, zero recovery failures, whereas the previous vendor had some. And lastly, let's talk about a large global fortune financial services. So, one of the biggest in the industry, their cost savings from their previous vendor was 46%. In addition, when you look at their cyber resilience design, they were using one of those vendors that probably talks about needing two system products to do their cyber resiliency. They again were able to take those two systems out, and use one InfiniGuard solution. Again, reducing both their capital expenditure, two going to one. And then the operational expenditure, they only have to manage one InfiniGuard versus two of the other guys appliances. Those are just three examples all over the world. One in cloud service providing, one in the energy space, and one a global fortune 500 financial services company. Just some real world examples. And all those by the way, Dave, were before the enhancements of Infinisafe, and before the additional performance we've added in the launch of InfiniGuard on February 9th. >> So like I'm just kind of sketching out the business case, you know, put my CFO hat on. So you're lowering costs cause you're consolidating, so that means I need less hardware and software. But also there's probably labor costs associated with that. If I could do it faster with less resources, I got less stuff to manage. You're accelerating the backup time, so that frees up resources that I can apply elsewhere, recovery, you know, is really important. So I'm inferring faster recovery, all this lowers my risk, and then I can sort of calculate the probability of having data loss, and then what that means to my business. Am I getting that right? >> Yeah, yeah. And in fact, the other impact is on your primary service and your primary storage. If the backup window shrinks, then you're not slowing down that SAP app, that Oracle app, you know, that SQL app, whatever you're running, whether that be the financials, whether that be your logistics, whether it be your manufacturing system, every time you turn on that backup, to do that backup, that backup window slows you down. So cutting that in half has an impact on the real-world application side, which obviously most storage guys, you know, it's hard for us to quantify. But you are taking the impact of backup, and basically reducing it, if you will shrinking the backup window, so their primary applications don't get hammered as much by the backup while they're still trying to run that SAP, that Oracle or that SQL workload. >> And you're not a backup software vendor, so I have optionality there. I can pretty much choose all the popular, you know. >> Absolutely, so Veeam, Veritas, Commvault, IBM Spectrum Protect, all the majors. And in fact, one of the players I mentioned, as you were talking about the end-users, they use two different backup packages, two of 'em. So, two of the major vendors that I named, we work with them just within one account. So, we're very flexible, the user picks what they want from a backup software perspective, and we can work with anything. So, whatever they want to use, is fine with us. We integrate with all of them, we have integration, for example, also with VMware, for vVols and other aspects in container integration, so you know, whether it be our purpose-built backup appliance, InfiniGuard, or what we do with the InfiniBox, we always make sure we integrate with the surrounding environment. 'Cause storage is not an island, storage needs to exist in your data center, or your hybrid cloud data center, or what you're doing for containers. So we make sure we have integration with our InfiniBox, our InfiniBox SSA, all flash. And of course the product we're enhancing today, the InfiniGuard. >> Yeah, integration is super important in the enterprise. Enterprises want solutions, they're busy. (laughs) They don't have unlimited budget to go, you know, plugging stuff together. So, okay Eric, we got to leave it there. Thank you so much. >> Great, thank you very much Dave. Always love talking to the Cube. >> Okay, in a moment Stan Wysocki is coming in. He's the president of Mark III Systems. He's going to join us for a drill down on how InfiniGuard is impacting customers. You're watching the Cube, your global leader, in enterprise tech coverage. (gentle music)

>> From theCUBE Studios in Palo Alto in Boston, bringing you data-driven insights from theCUBE and ETR. This is "Breaking Analysis" with Dave Vellante. >> When Facebook changed its name to Meta last fall, it catalyzed a chain reaction throughout the tech industry. Software firms, gaming companies, chip makers, device manufacturers, and others have joined in hype machine. Now, it's easy to dismiss the metaverse as futuristic hyperbole, but do we really believe that tapping on a smartphone, or staring at a screen, or two-dimensional Zoom meetings are the future of how we work, play, and communicate? As the internet itself proved to be larger than we ever imagined, it's very possible, and even quite likely that the combination of massive processing power, cheap storage, AI, blockchains, crypto, sensors, AR, VR, brain interfaces, and other emerging technologies will combine to create new and unimaginable consumer experiences, and massive wealth for creators of the metaverse. Hello, and welcome to this week's Wiki Bond Cube Insights, powered by ETR. In this "Breaking Analysis" we welcome in cyber expert, hacker gamer, NFT expert, and founder of ORE System, Nick Donarski. Nick, welcome, thanks so much for coming on theCUBE. >> Thank you, sir, glad to be here. >> Yeah, okay, so today we're going to traverse two parallel paths, one that took Nick from security expert and PenTester to NFTs, tokens, and the metaverse. And we'll simultaneously explore the complicated world of cybersecurity in the enterprise, and how the blockchain, crypto, and NFTs will provide key underpinnings for digital ownership in the metaverse. We're going to talk a little bit about blockchain, and crypto, and get things started there, and some of the realities and misconceptions, and how innovations in those worlds have led to the NFT craze. We'll look at what's really going on in NFTs and why they're important as both a technology and societal trend. Then, we're going to dig into the tech and try to explain why and how blockchain and NFTs are going to lay the foundation for the metaverse. And, finally, who's going to build the metaverse. And how long is it going to take? All right, Nick, let's start with you. Tell us a little bit about your background, your career. You started as a hacker at a really, really young age, and then got deep into cyber as a PenTester. You did some pretty crazy stuff. You have some great stories about sneaking into buildings. You weren't just doing it all remote. Tell us about yourself. >> Yeah, so I mean, really, I started a long time ago. My dad was really the foray into technology. I wrote my first program on an Apple IIe in BASIC in 1989. So, I like to say I was born on the internet, if you will. But, yeah, in high school at 16, I incorporated my first company, did just tech support for parents and teachers. And then in 2000 I transitioned really into security and focused there ever since. I joined Rapid7 and after they picked up Medis boy, I joined HP. I was one of their founding members of Shadowlabs and really have been part of the information security and the cyber community all throughout, whether it's training at various different conferences or talking. My biggest thing and my most awesome moments as various things of being broken into, is really when I get to actually work with somebody that's coming up in the industry and who's new and actually has that light bulb moment of really kind of understanding of technology, understanding an idea, or getting it when it comes to that kind of stuff. >> Yeah, and when you think about what's going on in crypto and NFTs and okay, now the metaverse it's you get to see some of the most innovative people. Now I want to first share a little bit of data on enterprise security and maybe Nick get you to comment. We've reported over the past several years on the complexity in the security business and the numerous vendor choices that SecOps Pros face. And this chart really tells that story in the cybersecurity space. It's an X,Y graph. We've shown it many times from the ETR surveys where the vertical axis, it's a measure of spending momentum called net score. And the horizontal axis is market share, which represents each company's presence in the data set, and a couple of points stand out. First, it's really crowded. In that red dotted line that you see there, that's 40%, above that line on the net score axis, marks highly elevated spending momentum. Now, let's just zoom in a bit and I've cut the data by those companies that have more than a hundred responses in the survey. And you can see here on this next chart, it's still very crowded, but a few call-outs are noteworthy. First companies like SentinelOne, Elastic, Tanium, Datadog, Netskope and Darktrace. They were all above that 40% line in the previous chart, but they've fallen off. They still have actually a decent presence in the survey over 60 responses, but under that hundred. And you can see Auth0 now Okta, big $7 billion acquisition. They got the highest net score CrowdStrike's up there, Okta classic they're kind of enterprise business, and Zscaler and others above that line. You see Palo Alto Networks and Microsoft very impressive because they're both big and they're above that elevated spending velocity. So Nick, kind of a long-winded intro, but it was a little bit off topic, but I wanted to start here because this is the life of a SecOps pro. They lack the talent in a capacity to keep bad guys fully at bay. And so they have to keep throwing tooling at the problem, which adds to the complexity and as a PenTester and hacker, this chaos and complexity means cash for the bad guys. Doesn't it? >> Absolutely. You know, the more systems that these organizations find to integrate into the systems, means that there's more components, more dollars and cents as far as the amount of time and the engineers that need to actually be responsible for these tools. There's a lot of reasons that, the more, I guess, hands in the cookie jar, if you will, when it comes to the security architecture, the more links that are, or avenues for attack built into the system. And really one of the biggest things that organizations face is being able to have engineers that are qualified and technical enough to be able to support that architecture as well, 'cause buying it from a vendor and deploying it, putting it onto a shelf is good, but if it's not tuned properly, or if it's not connected properly, that security tool can just hold up more avenues of attack for you. >> Right, okay, thank you. Now, let's get into the meat of the discussion for today and talk a little bit about blockchain and crypto for a bit. I saw sub stack post the other day, and it was ripping Matt Damon for pedaling crypto on TV ads and how crypto is just this big pyramid scheme. And it's all about allowing criminals to be anonymous and it's ransomware and drug trafficking. And yes, there are definitely scams and you got to be careful and lots of dangers out there, but these are common criticisms in the mainstream press, that overlooked the fact by the way that IPO's and specs are just as much of a pyramid scheme. Now, I'm not saying there shouldn't be more regulation, there should, but Bitcoin was born out of the 2008 financial crisis, cryptocurrency, and you think about, it's really the confluence of software engineering, cryptography and game theory. And there's some really powerful innovation being created by the blockchain community. Crypto and blockchain are really at the heart of a new decentralized platform being built out. And where today, you got a few, large internet companies. They control the protocols and the platform. Now the aspiration of people like yourself, is to create new value opportunities. And there are many more chances for the little guys and girls to get in on the ground floor and blockchain technology underpins all this. So Nick, what's your take, what are some of the biggest misconceptions around blockchain and crypto? And do you even pair those two in the same context? What are your thoughts? >> So, I mean, really, we like to separate ourselves and say that we are a blockchain company, as opposed to necessarily saying(indistinct) anything like that. We leverage those tools. We leverage cryptocurrencies, we leverage NFTs and those types of things within there, but blockchain is a technology, which is the underlying piece, is something that can be used and utilized in a very large number of different organizations out there. So, cryptocurrency and a lot of that negative context comes with a fear of something new, without having that regulation in place, without having the rules in place. And we were a big proponent of, we want the regulation, right? We want to do right. We want to do it by the rules. We want to do it under the context of, this is what should be done. And we also want to help write those rules as well, because a lot of the lawmakers, a lot of the lobbyists and things, they have a certain aspect or a certain goal of when they're trying to get these things. Our goal is simplicity. We want the ability for the normal average person to be able to interact with crypto, interact with NFTs, interact with the blockchain. And basically by saying, blockchain in quotes, it's very ambiguous 'cause there's many different things that blockchain can be, the easiest way, right? The easiest way to understand blockchain is simply a distributed database. That's really the core of what blockchain is. It's a record keeping mechanism that allows you to reference that. And the beauty of it, is that it's quote unquote immutable. You can't edit that data. So, especially when we're talking about blockchain, being underlying for technologies in the future, things like security, where you have logging, you have keeping, whether you're talking about sales, where you may have to have multiple different locations (indistinct) users from different locations around the globe. It creates a central repository that provides distribution and security in the way that you're ensuring your data, ensuring the validation of where that data exists when it was created. Those types of things that blockchain really is. If you go to the historical, right, the very early on Bitcoin absolutely was made to have a way of not having to deal with the fed. That was the core functionality of the initial crypto. And then you had a lot of the illicit trades, those black markets that jumped onto it because of what it could do. The maturity of the technology though, of where we are now versus say back in 97 is a much different world of blockchain, and there's a much different world of cryptocurrency. You still have to be careful because with any fed, you're still going to have that FUD that goes out there and sells that fear, uncertainty and doubt, which spurs a lot of those types of scams, and a lot of those things that target end users that we face as security professionals today. You still get mailers that go out, looking for people to give their social security number over during tax time. Snail mail is considered a very ancient technology, but it still works. You still get a portion of the population that falls for those tricks, fishing, whatever it might be. It's all about trying to make sure that you have fear about what is that change. And I think that as we move forward, and move into the future, the simpler and the more comfortable these types of technologies become, the easier it is to utilize and indoctrinate normal users, to be able to use these things. >> You know, I want to ask you about that, Nick, because you mentioned immutability, there's a lot of misconceptions about that. I had somebody tell me one time, "Blockchain's Bs," and they say, "Well, oh, hold on a second. They say, oh, they say it's a mutable, but you can hack Coinbase, whatever it is." So I guess a couple of things, one is that the killer app for blockchain became money. And so we learned a lot through that. And you had Bitcoin and it really wasn't programmable through its interface. And then Ethereum comes out. I know, you know a lot about Ether and you have solidity, which is a lot simpler, but it ain't JavaScript, which is ubiquitous. And so now you have a lot of potential for the initial ICO's and probably still the ones today, the white papers, a lot of security flaws in there. I'm sure you can talk to that, but maybe you can help square that circle about immutability and security. I've mentioned game theory before, it's harder to hack Bitcoin and the Bitcoin blockchain than it is to mine. So that's why people mine, but maybe you could add some context to that. >> Yeah, you know it goes to just about any technology out there. Now, when you're talking about blockchain specifically, the majority of the attacks happen with the applications and the smart contracts that are actually running on the blockchain, as opposed to necessarily the blockchain itself. And like you said, the impact for whether that's loss of revenue or loss of tokens or whatever it is, in most cases that results from something that was a phishing attack, you gave up your credentials, somebody said, paste your private key in here, and you win a cookie or whatever it might be, but those are still the fundamental pieces. When you're talking about various different networks out there, depending on the blockchain, depends on how much the overall security really is. The more distributed it is, and the more stable it is as the network goes, the better or the more stable any of the code is going to be. The underlying architecture of any system is the key to success when it comes to the overall security. So the blockchain itself is immutable, in the case that the owner are ones have to be trusted. If you look at distributed networks, something like Ethereum or Bitcoin, where you have those proof of work systems, that disperses that information at a much more remote location, So the more disperse that information is, the less likely it is to be able to be impacted by one small instance. If you look at like the DAO Hack, or if you look at a lot of the other vulnerabilities that exist on the blockchain, it's more about the code. And like you said, solidity being as new as it is, it's not JavaScript. The industry is very early and very infantile, as far as the developers that are skilled in doing this. And with that just comes the inexperience and the lack of information that you don't learn until JavaScript is 10 or 12 years old. >> And the last thing I'll say about this topic, and we'll move on to NFTs, but NFTs relate is that, again, I said earlier that the big internet giants have pretty much co-opted the platform. You know, if you wanted to invest in Linux in the early days, there was no way to do that. You maybe have to wait until red hat came up with its IPO and there's your pyramid scheme folks. But with crypto it, which is again, as Nick was explaining underpinning is the blockchain, you can actually participate in early projects. Now you got to be careful 'cause there are a lot of scams and many of them are going to blow out if not most of them, but there are some, gems out there, because as Nick was describing, you've got this decentralized platform that causes scaling issues or performance issues, and people are solving those problems, essentially building out a new internet. But I want to get into NFTs, because it's sort of the next big thing here before we get into the metaverse, what Nick, why should people pay attention to NFTs? Why do they matter? Are they really an important trend? And what are the societal and technological impacts that you see in this space? >> Yeah, I mean, NFTs are a very new technology and ultimately it's just another entry on the blockchain. It's just another piece of data in the database. But how it's leveraged in the grand scheme of how we, as users see it, it can be the classic idea of an NFT is just the art, or as good as the poster on your wall. But in the case of some of the new applications, is where are you actually get that utility function. Now, in the case of say video games, video games and gamers in general, already utilize digital items. They already utilize digital points. As in the case of like Call of Duty points, those are just different versions of digital currencies. You know, World of Warcraft Gold, I like to affectionately say, was the very first cryptocurrency. There was a Harvard course taught on the economy of WOW, there was a black market where you could trade your end game gold for Fiat currencies. And there's even places around the world that you can purchase real world items and stay at hotels for World of Warcraft Gold. So the adoption of blockchain just simply gives a more stable and a more diverse technology for those same types of systems. You're going to see that carry over into shipping and logistics, where you need to have data that is single repository for being able to have multiple locations, multiple shippers from multiple global efforts out there that need to have access to that data. But in the current context, it's either sitting on a shipping log, it's sitting on somebody's desk. All of those types of paper transactions can be leveraged as NFTs on the blockchain. It's just simply that representation. And once you break the idea of this is just a piece of art, or this is a cryptocurrency, you get into a world where you can apply that NFT technology to a lot more things than I think most people think of today. >> Yeah, and of course you mentioned art a couple of times when people sold as digital art for whatever, it was 60, 65 million, 69 million, that caught a lot of people's attention, but you're seeing, I mean, there's virtually infinite number of applications for this. One of the Washington wizards, tokenized portions of his contract, maybe he was creating a new bond, that's really interesting use cases and opportunities, and that kind of segues into the latest, hot topic, which is the metaverse. And you've said yourself that blockchain and NFTs are the foundation of the metaverse, they're foundational elements. So first, what is the metaverse to you and where do blockchain and NFTs, fit in? >> Sure, so, I mean, I affectionately refer to the metaverse just a VR and essentially, we've been playing virtual reality games and all the rest for a long time. And VR has really kind of been out there for a long time. So most people's interpretation or idea of what the metaverse is, is a virtual reality version of yourself and this right, that idea of once it becomes yourself, is where things like NFT items, where blockchain and digital currencies are going to come in, because if you have a manufacturer, so you take on an organization like Nike, and they want to put their shoes into the metaverse because we, as humans, want to individualize ourselves. We go out and we want to have that one of one shoe or that, t-shirt or whatever it is, we're going to want to represent that same type of individuality in our virtual self. So NFTs, crypto and all of those digital currencies, like I was saying that we've known as gamers are going to play that very similar role inside of the metaverse. >> Yeah. Okay. So basically you're going to take your physical world into the metaverse. You're going to be able to, as you just mentioned, acquire things- I loved your WOW example. And so let's stay on this for a bit, if we may, of course, Facebook spawned a lot of speculation and discussion about the concept of the metaverse and really, as you pointed out, it's not new. You talked about why second life, really started in 2003, and it's still around today. It's small, I read recently, it's creators coming back into the company and books were written in the early 90s that used the term metaverse. But Nick, talk about how you see this evolving, what role you hope to play with your company and your community in the future, and who builds the metaverse, when is it going to be here? >> Yeah, so, I mean, right now, and we actually just got back from CES last week. And the Metaverse is a very big buzzword. You're going to see a lot of integration of what people are calling, quote unquote, the metaverse. And there was organizations that were showing virtual office space, virtual malls, virtual concerts, and those types of experiences. And the one thing right now that I don't think that a lot of organizations have grasp is how to make one metaverse. There's no real player one, if you will always this yet, There's a lot of organizations that are creating their version of the metaverse, which then again, just like every other software and game vendor out there has their version of cryptocurrency and their version of NFTs. You're going to see it start to pop up, especially as Oculus is going to come down in price, especially as you get new technologies, like some of the VR glasses that look more augmented reality and look more like regular glasses that you're wearing, things like that, the easier that those technologies become as in adopting into our normal lifestyle, as far as like looks and feels, the faster that stuff's going to actually come out to the world. But when it comes to like, what we're doing is we believe that the metaverse should actually span multiple different blockchains, multiple different segments, if you will. So what ORE system is doing, is we're actually building the underlying architecture and technologies for developers to bring their metaverse too. You can leverage the ORE Systems NFTs, where we like to call our utility NFTs as an in-game item in one game, or you can take it over and it could be a t-shirt in another game. The ability for having that cross support within the ecosystem is what really no one has grasp on yet. Most of the organizations out there are using a very classic business model. Get the user in the game, make them spend their money in the game, make all their game stuff as only good in their game. And that's where the developer has you, they have you in their bubble. Our goal, and what we like to affectionately say is, we want to bring white collar tools and technology to blue collar folks, We want to make it simple. We want to make it off the shelf, and we want to make it a less cost prohibitive, faster, and cheaper to actually get out to all the users. We do it by supporting the technology. That's our angle. If you support the technology and you support the platform, you can build a community that will build all of the metaverse around them. >> Well, and so this is interesting because, if you think about some of the big names, we've Microsoft is talking about it, obviously we mentioned Facebook. They have essentially walled gardens. Now, yeah, okay, I could take Tik Tok and pump it into Instagram is fine, but they're really siloed off. And what you're saying is in the metaverse, you should be able to buy a pair of sneakers in one location and then bring it to another one. >> Absolutely, that's exactly it. >> And so my original kind of investment in attractiveness, if you will, to crypto, was that, the little guy can get an early, but I worry that some of these walled gardens, these big internet giants are going to try to co-op this. So I think what you're doing is right on, and I think it's aligned with the objectives of consumers and the users who don't want to be forced in to a pen. They want to be able to live freely. And that's really what you're trying to do. >> That's exactly it. You know, when you buy an item, say a Skin in Fortnite or Skin in Call of Duty, it's only good in that game. And not even in the franchise, it's only good in that version of the game. In the case of what we want to do is, you can not only have that carry over and your character. So say you buy a really cool shirt, and you've got that in your Call of Duty or in our case, we're really Osiris Protocol, which is our proof of concept video game to show that this all thing actually works, but you can actually go in and you can get a gun in Osiris Protocol. And if we release, Osiris Protocol two, you'll be able to take that to Osiris Protocol two. Now the benefit of that is, is you're going to be the only one in the next version with that item, if you haven't sold it or traded it or whatever else. So we don't lock you into a game. We don't lock you into a specific application. You own that, you can trade that freely with other users. You can sell that on the open market. We're embracing what used to be considered the black market. I don't understand why a lot of video games, we're always against the skins and mods and all the rest. For me as a gamer and coming up, through the many, many years of various different Call of Duties and everything in my time, I wish I could still have some this year. I still have a World of Warcraft account. I wasn't on, Vanilla, Burning Crusade was my foray, but I still have a character. If you look at it that way, if I had that wild character and that gear was NFTs, in theory, I could actually pass that onto my kid who could carry on that character. And it would actually increase in value because they're NFT back then. And then if needed, you could trade those on the open market and all the rest. It just makes gaming a much different thing. >> I love it. All right, Nick, hey, we're out of time, but I got to say, Nick Donarski, thanks so much for coming on the program today, sharing your insights and really good luck to you and building out your technology platform and your community. >> Thank you, sir, it's been an absolute pleasure. >> And thank you for watching. Remember, all these episodes are available as podcasts, just search "Breaking Analysis Podcast", and you'll find them. I publish pretty much every week on siliconangle.com and wikibond.com. And you can reach me @dvellante on Twitter or comment on my LinkedIn posts. You can always email me david.vellante@siliconangle.com. And don't forget, check out etr.plus for all the survey data. This is Dave Vellante for theCUBE Insights, powered by ETR, happy 2022 be well, and we'll see you next time. (upbeat music)

>> From theCUBE studios in Palo Alto in Boston, bringing you data-driven insights from theCUBE in ETR. This is Breaking Analysis with Dave Vellante. >> Despite the more than $100 billion spent each year fighting Cyber-crime. When we do an end-of-the year look back and ask "How did we do?" The answer is invariably the same, "Worse than last year." Pre pandemic, the picture was disheartening, but since March of 2020 the situation has only worsened as cyber-criminals have become increasingly sophisticated, better funded and more brazen. SecOps pros continue to fight, but unlike conventional wars, this one has no end. Now the flip side of course, is that markets continue to value cybersecurity firms at significant premiums. Because this huge market will continue to grow by double digits for the foreseeable future. Hello and welcome to this week's Wikibon theCUBE Insights powered by ETR. In this Breaking Analysis, we look at the state of cybersecurity in 2021 and beyond. We'll update you with the latest survey data from enterprise technology research and share the fundamentals that have investors piling into the security space like never before. Let's start with the customer view. Cybersecurity remains the number one priority for CIOs and CSOs. This latest ETR survey, once again asked IT buyers to rank their top priorities for the next 12 months. Now the last three polling period dating back to last March. Cybersecurity has outranked every top spending category, including cloud, data analytics, productivity software, networking, AI, and automation or RPA. Now this shouldn't surprise anybody, but it underscores the challenges that organizations face. Not only are they in the midst of a non-optional digital transformation, but they have to also fund a cyber war that has no ceasefires, no truces, and no exit path. Now there's much more going on in cybersecurity than ransomware, but certainly that has the attention of executives. And it's becoming more and more lucrative for attackers. Here's a snapshot of some of the more well-documented attacks this decade many which have occurred in very recent months. CNA Financial, they got hit earlier this year and paid a $40 million ransom. The Ireland Health Service also got hit this year and refused to pay the ransom, but it's estimated that the cost to recover and the damage to the organization exceeded half a billion dollars. The request was for a $20 million ransom. The JBS meat company hack, they paid $11 million. CWT travel paid $5 million. The disruption from the Colonial Pipeline company, was widely reported they paid more than $4 million, as the Brenntag, the chemical company. The NBA got hit. Computer makers, Quanta and Acer also. More than 2,000 random attacks were reported to the FBI in the first seven months of 2021. Up more than 60% from 2020. Now, as I've said many times, you don't have to be a genius to be a ransomware as today. Anyone can go on the dark web, tap into ransomware as a service. Attackers, they have insidious names like darkside, evil, the cobalt, crime gang, wizard spider, the Lazarus gang, and numerous others. Criminals they have negotiation services is most typically the attackers, they'll demand a specific amount of money but they're willing to compromise in an exchange of cryptocurrency for decryption keys. And as mentioned, it's not just ransomware supply chain attacks like the solar winds hack hit organizations within the U.S government and companies like Mimecast this year. Now, while these attacks often do end up in a ransom situation. The attackers sometimes find it more lucrative to live off the land and stealth fashion and ex filtrates sensitive data that can be sold or in the case of many financial institution attacks they'll steal information from say a chief investment officer that signals an upcoming trading strategy and then the attackers will front run that trade in the stock market. Now, of course phishing, remains one of the most prominent threats. Only escalated by the work from home trend as users bring their own devices and of course home networks are less secure. So it's bad, worse than ever before. But you know, if there's a problem, entrepreneurs and investors, they're going to be there to solve it. So here's a LinkedIn post from one of the top investors in the business, Mike Speiser. He was a founding investor in Snowflake. He helped get pure storage to escape velocity and many, many other successes. This hit my LinkedIn feed the other day, his company Sutter Hill Ventures is co-leading a 1.3 Series D on an $8.3 billion valuation. They're putting in over $200 million. Now Lacework is a threat detection software company that looks at security as a data problem and they monitor exposures across clouds. So very timely. So watch that company. They're going to soar. Now the right hand chart shows venture investments in cybersecurity over the past several years. You can see it exploded in 2019 to $7.6 billion. And people thought the market was peaking at that time, if you recall. But then investments rose a little bit to $7.8 billion in 2020 right in the middle of lockdown. And then the hybrid work, the cloud, the new normal thesis kicked in big time. It's in full gear this year. You can see nearly $12 billion invested in cybersecurity in the first half of 2021 alone. So the money keeps coming in as the problem gets worse and the market gets more crowded. Now we'd like to show this slide from Optiv, it's their security taxonomy. It'll make your eyes cross. It's so packed with companies in different sectors. We'll put a link in our posts, so you can stare at this. We've used this truck before. It's pretty good. It's comprehensive and it's worth spending some time to see what that landscape looks like. But now let's reduce this down a bit and bring in some of the ETR data. This is survey data from October that shows net score or spending momentum on the vertical axis and market share or pervasiveness in the dataset on the horizontal axis. That's a measure of mentioned share if you will. Now this is just isolated on the information security sector within the ETR taxonomies. No filters in terms of the number of responses. So it's every company that ETR picks up in cybersecurity from its buyer surveys. Now companies above that red line, we consider them to have a highly elevated spending momentum for their products and services. And you can see, there are a lot of companies that are in this map first of all, and several above that magic mark. So you can see the momentum of Microsoft and Palo Alto. That's most impressive because of their size, their pervasiveness in the study, Cisco and Splunk are also quite prominent. They don't have as much spending momentum, but they're pretty respectable. And you can see the companies that have been real movers in this market that we've been reporting on for a while. Okta, CrowdStrike, Zscaler, CyberArk, SailPoint, Authzero, all companies that we've extensively covered in previous breaking analysis episodes as the up and comers. And isn't it interesting that Datadog is now showing up in the vertical axis. You see that in the left-hand side up high, they're becoming more and more competitive to Splunk in this space as an alternative and lines are blurring between observability, log analytics, security, and as we previously reported even backup and recovery. But now let's simplify this picture a bit more and filter down a little bit further. This chart shows the same X, Y view. Same data construct and framework, but we required more than a hundred responses to hit the chart. So the companies, they have to have a notable market presence in the ETR survey. It's perhaps a bit less crowded, but still very packed. Isn't it? You can see firms that are less prominent in the space like Datadog fell off. The big companies we mentioned, obviously still prominent Microsoft, Palo Alto, Cisco and Splunk and then those with real momentum, they stand out a little bit. There's somewhat smaller, but they're gaining traction in the market. As we felt they would Okta and Auth zero, which Okta acquired as we reported on earlier this year, both showing strength as our CrowdStrike, Zscaler, CyberArk, which does identity and competition with Okta and SentinelOne, which went public mid this year. The company SentinelOne uses AI to do threat detection and has been doing quite well. SalePoint and Proofpoint are right on that red elevated line and then there's a big pack in the middle. Look, this is not an easy market to track. It's virtually every company plays in security. Look, AWS says some of the most advanced security in the business but they're not in the chart specifically, but you see Microsoft is. Because much of AWS security is built into services. Amazon customers heavily rely on the Amazon ecosystem which is in the Amazon marketplace for security products. And often they associate their security spend with those partners and not necessarily Amazon. And you'll see networking companies you see right there, like Juniper and the bottom there and in the ETR data set and the players like VMware in the middle of the pack. They've been really acquisitive for example, with carbon black. And the, of course, you've got a lot of legacy players like McAfee and RSA and IBM. Look, virtually every company has a security story and that will only become more common in the coming years. Now here's another look at the ETR data it's in the raw form, but it'll give you a sense of two things; One is how the data from the previous chart is plotted. And two, it gives you a time series of the data. So the data lists the top companies in the ETR data sets sorted by the October net score in the right most column. Again, that measures spending momentum. So to make the cut here, you had to have more than a hundred mentions which is shown on the left-hand side of the chart that shared N, IE that's shared accounts in the dataset. And you can track the data from last October, July of this year and the most recent October, 2021 survey. So we, drew that red line just about at the 40% net score market coincidentally, there are 10 companies that are over that figure over that bar. We sometimes call out the four star companies. We give four stars to those companies that both are in the top 10 and spending momentum and the top in prominence are shared N in the dataset. So some of these 10 would fit into that profile by that methodology, specifically, Microsoft, Okta, CrowdStrike, and Palo Alto networks. They would be the four star companies. Now a couple of other things to point out here, DDoS attacks, they're still relevant, and they're real threat. So a company like CloudFlare which is just above that red line they play in that space. Now we've also shaded the companies in the fat middle. A lot of these companies like Cisco and Splunk for example, they're major players in the security space with very strong offerings and customer affinity. We sometimes give them two stars. So this is what makes this market so interesting. It's not like the high end discourage market where literally every vendor in the Gartner magic quadrant is up in the right, okay. And there's only five or four or five, six vendors there. This market is diverse with many, many segments and sub segments, and it's such a vital space. And there's so many holes to fill with an ever changing threat landscape as we've seen in the last two years. So this is in part which makes it such a good market for investors. There's a lot of room for growth and not just from stealing market share. That's certainly an opportunity there, but things like cloud, multi-cloud, shifting end points, the edge ,and so forth make this space really ripe for investments. And to underscore this, we put together this little chart of some of the pure play security firms to see how their stock performance has done recently. So you can see that here, you know, it's a little hard to read, but it's not hard to see that Okta, CrowdStrike, Zscaler on the left have been big movers. These charts where possible all show a cross here, starting at the lockdown last year. The only exception is SentinelOne which IPO mid this year. So that's the point March, 2020 when the whole world changed and security priorities really started to shift to accommodate the work from home. But it's quite obvious that since the pandemic, these six companies have been on a tear for the fundamental reason that hybrid work has created a shift in spending priorities for CSOs. No longer are organizations just spending on hardening a perimeter, that perimeter has been blown away. The network is flattening. Work is what you do, it's no longer a place. As such threats are on the rise and cloud, endpoint security, identity access tools there become increasingly vital and the vendors who provide them are on the rise. So it's no surprise that the players that we've listed here which play quite prominently in those markets are all on fire. So now in summary, I want to stress that while the picture is sometimes discouraging. The entire world is becoming more and more tuned in to the cyber threat. And that's a good thing. Money is pouring in. Look, technology got us into this problem and technology is a defensive weapon that will help us continue this fight. But it's going to take more than technology. And I want to share something. We get dozens and dozens of in bounds this time of the year because we do an annual predictions posts. So folks and they want to help us out. So now most of the in bounds and the predictions that we get, they're just kind of observations or frankly, non predictions that can't really be measured as like where you right, or where you're wrong. So for the most part I like predictions that are binary. For example, last December we predicted their IT spending in 2021 would rebound and grow at 4% relative to 2020. Well, it did rebound but that prediction really wasn't as accurate as I'd like. It was frankly wrong. We think it's actually the market's going to actually grow. Spending's going to grow more like 7% this year. Not to worry plenty of our predictions came true, but we'll leave that for another day. Anyway, I got an email from Dean Fisk of Fisk partners. It's a PR firm representing an individual named Lyndon Brown chief of strategy officer of Pondurance. Pondurance is a security consultancy. And the email had the standard, Hey, in case you're working on a predictions post this year end, blah, blah, blah. But instead of sharing with me, a bunch of non predictions, the notes said here's some trends in cybersecurity that might be worth thinking about. And there were a few predictions sprinkled in there, but I wanted to call it a couple of the comments from Linden Brown, whom I don't know, I never met the guy, but I really thought his trends were spot on. The first was a stat I'll share that the United Nations report cyber crime is up 600% due to the pandemic. If as if I couldn't feel worse already. His first point though was that the hybrid workplace will be the new frontier for cyber. Yes, we totally agree. There are permanent shifts taking place. And we actually predicted that last year, but he further cited that many companies went from zero to full digital transformation overnight and many are still on that journey. And his point is that hybrid work is going to require a complete overhaul of how we think about security. We think this is very true. Now the other point that stood out is that governments are going to crack down on this behavior. And we've seen this where criminals have had their critical infrastructure dismantled by governments. No doubt the U.S government has the capabilities to do so. And it is very much focused on this issue. But it's tricky as Robert Gates, who was the former defense secretary, told me a few years back in theCUBE. He said, well, we have the best offense. We also have the most to lose. So we have to be very careful, but Linden's key point was you are going to see a much more forward and aggressive public policy and new laws that give crime fighters more latitude . Again, it's tricky kind of like the Patriot act was tricky but it's coming. Now, another call-out from Linden shares his assertion that natural disasters will bring increased cyber risk. And I thought this was a really astute point because natural disasters they're on the rise. And when there's chaos, there's cash opportunities for criminals. And I'll add to this that the supply chain risk is far from over. This is going to be continuing theme this coming year and beyond. And one of the things that Linden Brown said in his note to me is essentially you can't take humans out of the equation. Automation alone can't solve the problem, but some companies operate as though they can. Just as bad human behavior, can tramp good security, Good human education and behavior is going to be a key weapon in this endless war. Now the last point is we're going to see continued escalation government crackdowns are going to bring retaliation and to Gates' point. The U.S has a lot at stake. So expect insurance premiums are going to go through the roof. That's assuming you can even get cyber insurance. And so we got to hope for the best, but for sure, we have to plan for the worst because it's coming. Deploy technology aggressively but people in process will ultimately be the other ingredients that allow us to live to battle for another day. Okay. That's a wrap for today. Remember these episodes they're all available as podcasts, wherever you listen just search "breaking analysis" podcast. Check out ETR his website at ETR.plus. We also publish a full report every week on Wikibond.com and siliconangle.com. You can get in touch. Email me @david.volante@tsiliconangle.com or you can DM me @dvellante. Comment on our LinkedIn posts. This is Dave Vellante for theCUBE insights powered by ETR. Have a great week. everybody stay safe, be well. And we'll see you next time. (techno music)

>> From theCUBE studios in Palo Alto and Boston, bringing you data-driven insights from theCUBE in ETR. This is Breaking Analysis with Dave Vellante. >> Every CEO is figuring out the right balance for new hybrid business models. Now, regardless of the chosen approach, which is going to vary, technology executives, they understand they have to accelerate their digital and build resilience as well as optionality into their platforms. Now, this is driving a dramatic shift in IT investments. And at the macro level, we expect total spending to increase at as much as 8% or even more in 2021, compared to last year's contraction. Investments in cybersecurity, cloud collaboration that are enabling hybrid work as well as data, including analytics, AI, and automation are at the top of the spending priorities for CXOs. Hello everyone. And welcome to this week's Wiki Bond Cube insights, powered by ETR. In this Breaking Analysis, we're pleased to welcome back Erik Bradley, who is the chief engagement strategist at our partner, ETR. Now in this segment, we're going to share some of the latest findings from ETR's surveys and provide our commentary on what it means for the markets, for sellers, and for buyers. Erik, great to see you, my friend. Welcome back to Breaking Analysis. >> Thank you for having me, always enjoy it. We've got some fresh data to talk about on this beautiful summer Friday, so I'm ready to go. >> All right. I'm excited too. Okay, last year we saw a contraction in IT spending by at least 5%. And now we're seeing a snapback to, as I said, at least 8% growth relative to last year. You got to go back to 2007 just before the financial crisis to see this type of top line growth. The shift to hybrid work, it's exposed us to new insidious security threats. And we're going to discuss that in a lot more detail. Cloud migration of course picked up dramatically last year, and based on the recent earnings results of the big cloud players, for now we got two quarters of data, that trend continues as organizations are accelerating their digital platform build-outs, and this is bringing a lot of complexity and a greater need for so-called observability solutions, which Erik is going to talk about extensively later on in this segment. Data, we think is entering a new era of de-centralization. We see organizations not only focused on analytics and insights, but actually creating data products. Leading technology organizations like JP Morgan, they're heavily leaning into this trend toward packaging and monetizing data products. And finally, as part of the digital transformation trend, we see no slow down in spending momentum for AI and automation, generally in RPA specifically. Erik, anything you want to add to that top level narrative? >> Yeah, there's a lot to take on the macro takeaways. The first thing I want to state is that that 8, 8.5% number that started off at just 3 to 4% beginning of the year. So as the year has continued, we are just seeing this trend in budgets continue to accelerate, and we don't have any reason to believe that's going to stop. So I think we're going to just keep moving on heading into 2021. And we're going to see a banner year of spend this year and probably next as well. >> All right, now we're going to bring up a chart that shows kind of that progression here of spending momentum. So Erik, I'm going to let you comment on this chart that tracks those projections over time. >> Erik: Yeah. Great. So thank you very much for pulling this up. As you can see in the beginning part of the year, when we asked people, "What do you plan to spend throughout 2021?" They were saying it would be about a 4% increase. Which we were happy with because as you said last year, it was all negative. That continues to accelerate and is only hyper accelerating now as we head into the back half of the year. In addition, after we do this data, I always host a panel of IT end users to kind of get their feedback on what we collected, to a man, every one of them expects continued increase throughout next year. There are some concerns and uncertainty about what we're seeing right now with COVID, but even with that, they're planning their budgets now for 2022 and they're planning for even further increases going forward. >> Dave: Great, thank you. So we circled that 8%. That's really kind of where we thought it was going to land. And so we're happy with that number, but let's take a look at where the action is by technology sector. This chart that we're showing you here, it tracks spending priorities back to last September. When I believe that was the point, Erik, that cyber became the top priority in the survey, ahead of cloud collaboration, analytics, and data, and the other sectors that you see there. Now, Erik, we should explain. These areas, they're the top seven, and they outrank all the other sectors. ETR tracks many, many other sectors, but please weigh in here and share your thoughts on this data. >> Erik: Yeah. Security, security, security. It hasn't changed. It had really hasn't. The hybrid work. The fact that you're behind the firewall one day and then you're outside working from home the next, switching in and out of networks. This is just a field day for bad actors. And we have no choice right now, but to continue to spend, because as you're going to talk about in a minute, hybrid's here to stay. So we have to figure out a way to secure behind the firewall on-prem. We also have to secure our employees and our assets that are not in the office. So it is a main priority. One of the things that point out on this chart, I had a couple of ITN users talk to me about customer experience and automation really need to move from the right part of that chart to the left. So they're seeing more in what you were talking about in RPA and automation, starting to creep up heading into next year. As cloud migration matures, as you know, cybersecurity spending has been ramping up. People are going to see a little bit more on the analytics and a little bit more on the automation side going forward. >> Dave: Great. Now, this next data view- well, first of all, one of the great things about the ETR dataset is that you can ask key questions and get a time series. And I will tell you again, I go back to last March, ETR hit it. They were the first on the work from home trend. And so if you were on that trend, you were able to anticipate it. And a lot of investors I think took advantage of that. Now, but we've shown this before, but there's new data points that we want to introduce. So the data tracks how CIOs and IT buyers have responded to the pandemic since last March. Still 70% of the organizations have employees working remotely, but 39% now have employees fully returning to the office and Erik, the rest of the metrics all point toward positives for IT spending, although accelerating IT deployments there at the right peaked last year, as people realized they had to invest in the future. Your thoughts? >> Erik: Yeah, this is the slide for optimism, without a doubt. Of the entire macro survey we did, this is the most optimistic slide. It's great for overall business. It's great for business travel. This is well beyond just IT. Hiring is up. I've had some people tell me that they possibly can't hire enough people right now. They had to furlough employees, they had to stop projects, and they want to re accelerate those now. But talent is very hard to find. Another point to you about your automation and RPA, another underlying trend for there. The one thing I did want to talk about here is the hybrid workplace, but I believe there's another slide on it. So just to recap on this extremely optimistic, we're seeing a lot of hiring. We're seeing increased spending, and I do believe that that's going to continue. >> Yeah I'm glad you brought that up because a session that you and I did a while ago, we pointed out, it was earlier this year, that the skill shortage is one potential risk to our positive scenario. We'll keep an eye on that, but so I want to show another set of data that we've showed previously, but ETR again, has added some new questions in here. So note here that 60% of employees still work remotely with 33% in a hybrid model currently, and the CIO's expect that to land on about 42% hybrid workforce with around 30% working remotely, which is around, it's been consistent by the way on your surveys, but that's about double the historic norm, Eric. >> Erik: Yeah, and even further to your point Dave, recently I did a panel asking people to give me some feedback on this. And three of those four experts basically said to me, if we had greed run this survey right now, that even more people would be saying remote. That they believe that that number, that's saying they're expecting that number of people to be back in office, is actually too optimistic. They're actually saying that maybe if we had- cause as a survey launched about six, seven weeks ago before this little blip on the radar, before the little COVID hiccup we're seeing now, and they're telling me that they believe if we reran this now that it would be even more remote work, even more hybrid and less returned to the office. So that's just an update I wanted to offer on this slide. >> Dave: Yeah. Thank you for that. I mean, we're still in this kind of day to day, week to week, month to month mode, but I want to do a little double click on this. We're not going to share this data, but there was so much ETR data. We got to be selective. But if you double click on the hybrid models, you'll see that 50% of organizations plan to have time roughly equally split between onsite and remote with again around 30 or 31% mostly remote, with onsite space available if they need it. And Erik, very few don't plan to have some type of hybrid model, at least. >> Yeah, I think it was less than 10% that said it was going to be exclusively onsite. And again, that was a more optimistic scenario six, seven weeks ago than we're seeing right now throughout the country. So I agree with you, hybrid is here to stay. There really is no doubt about it. from everyone I speak to when, you know, I basically make a living talking to IT end users. Hybrid is here to stay. They're planning for it. And that's really the drive behind the spending because you have to support both. You have to give people the option. You have to, from an IT perspective, you also have to support both, right? So if somebody is in office, I need the support staff to be in office. Plus I need them to be able to remote in and fix something from home. So they're spending on both fronts right now. >> Okay. Let's get into some of the vendor performance data. And I want to start with the cloud hyperscalers. It's something that we followed pretty closely. I got some Wiki bond data, that we just had earnings released. So here's data that shows the Q2 revenue shares on the left-hand side in the pie and the growth rates for the big four cloud players on the right hand side. It goes back to Q1 2019. Now the first thing I want to say is these players generated just under $39 billion in the quarter with AWS capturing 50% of that number. I said 39, it was 29 billion, sorry, with AWS capturing 50% of that in the quarter. As you're still tracking around a third in Alibaba and GCP in the, you know, eight or 9% range. But what's most interesting to me, Erik, is that AWS, which generated almost 15 billion in the quarter, was the only player to grow its revenue, both sequentially and year over year. And Erik, I think the street is missing the real story here on Amazon. Amazon announced earnings on Thursday night. The company had a 2% miss on the top line revenues and a meaningful 22% beat on earnings per share. So the retail side of the business missed its revenue targets, so that's why everybody's freaked out. But AWS, the cloud side, saw a 4% revenue beat. So the stock was off more than 70% after hours and into Friday. Now to me, a mix shift toward AWS, that's great news for investors. Now, tepid guidance is a negative, but the shift to a more profitable cloud business is a huge positive. >> Yeah, there's a lot that goes into stock price, right? I remember I was a director of research back in the day. One of my analysts said to me, "Am I crazy for putting a $1,000 target on Amazon?" And I laughed and I said, "No, you're crazy if you don't make it $2,000." (both chuckling) So, you know, at that time it was basically the mix shift towards AWS. You're a thousand percent right. I think the tough year over year comps had something to do with that reaction. That, you know, it's just getting really hard. What's that? The law of large numbers, right? It's really hard to grow at that percentage rate when you're getting this big. But from our data perspective, we're seeing no slowdown in AWS, in cloud, none whatsoever. The only slowdown we're seeing in cloud is GCP. But to, you know, to focus on AWS, extremely strong across the board and not only just in cloud, but in all their data products as well, data and analytics. >> Yeah and I think that the AWS, don't forget folks, that funds Amazon's TAM expansion into so many different places. Okay. As we said at the top, the world of digital and hybrid work, and multi-cloud, it's more complicated than it used to be. And that means if you need to resolve issues, which everybody does, like poor application performance, et cetera, what's happening at the user level, you have to have a better way to sort of see what's going on. And that's what the emergence of the observability space is all about. So Erik, let me set this up and you have a lot of comments here because you've recently had some, and you always have had a lot of round table discussions with CXOs on this topic. So this chart plots net score or spending momentum on the vertical axis, and market share or pervasiveness in the dataset on the horizontal axis. And we inserted a table that shows the data points in detail. Now that red dotted line is just sort of Dave Vellante's subjective mark in the sand for elevated spending levels. And there are three other points here. One is Splunk as well off is two-year peak, as highlighted in the red, but Signal FX, which Splunk acquired, has made a big move northward this last quarter. As has Datadog. So Erik, what can you share with us on this hot, but increasingly crowded space? >> Yeah. I could talk about the space for a long time. As you know, I've gotten some flack over the last year and a half about, you know, kind of pointing out this trend, this negative trend in Splunk. So I do want to be the first one to say that this data set is rebounding. Splunk has been horrific in our data for going back almost two years now, straight downward trend. This is the first time we're seeing any increase, any positivity there. So I do want to be fair and state that because I've been accused of being a little too negative on Splunk in the past. But I would basically say for observability right now, it's a rising tide lifts all boats, if I can use a New England phrase. The data across the board in analytics for these observability players is up, is accelerating. None more so than Datadog. And it's exactly your point, David. The complexity, the increased cloud migration is a perfect setup for Datadog, which is a cloud native. It focuses on microservices. It focuses on cloud observability. Old Splunk was just application monitoring. Don't get me wrong, they're changing, but they were on-prem application monitoring, first and foremost. Datadog came out as cloud native. They, you know, do microservices. This is just a perfect setup for them. And not only is Datadog leading the observability, it's leading the entire analytics sector, all of it. Not just the observability niche. So without a doubt, that is the strongest that we're seeing. It's leading Dynatrace new Relic. The only one that really isn't rebounding is Cisco App Dynamics. That's getting the dreaded legacy word really attached to it. But this space is really on fire, elastic as well, really doing well in this space. New Relic has shown a little bit of improvement as well. And what I heard when I asked my panelists about this, is that because of the maturity of cloud migration, that this observability has to grow. Spending on this has to happen. So they all say the chart looks right. And it's really just about the digital transformation maturity. So that's largely what they think is happening here. And they don't really see it getting, you know, changing anytime soon. >> Yeah, and I would add, and you see that it's getting crowded. You saw a service now acquired LightStep, and they want to get into the game. You mentioned, you know, last deck of the elk stack is, you know, the open source alternative, but then we see a company who's raised a fair amount of money, startup, chaos search, coming in, going after kind of the complexity of the elk stack. You've got honeycomb, which has got a really innovative approach, Jeremy Burton's company observes. So you have venture capital coming in. So we'll see if those guys could be disruptive enough or are they, you know, candidates to get acquired? We'll see how that all- you know that well. The M and A space. You think this space is ripe for M and A? >> I think it's ripe for consolidation, M and A. Something has to shake out. There's no doubt. I do believe that all of these can be standalone. So we shall see what's happened to, you mentioned the Splunk acquisition of Signal FX, just a house cleaning point. That was really nice acceleration by Signal FX, but it was only 20 citations. We'd looked into this a little bit deeper. Our data scientists did. It appears as if the majority of people are just signaling spunk and not FX separately. So moving forward for our data set, we're going to combine those two, so we don't have those anomalies going forward. But that type of acquisition does show what we should expect to see more of in this group going forward. >> Well that's I want to mention. That's one of the challenges that any data company has, and you guys do a great job of it. You're constantly having to reevaluate. There's so much M and A going on in the industry. You've got to pick the right spots in terms of when to consolidate. There's some big, you know, Dell and EMC, for example. You know, you've beautifully worked through that transition. You're seeing, you know, open shift and red hat with IBM. You just got to be flexible. And that's where it's valuable to be able to have a pipeline to guys like Erik, to sort of squint through that. So thank you for that clarification. >> Thank you too, because having a resource like you with industry knowledge really helps us navigate some of those as well for everyone out there. So that's a lot to do with you do Dave, >> Thank you. It's going to be interesting to watch Splunk. Doug Merritt's made some, you know, management changes, not the least of which is bringing in Teresa Carlson to run go to market. So if you know, I'd be interested if they are hitting, bouncing off the bottom and rising up again. They have a great customer base. Okay. Let's look at some of the same dimensions. Go ahead. You got a comment? >> A few of ETR's clients looked at our data and then put a billion dollar investment into it too. So obviously I agree. (Dave laughing) Splunk is looking like it's set for a rebound, and it's definitely something to watch, I agree. >> Not to rat hole in this, but I got to say. When I look back, cause theCUBE gives us kind of early visibility. So companies with momentum and you talk to the customers that all these shows that we go to. I will tell you that three companies stood out last decade. It was Splunk. It was Service Now and Tableau. And you could tell just from just discussions with their customers, the enthusiasm in that customer base. And so that's a real asset, and that helps them build them a moat. So we'll see. All right, let's take a look at the same dimensions now for cyber. This is cybersecurity net score in the vertical, and market share in the horizontal. And I filtered by in greater than a hundred shared in because just gets so crowded. Erik, the only things I would point out here is CrowdStrike and Zscaler continue to shine, CyberArk also showing momentum over that 40% line. Very impressively, Palo Alto networks, which has a big presence in the market. They've bounced back. We predicted that a while back. Your round table suggested people like working with Palo Alto. They're a gold standard. You know, we had reported earlier on that divergence with four to net in terms of valuation and some of the challenges they had in cloud, clearly, you know, back with the momentum. And of course, Microsoft in the upper, right. It's just, they're literally off the charts and obviously a major player here, but your thoughts on cyber? >> Erik: Yeah. Going back to the backdrop. Security, security, security. It has been the number one priority going back to last September. No one sees it changing. It has to happen. The threat vectors are actually expanding and we have no choice but to spend here. So it is not surprising to see. You did name our three favorite names. So as you know, we look at the dataset, we see which ones have the most positive inflections, and we put outlooks on those. And you did mention Zscaler, Okta and CrowdStrike, by far the three standouts that we're seeing. I just recently did a huge panel on Okta talking about their acquisition of Auth Zero. They're pushed into Sale Point space, trying to move just from single sign on and MFA to going to really privileged account management. There is some hurdles there. Really Okta's ability to do this on-prem is something that a little bit of the IT end users are concerned about. But what we're seeing right now, both Okta and Auth Zero are two of the main adopted names in security. They look incredibly well set up. Zscaler as well. With the ZTNA push more towards zero trust, Zscaler came out so hot in their IPO. And everyone was wondering if it was going to trail off just like Snowflake. It's not trailing off. This thing just keeps going up into the right, up into the right. The data supports a lot of tremendous growth for the three names that you just mentioned. >> Yeah. Yeah. I'm glad you brought up Auth Zero. We had reported on that earlier. I just feel like that was a great acquisition. You had Okta doing the belly to belly enterprise, you know, selling. And the one thing that they really lacked was that developer momentum. And that's what Auth Zero brings. Just a smart move by Todd McKinnon and company. And I mean, so this, you know, I want to, I want to pull up another chart show a quick snapshot of some of the players in the survey who show momentum and have you comment on this. We haven't mentioned Snowflake so far, but they remain again with like this gold standard of net score, they've consistently had those high marks with regard to spending velocity. But here's some other data. Erik, how should we interpret this? >> Erik: Yeah, just to harp on Snowflake for a second. Right, I mean the rich get richer. They came out- IPO was so hyped, so it was hard for us as a research company to say, "Oh, you know, well, you know, we agree." But we did. The data is incredible. You can't beat the management team. You can't beat what they're doing. They've got so much cash. I can't wait to see what they do with it. And meanwhile, you would expect something that debuted with that high of a net score, that high of spending velocity to trail off. It would be natural. It's not Dave, it's still accelerating. It's gone even higher. It's at all time highs. And we just don't see it stopping anytime soon. It's a really interesting space right now. Maybe another name to look at on here that I think is pretty interesting, kind of a play on return to business is Kupa. It's a great project expense management tool that got hit really hard. Listen, traveling stopped, business expense stopped, and I did a panel on it. And a lot of our guys basically said, "Yeah, it was the first thing I cut." But we're seeing a huge rebound in spending there in that space. So that's a name that I think might be worth being called out on a positive side. Negative, If you look down to the bottom right of that chart, unfortunately we're seeing some issues in RingCentral and Zoom. Anything that's sort of playing in this next, you know, video conferencing, IP telephony space, they seem to be having really decelerating spending. Also now with Zoom's acquisition of five nine. I'm not really sure how RingCentral's going to compete on that. But yeah, that's one where we debuted for the first time with a negative outlook on that name. And looking and asking to some of the people in our community, a lot of them say externally, you still need IP telepany, but internally you don't. Because the You Cast communication systems are getting so sophisticated, that if I have Teams, if I have Slack, I don't need phones anymore. (chuckling) That you and I can just do a Slack call. We can do a Teams call. And many of them are saying I'm truly ripping out my IP Telepany internally as soon as possible because we just don't need it. So this whole collaboration, productivity space is here to stay. And it's got wide ranging implications to some of these more legacy type of tools. >> You know, one of the other things I'd call out on this chart is Accenture. You and I had a session earlier this year, and we had predicted that that skill shortage was going to lead to an uptick in traditional services. We've certainly seen that. I mean, IBM beat its quarter on the strength of services largely. And seeing Accenture on that is I think confirmation. >> Yeah that was our New Year prediction show, right Dave? When we made top 10 predictions? >> That's right. That was part of our predictions show. Exactly, good memory. >> The data is really showing that continue. People want the projects, they need to do the projects, but hiring is very difficult. So obviously the number one beneficiary there are going to be the Accentures of the world. >> All right. So let's do a quick wrap. I'm going to make a few comments and then have you bring us home, Erik. So we laid out our scenario for the tech spending rebound. We definitely believe last year tracked downward, along with GDP contraction. It was interesting. Gardner doesn't believe, at least factions of Gardner don't believe there's a correlation between GDP and tech spending. But, you know, I personally think there generally is some kind of relatively proportional pattern there. And I think we saw contraction last year. People are concerned about inflation. Of course, that adds some uncertainty. And as well, as you mentioned around the Delta variant. But I feel as though that the boards of directors and CEOs, they've mandated that tech execs have to build out digital platforms for the future. They're data centric. They're highly automated, to your earlier points. They're intelligent with AI infused, and that's going to take investment. I feel like the tech community has said, "Look, we know what to do here. We're dealing with hybrid work. We can't just stop doing what we're doing. Let's move forward." You know, and as you say, we're flying again and so forth. You know, getting hybrid right is a major priority that directly impacts strategies. Technology strategies, particularly around security, cloud, the productivity of remote workers with collaboration. And as we've said many times, we are entering a new era of data that's going to focus on decentralized data, building data products, and Erik let's keep an eye on this observability space. Lot of interest there, and buyers have a number of choices. You know, do they go with a specialist, as we saw recently, we've seen in the past, or did they go with the generalist like Service Now with the acquisition of LightStep? You know, it's going to be interesting. A lot of people are going to get into this space, start bundling into larger platforms. And so as you said, there's probably not enough room for all the players. We're going to see some consolidation there. But anyway, let me give you the final word here. >> Yeah, no, I completely agree with all of it. And I think your earlier points are spot on, that analytics and automation are certainly going to be moving more and more to that left of that chart we had of priorities. I think as we continue that survey heading into 2022, we'll have some fresh data for you again in a few months, that's going to start looking at 2022 priorities and overall spend. And the one other area that I keep hearing about over and over and over again is customer experience. There's a transition from good old CRM to CXM. Right now, everything is digital. It is not going away. So you need an omni-channel support to not only track your customer experience, but improve it. Make sure there's a two way communication. And it's a really interesting space. Salesforce is going to migrate into it. We've got Qualtrics out there. You've got Medallia. You've got FreshWorks, you've got Sprinkler. You got some names out there. And everyone I keep talking to on the IT end user side keeps bringing up customer experience. So let's keep an eye on that as well. >> That's a great point. And again, it brings me back to Service Now. We wrote a piece last week that's sort of, Service Now and Salesforce are on a collision course. We've said that for many, many years. And you've got this platform of platforms. They're just kind of sucking in different functions saying, "Hey, we're friends with everybody." But as you know Erik, software companies, they want to own it all. (both chuckling) All right. Hey Erik, thank you so much. I want to thank you for coming back on. It's always a pleasure to have you on Breaking Analysis. Great to see you. >> Love the partnership. Love the collaboration. Let's go enjoy this summer Friday. >> All right. Let's do. Okay, remember everybody, these episodes, they're all available as podcasts, wherever you listen. All you got to do is search Breaking Analysis Podcast, click subscribe to the series. Check out ETR's website at etr.plus. They've just launched a new website. They've got a whole new pricing model. It's great to see that innovation going on. Now remember we also publish a full report every week on WikiBond.com and SiliconAngle.com. You can always email me, appreciate the back channel comments, the metadata insights. David.Vellante@SiliconAngle.com. DM me on Twitter @DVellante or comment on the LinkedIn posts. This is Dave Vellante for Erik Bradley and theCUBE insights powered by ETR. Have a great week, a good rest of summer, be well. And we'll see you next time. (inspiring music)

from the cube studios in palo alto in boston bringing you data-driven insights from the cube and etr this is breaking analysis with dave vellante as you well know by now the cloud is about shifting i.t labor to more strategic initiatives or as andy jassy laid out years ago removing the undifferentiated heavy lifting associated with deploying and managing i.t infrastructure cloud is also about changing the operating model and rapidly scaling a business operation or a company often overlooked with cloud however is the innovation piece of the puzzle a main source of that innovation is venture funded startup companies that have brilliant technologists who are mission driven and have a vision to solve really hard problems and enter a large market at scale to disrupt it hello everyone and welcome to this week's wikibon cube insights powered by etr in this breaking analysis we're pleased to welcome a special guest and author of the elite 80. a report that details the hottest privately held cyber security and i.t infrastructure companies in the world eric suppenger is that author and joins us today from jmp securities eric welcome to the cube thanks for being here thank you very much dave i'm uh i'm looking forward to uh to having a discussion here with you yeah me too this is going to be great so let's dive right into the elite 80. first if you could tell us about jmp securities and fill us in on the report its history your approach to picking the 80 companies out of thousands of choices sure so jmp is a middle markets investment bank we're a full full-service investment bank based in san francisco we were founded in 2000 and we focus on technology health care financial services and real estate i've been with jmp since 2011. um i've uh i've i cover uh cyber security companies public companies uh i cover uh it infrastructure companies uh more broadly and um we have having been based here in san francisco i've long kept uh a good dialogue with uh private companies uh that that compete with the public companies that i cover and so um about seven years ago i i started uh developing this uh this report which is really designed to highlight uh emerging uh private companies that uh that i think are are well positioned to be leaders in their respective markets and uh and over time we've um we've built the list up to about 80 companies and uh and we publish this report every year uh it's designed to uh to keep tabs on on the companies that are doing well and uh and we rotate about uh about 15 to 20 to 25 percent of the companies uh out of the report every year either as they get acquired or they do an ipo or um uh they uh they if we think that they are slowing and others are getting a little bit more uh more exciting and you talk directly to the companies that's part of your methodology as well you do a lot of background research digging into funding but you also talk to the executives at these companies correct yes for the most part we uh we try to talk to the ceos at least the cfos the object here is to build a a relationship with these companies so that we have some good insights into uh into how they're doing and and how the market trends are evolving as they relate to those companies in particular some of the some of the dynamics that go into us selecting companies is one we do have to talk to the management teams uh two we uh we we base our decisions on who we include on how the companies are performing on how their competitors are uh are are discussing those companies their performance uh how other industry contacts talk about those companies and then we we track their hiring and uh and and how they've uh you know other metrics that we can uh we can gauge them by got it okay so i dug into the report a little bit and tried to summarize a few key takeaways so let's take a look at those and if if you allow me just set up the points and then and ask you to add some color so the first two things that really you know jumped out i want to comment on are the perspectives of the technology companies and then of course the other side is the buyers so it seems that the pandemic really got startups to sharpen their focus i remember talking to a number of vcs early on in the shutdown and they were all over their portfolio companies to reset their icp their ideal customer profile and sharpen their uvp their unique value proposition and they wanted them to do that specifically in the context of the pandemic and the new reality and then on the buy side let's face it if you weren't a digital business you were out of business so picking up on those two thoughts eric what can you share with us in terms of the findings that you have well that's that's very uh consistent with what we had found uh basically um when the pandemic first when the lockdown came uh in march we reached out to quite a few companies and industry contacts at that time feedback was uh you know it was uh it was a period of great uncertainty and a lot of a lot of budgets were were tightened pretty quickly but it didn't take very long and a lot of these companies uh you know having been uh innovation engines and and emerging players what they found was that uh the broader market quickly adopted uh digital transformation in response to the pandemic basically that was how they they uh facilitated uh keeping their their doors open so to speak and so um the ones that were able to uh to leverage uh need for emerging technologies because of an acceleration in digital transformation uh they they really stepped up and and quite a few of these companies they kept hiring they kept uh their sales uh did very well and uh and ultimately um a lot of the vcs that had been uh putting on the brakes uh they actually stepped up and uh and and continued funding uh pretty generously yeah we've got some data on that that we wanna look into so thank you for that now let's take a look at some of the the specific date of the study just break that down the elite 80 raised more than three billion dollars last year eclipsing the previous highs in your studies of 2019 and then a big portion of that capital went to pretty small number only 10 of the 80 firms and and most of that went to cyber security plays so what do you make of these numbers especially you know given your history with with this group of elite companies and the high concentration this year this past year so one of the trends that we've seen in the public in the public market or the ipo market is um companies are are waiting until they're a little bit more mature than they used to be so what we've seen is um the the funding for companies uh the the larger rounds are far larger than they used to be these companies typically are waiting until they're of size you know maybe now they're waiting to be uh 200 million uh in annual salary in annual revenues versus a 100 million before and so they are consuming quite a bit the larger rounds are are much bigger than they used to be um in the in the most recent uh report that we published we had uh one round that was over half a billion and another one that was over 400 million and if you go back just a couple of few years ago a large round was over 100 million and you didn't get too many that were over 200 million so that's that's been a distinct change and and i think that's not necessarily just a function of the pandemic but i think the pandemic caused caused some companies to kind of step up the size of their rounds uh and so there were a handful of uh very large rounds uh certainly bigger than what we've ever seen before yeah those are great observations i mean you're right it was 100 million used to be the magic number to go public and now you get so much late money coming in locking in maybe smaller gains but giving that company you know a little more time to get their act together pre-ipo let's take a look at where the money went you know talk about follow the money and eric you and your team you segmented that three billion dollars into a number of different categories as i said most of it go into cyber security uh categories like application security is assessment and risk there's endpoint endpoint boomed during the pandemic same with identity and this chart really shows those categories that you created to better understand these dynamics and sort of figure out where the money went how did you come up with these these categories and what does this data tell you so these categories were basically uh homegrown these are how i um i think of these companies um it's a little bit of uh pulling some information out of uh the likes of gartner but uh for the most part this was how i how i conceptualize the landscape uh in my mind um the interesting thing to me is you know so a lot of that data is skewed by a few large transactions so um you know if you if you think about the the the allocation of those uh those different categories and and the uh investments in those categories it's it's skewed by large transactions and what was most interesting to me was one the application security space is a space that had quite a few additional smaller rounds and i think that's one that's pretty interesting going forward and then the one that was a surprise to me more than that was the data management um outside of cyber security uh data management's a space that's getting uh a lot more attention and uh and it's getting um uh some pretty good uh growth so that's a space that we're uh we're paying some good good attention to as well yeah that's interesting i mean of course data management means a lot of different things to a lot of different people and vc's throwing money at it maybe trying to define it and then and then the the the ai ops and and the that data management piece you know took a took a portion of it but wow the the cyber guys really are are killing it and now as we mentioned ten companies sucked up the lion's share of of the funding and this next chart shows that concentration of those 10 investments so eric some big numbers here one trust secured more than a half a billion dollars four others nabbed more than a quarter billion in funding give us your thoughts on this what do you make of that high concentration well um i i think this is a function of companies that are waiting uh longer than they used to um they're these these companies are getting to be of considerable scale i mean titanium would be a good example that's a company that could have gone public years ago and uh and i don't think they're particularly eager to get out the door uh they provide liquidity to their previous investors by raising money and uh and and buying those shares back um and so they uh they basically uh just continue to uh to grow uh without the uh the burden or or the um uh the demands that being a public company create um so there's this that's that's really a function of of companies just waiting longer before they get out the door got it now here's another view of that that data the so the left side of this chart uh that we we want to show you next um gives you a sense of the size of the companies the revenue in the elite 80 and you know most of these companies have broken through the 100 million dollar revenue mark as you say uh and they're they're still private and so you can see the breakdown and then the right-hand side of the chart shows the most active investors we just pulled out those with three or more transactions and it's it's interesting to see the players there and of course you've got some strategics you got city in there you've got cisco along with a little bit of p and e private equity action maybe your thoughts on on on this data so so to give you a little flavor around the uh the size of these companies when we first started publishing this report a little bit of the goal was to try to keep those categories relatively equal and as you can see they've skewed uh far to the left uh towards the uh to the larger revenue stream you know size so that's that just goes to the point that um uh the the companies that uh you know that are getting that a lot of these private companies uh they're they're of saw considerable size before they uh they really go out the door and and i think that's a reflection of um of the caliber of uh of or the quality of investments that uh that are out there today these are companies that have built very mature businesses and they're not going into the market until um until they can demonstrate uh high confidence and uh and consistency in their performance yeah i mean you i remember when when cloudera took that massive i think it was the 750 billion a million dollar investment from uh from intel you know way back when they that bridged them to ipo and that was sort of if i recall started that that trend and then now you get a ipo last year like snowflake which is price to perfection and you got guys that really know how to do this they've done it a number of times and so it really is somewhat changed that that dynamic uh for ipos which of course came booming back it was so quiet there for so many years but let's look into these markets a bit um i want to talk about the security space and the i.t infrastructure space and here's a chart from optiv which is one of the elite 80 ironically and we've shared this with with our audience before and the point of this is that the cyber security spaces it's highly fragmented we've reported on this a lot it's got hundreds and hundreds of companies in there it's just mosaic of solutions so very complicated and bespoke sets of tooling and combine that with a lack of skilled expertise you know csos tell us the lack of talent is their biggest challenge makes it a really dynamic market and eric this is part of the reason why vcs they want in so the takeaway i get from that chart is we have a lot of um we still have a great need for best of breed um digital transformation uh cloud mobile all these trends are creating such a disruption that there's still a great opportunity for somebody that can deliver a uh you know a real best of the best of breed uh solution uh in spite of uh all the challenges that uh id it departments are having with trying to uh to meet you know security requirements and things like that uh the the world has embraced uh you know digital delivery and uh you are your success is oftentimes dependent on your your digital differentiation and if that's the case then there's always going to be opportunity for a better technology out there so that's that in the end is uh is why uh optiv has a uh a line card that's uh as as long as you can read it i'm glad you brought the point about best of breeze it's an age-old debate in the industry it's do we go best of breed or do we go you know integrated suites you know you look at a company like microsoft obviously that that works very well for them uh companies like cisco but so this next uh set of data we're gonna bring in some etr customer spending data and see where the momentum is and i think it'll really underscore the points that you're making there in terms of best of breed this chart shares a popular view that we like to to share with our community on the vertical axis is net score or that's spending velocity and the horizontal axis shows market share or pervasiveness in the data as we've said before anything above 40 percent that red line on the vertical axis is considered elevated and you can see a lot of companies in cyber security are above that mark now a couple points i want to make here before we bring eric back in first is the market it's fragmented but it's pretty large at over 100 billion dollars depending on which research firm you look at it's growing at you know the low double digits so so nice growth is putting on 10 billion dollars a year into that number and there are some big pure plays like palo alto networks and fortinet but the market includes some other large whales like cisco uh they've built up a sizeable security business microsoft microsoft's in most markets and serves its you know software customers so but you can see how crowded this market is now we've superimposed in the red recent valuations for some of the companies and and the other point we want to make is there's some big numbers here and some divergence between us eric was saying the the best of breed and the integrated suites and the pandemic as we've talked about a lot is fueled a shift in cyber strategies toward endpoint identity and cloud and you can see that in crowdstrike's 50 billion plus valuation octa another best of breed 34 billion dollars in identity they just bought off zero and paid four and a half billion dollars for auth0 to get access to the developer community z scaler at 28 billion proof point is going private at a 12 billion dollar number so you can see why vcs are pouring money into this market some really attractive valuations eric what are your thoughts on this data so my interpretation is that's that's just further validation that uh that these security markets are uh are getting disrupted and uh and the truth of the matter is there's only one um really well positioned uh platform player in there uh uh palo alto the rest of them are are platforms within their respective uh security technology space but uh you know there's there's not very many um you know broad security solution providers today and the reason for that is because we've got such a uh transformation going on uh across uh technology that the need for best of breed is uh is is getting recognized uh day in day out yeah you're right palo alto they're they csos love to work with palo alto they're kind of the high-end gold standard but and we reported last year on the divergence in valuations between fortinet and palo alto networks fortinet was doing a better job you know pivoting to the cloud we said palo alto will get its act together it did but then you see these pure play best of breeds really you know doing well so now let's take a look at the it infrastructure space and it's it's quite different in terms of the dynamics of the market so here's that same view of the etr data and we've cut it by uh three categories we cut on networking servers and storage and this is a very large market it's it's it's over 200 billion dollars but it's much more of an oligopoly in that you've got great concentration at the top you've got some really big companies like cisco and dell which is spinning out vmware so we're going to unlock you know more value of the core dell company dell's valuation is 79 billion and that includes its 80 ownership in vmware so you do the math and figure out what core dell is worth hpe is much smaller it's notable that its valuation is comparable to netapp netapp's around you know one-fifth the size of revenue-wise uh hpe now eric arista they stand out as the lone player that's having some success clearly against cisco what are your thoughts on on the infrastructure space so so a couple things i'll take away from that now first off uh you mentioned arista arista is a bit of an anomaly um a switching company you know a networking company that is in that upper echelon like you've pointed out above 40 percent it is it is unique and and basically they kind of cracked the code they figured out how to beat cisco at cisco's core competency which is traditionally switching switching and routing and they they did that by delivering a very differentiated uh uh hardware product um that that they were able to tap into some markets that uh that even cisco hasn't been able to open up and and those would be the hyperscale uh hyperscale you know hosting vendors like uh google and facebook and microsoft but i would i would put i would put arista kind of in a in a unique situation the other thing that i'll just point out that i think is an interesting takeaway from the um from the the the slide that you showed is there are some uh infrastructure or what i would consider is bordering on data management type companies i mean you look at uh rubric you look at cohesity and nutanix veeam they're they're all kind of bubbling up there and pure storage and i think that comes back to what i was mentioning earlier where there is some pretty interesting innovation going on in data management which has traditionally not had a lot of innovation so i would bet you those names would have bubbled up just in the last uh year or two where that's been a market that hasn't had a lot of innovation and and now there's some interesting things coming down the pipe you know that's interesting comments that you make in there because if you think back to sort of last decade arista obviously broke out the only two other companies in the in the core infrastructure space and this was a hardware game historically but it's obviously becoming a software game but take a look at pure storage and nutanix you can see their valuations at five billion and seven point four billion dollars respectively uh and then to your point cohesity you got them at 3.7 billion just did a recent you know round rubric 3.3 billion that's from 2019 and so you know presumably that's a higher valuation now veeam got taken out last january at five billion by uh inside capital uh and so i think they're doing very well and they're probably uh up from that and susa is going public at uh at a reported seven billion dollar valuation so quite a bit different dynamic in the infrastructure space so eric i want to bring it back to the elite 80 in in in in startups in general my first question to you is is what do you look for from successful startups to make this elite 80 list so a few factors first off uh their performance is uh is is one of the primary uh situations if it's a company that's not growing we'll we'll probably pull it from the list um i would say it is also very much a function of my perception of the quality of management uh we we do meet with all these management teams um if we feel like uh they're they're they're putting together a uh you know a um a leadership team that's gonna be around for a long time and they've got a product position that's uh pretty attractive uh those would certainly be two key aspects of what i look for beyond that uh certainly feedback that we get from competitors uh feedback that we get from industry contacts like resellers and then then i'd also just say my enthusiasm for their respective market that they're in if it's a a market that i think is is going to be difficult or flat or not very interesting then then that would certainly be a a reason to to not include them uh conversely even if it's a small company if it's if it's a sector that i think is going to be uh around for quite a while and it's very differentiated uh then we'll include um a lot of the smaller companies too well a good example that's like a weka i mean i don't want to i don't want to go into these companies but two because we believe we 80 companies are going to leave somebody else but that that's a good example of a smaller company that looks to be disruptive um how should enterprise customers the buyers do you think evaluate and filter startups you have any sense of that well um a couple things that i struggle with that that would be uh you know something that's a lot more readily available to them is uh is just the quality of the product i mean that's obviously uh why why they're looking at it but uh if it's a uh if it's a company that's got a a unique product that uh is is built uh you know that that can that can that works that would be the starting point then then beyond that it's also is it a management team is is the behavior of the company something that uh reflects a management team that's uh that's that's you know a high quality management team if they if they you know are responsive if they're following up if they're not trying to pull in business uh quickly if they're priced appropriately uh metrics like that would certainly be um key aspects that would be readily available to uh to the you know to the the buyers of technology beyond that um you know i think the viability of that market is going to be uh a key aspect as to whether or not that company is going to be around even if it's a good company if uh if it's a highly competitive uh market that's going to have some big big players that can kind of integrate it and to make it a feature across other other product lines then that's going to make it a a tough a tough road to to go for a start-up these days you know the other thing i wanted to to talk about was the risks and the rewards of working with with startup companies and i've had i've had cios and and enterprise architects tell me that they'll when when they have to do an rfp they'll pull out the gartner magic quadrant they'll always you know pick a couple in the top right just to cover their butts but they many say you know what we also pick some of those those in the challenger space because because that are that are really interesting to us and and we run them through the paces and we manage those risks we don't we don't run the company on them but it helps us find these diamonds in the rough i mean think about you know in the in this in the second part of last decade if you picked a snowflake you might have been able to get ahead of some of your competition things like data sharing or or maybe you found that that well you know what octa is going to help me with my identity in in a new way and you're going to be better prepared to be a digital business but do you have any thoughts on how uh people should manage those risks and and how they should think about the upside i don't i don't think today um a a you know a company can work today using legacy technologies i i think the risk the greater risk is falling behind from a a digital transformation perspective this this era i think the pandemic is probably the best proof point of this um you can't you can't go with just a uh a traditional legacy architecture in a in in a key aspect of your business and so the startups um i i think you've got to take the quote-unquote risk of working with a startup that's uh you know that's got a viability concern or sustainability concern uh the risk of of having a um uh an i.t infrastructure that's inadequate is uh is a far greater risk from my perspective so i think that the startups right now are are are in a very strong position and they're well funded that's the last question i wanted to talk about is how will startups kind of penetrate the enterprise in this modern era i mean you know this is really a software world and software is this sort of capital efficient business but yet you're seeing companies raise hundreds of millions of dollars i mean that's not even absurd these days you see companies go to ipo that have raised over a billion dollars and much of that if not most of it goes to promotion and go to market uh so so how maybe you could give us your perspectives on how you see startups getting into the enterprise in these sectors so i one of the really interesting things that we've seen in the last couple years is a lot of changes to sales models and and if you look at the mid market the ability to leverage viral sales models uh has been wildly successful for some companies um it's been um you know a great strategy uh there's a public company ubiquity that did a uh has built a multi-billion dollar uh you know business on on without without a sales organization so there's some pretty interesting um directions that i think sales and go to market is going to uh incur over the over the coming years uh traditional enterprise sales i think are still uh pretty standard today but i i think that the efficiency of um of you know social networking and and uh and and what would the the delivery of uh of products on on a digital for in a digital format is going to change the way that we do sales so i think i think there's a lot of efficiencies that are going to come in uh in sales over the coming years that's interesting because then you'll you know i i think you're right and and and instead of just just pouring money at promotion maybe get more efficient there and pour money in into engineering because that really is the long-term sustainable value that these companies are going to create right yeah i i would absolutely agree with that and um again if you look at the you know if you look at the charts of the well-established players that that you had mentioned those companies are where they are that the ones at the top are where they are because of their technology i mean it's it's not because of uh their go to market it's it's it's because they have something that other people can't uh can't replicate right well eric hey it's been great having you on today thanks so much for joining us really appreciate your time well dave i greatly appreciate it uh it's been a lot of fun so uh so thank you all right hey go get the elite 80 report all you got to do is search jmp elite 80 and it'll it'll come up there's a there's a lot of data out there so it's really a worthwhile reference tool and uh so thank you everybody for watching remember these episodes are all available as podcasts wherever you listen you can check out etr's website at etr dot plus and we also publish weekly a full report on wikibon.com and siliconangle.com you can email me david.velante at siliconangle.com or dm me on twitter at divalante hit up hit our linkedin post and really appreciate those comments this is dave vellante for the cube insights powered by etr have a great week everybody stay safe and we'll see you next time you

from the cube studios in palo alto in boston bringing you data-driven insights from the cube and etr this is breaking analysis with dave vellante the pandemic not only accelerated the shift to digital but also highlighted a rush of cyber criminal sophistication collaboration and chaotic responses by virtually every major company in the planet the solar winds hack exposed supply chain weaknesses and so-called island hopping techniques that are exceedingly difficult to detect moreover the will and aggressiveness of well-organized cyber criminals has elevated to the point where incident responses are now met with counterattacks designed to both punish and extract money from victims via ransomware and other criminal activities the only upshot is the cyber security market remains one of the most enduring and attractive investment sectors for those that can figure out where the market is headed and which firms are best positioned to capitalize hello everyone and welcome to this week's wikibon cube insights powered by etr in this breaking analysis we'll provide our quarterly update of the security industry and share new survey data from etr and thecube community that will help you navigate through the maze of corporate cyber warfare we'll also share our thoughts on the game of 3d chest that octa ceo todd mckinnon is playing against the market now we all know this market is complicated fragmented and fast moving and this next chart says it all it's an interactive graphic from optiv a denver colorado based si that's focused on cyber security they've done some really excellent research and put together this awesome taxonomy and mapped vendor names therein and this helps users navigate the complex security landscape and there are over a dozen major sectors high-level sectors within the security taxonomy in nearly 60 sub-sectors from monitoring vulnerability assessment identity asset management firewalls automation cloud data center sim threat detection and intelligent endpoint network and so on and so on and so on but this is a terrific resource and can help you understand where players fit and help you connect the dots in the space now let's talk about what's going on in the market the dynamics in this crazy mess of a landscape are really confusing sometimes now since the beginning of cyber time we've talked about the increasing sophistication of the adversary and the back and forth escalation between good and evil and unfortunately this trend is unlikely to stop here's some data from carbon black's annual modern bank heist report this is the fourth and of course now vmware's brand highlights the carbon black study since the acquisition and it catalyzed the creation of vmware's cloud security division destructive malware attacks according to the recent study are up 118 percent from last year now one major takeaway from the report is that hackers aren't just conducting wire fraud they are 57 of the bank surveyed saw an increase in wire fraud but the cyber criminals are also targeting non-public information such as future trading strategies this allows the bad guys to front run large block trades and profit it's become very lucrative practice now the prevalence of so-called island hopping is up 38 from already elevated levels this is where a virus enters a company's supply chain via a partner and then often connects with other stealthy malware downstream these techniques are more common where the malware will actually self-form with other infected parts of the supply chain and create actions with different signatures designed to identify and exfiltrate valuable information it's a really complex problem of major concern is that 63 of banking respondents in the study reported that responses to incidents were then met with retaliation designed to intimidate or initiate ransomware attacks to extract a final pound of flesh from the victim notably the study found that 75 percent of csos reported to the cio which many feel is not the right regime the study called for a rethinking of the right cyber regime where the cso has increased responsibility in a direct reporting line to the ceo or perhaps the co with greater exposure to boards of directors so many thanks to vmware and tom kellerman specifically for sharing this information with us this past week great work by your team now some of the themes that we've been talking about for several quarters are shown in the lower half of the chart cloud of course is the big driver thanks to work from home and the pandemic to pandemic and the interesting corollary of course is we see a rapid rethinking of endpoint and identity access management and the concept of zero trust in a recent esg survey two-thirds of respondents said that their use of cloud computing necessitated a change in how they approach identity access management now as shown in the chart from optiv the market remains highly fragmented and m a is of course way up now based on our research it looks like transaction volume has increased more than 40 percent just in the last five months so let's dig into the m a the merger and acquisition trends for just a moment we took a five month snapshot and we were able to count about 80 deals that were completed in that time frame those transactions represented more than 20 billion dollars in value some of the larger ones are highlighted here the biggest of course being the toma bravo taking proof point private for a 12 plus billion dollar price tag the stock went from the low 130s and is trading in the low 170s based on 176 dollar per share offer so there's your arbitrage folks go for it perhaps the more interesting acquisition was auth 0 by octa for 6.5 billion which we're going to talk about more in a moment there's more private equity action we saw as insight bought armis and iot security play and cisco shelled out 730 million dollars for imi mobile which is more of an adjacency to cyber but it's going to go under cisco's security and applications business run by g2 patel but these are just the tip of the iceberg some of the themes that we see connecting the dots of these acquisitions are first sis like accenture atos and wipro are making moves in cyber to go local they're buying secops expertise as i say locally in places like france germany netherlands canada and australia that last mile that belly-to-belly intimate service israel israeli-based startups chalked up five acquired companies in the space over the last five months also financial services firms are getting into the act with goldman and mastercard making moves to own its own part of the stack themselves to combat things like fraud and identity theft and then finally numerous moves to expand markets octa with zero crowdstrike buying a log management company palo alto picking up devops expertise rapid seven shoring up its kubernetes chops tenable expanding beyond insights and going after identity interesting fortinet filling gaps in a multi-cloud offering sale point extending to governance risk and compliance grc zscaler picked up an israeli firm to fill gaps in access control and then vmware buying mesh 7 to secure modern app development and distribution services so tons and tons of activity here okay so let's look at some of the etr data to put the cyber market in context etr uses the concept of market share it's one of the key metrics which is a measure of pervasiveness in the data set so for each sector it calculates the number of respondents for that sector divided by the total to get a sense for how prominent the sector is within the cio and i.t buyer communities okay this chart shows the full etr sector taxonomy with security highlighted across three survey periods april last year january this year in april this year now you wouldn't expect big moves in market share over time so it's relatively stable by sector but the big takeaway comes from observing which sectors are most prominent so you see that red line that dotted line imposed at the sixty percent level you can see there are only six sectors above that line and cyber security is one of them okay so we know that security is important in a large market but this puts it in the context of the other sectors however we know from previous breaking analysis episodes that despite the importance of cyber and the urgency catalyzed by the pandemic budgets unfortunately are not unlimited and spending is bounded it's not an open checkbook for csos as shown in this chart this is a two-dimensional graphic showing market share in the horizontal axis or pervasiveness and net score in the vertical axis net score is etr's measurement of spending velocity and we've superimposed a red line at 40 percent because anything over 40 percent we consider extremely elevated we've filtered and limited the number of sectors to simplify the graphic and you can see in the sectors that we've highlighted only the big four four are above that forty percent line ai containers rpa and cloud they exceed that sort of forty percent magic water line information security you can see that is highlighted and it's respectable but it competes for budget with other important sectors so this of course creates challenges for organization because not only are they strapped for talent as we've reported they like everyone else in it face ongoing budget pressures research firm cybersecurity ventures estimates that in 2021 6 trillion dollars worldwide will be lost on cyber crime conversely research firm canalis pegs security spending somewhere around 60 billion dollars annually idc has it higher around 100 billion so either way we're talking about spending between one to one point six percent annually of how much the bad guys are taking out that's peanuts really when you consider the consequences so let's double click into the cyber landscape a bit and further look at some of the companies here's that same x y graphic with the company's etr captures from respondents in the cyber security sector that's what's shown on the chart here now the usefulness of the red lines is 20 percent on the horizontal indicates the largest presence in the survey and the magic 40 percent line that we talked about earlier shows those firms with the most elevated momentum only microsoft and palo alto exceed both high water marks of course splunk and cisco are prominent horizontally and there are numerous companies to the left of the 20 percent line and many above that 40 percent high water mark on the vertical axis now in the bottom left quadrant that includes many of the legacy names that have been around for a long time and there are dozens of companies that show spending momentum on their platforms i.e above single digits so that picture is like the first one we showed you very very crowded space but so let's filter it a bit and only include companies in the etr survey that had at least a hundred responses so an n of a hundred or greater so it's a little easy to read but still it's kind of crowded when you think about it okay so same graphic and we've superimposed the data that determined the plot position over in the bottom right there so it's net score and shared n including only companies with more than 100 n so what does this data tell us about the market well microsoft is dominant as always it seems in all dimensions but let's focus on that red line for a moment some of the names that we've highlighted over the past two years show very well here first i want to talk about palo alto networks pre-covet as you might recall we highlighted the valuation divergence between palo alto and fortinet and we said fortinet was executing better on its cloud strategy and palo alto was at the time struggling with the transition especially with its go to market and its sales force compensation and really refreshing its portfolio but we told you that we were bullish on palo alto networks at the time because of its track record and the fact that cios consistently told us that they saw palo alto as a thought leader in the space that they wanted to work with they said that palo alto was the gold standard the best especially larger company cisos so that gave us confidence that palo alto a very well-run company was going to get its act together and perform better and palo alto has just done just that as we expected they've done very well and they've been rapidly moving customers to the next generation of platforms and we're very impressed by the company's execution and the stock has generally reflected that now some other names that hit our radar and the etr data a couple of years ago continue to perform well crowdstrike z-scaler sales sail point and cloudflare a cloudflare just reported and beat earnings but was off the stock fell on headwinds for tech overall the big rotation but the company is doing very well and they're growing rapidly and they have momentum as you can see from the etr data and we put that double star around proof point to highlight that it was worthy of fetching 12 and a half billion dollars from private equity firm so nice exit there supporting the continued control consolidation trend that we've predicted in cyber security now let's turn our attention to octa and auth zero this is where it gets interesting and is a clever play for octa we think and we want to drill into it a bit octa is acquiring auth zero for big money why well we think todd mckinnon octa ceo wants to run the table on identity and then continue to expand his tam he has to do that to justify his lofty valuation so octa's ascendancy around identity and single sign sign-on is notable the fragmented pictures that we've shown you they scream out for simplification and trust and that's what octa brings but it competes with some major players most notably microsoft with active directory so look of course microsoft is going to dominate in its massive customer base but the rest of the market that's like jump ball it's wide open and we think mckinnon saw the opportunity to go dominate that sector now octa comes at this from an enterprise perspective bringing top-down trust to the equation and throwing a big blanket over all the discrete sas platforms and unifying employee access octa's timing was perfect it was founded in 2009 just as the massive sasification trend was happening around crm and hr and service management and cloud etc but the one thing that octa didn't have that auth 0 does is serious developer chops while octa was crushing it with its enterprise sales strategy auth 0 was laser focused on developers and building a bottoms up approach to identity by acquiring auth0 octa can dominate both sides of the barbell and then capture the fat middle so yes it's a pricey acquisition but in our view it's a great move by mckinnon now i don't know mckinnon personally but last week i spoke to arun shrestha who's the ceo of security specialist beyond id they're a platinum services partner of octa and there a zero trust expert he worked for octa for a number of years and shared with me a bit about mckinnon's style and think big approach arun said something that caught my attention he said firewalls used to be the perimeter now people are and while that's self-serving to octa and probably beyond id it's true people apps and data are the new perimeter and they're not in one location and that's the point now unfortunately i had lined up an interview with dia jolly who was the chief product officer at octa in a cube alum for this past week knowing that we were running this segment in this episode but she unfortunately fell ill the day of our interview and had to cancel but i want to follow up with her and understand how she's thinking about connecting the dots with auth 0 with devs and enterprises and really test our thesis there this is a really interesting chess match that's going on let's look a little deeper into that identity space this chart here shows some of the major identity players it has some of the leaders in the identity market and there's a breakdown of etr's net score now net score comprises five elements the lime green is we're adding the platform new the forest green is we're spending six percent or more relative to last year the gray is flat send plus or minus flat spend plus or minus five percent the pinkish is spending less and the bright red is where exiting the platform retiring now you subtract the red from the green and that gets you the result for net score which you can see superimposed on the right hand chart at the bottom that first column there the far column is shared in which informs and indicates the number of responses and is a proxy for presence in the market oh look at the top two players in terms of spending momentum now sales sale point is right there but auth 0 combined with octa's distribution channel will extend octa's lead significantly in our view and then there's microsoft now just a caveat this includes all of microsoft's security offerings not just identity but it's there for context and cyber arc as well includes its acquisition of adaptive but also other parts of cyberarks portfolio so you can see some of the other names that are there many of which you'll find in the gartner magic quadrant for identity and as we said we really like this move by octa it combines positive market forces with lead offerings from very well-run companies that have winning dna and passionate people now to further emphasize emphasize what what's happening here take a look at this this chart shows etr data for octa within sale point and cyber arc accounts out of the 230 cyber and sale point customers in the data set there are 81 octa accounts that's a 35 overlap and the good news for octa is that within that base of sale point in cyber arc accounts octa is shown by the net score line that green line has a very elevated spending and momentum and the kicker is if you read the fine print in the right hand column etr correctly points out that while sailpoint and cyberarc have long been partners with octa at the recent octane 21 event octa's big customer event the company announced that it was expanding into privileged access management pam and identity governance hello and welcome to coopetition in the 2020s now our current thinking is that this bodes very well for octa and cyberark and sailpoint well they're going to have to make some counter moves to fend off the onslaught that is coming now let's wrap up with what has become a tradition in our quarterly security updates looking at those two dimensions of net score and market share we're going to see which companies crack the top 10 for both measures within the etr data set we do this every quarter so here on the left we have the top 20 sorted by net score or spending momentum and on the right we sort by shared n so again top 20 which informs shared end and forms the market share metric or presence in the data set that red horizontal lines those two lines on each separate the top 10 from the remaining 10 within those top 20. in our method what we do is we assign four stars to those companies that crack the top ten for both metrics so again you see microsoft palo alto networks octa crowdstrike and fortinet fortinet by the way didn't make it last quarter they've kind of been in and out and on the bubble but you know this company is very strong and doing quite well only the other four did last quarter there was same four last quarter and we give two stars to those companies that make it in both categories within the top 20 but didn't make the top 10. so cisco splunk which has been steadily decelerating from a spending momentum standpoint and z-scaler which is just on the cusp you know we really like z-scaler and the company has great momentum but that's the methodology it is what it is now you can see we kept carbon black on the rightmost chart it's like kind of cut off it's number 21 only because they're just outside looking in on netscore you see them there they're just below on on netscore number 11. and vmware's presence in the market we think that carbon black is really worth paying attention to okay so we're going to close with some summary and final thoughts last quarter we did a deeper dive on the solar winds hack and we think the ramifications are significant it has set the stage for a new era of escalation and adversary sophistication now major change we see is a heightened awareness that when you find intruders you'd better think very carefully about your next moves when someone breaks into your house if the dog barks or if you come down with a baseball bat or other weapon you might think the intruder is going to flee but if the criminal badly wants what you have in your house and it's valuable enough you might find yourself in a bloody knife fight or worse what's happening is intruders come to your company via island hopping or inside or subterfuge or whatever method and they'll live off the land stealthily using your own tools against you so they can you can't find them so easily so instead of injecting new tools in that send off an alert they just use what you already have there that's what's called living off the land they'll steal sensitive data for example positive covid test results when that was really really sensitive obviously still is or other medical data and when you retaliate they will double extort you they'll encrypt your data and hold it for ransom and at the same time threaten to release the sensitive information to crushing your brand in the process so your response must be as stealthy as their intrusion as you marshal your resources and devise an attack plan you face serious headwinds not only is this a complicated situation there's your ongoing and acute talent shortage that you tell us about all the time many companies are mired in technical debt that's an additional challenge and then you've got to balance the running of the business while actually affecting a digital transformation that's very very difficult and it's risky because the more digital you become the more exposed you are so this idea of zero trust people used to call it a buzzword it's now a mandate along with automation because you just can't throw labor at the problem this is all good news for investors as cyber remains a market that's ripe for valuation increases and m a activity especially if you know where to look hopefully we've helped you squint through the maze a little bit okay that's it for now thanks to the community for your comments and insights remember i publish each week on wikibon.com and siliconangle.com these episodes they're all available as podcasts all you do is search breaking analysis podcast put in the headphones listen when you're in your car out for your walk or run and you can always connect on twitter at divalante or email me at david.valante at siliconangle.com i appreciate the comments on linkedin and in clubhouse please follow me so you're notified when we start a room and riff on these topics and others and don't forget to check out etr.plus for all the survey data this is dave vellante for the cube insights powered by etr be well and we'll see you next time [Music] you