>> Announcer: Live from Las Vegas, it's theCUBE. Covering IBM Think 2018. Brought to you by IBM. >> Welcome back to theCUBE live at the inaugural IBM Think 2018 event. I'm Lisa Martin with Dave Vellante. Excited to be joined by a guest from down under, Garrett McDonald, the head of Enterprise Architecture at the Department of Human Services in Australia. Welcome to theCUBE. >> Thank you very much. >> Great to have you. So tell us about the Department of Human Services, DHS. You guys touch 99 percent of the Australian population. >> Yeah, we do. We sit within federal government, we're a large service delivery organization. So through a range of programs and services we touch pretty much every Australian citizen on an annual basis. And within our organization we're responsible for delivery of our national social welfare system, and that picks up people pretty much across the entire course of their lives at different points, we're also responsible for delivering the federally administered portion of our national health system, and that picks up pretty much every Australian every time you go to a doctor, a pharmacy, a hospital, a path lab, indirectly both the provider and the citizen are engaging with our services. We're responsible for running the child support system, but then we also provide IT services for other government departments, so we implement and operate for the Department of Veterans Affairs, and also the National Disability Insurance Agency. And then finally we also run Whole-of-government capabilities, so DHS we operate the myGov platform, that's a Whole-of-government capability for citizens who government authentication and within out program we have 12 million active users and that number continues to grow year on year, and that's the way that you access authenticated services for most of the major interactions that a citizen would have online with government. >> And your role is formerly CTO, right? >> Yep. >> You've got a new role. Can you explain it? >> Yeah, I'm a bit of a jack-of-all-trades within the senior executive at DHS, I've had roles in ICT infrastructure, the role of CTO, the role of national manager for Enterprise Architecture, and I've also had application delivery roles as well. >> Okay, so let's get into the healthcare talk because the drivers in that industry are so interesting, you've got privacy issues, in this country it's HIPAA, I'm sure you're got similar restrictions on data. Um, what's driving your business? You've got that regulation environment plus you've got the whole digital disruption thing going on. You've got cloud, private cloud, what's driving your organization from a technology perspective? >> I think there's two main factors there. We have changing citizen expectations, like we've got this continued explosion in the rate of changing technology, and through that people are becoming increasingly comfortable with the integration of technology in their lives, we've got people who are living their lives through social media platforms and have come to expect a particular user experience when engaging through those platforms, and they're now expecting the same experience when they interact with government. How do I get that slick user experience, how do I take the friction out of the engagement, and how do I take the burden out of having to interact with government? But at the same time, given we are a government agency and we do have data holdings across the entire Australian population, whether it's social welfare, whether it's health or a range of other services, there's this very very high focus on how do we maintain privacy and security of data. >> Yeah, I can't imagine the volumes of transactional data for 12 million people. What are some of the things that DHS is using or leveraging that relationship with IBM for to manage these massive volumes of data? You mentioned like different types of healthcare security requirements alone. What is that like? >> We've been using IBM as our dominant security partner for quite some years now, and it's been the use of data power appliances and ISM power appliances out at the edge to get the traffic into the organization. We're deploying Qradar as our Next Gen SIEM and we're slowly transitioning over to that. And then as we work out way through the mid-range platform through our investment in the power fleet and back to our System Z, we've been using Db2 on Z for quite some years in the health domain to provide that security, the reliability and the performance that we need to service the workloads that hit us on a day-to-day basis. >> So you got a little IoT thing going on. Right? You got the edge, you got the mainframe, you got Db2. Talk a little bit about how, because you've been a customer for a long time, talk about how that platform has evolved. Edge data, modernization of the mainframe, whether it's Linux, blockchain, AI, discuss that a little bit. >> Okay, so over the past three years we've been developing our Next Gen infrastructure strategy. And that really started off around about three years ago, we decided to converge on Enterprise Linux as our preferred operating system. We had probably five or six operating systems in use prior to that, and by converging down on Linux it's given us a, the ability to run same operating system whether it's on x86, on Power, or Z Linux, and that's allowed us to develop a broader range of people with deep skills in Linux, and that's really then given us a common platform upon which we can build an elastic private cloud to service our Next Gen application workloads. >> Now you've talked off-camera. No public cloud. Public cloud bad word (laughs) But you've chosen not to. Maybe discuss why and what you're doing to get cloud-like experiences. >> Yeah, so we are building out a private cloud and we do have a view towards public cloud at a point in the future, but given mandatory requirements we need to comply with within the Australian government around the use of the Cloud, given the sensitivity of the data that we hold. At this point we're holding all data on premise. >> Can we talk a little bit more about what you guys are doing with analytics and how you're using that to have a positive social impact for these 12 million Australians? >> Yeah, we've got a few initiatives on the go there. On how do we apply whether it's machine learning, AI, predictive analytics, or just Next Gen advanced analytics on how do we change the way we're delivering services to the citizens of Australia, how do we make it a more dynamic user experience, how do we make it more tailored? And on here that we're exploring at the moment is this considerable flexibility in our systems and how citizens can engage with them, so for example in the social welfare space we have a requirement for you to provide an estimate of the income you expect to learn over the next 12 months, and then based on what you actually earn through the year there can be an end-of-year true-up. Right, so that creates a situation where if you overestimate at the start of the year you can end up with an overpayment at the end of the year and we need to recover that. So what we're looking at doing is well how do we deploy predictive analytics so that we can take a look an an individual's circumstances and say well, what do we think the probability is that you may end up with an inadvertent overpayment, and how can we engage with you proactively throughout the year to help true that up so that you don't reach the end of the year and have an overpayment that we need to recover. >> So I wonder if we could talk about the data model. You talk about analytics, but what about the data model? As you get pressure from, you know, digital, let's call it. And healthcare is an industry that really hasn't been dramatically or radically transformed. It hasn't been Uberized. But the data model has largely been siloed, at least in my experience working with the healthcare industry. What's the situation in Australia, and specifically with regard to how do you get your data model in shape to be able to leverage it for this digital world? And I know you're coming at it from a standpoint of infrastructure, but maybe you could provide that context. >> Well, given for privacy reasons we continue to maintain a pretty strong degree of separation between categories of health data for a citizen, and we also have an initiative being deployed nationally around an electronic health record that the citizen is able to control, right, so when you create your citizen record, health record, there is a portion of data that is uploaded from our systems into that health record, and then a citizen can opt in around, well what information when you visit the general practitioner is available in that health record. When you go to a specialist you're able to control through privacy settings what information you're willing to share, so it's still a federated model, but there's a very, very strong focus on well how do we put controls in place so that the citizen is in control of their data. >> I want to follow up in that, this is really important, so okay, if I hear you correctly, the citizen essentially has access to and controls his or her own healthcare information. >> Yeah, that's right. And they're able to control what information are they willing to share with a given health practitioner. >> And it's pretty facile, it's easy for the citizen to do that. >> Yeah. >> And you are the trusted third party, is that right? Or -- >> It's a federated model, so we are a contributor to that service. We provide some of the functionality, we feed some of the data in, but we do have another entity that controls the overarching federation. >> Do you, is there a discussion going on around blockchain? I mean could you apply blockchain to sort of eliminate the need for that third party? And have a trustless sort of network? What's the discussion like there? >> We've been maintaining a watching brief on blockchain for a good couple of years now. We've been trying to explore, well how do we find an initial use case where we can potentially apply block chain where it provides a value and it meets the risk profile. And given it does need to be a distributed ledger, how do we find the right combination of parties where we can undertake a joint proof of technology to identify can we make this work. So not so much in HealthSpace, there are other areas where we're exploring at the moment. >> Okay, so you see the potential of just trying to figure out where it applies? >> Yeah, absolutely, and we're also watching the market to see well what's going to become the dominant distribution, how a regulatory framework's going to catch up and ensure that, you know apart from the technical implementation how do we make sure that it's governed, it's administered -- >> Do you own any Bitcoin? No, I'm just kidding. (laughter) How do you like in the Melbourne Cup? So, let's talk a little bit about the things that excite you as a technologist. We talked about a bunch of them, cloud, AI, blockchain, what gets you excited? >> I think the AI and machine learning is a wonderful area of emerging technology. So we've also been pushing quite hard with virtual assistants over the past two to three years, and we have six virtual assistants in the production environment. And those span both the unauthenticated citizen space, how do we assist them in finding information about the social welfare system, once you authenticate we have some additional virtual assistants that help guide you through the process, and then we've also been deploying virtual assistants into the staff-facing side. Now we have one there, she's been in production around about 18 months, and we've got very very complex social welfare legislation, policy, business rules, and when you're on the front line and you have a customer sitting in front of you those circumstances can be really quite complex. And you need to very quickly work through what areas of the policy are relevant, how do I apply them, how does this line up with the legislation, so what we've done is we've put a virtual assistant in place, it's a chat-based VA, and you can ask the virtual assistant some quite complex questions and we've had a 95 percent success rate on the virtual assistant answering a query on the first point of contact without the need to escalate to a subject matter expert and we figure that if we saved, we've had it round about a million questions answered in the last year, and if you think that each one of those probably saves around three minutes of time, engaging in SME, giving them the context and then sorting through to an answer, that's three million minutes of effort that our staff have been able to apply to ensuring that we get the best outcome for our citizen rather than working through how do I find the right answer. So that's a bit of a game-changer for us. >> What are some of the things that you're, related to AI, machine learning, cloud, that you're excited about learning this week at the inaugural IBM Think? And how it may really help your government as a service initiative, et cetera. >> Yeah, so I think I see a lot more potential in the space between say machine learning and predictive analytics. On based on what we know about an individual and based on what we know about similar individuals, how do we help guide that individual back to self-sufficiency? Right, so for many many years we've been highly effective and very efficient at the delivery of our services, but ultimately if we can get someone back to self-sufficiency, they're engaged in society, they're contributing to the economy, and I think that puts everyone in a pretty good place. >> Alright, so I got to ask you, I know again, architecture and infrastructure person, but I always ask everybody in your field. How long before machines are going to be able to make better diagnoses than doctors? >> Uh, not so sure about doctors, but within our space our focus has been on how do we use artificial intelligence and machine learning to augment human capability? Like, the focus is on within our business lines within our business lines we have room for discretion and human judgment. Right, so, we don't expect that the machines will be making the decisions, but given the complexity and the volume of the policy and legislation, we do think there's a considerable opportunity to use that technology to allow an individual to make the most informed and the most consistent and the most accurate decision. >> So then in your term you don't see that as a plausible scenario? >> No. >> Maybe not in our lifetime. >> As I said the focus is very much on, well, how do we augment human capability with emerging technology. >> So Garrett, last question and we've got about a minute left. What are some of the things that you are excited about in your new role as head of Enterprise Architecture for 2018 that you see by the end by the time we get to December, your summertime, that you will have wanted to achieve? >> Okay, so, over the last roughly two years I've been developing the future state technology design that will reshape out social welfare system for probably the next 30 years. This is a generational refresh we're undertaking in that space, so I think it's been a hard slog getting to this point, we're now starting to build on our new digital engagement layer, we've got a new enrichment layer starting to come to life where we do put that machine learning and AI in place and then we're also starting to rebuild the core of our social welfare system, so this is the year for me where we go from planning through to execution, and it brings me an immense sense of pleasure and pride to see the work that you've been pouring yourself into for many years start to come to fruition, start to engage with citizens, start to engage with other government agencies, and start to deliver the value that we know that it's capable of delivering. >> Well, sounds like a very exciting year ahead. We want to thank you so much, Garrett, for stopping by theCUBE and sharing the insights, what you guys are doing to help impact the lives of 12 million Australians. >> Thank you very much. >> Have a great event. >> Thank you. >> And for Dave Vellante I'm Lisa Martin. You're watching theCUBE's live coverage of the inaugural IBM Think 2018. Stick around, we'll be back with our next guest after a short break.

(gentle music) >> Announcer: "theCube's" live coverage is made possible by funding from Dell Technologies, creating technologies that drive human progress. (upbeat music) (logo whooshing) >> Hey, everyone, welcome back to "theCube's" coverage of day one, MWC23 live from Barcelona, Lisa Martin here with Dave Vellante. Dave, we've got some great conversations so far This is the biggest, most packed show I've been to in years. About 80,000 people here so far. >> Yeah, down from its peak of 108, but still pretty good. You know, a lot of folks from China come to this show, but with the COVID situation in China, that's impacted the attendance, but still quite amazing. >> Amazing for sure. We're going to be talking about trends and mobility, and all sorts of great things. We have a couple of guests joining us for the first time on "theCUBE." Please welcome Dr. Srinivas Mukkamala or Sri, chief product officer at Ivanti. And Dave Shepherd, VP Ivanti. Guys, welcome to "theCUBE." Great to have you here. >> Thank you. >> So, day one of the conference, Sri, we'll go to you first. Talk about some of the trends that you're seeing in mobility. Obviously, the conference renamed from Mobile World Congress to MWC mobility being part of it, but what are some of the big trends? >> It's interesting, right? I mean, I was catching up with Dave. The first thing is from the keynotes, it took 45 minutes to talk about security. I mean, it's quite interesting when you look at the shore floor. We're talking about Edge, we're talking about 5G, the whole evolution. And there's also the concept of are we going into the Cloud? Are we coming back from the Cloud, back to the Edge? They're really two different things. Edge is all decentralized while you recompute. And one thing I observed here is they're talking about near real-time reality. When you look at automobiles, when you look at medical, when you look at robotics, you can't have things processed in the Cloud. It'll be too late. Because you got to make millisecond-based stations. That's a big trend for me. When I look at staff... Okay, the compute it takes to process in the Cloud versus what needs to happen on-prem, on device, is going to revolutionize the way we think about mobility. >> Revolutionize. David, what are some of the things that you're saying? Do you concur? >> Yeah, 100%. I mean, look, just reading some of the press recently, they're predicting 22 billion IoT devices by 2024. Everything Sri just talked about there. It's growing exponentially. You know, problems we have today are a snapshot. We're probably in the slowest place we are today. Everything's just going to get faster and faster and faster. So it's a, yeah, 100% concur with that. >> You know, Sri, on your point, so Jose Maria Alvarez, the CEO of Telefonica, said there are three pillars of the future of telco, low latency, programmable networks, and Cloud and Edge. So, as to your point, Cloud and low latency haven't gone hand in hand. But the Cloud guys are saying, "All right, we're going to bring the Cloud to the Edge." That's sort of an interesting dynamic. We're going to bypass them. We heard somebody, another speaker say, "You know, Cloud can't do it alone." You know? (chuckles) And so, it's like these worlds need each other in a way, don't they? >> Definitely right. So that's a fantastic way to look at it. The Cloud guys can say, "We're going to come closer to where the computer is." And if you really take a look at it with data localization, where are we going to put the Cloud in, right? I mean, so the data sovereignty becomes a very interesting thing. The localization becomes a very interesting thing. And when it comes to security, it gets completely different. I mean, we talked about moving everything to a centralized compute, really have massive processing, and give you the addition back wherever you are. Whereas when you're localized, I have to process everything within the local environment. So there's already a conflict right there. How are we going to address that? >> Yeah. So another statement, I think, it was the CEO of Ericsson, he was kind of talking about how the OTT guys have heard, "We can't let that happen again. And we're going to find new ways to charge for the network." Basically, he's talking about monetizing the API access. But I'm interested in what you're hearing from customers, right? 'Cause our mindset is, what value you're going to give to customers that they're going to pay for, versus, "I got this data I'm going to charge developers for." But what are you hearing from customers? >> It's amazing, Dave, the way you're looking at it, right? So if we take a look at what we were used to perpetual, and we said we're going to move to a subscription, right? I mean, everybody talks about subscription economy. Telcos on the other hand, had subscription economy for a long time, right? They were always based on usage, right? It's a usage economy. But today, we are basically realizing on compute. We haven't even started charging for compute. If you go to AWS, go to Azure, go to GCP, they still don't quite charge you for actual compute, right? It's kind of, they're still leaning on it. So think about API-based, we're going to break the bank. What people don't realize is, we do millions of API calls for any high transaction environment. A consumer can't afford that. What people don't realize is... I don't know how you're going to monetize. Even if you charge a cent a call, that is still going to be hundreds and thousands of dollars a day. And that's where, if you look at what you call low-code no-code motion? You see a plethora of companies being built on that. They're saying, "Hey, you don't have to write code. I'll give you authentication as a service. What that means is, Every single time you call my API to authenticate a user, I'm going to charge you." So just imagine how many times we authenticate on a single day. You're talking a few dozen times. And if I have to pay every single time I authenticate... >> Real friction in the marketplace, David. >> Yeah, and I tell you what. It's a big topic, right? And it's a topic that we haven't had to deal with at the Edge before, and we hear it probably daily really, complexity. The complexity's growing all the time. That means that we need to start to get insight, visibility. You know? I think a part of... Something that came out of the EU actually this week, stated, you know, there's a cyber attack every 11 seconds. That's fast, right? 2016, that was 40 seconds. So actually that speed I talked about earlier, everything Sri says that's coming down to the Edge, we want to embrace the Edge and that is the way we're going to move. But customers are mindful of the complexity that's involved in that. And that, you know, lens thought to how are we going to deal with those complexities. >> I was just going to ask you, how are you planning to deal with those complexities? You mentioned one ransomware attack every 11 seconds. That's down considerably from just a few years ago. Ransomware is a household word. It's no longer, "Are we going to get attacked?" It's when, it's to what extent, it's how much. So how is Ivanti helping customers deal with some of the complexities, and the changes in the security landscape? >> Yeah. Shall I start on that one first? Yeah, look, we want to give all our customers and perspective customers full visibility of their environment. You know, devices that are attached to the environment. Where are they? What are they doing? How often are we going to look for those devices? Not only when we find those devices. What applications are they running? Are those applications secure? How are we going to manage those applications moving forward? And overall, wrapping it round, what kind of service are we going to do? What processes are we going to put in place? To Sri's point, the low-code no-code angle. How do we build processes that protect our organization? But probably a point where I'll pass to Sri in a moment is how do we add a level of automation to that? How do we add a level of intelligence that doesn't always require a human to be fixing or remediating a problem? >> To Sri, you mentioned... You're right, the keynote, it took 45 minutes before it even mentioned security. And I suppose it's because they've historically, had this hardened stack. Everything's controlled and it's a safe environment. And now that's changing. So what would you add? >> You know, great point, right? If you look at telcos, they're used to a perimeter-based network. >> Yep. >> I mean, that's what we are. Boxed, we knew our perimeter. Today, our perimeter is extended to our home, everywhere work, right? >> Yeah- >> We don't have a definition of a perimeter. Your browser is the new perimeter. And a good example, segueing to that, what we have seen is horizontal-based security. What we haven't seen is verticalization, especially in mobile. We haven't seen vertical mobile security solutions, right? Yes, you hear a little bit about automobile, you hear a little bit about healthcare, but what we haven't seen is, what about food sector? What about the frontline in food? What about supply chain? What security are we really doing? And I'll give you a simple example. You brought up ransomware. Last night, Dole was attacked with ransomware. We have seen the beef producer colonial pipeline. Now, if we have seen agritech being hit, what does it mean? We are starting to hit humanity. If you can't really put food on the table, you're starting to really disrupt the supply chain, right? In a massive way. So you got to start thinking about that. Why is Dole related to mobility? Think about that. They don't carry service and computers. What they carry is mobile devices. that's where the supply chain works. And then that's where you have to start thinking about it. And the evolution of ransomware, rather than a single-trick pony, you see them using multiple vulnerabilities. And Pegasus was the best example. Spyware across all politicians, right? And CEOs. It is six or seven vulnerabilities put together that actually was constructed to do an attack. >> Yeah. How does AI kind of change this? Where does it fit in? The attackers are going to have AI, but we could use AI to defend. But attackers are always ahead, right? (chuckles) So what's your... Do you have a point of view on that? 'Cause everybody's crazy about ChatGPT, right? The banks have all banned it. Certain universities in the United States have banned it. Another one's forcing his students to learn how to use ChatGPT to prompt it. It's all over the place. You have a point of view on this? >> So definitely, Dave, it's a great point. First, we all have to have our own generative AI. I mean, I look at it as your digital assistant, right? So when you had calculators, you can't function without a calculator today. It's not harmful. It's not going to take you away from doing multiplication, right? So we'll still teach arithmetic in school. You'll still use your calculator. So to me, AI will become an integral part. That's one beautiful thing I've seen on the short floor. Every little thing there is a AI-based solution I've seen, right? So ChatGPT is well played from multiple perspective. I would rather up level it and say, generated AI is the way to go. So there are three things. There is human intense triaging, where humans keep doing easy work, minimal work. You can use ML and AI to do that. There is human designing that you need to do. That's when you need to use AI. >> But, I would say this, in the Enterprise, that the quality of the AI has to be better than what we've seen so far out of ChatGPT, even though I love ChatGPT, it's amazing. But what we've seen from being... It's got to be... Is it true that... Don't you think it has to be cleaner, more accurate? It can't make up stuff. If I'm going to be automating my network with AI. >> I'll answer that question. It comes down to three fundamentals. The reason ChatGPT is giving addresses, it's not trained on the latest data. So for any AI and ML method, you got to look at three things. It's your data, it's your domain expertise, who is training it, and your data model. In ChatGPT, it's older data, it's biased to the people that trained it, right? >> Mm-hmm. >> And then, the data model is it's going to spit out what it's trained on. That's a precursor of any GPT, right? It's pre-trained transformation. >> So if we narrow that, right? Train it better for the specific use case, that AI has huge potential. >> You flip that to what the Enterprise customers talk about to us is, insight is invaluable. >> Right. >> But then too much insight too quickly all the time means we go remediation crazy. So we haven't got enough humans to be fixing all the problems. Sri's point with the ChatGPT data, some of that data we are looking at there could be old. So we're trying to triage something that may still be an issue, but it might have been superseded by something else as well. So that's my overriding when I'm talking to customers and we talk ChatGPT, it's in the news all the time. It's very topical. >> It's fun. >> It is. I even said to my 13-year-old son yesterday, your homework's out a date. 'Cause I knew he was doing some summary stuff on ChatGPT. So a little wind up that's out of date just to make that emphasis around the model. And that's where we, with our Neurons platform Ivanti, that's what we want to give the customers all the time, which is the real-time snapshot. So they can make a priority or a decision based on what that information is telling them. >> And we've kind of learned, I think, over the last couple of years, that access to real-time data, real-time AI, is no longer nice to have. It's a massive competitive advantage for organizations, but it's going to enable the on-demand, everything that we expect in our consumer lives, in our business lives. This is going to be table stakes for organizations, I think, in every industry going forward. >> Yeah. >> But assumes 5G, right? Is going to actually happen and somebody's going to- >> Going to absolutely. >> Somebody's going to make some money off it at some point. When are they going to make money off of 5G, do you think? (all laughing) >> No. And then you asked a very good question, Dave. I want to answer that question. Will bad guys use AI? >> Yeah. Yeah. >> Offensive AI is a very big thing. We have to pay attention to it. It's got to create an asymmetric war. If you look at the president of the United States, he said, "If somebody's going to attack us on cyber, we are going to retaliate." For the first time, US is willing to launch a cyber war. What that really means is, we're going to use AI for offensive reasons as well. And we as citizens have to pay attention to that. And that's where I'm worried about, right? AI bias, whether it's data, or domain expertise, or algorithmic bias, is going to be a big thing. And offensive AI is something everybody have to pay attention to. >> To your point, Sri, earlier about critical infrastructure getting hacked, I had this conversation with Dr. Robert Gates several years ago, and I said, "Yeah, but don't we have the best offensive, you know, technology in cyber?" And he said, "Yeah, but we got the most to lose too." >> Yeah, 100%. >> We're the wealthiest nation of the United States. The wealthiest is. So you got to be careful. But to your point, the president of the United States saying, "We'll retaliate," right? Not necessarily start the war, but who started it? >> But that's the thing, right? Attribution is the hardest part. And then you talked about a very interesting thing, rich nations, right? There's emerging nations. There are nations left behind. One thing I've seen on the show floor today is, digital inequality. Digital poverty is a big thing. While we have this amazing technology, 90% of the world doesn't have access to this. >> Right. >> What we have done is we have created an inequality across, and especially in mobility and cyber, if this technology doesn't reach to the last mile, which is emerging nations, I think we are creating a crater back again and putting societies a few miles back. >> And at much greater risk. >> 100%, right? >> Yeah. >> Because those are the guys. In cyber, all you need is a laptop and a brain to attack. >> Yeah. Yeah. >> If I don't have it, that's where the civil war is going to start again. >> Yeah. What are some of the things in our last minute or so, guys, David, we'll start with you and then Sri go to you, that you're looking forward to at this MWC? The theme is velocity. We're talking about so much transformation and evolution in the telecom industry. What are you excited to hear and learn in the next couple of days? >> Just getting a complete picture. One is actually being out after the last couple of years, so you learn a lot. But just walking around and seeing, from my perspective, some vendor names that I haven't seen before, but seeing what they're doing and bringing to the market. But I think goes back to the point made earlier around APIs and integration. Everybody's talking about how can we kind of do this together in a way. So integrations, those smart things is what I'm kind of looking for as well, and how we plug into that as well. >> Excellent, and Sri? >> So for us, there is a lot to offer, right? So while I'm enjoying what I'm seeing here, I'm seeing at an opportunity. We have an amazing portfolio of what we can do. We are into mobile device management. We are the last (indistinct) company. When people find problems, somebody has to go remediators. We are the world's largest patch management company. And what I'm finding is, yes, all these people are embedding software, pumping it like nobody's business. As you find one ability, somebody has to go fix them, and we want to be the (indistinct) company. We had the last smile. And I find an amazing opportunity, not only we can do device management, but do mobile threat defense and give them a risk prioritization on what needs to be remediated, and manage all that in our ITSM. So I look at this as an amazing, amazing opportunity. >> Right. >> Which is exponential than what I've seen before. >> So last question then. Speaking of opportunities, Sri, for you, what are some of the things that customers can go to? Obviously, you guys talk to customers all the time. In terms of learning what Ivanti is going to enable them to do, to take advantage of these opportunities. Any webinars, any events coming up that we want people to know about? >> Absolutely, ivanti.com is the best place to go because we keep everything there. Of course, "theCUBE" interview. >> Of course. >> You should definitely watch that. (all laughing) No. So we have quite a few industry events we do. And especially there's a lot of learning. And we just raised the ransomware report that actually talks about ransomware from a global index perspective. So one thing what we have done is, rather than just looking at vulnerabilities, we showed them the weaknesses that led to the vulnerabilities, and how attackers are using them. And we even talked about DHS, how behind they are in disseminating the information and how it's actually being used by nation states. >> Wow. >> And we did cover mobility as a part of that as well. So there's a quite a bit we did in our report and it actually came out very well. >> I have to check that out. Ransomware is such a fascinating topic. Guys, thank you so much for joining Dave and me on the program today, sharing what's going on at Ivanti, the changes that you're seeing in mobile, and the opportunities that are there for your customers. We appreciate your time. >> Thank you >> Thank you. >> Yes. Thanks, guys. >> Thanks, guys. >> For our guests and for Dave Vellante, I'm Lisa Martin. You're watching "theCUBE" live from MWC23 in Barcelona. As you know, "theCUBE" is the leader in live tech coverage. Dave and I will be right back with our next guest. (gentle upbeat music)

>>All we're back. We're wrapping up day two at Falcon 22 from the area in Las Vegas, CrowdStrike CrowdStrike. The action is crazy. Second day, a keynotes. Sean Henry is back. He's the chief security officer at CrowdStrike. He did a keynote today. Sean. Good to see you. Thanks for coming >>Back. Good. See you, Dave. Thanks for having me. >>So, unfortunately, I wasn't able to see your keynote cuz I had to come do cube interviews. You interviewed Kimbo Walden from, from, you know, white house, right? >>National cyber security >>Director. We're gonna talk about that. We're gonna talk about Overwatch, your threat hunting report. I want to share the results with our audience, but start with your, well actually start with the event. We're now in day two, you've had a good chance to talk to customers and partners. What are, what are your observations? Yeah, >>It's first of all, it's been an amazing event over 2200 attendees here. It's really taking top three floors at the area hotel and we've got partners and customers, employees, and to see the excitement and the level of collaboration here is absolutely phenomenal. All these different organizations that are each have a piece of cyber security to see them coming together, all in support of how do you stop breaches? How do you work together to do it? It's really been absolutely phenomenal. You're >>Gonna love the collaboration. We kind of talked about this on our earlier segment is the industry has to do a better job and has been doing a better job. You know, I think you and Kevin laid that out pretty well. So tell me about the interview with the fireside chat with Kimba. What was that like? What topics came up? >>Yeah. Kimba is the principal, deputy national cyber security advisor. She's been there for just four months. She spent over 10 years at DHS, but she most recently came from the private sector in cybersecurity. So she's got that the experience as a private sector expert, as well as a public sector expert and to see her come together in that position. It was great. We talked a lot about some of the strategies the white house is looking to put forth in their new cybersecurity strategy. There was recently an executive order, right? That the, the president put forth that talks about a lot of the things that we're doing here. So for example, the executive order talks about a lot of the legacy type of capabilities being put to pasture and about the government embracing cloud, embracing threat, hunting, embracing EDR, embracing zero trust and identity protection. Those are all the things that the private sector has been moving towards over the last year or two. That's what this is all about here. But to see the white house put that out, that all government agencies will now be embracing that I think it puts them on a much shorter footing and it allows the government to be able to identify vulnerabilities before they get exploited. It allows them to much more quickly identify, have visibility and respond to, to threats. So the government in infrastructure will be safer. And it was really nice to hear her talk about that and about how the private sector can work with the government. >>So you know how this works, you know, having been in the bureau. But so it's the, these executive orders. A lot of times people think, oh, it's just symbolic. And there are a couple of aspects of it. One is president Biden really impressed upon the private sector to, you know, amp it up to, to really focus and do a better job. But also as you pointed out that executive order can adjudicate what government agencies must do must prioritize. So it's more than symbolic. It's actually taking action. Isn't >>It? Yeah. I, I, I think it, I think it's both. I think it's important for the government to lead in this area because while a, a large portion of infrastructure, major companies, they understand this, there is still a whole section of private sector organizations that don't understand this and to see the white house, roll it out. I think that's good leadership and that is symbolic. But then to your second point to mandate that government agencies do this, it really pushes those. That might be a bit reluctant. It pushes them forward. And I think this is the, the, the type of action that as it starts to roll out and people become more comfortable and they start to see the successes. They understand that they're becoming safer, that they're reducing risk. It really is kind of a self-fulfilling prophecy and we see things become much safer. Did, >>Did you guys talk about Ukraine? Was that, was that off limits or did that come up at all? >>It wasn't, it wasn't off limits, but we didn't talk about it because there are so many other things we were discussing. We were talking about this, the cyber security workforce, for example, and the huge gap in the number of people who have the expertise, the capability and the, and the opportunities to them to come into cyber security technology broadly, but then cyber security as a sub sub component of that. And some of the programs, they just had a big cyber workforce strategy. They invited a lot of people from the private sector to have this conversation about how do you focus on stem? How do you get younger people? How do you get women involved? So getting maybe perhaps to the untapped individuals that would step forward and be an important stop gap and an important component to this dearth of talent and it's absolutely needed. So that was, was one thing. There were a number of other things. Yeah. >>So I mean, pre pandemic, I thought the number was 350,000 open cybersecurity jobs. I heard a number yesterday just in the us. And you might have even told me this 7, 7 50. So it's doubled in just free to post isolation economy. I don't know what the stats are, but too big. Well, as a, as a CSO, how much can automation do to, to close that gap? You know, we were talking earlier on the cube about, you gotta keep the humans in the loop, you, you, the, the, the, the Nirvana of the machines will just take care of everything is just probably not gonna happen anytime in the near term, even midterm or long term, but, but, but how can automation play and help close that gap? So >>The, the automation piece is, is what allows this to scale. You know, if we had one company with a hundred endpoints and we had a couple of folks there, you could do it with humans. A lot of it when you're talking about hundreds of millions of endpoints spread around the globe, you're talking about literally trillions of events every week that are being identified, evaluated and determined whether they're malicious or not. You have to have automation and to have using the cloud, using AI, using machine learning, to sort through, and really look for the malicious needle in a stack of needle. So you've gotta get that fidelity, that fine tune review. And you can only do that with automation. What you gotta remember, Dave, is that there's a human being at the end of every one of these attacks. So we've got the bad guys, have humans there, they're using the technology to scale. We're using the technology to scale to detect them. But then when you get down to the really malicious activity, having human beings involved is gonna take it to another level and allow you to eradicate the adversaries from the environment. >>Okay. So they'll use machines to knock on the door when that door gets opened and they're in, and they're saying, okay, where do we go from here? And they're directing strategy. Absolutely. I, I spent, I think gave me a sta I, I wonder if I wrote it down correctly, 2 trillion events per day. Yeah. That you guys see is that I write that down. Right? >>You did. It changes just like the number of jobs. It changes when I started talking about this just a, a year and a half ago, it was a billion a day. And when you look at how it's multiplied exponentially, and that will continue because of the number of applications, because of the number of devices as that gets bigger, the number of events gets bigger. And that's one of the problems that we have here is the spread of the network. The vulnerability, the environment is getting bigger and bigger and bigger as it gets bigger, more opportunities for bad guys to exploit vulnerabilities. >>Yeah. And we, we were talking earlier about IOT and extending, you know, that, that threats surface as well, talk about the Overwatch threat hunting report. What is that? How, how often have you run it? And I'd love to get into some of the results. Yeah. >>So Overwatch is a service that we offer where we have 24 by seven threat hunters that are operating in our customer environments. They're hunting, looking for, looking for malicious activity, malicious behavior. And to the point you just made earlier, where we use automation to sort out and filter what is clearly bad. When an adversary does get what we call fingers on the keyboard. So they're in the box and now a human being, they get a hit on their automated attack. They get a hit that, Hey, we're in, it's kind of the equivalent of looking at the Bober while you're fishing. Yeah. When you see the barber move, then the fisherman jumps up from his nap and starts to reel it in similar. They jump on the keyboard fingers on the keyboard. Our Overwatch team is detecting them very, very quickly. So we found 77,000 potential intrusions this past year in 2021, up to the end of June one, one every seven minutes from those detections. >>When we saw these detections, we were able to identify unusual adversary behavior that we'd not necessar necessarily seen before we call it indicators of attack. What does that mean? It means we're seeing an adversary, taking a new action, using a new tactic. Our Overwatch team can take that from watching it to human beings. They take it, they give it to our, our engineering team and they can write detections, which now become automated, right? So you have, you have all the automation that filters out all the bad stuff. One gets through a bad guy, jumps up, he's on the keyboard. And now he's starting to execute commands on the system. Our team sees that pulls those commands out. They're unusual. We've not seen 'em before we give it to our engineering team. They write detections that now all become automated. So because of that, we stopped over with the 77,000 attacks that we identified. We stopped over a million new attacks that would've come in and exploited a network. So it really is kind of a big circle where you've got human beings and intelligence and technology, all working together to make the system smarter, to make the people smarter and make the customers safer. And you're >>Seeing new IAS pop up all the time, and you're able to identify those and, and codify 'em. Now you've announced at reinforced, I, I, in July in Boston, you announced the threat hunting service, which is also, I think, part of your you're the president as well of that services division, right? So how's that going? What >>What's happening there? What we announced. So we've the Overwatch team has been involved working in customer environments and working on the back end in our cloud for many years. What we've announced is this cloud hunting, where, because of the adoption of the cloud and the movement to the cloud of so many organizations, they're pushing data to the cloud, but we're seeing adversaries really ramp up their attacks against the cloud. So we're hunting in Google cloud in Microsoft Azure cloud in AWS, looking for anomalous behavior, very similar to what we do in customer environments, looking for anomalous behavior, looking for credential exploitation, looking for lateral movement. And we are having a great success there because as that target space increases, there's a much greater need for customers to ensure that it's protected. So >>The cloud obviously is very secure. You got some of the best experts in the planet inside of hyperscale companies. So, and whether it's physical security or logical security, they're obviously, you know, doing a good job is the weakness, the seams between where the cloud provider leaves off and the customer has to take over that shared responsibility model, you know, misconfiguring and S3 bucket is the, you know, the common one, but I'm so there like a zillion others, where's that weakness. Yeah. >>That, that's exactly right. We see, we see oftentimes the it piece enabling the cloud piece and there's a connectivity there, and there is a seam there. Sometimes we also see misconfiguration, and these are some of the things that our, our cloud hunters will find. They'll identify again, the equivalent of, of walking down the hallway and seeing a door that's unlocked, making sure it's locked before it gets exploited. So they may see active exploitation, which they're negating, but they also are able to help identify vulnerabilities prior to them getting exploited. And, you know, the ability for organizations to successfully manage their infrastructure is a really critical part of this. It's not always malicious actors. It's identifying where the infrastructure can be shored up, make it more resilient so that you can prevent some of these attacks from happening. I >>Heard, heard this week earlier, something I hadn't heard before, but it makes a lot of sense, you know, patch Tuesday means hack Wednesday. And, and so I, I presume that the, the companies releasing patches is like a signal to the bad guys that Hey, you know, free for all go because people aren't necessarily gonna patch. And then the solar winds customers are now circumspect about patches. The very patches that are supposed to protect us with the solar winds hack were the cause of the malware getting in and, you know, reforming, et cetera. So that's a complicated equation. Yeah. >>It, it certainly is a couple, couple parts there to unwind. First, when you, you think about patch Tuesday, there are adversaries often, not always that are already exploiting some of those vulnerabilities in the wild. So it's a zero day. It's not yet been patched in some cases hasn't yet been identified. So you've got people who are actively exploiting. It we've found zero days in the course of our threat hunting. We report them in a, in a, in a responsible way. We've gone to Microsoft. We've told them a couple times in the last few months that we found a zero day and give them an opportunity to patch that before anybody goes public with it, because absolutely right when it does go public, those that didn't know about it before recognize that there will be millions of devices depending on the, the vulnerability that are out there and exploitable. And they will absolutely, it will tell everybody that you can now go to this particular place. And there's an opportunity to gain access, to exploit privileges, depending on the criticality of the patch. >>I, I don't, I, I don't, I'm sorry to generalize, but I wanna ask you about the hacker mindset. Let's say that what you just described a narrow set of hackers knows that there's an unpatched, you know, vulnerability, and they're making money off of that. Will they keep that to themselves? Will they share that with other folks in the net? Will they sell that information? Or is it, is it one of those? It depends. It, >>I was just gonna say, it depends you, you beat me to it. It absolutely depends. All of, all of the above would be the answer. We certainly see organ now a nation state for example, would absolutely keep that to themselves. Yeah. Right. Their goal is very different from an organized crime group, which might sell access. And we see them all the time in the underground selling access. That's how they make money nation states. They want to keep a zero day to themselves. It's something they're able to exploit in some cases for months or years, that that, that vulnerability goes undetected. But a nation state is aware of it and exploiting it. It's a, it's a dangerous game. And it just, I think, exemplifies the importance of ensuring that you're doing everything you can to patch in a timely matter. Well, >>Sean, we appreciate the work that you've done in your previous role and continuing to advance education, knowledge and protection in our industry. Thank you for coming on >>You. Thank you for having me. This is a fantastic event. Really appreciate you being here and helping to educate folks. Yeah. >>You guys do do a great job. Awesome. Set that you built and look forward to future events with you guys. My >>Friends. Thanks so much, Dave. Yeah. Thank >>You. Bye now. All right. Appreciate it. All right, keep it right there. We're gonna wrap up in a moment. Live from Falcon 22. You're watching the cube.

(upbeat music) >> Good evening, guys. Welcome back to Las Vegas, theCUBE is here live at AWS re:Invent 2021. I'm Lisa Martin. We have two live sets, two remote sets, over 100 guests on theCUBE talking with AWS, and its massive ecosystem of partners bringing you this hybrid tech event, probably the biggest of the year, and I'm pleased to welcome Stephen Kovac next, the Chief Compliance Officer at Zscaler. Stephen, how's it going? >> Well, it's going well, Lisa. Thank you for asking, enjoying Vegas, loving the conference, unbelievable. >> Isn't it great to be back in person? >> Oh, it's so great, I've seen people. >> Conversations you can't replicate on video conferencing, you just can't. >> Can't, and you see people you haven't seen in two years, and it's like all of a sudden you're best buddies again. It's just wonderful, it's so great to back. >> It is, and AWS in typical fashion has done a great job of getting everybody in here safely. I'm not at all surprised, that's what I expected, but it's been great. And I hope that this can demonstrate to other companies, you can do this safely. >> You can, I think so. I mean, there's a lot of effort going into this, but as usual AWS does it right. So, you expect that. >> They do. Talk to me about the Zscaler-AWS partnership. What's going on? >> Well, it's a great partnership. So AWS and Zscaler have been partners since the beginning of Zscaler. We are the largest security cloud in the world. We're born and bred in the cloud security company. So literally we wrote one application that does global security, everything from firewall to proxy, secure web gateway, to DLP, to all this in one piece of software. So, in the past where people would buy appliances for all these devices and put them in their own data center, we wrote a software that allows us to put that in the cloud, run it on the cloud globally around the world. And our partnership with AWS is, we originally built that on AWS, and today still AWS is our prime partner, especially in the zero trust side of our business. So, great relationship, long-term and great I think for both of us, it's been a very, very... >> Fruitful partnership, synergistic? >> Synergistic, love that, so yes. >> You mentioned zero trust, and we have seen such massive changes to the security and the threat landscape the last 20, 22 months. Talk to me about the recent executive order calling for zero trust, how does Zscaler's partnership with AWS help you enable organizations, fed, SLED, DoD, to be able to actually bring in and apply zero trust? >> Yeah, great question. Five years ago I was tasked to bring Zscaler into the government side of the business. So I was employee one to do that. It was a great honor to do it. And the first thing we did is we partnered with AWS because we needed to get FedRAMP compliant. We knew we were going to go into DoD. So we needed to go to the Impact Level five. And eventually we'll be able to go up level six with AWS. And so it was our partnership started there. And as you've seen in five years with all the change that's happened, that obviously the breaches like SolarWinds, and the people up here talking about them all week with you I'm sure. The executive order came down from the Biden Administration, who I completely salute for being just tremendous leaders in the cybersecurity space. And the executive order, one of the big pieces of the executive order was every agency must produce a plan for zero trust. So our cloud platform that is on AWS is a zero trust platform. It is the first and only zero trust platform to get authorized by the federal government at the FedRAMP level, and now the IL five level. So, together we are literally capturing and taking over the, being the leader in the zero trust space for the federal government. And I'm going to get a sip of water, so forgive me, I've been here all week talking to a lot of people, so forgive me for that. >> That's one thing that we don't have to deal with when we're on Zoom, right, is you don't really have the risk of losing your voice. >> Stephen: There you go. >> But in terms of the executive order, something that you mentioned, SolarWinds, Colonial Pipeline, we only hear about some of the big ones. The fact that ransomware happens one attack every 10, 11 seconds, it's a matter of when we get hit, not if. >> As you know, the story coming up from me, coming up on stage with you today, I just got myself breached just this morning, just individually. So yes, it's going to get all of us. And especially, I think when you look at zero trust and ransomware and how they worked out how zero trust can prevent it, you look at the SLED market, you know, state, local governments, they don't have the dollars to go spend like DHS does, or say, some of the DoD does. So, our partnership with AWS allows us to produce a product that is very cost-effective on a per user basis, consumption model, which is what AWS has been famous for since day one, right, the consumption model, use it when you need it, don't use it when you don't. We built our software the same way. So, at some point in a year, in a school year, we'll ramp up with some schools up to a hundred thousand users in the district, and over the summer we'll ramp down to a thousand, and we just bill them for that. So it's a beautiful relationship that we partner in not just the executive order, but being a partner in SLED, fed in the sense that matches making our business together, match the government's business. And that makes us a true leader and makes us a cost-effective solution. And if you think about it just for a moment, yesterday, I told you I was testifying in front of the Senate. And one of the questions I got asked was, oh, how many security updates do you guys see a year? I said, a year, well, we do over 200,000 a day. 200,000 security updates from potential hackers every single day. And we're doing that over 200 billion transactions a day run on AWS. So it's tremendous partnership, and to be able to work like that, and at that kind of volume, and be able to go up and down with the, and you got AWS able to scope up and down, and us to be able to ride that wave with them. It's been great. >> One of the things that we always talk about when we talk AWS is they're customer focused or customer obsession that, hey, we start backwards, we work backwards from the customer. Same thing, synergistic from a cultural perspective? >> Absolutely, I mean, one of the things I always love about AWS and I've been a customer of AWS for many years, even prior to my Zscaler days, I love the way they approach things, right? If they're not trying to go out and sell it, they're trying to meet with the customer and find out what the customer needs, and then build a solution. We're the same way. I always tell, you know, when you think of our solutions, Zscaler, I always tell my sales teams, I say it takes four sales calls for people to really understand what we do. And AWS, in the beginning of AWS, it was kind of the same thing. In the old days, you know, we all just built data centers and we had all these racks, and all this expense and mesh is what you did. It was unusual back in the day, 10 years ago, and I've been to every single re:Invent. I mean, the first one there was like, you're actually going to put all your stuff in this unknown cloud thing, and it will be available when you need it? So yes, you know, the way that they did it is the same way we do it together today. And we do it together today. We partner on many deals today where we're both, our teams are in there together, selling together, whether it's the DoD, federal agencies, SLED agencies, and commercial, you know, selling it hand-in-hand because it's that same philosophy is we're going to build what a customer needs. We're not going to tell the customer what they need. We're going to hear what they need, and that's the same relationship. So I'm going to get another sip real quick. >> Go for it. One of the things that has been a theme that we've heard the last couple of days is every company needs to be a data company or private sector, public sector, and if they're not, they're probably not going to be around much longer. How do you help customers get their handle around that? Because the security threats are only increasing. I mean, it's ransomware as a service. The fact that these criminals are getting much more brazen, you just had this happen to yourself, but enabling them to become data-driven organizations and use the data, extract the value from it securely, that's hard. >> It is, I mean, if you think back in the day, I mean, companies didn't have chief compliance officers that worked in the space that we do. Their chief compliance officer back in the day was the guy that was writing your HR issues and what OSHA issues, and of course, I still deal with some of that stuff, but my true job is really around the data, right? You know, how do we build our platforms, what decisions we make on our platforms, how we're going to certify them to support that, and I mean, chief data officers, chief security officers, I mean, you go into companies today, even car dealerships today. I mean, I'm picking one, you never thought of them having a security officer, but they do, they have to, they have to. And I mean, basic school districts, I mean, I don't about you, when I was a kid and went to school, they didn't have computers, but when my kid went to school, they did, but they didn't have a security officer. Now today, every single school district has security officers. I mean, I love how you said it, that data-driven, that data thought is there. It has to be, it's a real threat. And the sad thing is of these ransomware attacks, how many don't get reported. >> Oh, right, we're only hearing about a select few. >> The numbers are something like 88% don't get reported. It's that big. So that just tells you, we hear the big ones, right, Colonial Pipeline, things like that. We don't hear about West Texas or Middle Illinois school district that paid five grand because somebody had something on the school. That's how, as you said, this ransomware as a service security, we call it a security as a service, there's SaaS, which is software as a service, we're security software as a service, and AWS is the infrastructure as a service that we run on. And that's how it works well together. >> Do you guys go into accounts together from a go-to-market perspective? >> We, do, we can always do a better job. And my good friend here at AWS, who's probably listening, we can always do better. But yeah, so it is become something that, especially in the government space we do, in federal, DoD, because the certifications are really important, certifications are important everywhere, and we have many, we talked about all the certifications we have in federal, FedRAMP and IL five, and we have a plethora of those certifications in the commercial space. But they mean in a federal space, they're really the ticket. They call them the ENERGY STAR of approval, good housekeeping piece. So, you know, having that, teaming up with AWS who we partner together and because AWS has the same certs, we can sell at the same levels. And we do a really great job of co-selling in that space together. And I think when they look at us and they say, well, you're AWS, they've got their FedRAMP high, IL five, and you're Zscaler, you got your FedRAMP high, IL five. Yes, we can do business with these guys, and that's important. >> So you guys both open doors for each other. >> We do, we do in many cases, yeah. As a matter of fact, re:Invent five years ago, a buddy of mine here opened a big, big account for us, which is today our largest account in federal came from re:Invent, where came up to me and said, hey, my customer wants to, he's looking to do something, they're an agency that has global footprint, and they're like, we want to do something as a security as a service. They don't want to ship boxes all over the place. And we just met the customer for a coffee, and next thing you know, became our, still today, our probably largest customer in federal. >> Wow, well, this is the 10th re:Invent, you said you've been to all of them. >> Stephen: I have been to all of them. I can't lie, but I can't say I did all the virtual ones. I mean, I was logged in. (laughs) >> That's okay, we'll wink on that one. But, one of the things then, we've just got about a minute left here, is in new leadership, Andy Jassy being promoted to the CEO of Amazon, we've got Adam Selipsky, heard lot of announcements and news from Adam yesterday, but some of the things that we've been talking about on theCUBE is the first 15 years of innovation at AWS, that's going to accelerate. Do you see that also, like if you look forward to the next decade, do you see things moving much faster than they did the past decade? >> I don't think they can't. I mean, I shouldn't say they have to. And the change of the guard as you might call it here, is it's always good to have a change of the guard I think. You know, the question is when's Andy going to go to space? I mean, that's the next. (Lisa laughs) I think you have the guys who got AWS to the dance, and now the dance, who's going to become the belle of the ball. And this next generation of leadership coming in is fabulous. I think they've made great decisions, and I think they're going to do really well. And we're behind them, we support it. I got a chance to meet with most of them, love a chance to meet with Andy, I haven't met with him yet. So Andy, I'd love to meet you sometime soon. But I'm very impressed with what they've done. And yes, I think it's going to be, the last 10 years of growth is going to be a year next year. I think literally, you take 10 years be compressed to a year, and then next year it will be compressed to a day. So it's moving that fast. >> Yep, get your neck brace on, prepare for that whiplash. >> Yeah, right? That's what I said to Jeff when Jeff went to space, that's how fast we're about to travel, right? But it's really relative. >> It is, there is no limit. Well, Stephen, thank you for joining me, talking about Zscaler, AWS, what you guys are doing, how you're helping to revolutionize the public sector, fed, SLED, a lot of great stuff there. Security is an ever-evolving topic, and we appreciate all of your insights. >> Well, it was wonderful to be here. Great to see you again. And great to be back with all our friends at re:Invent. >> All of our friends, exactly. >> Stephen: Thank you so much for the time today. >> My pleasure. For Stephen Kovac, I'm Lisa Martin. You're watching theCUBE, the global leader in live tech coverage. (pleasant music)

(upbeat music) >> Welcome to theCube's continuous coverage of AWS re:Invent 2021. I'm Dave Nicholson, and we are running one of the industry's most important and largest hybrid tech events this year with AWS and its partners with two live sets on the scene. In addition to two remote studios. And we'll have somewhere in the neighborhood of a hundred guests on the program this year at re:Invent. I'm extremely delighted to welcome a very, very special guest. Right now. He served as the director of the NSA under two presidents, and was the first commander of the U.S Cyber Command. He's a Cube alumni, he's founder and co-CEO of IronNet Cybersecurity. General Keith Alexander. Thanks for joining us today General. >> Thanks, David. It's an honor to be here at re:Invent, you know, with AWS. All that they're doing and all they're making possible for us to defend sector states, companies and nations in cyber. So an honor to be here. >> Well, welcome back to theCube. Let's dive right in. I'd like to know how you would describe the current cyber threat landscape that we face. >> Well, I think it's growing. Well, let's start right out. You know, the good news or the bad news, the bad news is getting worse. We're seeing that. If you think about SolarWinds, you think about the Hafnium attacks on Microsoft. You think about this rapid growth in ransomware. We're seeing criminals and nation states engaging in ways that we've never seen in the past. It's more blatant. They're going after more quickly, they're using cyber as an element of national power. Let's break that down just a little bit. Do you go back to two, July. Xi Jinping, talked about breaking heads in bloodshed when he was referring to the United States and Taiwan. And this has gone hot and cold, that's a red line for him. They will do anything to keep Taiwan from breaking away. And this is a huge existential threat to us into the region. And when this comes up, they're going to use cyber to go after it. Perhaps even more important and closer right now is what's going on with Russia in the Donbas region of eastern Ukraine. We saw this in 2014, when Russia took over the Crimea. The way they did it, staging troops. They did that in 2008 against Georgia. And now there are, by some reports over a hundred thousand troops on the border of Eastern Ukraine. Some call it an exercise, but that's exactly what they did in Georgia. That's what they did in the Crimea. And in both those cases, they preceded those attacks, those physical attacks with cyber attacks. If you go to 2017, when Russia hit the Ukrainian government with the NotPetya attack that had global repercussions. Russia was responsible for SolarWinds, they have attacked our infrastructure to find out what our government is doing and they continue going. This is getting worse. You know, it's interesting when you think about, so what do you do about something like that? How do we stop that? And the answer is we've got to work together. You know, Its slam commissioner addressed it. The meeting with the president on August 25th. This is a great statement by the CEO and chairman of Southern Company, Tom Fanning. He said this, "the war is being waged on our nation's critical infrastructure in particular, our energy sector, our telecommunications sector and financial sector." The private sector owns and operates 87% of the critical infrastructure in the United States, making collaboration between industry and the federal government imperative too, for these attacks. SO >> General, I want to dig just a little bit on that point that you make for generations, people have understood that the term is 'kinetic war', right? Not everyone has heard that phrase, but for generations we've understood the concept of someone dropping a bomb on a building as being an attack. You've just mentioned that, that a lot of these attacks are directed towards the private sector. The private sector doesn't have an army to respond to those attacks. Number one, that's our government's responsibility. So the question I have is, how seriously are people taking these kinds of threats when compared to the threat of kinetic war? Because my gosh, you can take down the entire electrical grid now. That's not something you can do with a single bomb. What are your, what are your thoughts on that? >> So you're hitting on a key point, a theoretical and an operational point. If you look back, what's the intent of warfare? It's to get the mass of people to give up. The army protects the mass of people in that fight. In cyber, there's no protection. Our critical infrastructure is exposed to our adversaries. That's the problem that we face. And because it's exposed, we have a tremendous vulnerability. So those who wish us harm, imagine the Colonial Pipeline attack an order of magnitude or two orders of magnitude bigger. The impact on our country would paralyze much of what we do today. We are not ready for that. That's the issue that Tom Fanning and others have brought up. We don't practice between the public sector and the private sector working together to defend this country. We need to do that. That's the issue that we have to really get our hands around. And when we talk about practice, what do we mean? It means we have to let that federal government, the ones that are going to protect us, see what's going on. There is no radar picture. Now, since we're at re:Invent, the cloud, where AWS and others have done, is create an infrastructure that allows us to build that bridge between the public and private sector and scale it. It's amazing what we can now do. We couldn't do that when I was running Cyber Command. And running Cyber Command, we couldn't see threats on the government. And we couldn't see threats on critical infrastructure. We couldn't see threats on the private sector. And so it all went and all the government did was say, after the fact you've been attacked. That's not helpful. >> So >> It's like they dropped a bomb. We didn't know. >> Yeah, so what does IronNet doing to kind of create this radar capability? >> So, well, thanks. That's a great question because there's four things that you really got to do. First. You've got to be able to detect the SolarWinds type attacks, which we did. You've got to have a hunt platform that can see what it is. You've got to be able to use machine learning and AI to really cut down the number of events. And the most important you need to be able to anonymize and share that into the cloud and see where those attacks are going to create that radar picture. So behavioral analytics, then you use signature based as well, but you need those sets of analytics to really see what's going on. Machine learning, AI, a hunt platform, and cloud. And then analytics in the cloud to see what's going on, creates that air traffic control, picture radar, picture for cyber. That's what we're doing. You see, I think that's the important part. And that's why we really value the partnership with AWS. They've been a partner with us for six years, helping us build through that. You can see what we can do in the cloud. We could never do in hardware alone. Just imagine trying to push out equipment and then do that for hundreds of companies. It's not viable. So SaaS, what we are as a SaaS company, you can now do that at scale, and you can push this out and we can create, we can defend this nation in cyber if we work together. And that's the thing, you know, I really, had a great time in the military. One of the things I learned in the military, you need to train how you're going to fight. They're really good at that. We did that in the eighties, and you can see what happened in 1990 in the Gulf war. We need to now do that between the public and private sector. We have to have those training. We need to continuously uplift our capabilities. And that's where the cloud and all these other things make that possible. That's the future of cybersecurity. You know, it's interesting David, our country developed the internet. We're the ones that pioneered that. We ought to be the first to secure. >> Seems to make sense. And when you talk about collective defense in this private public partnership, that needs to happen, you get examples of some folks in private industry and what they're doing, but, but talk a little bit more about, maybe what isn't happening yet. What do we need to do? I don't want you to necessarily get political and start making budgetary suggestions, but unless you want to, but what, but where do you see, where do we really need to push forward from a public perspective in order to make these connections? And then how is that connection actually happen? This isn't someone from the IronNet security service desk, getting on a red phone and calling the White House, how are the actual connections made? >> So it has to be, the connections have to be just like we do radar. You know, when you think about radars across our nation or radar operator doesn't call up one of the towers and say, you've got an aircraft coming at you at such and such a speed. I hope you can distinguish between those two aircraft and make sure they don't bump into each other. They get a picture and they get a way of tracking it. And multiple people can see that radar picture at a speed. And that's how we do air traffic control safety. We need the same thing in cyber, where the government has a picture. The private sector has a picture and they can see what's going on. The private sector's role is I'm going to do everything I can, you know, and this is where the energy sector, I use that quote from Tom Fanning, because what they're saying is, "it's our job to keep the grid up." And they're putting the resources to do it. So they're actually jumping on that in a great way. And what they're saying is "we'll share that with the government", both the DHS and DOD. Now we have to have that same picture created for DHS and DOD. I think one of the things that we're doing is we're pioneering the building of that picture. So that's what we do. We build the picture to bring people together. So think of that is that's the capability. Everybody's going to own a piece of that, and everybody's going to be operating in it. But if you can share that picture, what you can begin to do is say, I've got an attack coming against company A. Company A now sees what it has to do. It can get fellow companies to help them defend, collective defense, knowledge sharing, crowdsourcing. At the same time, the government can see that attack going on and say, "my job is to stop that." If it's DHS, I could see what I have to do. Within the country, DOD can say, "my job is to shoot the archers." How do we go do what we're authorized to do under rules of engagement? So now you have a way of the government and the private sector working together to create that picture. Then we train them and we train them. We should never have had an event like SolarWinds happen in the future. We got to get out in front. And if we do that, think of the downstream consequences, not only can we detect who's doing it, we can hold them accountable and make them pay a price. Right now. It's pretty free. They get in, pap, that didn't work. They get away free. That didn't work, we get away free. Or we broke in, we got, what? 18,000 companies in 30,000 companies. No consequences. In the future there should be consequences. >> And in addition to the idea of consequences, you know, in the tech sector, we have this concept of a co-op petition, where we're often cooperating and competing. The adversaries from, U.S perspective are also great partners, trading partners. So in a sense, it sounds like what you're doing is also kind of adhering to the old adage that, that good fences make for great neighbors. If we all know that our respective infrastructures are secure, we can sort of get on with the honest business of being partners, because you want to make the cost of cyber war too expensive. Is that, is that a fair statement? >> Yes. And I would take that analogy and bend it slightly to the following. Today every company defends itself. So you take 90 companies with 10 people, each doing everything they can to defend themselves. Imagine in the world we trying to build, those 90 companies work together. You have now 900 people working together for the collective defense. If you're in the C-suite or the board of those companies, which would rather have? 900 help new security or 10? This isn't hard. And so what we say is, yes. That neighborhood watch program for cyber has tremendous value. And beyond neighborhood watch, I can also share collaboration because, I might not have the best people in every area of cyber, but in those 900, there will be, and we can share knowledge crowdsource. So it's actually let's work together. I would call it Americans working together to defend America. That's what we need to do. And the states we going to have a similar thing what they're doing, and that's how we'll work this together. >> Yeah. That makes a lot of sense. General Alexander it's been a pleasure. Thanks so much for coming on to theCube as part of our 2021 AWS re:Invent coverage. Are you going to get a chance to spend time during the conference in Las Vegas? So you just flying in, flying out. Any chance? >> Actually yeah. >> It's there, we're still negotiating working that. I've registered, but I just don't know I'm in New York city for two meetings and seeing if I can get to Las Vegas. A lot of friends, you know, Adam Solski >> Yes >> and the entire AWS team. They're amazing. And we really liked this partnership. I'd love to see you there. You're going to be there, David? Absolutely. Yes, absolutely. And I look forward to that, so I hope hopefully we get that chance again. Thank you so much, General Alexander, and also thank you to our title sponsor AMD for sponsoring this year's re:Invent. Keep it right here for more action on theCube, you're leader in hybrid tech event coverage, I'm Dave Nicholson for the Cube. Thanks. (upbeat music)

>>Welcome back to the cubes coverage of AWS public sector summit live in Washington D. C. A face to face event were on the ground here is to keep coverage. I'm john Kerry, your hosts got two great guests. Both cuba alumni Shannon Kellogg VP of public policy for the Americas and john would ceo tell us congratulations on some announcement on stage and congressional john being a public company. Last time I saw you in person, you are private. Now your I. P. O. Congratulations >>totally virtually didn't meet one investor, lawyer, accountant or banker in person. It's all done over zoom. What's amazing. >>We'll go back to that and a great great to see you had great props here earlier. You guys got some good stuff going on in the policy side, a core max on stage talking about this Virginia deal. Give us the update. >>Yeah. Hey thanks john, it's great to be back. I always like to be on the cube. Uh, so we made an announcement today regarding our economic impact study, uh, for the commonwealth of Virginia. And this is around the amazon web services business and our presence in Virginia or a WS as we all, uh, call, uh, amazon web services. And um, basically the data that we released today shows over the last decade the magnitude of investment that we're making and I think reflects just the overall investments that are going into Virginia in the data center industry of which john and I have been very involved with over the years. But the numbers are quite um, uh, >>just clever. This is not part of the whole H. 20. H. Q. Or whatever they call HQ >>To HQ two. It's so Virginia Amazon is investing uh in Virginia as part of our HQ two initiative. And so Arlington Virginia will be the second headquarters in the U. S. In addition to that, AWS has been in Virginia for now many years, investing in both data center infrastructure and also other corporate facilities where we house AWS employees uh in other parts of Virginia, particularly out in what's known as the dullest technology corridor. But our data centers are actually spread throughout three counties in Fairfax County, Loudoun County in Prince William County. >>So this is the maxim now. So it wasn't anything any kind of course this is Virginia impact. What was, what did he what did he announce? What did he say? >>Yeah. So there were a few things that we highlighted in this economic impact study. One is that over the last decade, if you can believe it, we've invested $35 billion 2020 alone. The AWS investment in construction and these data centers. uh it was actually $1.3 billion 2020. And this has created over 13,500 jobs in the Commonwealth of Virginia. So it's a really great story of investment and job creation and many people don't know John in this Sort of came through in your question too about HQ two, But aws itself has over 8000 employees in Virginia today. Uh, and so we've had this very significant presence for a number of years now in Virginia over the last, you know, 15 years has become really the cloud capital of the country, if not the world. Uh, and you see all this data center infrastructure that's going in there, >>John What's your take on this? You've been very active in the county there. Um, you've been a legend in the area and tech, you've seen this many years, you've been doing so I think the longest running company doing cyber my 31st year, 31st year. So you've been on the ground. What does this all mean to you? >>Well, you know, it goes way back to, it was roughly 2005 when I served on the Economic Development Commission, Loudon County as the chairman. And at the time we were the fastest-growing county in America in Loudon County. But our residential real property taxes were going up stratospherically because when you look at it, every dollar real property tax that came into residential, we lose $2 because we had to fund schools and police and fire departments and so forth. And we realized for every dollar of commercial real property tax that came in, We made $97 in profit, but only 13% of the money that was coming into the county was coming in commercially. So a small group got together from within the county to try and figure out what were the assets that we had to offer to companies like Amazon and we realized we had a lot of land, we had water and then we had, you know this enormous amount of dark fiber, unused fibre optic. And so basically the county made it appealing to companies like amazon to come out to Loudon County and other places in northern Virginia and the rest is history. If you look today, we're Loudon County is Loudon County generates a couple $100 million surplus every year. It's real property taxes have come down in in real dollars and the percentage of revenue that comes from commercials like 33 34%. That's really largely driven by the data center ecosystem that my friend over here Shannon was talking. So >>the formula basically is look at the assets resources available that may align with the kind of commercial entities that good. How's their domicile there >>that could benefit. >>So what about power? Because the data centers need power, fiber fiber is great. The main, the main >>power you can build power but the main point is is water for cooling. So I think I think we had an abundance of water which allowed us to build power sources and allowed companies like amazon to build their own power sources. So I think it was really a sort of a uh uh better what do they say? Better lucky than good. So we had a bunch of assets come together that helps. Made us, made us pretty lucky as a, as a region. >>Thanks area too. >>It is nice and >>john, it's really interesting because the vision that john Wood and several of his colleagues had on that economic development board has truly come through and it was reaffirmed in the numbers that we released this week. Um, aws paid $220 million 2020 alone for our data centers in those three counties, including loud >>so amazon's contribution to >>The county. $220 million 2020 alone. And that actually makes up 20% of overall property tax revenues in these counties in 2020. So, you know, the vision that they had 15 years ago, 15, 16 years ago has really come true today. And that's just reaffirmed in these numbers. >>I mean, he's for the amazon. So I'll ask you the question. I mean, there's a lot of like for misinformation going around around corporate reputation. This is clearly an example of the corporation contributing to the, to the society. >>No, no doubt. And you think >>About it like that's some good numbers, 20 million, 30 >>$5 million dollar capital investment. You know, 10, it's, what is it? 8000 9000 >>Jobs. jobs, a W. S. jobs in the Commonwealth alone. >>And then you look at the economic impact on each of those counties financially. It really benefits everybody at the end of the day. >>It's good infrastructure across the board. How do you replicate that? Not everyone's an amazon though. So how do you take the formula? What's your take on best practice? How does this rollout? And that's the amazon will continue to grow, but that, you know, this one company, is there a lesson here for the rest of us? >>I think I think all the data center companies in the cloud companies out there see value in this region. That's why so much of the internet traffic comes through northern Virginia. I mean it's I've heard 70%, I've heard much higher than that too. So I think everybody realizes this is a strategic asset at a national level. But I think the main point to bring out is that every state across America should be thinking about investments from companies like amazon. There are, there are really significant benefits that helps the entire community. So it helps build schools, police departments, fire departments, etcetera, >>jobs opportunities. What's the what's the vision though? Beyond data center gets solar sustainability. >>We do. We have actually a number of renewable energy projects, which I want to talk about. But just one other quick on the data center industry. So I also serve on the data center coalition which is a national organization of data center and cloud providers. And we look at uh states all over this country were very active in multiple states and we work with governors and state governments as they put together different frameworks and policies to incent investment in their states and Virginia is doing it right. Virginia has historically been very forward looking, very forward thinking and how they're trying to attract these data center investments. They have the right uh tax incentives in place. Um and then you know, back to your point about renewable energy over the last several years, Virginia is also really made some statutory changes and other policy changes to drive forward renewable energy in Virginia. Six years ago this week, john I was in a coma at county in Virginia, which is the eastern shore. It's a very rural area where we helped build our first solar farm amazon solar farm in Virginia in 2015 is when we made this announcement with the governor six years ago this week, it was 88 megawatts, which basically at the time quadruple the virginias solar output in one project. So since that first project we at Amazon have gone from building that one facility, quadrupling at the time, the solar output in Virginia to now we're by the end of 2023 going to be 1430 MW of solar power in Virginia with 15 projects which is the equivalent of enough power to actually Enough electricity to power 225,000 households, which is the equivalent of Prince William county Virginia. So just to give you the scale of what we're doing here in Virginia on renewable energy. >>So to me, I mean this comes down to not to put my opinion out there because I never hold back on the cube. It's a posture, we >>count on that. It's a >>posture issue of how people approach business. I mean it's the two schools of thought on the extreme true business. The government pays for everything or business friendly. So this is called, this is a modern story about friendly business kind of collaborative posture. >>Yeah, it's putting money to very specific use which has a very specific return in this case. It's for everybody that lives in the northern Virginia region benefits everybody. >>And these policies have not just attracted companies like amazon and data center building builders and renewable energy investments. These policies are also leading to rapid growth in the cybersecurity industry in Virginia as well. You know john founded his company decades ago and you have all of these cybersecurity companies now located in Virginia. Many of them are partners like >>that. I know john and I both have contributed heavily to a lot of the systems in place in America here. So congratulations on that. But I got to ask you guys, well I got you for the last minute or two cybersecurity has become the big issue. I mean there's a lot of these policies all over the place. But cyber is super critical right now. I mean, where's the red line Shannon? Where's you know, things are happening? You guys bring security to the table, businesses are out there fending for themselves. There's no militia. Where's the, where's the, where's the support for the commercial businesses. People are nervous >>so you want to try it? >>Well, I'm happy to take the first shot because this is and then we'll leave john with the last word because he is the true cyber expert. But I had the privilege of hosting a panel this morning with the director of the cybersecurity and Infrastructure Security agency at the department, Homeland Security, Jenness easterly and the agency is relatively new and she laid out a number of initiatives that the DHS organization that she runs is working on with industry and so they're leaning in their partnering with industry and a number of areas including, you know, making sure that we have the right information sharing framework and tools in place, so the government and, and we in industry can act on information that we get in real time, making sure that we're investing for the future and the workforce development and cyber skills, but also as we enter national cybersecurity month, making sure that we're all doing our part in cyber security awareness and training, for example, one of the things that are amazon ceo Andy Jassy recently announced as he was participating in a White house summit, the president biden hosted in late august was that we were going to at amazon make a tool that we've developed for information and security awareness for our employees free, available to the public. And in addition to that we announced that we were going to provide free uh strong authentication tokens for AWS customers as part of that announcement going into national cybersecurity months. So what I like about what this administration is doing is they're reaching out there looking for ways to work with industry bringing us together in these summits but also looking for actionable things that we can do together to make a difference. >>So my, my perspective echoing on some of Shannon's points are really the following. Uh the key in general is automation and there are three components to automation that are important in today's environment. One is cyber hygiene and education is a piece of that. The second is around mis attribution meaning if the bad guy can't see you, you can't be hacked. And the third one is really more or less around what's called attribution, meaning I can figure out actually who the bad guy is and then report that bad guys actions to the appropriate law enforcement and military types and then they take it from there >>unless he's not attributed either. So >>well over the basic point is we can't as industry hat back, it's illegal, but what we can do is provide the tools and methods necessary to our government counterparts at that point about information sharing, where they can take the actions necessary and try and find those bad guys. >>I just feel like we're not moving fast enough. Businesses should be able to hack back. In my opinion. I'm a hawk on this one item. So like I believe that because if people dropped on our shores with troops, the government will protect us. >>So your your point is directly taken when cyber command was formed uh before that as airlines seeing space physical domains, each of those physical domains have about 100 and $50 billion they spend per year when cyber command was formed, it was spending less than Jpmorgan chase to defend the nation. So, you know, we do have a ways to go. I do agree with you that there needs to be more uh flexibility given the industry to help help with the fight. You know, in this case. Andy Jassy has offered a couple of tools which are, I think really good strong tokens training those >>are all really good. >>We've been working with amazon for a long time, you know, ever since, uh, really, ever since the CIA embrace the cloud, which was sort of the shot heard around the world for cloud computing. We do the security compliance automation for that air gap region for amazon as well as other aspects >>were all needs more. Tell us faster, keep cranking up that software because tell you right now people are getting hit >>and people are getting scared. You know, the colonial pipeline hack that affected everybody started going wait a minute, I can't get gas. >>But again in this area of the line and jenny easterly said this this morning here at the summit is that this truly has to be about industry working with government, making sure that we're working together, you know, government has a role, but so does the private sector and I've been working cyber issues for a long time to and you know, kind of seeing where we are this year in this recent cyber summit that the president held, I really see just a tremendous commitment coming from the private sector to be an effective partner in securing the nation this >>full circle to our original conversation around the Virginia data that you guys are looking at the Loudon County amazon contribution. The success former is really commercial public sector. I mean, the government has to recognize that technology is now lingua franca for all things everything society >>well. And one quick thing here that segues into the fact that Virginia is the cloud center of the nation. Um uh the president issued a cybersecurity executive order earlier this year that really emphasizes the migration of federal systems into cloud in the modernization that jOHN has worked on, johN had a group called the Alliance for Digital Innovation and they're very active in the I. T. Modernization world and we remember as well. Um but you know, the federal government is really emphasizing this, this migration to cloud and that was reiterated in that cybersecurity executive order >>from the, well we'll definitely get you guys back on the show, we're gonna say something. >>Just all I'd say about about the executive order is that I think one of the main reasons why the president thought was important is that the legacy systems that are out there are mainly written on kobol. There aren't a lot of kids graduating with degrees in COBOL. So COBOL was designed in 1955. I think so I think it's very imperative that we move has made these workloads as we can, >>they teach it anymore. >>They don't. So from a security point of view, the amount of threats and vulnerabilities are through the >>roof awesome. Well john I want to get you on the show our next cyber security event. You have you come into a fireside chat and unpack all the awesome stuff that you're doing. But also the challenges. Yes. And there are many, you have to keep up the good work on the policy. I still say we got to remove that red line and identified new rules of engagement relative to what's on our sovereign virtual land. So a whole nother Ballgame, thanks so much for coming. I appreciate it. Thank you appreciate it. Okay, cute coverage here at eight of public sector seven Washington john ferrier. Thanks for watching. Mhm. Mhm.

>>from the cube studios in Palo alto >>in boston >>connecting with thought leaders all around the >>world. This >>is a cute conversation. Hello and welcome to today's session of the AWS Global Public sector Partner Awards. I'm your host Natalie ehrlich. Today we're going to focus on the following award for best partner transformation. I'm pleased to introduce our guests, josh door smith, vice president of public sector at Effectual and jeremy Yates, deputy technology architect at jenny May. Welcome gentlemen so glad to have you on our show. >>Hi there. Very nice to be here. Thank you so much for having me >>terrific. Well josh, I'd like to start with you. How can companies leverage cloud native solutions to deliver higher quality services? >>So Natalie, that's a great question. And in the public sector and our our government customers, we run into this all the time. It's kind of our bread and butter. What what they can do is the first thing they need to be aware of is you don't have to be afraid of the cloud as some very obscure technology that is just emerging. It's been out for 10, 11 years now, customers across government space are using it lock stock and barrel to do everything from just managing simple applications, simple websites all the way through hosting their entire infrastructure, both in production and for disaster recovery purposes as well. So the first thing to note is just don't be afraid of the cloud. Um secondly, it's, it's imperative that they select the right partner who is able to kind of be there Sherpa to go into however far they want to dip their toe into the, into the proverbial cloud waters. Um to select somebody who knows whatever it is that they need to go do. So if they want to go Aws as we are talking about today, pick a partner who has the right experience, past performance designations and competencies with the cloud that they're interested in. >>Terrific. Well, you know, Jeremy, I'd love to move to you. What does modern modernization mean to jenny May? >>Sure, Thanks Natalie, great to be here. Thanks josh as well, you know. So for jenny May, modernization is really, it's not just technology is holistic across the organization. So that includes things like the business, um not just you know, the the I. T. Division. So we're looking at the various things to modernize like our culture and structural changes within the organization. Um moving to implement some, some proven practices like def sec ops and continuous integration and continuous delivery or deployment. Uh and then, you know, our overall overarching goal is to give the best and most secure technology to the business that we can to meet the Jeannie Mai mission and the needs of our customers >>terrific. Well josh, how is Effectual planning to support jenny Maes modernization plans? >>So we have been supporting jenny May for about 14 months now. Uh and back in september of last year, we rewarded a co prime 10 year contract for Jeannie Mai to do exactly that. It's to provide all things cloud to Jeannie Mai for 10 years on AWS and that's including reselling AWS. That's including providing all sorts of professional services to them. And it's, it's providing some third party software applications to help them support their applications themselves. So what Effectual is doing is kind of a threefold. We are supporting the modernization of their process, which jeremy mentioned a moment ago and that includes in stan shih ating a cloud center of Excellence for jenny May, which enables them to modernize the way they do cloud governance while they're modernizing their technology stack. We're also providing a very expert team of cloud architects and Dempsey cops engineers to be able to, to design the Jeannie Mai environment, collaborating with our co prime uh to ensure that it meets the security requirements, the compliance requirements that jerry mentions. Uh, Jeannie Mai is a federal entity, but it also has to adhere to all the finance industry uh compliance requirements as well. So very strenuous from that perspective. And then the third thing that we're doing to help them kind of along their modernization journey is in stan shih aging infrastructure as code. So in the cloud, rather than building everything in the AWS management console, we script everything to build it automatically, so it improves consistency, it improves the customer experience regardless of which resource is working on it. And it improves disaster recovery capability as well. And also, just quite frankly, the speed by which they can actually deploy things. >>And jeremy, how is this transition helping your security really enhancing it now? >>Uh From a security perspective we're implementing a number of various tools um both, you know, a W. S based as well as other software that josh mentioned. Um So we're able to utilize those in a more scalable manner than we could previously in the traditional data center. Um we've got a number of things such as we're looking at multiple vulnerability management products like 10 of Ohio and Wallace. Um we're using uh tools such as Centra fi for our our pam or privileged access management capabilities. Um Splunk a pretty industry standard. Um software for log and data correlation and analysis um will also be using that for some system and application monitoring. Um as well as uh the Mcafee envision product for endpoint and other cloud service security. So being able to pull all those in in a more scalable and more cost efficient way as well from cloud based services. Uh, it's really helped us be able to get those services and integrate them together in a way that, you know, we may not previously been able to. >>Yeah, terrific. Well, josh, let's move back to you and talk further about compliance. You know, any insight here, how Effectual is building a modern cloud infrastructure to integrate AWS services with third party tools to really achieve compliance with the government requirements. Just any further insight on that >>front? That's a great question. Natalie and I'm gonna tag team with Jeremy on this one if you don't mind, but I'll start off so jenny may obviously I mentioned earlier has federal requirements and financial requirements so focused right now on on those federal aspects. Um, so the tools that Jeremy mentioned a moment ago, we are integrating all of them with a W. S native meaning all of the way we do log aggregation in the various tools within AWS cloudwatch cloud trail. All of those things were implementing an AWS native, integrating them with Splunk to aggregate all of that information. But then one of the key requirements that's coming up with the federal government in the very near future is tick three dot or trusted internet connection. Basically in the first iteration a decade or so ago, the government wanted to limit the amount of points of presence that they have with the public facing internet fast forward several versions to today and they're pushing that that onus back on the various entities like jenny May and like hud, which Jeannie Mai is a part of but they still want to have that kind of central log repository to where all of the, all of the security logs and vulnerability logs and things like that. Get shipped to a central repository and that will be part of DHS. So what effectual has done in partnership with jenny May is create a, a W. S native solution leveraging some of those third party tools that we mentioned earlier to get all of those logs aggregated in a central repository for Ginny MaE to inspect ingest and take action from. But then also provide the mechanism to send that to DHS to do that and correlate that information with everything coming in from feeds across the government. Now that's not required just yet. But we're future proofing jenny Maes infrastructure in order to be able to facilitate adherence to those requirements when it becomes uh required. Um, and so jeremy, I'll pass it over to you to talk a little bit further about that because I know that's one of the things that's near and dear to your sister's heart as well as jenny may overall. >>Yeah, absolutely. Thanks josh. Um, so yeah, we, as you mentioned, we have implemented um, uh, sort of a hybrid tech model right now, um, to to handle compliance on that front. Um, so we're still using a, you know, some services from the legacy or our existing T two dot x models. That that josh was mentioning things such as m tips, um, uh, the Einstein sensors, etcetera. But we're also implementing that take 30 architecture on our own. As josh mentioned that that will allow us to sort of future proof and and seamlessly really transitioned to once we make that decision or guidance comes out or, you know, mandates or such. Um, so that effort is good to future proof house from a compliance perspective. Um, also, you know, the tools that I mentioned, uh, josh reiterated, those are extremely important to our our security and compliance right. Being able to ensure, you know, the integrity and the confidentiality of of our systems and our data is extremely important. Not both, not just both on the r not only on the government side, but as josh mentioned, the finance side as well. >>Terrific. Well, I'd love to get your insight to on AWS workspaces. Um, if either one of you would like to jump in on this question, how did they empower the jenny May team to work remotely through this pandemic? >>That's a great question. I guess I'll start and then we'll throw it to jeremy. Um, so obviously uh effectual started working with jenny May about three weeks after the pandemic formally started. So perfect timing for any new technology initiative. But anyway, we, we started talking with Jeremy and with his leadership team about what is required to actually facilitate and enable our team as well as the government resources and the other contractors working for jenny May to be able to leverage the new cloud environment that we were building and the very obvious solution was to implement a virtual desktop infrastructure uh type solution. And obviously Jeannie Mai had gone all in on amazon web services, so it became the national natural fit to look first at AWS workspaces. Um, so we have implemented that solution. There are now hundreds of jenny May and jenny make contractor resources that have a WS workspaces functioning in the GovCloud regions today and that's a very novel approach to how to facilitate and enable not only our team who is actually configuring the infrastructure, but all the application developers, the security folks and the leadership on the jenny may side to be able to access, review, inspect, check log etcetera, through this remote capability. It's interesting to note that Jeannie Mai has been entirely remote since the pandemic initiated. Jeremy's coming to us from, from west Virginia today, I'm coming to us from national harbor Maryland And we are operating totally remotely with a team of 60 folks about supporting this specific initiative for the cloud, not to mention the hundreds that are supporting the applications that Jamie runs to do its day to day business. So jeremy, if you wouldn't mind talking about that day to day business that jenny may has and, and kind of what the, the mission statement of Jeannie Mai is and how us enabling these workspaces uh facilitates that mission >>or you know, so the part of the overall mission of jenny Maes to, to ensure affordable housing is, is made available to uh, the american public. Um that's hud and, and jenny may as part of that and we provide um mortgage backed securities to help enable that. Um, so we back a lot of V A. Loans, um, F H A, those sort of loans, um, workspaces has been great in that manner from a technology perspective, I think because as you mentioned, josh, it's really eliminated the need for on premise infrastructure, right? We can be geographically dispersed, We can be mobile, um, whether we're from the east coast or west coast, we can access our environment securely. Uh, and then we can, you know, administer and operate and maintain the technology that the business needs to, to fulfill the mission. Um, and because we're able to do that quickly and securely and effectively, that's really helpful for the business >>Terrific. And um, you know, I'd like to shift gears a bit and uh you know, discuss what you're looking ahead toward. What is your vision for 2021? How do you see this partnership evolving? >>Yeah, you >>Take that 1/1. >>Sure. Yeah. Um you know, definitely some of the things we look forward to in 2021 as we evolve here is we're going to continue our cloud journey um you know, through practices like Deb said cops, you realize that uh that journey has never done. It's always a continual improvement process. It's a loop to continually work towards um a few specific things or at least one specific thing that we're looking forward to in the future, as josh mentioned earlier was our arctic three Oh Initiative. Um, so with that we think will be future proofed. Um as there's been a lot of um a lot of recent cyber security activity and things like that, that's going to create um opportunities I think for the government and Jeannie Mai is really looking forward to to leading in that area. >>Mhm and josh, can you weigh in quickly on that? >>Absolutely. Uh First and foremost we're very much looking forward to receiving authority to operate with our production environment. We have been preparing for that for this last year plus. Uh but later on this summer we will achieve that 80 oh status. And we look forward to starting to migrate the applications into production for jenny May. And then for future proof, it's as jerry jerry mentioned, it's a journey and we're looking forward to cloud optimizing all of their applications to ensure that they're spending the right money in the right places uh and and ensuring that they're not spending over on any of the one given area. So we're very excited to optimize and then see what the technology that we're being able to provide to them will bring to them from an idea and a conceptual future for jenny may. >>Well thank you both so very much for your insights. It's been a really fantastic interview. Our guests josh duggar smith as well as jeremy Gates. Really appreciate it. >>Thank you very much. >>Thank you so much. >>Terrific. Well, I'm your host for the cube Natalie or like to stay tuned for more coverage. Thanks so much for watching.

>>from around the globe. It's the Cube with digital coverage of AWS reinvent 2020. Special coverage sponsored by AWS Worldwide Public sector Welcome to the cubes Coverage of AWS 2020. This is specialized programming for the worldwide public sector. I'm Lisa Martin, and I'm joined by Mick Boccaccio, the security advisor at Splunk Met. Welcome to the Q Virtual Oh, >>thank you for having me. It's great to be here. >>So you have a really interesting background that I wanted to share with our audience. You were the first see so in the history of U. S presidential campaigns with Mayor Pete, you were also branch shape of Threat intelligence at the executive office of the President. Tell us something about about your background is so interesting. >>Uh, yeah, those and I'm a gonna Def con and I teach lock picking for funds. Ease working for Mayor Pete A. C. So the campaign was really, really unique opportunity and I'm glad I did it. I'm hoping that, you know, on both sides of the aisle, no matter what your political preference, people realize that security and campaigns can only be married together. That was an incredible experience and worked with Mayor P. And I learned so much about how campaigns work and just the overall political process. And then previous to that being at the White House and a threat intelligence, role of branch chief they're working over the last election, the 2016 election. I think I learned probably more than any one person wants Thio about elections over that time. So, you know, I'm just a security nerd. That kind of fell into those things. And and and here I am and really, really, really just fortunate to have had those experiences. >>Your phone and your email must have been blowing up the last couple of weeks in the wake of the US presidential election, where the word fraud has brought up many times everyday. But election security. When I saw that you were the first, see so for Pete Buddha Judge, that was so recent, I thought, Really, Why? Why are they just now getting folks like yourself? And you are a self described a cybersecurity nerd? Why are they Why were they just recently starting to catch on to this? >>I think it's, uh like security on the campaign and security anywhere else on credit to the Buddha Judge campaign. There is no federal or mandate or anything like that that says your campaign has toe have a security person at the head of it or any standards to implement those security. So you know that the Buddha Judge campaign kind of leaned into it. We wanna be secure. We saw everything that happened in 2016. We don't want that to be us. And I think Mawr campaigns are getting on that plane. Definitely. You know, you saw recently, uh, Trump's campaign, Biden's campaign. They all had a lot of security folks in, and I think it's the normal. Now people realize how important security is. Uh, not only a political campaign, but I guess the political process overall, >>absolutely. We've seen the rise of cyber attacks and threats and threat vectors this year alone, Ransomware occurring. Everyone attack every 11 seconds or so I was reading recently. So give me an other view of what the biggest threats are right now. >>Two elections and I think the election process in general. You know, like I said, I'm just a security nerd. I've just got a weird background and done some really unique things. Eso I always attack the problems like I'm a security nerd and it comes down to, you know that that triumvirate, the people process and technology people need had to have faith in the process. Faith in the technology. You need to have a a clear source to get their information from the process. To me, I think this year, more than previous elections highlighted the lack of a federal uniforms standard for federal elections. State the state. We have different, different standards, and that kind of leads to confusion with people because, hey, my friend in Washington did it this way. But I'm in Texas and we do it this way. And I think that that standard would help a lot in the faith in the system. And then the last part of that. The technology, uh, you know, voting machines campaigns like I mentioned about campaigns. There's nothing that says a campaign has toe have a security person or a security program, and I think those are the kind of standards for, you know, just voting machines. Um, that needs to be a standard across the board. That's uniforms, so people will will have more faith because It's not different from state to state, and it's a uniformed process. >>E think whole country could have benefited from or uniformed processes in 2020. But one of the things that I like I did my first male and fellow this year always loved going and having that in person voting experience and putting on my sticker. And this year I thought in California we got all of our But there was this massive rise in mainland ballots. I mean, think about that and security in terms of getting the public's confidence. What are some of the things that you saw that you think needs to be uniforms going forward >>again? I think it goes back to when When you look at, you know, you voted by mail and I voted absentee and your ballot was due by this date. Um, you know where I live? Voting absentee. It's Dubai. This state needs we received by the state. Andi, I think this year really highlighted the differences between the states, and I'm hoping that election security and again everyone has done a super fantastic job. Um, sister has done incredible. If you're all their efforts for the working with election officials, secretaries of states on both sides of the aisle. It's an incredible work, and I hope it continues. I think the big problem election security is you know, the election is over, so we don't care again until 2022 or 2024. And I think putting something like a federalized standard, whether it be technology or process putting that in place now so that we're not talking about this in two or four years. I'm hoping that moment, um, continues, >>what would your recommendation be from building security programs to culture and awareness? How would you advise that they start? >>So, uh, one of the things that when I was on the Buddha Judge campaign, you know, like I said, we was the first person to do security for a campaign. And a lot of the staffers didn't quite have the background of professional background of work with security person. No, you know why? What I was doing there Eso my hallmark was You know, I'm trying to build a culture heavy on the cult. Um, you got to get people to buy in. I think this year when you look at what What Krebs and siesta and where the team over there have done is really find a way to tell us. Security story and every facet of the election, whether it be the machines themselves, the transporting the votes, counting the votes, how that information gets out to people websites I started like rumor control, which were were amazing amazing efforts. The public private partnerships that were there I had a chance to work with, uh, MJ and Tanya from from AWS some election project. I think everyone has skin in the game. Everyone wants to make it better. And I hope that moment, um, continues. But I think, you know, embracing that there needs to be a centralized, uniformed place, uh, for every state. And I think that would get rid of a lot of confusion >>when you talk about culture and you mentioned specifically called Do you think that people and agencies and politicians are ready to embrace the culture? Is there enough data to support that? This is really serious. We need to embrace this. We need to buy in a You said, um >>I hope right. I don't know what it could take. I'm hoping so after seeing everything you know, being at the White House from that aperture in 2016. Seeing all of that, I would, you know, think right away. Oh, my gosh. 2018, The midterms, We're gonna be on the ball. And that really didn't happen like we thought it would. 2020. We saw a different kind of technical or I guess, not as technical, uh, security problem. And I think I'm kind of shifting from that to the future. People realize. And I think, uh, both sides of the aisle are working towards security programs and security posture. I think there's a lot of people that have bought into the idea. Um, but I think it kind of starts from the top, and I'm hoping it becomes a standard, so there's not really an option. You will do this just for the security and safety of the campaigns and the electoral process. But I do see a lot more people leaning into it, and a lot more resource is available for those people that are >>talk to me about kind of the status of awareness of security. Needing to combat these issues, be able to remediate them, be able to defend against them where our folks in that awareness cycle, >>I think it ebbs and flows like any other process. Any other you know, incident, event. That happens. And from my experience in the info SEC world, normally there's a compromise. There's an incident, a bunch of money gets thrown at it and then we forget about it a year or two later. Um, I think that culture, that awareness comes in when you have folks that would sustain that effort. And again, you know, on the campaign, um, even at the White House, we try to make everyone apart of security. Security is and all the time thing that everyone has a stake in. Um, you know, I can lock down your email at work. I can make sure this system is super super secure, but it's your personal threat model. You know, your personal email account, your personal social media, putting more security on those and being aware of those, I think that's that awareness is growing. And I Seymour folks in the security community just kind of preaching that awareness more and more and something I'm really, really excited about. >>Yeah, the biggest thing I always think when we talk about security is people that were the biggest threat vector and what happened 89 months ago when so many businesses, um, in any, you know, public sector and private went from on site almost maybe 100% on site to 100% remote people suddenly going, I've got to get connected through my home network. Maybe I'm on my own personal device and didn't really have the time of so many distractions to recognize a phishing email just could come in and propagate. So it's that the people challenge e always seems to me like that might be the biggest challenge. Besides, the technology in the process is what do you think >>I again it goes back. I think it's all part of it. I think. People, um, I've >>looked at it >>slightly. Ah, friend of mine made a really good point. Once he was like, Hey, people gonna click on the link in the email. It's just I think 30% of people dio it's just it's just the nature of people after 20 some odd years and info sec, 20 some odd years and security. I think we should have maybe done a better job of making that link safer, to click on, to click on to make it not militias. But again it goes back, Thio being aware, being vigilant and to your point. Since earlier this year, we've seen a tax increase exponentially specifically on remote desktop protocols from Cove. It related themes and scams and, you know, ransomware targeting healthcare systems. I think it's just the world's getting smaller and we're getting more connected digitally. That vigilance is something you kind of have to building your threat model and build into the ecosystem. When we're doing everything, it's just something you know. I quit a lot, too. You've got junk email, your open your mailbox. You got some junk mail in there. You just throw it out. Your email inbox is no different, and just kind of being aware of that a little more than we are now might go a long way. But again, I think security folks want to do a better job of kind of making these things safer because malicious actors aren't going away. >>No, they're definitely not going away that we're seeing the threat surfaces expanding. I think it was Facebook and TIC Tac and Instagram that were hacked in September. And I think it was unsecured cloud database that was the vehicle. But talking about communication because we talk about culture and awareness communication from the top down Thio every level is imperative. How how do we embrace that and actually make it a standard as possible? >>Uh, in my experience, you know, from an analyst to a C So being able to communicate and communicate effectively, it's gonna save your butt, right? It's if you're a security person, you're You're that cyber guy in the back end, something just got hacked or something just got compromised. I need to be able to communicate that effectively to my leadership, who is gonna be non technical people, and then that leadership has to communicate it out to all the folks that need to hear it. I do think this year just going back to our elections, you saw ah lot of rapid communication, whether it was from DHS, whether it was from, you know, public partners, whether was from the team over Facebook or Twitter, you know, it was ah, lot of activity that they detected and put out as soon as they found it on it was communicated clearly, and I thought the messaging was done beautifully. When you look at all the work that you know Microsoft did on the block post that came out, that information is put out as widely as possible on. But I think it just goes back to making sure that the people have access to it whenever they need it, and they know where to get it from. Um, I think a lot of times you have compromised and that information is slow to get out. And you know that DeLay just creates a confusion, so it clearly concisely and find a place for people, could get it >>absolutely. And how do you see some of these challenges spilling over into your role as the security advisor for Splunk? What are some of the things that you're talking with customers about about right now that are really pressing issues? >>I think my Rolex Plunkett's super super weird, because I started earlier in the year, I actually started in February of this year and a month later, like, Hey, I'm hanging out at home, Um, but I do get a chance to talk to ah, lot of organizations about her security posture about what they're doing. Onda about what they're seeing and you know everything. Everybody has their own. Everybody's a special snowflakes so much more special than others. Um, credit to Billy, but people are kind of seeing the same thing. You know, everybody's at home. You're seeing an increase in the attack surface through remote desktop. You're seeing a lot more fishing. You're singing just a lot. People just under computer all the time. Um, Zoom WebEx I've got like, I don't know, a dozen different chat clients on my computer to talk to people. And you're seeing a lot of exploits kind of coming through that because of that, people are more vigilant. People are adopting new technologies and new processes and kind of finding a way to move into a new working model. I see zero trust architecture becoming a big thing because we're all at home. We're not gonna go anywhere. And we're online more than we're not. I think my circadian rhythm went out the window back in July, so all I do is sit on my computer more often than not. And that caused authentication, just, you know, make sure those assets are secure that we're accessing from our our work resource is I think that gets worse and worse or it doesn't. Not worse, rather. But that doesn't go away, no matter what. Your model is >>right. And I agree with you on that circadian rhythm challenge. Uh, last question for you. As we look at one thing, we know this uncertainty that we're living in is going to continue for some time. And there's gonna be some elements of this that air gonna be permanent. We here execs in many industries saying that maybe we're going to keep 30 to 50% of our folks remote forever. And tech companies that air saying Okay, maybe 50% come back in July 2021. As we look at moving into what we all hope will be a glorious 2021 how can businesses prepare now, knowing some amount of this is going to remain permanent? >>It's a really interesting question, and I'll beyond, I think e no, the team here. It's Plunkett's constantly discussions that start having are constantly evaluating, constantly changing. Um, you know, friends in the industry, it's I think businesses and those executives have to be ready to embrace change as it changes. The same thing that the plans we would have made in July are different than the plans we would have made in November and so on. Andi, I think, is having a rough outline of how we want to go. The most important thing, I think, is being realistic with yourself. And, um, what, you need to be effective as an organization. I think, you know, 50% folks going back to the office works in your model. It doesn't, But we might not be able to do that. And I think that constant ability Thio, adjust. Ah, lot of company has kind of been thrown into the fire. I know my backgrounds mostly public sector and the federal. The federal Space has done a tremendous shift like I never well, rarely got to work, uh, vert remotely in my federal career because I did secret squirrel stuff, but like now, the federal space just leaning into it just they don't have an option. And I think once you have that, I don't I don't think you put Pandora back in that box. I think it's just we work. We work remote now. and it's just a new. It's just a way of working. >>Yep. And then that couldn't be more important to embrace, change and and change over and over again. Make. It's been great chatting with you. I'd love to get dig into some of that secret squirrel stuff. I know you probably have to shoot me, so we will go into that. But it's been great having you on the Cube. Thank you for sharing your thoughts on election security. People processes technology, communication. We appreciate it. >>All right. Thanks so much for having me again. >>My pleasure for McClatchy. Oh, I'm Lisa Martin. You're watching the Cube virtual.

>> Narrator: From around the globe, it's theCube. With digital coverage of AWS re:Invent 2020. Special coverage sponsored by AWS worldwide public sector. >> Hello and welcome to theCube virtual, and our coverage of AWS re:Invent 2020 with special coverage of public sector. We are theCube virtual and I'm your host, Justin Warren, and today I'm joined by two people. We have Jim Richberg the CISO for Public Sector from Fortinet who comes to us from Washington DC. Jim, welcome. >> Thank you. Thank you, Justin. >> And we also have Kenny Holmes. Who's the head of worldwide Public Sector Go-to-market from Fortinet as well. And he comes to us from Chicago in Illinois. Kenny, thanks. >> Yes, thank you. Thank you, Justin. >> Gentlemen, welcome to theCube. Now this year has been pretty dramatic and for a lot of us as I'm sure you're very well aware and it's been a bit of an accelerator for people's interest in public cloud in particular for the public sector. So what have you seen, Kenny? Sorry, Jim, we'll start with you around the federal government's interest in cloud. What have you noticed in their adoption of public cloud and AWS in this year? >> So, we used to joke in the federal government in my 34 years, they'll never let a good crisis go to waste. That you can make an upside out of any situation. And as you noted, Justin this has been a dramatic accelerator to federal government's adoption of cloud. Three quarters of the agencies were already moving in the direction of the cloud and planning to spend roughly $8 billion on it this year. And that was pre COVID. And the pace certainly picked up. We had the guidance that came out of DHS, the interim guidance that facilitated abilities to let these now as of mid-March remote teleworkers connect directly to the cloud without having to connect back through their agency infrastructure. So they issued very quick guidance to say, look you got to get the job done. You got to get it done in the cloud. So they did that as a way to accelerate it in the short term. And then they put out the guidance later this year for a trusted internet connection access which had a use case that was built around again facilitating the ability to say you can connect directly to the cloud with security in that direct line stack. You no longer have to haul your data back to the enterprise edge, to the data center on-premise to then go straight out to the cloud. So the federal government said we will give you the ability to move in the direction of cloud and the agencies have been using this at scale. And that's why roughly half of the federal workforce is now working from home. And many of them are using cloud-based applications and services. So the dramatic impact on the federal government. >> Yeah, we've seen it here in Nate in my home of Australia. The federal government is very keen on that but there's other levels of government as I'm sure we're all aware. Particularly as state and even local governments. So Kenny, maybe you could give us a bit of a flavor for how does local and that more regional government have they been doing it basically the same as federal government or is there something unique to the way that they've had to adapt? >> Well, state and local governments are certainly facing the really the perfect storm of the rising demand and declining resources. The pandemic has certainly driven, a lower tax base and lower revenues. And as a result of that, we've seen adjustments in budgets, et cetera but we're also in a position uniquely where it's also driving digital innovation at the same time. So we're seeing the two of those and they don't necessarily have kind of diabolically opposed if you think about it. So, the two of those are coming together but so they're doing more with less and they're using digital transformation to get there where in the commercial world a lot of folks who've been doing digital transformation for a long time. Now, government is being more forced into doing it. And they're really embracing that from our perspective. So we've seen traditionally security be at the top of their demands from a CIO perspective and their most important initiatives. The now we're seeing digital transformation and more specifically we're seeing cloud, right be a key part of that. So, they've done things initially, obviously moving email and some of those things but today we're seeing an increasing amount of workloads that we're seeing them, move from maybe a previous provider, over to AWS et cetera. So, those are some of the things that we're seeing from our state and local perspective >> To build on Kenny's point. I think the key differentiator Justin, between the federal and the state and local experience has been the resources, the federal government with COVID. The federal government runs a deficit. We've seen the deficit balloon, federal spending is up 17 to 20%, not what it's passed out of the stimulus money but simply what government is spending at the federal level. So we are using cloud at the federal level to do more as Kenny noted, state governments and local governments because they're funded exclusively by taxes they can't run a deficit. They have had to say we need to spend smarter because we can't spend more. We can't even spend as much and oh my goodness we have to deliver more digital services at the same time. So for them it has been a matter of having to eke greater efficiencies out of every dollar which has pointed them in the direction of AWS and the cloud in a different sense. And the federal government that said there's greater efficiencies because we need our remote telework people to get the job done, state government, it's the perfect storm. And if they don't do this they're literally going to have to curtail vital services. >> Yeah and as we've seen the security challenge pretty much is the same everywhere. I mean, there's some variations in exactly one sort of threat you might have as a federal government compared to local but broadly speaking, the malware and ransomware and things of that nature is pretty much just a miasma that we have to wade through. So what does, Fortinet helping with these customers, particularly as they move to as you mentioned, they're moving a lot of things into AWS. So what is Fortinet's role there in helping customers make better use of public cloud? >> So I think one of the things that Fortinet really has brought to this equation is they really are a very broad based cybersecurity provider. The biggest problem that organizations typically have, of course, you know in the cloud, it's misconfiguration by the customer. It's not AWS that's making the mistake 99% plus of the time it's misconfiguration by the customer. So having the ability to say if you know how to do your security in an on-premise environment, and you've got controls, capabilities and settings that you're comfortable with you can migrate those intact if they work for you into your cloud environment. So the fact that we are soup to nuts, that we have things at the edge and offer that same suite of capabilities in AWS allows us to be able to tell, help the users if they've configured it right, not have to go back and start from scratch and say, well, now that I'm in AWS I need to reconfigure other than as you have to do it because it's a different platform, but if you've got the policies in place that are managing security managing risk well for your enterprise carry them forward to a different environment. >> I think Kenny is that a particular opportunity there for local government? As you mentioned that restrained resources means that it's much more difficult for them to correctly configure their environments but also to make this level of change, they have a lot of other responsibilities it's difficult to become cybersecurity experts. Is that where you see Fortinet helping a great deal in more local government. >> Yes it is one of the key areas. The best way you can think of it is the ability to do what Jim was saying in a single pane of glass. And the fact that we can do that. That's something you don't hear a lot about anymore, but Fortinet actually is one of the largest security providers in the world. Has it single pane of glass across, being able to manage your on-prem infrastructure being able to manage whether if someone's migrating away from another cloud over to AWS and being able to look at these holistically it's just a fantastic way for them to be efficient as well as around training and certifications and helping our customers to be able to take advantage of the products without additional costs or other things that I've been throwing down the gauntlet for other providers to say, hey, security shouldn't be something else that they have to invest. They're going to invest in your technology. You should provide them with the training, provide them with security awareness, sobriety with certifications around your product that should be table stakes. >> And we do see a lot of that structure of how to do this and provide that training tends to be the same regardless of where you are. Is that something that we see say to getting defined at federal government level with some of the standards and then that then sort of trickles down into more local government. Kenny, is that something that you see happening at all? Or are we seeing things defined at local government that are actually going back the other way? >> Yeah, well, compliance runs across both. I mean, there's probably more compliance on the federal side that Jim could speak to but there's certainly compliance is always a major factor. And it can't be that just we need to do one-off solutions for a particular compliance issue. It needs to be holistic as we're talking about it. If I have to pick solutions based on what and where they're protecting. And now I have to think about the compliance for those as well. That's yet another thing to think about, I don't see our customers thinking that way. They don't have the skillsets to continue to evolve that way. That's an expanded, use of what they're doing and they just don't have those resources. So they have to be able to do more with less we've talking about, and to be able to take a platform like the fabric that Fortinet it offers it really offers that to them. >> At the federal level I'm not even sure that I would characterize it as compliance and regulatory things that state local government have to do, but the National Institute of Standards and Technology NIST tends to promulgate what are considered best practices. Then your cybersecurity framework has basically been adopted globally modified by certain places. And I did too in different ways, but when NIST comes up with something like zero trust architecture, new standards are understood, the 800 Series. I'm surprised people in local government where we'll talk about 800-53 or 800-207, just like we fed geeks too. So it's really setting best practices and standards that are different from compliance but to build on Kenny's point about resources where I think Kenny has flown the other way from local government up has been in the direction of saying state and local government had been the Canary in the coal mine on saying, you have to migrate to the cloud as a way of doing more with less. So the federal government has been turning the printing press, turning the crank faster and faster that will change, and this is one where can say you're spending smarter by moving in the direction of AWS and in accelerating that growth into the cloud, because my prediction as a former intelligence analyst is probably this time next year, a lot of federal agencies will be having the discussion about how to live in a much tightened budgetary environment because we went through something called sequestration 10 years ago that made for very tight zero sum budgeting. That's going to be a coming attraction and that's going to push federal government even more, so with the saying, I got to get the data off of Graham. I've got to continue to telework, Hey, and look we can follow the best practices of state and local government in this case. >> Well, it certainly sounds like we'll be able to learn from each other and adapt it. It's not going away. We're certainly going to have cybersecurity issues for the foreseeable future, but it sounds like there's a lot of work happening and there is room for happiness about how things are generally going. So, gentlemen, thank you so much for joining us here and please thank you to my guest Jim Richberg and Kenny Holmes from Fortinet. You've been watching theCube virtual and our coverage of AWS re:Invent 2020 with special coverage of the public sector. Make sure you check out all the rest of our coverage on your desktop laptop or phone wherever you might be. I've been your host, Justin Warren. I look forward to seeing you again soon. (soft upbeat music)

>>Bye from San Francisco. It's the cube covering RSA conference, 2020 San Francisco brought to you by Silicon angle media. >>Hey, welcome back. Everyone's keeps coverage here in San Francisco at the Moscone center for RSA conference 2020 I'm John, your host, as cybersecurity goes to the next generation as the new cloud scale, cyber threats are out there, the real impact a company's business and society will be determined by the industry. This technology and the people that a cube alumni here, caramel Jaffer, SVP, senior vice president of strategy and corporate development for iron net. Welcome back. Thanks to Shawn. Good to be here. Thanks for having so iron net FC general Keith Alexander and you got to know new CEO of there. Phil Welsh scaler and duo knows how to scale up a company. He's right. Iron is doing really well. The iron dome, the vision of collaboration and signaling. Congratulations on your success. What's a quick update? >> Well look, I mean, you know, we have now built the capability to share information across multiple companies, multiple industries with the government in real time at machine speed. >>Really bringing people together, not just creating collected security or clip to defense, but also collaborating real time to defend one another. So you're able to divide and conquer Goliath, the enemy the same way they come after you and beat them at their own game. >> So this is the classic case of offense defense. Most corporations are playing defense, whack-a-mole, redundant, not a lot of efficiencies, a lot of burnout. Exactly. Not a lot of collaboration, but everyone's talking about the who the attackers are and collaborating like a team. Right? And you guys talk about this mission. Exactly. This is really the new way to do it. It has, the only way it works, >> it is. And you know, you see kids doing it out there when they're playing Fortnite, right? They're collaborating in real time across networks, uh, to, you know, to play a game, right? You can imagine that same construct when it comes to cyber defense, right? >>There's no reason why one big company, a second big company in a small company can't work together to identify all the threats, see that common threat landscape, and then take action on it. Trusting one another to take down the pieces they have folk to focus on and ultimately winning the battle. There's no other way a single company is gonna be able defend itself against a huge decency that has virtually unlimited resources and virtually unlimited human capital. And you've got to come together, defend across multiple industries, uh, collectively and collaboratively. >> Do you mean, we talked about this last time and I want to revisit this and I think it's super important. I think it's the most important story that's not really being talked about in the industry. And that is that we were talking last time about the government protects businesses. If someone dropped troops on the ground in your neighborhood, the government would protect you digitally. >>That's not happening. So there's really no protection for businesses. Do they build their own militia? Do they build their own army? Who was going to, who's going to be their heat shield? So this is a big conversation and a big, it brings a question. The role of the government. We're going to need a digital air force. We're going to need a digital army, Navy, Navy seals. We need to have that force, and this has to be a policy issue, but in the short term, businesses and individuals are sitting out there being attacked by sophisticated mission-based teams of hackers and nation States, right? Either camouflaging or hiding, but attacking still. This is a huge issue. What's going on? Are people talking about this in D C well, >> John, look not enough. People are talking about it, right? And forget DC. We need to be talking about here, out here in the Silicon Valley with all these companies here at the RSA floor and bring up the things you're bringing up because this is a real problem we're facing as a nation. >>The Russians aren't coming after one company, one state. They're coming after our entire election infrastructure. They're coming after us as a nation. The Chinese maybe come after one company at a time, but their goal is to take our electoral properties, a nation, repurpose it back home. And when the economic game, right, the Iranians, the North Koreans, they're not focused on individual actors, but they are coming after individual actors. We can't defend against those things. One man, one woman, one company on an Island, one, one agency, one state. We've got to come together collectively, right? Work state with other States, right? If we can defend against the Russians, California might be really good at it. Rhode Island, small States can be real hard, defends against the Russians, but if California, Rhode Island come together, here's the threats. I see. Here's what it's. You see share information, that's great. Then we collaborate on the defense and work together. >>You take these threats, I'll take those threats and now we're working as a team, like you said earlier, like those kids do when they're playing fortnight and now we're changing the game. Now we're really fighting the real fight. >> You know, when I hear general Keith Alexander talking about his vision with iron net and what you guys are doing, I'm inspired because it's simply put, we have a mission to protect our nation, our people, and a good businesses, and he puts it into kind of military, military terms, but in reality, it's a simple concept. Yeah, we're being attacked, defend and attack back. Just basic stuff. But to make it work as the sharing. So I got to ask you, I'm first of all, I love the, I love what he has, his vision. I love what you guys are doing. How real are we? What's the progression? >>Where are we on the progress bar of that vision? Well, you know, a lot's changed to the last year and a half alone, right? The threats gotten a lot, a lot more real to everybody, right? Used to be the industry would say to us, yeah, we want to share with the government, but we want something back for, right. We want them to show us some signal to today. Industry is like, look, the Chinese are crushing us out there, right? We can beat them at a, at some level, but we really need the governor to go do its job too. So we'll give you the information we have on, on an anonymized basis. You do your thing. We're going to keep defending ourselves and if you can give us something back, that's great. So we've now stood up in real time of DHS. We're sharing with them huge amounts of data about what we're seeing across six of the top 10 energy companies, some of the biggest banks, some of the biggest healthcare companies in the country. >>Right? In real time with DHS and more to come on that more to come with other government agencies and more to come with some our partners across the globe, right? Partners like those in Japan, Singapore, Eastern Europe, right? Our allies in the middle East, they're all the four lenses threat. We can bring their better capability. They can help us see what's coming at us in the future because as those enemies out there testing the weapons in those local areas. I want to get your thoughts on the capital markets because obviously financing is critical and you're seeing successful venture capital formulas like forge point really specialized funds on cyber but not classic industry formation sectors. Like it's not just security industry are taking a much more broader view because there's a policy implication is that organizational behavior, this technology up and down the stack. So it's a much broad investment thesis. >>What's your view of that? Because as you do, you see that as a formula and if so, what is this new aperture or this new lens of investing to be successful in funding? Companies will look, it's really important what companies like forge point are doing. Venture capital funds, right? Don Dixon, Alberta Pez will land. They're really innovating here. They've created a largest cybersecurity focused fund. They just closed the recently in the world, right? And so they really focus on this industry. Partners like, Kleiner Perkins, Ted Schlein, Andrea are doing really great work in this area. Also really important capital formation, right? And let's not forget other funds. Ron Gula, right? The founder of tenable started his own fund out there in DC, in the DMV area. There's a lot of innovation happening this country and the funding on it's critical. Now look, the reality is the easy money's not going to be here forever, right? >>It's the question is what comes when that inevitable step back. We don't. Nobody likes to talk about it. I said the guy who who bets on the other side of the craps game in Vegas, right? You don't wanna be that guy, but let's be real. I mean that day will eventually come. And the question is how do you bring some of these things together, right? Bring these various pieces together to really create long term strategies, right? And that's I think what's really innovative about what Don and Alberto are doing is they're building portfolio companies across a range of areas to create sort of an end to end capability, right? Andrea is doing things like that. Ted's doing stuff like that. It's a, that's really innovation. The VC market, right? And we're seeing increased collaboration VC to PE. It's looking a lot more similar, right? And now we're seeing innovative vehicles like stacks that are taking some of these public sort of the reverse manner, right? >>There's a lot of interests. I've had to be there with Hank Thomas, the guys chief cyber wrenches. So a lot of really cool stuff going on in the financing world. Opportunities for young, smart entrepreneurs to really move out in this field and to do it now. And money's still silver. All that hasn't come as innovation on the capital market side, which is awesome. Let's talk about the ecosystem in every single market sector that I've been over, my 30 year career has been about a successful entrepreneurship check, capital two formation of partnerships. Okay. You're on the iron net, front lines here. As part of that ecosystem, how do you see the ecosystem formula developing? Is it the same kind of model? Is it a little bit different? What's your vision of the ecosystem? Look, I mean partnerships channel, it's critical to every cyber security company. You can't scale on your own. >>You've got to do it through others, right? I was at a CrowdStrike event the other day. 91% of the revenue comes from the channel. That's an amazing number. You think about that, right? It's you look at who we're trying to talk about partnering with. We're talking about some of the big cloud players. Amazon, Microsoft, right? Google, right on the, on the vendor side. Pardon me? Splunk crashes, so these big players, right? We want to build with them, right? We want to work with them because there's a story to tell here, right? When we were together, the AECOS through self is defendant stronger. There's no, there's no anonymity here, right? It's all we bring a specialty, you bring specialty, you work together, you run out and go get the go get the business and make companies safer. At the end of the day, it's all about protecting the ecosystem. What about the big cloud player? >>Cause he goes two big mega trends. Obviously cloud computing and scale, right? Multi-cloud on the horizon, hybrids, kind of the bridge between single public cloud and multi-cloud and then AI you've got the biggies are generally will be multiple generations of innovation and value creation. What's your vision on the impact of the big waves that are coming? Well, look, I mean cloud computing is a rate change the world right? Today you can deploy capability and have a supercomputer in your fingertips in in minutes, right? You can also secure that in minutes because you can update it in real time. As the machine is functioning, you have a problem, take it down, throw up a new virtual machine. These are amazing innovations that are creating more and more capability out there in industry. It's game changing. We're happy, we're glad to be part of that and we ought to be helping defend that new amazing ecosystem. >>Partnering with companies like Microsoft. They didn't AWS did, you know, you know, I'm really impressed with your technical acumen. You've got a good grasp of the industry, but also, uh, you have really strong on the societal impact policy formulation side of government and business. So I want to get your thoughts for the young kids out there that are going to school, trying to make sense of the chaos that's going on in the world, whether it's DC political theater or the tech theater, big tech and in general, all of the things with coronavirus, all this stuff going on. It's a, it's a pretty crazy time, but a lot of work has to start getting done that are new problems. Yeah. What is your advice as someone who's been through the multiple waves to the young kids who have to figure out what half fatigue, what problems are out there, what things can people get their arms around to work on, to specialize in? >>What's your, what's your thoughts and expertise on that? Well, John, thanks for the question. What I really like about that question is is we're talking about what the future looks like and here's what I think the future looks like. It's all about taking risks. Tell a lot of these young kids out there today, they're worried about how the world looks right? Will America still be strong? Can we, can we get through this hard time we're going through in DC with the world challenges and what I can say is this country has never been stronger. We may have our own troubles internally, but we are risk takers and we always win. No matter how hard it gets them out of how bad it gets, right? Risk taking a study that's building the American blood. It's our founders came here taking a risk, leaving Eagle to come here and we've succeeded the last 200 years. >>There is no question in my mind that trend will continue. So the young people out there, I don't know what the future has to hold. I don't know if the new tape I was going to be, but you're going to invent it. And if you don't take the risks, we're not succeed as a nation. And that's what I think is key. You know, most people worry that if they take too many risks, they might not succeed. Right? But the reality is most people you see around at this convention, they all took risks to be here. And even when they had trouble, they got up, they dust themselves off and they won. And I believe that everybody in this country, that's what's amazing about the station is we have this opportunity to, to try, if we fail to get up again and succeed. So fail fast, fail often, and crush it. >>You know, some of the best innovations have come from times where you had the cold war, you had, um, you had times where, you know, the hippie revolution spawn the computer. So you, so you have the culture of America, which is not about regulation and stunting growth. You had risk-taking, you had entrepreneurship, but yet enough freedom for business to operate, to solve new challenges, accurate. And to me the biggest imperative in my mind is this next generation has to solve a lot of those new questions. What side of the street is the self driving cars go on? I see bike lanes in San Francisco, more congestion, more more cry. All this stuff's going on. AI could be a great enabler for that. Cyber security, a direct threat to our country and global geopolitical landscape. These are big problems. State and local governments, they're not really tech savvy. They don't really have a lot ID. >>So what do they do? How do they serve their, their constituents? You know, look John, these are really important and hard questions, but we know what has made technology so successful in America? What's made it large, successful is the governor state out of the way, right? Industry and innovators have had a chance to work together and do stuff and change the world, right? You look at California, you know, one of the reasons California is so successful and Silicon Valley is so dynamic. You can move between jobs and we don't enforce non-compete agreements, right? Because you can switch jobs and you can go to that next higher value target, right? That shows the value of, you know, innovation, creating innovation. Now there's a real tendency to say, when we're faced with challenges, well, the government has to step in and solve that problem, right? The Silicon Valley and what California's done, what technology's done is a story about the government stayed out and let innovators innovate, and that's a real opportunity for this nation. >>We've got to keep on down that path, even when it seemed like the easier answer is, come on in DC, come on in Sacramento, fix this problem for us. We have demonstrated as a country that Americans and individual are good at solve these problems. We should allow them to do that and innovate. Yeah. One of my passions is to kind of use technology and media to end communities to get to the truth faster. A lot of, um, access to smart minds out there, but young minds, young minds, uh, old minds, young minds though. It's all there. You gotta get the data out and that's going to be a big thing. That's the, one of the things that's changing is the dark arts of smear campaigns. The story of Bloomberg today, Oracle reveals funding for dark money, group biting, big tech internet accountability projects. Um, and so the classic astroturfing get the Jedi contract, Google WASU with Java. >>So articles in the middle of all this, but using them as an illustrative point. The lawyers seem to be running the kingdom right now. I know you're an attorney, so I'm recovering, recovering. I don't want to be offensive, but entrepreneurship cannot be stifled by regulation. Sarbanes Oxley slowed down a lot of the IPO shifts to the latest stage capital. So regulation, nest and every good thing. But also there's some of these little tactics out in the shadows are going to be revealed. What's the new way to get this straightened out in your mind? We'll look, in my view, the best solution for problematic speech or pragmatic people is more speech, right? Let's shine a light on it, right? If there are people doing shady stuff, let's talk about it's an outfit. Let's have it out in the open. Let's fight it out. At the end of the day, what America's really about is smart ideas. >>Winning. It's a, let's get the ideas out there. You know, we spent a lot of time, right now we're under attack by the Russians when it comes to our elections, right? We spent a lot of time harping at one another, one party versus another party. The president versus that person. This person who tells committee for zap person who tells committee. It's crazy when the real threat is from the outside. We need to get past all that noise, right? And really get to the next thing which is we're fighting a foreign entity on this front. We need to face that enemy down and stop killing each other with this nonsense and turn the lights on. I'm a big believer of if something can be exposed, you can talk about it. Why is it happening exactly right. This consequences with that reputation, et cetera. You got it. >>Thanks for coming on the queue. Really appreciate your insight. Um, I want to just ask you one final question cause you look at, look at the industry right now. What is the most important story that people are talking about and what is the most important story that people should be talking about? Yeah. Well look, I think the one story that's out there a lot, right, is what's going on in our politics, what's going on in our elections. Um, you know, Chris Krebs at DHS has been out here this week talking a lot about the threat that our elections face and the importance about States working with one another and States working with the federal government to defend the nation when it comes to these elections in November. Right? We need to get ahead of that. Right? The reality is it's been four years since 2016 we need to do more. That's a key issue going forward. What are the Iranians North Koreans think about next? They haven't hit us recently. We know what's coming. We got to get ahead of that. I'm going to come again at a nation, depending on staff threat to your meal. Great to have you on the QSO is great insight. Thanks for coming on sharing your perspective. I'm John furrier here at RSA in San Francisco for the cube coverage. Thanks for watching.

>> Announcer: Live, from Las Vegas, it's theCUBE, covering ServiceNow Knowledge 2018. Brought to you by ServiceNow. >> Welcome back, everyone, to theCUBE's live coverage of ServiceNow Knowledge18. I'm your host, Rebecca Knight. We are theCUBE. We are the leader in live tech coverage. I'm joined by Landon Cook. He is a director of Customer Service for the State of Tennessee. It's your first time on theCUBE. You're going to live it. >> Okay, great, I hope so. Brand new. >> So, you're a director of Customer Service, before the cameras were rolling, we were talking. Does every state have such a department? >> Not exactly, and even in our department, the idea of customer service being a focal point and the creation of an office for us, it's all brand new. So, my office of customer service didn't even exist until five years ago, and I've had one predecessor in that time. And this all came from a new focus and state government on the Customer Service Delivery Model. And usually we had been focused on federal rules and regulations, audit findings, always being good stewards of taxpayers dollars, but service delivery hadn't come from the mouth of the governor, usually itself. So, this is all pretty new for us, and from peers I talk with in other areas, I may have a contact who is maybe the lead of customer service in their area, but the idea of an office that exclusively exists to improve customer service throughout our department, and eventually throughout the state, I believe we're in new territory here. >> So this is really the baby of your governor, Bill Haslam, who has really said he wanted, what was it, Customer Focus Government. So what does that mean? >> So, Customer Focus Government started right after Governor Haslam came to office, in 2011. The idea behind it, he created an initiative, and he stated that our goal was to provide the best possible customer service, at the lowest possible cost. And again, that may not seem that new in many industries, but in state government, state operations, that was kind of ground breaking. And that's what's led to us talking, actually, about the customer experience, the agent experience, and how can we actually redefine customer service in government? And my department, we are one of 47 state agencies. In my department, I talked just briefly about the history, going back there five years, and you see this slowly popping up in all these different departments, and the idea is that we're all going to, at some point, be able to come together and deliver customer service as a state, instead of as each individual department. We're actually going to be able to share the scope of services, and really tailor service delivery to each citizen's need through a log in portal, there's all sorts of stuff we talk about now that's brand new, I'm sorry. >> So it's helping citizens do their citizenship duties. So this is helping them register to vote, registering at the DMV, getting fishing licenses, building permits, that kinds of thing. So, how do you do it? How do you service now? >> So, we're babies, here. So ServiceNow is, the new CSM solution, for the entire enterprise, for the state of Tennessee. My department, the Department of Human Services, we are the pilot agency for all those 47 I described. And we're about seven months in, so it's all been pretty fresh for us. But how this works right now, is we're using it primarily for inquiry management, phone calls, emails, web forms and chat, things people typically think of as customer service. And so, what we're doing with service now, and we started very carefully, very small, we had a very tiny pilot to start with, but once we launched, after October, we very quickly realized that ServiceNow was so collaborative and cooperative with us, and they were just as engaged in our success as we were, that we were building a partnership with CSM. It's kind of new to ServiceNow, too, right? So, it was new to us, new to them, and we're really kind of intertwining and growing together here. Even though we're using it, just now, for inquiry management and typical customer service delivery, once our department has it fully integrated through all of our various, we have 12 divisions just within our department, once we have it integrated there, we're going to take that model, and we're going to go to other state agencies. We've actually already had, there are three other state agencies that are probably going to be joining on board, if they haven't already. This has been a very fast standup for us. And we're going to, eventually it's going to go from, "Well, wow, DHS delivers great customer service," and then instead, DHS is partnering with the Department of Health to deliver customer service to people who need it. And we'll start, slowly, just putting everyone together so in the future citizens of Tennessee can just ask for assistance with something, and the state knows what they need, and the state knows how to deliver it, and can do all that assignment and sharing in the responsibilities behind the scenes, through ServiceNow. >> Anything you can do to improve the DMV experience. So, I mean, that is the thing. You're trying to make people's lives easier, better, simpler, more streamlined, but what was Haslam's goal? What was his impetus for starting this? >> You know, that's actually a hard one for me to say. I've gathered that, you know, he came from a corporate background. I think he had a different perspective on customer service than what is typical of state government. So he brought something new along with all of his prior experience. And I think he was the first who really made it a priority, because I think he understood that the expectation of the customer is different nowadays, and it's different today than it was yesterday and last year, and it's always growing and changing. And people of my generation, and the generation following me, they're always expecting something to be simpler, faster, and more based on their needs, right? And we, state agencies, have been so slow to react, we still use a log of legacy systems, before we launched with ServiceNow, all of our inquiry management was through Excel spreadsheets and Outlook emails. Those are great tools, but their not designed for CSM. And so, we had done a really deep dive within DHS and within state government, to look at okay, where does customer service need to be focused on? Is it the people? It's not the people, we found out very quickly we have passionate people in the state of Tennessee. It's not the processes, because people are doing what they can, but we needed a tool. So, with Governor Haslam's initiative, and our understanding that we had to find a tool to better deliver service, we came on to ServiceNow, just a year ago. So, I've been smiling ever since. I feel it in my face. >> You're a good advertisement. So, what are some of the improvements that you have seen? >> Even when we were doing just our pilot phase, we launched on October 2nd, and I was talking with a lot of people from ServiceNow then, and from the governor's office, and they said, "Try "to get a snapshot of the before, "and be sure to compare it with the snapshot of afterwards." So I figured two months would be actually sufficient, and we were still in our kind of test and pilot stages, but we knew pretty quickly we wanted to continue on with ServiceNow. So, the two months prior, we were averaging inquiry assignment time, so if you filled out an application or you submitted an inquiry to my unit, the Office of Customer Service, the amount of time it would take to get from the time you submitted it, to a person in the field, or in program, who could actually help with it, that was taking about 36 hours average. Some were faster, some were slower, some reached up to three days, and that's not even a resolution. Sometimes that's just for us to even acknowledge that we got it, that someone's working on it. Afterwards, I looked at those two months following, so October and November, and we were at like eight or nine minute average. And it's because, we knew we wanted something enterprise wide, but we didn't quite anticipate the difference that workflow management would provide us. So all the parts that normally were all these handoffs, and I looked at it last Friday, it was 100 seconds. You know, we've entered new measurement criteria, every time I go back and look at it. >> So it's lightening speed, lightening fast changes. >> Yes, and our resolution time on this has come right on board along side that. We've cut it down to about 30% of what it used to be. We're able to just do our jobs faster, so we can get back to what people coming to DHS to do is, they come here to serve, they come here to try to help people, and this has taken away all that administrative responsibility, so we can do what we're actually good at. >> Well, we're going to look forward to hearing what it is, next year at Knowledge19. Thanks so much for joining us, Landon it was great having you on theCUBE >> I appreciate it >> I'm Rebecca Knight. We'll have more from ServiceNow Knowledge18, and theCUBE's live coverage just after this. (electronic music)

>> Announcer: Live from Las Vegas, it's theCube! Covering ServiceNow Knowledge 2018. Brought to you by ServiceNow. >> Rebecca: Welcome back to theCube's live coverage of ServiceNow Knowledge '18. We are here in Las Vegas at the Venetian I'm Rebecca Knight, your host along with my co-host, Dave Vellante. We are joined by Thomas Squeo. He is the Senior Vice President for Digital Transformation & Enterprise Architecture at West Corp. Thanks so much for coming on the show! >> Good morning, thank you for having me. >> So Digital Transformation, you're the SVP it's a buzzword of the technology industry and also at this conference. Tell us a little bit about how you describe it what it means and then also about West's journey. >> Sure, so in my own role within West Digital Transformation gives me an opportunity to have higher amounts of contact with the business side of the organization. Whether it be customer success, product management, looking at our strategic accounts team and basically working across all aspects of the business. While I am running Enterprise Architecture I also run product engineering for the organization and those combined rolls give me the opportunity to take things from strategy to tactic inside the organization but the Digital Transformation component gives me the context for what the organization needs to move towards. >> Dave: Essentially, you guys are a digital company, right? >> We are. >> So, I mean, you're digital evolving maybe. What is Digital Transformation mean to a company like yours that's born digital if you will? >> Right, so we came out of a traditional Teleco background so everything about our business was driven by software and up until about 2015 it was very human capital intensive. So what we've done is we've kind of re-tooled ourself to be a more forward looking technology organization that's driven by software delivering solutions on behalf of our customers. And that includes much more of a service and solution portfolio then it does in a human capital portfolio. >> So as you transition from a business to a digital business what was the roll of data? How did the data model evolve? >> Well I think that one of the things that we look at in our data model is that because of the scope and scale of our business, they have different data model requirements for different aspects of our business. Our safety business operates under DHS critical infrastructure rules whereas our unified communications is particularly dictated by regulatory and compliance environments and healthcare, education, commercial and utility markets and other aspects depending on what kind of notifications are going out. It might be under HIPA, high trust and those kinds of things Those are really kind of the drivers for us to be able to prioritize how it effects our data model and our INFOSEC profile. >> So you have to have sort of semi-siloed data model, right? >> Correct. So we don't see a lot of customer movement across the organization only about 30% of our customers buy from multiple West businesses and they're typically very compartmentalized around the use and consumption model that we actually have been approached for. >> So as the digital leader, does that present challenges for you or it is what it is and you just deal with it? >> Thomas: It actually presents more opportunities than anything else and the reason why is because we can take learning from very forward looking, leaning cloud native platforms and be able to apply that into some of our legacy business or we could also look at something like the regulatory environment than how certain businesses actually satisfy that and be able to mature some other aspects of our business that might be a little bit more loose or came in through an acquisition that wasn't governed by kind of an organization of the scale of ours. >> Rebecca: So you're a very progressive leader and before the cameras were rolling we were talking a little bit about how there is this mentality particularly in IT this sort of break it, fix it mentality and keeping going that way. What's your best advice for people in rolls in IT and elsewhere in the organization to get out of that mindset? >> Well the most important thing I think is that you have to move out of an order taker roll and your really have to kind of move into a either a strategic advisor kind of an internal consultancy model where in which your IT leadership team is not necessarily seeking a seat at the table, that's kind of a cliche in that regard but much more of how do you partner with the General Managers, Segment Presidents and so on and so forth as an advisor on the side working with them on how they consume the technology services across the organization. That's really how we focused our architecture team as opposed to necessarily looking at bringing in an external consultancy to kind of lead and broker that conversation inside the organization. >> Dave: What are you doing with ServiceNow? >> So we are actually, we've just released in April our first phase with ServiceNow. It was a significant transition over multiple service management platforms. We've rolled out service management and knowledge already. We're underway with operations management next. And we're talking about all the aspects of it. So we're taking very much an out of the box approach. We're not doing an customizations, we're doing a lot more configuration around workflow and so on. We've been able to establish a really strong leadership presence around the organization from a governing perspective, how we're going to float those changes into the organization and then ultimately how are we going to deliver. We kind of take it as kind of the base fractal as the first phase and first implementation. And then how do you expand upon that to ultimately make sure it's woven into the fabric in the organization as a tool for not only employee experience but customer experience as well. >> So no custom mods. Check. >> Thomas: No custom mods. >> Smart. How about a single CMDB with a siloed or a fractured data model. >> Thomas: That's very much a part of our strategy. >> So okay, you bought into that. >> We look at asset management as kind of the bridge between logical Enterprise Architecture models and how it actually translates into physical infrastructure the CMDB is that source of truth for that and we're looking to ServiceNow to be able to provide that for our organization and that includes not only in our on prem instances, our virtualized environments our hybrid cloud environments ultimately looking at them as kind of a cloud management provider as we scale up and take advantage of that. And that includes charge back, show back being able to show what consumption is, being able to have our capacity teams be able to do forecasts based on, you know, cyclical environments where or storms or things like that move across and effect where our compute resources are ultimately deployed. >> But you don't get there overnight. I mean you got organizational barriers you got politics involved. What's the timeline look like to effect that? >> We started our transformation journey in late 2015. We reorganized the initial aspects of our IT organization everything but product development in 2016 and really spent the next 18 months kind of driving towards table setting on a platform level, not only in how we were dealing with service management but how our cloud native platform was being built out, our CICD tools data center consolidation all those activities. And then ultimately when in 2017 we reorganized the last elements of our product engineering and our development organization and now really kind of lit a fuse if you will on that transformation journey. So rather than necessarily have it start at on point and look at the distance between strategic kind of alignment we've actually gone and put definite milestones and breakpoints for us to be able to kind of reenergize that part of the organization. >> Thomas, thanks so much for coming on theCube it's been really fun talking to you. >> Thank you for the opportunity. >> I'm Rebecca Knight for Dave Vallante we will have more from ServiceNow Knowledge '18 in a little bit. (upbeat music)

>> Narrator: New York City, it's the Cube covering CyberConnect 2017 brought to you by Centrify and the Institute for Critical Infrastructure Technology. >> Welcome back, everyone. This is the Cube's live coverage in New York City's Grand Hyatt Ballroom for CyberConnect 2017 presented by Centrify. I'm John Furrier, the co-host of the Cube with my co-host this week is Dave Vellante, my partner and co-founder and co-CEO with me in SiliconAngle Media in the Cube. Our next guest is James Scott who is the co-founder and senior fellow at ICIT. Welcome to the Cube. >> Thanks for having me. >> You guys are putting on this event, really putting the content together. Centrify, just so everyone knows, is underwriting the event but this is not a Centrify event. You guys are the key content partner, developing the content agenda. It's been phenomenal. It's an inaugural event so it's the first of its kind bringing in industry, government, and practitioners all together, kind of up leveling from the normal and good events like Black Hat and other events like RSA which go into deep dives. Here it's a little bit different. Explain. >> Yeah, it is. We're growing. We're a newer think tank. We're less than five years old. The objective is to stay smaller. We have organizations, like Centrify, that came out of nowhere in D.C. so we deal, most of what we've done up until now has been purely federal and on the Hill so what I do, I work in the intelligence community. I specialize in social engineering and then I advise in the Senate for the most part, some in the House. We're able to take these organizations into the Pentagon or wherever and when we get a good read on them and when senators are like, "hey, can you bring them back in to brief us?" That's when we know we have a winner so we started really creating a relationship with Tom Kemp, who's the CEO and founder over there, and Greg Cranley, who heads the federal division. They're aggressively trying to be different as opposed to trying to be like everyone else, which makes it easy. If someone wants to do something, they have to be a fellow for us to do it, but if they want to do it, just like if they want to commission a paper, we just basically say, "okay, you can pay for it but we run it." Centrify has just been excellent. >> They get the community model. They get the relationship that you have with your constituents in the community. Trust matters, so you guys are happy to do this but more importantly, the content. You're held to a standard in your community. This is new, not to go in a different direction for a second but this is what the community marketing model is. Stay true to your audience and trust. You're relied upon so that's some balance that you guys have to do. >> The thing is we deal with cylance and others. Cylance, for example, was the first to introduce machine learning artificial intelligence to get passed that mutating hash for endpoint security. They fit in really well in the intelligence community. The great thing about working with Centrify is they let us take the lead and they're very flexible and we just make sure they come out on top each time. The content, it's very content driven. In D.C., we have at our cocktail receptions, they're CIA, NSA, DARPA, NASA. >> You guys are the poster child of be big, think small. >> Exactly. Intimate. >> You say Centrify is doing things differently. They're not falling in line like a lemming. What do you mean by that? What is everybody doing that these guys are doing differently? >> I think in the federal space, I think commercial too, but you have to be willing to take a big risk to be different so you have to be willing to pay a premium. If people work with us, they know they're going to pay a premium but we make sure they come out on top. What they do is, they'll tell us, Centrify will be like, "look, we're going to put x amount of dollars into a lunch. "Here are the types of pedigree individuals "that we need there." Maybe they're not executives. Maybe they're the actual practitioners at DHS or whatever. The one thing that they do different is they're aggressively trying to deviate from the prototype. That's what I mean. >> Like a vendor trying to sell stuff. >> Yeah and the thing is, that's why when someone goes to a Centrify event, I don't work for Centrify (mumbles). That's how they're able to attract. If you see, we have General Alexander. We've got major players here because of the content, because it's been different and then the other players want to be on the stage with other players, you know what I mean. It almost becomes a competition for "hey, I was asked to come to an ICIT thing" you know, that sort of thing. That's what I mean. >> It's reputation. You guys have a reputation and you stay true to that. That's what I was saying. To me, I think this is the future of how things get done. When you have a community model, you're held to a standard with your community. If you cross the line on that standard, you head fake your community, that's the algorithm that brings you a balance so you bring good stuff to the table and you vet everyone else on the other side so it's just more of a collaboration, if you will. >> The themes here, what you'll see is within critical infrastructure, we try to gear this a little more towards the financial sector. We brought, from Aetna, he set up the FS ISAC. Now he's with the health sector ISAC. For this particular geography in New York, we're trying to have it focus more around health sector and financial critical infrastructure. You'll see that. >> Alright, James, I've got to ask you. You're a senior fellow. You're on the front lines with a great Rolodex, great relationships in D.C., and you're adivising and leaned upon by people making policy, looking at the world and the general layout in which, the reality is shit's happening differently now so the world's got to change. Take us through a day in the life of some of the things you guys are seeing and what's the outlook? I mean, it's like a perfect storm of chaos, yet opportunity. >> It really depends. Each federal agency, we look at it from a Hill perspective, it comes down to really educating them. When I'm in advising in the House, I know I'm going to be working with a different policy pedigree than a Senate committee policy expert, you know what I mean. You have to gauge the conversation depending on how new the office is, House, Senate, are they minority side, and then what we try to do is bring the issues that the private sector is having while simultaneously hitting the issues that the federal agency space is. Usually, we'll have a needs list from the CSWEP at the different federal agencies for a particular topic like the Chinese APTs or the Russian APT. What we'll do is, we'll break down what the issue is. With Russia, for example, it's a combination of two types of exploits that are happening. You have the technical exploit, the malicious payload and vulnerability in a critical infrastructure network and then profiling those actors. We also have another problem, the influence operations, which is why we started the Center for Cyber Influence Operations Studies. We've been asked repeatedly since the elections last year by the intelligence community to tell us, explain this new propaganda. The interesting thing is the synergies between the two sides are exploiting and weaponizing the same vectors. While on the technical side, you're exploiting a vulnerability in a network with a technical exploit, with a payload, a compiled payload with a bunch of tools. On the influence operations side, they're weaponizing the same social media platforms that you would use to distribute a payload here but only the... >> Contest payload. Either way you have critical infrastructure. The payload being content, fake content or whatever content, has an underpinning that gamification call it virality, network effect and user psychology around they don't really open up the Facebook post, they just read the headline and picture. There's a dissonance campaign, or whatever they're running, that might not be critical to national security at that time but it's also a post. >> It shifts the conversation in a way where they can use, for example, right now all the rage with nation states is to use metadata, put it into big data analytics, come up with a psychographic algorithm, and go after critical infrastructure executives with elevated privileges. You can do anything with those guys. You can spearfish them. The Russian modus operandi is to call and act like a recruiter, have that first touch of contact be the phone call, which they're not expecting. "Hey, I got this job. "Keep it on the down low. Don't tell anybody. "I'm going to send you the job description. "Here's the PDF." Take it from there. >> How should we think about the different nation state actors? You mentioned Russia, China, there's Iran, North Korea. Lay it out for us. >> Each geography has a different vibe to their hacking. With Russia you have this stealth and sophistication and their hacking is just like their espionage. It's like playing chess. They're really good at making pawns feel like they're kings on the chessboard so they're really good at recruiting insider threats. Bill Evanina is the head of counterintel. He's a bulldog. I know him personally. He's exactly what we need in that position. The Chinese hacking style is more smash and grab, very unsophisticated. They'll use a payload over and over again so forensically, it's easy to... >> Dave: Signatures. >> Yeah, it is. >> More shearing on the tooling or whatever. >> They'll use code to the point of redundancy so it's like alright, the only reason they got in... Chinese get into a network, not because of sophistication, but because the network is not protected. Then you have the mercenary element which is where China really thrives. Chinese PLA will hack for the nation state during the day, but they'll moonlight at night to North Korea so North Korea, they have people who may consider themselves hackers but they're not code writers. They outsource. >> They're brokers, like general contractors. >> They're not sophisticated enough to carry out a real nation state attack. What they'll do is outsource to Chinese PLA members. Chinese PLA members will be like, "okay well, here's what I need for this job." Typically, what the Chinese will do, their loyalties are different than in the west, during the day they'll discover a vulnerability or an O day. They won't tell their boss right away. They'll capitalize off of it for a week. You do that, you go to jail over here. Russia, they'll kill you. China, somehow this is an accepted thing. They don't like it but it just happens. Then you have the eastern European nations and Russia still uses mercenary elements out of Moscow and St. Petersburg so what they'll do is they will freelance, as well. That's when you get the sophisticated, carbonic style hack where they'll go into the financial sector. They'll monitor the situation. Learn the ins and outs of everything having to do with that particular swift or bank or whatever. They go in and those are the guys that are making millions of dollars on a breach. Hacking in general is a grind. It's a lot of vulnerabilities work, but few work for long. Everybody is always thinking there's this omega code that they have. >> It's just brute force. You just pound it all day long. >> That's it and it's a grind. You might have something that you worked on for six months. You're ready to monetize. >> What about South America? What's the vibe down there? Anything happening in there? >> Not really. There is nothing of substance that really affects us here. Again, if an organization is completely unprotected. >> John: Russia? China? >> Russia and China. >> What about our allies? >> GCHQ. >> Israel? What's the collaboration, coordination, snooping? What's the dynamic like there? >> We deal, mostly, with NATO and Five Eyes. I actually had dinner with NATO last night. Five Eyes is important because we share signals intelligence and most of the communications will go through Five Eyes which is California, United States, Australia, New Zealand, and the UK. Those are our five most important allies and then NATO after that, as far as I'm concerned, for cyber. You have the whole weaponization of space going on with SATCOM interception. We're dealing with that with NASA, DARPA. Not a lot is happening down in South America. The next big thing that we have to look at is the cyber caliphate. You have the Muslim brotherhood that funds it. Their influence operations domestically are extremely strong. They have a lot of contacts on the Hill which is a problem. You have ANTIFA. So there's two sides to this. You have the technical exploit but then the information warfare exploit. >> What about the bitcoin underbelly that started with the silk roads and you've seen a lot of bitcoin. Money laundering is a big deal, know your customer. Now regulation is part of big ICOs going on. Are you seeing any activity from those? Are they pulling from previous mercenary groups or are they arbitraging just more free? >> For updating bitcoin? >> The whole bitcoin networks. There's been an effort to commercialize (mumbles) so there's been a legitimate track to bring that on but yet there's still a lot of actors. >> I think bitcoin is important to keep and if you look at the more black ops type hacking or payment stuff, bitcoin is an important element just as tor is an important element, just as encryption is an important element. >> John: It's fundamental, actually. >> It's a necessity so when I hear people on the Hill, I have my researcher, I'm like, "any time you hear somebody trying to have "weakened encryption, back door encryption" the first thing, we add them to the briefing schedule and I'm like, "look, here's what you're proposing. "You're proposing that you outlaw math. "So what? Two plus two doesn't equal four. "What is it? Three and a half? "Where's the logic?" When you break it down for them like that, on the Hill in particular, they begin to get it. They're like, "well how do we get the intelligence community "or the FBI, for example, to get into this iphone?" Civil liberties, you've got to take that into consideration. >> I got to ask you a question. I interviewed a guy, I won't say his name. He actually commented off the record, but he said to me, "you won't believe how dumb some of these state actors are "when it comes to cyber. "There's some super smart ones. "Specifically Iran and the Middle East, "they're really not that bright." He used an example, I don't know if it's true or not, that stuxnet, I forget which one it was, there was a test and it got out of control and they couldn't pull it back and it revealed their hand but it could've been something worse. His point was they actually screwed up their entire operation because they're doing some QA on their thing. >> I can't talk about stuxnet but it's easy to get... >> In terms of how you test them, how do you QA your work? >> James: How do you review malware? (mumbles) >> You can't comment on the accuracy of Zero Days, the documentary? >> Next question. Here's what you find. Some of these nation state actors, they saw what happened with our elections so they're like, "we have a really crappy offensive cyber program "but maybe we can thrive in influence operations "in propaganda and whatever." We're getting hit by everybody and 2020 is going to be, I don't even want to imagine. >> John: You think it's going to be out of control? >> It's going to be. >> I've got to ask this question, this came up. You're bringing up a really good point I think a lot of people aren't talking about but we've brought up a few times. I want to keep on getting it out there. In the old days, state on state actors used to do things, espionage, and everyone knew who they were and it was very important not to bring their queen out, if you will, too early, or reveal their moves. Now with Wikileaks and public domain, a lot of these tools are being democratized so that they can covertly put stuff out in the open for enemies of our country to just attack us at will. Is that happening? I hear about it, meaning that I might be Russia or I might be someone else. I don't want to reveal my hand but hey, you ISIS guys out there, all you guys in the Middle East might want to use this great hack and put it out in the open. >> I think yeah. The new world order, I guess. The order of things, the power positions are completely flipped, B side, counter, whatever. It's completely not what the establishment was thinking it would be. What's happening is Facebook is no more relevant, I mean Facebook is more relevant than the UN. Wikileaks has more information pulsating out of it than a CIA analyst, whatever. >> John: There's a democratization of the information? >> The thing is we're no longer a world that's divided by geographic lines in the sand that were drawn by these two guys that fought and lost a war 50 years ago. We're now in a tribal chieftain digital society and we're separated by ideological variation and so you have tribe members here in the US who have fellow tribe members in Israel, Russia, whatever. Look at Anonymous. Anonymous, I think everyone understands that's the biggest law enforcement honeypot there is, but you look at the ideological variation and it's hashtags and it's keywords and it's forums. That's the Senate. That's congress. >> John: This is a new reality. >> This is reality. >> How do you explain that to senators? I was watching that on TV where they're trying to grasp what Facebook is and Twitter. (mumbles) Certainly Facebook knew what was going on. They're trying to play policy and they're new. They're newbies when it comes to policy. They don't have any experience on the Hill, now it's ramping up and they've had some help but tech has never been an actor on the stage of policy formulation. >> We have a real problem. We're looking at outside threats as our national security threats, which is incorrect. You have dragnet surveillance capitalists. Here's the biggest threats we have. The weaponization of Facebook, twitter, youtube, google, and search engines like comcast. They all have a censorship algorithm, which is how they monetize your traffic. It's censorship. You're signing your rights away and your free will when you use google. You're not getting the right answer, you're getting the answer that coincides with an algorithm that they're meant to monetize and capitalize on. It's complete censorship. What's happening is, we had something that just passed SJ res 34 which no resistance whatsoever, blew my mind. What that allows is for a new actor, the ISPs to curate metadata on their users and charge them their monthly fee as well. It's completely corrupt. These dragnet surveillance capitalists have become dragnet surveillance censorists. Is that a word? Censorists? I'll make it one. Now they've become dragnet surveillance propagandists. That's why 2020 is up for grabs. >> (mumbles) We come from the same school here on this one, but here's the question. The younger generation, I asked a gentleman in the hallway on his way out, I said, "where's the cyber west point? "We're the Navy SEALS in this new digital culture." He said, "oh yeah, some things." We're talking about the younger generation, the kids playing Call of Duty Destiny. These are the guys out there, young kids coming up that will probably end up having multiple disciplinary skills. Where are they going to come from? So the question is, are we going to have a counterculture? We're almost feeling like what the 60s were to the 50s. Vietnam. I kind of feel like maybe the security stuff doesn't get taken care of, a revolt is coming. You talk about dragnet censorship. You're talking about the lack of control and privacy. I don't mind giving Facebook my data to connect with my friends and see my thanksgiving photos or whatever but now I don't want fake news jammed down my throat. Anti-Trump and Anti-Hillary spew. I didn't buy into that. I don't want that anymore. >> I think millennials, I have a 19 year old son, my researchers, they're right out of grad school. >> John: What's the profile like? >> They have no trust whatsoever in the government and they laugh at legislation. They don't care any more about having their face on their Facebook page and all their most intimate details of last night's date and tomorrow's date with two different, whatever. They just don't... They loathe the traditional way of things. You got to talk to General Alexander today. We have a really good relationship with him, Hayden, Mike Rogers. There is a counterculture in the works but it's not going to happen overnight because we have a tech deficit here where we need foreign tech people just to make up for the deficit. >> Bill Mann and I were talking, I heard the general basically, this is my interpretation, "if we don't get our shit together, "this is going to be an f'd up situation." That's what I heard him basically say. You guys don't come together so what Bill talked about was two scenarios. If industry and government don't share and come together, they're going to have stuff mandated on them by the government. Do you agree? >> I do. >> What's going to happen? >> The argument for regulation on the Hill is they don't want to stifle innovation, which makes sense but then ISPs don't innovate at all. They're using 1980s technology, so why did you pass SJ res 34? >> John: For access? >> I don't know because nation states just look at that as, "oh wow another treasure trove of metadata "that we can weaponize. "Let's start psychographically charging alt-left "and alt-right, you know what I mean?" >> Hacks are inevitable. That seems to be the trend. >> You talked before, James, about threats. You mentioned weaponization of social. >> James: Social media. >> You mentioned another in terms of ISPs I think. >> James: Dragnet. >> What are the big threats? Weaponization of social. ISP metadata, obviously. >> Metadata, it really depends and that's the thing. That's what makes the advisory so difficult because you have to go between influence operations and the exploit because the vectors are used for different things in different variations. >> John: Integrated model. >> It really is and so with a question like that I'm like okay so my biggest concern is the propaganda, political warfare, the information warfare. >> People are underestimating the value of how big that is, aren't they? They're oversimplifying the impact of info campaigns. >> Yeah because your reality is based off of... It's like this, influence operations. Traditional media, everybody is all about the narrative and controlling the narrative. What Russia understands is to control the narrative, the most embryo state of the narrative is the meme. Control the meme, control the idea. If you control the idea, you control the belief system. Control the belief system, you control the narrative. Control the narrative, you control the population. No guns were fired, see what I'm saying? >> I was explaining to a friend on Facebook, I was getting into a rant on this. I used a very simple example. In the advertising world, they run millions of dollars of ad campaigns on car companies for post car purchase cognitive dissonance campaigns. Just to make you feel good about your purchase. In a way, that's what's going on and explains what's going on on Facebook. This constant reinforcement of these beliefs whether its for Trump or Hillary, all this stuff was happening. I saw it firsthand. That's just one small nuance but it's across a spectrum of memes. >> You have all these people, you have nation states, you have mercenaries, but the most potent force in this space, the most hyperevolving in influence operations, is the special interest group. The well-funded special interests. That's going to be a problem. 2020, I keep hitting that because I was doing an interview earlier. 2020 is going to be a tug of war for the psychological core of the population and it's free game. Dragnet surveillance capitalists will absolutely be dragnet surveillance propagandists. They will have the candidates that they're going to push. Now that can also work against them because mainstream media, twitter, Facebook were completely against trump, for example, and that worked in his advantage. >> We've seen this before. I'm a little bit older, but we are the same generation. Remember when they were going to open up sealex? Remember the last mile for connectivity? That battle was won before it was even fought. What you're saying, if I get this right, the war and tug of war going on now is a big game. If it's not played in one now, this jerry rigging, gerrymandering of stuff could happen so when people wake up and realize what's happened the game has already been won. >> Yeah, your universe as you know it, your belief systems, what you hold to be true and self evident. Again, the embryo. If you look back to the embryo introduction of that concept, whatever concept it is, to your mind it came from somewhere else. There are very few things that you believe that you came up with yourself. The digital space expedites that process and that's dangerous because now it's being weaponized. >> Back to the, who fixes this. Who's the watchdog on this? These ideas you're talking about, some of them, you're like, "man that guy has lost it, he's crazy." Actually, I don't think you're crazy at all. I think it's right on. Is there a media outlet watching it? Who's reporting on it? What even can grasp what you're saying? What's going on in D.C.? Can you share that perspective? >> Yeah, the people that get this are the intelligence community, okay? The problem is the way we advise is I will go in with one of the silos in the NSA and explain what's happening and how to do it. They'll turn around their computer and say, "show me how to do it. "How do you do a multi vector campaign "with this meme and make it viral in 30 minutes." You have to be able to show them how to do it. >> John: We can do that. Actually we can't. >> That sort of thing, you have to be able to show them because there's not enough practitioners, we call them operators. When you're going in here, you're teaching them. >> The thing is if they have the metadata to your treasure trove, this is how they do it. I'll explain here. If they have the metadata, they know where the touch points are. It's a network effect mole, just distributive mole. They can put content in certain subnetworks that they know have a reaction to the metadata so they have the knowledge going in. It's not like they're scanning the whole world. They're monitoring pockets like a drone, right? Once they get over the territory, then they do the acquired deeper targets and then go viral. That's basically how fake news works. >> See the problem is, you look at something like alt-right and ANTIFA. ANTIFA, just like Black Lives Matter, the initiatives may have started out with righteous intentions just like take a knee. These initiatives, first stage is if it causes chaos, chaos is the op for a nation state in the US. That's the op. Chaos. That's the beginning and the end of an op. What happens is they will say, "oh okay look, this is ticking off all these other people "so let's fan the flame of this take a knee thing "hurt the NFL." Who cares? I don't watch football anyway but you know, take a knee. It's causing all this chaos. >> John: It's called trolling. >> What will happen is Russia and China, China has got their 13 five year plan, Russia has their foreign influence operations. They will fan that flame to exhaustion. Now what happens to the ANTIFA guy when he's a self-radicalized wound collector with a mental disorder? Maybe he's bipolar. Now with ANTIFA, he's experienced a heightened more extreme variation of that particular ideology so who steps in next? Cyber caliphate and Muslim brotherhood. That's why we're going to have an epidemic. I can't believe, you know, ANTIFA is a domestic terrorist organization. It's shocking that the FBI is not taking this more serious. What's happening now is Muslim brotherhood funds basically the cyber caliphate. The whole point of cyber caliphate is to create awareness, instill the illusion of rampant xenophobia for recruiting. They have self-radicalized wound collectors with ANTIFA that are already extremists anyway. They're just looking for a reason to take that up a notch. That's when, cyber caliphate, they hook up with them with a hashtag. They respond and they create a relationship. >> John: They get the fly wheel going. >> They take them to a deep web forum, dark web forum, and start showing them how it works. You can do this. You can be part of something. This guy who was never even muslim now is going under the ISIS moniker and he acts. He drives people over in New York. >> They fossilized their belief system. >> The whole point to the cyber caliphate is to find actors that are already in the self-radicalization phase but what does it take psychologically and from a mentoring perspective, to get them to act? That's the cyber caliphate. >> This is the value of data and context in real time using the current events to use that data, refuel their operation. It's data driven terrorism. >> What's the prescription that you're advising? >> I'm not a regulations kind of guy, but any time you're curating metadata like we're just talking about right now. Any time you have organizations like google, like Facebook, that have become so big, they are like their own nation state. That's a dangerous thing. The metadata curation. >> John: The value of the data is very big. That's the point. >> It is because what's happening... >> John: There's always a vulnerability. >> There's always a vulnerability and it will be exploited and all that metadata, it's unscrubbed. I'm not worried about them selling metadata that's scrubbed. I'm worried about the nation state or the sophisticated actor that already has a remote access Trojan on the network and is exfiltrating in real time. That's the guy that I'm worried about because he can just say, "forget it, I'm going to target people that are at this phase." He knows how to write algorithms, comes up with a good psychographic algorithm, puts the data in there, and now he's like, "look I'm only going to promote this concept, "two people at this particular stage of self-radicalization "or sympathetic to the kremlin." We have a big problem on the college campuses with IP theft because of the Chinese Students Scholar Associations which are directly run by the Chinese communist party. >> I heard a rumor that Equifax's franchising strategy had partners on the VPN that were state sponsored. They weren't even hacking, they had full access. >> There's a reason that the Chinese are buying hotels. They bought the Waldorf Astoria. We do stuff with the UN and NATO, you can't even stay there anymore. I think it's still under construction but it's a no-no to stay there anymore. I mean western nations and allies because they'll have bugs in the rooms. The WiFi that you use... >> Has fake certificates. >> Or there's a vulnerability that's left in that network so the information for executives who have IP or PII or electronic health records, you know what I mean? You go to these places to stay overnight, as an executive, and you're compromised. >> Look what happened with Eugene Kaspersky. I don't know the real story. I don't know if you can comment, but someone sees that and says, "this guy used to have high level meetings "at the Pentagon weekly, monthly." Now he's persona non grata. >> He fell out of favor, I guess, right? It happens. >> James, great conversation. Thanks for coming on the Cube. Congratulations on the great work you guys are doing here at the event. I know the content has been well received. Certainly the key notes we saw were awesome. CSOs, view from the government, from industry, congratulations. James Scott who is the co founder and senior fellow of ICIT, Internet Critical Infrastructure Technology. >> James: Institute of Critical Infrastructure Technology. >> T is for tech. >> And the Center for Cyber Influence Operations Studies. >> Good stuff. A lot of stuff going on (mumbles), exploits, infrastructure, it's all mainstream. It's the crisis of our generation. There's a radical shift happening and the answers are all going to come from industry and government coming together. This is the Cube bringing the data, I'm John Furrier with Dave Vellante. Thanks for watching. More live coverage after this short break. (music)

>> Announcer: Live from Washington, DC it's theCube covering .conf 2017 brought to you by Splunk. >> Welcome back here on theCube the flagship broadcast for Silicon Angle TV, glad to have you here at .conf 2017 along with Dave Vellante, John Walls. We are live in Washington, DC and balmy Washington, DC. It's like 88 here today, really hot. >> It's cooler here than it is in Boston, I here. >> Yeah, right, but we're not used to it this time of year. Brad Medairy now joins us he's an SVP at Booz Allen Hamilton and Brad, thank you for being with us. >> Dave: And another Redskins fan I heard. >> Another Redskins fan. >> It was a big night wasn't it? Sunday night, I mean we haven't had many of those in the last decade or so. >> Yeah, yeah, I became a Redskins fan in 1998 and unfortunately a little late after the three or four superbowls. >> John: That's a long dry spell, yeah. >> Are you guys Nats fans? >> Oh, huge Nats fan, I don't know, how about Brad, I don't want to speak for you. >> I've got a soft spot in my heart for the Nats, what's the story with that team? >> Well, it's just been post-season disappointment, but this year. >> This is the year. >> This is the year, although-- >> Hey, if the Redsox and the Cubs can do it. >> I hate to go down the path, but Geos worry me a little bit, but we can talk about it offline. >> Brad: Yeah, let's not talk about DC Sports. >> Three out of five outings now have not been very good, but anyway let's take care of what we can. Cyber, let's talk a little cyber here. I guess that's your expertise, so pretty calm, nothing going on these days, right? >> It's a boring field, you know? Boring field, yeah. >> A piece of cake. So you've got clients private sector, public sector, what's kind of the cross-pollination there? I mean, what are there mutual concerns, and what do you see from them in terms of common threats? >> Yeah, so at Booz Allen we support both federal and commercial clients, and we have a long history in cyber security kind of with deep roots in the defense and the intelligence community, and have been in the space for years. What's interesting is I kind of straddle both sides of the fence from a commercial and a federal perspective, and the commercial side, some of the major breaches really force a lot of these organizations to quickly get religion, and early on everything was very compliance driven and now it's much more proactive and the need to be much more both efficient and effective. The federal space is, I think in many cases, catching up, and so I've done a lot of work across .mil and there's been a lot of investment across .mil, and very secure, .gov, you know, is still probably a fast follower, and one of the things that we're doing is bringing a lot of commercial best practices into the government space and the government's quickly moving from a compliance-based approach to cyber security to much more proactive, proactive defense. >> Can you get, it's almost like a glacier sometimes, right, I mean there's a legacy mindset, in a way, that government does it's business, but I would assume that events over the past year or two have really prompted them along a little bit more. >> I mean there's definitely been some highly publicized events around breaches across .gov, and I think there's a lot of really progressive programs out there that are working to quickly you know, remediate a lot of these issues. One of the programs we're involved in is something called CDM that's run out of DHS, Continuous Diagnostic and Mitigation, and it's a program really designed to up-armor .gov, you know to increase situational awareness and provide much more proactive reporting so that you can get real-time information around events and postures of the network, so I think there's a lot of exciting activities and I think DHS and partnership with the federal agencies is really kind of spearheading that. >> So if we can just sort of lay out the situation in the commercial world and see how it compares to what's going on in gov. Product creep, right, there's dozens and dozens and dozens of products that have been installed, security teams are just sort of overwhelmed, overworked, response is too slow, I've seen data from, whatever, 190 days to 350 days, to identify an infiltration, nevermind remediate it, and so, it's a challenge, so what's happening in your world and how can you guys help? >> Yeah, you know it's funny, I love going out to the RSA conference and, you know, I watch a lot of folks in the space, walking around with a shopping cart and they meet all these great vendors and they have all these shiny pebbles and they walk away with the silver bullet, right, and so if they implement this tool or technology, they're done, right? And I think we all know, that's not the case, and so over the years I think that we've seen a lot of, a lot of organizations, both federal and commercial, try to solve a lot of the problems through, you know, new technology solutions, whether it's the next best intrusion detection, or if it's endpoint, you know, the rage now is EDR, MDR, and so, but the problem is at the end of the day, the adversaries live in the seams, and in the world that I grew up in focused a lot around counter-terrorism. We took a data-centric approach to finding advanced adversaries, and one of the reasons that the Booz Allen has strategically partnered with Splunk is we believe that, you know, in a data-centric approach to cyber, and Splunk as a platform allows us to quickly integrate data, independent of the tools because the other thing with these tool ecosystems is all these tools work really well within their own ecosystem, but as soon as you start to mix and match best of breed tools and capabilities, they tend to not play well together. And so we use Splunk as that integration hub to bring together the data that allows us to bring our advanced trade-craft and tech-craft around hunting, understanding of the adversaries to be able to fuse that data and do advanced detection and help our clients be a lot more proactive. >> So cyber foresight is the service that you lead with? >> Yeah, you know, one of the things, having a company that's been, Booz Allen I think now is 103 years old, with obvious deep roots in the federal government, and so we have a pedigree in defense and intelligence, and we have a lot of amazing analysts, a lot of amazing, what we call, tech-craft, and what we did was, this was many many years ago, and we're probably one of the best kept secrets in threat intelligence, but after maybe five or six years ago when you started to see a lot of the public breaches in the financial services industry, a lot of the financial service clients came to us and said, "Hey, Booz Allen, you guys understand the threat, you understand actors, you understand TTPs, help educate us around what these adversaries are doing. Why are they doing it, how are they doing it, and how can we get out in front of it?" So the question has always been, you know, how can we be more proactive? And so we started a capability that we, or we developed a capability called cyber foresight where we provided some of our human intelligence analysts and applied them to open-source data and we were providing threat intelligence as a service. And what's funny is today you see a lot of the cyber threat intelligence landscape is fairly crowded, when I talk to clients they affectionately refer to people that provide threat intelligence as beltway book reporters, which I love. (laughter) But for us, you know, we've lived in that space for so many years we have the analysts, the scale, the tradecraft, the tools, the technologies, and we feel that we're really well positioned to be able to provide clients with the insights. You know, early on when we were working heavily in the financial services sector, the biggest challenge a lot of our clients had in threat intelligence was, what do I do with it? Okay, so you're going to send me, what we call a Spot Report, and so hey we know this nation-state actor with this advanced set of TTPs is targeting my organization, so what, right? I'm the CISO, I'm the CIO, should I resign? Should I jump out the window? (laughter) What do I do? I know these guys are coming after me, how do I actually operationalize that? And so what we've spent a lot of time thinking about and investing in is how to operationalize threat intelligence, and when we started, you kind of think of it as a pitcher and a catcher, right? You know, so the threat intelligence provider throws those insights, but the receiver needs to be able to catch that information, be able to put it in context, process it, and then operationalize it, implement it within their enterprise to be able to stop those advanced threats. And so one of the reasons that we gravitated toward Splunk, Splunk is a platform, Splunk is becoming really, in our mind, one of the defacto repositories for IT and cyber data across our client space, so when you take that, all those insights that Splunk has around the cyber posture and the infrastructure of an enterprise, and you overlay the threat intelligence with that, it gives us the ability to be able to quickly operationalize that intelligence, and so what does that mean? So, you know, when a security operator is sitting at a console, they're drowning in data, and, you know, analysts, we've investigated tons of commercial breaches and in most cases what we see is the analyst, at some point, had a blinking red light on their screen that was an indicator of that particular breach. The problem is, how do you filter through the noise? That's a problem that this whole industry, it's a signal to noise ratio issue. >> So you guys bring humans to that equation, human intelligence meets analytics and machine intelligence, and your adversary has evolved, and I wonder if you can talk about that, it's gone from sort of hacktivists to organized crime and nation-states, so they've become much more sophisticated. How have the humans sort of evolved as well that your bridge to bear? >> Yeah, I mean certainly the bear to entry is lower, and so now we're seeing ransomware as a service, we're seeing attacks on industrial control systems, on IOT devices, you know, financial services now is extremely concerned about building control systems because if you can compromise and build a control system you can get into potentially laterally move into the enterprise network. And so our analysts now not only are traditional intelligence analysts that understand adversaries and TTPs, but they also need to be technologists, they need to have reverse engineering experience, they need to be malware analysts, they need to be able to look at attack factors in TTPs to be able to put all the stuff in context, and again it goes back to being able to operationalize this intelligence to get value out of it quickly. >> They need to have imaginations, right? I mean thinking like the bad guys, I guess. >> Yeah, I mean we spend a lot of time, we've started up a new capability called Dark Labs and it's our way to be able to unlock some of those folks that think like bad guys and be able to unleash them to look at the world through a different lens, and be able to help provide clients insights into attack factors, new TTPs, and it's fascinating to watch those teams work. >> How does social media come into play here? Or is that a problem at all, or is that a consideration for you at all? >> Well, you know, when we look at a lot of attacks, what's kind of interesting with the space now is you look at nation-state and nation-state activists and they have sophisticated TTPs. In general they don't have to use them. Nation-states haven't even pulled out their quote "good stuff" yet because right now, for the most part they go with low-hanging fruit, low-hanging fruit being-- >> Just pushing the door open, right? >> Yeah, I mean, why try to crash through the wall when you can just, you know, the door's not locked? And so, you know, when you talk about things like social media whether it's phishing, whether it's malware injected in images, or on Facebook, or Twitter, you know, the majority of tacts are either driven through people, or driven through just unpatched systems. And so, you know, it's kind of cliche, but it really starts with policies, training of the people in your organization, but then also putting some more proactive monitoring in place to be able to kind of start to detect some of those more advanced signatures for some of the stuff that's happening in social media. >> It's like having the best security system in the world, but you left your front door unlocked. >> That's right, that's right. >> So I wonder if, Brad, I don't know how much you can say, but I wonder if you could comment just generally, like you said, we haven't seen their best pitch yet, we had Robert Gates on, and when I was interviewing him he said, "You know, we have great offensive posture and security, but we have to be super careful how we use it because when it comes to critical infrastructure we have the most to lose." And when you think about the sort of aftermath of Stuxnet, when basically the Iranians said hey we can do this too, what's the general sort of philosophy inside the beltway around offense versus defense? >> You know, I think from, that's a great question. From an offensive cyber perspective I think where the industry is going is how do you take offensive tradecraft and apply it to defensive? And so by that I mean, think about we take folks that have experience thinking like a bad guy, but unleash them in a security operation center to do things like advanced hunting, and so what they'll do is take large sets of data and start doing hypothesis driven analytics where they'll be able to kind of think like a bad guy and then they'll have developers or techies next to them building different types of analytics to try to take their mind and put it into an analytic that you can run over a set of data to see, hey, is there an actor on your network performing like that? And so I think we see in the space now a lot of focus around hunting and red teaming, and I think that's kind of the industry's way of trying to take some of that offensive mentality, but then apply it on the defensive side. >> Dave: It just acts like kind of Navy Seal operations in security. >> Right, right, yeah. I mean the challenge is there's a finite set of people in the world that really, truly have that level of tradecraft so the question is, how do you actually deliver that at any level of scale that can make a difference across this broader industry. >> So it's the quantity of those skill sets, and they always say that the amazing thing, again I come back to Stuxnet, was that the code was perfect. >> Brad: Yeah. >> The antivirus guy said, "We've never seen anything like that where the code is just perfect." And you're saying it's just a quantity of skills that enables that, that's how you know it's nation-state, obviously, something like that. >> Yeah, I mean the level of expertise, the skill set, the time it take to be able to mature that tradecraft is many many years, and so I think that when we can crack the bubble of how we can take that expertise, deliver it in a defensive way to provide unique insights that, and do that at scale because just taking one of those folks into an organization doesn't help the whole, right? How can you actually kind of operationalize that to be able to deliver that treadecraft through things like analytics as a service, through manage, detection, and response, at scale so that one person can influence many many organizations at one time. >> And, just before we go, so cyber foresight is available today, it's something you're going to market with. >> Yeah, we just partnered with Splunk, it's available as a part of Splunk ES, it's an add-on, and it provides our analysts the ability to provide insights and be able to operationalize that within Splunk, we're super excited about it and it's been a great partnership with Splunk and their ES team. >> Dave: So you guys are going to market together on this one. >> We are partnered, we're going to market together, and delivering the best of our tradecraft and our intelligence analysts with their platform and product. >> Dave: Alright, good luck with it. >> Hey, thank you, thank you very much, guys. >> Good pair, that's for sure, yeah. Thank you, Brad, for being with us here, and Monday night, let's see how it goes, right? >> Yeah, I'm optimistic. >> Very good, alright. Coach Brad Medairy joining us with his rundown on what's happening at Booz Allen. Back with more here on theCube, you're watching live .conf 2017.