>>from around the globe. It's the Cube with digital coverage of AWS reinvent 2020 sponsored by Intel, AWS and our community partners. >>Hey, welcome back already, Jeffrey here with the Cube coming to you from Palo Alto studios today for our ongoing coverage of aws reinvent 2020. It's a digital event like everything else in 2020. We're excited for our next segment, so let's jump into it. We're joined in our next segment by Andrew Rafa. He is the principal and zero trust offering lead at the Light and Touche LLP. Andrew, great to see you. >>Thanks for having me. >>Absolutely. And joining him is Robbie Deval. He is the AWS cyber risk lead for Deloitte and Touche LLP. Robbie, Good to see you as well. >>Hey, Jeff, good to see you as well. >>Absolutely. So let's jump into it. You guys are all about zero trust and I know a little bit about zero trust I've been going to are safe for a number of years and I think one of the people that you like to quote analysts chase Cunningham from Forrester, who's been doing a lot of work around zero trust. But for folks that aren't really familiar with it. Andrew, why don't you give us kind of the 101? About zero trust. What is it? What's it all about? And why is it important? >>Sure thing. So is your trust is, um, it's a conceptual framework that helps organizations deal with kind of the ubiquitous nature of modern enterprise environments. Um, and then its course. Your trust commits to a risk based approach to enforcing the concept of least privileged across five key pillars those being users, workloads, data networks and devices. And the reason we're seeing is your trust really come to the forefront is because modern enterprise environments have shifted dramatically right. There is no longer a defined, clearly defined perimeter where everything on the outside is inherently considered, considered untrusted, and everything on the inside could be considered inherently trusted. There's a couple what I call macro level drivers that are, you know, changing the need for organizations to think about securing their enterprises in a more modern way. Um, the first macro level driver is really the evolving business models. So as organizations are pushing to the cloud, um, maybe expanding into into what they were considered high risk geography is dealing with M and A transactions and and further relying on 3rd and 4th parties to maintain some of their critical business operations. Um, the data and the assets by which the organization, um transact are no longer within the walls of the data center. Right? So, again, the perimeter is very much dissolved. The second, you know, macro level driver is really the shifting and evolving workforce. Um, especially given the pandemic and the need for organizations to support almost an entirely remote workforce nowadays, um, organizations, they're trying to think about how they revamp their traditional VPN technologies in order to provide connectivity to their employees into other third parties that need to get access to, uh, the enterprise. So how do we do so in a secure, scalable and reliable way and then the last kind of macro level driver is really the complexity of the I t landscape. So, you know, in legacy environment organizations on Lee had to support managed devices, and today you're seeing the proliferation of unmanaged devices, whether it be you know, B y o d devices, um, Internet of things, devices or other smart connected devices. So organizations are now, you know, have the need to provide connectivity to some of these other types of devices. But how do you do so in a way that, you know limits the risk of the expanding threat surface that you might be exposing your organization to by supporting from these connected devices? So those are some three kind of macro level drivers that are really, you know, constituting the need to think about security in a different >>way. Right? Well, I love I downloaded. You guys have, ah zero trust point of view document that that I downloaded. And I like the way that you you put real specificity around those five pillars again users, workloads, data networks and devices. And as you said, you have to take this kind of approach that it's kind of on a need to know basis. The less, you know, at kind of the minimum they need to know. But then, to do that across all of those five pillars, how hard is that to put in place? I mean, there's a There's a lot of pieces of this puzzle. Um, and I'm sure you know, we talk all the time about baking security and throughout the entire stack. How hard is it to go into a large enterprise and get them started or get them down the road on this zero trust journey? >>Yeah. So you mentioned the five pillars. And one thing that we do in our framework because we put data at the center of our framework and we do that on purpose because at the end of the day, you know, data is the center of all things. It's important for an organization to understand. You know what data it has, what the criticality of that data is, how that data should be classified and the governance around who and what should access it from a no users workloads, uh, networks and devices perspective. Um, I think one misconception is that if an organization wants to go down the path of zero trust, there's a misconception that they have to rip out and replace everything that they have today. Um, it's likely that most organizations are already doing something that fundamentally aligned to the concept of these privilege as it relates to zero trust. So it's important to kind of step back, you know, set a vision and strategy as faras What it is you're trying to protect, why you're trying to protect it. And what capability do you have in place today and take more of an incremental and iterative approach towards adoption, starting with some of your kind of lower risk use cases or lower risk parts of your environment and then implementing lessons learned along the way along the journey? Um, before enforcing, you know more of those robust controls around your critical assets or your crown jewels, if you >>will. Right? So, Robbie, I want to follow up with you, you know? And you just talked about a lot of the kind of macro trends that are driving this and clearly covert and work from anywhere is a big one. But one of the ones that you didn't mention that's coming right around the pike is five g and I o t. Right, so five g and and I o. T. We're going to see, you know, the scale and the volume and the mass of machine generated data, which is really what five g is all about, grow again exponentially. We've seen enough curves up into the right on the data growth, but we've barely scratched the surface and what's coming on? Five G and I o t. How does that work into your plans? And how should people be thinking about security around this kind of new paradigm? >>Yeah, I think that's a great question, Jeff. And as you said, you know, I UT continues to accelerate, especially with the recent investments and five G that you know pushing, pushing more and more industries and companies to adopt a coyote. Deloitte has been and, you know, helping our customers leverage a combination of these technologies cloud, Iot, TML and AI to solve their problems in the industry. For instance, uh, we've been helping restaurants automate their operations. Uh, we've helped automate some of the food safety audit processes they have, especially given the code situation that's been helping them a lot. We are currently working with companies to connect smart, wearable devices that that send the patient vital information back to the cloud. And once it's in the cloud, it goes through further processing upstream through applications and data. Let's etcetera. The way we've been implementing these solutions is largely leveraging a lot of the native services that AWS provides, like device manager that helps you onboard hundreds of devices and group them into different categories. Uh, we leveraged device Defender. That's a monitoring service for making sure that the devices are adhering to a particular security baseline. We also have implemented AWS green grass on the edge, where the device actually resides. Eso that it acts as a central gateway and a secure gateway so that all the devices are able to connect to this gateway and then ultimately connect to the cloud. One common problem we run into is ah, lot of the legacy i o t devices. They tend to communicate using insecure protocols and in clear text eso we actually had to leverage AWS lambda Function on the edge to convert these legacy protocols. Think of very secure and Q t t protocol that ultimately, you know, sense data encrypted to the cloud eso the key thing to recognize. And then the transformational shift here is, um, Cloud has the ability today to impact security off the device and the edge from the cloud using cloud native services, and that continues to grow. And that's one of the key reasons we're seeing accelerated growth and adoption of Iot devices on did you brought up a point about five G and and that's really interesting. And a recent set of investments that eight of us, for example, has been making. And they launched their AWS Waveland zones that allows you to deploy compute and storage infrastructure at the five G edge. So millions of devices they can connect securely to the computer infrastructure without ever having to leave the five g network Our go over the Internet insecurely talking to the cloud infrastructure. Uh, that allows us to actually enable our customers to process large volumes of data in a short, near real time. And also it increases the security of the architectures. Andi, I think truly, uh, this this five g combination with I o t and cloudy, I m l the are the technologies of the future that are collectively pushing us towards a a future where we're gonna Seymour smart cities that come into play driverless connected cars, etcetera. >>That's great. Now I wanna impact that a little bit more because we are here in aws re invent and I was just looking up. We had Glenn Goran 2015, introducing a W S s I O T Cloud. And it was a funny little demo. They had a little greenhouse, and you could turn on the water and open up the windows. But it's but it's a huge suite of services that you guys have at your disposal. Leveraging aws. I wonder, I guess, Andrew, if you could speak a little bit more suite of tools that you can now bring to bear when you're helping your customers go to the zero trust journey. >>Yeah, sure thing. So, um, obviously there's a significant partnership in place, and, uh, we work together, uh, pretty tremendously in the market, one of the service are one of solution offering that we've built out which we dub Delight Fortress, um is a is a concept that plays very nicely into our zero trust framework. More along the kind of horizontal components of our framework, which is really the fabric that ties it all together. Um s o the two horizontal than our framework around telemetry and analytics. A swell the automation orchestration. If I peel back the automation orchestration capability just a little bit, um, we we built this avoid fortress capability in order for organizations to kind of streamline um, some of the vulnerability management aspect of the enterprise. And so we're able through integration through AWS, Lambda and other functions, um, quickly identify cloud configuration issues and drift eso that, um, organizations cannot only, uh, quickly identify some of those issues that open up risk to the enterprise, but also in real time. Um, take some action to close down those vulnerabilities and ultimately re mediate them. Right? So it's way for, um, to have, um or kind of proactive approach to security rather than a reactive approach. Everyone knows that cloud configuration issues are likely the number one kind of threat factor for Attackers. And so we're able to not only help organizations identify those, but then closed them down in real time. >>Yeah, it's interesting because we hear that all the time. If there's a breach and if if they w s involved often it's a it's a configuration. You know, somebody left the door open basically, and and it really drives something you were talking about. Ravi is the increasing important of automation, um, and and using big data. And you talked about this kind of horizontal tele metrics and analytics because without automation, these systems are just getting too big and and crazy for people Thio manage by themselves. But more importantly, it's kind of a signal to noise issue when you just have so much traffic, right? You really need help surfacing. That signals you said so that your pro actively going after the things that matter and not being just drowned in the things that don't matter. Ravi, you're shaking your head up and down. I think you probably agree with this point. >>Yeah, yeah, Jeff and definitely agree with you. And what you're saying is truly automation is a way off dealing with problems at scale. When when you have hundreds of accounts and that spans across, you know, multiple cloud service providers, it truly becomes a challenge to establish a particular security baseline and continue to adhere to it. And you wanna have some automation capabilities in place to be able to react, you know, and respond to it in real time versus it goes down to a ticketing system and some person is having to do you know, some triaging and then somebody else is bringing in this, you know, solution that they implement. And eventually, by the time you're systems could be compromised. So ah, good way of doing this and is leveraging automation and orchestration is just a capability that enhances your operational efficiency by streamlining summed Emmanuel in repetitive tasks, there's numerous examples off what automation and orchestration could do, but from a security context. Some of the key examples are automated security operations, automated identity provisioning, automated incident response, etcetera. One particular use case that Deloitte identified and built a solution around is the identification and also the automated remediation of Cloud security. Miss Consideration. This is a common occurrence and use case we see across all our customers. So the way in the context of a double as the way we did this is we built a event driven architectures that's leveraging eight of us contribute config service that monitors the baselines of these different services. Azzan. When it detects address from the baseline, it fires often alert. That's picked up by the Cloudwatch event service that's ultimately feeding it upstream into our workflow that leverages event bridge service. From there, the workflow goes into our policy engine, which is a database that has a collection off hundreds of rules that we put together uh, compliance activities. It also matched maps back to, ah, large set of controls frameworks so that this is applicable to any industry and customer, and then, based on the violation that has occurred, are based on the mis configuration and the service. The appropriate lambda function is deployed and that Lambda is actually, uh, performing the corrective actions or the remediation actions while, you know, it might seem like a lot. But all this is happening in near real time because it is leveraging native services. And some of the key benefits that our customers see is truly the ease of implementation because it's all native services on either worse and then it can scale and, uh, cover any additional eight of those accounts as the organization continues to scale on. One key benefit is we also provide a dashboard that provides visibility into one of the top violations that are occurring in your ecosystem. How many times a particular lambda function was set off to go correct that situation. Ultimately, that that kind of view is informing. Thea Outfront processes off developing secure infrastructure as code and then also, you know, correcting the security guard rails that that might have drifted over time. Eso That's how we've been helping our customers and this particular solution that we developed. It's called the Lloyd Fortress, and it provides coverage across all the major cloud service providers. >>Yeah, that's a great summary. And I'm sure you have huge demand for that because he's mis configuration things. We hear about him all the time and I want to give you the last word for we sign off. You know, it's easy to sit on the side of the desk and say, Yeah, we got a big security and everything and you got to be thinking about security from from the time you're in, in development all the way through, obviously deployment and production and all the minutes I wonder if you could share. You know, you're on that side of the glass and you're out there doing this every day. Just a couple of you know, kind of high level thoughts about how people need to make sure they're thinking about security not only in 2020 but but really looking down the like another road. >>Yeah, yeah, sure thing. So, you know, first and foremost, it's important to align. Uh, any transformation initiative, including your trust to business objectives. Right? Don't Don't let this come off as another I t. Security project, right? Make sure that, um, you're aligning to business priorities, whether it be, you know, pushing to the cloud, uh, for scalability and efficiency, whether it's digital transformation initiative, whether it be a new consumer identity, Uh uh, an authorization, um, capability of china built. Make sure that you're aligning to those business objectives and baking in and aligning to those guiding principles of zero trust from the start. Right, Because that will ultimately help drive consensus across the various stakeholder groups within the organization. Uh, and build trust, if you will, in the zero trust journey. Um, one other thing I would say is focus on the fundamentals. Very often, organizations struggle with some. You know what we call general cyber hygiene capabilities. That being, you know, I t asset management and data classifications, data governance. Um, to really fully appreciate the benefits of zero trust. It's important to kind of get some of those table six, right? Right. So you have to understand, you know what assets you have, what the criticality of those assets are? What business processes air driven by those assets. Um, what your data criticality is how it should be classified intact throughout the ecosystem so that you could really enforce, you know, tag based policy, uh, decisions within, within the control stack. Right. And then finally, in order to really push the needle on automation orchestration, make sure that you're using technology that integrate with each other, right? So taken a p I driven approach so that you have the ability to integrate some of these heterogeneous, um, security controls and drive some level of automation and orchestration in order to enhance your your efficiency along the journey. Right. So those were just some kind of lessons learned about some of the things that we would, uh, you know, tell our clients to keep in mind as they go down the adoption journey. >>That's a great That's a great summary s So we're gonna have to leave it there. But Andrew Robbie, thank you very much for sharing your insight and and again, you know, supporting this This move to zero trust because that's really the way it's got to be as we continue to go forward. So thanks again and enjoy the rest of your reinvent. >>Yeah, absolutely. Thanks for your time. >>All right. He's Andrew. He's Robbie. I'm Jeff. You're watching the Cube from AWS reinvent 2020. Thanks for watching. See you next time.

>>live from San Francisco, extracting the signal from the noise. It's the cues covering Oracle OpenWorld 2015. Brought to you by Oracle. How your hosts, John Courier and Jeff Rick Wait, >>We are here. Live in Howard's treated oracle. OpenWorld for Silicon Angles, The Cube Exclusive coverage Star flagship program. We go out to the events extract the cinnamon noise. I'm John Kerry, the founder of Silicon, and Brian gracefully lead analyst on all the cloud and all the infrastructure stuff going on here. Next guess is Jeffrey Davis, Principal Gore, Oracle, global leader for Deloitte and Touche. Legend in the industry. I've been covering Oracle for a long time. Good to see you, John Bryan allegedly knew she had to get that in there. Love that. You know you guys are. The service's angle has been something that the service's business is. It's been changing radically. Now more than ever with clouds. I really want to get your take because you are an executive looking at this transformation of cloud. But the Lloyd across all the Oracle customer base, your party with customers. So you're the front lines. I gotta ask you straight up. What is the number one thing customers are looking at right now that you partner with four Cloud to figure it out. Is it a migration? All the above, And what do you think about that? So when customers are evaluating the cloud or our clients are looking at the club, you really focus on three things. One is agility. Thea other one is time and the other one is valued. So how quickly can we adopt to the changing environment? How quickly can we leverage technologies like clouds in order to be able to respond to our customers, to adapt to the changing needs of our employees, to embrace our business strategy in a new and innovative way? So I said legend, you know, talk about the eighties for women on camera. That's important point I want to bring up. Is that Is that the old way? Big growth of client server was around software middleware right year BC around you name it that created huge consultancies like Lloyd, you participated in that create a lot of wealth creation for the customers, create value, right, but their cycles were long in the deal. That'll be about 12 13 years now, months and almost a year or two, there were all these big deployments. Now the cloud is accelerating when you compare and contrast time of then share. And now with the cloud Just how much the deployments change the software, the organizations, How you guys operate a new way to do that job well, and we're all responding to the market, right? While responding to customers needs Cloud didn't come about because of technology in it of itself. But we're really all in this ecosystem responding to our customers must customers a really demanding from us is there demanding agility and speed. As I said before, if you take a look at the way we used to do things, basically you had a a large capital investment on the part of the customers. They went, they bought the software, they bought the hardware, they had to hire the expertise of an advantage, mail the eggs, and you're looking at a transformation for them that could take anywhere from 12 to 24 months or longer before they would get time to value. And, you know, these projects didn't go as planned. No, that's this is Yeah, I know the change orders came in paid more cash on DSO. We all got a really bad reputation because of the high costs in a long time to value and even if value was ever realized in some cases, now we take a look at the environment and what the cloud enables us to do is move in a much faster pace. Way used to have what we call a waterfall approach to design and implementation went into a big room and you talked about the world and I never ran that way. And then you put it into the system and then people never really embraced it, because when it came out, it didn't look like anything they thought they were gonna get. This is completely different with cloud. Now you can take an agile approach. Now you can sit and listen to the customer demands very quickly respond to what they think they need, where they really generate value. And then you can focus on those things and very quickly there, in a design session with you And at the end of the day, >>changed management is much easier because they've been a part of the process and also, you know, looking at 90 days sprints. You're looking at things that are done. You know, in >>six months, six months, time to value that can give you compress a competitive advantage. You know, that could help you retain Maur employees or customers. So it's really some timetable. Met Lavery s V p of the Cloud Gru. Gru Integration was saying they were doing provisioning on in 24 minutes. Multiple deployments like like nobody's business. What has them in the timetable that you're seeing for some of these times of value, horizons means hurdles. These milestones said days, weeks, months, hours, minutes. I mean, when you go to a customer base where their expectations of what you guys deliver, there's some insight there. Some of it depends on the environment. So remember they're still clients. We have local customers that are in a highly regulated industry or have a very complex prisons process. Those are gonna take a longer there is they're gonna take in. Technology is not necessarily on the critical path. But when you look at those other areas that frankly, you don't differentiate yourself very much or speed with a solution concave you a competitive advantage. You know, you're looking at a client expectations of anywhere from 90 days, you know, to six months, you know, manager here, very manager, but aggressive. Visa VI the old way. Well, certainly, And the other piece that we're not really talking about is, you know, it's not enough for us to put the technology out there. It's also got to be used and adopted. You know, when you had those large transformations. It's very hard for an organization to absorb all of that change. Now we're looking at the fine entry point that you could get with clouds with that fine entry point. Now we can sub select areas with greatest impact, but we're not changing the entire organization. >>Mark Hurd has the C I. O. G. On this morning and one of the comments that he made. I've heard this a number of times over the last 12 18 months. He essentially said, I have a ton of undifferentiated applications now. They're things that that Oracle thinks are fantastic. HCM and C. R. M and Air P. But in essence, everybody has those. Every business has those very undifferentiated, but they're complicated. What? You Seymour, you see more people saying you know what take those. Help me migrate those into SAS applications, you know, save costs. Where do you see more saying, You know what? Give me the other 20%. The ones that drive business differentiation, ones that are new cloud native applications. What do you see in your mix? What's pushing your customers >>to push you? You know, it depends on the geography, and it depends on the industry and some other things. If you want to talk about North America, which tends to be one of the largest markets in the world, if not the largest market in the world, when you're looking in North America, really people have gone through a lot of the major ear piece. Remember the earlier conversation? You know, they have suffered through tens of millions, hundreds of millions of dollars, and their boards were not satisfied that they got the results of the expected. Now, when you take a look at what's happening, you know, people are now being much more strategic in their investments, much more prescriptive there. Look how they spent exactly, because now the boards have different expectations. They've already gone and spent all that money on technology. They can't go back to the board. Can't say we need to redo this. What they do are willing to fund is you want to get into a new business. If you want to spin something off, you need to stand it up right away. If a customer you know, provide you a new opportunity, you want to shift to that new opportunity. Really? Well, technology is the basis of a lot of this transformation. So Cloud provides that opportunity and it's modest investment with really quick, high value. It's a great point >>you look at I t In the past decades prior to this evolution, we're seeing the cloud consolidate, consolidate, consolidate, right? I don't know the well again. I just went to the well, apparently running, you know, whatever the model was there. But now they're under a lot of pressure to drive top line revenue. Absolute. Now, the top line revenue equations, a completely different mindset. You have to go out and oh, cut the market. You gotta use a shadow I t or your authorized go out. Do legitimate stand up new platforms are Can you give me an example of that? We're seeing more of that now. A clear Mandate. Cee Io's Go take a New Hill or let's consolidate these apt and reposition for this new use case, which is not. That's experiment, but it's certainly a new market opportunity, and they gotta do their due diligence, so it's almost unparalleled. Due diligence kills your waterfall. That's one doesn't talk about that dynamic. Where examples you give go. Take that new top line revenue driver. So you know that there are customers that are looking at new partnerships in the marketplace, and those new partnerships have dynamic new business models. You know, it's not like opening up another hamburger stand. You know, they're not necessarily expanding into our core business. They're really looking at ways to amplify growth. If you're gonna take that as a strategic position, then you know customer or client of ours would focus on, you know, let's take this innovation the market. We don't want to invest a lot in it, waste a lot of time and lose the competitive advantage. Let's >>get to market first. Let's provide a new product or service to the market where we can move very quickly, and then the >>net result is we can see the benefits right away. And if it isn't way, haven't sunk a lot of time and money and something that's not necessarily gonna have the same values. We just had Shawn Price on. And I'm gonna ask this because it's a lemon that you're in because you're part of the customer right here, the strategic partner of the customer. So that idea top line revenue growth could come from a partner. When I see How do you work in that? Quick, You're cool to work with my Aunt VI's. Bring that into the table. You're absolutely so this market is changing. You know, Cloud clearly changes everything and much more so than some of the things we've seen in the past. And so now we need to position ourselves differently now for the Deloitte Business Model way. We're really in a specialized business of focusing highly on value and value creation. We weren't necessarily in other areas and we have different partnerships now. Those partnerships are shifting. Oracle provides us a complete platform. You know, we don't >>have to really get involved in a lot of the aspects of the platform that, frankly, we're in our core competency and frankly, weren't our clients what >>you talked about that customer interaction? What do you have to do to change what we've seen? Different size, trying different approaches? We've seen some that are partnering with cloud Provider, but they want to be their own flat for acquiring them. What changes in terms of the skills you have to hire the way you expect that interaction toe happen between you and customer. Because to a certain extent, like for developers, developers love self service. They do. You know, they they are shadow I because they're driving What changes in your world for that? >>So this is really kind of an interesting question. Very early on, when Oracle made cloud product available >>in HCM, we saw an opportunity. Our clients had the demand because they wanted to create a more sticky environment from customers. What better >>way than providing them better products in the HCM space? We made major investments there. Now we're a leader in HCM, and if I look back over that experience, what do we do differently? First of all, we had to change our mindset. You know, it's not enough just to say the cloud, but you gotta live the cloud because it truly is more agile. It truly is faster. You can take your old methods and tools and approaches all the things that worked for you before. A lot of them don't work anymore. There's some but some really good winds here, especially in the change management side. Also, you know, we'd have clients that had to kind of do it yourself brain surgery that have to order their own hardware that have provisional themselves. You know, that became a real mess. Now we're looking at something that's a lot different. We're not in that business anymore. You know, we do support on Prem where our clients think it's important and strategic course. But now we've got a new, agile methodology. Now we've trained our workforce. We've got 14,500 professionals around the world. We've had to move that group, and Oracle really helped us do that. They've been very collaborative in sharing I p and sharing methods and tools with us so we can make that adjustment. Not only have we had to change that when you think about our other methodologies, all of our other methodology to create value to change management, they were all thoroughly integrated. We've had to rethink those, but it's been a great story because we could go to the client. We can say we can get you there faster because where technology was a barrier world, >>it was on the critical path. We're now changing that. And by the way, this technology is not your old technology. It's much better. It's much more robust. How >>do you you know, obviously we're here It at an oracle OpenWorld. It could be called Oracle Cloud >>World if we really wanted to. I mean, >>it's a lot of it is the red stack. A lot of it is one cloud. How do you manage that against customers saying, Well, look, there's other options as well. I wanna have the ability to leverage this cloud for something. Oracles cloud for certain things. How do you do? You find your customers want multiple clouds or one cloud is good enough? >>Well, we're all teaching right? We're all teaching the world about God because you know there's still people that look at it in a variety of different ways. I think it's an excellent question, so let's think about this. >>Do you want to be your own systems integrator for your smartphone. You want to go by an operating system? Do you want to go buy a separate peace of heart? Where do you >>want to decide what APS fit? What don't. And do you want to actually try to get those abs together? I don't think we want to do that anymore. And I try to use that as an example for my clients. Tell them. Look, let's not be your own systems integrator. You is a iittie executive. You could be an officer toe, help the organization get to their business goals. You know, you're not in another yourself a business objective, but you could be an agent for change. I try to educate them so they can help their colleagues explain cloud, take the fear out and then show the art of the possible. What about the security model? I mean, I wouldn't get your take on you little bit biased because your manager Oracle really? But what would be global, critical or complementary events? How you feel about it? But the intense security message is really a game changer in my mind. Follows on incredible theory. Incredible application. Certainly the product's gonna be ready soon. If it works, it's like a car that does the key turnover. It's like it's all good on paper. Certainly a game changer. Security outside number One thing you're hearing Get some color to that because, you know, if that plays out, if you believe that end N security on the chips and software Silicon plays out the way they say it would, that's gonna change the game. For sure. It is. So none of us and you can go through a week without hearing about a major security breach. When you think about this, you step back and think about the potential here. Our stuff is starting to talkto our stuff. But our stuff isn't unless it's based on. Oracle isn't all thoroughly integrated, so somebody can break into our stuff and they can get access to our lives and they can change our lives. That's hugely powerful. So we are very concerned about security, and Lloyd is one of the largest organizations. In fact, we have a cyber practice that looks at both Proactiv reactive aspects of security. Here's the big concern we have as all this stuff starts, get interconnected. The Internet of things, security becomes a major issue. We need more breakthroughs and security. And I think oracles on the vanguard certainly as we get into what we call a hyper hybrid cloud on Prem on Cloud. Some of that's gonna be a great emotion is no. Perimeter is nothing either. Protect is the Wild West total while and, you know, despite what you believe, boards and people are not reacting fast enough to security threats. And that's why you're seeing these breaches into my knowledge. I don't think anybody has been breached with Orgel security in place. But that said, you have to be really, But still, they probably would get out. There's not that they're hiding it, but the point is, you need to be united engine system. It's hard to do that in a open source world, right? So you have a horizontally scaled open source phenomenon, and it's growing our market and a vertically integrated product requirement. You believe I want Indian security, then you gonna go vertically integrated. You do purpose built. But if you want scale a 1,000,000,000 large scale a k a cloud, you want horizontally scalable. How do you reconcile that with your customers? Well, you know so again. It's difficult for them because unless you've had a security threat, it's very difficult to really get them to take the initiative. You know, the more that we can build security in, the more that it's covered in the Red Sea. More that we get a comprehensive end to end product. I think it allows us to help the client realize you know the risk and help them. The old Fowler said. In The Cube they had they had this done in 2005. Finally took a bunch of security breaches to get people's attention to your point. It's on everyone's agenda. Number one right it is. And yet you know how much is enough? Well, we find the people are too reactive and not not proactive enough. >>What's the What's the temperature of your customers right now? I mean, you know, Tesla's out, they're disrupting Uber's out. Their Airbnb are they? Are they sort of defensive and paranoid? You know that Andy Grove, always trying to be aggressive with a saying No, no, no, no. I'm not letting these little guys into my market. I'm gonna go be aggressive and try and push back what a general feeling. There's a lot of interesting startup disruption going on really changing industry. >>There is, and you know, there's so many sort of partnerships and alliances, mergers and new innovations. You know, right now, clients are very uncomfortable. Just the transition from on Prem to Cloud is a major change in our clients have been the expert for technology for decades for their organization. They are having trouble keeping up with all of it. It can be disruptive. They're looking at what's unique in their industry. You know what is regulation driving? You know what is innovation driving in their industry? But, you know, they're always on the learning curve. They're always trying to figure out if we want to get your final thought wrapping up here to get your take for the folks that are watching here on camera that couldn't make it here were beloved world. What is this show about it? We've been here six years. You've seen that transformation. About four years ago, Larry looked like a deer in the headlights, almost stuck in his tracks and smoke coming out of his ears like he felt that the scene felt like a pivotal moment couple years ago. And then since then, just been every year. Oracle just gets more and more energy, just like dominated that march of the crowd. Almost like four years ago. Like we're gonna win that. What's your vibe? You see that same thing here and shared some color on the take is over the years, and we've been doing this a lot in various forms Over the years. There's been the promise of riel innovation. There's been the promise, real change in the industry. We saw sort of incremental change. We really see increments. Exponential change now and now. The promises fulfilled. We have real product. We're taking the market. We're doing interesting product, right? Israel product. It's very riel, and we have work to be done. But yeah, really studies and customers? Well, it's an evolution. But this is really sort of an epiphany at the moment, because we've never had, >>you know, full sweets of product in the marketplace. Not right now. I don't know that there are any other large you know. Air Pia options in the clouds away there is for Oracle and look at the host of service is that have been announced over the last year. >>This this particular show for us, you know, really isn't accelerating. All these products and service is in the cloud that are now available. They give us a lot of different options that we never had. A great quote. Put that on a cube. Jim. Thanks for joining Us. Way are here live in San Francisco's Howard Street for the Cube Special. Exclusive coverage of Oracle OpenWorld Q. Be right back with more of this short break. Thanks for watching.