>> Announcer: From Miami Beach, Florida, it's theCUBE, covering Acronis Global Cyber Summit 2019, brought to you by Acronis. >> Okay, welcome back, everyone. It's theCUBE's two days of coverage here in Miami Beach at the Fountainebleau Hotel for the Acronis Global Cyber Summit 2019. I'm John Furrier, your host, James Slaby, the director of cyber protection for Acronis is here on theCUBE. Thanks for coming in, it's great to see you. >> John, great to be here, thanks. >> So, we talked on the day one reception that we had. We were having a chat about the cyber protection positioning, and how the confluence of data protection is emerging in this new modernization of the enterprise. >> Sure. >> Sports teams are out there, it's obvious pick customers, so it's happening. >> Absolutely, it's something that the analyst community has been talking about for years. And certainly, I think people in the data protection space, on the vendor side, in the cyber security space, have been seeing it coming. I think there's been a little bit of weariness of it on the end user side, particularly if you look at the large enterprise space where you've got fairly large teams and they're specialized. You've got the security folks on one side, data protection IT operations on the other, and often different budgets, they don't necessarily like each other, or talk to each other a whole lot, sometimes competing agendas. But frankly the way the world is going with the kind of explosion in data, the fact that data's growing five times faster than IT staffing is able to grow, and with this explosion in the threat environment, not just cyber criminals though they've gotten a lot cleverer in recent years, much more industrial in their methods, basically I like to compare them to Salesforce, but evil, right? So, they've industrialized their production methods, >> And they're causing disruption. They are disrupting the continuity of a business by hijacking their data before there is ransomware or zero-day malware, it's here, it's happening all the time. >> Yeah, and it's not just the criminals now. You have state actors involved. North Korea basically runs itself as a criminal enterprise these days to fund the regime because of economic sanctions. And they're very well-funded, they're very expert, and with tools like ransomware and cryptojacking at their disposal, they're sustaining themselves. So, between the threats on all sides, and the explosion in data, the operation side of the house, and the security side of the house really have to come together. It's not a luxury that frankly small to medium businesses have ever had. You typically have much smaller staffs. It's one, two, maybe three people handling all of that. So, in some respects that convergence is going to be a welcome simplification of life to them. >> What's interesting to me and I want to get your thoughts and reaction to this is that with the Cloud computing, and this new modern era of compute power and software defined stuff, you're seeing categories that used to be niche white spaced categories become full-blown important areas. I'll give you an example. Network management turned into observability. Configuration management's now automation. So, at the plumbing level infrastructure when they start to see stuff emerge that was once a feature and now important. Data protection involves a cyber protection. Again, it's elevating an importance because the game's changing, but it's still the same. It's data protection, but data's everywhere, but cyber's the driver. This is an interesting dynamic, and I think you pointed that out, again, on our first night, it's highlighted there. Are all the analysts seeing it this way? And because we're seeing, observability, what is observability? It's network management on steroids. So, this new modern architecture of an enterprise is our thinking like a system, and cyber protection is a new, I guess category. Well, it's not really a new category, it's data protection or cyber threats and cyber things. >> I think it's a useful coinage to capture in a couple of words, this convergence of classic data protection disaster recovery kind of functionality with cyber security. I do see the analyst community having anticipated the trend by a couple of years, Forrester with their zero trust model is a slightly different perspective on it, but ultimately it puts data at the center of everything. You've got to protect data, you've got to protect people from stealing it, you've got to defend against people tampering with it. And once you start putting data at the center of your world, then all those functions whether they're classic IT operations functions, or what we historically associate with cyber security, it doesn't make a whole lot of difference. The challenge is to find ways to achieve those basic functions in a way that is managing the complexity, you've got an explosion of data sources, an explosion of data volume, here comes the Internet of things, here comes 5G wireless, suddenly everyone's going to be storing 10 terabytes of data on their smart phones. So, you've got a lot more data in a lot more places to defend against. And the bad guys are coming up with increasingly sophisticated new ways to get at it. So, looking at it as data first, and I think what our MSP and VAR partners, and what their customers are asking for are ways to help us manage that process in a way that's simpler to manage, that's cheaper, and can defend against these kind of new more sophisticated threats. >> More threats, the complexity is increasing, data's increasing, the costs are increasing, and it all revolves around the digital business as data, and the Red Sox and the sports teams encapsulate that because their product's on the field, but also they have a business to run, they got fans to serve, their consumers, it's a digital business model, it's a data. >> Yeah, they look sort of like extreme examples today. Our business doesn't need our F1, our Formula One partners to capture the racetrack data from a rocket ship with a 1,000 sensors in it, and real time telemetry, but that's only looks extreme today. We're not very far away from having to handle that kind of data in real time in our business. So, in the same way that the Red Sox are capturing all kinds of video information and analytics, and analyzing the performance of their players, we're going to be doing similar kinds of data collection and processing on business information in just a few short years. So, it's useful to have leading edge partners like that, but the rest of us aren't really far behind-- >> Well, I think the platform play is very interesting. You guys put a lot of work into that. Obviously you can't do that overnight. Many years have gone into that. Having an open ecosystem is key. You mentioned VARs and partners earlier, this is a big part of the business model of Acronis, and so that's ultimately the true test of a product because the channel is a very efficient business mechanism. >> Yes. (laughs) >> If it works and it's profitable, and creates happy customers, their customers are happy, they keep their customers. They're a very tough crowd too as well. What are your partners in VARs and ISVs, what's in demand of them from their customers? Because they're selling your product as a solution, putting servers to run, but they have customers too, and they're looking for them to be a player and serve them well. What are they hearing? What's their customer customer? >> Yeah, you're right, they're absolutely, our partners are our key source of intel on what the buyers ultimately want. And again your typical buyer, let's say it's a small or medium business for argument's sake here, is confronting the fact that there's a giant labor shortage in cyber security talent at the moment. So, in two years there'll be 3 1/2 million cyber security job vacancies worldwide. I tell young people I know that are coming out of high school or college, go into cyber security, there going to be a lot of work there in the coming years. This is advice I just gave to my nephew. And they can't compete for the existing talent that's out there. If you're a great cyber security talent, you're going to want to work for a managed service provider where you're constantly facing new challenges, new customers, new technologies, it's the great Petri dish to learn and hone your craft, and move up in the world or maybe you go into the large enterprise space, cyber protection staff there where the pay is a little bit better. It's very tough for an SMB to compete with that. They just can't find, retain, or pay the talent that they need to keep their own data secure. So, that's a huge one just from-- >> And they're also under a lot of pressure because the way these supply chain relationships work is I could have the best security on the planet, but if you're my business partner and you don't have good data hygiene, my data's exposed through you because we're working together. Listen, this is a really dynamic. >> Yeah, and it's kind of an interesting, it's a bit of ancillary topic here I think, but just a tax on elements of the supply chain like managed service providers themselves as something that has raised its head. So, as a buyer, you have to evaluate whether your provider is taking appropriate steps to protect themselves because if they can't do that, then you will be someone who's intimately connected with them that will be vulnerable to the same evils that befall them. >> I hear that a lot from people that are selling security, and, or data protection to customers is that there's now requirements in the sales process to do it, and I don't want to say audit, that's not the right word, the word we're looking for, but inspection of how the data's being handled. Obviously, you've got GDPR out there which is a whole 'nother animal, but this is now a real criteria so, IMSP, I have to build that out myself. Is this where they are using you guys? This is where there seems to be a dynamic where you guys are doing well, certainly ransomware's been a big part of it too. >> So, they have a couple of challenges, our partners do. One is beating that customer requirement to protect me, make sure you've got the expertise that I can't retain to provide security for my data, do it in a way that's cheap, do it that it will grow as my data volumes are growing, and automate it wherever possible, right. I do not want to have to worry about this stuff. The MSPs have both technical and business challenges themselves. From the technical side their problems are similar to the customer's. They need any solution they have to be simple, they need it to be cheap, automation is super important to them, and they need to keep ahead of the security gap. From a business perspective you've got additional challenges like, how do I grow my individual, my average revenue per user? How do I offer additional services that are going to increase my traction with them so that I can reproduce churns, that I want to be stickier, right? How do I get hooks into my existing billing and provisioning kind of systems? So, the customer has a range of challenges that are reflected mainly in technical terms in the service provider, but the service provider has their own businesses sectors that are unique. And this is in part how things like Acronis Cyber Protect at cyber infrastructure, and the opening up of Acronis Cyber Platform so that their ISVs and the providers of the tools that they're using can get tighter integration into the infrastructure that they-- >> You guys are now just open APIs, just opening up the API's developer network and then the customer portal, big news here at the show. >> Yes, yup! >> You guys were holding back from us, well, now you've got it covered, but this speaks to the ecosystem. Now, I got to ask you about the competition, the industry, RSA, these big conferences, buzzword bingo goes on all the time, hype is like, I got this, I'm throwing a platform. >> What's your favorite game? >> I wouldn't be surprised if cyber protection, cyber protect is a category as it emerged people start whitewashing. We've got a platform, so, people are talking the platform game. What is hype and reality? Take us through unpacking your opinion where the hype and reality, because customers are trying to squint through the noise, and look at the hype versus the reality. How do you distinguish between what's real and what's not? >> Well, I would say a useful starting point is, allow me to toot Acronis's horn here with what we have rolled out with Acronis Cyber Protect. So, it starts with our classic value proposition which is backup and disaster recovery. The next step is something that we got into the market with several years ago which is anti-malware that is buttressed by machine learning and artificial intelligence. So, the goal here is not just to be able to identify, and stop known threats by their signatures, the classic antivirus approach given the increasing sophistication of malware developers, you have to be able to identify stuff by the way it behaves. So, even if you've never seen it before you have to be able to say, that looks suspicious, I've got to stop that, and do it in a way that's smart enough that you're not halting up innocent processes that might be doing something that vaguely looks suspicious, right? You've got to stop the real threats and minimize the false positives, right. Now add to that things like health and performance monitoring. So, the capability from the exact same console to monitor the health of your hardware, including being able to predict drive failure rates, again, with the help of artificial intelligence to the point where given that half your hard drives are going to fail in five years, we can predict within 98% accuracy when a hard drive is going to fail, and that's a giant way to head off a big data loss is move that data before the hard drive fails, but also monitor the performance of your network, your applications, your operating system, as well as hardware performance. >> It's an end to end holistic view of data. >> Yeah, it's something that you might be able to do with multiple tools and maybe cruder tools, like the smart capability for drive analysis has been around for a while, but the name hasn't aged well. Health monitoring, remote desktop, right. So, the ability, really important to an MSP to reach out and troubleshoot issues on a remote desktop including things like managing their windows defender environment, so that you're making sure that the end user isn't violating your security policies because they think it might improve their performance a little to shut off some features of Windows Defender, right? Where I think it really gets interesting is in capabilities like vulnerability assessment. So, the ability to scan an endpoint and figure out which revisions of their operating system, their traditional productivity applications, all their third party applications, where they are relative to the patches that are out there to close known vulnerabilities to malware threats. And then based on that proceed to patch management where you figure out a sensible, scalable, manageable way to install patches on all those devices across your organization which is part of the daily grind for operations people, frankly. So, giving them all of those tools in one place with a single interface, oh, by the way let's throw in URL filtering, another capability that really will keep your users out of a lot of trouble, keep them from visiting sites where malware loves to lurk, because where pirated software and these kind of things, places you shouldn't go that people tend to go, and invite the evils of the world. So, imagine all these things on a single pane of glass that you need one organization with one training regimen to operate, and suddenly you see the kind of efficiencies that you're going to generate as a service provider in terms of lowering your own costs, automating a lot of the functions that you previously had to do manually, and so on. Sorry, I had to finish that, sorry. >> No problem, that's a huge-- >> That's the rest of the story on cyber protection. >> Well, this highlights to me what I think is a very comprehensive offering. You guys have comprehensive storing. You have infrastructure, a platform, and then a set of services, that's deep, deep bench of technology. >> Well, there's a lot of innovation in there as well. So, this was something that had never occurred to me that fortunately occurred to our RND people which is the notion of why don't we start scanning our backup images instead of relying on endpoint scans. So, we've got a recent image backup, why don't we scan our copy of it? We can do the vulnerability assessment, the patch management of it, and, oh, by the way, that means that we can do things like if you've got custom applications that maybe sometimes don't play nice with newer revs of the OS or patches, you can actually test that offline. Do those upgrades, install those patches, run the application, if it doesn't work, if it gives you performance problems, or functionality problems, you know not to roll those patches out across your environment. And those are kind of clever things that, oh, by the way, oh, this is the burden and potential conflicts of scans on the endpoints. So, again, I-- >> That shows the benefit of the ISV market too, as more stuff comes on, the benefits of the collective ecosystem getting right back into the customer-- >> And it works a couple of ways. So, some of my independent software vendors are going to integrate functionality from Cyber Protect into their products in a way that is sort of invisible. They'll be Acronis inside, but their customers won't necessarily know it. It also means that MSPs and the vendors that serve them with a variety of tools can more tightly integrate their functionality with Cyber Protect at the core of the managed service providers offering, and provide value to both sides of that equation as well. >> You guys have great validations platform, solutions, robust ecosystem, now you'll bring out the developers, so congratulations. James, thanks for coming on, and sharing the insight, it's appreciated. >> John, thanks so much, this was great. >> All right, Cube coverage here in Miami Beach for the Acronis Global Cyber Summit 2019. I'm John Furrier, stay with us for more day two coverage after this short break. (upbeat music)