(upbeat music) >> Announcer: From the CUBE studios in Palo Alto, in Boston, connecting with thought leaders all around the world. This is theCUBE Conversation. >> Hey, welcome back everybody Jeffrey Frick with theCUBE. We are getting through the COVID crisis. It continues and impacting the summer. I can't believe the summer's almost over, but there's a whole lot of things going on in terms of privacy and contact tracing and this kind of this feeling that there's this conflict between kind of personal identification and your personal privacy versus the public good around things like contact tracing. And I was in a session last week with two really fantastic experts. I wanted to bring them on the show and we're really excited to have back for I don't even know how many times Michelle has been on Michelle Dennedy, She is the former chief privacy officer at Cisco and now she's running the CEO of Identity, Michelle great to see you. >> Good to see you always Jeff >> Yeah and for the first time Dr. Ann Cavoukian and she is the executive director Global Privacy & Security By Design Center. Joining us from Toronto, worked with the government and is not short on opinions about privacy. (laughing) Ann good to see you. >> Hi Jeff thank you >> Yes, so let's jump into it cause I think one of the fundamental issues that we keep hearing is this zero-sum game. And I know and it's a big topic for you that there seems to be this trade off this either or and specifically let's just go to contact tracing. Cause that's a hot topic right now with COVID. I hear that it's like you're telling everybody where I'm going and you're sharing that with all these other people. How is this even a conversation and where do I get to choose whether I want to participate or not? >> You can't have people traced and tracked and surveil. You simply can't have it and it can't be an either or win lose model. You have to get rid of that data. Zero-sum game where only one person can win and the other one loses and it sums to a total of zero. Get rid of that, that's so yesterday. You have to have both groups winning positive sum. Meaning yes, you need public health and public safety and you need privacy. It's not one versus the other. We can do both and that's what we insist upon. So the contact term tracing app that was developed in Canada was based on the Apple Google framework, which is actually called exposure notification. It's totally privacy protective individuals choose to voluntarily download this app. And no personal information is collected whatsoever. No names, no geolocation data, nothing. It's simply notifies you. If you've been exposed to someone who is COVID-19 positive, and then you can decide on what action you wish to take. Do you want to go get tested? Do you want to go to your family doctor, whatever the decision lies with you, you have total control and that's what privacy is all about. >> Jeffrey: But what about the person who was sick? Who's feeding the top into that process and is the sick person that you're no notifying they obviously their personal information is part of that transaction. >> what the COVID alerts that we developed based on the Apple Google framework. It builds on manual contact tracing, which also take place the two to compliment each other. So the manual contact tracing is when individuals go get to get tested and they're tested as positive. So healthcare nurses will speak to that individual and say, please tell us who you've been in contact with recently, family, friends, et cetera. So the two work together and by working together, we will combat this in a much more effective manner. >> Jeffrey: So shifting over to you Michelle, you know, there's PIN and a lot of conversations all the time about personal identifiable information but right. But then medical has this whole nother class of kind of privacy restrictions and level of care. And I find it really interesting that on one hand, you know, we were trying to do the contract tracing on another hand if you know, my wife works in a public school. If they find out that one of the kids in this class has been exposed to COVID somehow they can't necessarily tell the teacher because of HIPAA restriction. So I wonder if you could share your thoughts on this kind of crossover between privacy and health information when it gets into this kind of public crisis and this inherent conflict for the public right to know and should the teacher be able to be told and it's not a really clean line with a simple answer, I don't think. >> No and Jeff, and you're also layering, you know, when you're talking about student data, you layering another layer of legal restriction. And I think what you're putting your thumb on is something that's really critical. When you talk about privacy engineering, privacy by design and ethics engineering. You can't simply start with the legal premise. So is it lawful to share HIPAA covered data. A child telling mommy I don't feel well not HIPAA covered. A child seeing a doctor for medical services and finding some sort of infection or illness covered, right? So figuring out the origin of the exact same zero one. Am I ill or not, all depends on context. So you have to first figure out, first of all let's tackle the moral issues. Have we decided that it is a moral imperative to expose certain types of data. And I separate that from ethics intentionally and with apologies to true ethicists. The moral imperative is sort of the things we find are so wrong. We don't want a list of kids who are sick or conversely once the tipping point goes the list of kids who are well. So then they are called out that's the moral choice. The ethical choice is just because you can should you, and that's a much longer conversation. Then you get to the legal imperative. Are you allowed to based on the past mistakes that we made. That's what every piece of litigation or legislation is particularly in a common law construct in the US. It's very important to understand that civil law countries like the European theater. They try to prospectively legislate for things that might go wrong. The construct is thinner in a common law economy where you do, you use test cases in the courts of law. That's why we are such a litigious society has its own baggage. But you have to now look at is that legal structure attempting to cover past harms that are so bad that we've decided as a society to punish them, is this a preventative law? And then you finally get to what I say is stage four for every evaluation is isn't viable, are the protections that you have to put on top of these restrictions. So dire that they either cannot be maintained because of culture process or cash or it just doesn't make sense anymore. So does it, is it better to just feel someone's forehead for illness rather than giving a blood assay, having it sent away for three weeks and then maybe blah, blah, blah, blah, blah, blah. >> Right. >> You have to look at this as a system problem solving issue. >> So I want to look at it in the context of, again kind of this increased level of politicization and or, you know, kind of exposure outside of what's pretty closed. And I want to bring up AIDS and the porn industry very frankly right? Where people behaving in the behavior of the business risk a life threatening disease of which I still don't think it as a virus. So you know why, cause suddenly, you know, we can track for that and that's okay to track for that. And there's a legitimate reason to versus all of the other potential medical conditions that I may or may not have that are not necessarily brought to bear within coming to work. And we might be seeing this very soon. As you said, if people are wanting our temperatures, as we come in the door to check for symptoms. How does that play with privacy and healthcare? It's still fascinates me that certain things is kind of pop out into their own little bucket of regulation. I'm wondering if you could share your thoughts on that Ann. >> You know, whenever you make it privacy versus fill in the blank, especially in the context of healthcare. You end up turning it to a lose lose as opposed to even a win lose. Because you will have fewer people wanting to allow themselves to be tested, to be brought forward for fear of where that information may land. If it lands in the hands of your employer for example or your whoever owns your house if you're in renting, et cetera. It creates enormous problems. So regardless of what you may think of the benefits of that model. History has shown that it doesn't work well that people end up shying away from being tested or seeking treatment or any of those things. Even now with the contact tracing apps that have been developed. If you look globally the contact tracing apps for COVID-19. They have failed the ones that identify individuals in the UK, in Australia, in Western Canada that's how it started out. And they've completely dropped them because they don't work. People shy away from them. They don't use them. So they've gotten rid of that. They've replaced it with the, an app based on the Apple Google framework, which is the one that protects privacy and will encourage people to come forward and seek to be tested. If there's a problem in Germany. Germany is one of the largest privacy data protection countries in the world. Their privacy people are highly trusted in Germany. Germany based their app on the Apple Google framework. About a month ago they released it. And within 24 hours they had 6.5 million people download the app. >> Right. >> Because there is such trust there unlike the rest of the world where there's very little trust and we have to be very careful of the trust deficit. Because we want to encourage people to seek out these apps so they can attempt to be tested if there's a problem, but they're not going to use them. They're just going to shy away from them. If there is such a problem. And in fact I'll never forget. I did an interview about a month ago, three weeks ago in the US on a major major radio station that has like 54 million people followers. And I was telling them about the COVID alert the Canadian contact tracing app, actually it's called exposure notification app, which was built on the Apple Google framework. And people in hoard said they wouldn't trust anyone with it in the US. They just wouldn't trust it. So you see there's such a trust deficit. That's what we have to be careful to avoid. >> So I want to hold on the trust for just a second, but I want to go back to you Michelle and talk about the lessons that we can learn post 9/11. So the other thing right and keep going back to this over and over. It's not a zero-sum game. It's not a zero-sum game and yet that's the way it's often positioned as a way to break down existing barriers. So if you go back to 9/11 probably the highest profile thing being the Patriot Act, you know, where laws are put in place to protect us from terrorism that are going to do things that were not normally allowed to be done. I bet without checking real exhaustively that most of those things are still in place. You know, cause a lot of times laws are written. They don't go away for a long time. What can we learn from what happened after 9/11 and the Patriot Act and what should be really scared of, or careful of or wary of using that as a framework for what's happening now around COVID and privacy. >> It's a perfect, it's not even an analogy because we're feeling the shadows of the Patriot Act. Even now today, we had an agreement from the United States with the European community until recently called the Privacy Shield. And it was basically if companies and organizations that were, that fell under the Federal Trade Commissions jurisdiction, there's a bit of layering legal process here. But if they did and they agreed to supply enough protection to data about people who were present in the European Union to the same or better level than the Europeans would. Then that information could pass through this Privacy Shield unencumbered to and from the United States. That was challenged and taken down. I don't know if it's a month ago or if it's still March it's COVID time, but very recently on basis that the US government can overly and some would say indifferent nations, improperly look at European data based on some of these Patriot Act, FISA courts and other intrusive mechanisms that absolutely do apply if we were under the jurisdiction of the United States. So now companies and private actors are in the position of having to somehow prove that they will mechanize their systems and their processes to be immune from their own government intrusion before they can do digital trade with other parts of the world. We haven't yet seen the commercial disruption that will take place. So the unintended consequence of saying rather than owning the answers or the observations and the intelligence that we got out of the actual 9/11 report, which said we had the information we needed. We did not share enough between the agencies and we didn't have the decision making activity and will to take action in that particular instance. Rather than sticking to that knowledge. Instead we stuck to the Patriot Act, which was all but I believe to Congress people. When I mean, you see the hot mess. That is the US right now. When everyone but two people in the room vote for something on the quick. There's probably some sort of a psychological gun to your head. That's probably well thought out thing. We fight each other. That's part of being an American dammit. So I think having these laws that say, you've got to have this one solution because the boogeyman is coming or COVID is coming or terrorists or child pornographers are coming. There's not one solution. So you really have to break this down into an engineering problem and I don't mean technology when I say engineering. I mean looking at the culture, how much trust do you have? Who is the trusted entity? Do we trust Microsoft more than we trust the US government right now? Maybe that might be your contact. How you're going to build people, process and technology not to avoid a bad thing, but to achieve a positive objective because if you're not achieving that positive objective of understanding that safe to move about without masks on, for example, stop, just stop. >> Right, right. My favorite analogy Jeff, and I think I've said this to you in the past is we don't sit around and debate the merits of viscosity of water to protect concrete holes. We have to make sure that when you lead them to the concrete hole, there's enough water in the hole. No, you're building a swimming pool. What kind of a swimming pool do you want? Is it commercial, Is it toddlers? Is it (indistinct), then you build in correlation, protection and da da da da. But if you start looking at every problem as how to avoid hitting a concrete hole. You're really going to miss the opportunity to build and solve the problem that you want and avoid the risk that you do not want. >> Right right, and I want to go back to you on the trust thing. You got an interesting competent in that other show, talking about working for the government and not working directly for the people are voted in power, but for the kind of the larger bureaucracy and agency. I mean, the Edelman Trust Barometer is really interesting. They come out every year. I think it's their 20th year. And they break down kind of like media, government and business. And who do you trust and who do you not trust? What what's so fascinating about the time we're in today is even within the government, the direction that's coming out is completely diametrically opposed oftentimes between the Fed, the state and the local. So what does kind of this breakdown of trust when you're getting two different opinions from the same basic kind of authority due to people's ability or desire to want to participate and actually share the stuff that maybe or maybe not might get reshared. >> It leaves you with no confidence. Basically, you can't take confidence in any of this. And when I was privacy commissioner. I served for three terms, each term that was a different government, different political power in place. And before they had become the government, they were all for privacy and data protection believed in and all that. And then once they became the government all that changed and all of a sudden they wanted to control everyone's information and they wanted to be in power. No, I don't trust government. You know, people often point to the private sector as being the group you should distrust in terms of privacy. I say no, not at all. To me far worse is actually the government because everyone thinks they're there to do good job and trust them. You can't trust. You have to always look under the hood. I always say trust but verify. So unfortunately we have to be vigilant in terms of the protections we seek for privacy both with private sector and with the government, especially with the government and different levels of government. We need to ensure that people's privacy remains intact. It's preserved now and well into the future. You can't give up on it because there's some emergency a pandemic, a terrorist incident whatever of course we have to address those issues. But you have to insist upon people's privacy being preserved. Privacy forms the foundation of our freedom. You cannot have free and open societies without a solid foundation of privacy. So I'm just encouraging everyone. Don't take anything at face value, just because the government tells you something. It doesn't mean it's so always look under the hood and let us ensure the privacy is strongly protected. See emergencies come and go. The pandemic will end. What cannot end is our privacy and our freedom. >> So this is a little dark in here, but we're going to lighten it up a little bit because there's, as Michelle said, you know, if you think about building a pool versus putting up filling a hole, you know, you can take proactive steps. And there's a lot of conversation about proactive steps and I pulled Ann your thing Privacy by Design, The 7 Foundational Principles. I have the guys pull up a slide. But I think what's really interesting here is, is you're very, very specific prescriptive, proactive, right? Proactive, not reactive. Privacy is the default setting. You know, don't have to read the ULAs and I'm not going to read the, all the words we'll share it. People can find it. But what I wanted to focus on is there is an opportunity to get ahead of the curve, but you just have to be a little bit more thoughtful. >> That's right, and Privacy By Design it's a model of prevention, much like a medical model of prevention where you try to prevent the harms from arising, not just deal with them after the facts through regulatory compliance. Of course we have privacy laws and that's very important, but they usually kick in after there's been a data breach or privacy infraction. So when I was privacy commissioner obviously those laws were intact and we had to follow them, but I wanted something better. I wanted to prevent the privacy harms from arising, just like a medical model of prevention. So that's a Privacy By Design is intended to do is instantiate, embed much needed privacy protective measures into your policies, into your procedures bake it into the code so that it has a constant presence and can prevent the harms from arising. >> Jeffrey: Right right. One of the things I know you love to talk about Michelle is compliance, right? And is compliance enough. I know you like to talk about the law. And I think one of the topics that came up on your guys' prior conversation is, you know, will there be a national law, right? GDPR went through on the European side last year, the California Protection Act. A lot of people think that might become the model for more of a national type of rule. But I tell you, when you watch some of the hearings in DC, you know, I'm sure 90% of these people still print their emails and have their staff hand them to them. I mean, it's really scary that said, you know, regulation always does kind of lag probably when it needs to be put in place because people maybe abuse or go places they shouldn't go. So I wonder if you could share your thoughts on where you think legislation is going to going and how should people kind of see that kind of playing out over the next several years, I guess. >> Yeah, it's such a good question Jeff. And it's like, you know, I think even the guys in Vegas are having trouble with setting the high laws on this. Cameron said in I think it was December of 2019, which was like 15 years ago now that in the first quarter of 2020, we would see a federal law. And I participated in a hearing at the Senate banking committee, again, November, October and in the before times. I'm talking about the same thing and here we are. Will we have a comprehensive, reasonable, privacy law in the United States before the end of this president's term. No, we will not. I can say that with just such faith and fidelity. (laughing) But what does that mean? And I think Katie Porter who I'm starting to just love, she's the Congresswoman who's famous for pulling on her white board and just saying, stop fudging the numbers. Let's talk about the numbers. There's about a, what she calls the 20% legislative flip phone a caucus. So there are 20% or more on both sides of the aisle of people in the US who are in the position of writing our laws. who are still on flip phones and aren't using smart phones and other kinds of technologies. There's a generation gap. And as much as I can kind of chuckle at that a little bit and wink, wink, nudge, nudge, isn't that cute. Because you know, my dad, as you know, is very very technical and he's a senior citizen. This is hard. I hope he doesn't see that but... (laughing) But then it's not old versus young. It's not let's get a whole new group and crop and start over again. What it is instead and this is, you know, as my constant tome sort of anti compliance. I'm not anti compliance. You got to put your underwear on before your pants or it's just really hard. (laughing) And I would love to see anyone who is capable of putting their underwater on afterwards. After you've made the decision of following the process. That is so basic. It comes down to, do you want the data that describes or is donated or observed about human beings. Whether it's performance of your employees. People you would love to entice onto your show to be a guest. People you'd like to listen and consume your content. People you want to meet. People you want to marry. Private data as Ann says, does the form the foundation of our freedom, but it also forms the foundation of our commerce. So that compliance, if you have stacked the deck proactively with an ethics that people can understand and agree with and have a choice about and feel like they have some integrity. Then you will start to see the acceleration factor of privacy being something that belongs on your balance sheet. What kind of data is high quality, high nutrition in the right context. And once you've got that, you're in good shape. >> I'm laughing at privacy on the balance sheet. We just had a big conversation about data on the balance sheets. It's a whole, that's a whole another topic. So we can go for days. I have Pages and pages of notes here. But unfortunately I know we've got some time restrictions. And so, and I want to give you the last word as you look forward. You've been in this for a while. You've been in it from the private side, as well as the government side. And you mentioned lots of other scary things, kind of on the horizon. Like the kick of surveillance creep, which there's all kinds of interesting stuff. You know, what advice do you give to citizens. What advice do you give to leaders in the public sector about framing the privacy conversation >> I always want to start by telling them don't frame privacy as a negative. It's not a negative. It's something that can build so much. If you're a business, you can gain a competitive advantage by strongly protecting your customer's privacy because then it will build such loyalty and you'll gain a competitive advantage. You make it work for you. As a government you want your citizens to have faith in the government. You want to encourage them to understand that as a government you respect their privacy. Privacy is highly contextual. It's only the individual who can make determinations relating to the disclosure of his or her personal information. So make sure you build that trust both as a government and as a business, private sector entity and gain from that. It's not a negative at all, make it work for you, make it work for your citizens, for your customers, make it a plus a win win that will give you the best returns. >> Isn't it nice when doing the right thing actually provides better business outcomes too. It's like diversity of opinion and women on boards. And kind of things- >> I love that. we cover these days. >> Well ladies, thank you very very much for your time. I know you've got a hard stop, so I'm going to cut you loose or else we would go for probably another hour and a half, but thank you so much for your time. Thank you for continuing to beat the drum out there and look forward to our next conversation. Hopefully in the not too distant future. >> My pleasure Jeff. Thank you so much. >> Thank you. >> Thank you too. >> All right She's Michelle. >> She's Ann. I'm Jeff. You're watching theCUBE. Thanks for watching. We'll see you next time. (upbeat music)

>> Announcer: From San Francisco, it's theCUBE! Covering RSA Conference 2020 San Francisco. Brought to you by SiliconANGLE Media. >> Hey welcome back, get ready, Jeff Frick here with theCUBE, we're at RSA 2020, here at Moscone, it's a really pretty day outside in San Francisco, unfortunately we're at the basement of Moscone, but that's 'cause this is the biggest thing going in security, it's probably 15,000 people, we haven't got the official number yet, but this is the place to be and security is a really really really big deal, and we're excited to have our next guest, I haven't seen her for a little while, since data privacy day. I tried to get Scott McNealy to join us, he unfortunately was predisposed and couldn't join us. Michelle Finneran Dennedy, in her new job, the CEO of DrumWave. Michelle, great to see you. >> Great to see you too, I'm sorry I missed you on privacy day. >> I know, so DrumWave, tell us all about DrumWave, last we saw you this is a new adventure since we last spoke. >> It's a new adventure, so this is my first early stage company, we're still seeking series A, we're a young company, but our mantra is we are the data value company. So they have had this very robust analytics engine that goes into the heart of data, and can track it and map it and make it beautiful, and along came McNealy, who actually sits on our board. And they said we need someone, it's all happening. So they asked Scott McNealy, who is the craziest person in privacy and data that you know and he said "Oh my God, get the Dennedy woman." So, they got the Dennedy woman and that's what I do now, so I've taken this analytics value engine, I'm pointing it to the board as I've always said, Grace Hopper said, data value and data risk has to be on the corporate balance sheet, and so that's what we're building is a data balance sheet for everyone to use, to actually value data. >> So to actually put a value on the data, so this is a really interesting topic, because people talk about the value of data, we see the value of data wrapped up, not directly, but indirectly in companies like Facebook and Google and those types of companies who clearly are leveraging data in a very different way, but it is not a line item on a balance sheet, they don't teach you that at business school next to capital assets and, right, so how are you attacking the problem, 'cause that's a huge, arguably will be the biggest asset anyone will have on their balance sheet at some point in time. >> Absolutely, and so I go back to basic principles, the same as I did when I started privacy engineering. I look and I say "Okay, if we believe the data's an asset," and I think that at least verbally, we all say the words "Yes, data is an asset," instead of some sort of exhaust, then you have to look back and say "What's an asset?" Well an asset, under the accounting rules, is anything tangible or intangible that is likely to cause economic benefit. So you break that down, what is the thing, well you got to map that thing. So where is your data? Well data tells you where it is. Instead of bringing in clip boards and saying "Hey, Jeff, my man, do you process PII?" We don't do that, we go to your system, and when you go on DrumWave, you're automatically receiving an ontology that says what is this likely to be, using some machine learning, and then every single column proclaims itself. And so we have a data provenance for every column, so you put that into an analytics engine, and suddenly you can start asking human questions of real data. >> And do you ask the questions to assess the value of the data, or is the ultimate valuation of that data in the categorization and the ontology, and knowing that I have this this this and this, or I mean we know what the real value is, the soft value is what you can do with it, but when you do the analytics on it, are you trying to get to unlock what the potential, underlying analytic value is of that data that you have in your possession? >> Yeah, so the short answer is both, and the longer answer is, so my cofounder, Andre Vellozo, believes, and I believe too, that every conversation is a transaction. So just like you look at transactions within the banking context, and you say, you have to know that it's there, creating a data ontology. You have to know what the context is, so when you upload your data, you receive a data provenance, now you can actually look at, as the data controller, you open what we call your wallet, which is your portal into our analytics engine, and you can see across the various data wranglers, so each business unit has put their data on, because the data's not leaving your place, it's either big data, small data, I don't really care data. Everything comes in through every business unit, loads up their data set, and we look across it and we say "What kind of data is there?" So there's quantitative data saying, if you took off the first 10 lines of this column in marketing, now you have a lump of data that's pure analytics. You just share those credentials and combine that dataset, you know you have a clean set of data that you can even sell, or you can create an analytic, because you don't have any PII. For most data sets, you look at relative value, so for example, one of the discussions I had with a customer today, we know when we fail in privacy, we have a privacy breach, and we pay our lawyers, and so on. Do you know what a privacy success is? >> Hopefully it's like an offensive lineman, you don't hear their name the whole game right, 'cause they don't get a holding call. >> Until they put the ball in the hole. So who's putting the ball in the hole, sales is a privacy success. You've had a conversation with someone who was the right someone in context to sign on the bottom line. You have shared information in a proportionate way. If you have the wrong data, your sale cycle is slower. So we can show, are you efficiently sharing data, how does that correlate with the results of your business unit? Marketing is another privacy success. There's always that old adage that we know that 50% of marketing is a waste, but we don't know which 50%. Well now we can look at it and say "All right," marketing can be looked at as people being prepared to buy your product, or prepared to think in a new, persuasive way. So who's clicking on that stuff, that used to be the metric, now you should tie that back to, how much are you storing for how long related to who's clicking, and tying it to other metrics. So the minute you put data into an analytics engine, it's not me that's going to tell you how you're going to do your data balance sheet, you're going to tell me how dependent you are on digital transactions versus tangible, building things, selling things, moving things, but everyone is a digital business now, and so we can put the intelligence on top of that so you, the expert in value, can look at that value and make your own conclusions. >> And really, what you're talking about then is tying it to my known processes, so you're almost kind of parsing out the role of the data in doing what I'm trying to do with my everyday business. So that's very different than looking at, say, something like, say a Facebook or an Amazon or a Google that are using the data not necessarily, I mean they are supporting the regular processes, but they're getting the valuation bump because of the potential. >> By selling it. >> Or selling it, or doing new businesses based on the data, not just the data in support of the current business. So is that part of your program as well, do you think? >> Absolutely, so we could do the same kind of ontology and value assessment for an Apple, Apple assesses value by keeping it close, and it's not like they're not exploiting data value, it's just that they're having everyone look into the closed garden, and that's very valuable. Facebook started that way with Facebook Circles way back when, and then they decided when they wanted to grow, they actually would start to share. And then it had some interesting consequences along the line. So you can actually look at both of those models as data valuation models. How much is it worth for an advertiser to get the insights about your customers, whether or not they're anonymized or not, and in certain contexts, so healthcare, you want it to be hyper-identifiable, you want it to be exactly that person. So that valuation is higher, with a higher correlation of every time that PII is associated with a treatment, to that specific person with the right name, and the same Jr. or Sr. or Mrs. or Dr., all of that correlated into one, now your value has gone up, whether you're selling that data or what you're selling is services into that data, which is that customer's needs and wants. >> And in doing this with customers, what's been the biggest surprise in terms of a value, a piece of value in the data that maybe just wasn't recognized, or kind of below the covers, or never really had the direct correlation or association that it should've had? >> Yeah, so I don't know if I'm going to directly answer it or I'm going to sidewind it, but I think my biggest surprise wasn't a surprise to me, it was a surprise to my customers. The customers thought we were going to assess their data so they could start selling it, or they could buy other data sources, combine it, enrich it, and then either sell it or get these new insights. >> Jeff: That's what they brought you in for. >> Yeah, I know, cute, right? Yeah, so I'm like "Okay." The aha moment, of course, is that first of all, the "Oh my God" moment in data rarely happens, sometimes in big research cases, you'll get an instance of some biometric that doesn't behave organically, but we're talking about human behavior here, so the "Aha, we should be selling phone data "to people with phones" should not be an aha, that's just bad marketing. So instead, the aha for me has been A, how eager and desperate people are for actually looking at this, I really thought this was going to be a much more steep hill to climb to say "Hey, data's an asset," I've been saying this for over 20 years now, and people are kind of like "Yeah, yeah, yeah." Now for the first time, I'm seeing people really want to get on board and look comprehensively, so I thought we'd be doing little skinny pilots, oh no, everyone wants to get all their data on board so they can start playing around with it. So that's been really a wake-up call for a privacy gal. >> Right, well it's kind of interesting, 'cause you're kind of at the tail end of the hype cycle on big data, with Hadoop, and all that that represented, it went up and down and nobody had-- >> Michelle: Well we thought more was more. >> We thought more was more, but we didn't have the skills to manage it, and there was a lot of issues. And so now you never hear about big data per say, but data's pervasive everywhere, data management is pervasive everywhere, and again, we see the crazy valuations based on database companies, that are clearly getting that. >> And data privacy companies, I mean look at the market in DC land, and any DCs that are looking at this, talk to mama, I know what to do. But we're seeing one feature companies blowing up in the marketplace right now, people really want to know how to handle the risk side as well as the value side. Am I doing the right thing, that's my number one thing that not CPOs are, because they all know how crazy it is out there, but it's chief financial officers are my number one customer. They want to know that they're doing the right thing, both in terms of investment, but also in terms of morality and ethics, am I doing the right thing, am I growing the right kind of business, and how much of my big data is paying me back, or going back to accountancy rules, the definition of a liability is an asset that is uncurated. So I can have a pencil factory, 'cause I sell pencils, and that's great, that's where I house my pencils, I go and I get, but if something happened and somehow the route driver disappeared, and that general manager went away, now I own a pencil factory that has holes in the roof, that has rotting merchandise, that kids can get into, and maybe the ceiling falls, there's a fire, all that is, if I'm not utilizing that asset, is a liability, and we're seeing real money coming out of the European Union, there was a hotel case where the data that they were hoarding wasn't wrong, it was about real people who had stayed at their hotels, it just was in the 90s. And so they were fined 14.5 million Euros for keeping stale data, an asset had turned into a liability, and that's why you're constantly balancing, is it value, is it risk, am I taking so much risk that I'm not compensating with value and vice versa, and I think that's the new aha moment of really looking at your data valuation. >> Yeah, and I think that was part of the big data thing too, where people finally realized it's not a liability, thinking about "I got to buy servers to store it, "and I got to buy storage, and I got to do all this stuff," and they'd just let it fall on the floor. It's not free, but it does have an asset value if you know what to do with it. So let's shift gears about privacy specifically, because obviously you are the queen of privacy. >> I like that, that's my new title. >> GDPR went down, and now we've got the California version of GDPR, love to get your update, did you happen to be here earlier for the keynotes, and there was a conversation on stage about the right to be forgotten. >> Jennifer: Oh dear god, now, tell me. >> And is it even possible, and a very esteemed group of panelists up there just talking about very simple instances where, I search on something that you did, and now I want to be forgotten. >> Did no one watch Back to the Future? Did we not watch that show? Back to the Future where all their limbs start disappearing? >> Yes, yes, it's hard to implement some of these things. >> This has been my exhaustion with the right to be forgotten since the beginning. Humanity has never desired a right to be forgotten. Now people could go from one village to the next and redo themselves, but not without the knowledge that they gained, and being who they were in the last village. >> Jeff: Speaking to people along the way. >> Right, you become a different entity along the way. So, the problem always was really, differential publicity. So, some dude doesn't pay back his debtors, he's called a bad guy, and suddenly, any time you Google him, or Bing him, Bing's still there, right? >> Jeff: I believe so. >> Okay, so you could Bing someone, I guess, and then that would be the first search term, that was the harm, was saying that your past shouldn't always come back to haunt you. And so what we try to do is use this big, soupy term that doesn't exist in philosophy, in art, the Chimea Roos had a great right to be forgotten plan. See how that went down? >> That was not very pleasant. >> No, it was not pleasant, because what happens is, you take out knowledge when you try to look backwards and say "Well, we're going to keep this piece and that," we are what we are, I'm a red hot mess, but I'm a combination of my red hot messes, and some of the things I've learned are based on that. So there's a philosophical debate, but then there's also the pragmatic one of how do you fix it, who fixes it, and who gets to decide whose right it is to be forgotten? >> And what is the goal, that's probably the most important thing, what is the goal that we're trying to achieve, what is the bad thing that we're trying to avoid, versus coming up with some grandiose idea that probably is not possible, much less practical. >> There's a suit against the Catholic Church right now, I don't know if you heard this, and they're not actually in Europe, they live in Vatican City, but there's a suit against, about the right to be forgotten, if I decide I'm no longer Catholic, I'm not doing it, Mom, I'm hearing you, then I should be able to go to the church and erase my baptismal records and all the rest. >> Jeff: Oh, I hadn't heard that one. >> I find it, first of all, as someone who is culturally Catholic, I don't know if I can be as saintly as I once was, as a young child. What happens if my husband decides to not be Catholic anymore? What happens if I'm not married anymore, but now my marriage certificate is gone from the Catholic Church? Are my children bastards now? >> Michelle's going deep. >> What the hell? Literally, what the hell? So I think it's the unintended consequence without, this goes back to our formula, is the data value of deletion proportionate to the data risk, and I would say the right to be forgotten is like this. Now having an indexability or an erasability of a one-time thing, or, I'll give you another corner case, I've done a little bit of thinking, so you probably shouldn't have asked me about this question, but, in the US, when there's a domestic abuse allegation, or someone calls 911, the police officers have to stay safe, and so typically they just take everybody down to the station, men and women. Guess who are most often the aggressors? Usually the dudes. But guess who also gets a mugshot and fingerprints taken? The victim of the domestic abuse. That is technically a public record, there's never been a trial, that person may or may not ever be charged for any offense at all, she just was there, in her own home, having the crap beat out of her. Now she turns her life around, she leaves her abusers, and it can happen to men too, but I'm being biased. And then you do a Google search, and the first thing you find is a mugshot of suspected violence. Are you going to hire that person? Probably not. >> Well, begs a whole discussion, this is the generation where everything's been documented all along the way, so whether they choose or not choose or want or don't want, and how much of it's based on surveillance cameras that you didn't even know. I thought you were going to say, and then you ask Alexa, "Can you please give me the recording "of what really went down?" Which has also been done, it has happened, it has happened, actually, which then you say "Hm, well, is having the data worth the privacy risk "to actually stop the perp from continuing the abuse?" >> Exactly, and one of my age-old mantras, there's very few things that rhyme, but this one does, but if you can't protect, do not collect. So if you're collecting all these recordings in the domestic, think about how you're going to protect. >> There's other people that should've hired you on that one. We won't go there. >> So much stuff to do. >> All right Michelle, but unfortunately we have to leave it there, but thank you for stopping by, I know it's kind of not a happy ending. But good things with DrumWave, so congratulations, we continue to watch the story evolve, and I'm sure it'll be nothing but phenomenal success. >> It's going to be a good time. >> All right, thanks a lot Michelle. She's Michelle, I'm Jeff, you're watching theCUBE, we're at RSA 2020 in San Francisco, thanks for watching, we'll see you next time. (techno music)

>> Live from Barcelona, Spain it's theCUBE! Covering Cisco Live! Europe brought to you by Cisco and its ecosystem partners. >> Hello everyone, welcome back to theCube's live coverage here in Barcelona, Spain for Cisco Live! Europe 2019. We're at day three of three days of coverage I'm John Furrier with Dave Vellante Our next two guests we're going to talk about privacy data Michelle Dennnedy, VP and Chief Privacy officer at Cisco and Robert Waitman who is the Director of Security and Trust. Welcome back, we had them last year and everything we talked about kinda's happening on steroids here this year >> Yep. >> Welcome back >> Thank you glad to be here >> Thanks for having us >> So security, privacy all go hand in hand. A lot going on. You're seeing more breaches you're seeing more privacy challenges Certainly GDPR's going to the next level. People are, quote, complying here's a gig of data go figure it out. So there's a lot happening, give us the update. >> Well, as we suggested last year it was privacypalooza all year long running up to the enforcement deadline of May 25, 2018. There were sort of two kinds of companies. There's one that ran up to that deadline and said woohoo we're ready to drive this baby forward! And then there's a whole nother set of people who are still sort of oh my gosh. And then there's a third category of people who still don't understand. I had someone come up to me several weeks ago and say what do I do? When is this GDPR going to be a law? I thought oh honey you need a hug >> Two years ago, you need some help. >> And some companies in the US, at least were turning off their websites. Some media companies were in the news for actually shutting down their site and not making it available because they weren't ready. So a lot of people were caught off guard, some were prepared but still, you said people would be compliant, kind of and they did that but still more work to do. >> Lots more work to do and as we said when the law was first promulgated two and a half years ago GDPR and the deadline A, It's just one region but as you'll hear as we talk about our study it's impacting the globe but it's also not the end of anything it's the beginning of the information economy at long last. So, I think we all have a lot to do even if you feel rather confident of your base-level compliance now it's time to step up your game and keep on top of it. >> Before we get into some of the details of the new finding you guys have I want you to take a minute to explain how your role is now centered in the middle of Cisco because if you look at the keynotes data's in the center of a lot of things in this intent based network on one side and you've got cloud and edge on the other. Data is the new ingredient that's feeding applications and certainly collective intelligence for security. So the role of data is critical. This is a big part of the Cisco tech plan nevermind policy and or privacy and these other things you're in the middle of it. Explain your role within Cisco and how that shapes you. >> How we sort of fit in. Well it's such a good question and actually if you watch our story through theCUBE we announced, actually on data privacy day several years ago that data is the new currency and this is exactly what we're talking about the only way that you can operationalize your data currency is to really think about it throughout the platform. You're not just pleasing a regulator you're not just pleasing your shareholders you're not just pleasing your employee base. So, as such, the way we organize our group is my role sits under the COO's office our Chief Operations Office under the office of John Stewart who is our Chief Trust officer. So security, trust, advanced research all live together in operations. We have sister organizations in places like public policy, legal, marketing, the sales groups the people who are actually operationalizing come together for a group. My role really is to provide two types of strategy. One, rolling out privacy engineering and getting across inside and outside of the company as quickly as possible. It's something new. As soon as we have set processes I put them into my sister organization and they send them out as routine and hopefully automated things. The other side is the work Robert and I do together is looking at data valuation models. Working about the economics of data where does it drive up revenue and business and speed time to closure and how do we use data to not just be compliant in the privacy risk but really control our overall risk and the quality of our information overall. It's a mouth full >> So that's interesting and Robert, that leads me to a question when we've seen these unfunded mandates before we saw it with Y2K, the Enron backlash certainly the United States the Federal Rules of Civil Procedure. And the folks in the corner office would say oh, here we go again. Is there any way to get more value beyond just reducing risk and complying and have you seen companies be able to take data and value and apply it based on the compliance and governance and privacy policies? >> Dave that's a great question. It's sort of the thought that we had and the hypothesis was that this was going to be more valuable than just for the compliance reasons and one of the big findings of the study that we just released this week was that in fact those investments you know we're saying that good privacy is very good for business. It was painful, some firms stuck their head in the sand and said I don't want to even do this but still, going through the GDPR preparation process or for any of the privacy regulations has taken people to get their data house in order and it's important to communicate. We wanted to find out what benefits were coming from those organizations that had made those investments and that's really what came out in our study this week for international data privacy day we got into that quite a bit. >> What is this study? can you give us some details on it? >> It's the Data Privacy Benchmark study we published this week for international data privacy day. It's sort of an opportunity to focus on data privacy issues both for consumers and for businesses sort of the one day a year kind of like mother's day that you should always think of your mom but mother's day's a good day so you should always think of privacy when you're making decisions about your data but it's a chance to raise awareness. So we published our study this year and it was based on over thirty-two hundred responses from companies around the world from 18 countries all sorts of sizes of companies and the big findings were in fact around that. Privacy has become a serious and a boardroom level issue that the awareness has really skyrocketed for companies who are saying before I do business with you I want to know how you're using my data. What we saw this year is that seven out of eight companies are actually seeing some sales delay from their customers asking those kinds of questions. But those that have made the investment getting ready for GDPR or being more mature on privacy are seeing shorter delays. If you haven't gotten ready you're seeing 60% longer delays. And even more interestingly for us too is when you have data breaches and a lot of companies have them as we've talked about those breaches are not nearly as impactful. The organizations that aren't ready for GDPR are seeing three times as many records impacted by the breach. They're seeing system downtime that's 50% longer and so the cost of the whole thing is much more. So, kind of the question of is this still something good to do? Not only because you have to do it when you want to avoid 4% penalties from GDPR and everything else but it's something that's so important for my business that drives value. >> So the upshot there is that you do the compliance. Okay, check the box, we don't want to get fined So you're taking your medicine basically. Turns into an upside with the data you're seeing from your board. Sales benefit and then just preparedness readiness for breaches. >> Right, I mean it's a nice-- >> Is that right? >> That's exactly right John you've got it right. Then you've got your data house in order I mean there's a logic to this. So then if you figured out where your data is how to protect it, who has access to it you're able to deal with these questions. When customers ask you questions about that you're ready to answer it. And when something bad goes wrong let's say there is a breach you've already done the right things to control your data. You've got rid of the data you don't need anymore. I mean 50% of your data isn't used for anything and of course we suggest that people get rid of that that makes it less available when and if a breach occurs. >> So I got to ask you a question on the data valuation because a lot of the data geeks and data nerds like myself saw this coming. We saw data, mostly on the tech side if you invested in data it was going to feed applications and I think I wrote a blog post in 2007 data's going to be part of the development kits or development environment you're seeing that now here. Data's now part of application development it's part of network intelligence for security. Okay, so yes, check, that's happening. At the CFO level, can you value the data so it's a balance sheet item? Can you say we're investing in this? So you start to see movement you almost project, maybe, in a few years, or now how do you guys see the valuation? Is it going to be another kind of financial metric? >> Well John, it's a great point. Seeing where we're developing around this. So I think we're still in somewhat early days of that issue. I think the organizations that are thinking about data as an asset and monetizing its value are certainly ahead of this we're trying to do that ourselves. We probed on that a little bit in the survey just to get a sense of where organizations are and only about a third of organizations are doing those data mature things. Do they have a complete data map of where their stuff is? Do they have a Chief Data Officer? Are they starting to monetize in appropriate ways, their data? So, there's a long way to go before organizations are really getting the value out of that data. >> But the signals are showing that there's value in the data. Obviously the number of sales there's some upside to compliance not just doin it to check the box there's actually business benefits. So how are you guys thinking about this cause you guys are early adopters or leaders in this how are you thinking about the data measurement of it? Can you share your insights on that? >> Yeah, so you know, data on the balance sheet Grace Hopper 1965, right? data will one day be on the corporate balance sheet because it's in most cases more valuable than the hardware that processes. This is the woman who's making software and hardware work for us, in 1965! Here we are in 2019. It's coming on the balance sheet. She was right then, I believe in it now. What we're doing is, even starting this is a study of correlation rather than causation. So now we have at least the artifacts to say to our legal teams go back and look at when you have one of our new improved streamline privacy sheets and you're telling in a more transparent fashion a deal. Mark the time that you're getting the question. Mark the time that you're finishing. Let's really be much more stilletto-like measuring time to close and efficiency. Then we're adding that capability across our businesses. >> Well one use case we heard on theCUBE this week was around privacy and security in the network versus on top of the network and one point that was referenced was when a salesperson leaves they take the contacts with them. So that's an asset and people get sued over it. So this again, this is a business policy thing. so business policy sounds like... >> Well in a lot of the solutions that exist in the marketplace or have existed I've sat on three encrypted email companies before encrypted email was something the market desired. I've sat on two advisory boards of-- a hope that you could sell your own data to the marketers. Every time someone gets an impression you get a micro cent or a bitcoin. We haven't really got that because we're looking on the periphery. What we're really trying to do is let's look at what the actual business flow and processes are in general and say things like can we put a metric on having less records higher impact, and higher quality. The old data quality in the CDO is rising up again get that higher quality now correlate it with speed to innovation speed to close, launch times the things that make your business run anyway. Now correlate it and eventually find causal connections to data. That's how we're going to get that data on the balance sheet. >> You know, that's a great point the data quality issue used to be kind of a back office records management function and now it's coming to the fore and I just make an observation if you look at what were before Facebook fake news what were the top five companies in the United States in terms of market value Amazon, Google, Facebook was up there, Microsoft, Apple. They're all data companies and so the market has valued them beyond the banks, beyond the oil companies. So you're starting to see clearer evidence quantifiable evidence that there's value there. I want to ask you about we have Guillermo Diaz coming up shortly, Michelle and I want to ask you your thoughts on the technical function. You mentioned it's a board level issue now, privacy. How should the CIO be communicating to the board about privacy? What should that conversation be like? >> Oh my gosh. So we now report quarterly to the board so we're getting a lot of practice We'll put it that way. I think we're on the same journey as the security teams used to you used to walk into the board and go here's what ransomware is and all of these former CFOs and sales guys would look at you and go ah, okay, onto the financials because there wasn't anything for them to do strategically. Today's board metrics are a little soft. It's more activity driven. Have you done your PIAs? Have you passed some sort of a third party audit? Are you getting rejected for third party value chain in your partner communities? That's the have not and da da da. To me I don't want my board telling us how to do operations that's how we do. To really give the board a more strategic view what we're really trying to do is study things like time to close and then showing trending impacts. The one conversation with John Chambers that's always stuck in my head is he doesn't want to know what today's snapshot is cause today's already over give me something over time, Michelle, that will trend. And so even though it sounds like, you know who cares if your sales force is a little annoyed that it takes longer to get this deal through legal well it turns out when you multiply that in a multi-billion dollar environment you're talking about hundreds of millions of dollars probably a week, lost to inefficiency. So, if we believe in efficiency in the tangible supply chain that's the more strategic view I want to take and then you add on things like here's a risk portfolio a potential fair risk reporting type of thing if we want to do a new business Do we light up a business in the Ukraine right now versus Barcelona? That is a strategic conversation that is board level. We've forgotten that by giving them activity. >> Interesting what you say about Chambers. John you just interviewed John Chambers and he was the first person, in the mid 90s to talk about a virtual close, if you remember that. So, obviously, what you're talking about is way beyond that. >> Yeah and you're exactly right. Let's go back to those financial roots. One of the things we talk about in privacy engineering is getting people's heads-- the concept that the data changes. So, the day before your earnings that data will send Chuck Robbins to jail if someone is leaking it and causing people to invest accordingly. The day after, it's news, we want everyone to have it. Look at how you have to process and handle and operationalize in 24 hours. Figuring out those data stories helps it turn it on its head and make it more valuable. >> You know, you mentioned John Chambers one of the things that I noticed was he really represented Silicon Valley well in Washington DC and there's been a real void there since he retired. You guys still have a presence there and are doing stuff there and you see Amazon with Theresa Carlson doing some great work there and you still got Oracle and IBM in there doing their thing. How is your presence and leadership translating into DC now? Can you give us an update of what's happening at-- >> So, I don't know if you caught a little tweet from a little guy named Chuck Robbins this week but Chuck is actually actively engaged in the debate for US federal legislation for privacy. The last thing we want is only the lobbyists as you say and I love my lobbyists wherever you are we need them to help give information but the strategic advisors to what a federal bill looks like for an economy as large and complex and dependent on international structure we have to have the network in there. And so one of the things that we are doing in privacy is really looking at what does a solid bill look like so at long last we can get a solid piece of federal legislation and Chuck is talking about it at Davos as was everyone else, which was amazing and now you're going to hear his voice very loudly ringing through the halls of DC >> So he's upping his game in leadership in DC >> Have you seen the size of Chuck Robbins? Game upped, privacy on! >> It's a great opportunity because we need leadership in technology in DC so-- >> To affect public policy, no doubt >> Absolutely. >> And globally too. It's not just DC and America but also globally. >> Yeah, we need to serve our customers. We win when they win. >> Final question, we got to get wrapped up here but I want to get you guys a chance to talk about what you guys announced here at the show what's going on get the plug in for what's going on Cisco Trust. What's happening? >> Do you want to plug first? >> Well, I think a few things we can add. So, in addition to releasing our benchmark study this week and talking about that with customers and with the public we've also announced a new version of our privacy data sheets. This was a big tool to enable salespeople and customers to see exactly how data is being used in all of our products and so the new innovation this week is we've released these very nice, color created like subway maps, you know? They make it easy for you to navigate around it just makes it easy for people to see exactly how data flows. So again, something up on our site at trust.cisco.com where people can go and get that information and sort of make it easy. We're pushing towards simplicity and transparency in everything we do from a privacy standpoint and this is really that trajectory of making it as easy as possible for anyone to see exactly how things go and I think that's the trajectory we're on that's where the legislation both where GDPR is heading and federal legislation as well to try to make this as easy as reading the nutrition label on the food item. To say what's actually here? Do I want to buy it? Do I want to eat it? And we want to make that that easy >> Trust, transparency accountability comes into play too because if you have those things you know who's accountable. >> It's terrifying. I challenge all of my competitors go to trust.cisco.com not just my customers, love you to be there too go and look at our data subway maps. You have to be radically transparent to say here's what you get customer here's what I get, Cisco, here's where my third party's. It's not as detailed as a long report but you can get the trajectory and have a real conversation. I hope everybody gets on board with this kind of simplification. >> Trust.cisco.com we're going to keep track of it. Great work you guys are doing. I think you guys are leading the industry, Congratulations. >> Thank you. >> This is not going to end, this conversation continues will continue globally. >> Excellent >> Thanks for coming on Michelle, appreciate it. Robert thanks for coming on. CUBE coverage here day three in Barcelona. We'll be back with more coverage after this break.

(upbeat contemporary music) >> Announcer: Live from Barcelona, Spain It's theCUBE covering Cisco Live 2018 brought to you by Cisco, Veeam, and theCUBE's ecosystem partners. >> Hello everyone welcome back to theCUBE's live coverage here in Barcelona, Spain for Cisco Live 2018 in Europe. I'm John Furrier cofounder SiliconANGLE cohost of theCUBE with my cohost partner Stu Miniman this week analyst at Wikibon.com also cohost at many shows across the industry. Our next two guests talking about data, data privacy is Michelle Dennedy who's the vice-president chief privacy officer at Cisco and Robert Waitman who works for her. We've got a smashing new data report to share with you about some of the surveys and customers and impact of privacy in business. Michelle, Robert thanks for joining us. >> Thank you. >> Thanks for having us. >> Michelle, good to see you again. You were on the front pages of SiliconAngle.com as a feature story this week of the interview you had on the ground with theCUBE team, welcome back. >> You can't get rid of me. >> Well we love having you on because it's really important because not only is GDPR which we reported on for our last interview but the role of data, data driven organizations you hear that at every C-Sweep from security to user experience and everything in between down the data center. You're measuring everything certainly Cisco managing data center and everything else. But this really nuanced thing here about impacts to businesses because now users are in control of their data and you're seeing things like cryptocurrency and immutable block chain on one end and then just what are the rights of the users and the consumers in context to digital business? This is one of the most cutting-edge social and technical issues. I mean GDPR is a nightmare in and of itself just to figure out where the hell the data is. >> Some people's nightmare is other people's dreams. >> It's good for users but not good for database administrators, good for the tech industry. What are the current challenges right now from your perspective? What are you seeing as the core top three issues that you see around data and data privacy impacting business? >> Well I think you actually put your finger right in the heart of it. It is coming together of human rights, human needs, policy law meets technology capability and functionality. So I think understanding that the data is the common currency across all of these systems whether you're talking about human rights and ownership, whether you're talking about legal rights and management that data currency goes across educating people and making them understand that currency is absolutely critical to surviving this next new era. >> As always I tell my kids advice, I say that if you want to get into something cutting edge, get into data science meets societal, political science and social science. >> Michele: Exactly >> As that's coming together and you know Steve Jobs had that liberal arts meets social meets technology kind of intersection. What are some of the brightest minds in the industry that are in your area working on? I mean how are they attacking this? Are they looking at it from a big picture? Are they diving deep into it? What are the brightest minds doing in this area? >> Well so I have a deep bias and of course I hired some of the best minds here, right? I think the pragmatic mind, I'll put it that way rather than judging anybody's thing. If you're writing pretty policies like, brava to you. But what I really like to see is looking at what is a data inventory? Starting to look at data as a supply chain issue. And the reason I love supply chain and management and measurement is we know how to do it. So we're applying these common business schemas and strategies to this newer functionality of data as a piece of currency that changes and is contextual over time. So the pragmatic thinking I'll put it that way is to really look at privacy engineering as first a business use case requirements gathering exercise and then figuring out how does it work in the architecture. What's your industry? What kind of data do you have? And then you can figure out what are those granular features and requirements. And then the rest of your supply chain pulls through. So when you take kind of that management approach it sounds a little plodding but it's actually very exciting. There's a lot of innovation, it must happen. >> Another thing that we cover I was looking on our research side is nailing that exact point. How do you instrument the data? So talk about some of the confluence things that you just mentioned but then as business starts to look at how they value themselves so we really haven't seen any cutting edge data on this, would love to get your perspective on how data is impacting the valuation of a business. Because valuation techniques have been mostly financial, because you can measure it. >> Yup >> But now that you have data as currency as you mentioned, how are companies looking at the valuation of their enterprise? >> So I brought along a little friend today, because we really believe that the mantra in my working group within Cisco is values to value. So figuring out the instrumentation of the gear. You know I have a lot of support to do that within Cisco, we do engineering pretty good. But then figuring out we actually went out to some academics, we looked at what other people in the marketplace as you say, not a lot of metrics about how to instead of saying how much have we lost, how do we know that there is progress? And so Robert Waitman joined my team about two years ago I stole him from the worlds of economy and finance and business preparation and he said, I don't know anything about privacy and data. He does now, but I said I don't really want you for that, I want to start to build a model that we can share with the world on how to value data and how to look at the upside as well as the downside. >> So Robert, I've got to ask you so one of the things we've been riffing on in theCUBE recently is with the role of decentralized applications and this kind of applies to network theory because Cisco has been a successful network company, the role of the chief economic officer a term that we made up because you're starting to see economics certainly with token economics with cryptocurrency that's all the rage right now so Facebook just recently banned all ads for the coin offerings, but that is the trend that's happening, right? So you're starting to see the role of an economist in business. So with data the valuation, this seems to be a new trend. Your thoughts and reaction to that. >> Yeah, well you know data's not on the balance sheets, so we don't typically valuate and manage it the way you'd manage all of our other assets. But data, especially when it's well curated which is one of the things that privacy enables with that unlocks a lot of values. But that's kind of the focus of our research. Say look, GDPR and all those other things can require you to do certain things, but by having data that's well curated, you can unlock value for your organization. And there are a lot of different ways to do that, whether it's operational or whether it's revenue upside you can get from better understanding curation of your data. >> Before we get into the reports, I just want to ask you one follow up question. Do you see a day where there is going to be a fiscal and monetary data policy? >> Michelle: Yes >> Yes and yes? >> Absolutely and you know, this was predicted. This is my favorite quote. I say it everyday and I'll say it again today. Grace Hopper, 1965 that one day information will be on the corporate balance sheet, because it's more valuable than the hardware that processes it. That day is now. We have enough granularity in the system to actually have big data and analytics. We have enough compute power. The day is now to understand and now we have to figure out what's that report look like and how do we ride on that trend? >> Do you that that's a strategic imperative for CEOs of companies to actually get the data on the balance sheet? >> If so, how? >> I'm going to say that here first. The ones who get it on first are the ones who win. Now they won't get it on the balance sheets first as Robert pointed out. You cannot under our current accounting rules; however, just like we took brand and we turned it into an asset and we valued that asset. It's not allowed on many balance sheets. It's definitely something to invest in or divest in and to curate and measure. So I could go on for a long time about this particular topic. >> We'd love to hear a whole segment on this cutting edge data concepts and currency. Stu wants to get a question in here, go ahead Stu. >> Robert, the keynote yesterday it was security is one of those headwinds you know preventing companies from innovators to slow them down. You've got some good data on privacy and want share what is the mindset of the customers? You know, we've been asking is GDPR just going to slow things to a grinding halt, you know in IT? We think there are some opportunities there, but what's the data telling you? What are you hearing from customers? >> Well I think the world that we're in the background is that customers are asking more questions about data and data privacy, but before they buy a product or service, they want to know who has access to my data? What's it being used for? Is it going to be deleted? How long is it kept? All of those questions are contemplated by GDPR but it's a broader issue of general having privacy controls around data. So in seeing that environment we were wondering as a team is to what extent can we measure how much business may be slowed down by those kinds of questions. And so the study we released last week quantified that for the first time. And what we learned is that 65% of companies globally, and this is based on a survey of 3000 corporations around the world double-blind so we don't know who they are, 65% of them said that we are in fact they are in fact experiencing sales delays due to data privacy issues. And remarkably the average delay is seven point eight weeks. That's almost two months on average across all of these companies having a delay due to customers' asking the right questions about where their data is. We find that remarkable again adding to the idea that organizations who invest and do a better job on this can manage that to a greater degree. >> Just a clarification here this is the germ of the Privacy Maturity Benchmark Study >> Michelle: Correct >> And you can check it out on Robert's Twitter handle which is Robert Waitman his full name no space RobertWaitman W-A-I-T-M-A-N, saw that pinned on your top tweet. Impact to business >> Right >> More cost, more value again unlocking the value we totally agree with you by the way. How and at what cost? >> Well, that cost of sales delay translates into many things that affect the company's bottom line. You might miss quarterly or annual forecast because you're not making revenue. It could be that you lose sales. Once you delay a sale, you're more likely to lose a sale, so every company would be in a different situation as to how much impact it has on their product portfolio and to what degree they're seeing these delays. What we did find is that privacy and investments in privacy maturity can help manage it, so those organizations that are immature from a privacy standpoint are seeing the longest delays on average 16.8 weeks of the most immature and for the companies that are privacy mature according to the standard model only three point four weeks. So think about the difference. Sixteen point eight or three point four by having investments in privacy and we show that correlation and it makes sense because companies can manage their data better >> We've been also riffing on the notion that security was handled in the early days with perimeter based security and now, you know, it's no perimeter. It's the wild west. Security is a great example. You know, of all the vendors no one has more than four percent market share. It's a disaster and we know that. We have friends working on it. Privacy is the same way, it's almost like we got to cover the check box you know compliance. We have a privacy statement, we handle the data. It's more reactive more protection oriented not proactive. So the question is what should companies be doing to be more proactive in driving privacy oriented investments which now we see that translate to more of a business impact certainly at valuation and capability. >> Yup >> Thoughts? >> Well, I mean I would start by saying that what we're trying to put out there is that it's not just about compliance. So this is about both business value on the revenue or cost side as well as the ethical standards that we're trying to set. So we should be doing these privacy controls, because it's the right things to do regardless of the GDPR environment that we're in currently. So that's kind of the overall missioning and it's much longer term than just the GDPR timetable but it's trying to get companies to do the right things to protect the data and also because it's good for their businesses. >> Any anecdotal data on investment thesis, orientation posture from CEOs? What is the investment climate? Are they putting money into it or are they just kind of holding the line? Right now I'm trying to figure things out. Thoughts? >> Thoughts on this one? >> Million dollar question >> Yeah, so and it's a billion dollar question actually which is an important one. I think where we are seeing investment and when when we talk about privacy maturity you can come at it from a number of different vectors. So privacy engineering to Cisco is critical we sell IT things and we depend upon data as an asset, so you would expect us to do heavy investments in raising our security baseline. We've done it. We're having specific training for developers. We've done it and my team actually does not live in legal. I have a wonderful legal support team. I live in operations. So one of the investments you can make is to operationalize your working so you understand which of your business requirements are data sensitive and adding them on. The other piece of the study that is correlated again no causality yet, but we're correlating the number, mix and the complexity of your vendor set with the trend and reporting of the actual harm after a breach. >> Right, so we looked at the privacy maturity and also compared to companies who had been breached and how much they reported they had lost on this. And so interestingly again the privacy immature companies many more of them had lost enough metric here we used was over half a million dollars due to data breaches so 74% of those immature versus only 39% of the mature guys. Now why is that? We can speculate that those who are protecting their data, only keeping the data they need for their business purposes deleting it when they're done with it and having the right knowledge and inventory of where they are, are doing a better job at protecting that critical data asset. So it makes sense, but we need to learn more about what really is behind it and causing that. >> It's so interesting because there's a relationship with security, because that's where people react to what happens if there's a breach in security but they're also separate, decoupled in their own way, and it's interesting that you mention it in your organization and that's I think that is really notable and something I'd like to just double-click on. Most companies' viewed security in the early days metaphor for security in an organizational setting it's part of IT. Now it reports to the C-suite. >> Yes You're getting at a different angles. You're thinking about privacy and data as a separate group not being subservient as say legal or administration function. It's more central to the C-Suite. >> Absolutely >> Are you recommending that companies think differently? >> Absolutely >> Can you explain why? >> Oh I think and again it varies company to company, so I would love to say you know, I'm a legal person by training or I ran away from home from legal a long time ago, so I'm a business person. It's valuable to have lawyers we're nice people. We can be funny sometimes, but typically most companies it is like Bob, Joe, Sally and legal. Now what kind of an innovation posture are you taking? The other part is you know in our lawyers' defenses there is such a plethora and complexity of the laws that they have to be determinative and say this is just enough and this is the gray area. Innovators don't think like that. I don't want my innovators to think like that. I want to do the experimentation so in addition to the work we do in house with our economic guru we actually partner with universities to do financial studies to say where you're having potential breaches at every layer of the network what's the quanta? The other side is I have a seat at the table with all of our engineering teams and our business development teams so that makes a huge difference. >> I totally agree. Robert, I want to ask you a question. Back to my theory that we'll have a C-E-O chief economist officer as a standard role in a similar way not just call in the strategy guy, right? >> Michelle: Yes >> So it's like strategy hey you know whatever. This is really becoming a decentralized world global impact whether it's GDPR or other compliance economic impact is a really critical thing. >> Robert: Right >> What is your view for companies to think about the role of a company and or group to be like a economist center? Like a C-T-O is really important but you also have a V-P of engineering. So C-T-O, V-P of engineering Chief economist officer and group How do you look at that world and how do you envision it in unfolding? >> Well, I think that one element that most companies don't have today is somebody who really thinks about data and the economic value of it today and what it means. Again, because it's not on the balance sheet it's not treated the same way but it's one of our most important assets. So having someone who at least focuses on what is the value and importance of this data to my organization and all the ways that do. Whether it's my value you know in driving my ongoing operations whether it's allowing me to cut costs, whether it's unlocking value that my organization could uncover by inventorying and developing that. So I think that economic value piece of data you know is something that we're going to see more of and because data is being recognized as such an important asset I think there will be some progress in that. >> I think Michelle you made a great point about supply chain. We've been seeing the same trend in that. Block chain has been a great example where not so much bitcoin and a theory of encrypto, block chain as a technology has been impacting the supply chain. That's a data driven trend. >> Michelle: It's exclusively a data driven trend. I mean what you're talking about is indelible auth. And so there's always a place for authentication. Sometimes you just want a watermark. Sometimes you want a dossier. That's I mean that's the whole mystique of block chain is gorgeous but the reality is it's a wonderful tool if you want to authenticate something in the clair. Just like we were talking about P-K-I in the old days now if you apply that to data, so what you're calling a chief economic officer I would call a chief data officer. >> So again economics, ledger, hyper-ledger, block chain are we looking at maybe the world is going to circumvent existing standards with you know disruption with like a block chain, crypto centralized does that come together? I mean it's a collision course, no one knows the answer. Observation? >> Well, there may be some opportunities to do that. But I'm sure that we'll try to have the right ways to have controls around it as well. So not just to birth the system but to do it in a way that makes sense to protect the values that we are all trying to hold onto in terms of individual values you know as well as having the right monitoring and systems around them. >> You know Cisco disrupted the entire network protocols back in the 80s by unlocking value. And again value is the key driver of making change not just for the sake of subverting. >> I love that you're saying that because disruption has always bothered me. That's like me grabbing the chair and watching you fall down and going oh look I have a softer chair. I'd rather like have a more reductionist point of view and say what is essential value. Let's clear out the gunk that's getting in your way. >> Value is the north star for all >> It is. I think it's madly innovative and will it change businesses radically? Yes. If we want to call that disruption we can, but I think it's actually enablement of what we wanted in the first place but don't have yet. >> Well people know me I'm very bullish on crypto and block chain as a unlocking value and changing patterns and offering a new re-imagining industries that are just not moving fast enough >> Wow >> To capture the value >> Yeah >> John: Thanks so much guys for coming on. I know we slotted you in because it's a super important conversation to hear at Cisco Live and the industry. Love to have more time. Maybe we can do a follow-up with you guys. Great to see you again. >> Yeah, you too! >> It's theCUBE talking data privacy, investment, valuing data on the balance sheet. A lot of radical, progressive, cool value opportunities for the industry out there and enterprises. Yeah, this is theCUBE live coverage from Barcelona. More after this short break. (techno music)

(screen switch sound) >> Hey, welcome back everybody. Jeff Frick here with theCUBE. We're at the place that you should be. Where is that you say? Linked-In's new downtown San Francisco's headquarters at Data Privacy Day 2018. It's a small, but growing event. Talking, really a lot about privacy. You know we talk a lot about security all the time. But privacy is this kind of other piece of security and ironically it's often security that's used as a tool to kind of knock privacy down. So it's an interesting relationship. We're really excited to be joined by our first guest Michelle Dennedy. We had her on last year, terrific conversation. She's the Chief Privacy Officer at Cisco and a keynote speaker here. Michelle, great to see you again. >> Great to see you and happy privacy day. >> Thank you, thank you. So it's been a year, what has kind of changed on the landscape from a year ago? >> Well, we have this little thing called GDPR. >> Jeff: That's right. >> You know, it's this little old thing the General Data Protection Regulation. It's been, it was enacted almost two years ago. It will be enforced May 25, 2018. So everyone's getting ready. It's not Y2K, it's the beginning of a whole new era in data. >> But the potential penalties, direct penalties. Y2K had a lot of indirect penalties if the computers went down that night. But this has significant potential financial penalties that are spelled out very clearly. Multiples of revenue. >> Absolutely >> So what are people doing? How are they getting ready? Obviously, the Y2k, great example. It was a scramble. No one really knew what was going to happen. So what are people doing to get ready for this? >> Yeah, I think its, I like the analogy it ends because January one, after 2000, we figured it out, right? Or it didn't happen because of our prep work. In this case, we have had 20 years of lead time. 1995, 1998, we had major pieces of legislation saying know thy data, know where it's going, value it and secure it, and make sure your users know where and what it is. We didn't do a whole lot about it. There are niche market people, like myself, who said "Oh my gosh, this is really important." but now the rest of the world has to wake up and pay attention because four percent of global turnover is not chump change in a multi-billion dollar business and in a small business it could be the only available revenue stream that you wanted to spend innovating-- >> Right, right >> rather than recovering. >> But the difficulty again, as we've talked about before is not as much the companies. I mean obviously the companies have a fiduciary responsibility. But the people-- >> Yes. >> On the end of the data, will hit the ULA as we talked about before without thinking about it. They're walking around sharing all this information. They're logging in to public WiFi's and we actually even just got a note at theCube the other day asking us what our impact, are we getting personal information when we're filming stuff that's going out live over the internet. So I think this is a kind of weird implication. >> I wish I could like feel sad for that but there's a part of my privacy soul that's like, "Yes! People should be asking. "What are you doing with my image after this? "How will you repurpose this video? "Who are my users looking at it?" I actually, I think it's difficult at first to get started. But once you know how to do it, it's like being a nutritionist and a chef all in one. Think about the days before nutrition labels for food. When it was first required, and very high penalties of the same quanta of the GDPR and some of these other Asiatic countries are the same, people simply didn't know what they were eating. >> Right. >> People couldn't take care of their health and look for gluten free, or vitamin E, or vitamin A, or omega whatever. Now, it's a differentiator. Now to get there, people had to test food. They had to understand sources. They had to look at organics and pesticides and say, "This is something that the populace wants." And look at the innovation and even something as basic and integral to your humanity as food now we're looking at what is the story that we're sharing with one another and can we put the same effort in to get the same benefits out. Putting together a nutrition label for your data, understanding the mechanisms, understanding the life cycle flow. It's everything and is it a pain in the tuckus some times? You betcha. Why do it? A: You're going to get punished if you don't. But more importantly, B: It's the gateway to innovation. >> Right. It's just funny. We talked to a gal in a security show and she's got 100% hit rate. She did this at Black Hat, social engineering access to anything. Basically by calling, being a sweetheart, asking the right questions and getting access to people's-- >> Exactly. >> So where does that fit in terms of the company responsibility, when they are putting everything, as much as they can in their place. Here like at AWS too you'll hear, "Somebody has a security breach at AWS." Well it wasn't the security of the AWS system, it was somebody didn't hit a toggle switch in the right position. >> That's right. >> So it's pretty complex versus if you're a food manufacturer, hopefully you have pretty good controls as to what you put in the food and then you can come back and define. So it's a really complicated problem when it's the users who you're tryna protect that are often the people that are causing the most problems. >> Absolutely. And every analogy has its failures right? >> Right, right. >> We'll stick with food for a while. >> Oh no I like the food one. >> Alright it's something you can understand. >> Y2K is kind of old, right. >> Yeah, yeah. But think about like, have we made, I was going to use a brand name, a spray on cheese chip, have we made that illegal? That stuff is terrible for your body. We have an obesity crisis here in North America certainly, and other parts of the world, and yet we let people choose what they're putting into their bodies. At the same time we're educating consumers about what the new food chart should look like, we're listening to maybe sugar isn't as good as we thought it was, maybe fat isn't as bad. So giving people some modicum of control doesn't mean that people are always going to make the right choices but at least we give them a running chance by being able to test and separate and be accountable for at least what we put into the ingredients. >> Right, right, okay so what are some of the things you're working on at Cisco? I think you said before we go on the air you have a new report published, study, what's going on? I do, I'm ashamed Jeff to be so excited about data but, I'm excited about data. (laughter) >> Everybody's excited about data. >> Are they? >> Absolutely. >> Alright let's geek out for a moment. >> So what did you find out? >> So we actually did the first metrics reporting correlating data privacy maturity models and asking customers, 3,000 customers plus in 20 different countries from companies of all sizes S and B's to very large corps, are you experiencing a slow down based on the fears of privacy and security problems? We found that 68 percent of these questions said yes indeed we are, and we asked them what is the average timing of slowing down closing business based on these fears. We found a big spread from over 16 and a half weeks all the way down to two weeks. We said that's interesting. We asked that same set of customers, where would you put yourself on a zero to five ad hoc to optimized privacy maturity model. What we found was if you were even middle of the road a three or a four, to having some awareness, having some basic tools, you can lower your risk of loss, by up to 70 percent. I'm making it sound like it's causation, it's just a correlation but it was such a strong one that when we ran the data last year I didn't run the report, because we weren't sure enough. So we ran it again and got the same quantum with a larger sample size. So now I feel pretty confident that the self reporting of data maturity is related to closing business more efficiently and faster on the up side and limiting your losses on the down side. >> Right, so where are the holes? What's the easiest way to get from a zero or one to a three or a four, I don't even want to say three or four, two or three in terms of behaviors, actions, things that people do? >> So you're scratching on my geeky legal underbelly here. (laughter) I'm going to say it depends Jeff. >> Of course of course. >> Couching this and I'm not your lawyer. >> No forward licking statements. >> No forward licking statement. Well, for a reason what the heck. We're looking forward not back. It really does depend on your organization. So, Cisco, my company we are known for engineering. In fact on the down side of our brand, we're known for having trouble letting go until everything is perfect. So, sometimes it's slower than you want cause we want to be so perfect. In that culture my coming into the engineering with their bonafides and their pride in their brand, that's where I start to attack with privacy engineering education, and looking at specs and requirements for the products and services. So hitting my company where it lives in engineering was a great place to start to build in maturity. In a company like a large telco or healthcare or highly regulated industry, come from the legal aspect. Start with compliance if that's what is effective for your organization. >> Right, right. >> So look at where you are in your organization and then hit it there first, and then you can fill up, document those policies, make sure training is fun. Don't be afraid to embarrass yourself. It's kind of my mantra these days. Be a storyteller, make it personal to your employees and your customers, and actually care. >> Right, hopefully, hopefully. >> It's a weird thing to say right, you actually should give a beep >> Have a relationship with people. When you look at how companies moved that curve from last year to this year was it a significant movement? Was it more than you thought less than you thought? Is it appropriate for what's coming up? >> We haven't tracked individual companies time after time cause it's double blind study. So it's survey data. The survey numbers are statistically relevant. That when you have a greater level of less ad hoc and more routinized systems, more privacy policies that are stated and transparent, more tools and technologies that are implemented, measured, tested, and more board level engagement you start to see that even if you have a cyber risk the chances that it's over 500 thousand per event goes down precipitously. If you are at that kind of mid range level of maturity you can take off 70 percent of the lag time and go from about four months of closing a deal that has privacy and security implications to somewhere around two to three weeks. That's a lot of time. Time in business is everything. We run by the quarter. >> Yeah well if you don't sell it today, you never get today back. You might sell it tomorrow, but you never get today back. Alright so we just flipped the calendar. I can't believe it's 2018. That's a whole different conversation. (laughter) What are your priorities for 2018 as you look forward? >> Oh my gosh. I am hungry for privacy engineering to become a non niche topic. We're going out to universities. We're going out to high schools. We're doing innovation challenges within Cisco to make innovating around data a competitive advantage for everyone, and come up with a common language. So that if you're a user interface guy you're thinking about data control and the stories that you're telling about what the real value is behind your thing. If you are a compliance guy or girl, how do I efficiently measure? How do I come back again in three months without having compliance fatigue, because after the first couple days of enforcement of GDPR and some of these other laws come into force it's really easy to say whew, it didn't hit me. I've got no problem now. >> Right. >> That is not the attitude I want people to take. I want them to take real ownership over this information. >> It's very ana logist to what's happening in security. >> Very much so. >> Just baking it in all the way. It's not a walled garden. You can't defend the perimeter anymore, but it's got to be baked into everything. >> It's no mistake that it's like the security world. They're about 25 years ahead of us in data privacy and protection. My boss is our chief trust officer who formally was our CISO I am absolutely free riding on all the progresses the security people have made. We're just really complimenting each others skills, and getting out into other parts of the business in addition to the technical part of the business. >> Exciting times. >> Yeah, it's going to be fun. >> Well great to catch up and >> Yeah you too. >> We'll let you go. Unfortunately we're out of time. We'll see you in 2019. >> Data Privacy Day. >> Data Privacy Day. She's Michelle Dennedy, I'm Jeff Frank. You're watching theCUBE. Thanks for tuning in from Data Privacy Day 2018. (music)

>> Hey, welcome back everybody. Jeff Frick here with theCUBE. We're at Data Privacy Day at Twitter's World Headquarters in downtown San Francisco. Full-day event, a lot of seminars and sessions talking about the issue of privacy. Even though Scott McNealy in 1999 said, "Privacy's dead, get over it," everyone here would beg to differ; and it's a really important topic. We're excited to have Michelle Dennedy. She's the Chief Privacy Officer from Cisco. Welcome, Michelle. >> Indeed, thank you. And when Scott said that, I was his Chief Privacy Officer. >> Oh you were? >> I'm well acquainted with my young friend Scott's feelings on the subject. >> It's pretty interesting, 'cause that was eight years before the iPhone, so a completely different world than actually one of the prior guests we were talking about privacy is an issue in the Harvard Business Review from 125 years ago. So this is not new. >> Absolutely. >> So how have things changed? I mean that's a great perspective that you were there. What was he kind of thinking about and really what are the privacy challenges now compared to 1999? >> So different. Such a different world. I mean fascinating that when that statement was made the discussion was a press conference where we were introducing Connectivity. It was an offshoot of Java, and it basically allowed you to send from your personal computer a wireless message to your printer so that a document could come out (gasp). >> That's what it was? >> Yeah. >> Wireless printing? >> Wireless printing. And really it was gyro technology, so anything wirelessly could start talking to each other in an internet of things world. >> Right. >> So, good news bad news. The world has exploded from there, obviously; but the base premise of, can I be mobile, can I live in a world of connectivity, and still have control over my story, who I am, where I am, what I'm doing? And it was really a reframing moment of when you say privacy is dead, if what you mean by that is secrecy and hiding away and not being connected to the world around you, I may agree with you. However, privacy as a functional definition of how we define ourselves, how we live in a culture, what we can expect in terms of morality, ethics, respect, and security, alive and well, baby. Alive and well. >> (laughs) No shortage of opportunity to keep you busy. We talked to a lot of people who go to a lot of tech conferences. I have to say I don't know that we've ever talked to a Chief Privacy Officer. >> You're missing out. >> I know, so not you get to define the role, I love it. So what are your priorities as Chief Priority Officer? What are you keeping an eye on day to day as well as what are your more strategic objectives? >> It's a great question. So the rise of the Chief Privacy Officer, actually Scott was a big help in that and gave me exactly the right amount of rope to hang myself with. The way I look at it is, probably the simplest analogy is, should you have a Chief Financial Officer? >> Yeah. >> I would guess yeah, right? That didn't exist about 100 years ago. We just kind of loped along, and whoever had the biggest bag of money at the end was deemed to be successful. Where if somebody else who had no money left at the end but bought another store, you would have no way of measuring that. So the Chief Privacy Officer is that person for your digital currency. I look at the pros and the cons, the profit and the loss, of data and the data footprint for our company and for all the people to whom we sell. We think about, what are those control mechanisms for data? So think of me as your data financial officer. >> Right, right. But the data in and of itself is just stagnant, right? It's really just the data in the context of all these other applications. How it's used, where it's used, when it's used, what it's combined with, that really starts to trip into areas of value as well as potential problems. >> I feel like we scripted this before, but we didn't. >> Jeff: We did not script it, we don't script the-- >> So if I took out a rectangle out of my wallet, and it had a number on it, and it was green, what would you say that thing probably is? >> Probably Andrew Jackson on the front. >> Yeah, probably Andrew Jackson. What is that? >> A 20 dollar bill. >> Why is that a 20 dollar bill? >> Because we agree that you're going to give it to me and it has that much value, and thankfully the guy at Starbucks will give me 20 bucks worth of coffee for it. >> (laughs) Exactly. Well which could be a cup the way we're going. >> Which could be a cup. >> But that's exactly right. So is that 20 dollar bill stagnant? Yes. That 20 dollar bill just sitting on the table between us is nothing. I could burn it up, I could put it in my pocket and lose it and never see it again. I could flush it down the toilet. That's how we used to treat our data. If you recognize instead the story that we share about that piece of currency, we happen to be in a place where it's really easy to alienate that currency. I could go downstairs here and spend it. If I was in Beijing I probably would have to go and convert it into a different currency, and we'd tell a story about that conversion because our standards interface is different. Data is exactly the same way. The story that we share together today is a valuable story because we're communicating out, we're here for a purpose. >> Right. >> We're making friends. I'm liking you because you're asking me all these great questions that I would have fed you had I been able to feed you questions. >> Jeff: (laughs) But it's only that context, it's only that communicability that brings it value. We now assume as a populous that paper currency is valuable. It's just paper. It's only as good as the story that enlivens it. So now we're looking at smaller, smaller Microdata transactions of how am I tweeting out information to people who follow me? >> Jeff: Right, right. >> How do I share that with your following public, and does that give me a greater opportunity to educate people about security and privacy? Does that allow my company to sell more of my goods and services because we're building ethics and privacy into the fabric of our networks? I would say that's as valuable or more valuable than that Andrew Jackson. >> So it's interesting 'cause you talk about building privacy into the products. We often hear about building security into the products, right? Because the old way of security of building a bigger wall doesn't work any more and you really have to bake it in at all steps of the application: development, the data layer, the database, et cetera, et cetera. When you look at privacy versus security, and especially 'cause Cisco's sitting on, I mean you guys are sitting on the pipes, everything is running through your machines. >> That's right. >> How do you separate the two, how do you prioritize, and how do you make sure the privacy discussion is certainly part of that gets the right amount of relevance within the context of the security conversation? >> It's a glib answer that's much more complicated, but the security is really in many instances the what. I can really secure almost any batch of data. It can be complete gobbley gook zeroes and ones. It could be something really critical. It could be my medical records. The privacy and the data about what that context is, that's the why. I don't see them as one or the other at all. I see security and security not as not a technology but a series of verb things that you actually physically, people process technologies. That enactment should be addressed to a why. So it's kind of Peter Drucker's management of you manage what you measure. That was like incendiary advice when it first came out. Well I wanted to say that you secure what you treasure. So if you treasure a digital interaction with your employees, your customers, and your community, you should probably secure that. >> Right. But it seems like there's a little bit of a disconnect about maybe what should be treasured and what is the value with folks that have grown up. Let's pick on the young kids, not really thinking through or having the time or knowing an impact of a negative event in terms of just clicking and accepting the EULA and using that application on their phone. They just look at in a different way. Is that valid? How do they change that behavior? How do you look at this new generation, and there's this sea of data which is far larger than it used to be coming off all these devices, internet of things, obviously. People are things too. The mobile devices with all that geolocation data, and the sensor data, and then oh by the way it's all going to be in our cars and everything else shortly. How's that landscape changing and challenging you in new ways, and what are you doing about it? >> The speed and dynamics are astronomical. How do you count the stars, right? >> Jeff: (laughs) >> And should you? Isn't that kind of a waste of time? >> Jeff: Right, right. >> It used to be that knowledge, when I was a kid, was knowing what was in A to Z of the Encyclopedia Britannica. Now facts are cheap. Facts used to be expensive. You had to take time and commit to them, and physically find them, and be smart enough to read, and on, and on, and on. The dumbest kid is smarter than I was with my Encyclopedia Britannica because we have search engines. Now their commodity is how do I critically think? How do I make my brand and make my way? How do I ride and surf on a wave of untold quantities of information to create a quality brand for myself? So the young people are actually in a much better position than, I'll still count us as young. >> Jeff: Yeah, Uh huh. >> But maybe less young. >> Less young, less young than we were yesterday. >> We are digital natives, but I think I am hugely optimistic that the kids coming up are really starting to understand the power of brand: personal brand, family brand, cultural brand. And they're feeling very activist about the whole thing. >> Yeah, which is interesting 'cause that was never a factor when there was no personal brand, right? You were part of-- >> No way. >> whatever entity that you were in. >> Well, you were in a clique. >> Right. >> Right? You identified as when I was home I was the third out of four kids. I was a Roman Catholic girl in the Midwest. I was a total dork with a bowl haircut. Now kids can curate who and what and how they are over the network. Young professionals can connect with people with experience. Or they can decide, I get this all the time on Twitter actually. How did you become a Chief Privacy Officer? I'm really interested in taking a pivot in my career. And I love talking to those people 'cause they always educate me, and I hope that I give them a little bit of value too. >> Right, right. Michelle, we could go on for on and on and on. But, unfortunately, I think you got to go cover a session. So we're going to let you go. >> Thank you. >> Michelle Dennedy, thanks for taking a few minutes of your time. >> Thank you, and don't miss another Data Privacy Day. >> I will not. We'll be back next year as well. I'm Jeff Frick. You're watching theCUBE. See you next time.

(clicking) >> Hey, welcome back, everybody, Jeff Frick here with theCUBE. We're at the Accenture Technology Vision event 2018. It's the preview event. The actual report will come out in a couple days. We're excited to be here and get a preview. About 200 some odd people downtown San Francisco and it's exciting times. There's a survey that goes out to thousands of executives, of really what are the big themes for 2018? We're excited to have one of the authors of the survey, Michael Biltz. He's the managing director of Accenture Technology Vision. Michael, great to see you. >> It's great to have you in here. >> So how long have you been doing these Vision-- >> I think I've been doing it for the last 10 years. >> 10 years? >> It's a long, long time. >> So 2018, things are moving, I can't believe we're already 18 years into this new century. What are some of the surprises that came out this year? >> I mean, I think the biggest surprise is how onboard everybody is with the technology transformations we're going through. We've been talking about this need for companies to really become this digital business for so long that it was really surprising that this year, nobody's talking about that. It's all assumed. And so now, companies are really starting to take that bigger look at how they're changing their industry, how they're embedding themselves into peoples' lives, and more and more, they're starting to talk about what are their real responsibilities to society as a whole, if their businesses, their technology, their services are actually going to start changing the way that people live. >> Yes, it's pretty amazing, and also really changing the way people interact with businesses. I mean, it's been happening in banking for a long time, where, you know, kids don't go to branches. They don't even know what a branch is. They hardly know what cash is, much less an ATM, or the neighborhood trusted banker. >> No, and the funny thing is is that it's intentional, is that when we started looking at the survey, what we found was that there was a remarkable shift that big companies, so think Global 2000 companies, they actually believe fundamentally that they are going to be competing based off of trust. And so they know that if they don't have the trust of their employees, the trust of the government, the trust of all of their consumers, is that all the things that they want to do they're not going to be able to do, and so they're really starting to employ this with how they act and interact with everybody. >> Right, it's funny how the market really drives the values, 'cause the other one obviously is increasing diversity, social responsibility. That's really being driven, well hey, it is good business, but it's not so much top down as bottom up not only for the customers, but those same customers that you're trying to employ, as these younger kids are coming into the work force. >> That's right, I mean, everybody's starting to read the label of companies, is that-- >> I love that. >> They're fundamentally actually looking at not just what they're producing, but why they're producing it, what the ripple effects are, and how it's going to affect things at larger, and companies are taking notice. >> That's funny you say, "Read the label." I sat talking to Michelle Dennedy, from Cisco, she's their chief privacy officer. And she was comparing the GDPR to kind of when they enacted labeling on food, right? Before we didn't know what was in the food, we just kind of trusted, suddenly the law goes into effect, there's a lot of things that have to go into place, kind of of a pain in the butt, but, at the end of the day, it's a much better and much more trusted open information flow. >> No, it definitely is, but I think there's a difference between what's happening now, versus what's happening then, is the reason that everybody's so concerned about it now is 'cause it's personal. Is that there are machines in your home that have a potential to listen to you. You cars are making decisions on braking that are going to determine whether you're going to get into accidents, and so, this connection the companies have and they want, to get your data, understand who you are, and push things to your goals, those are the same things that are causing people to really stand up and pay attention, and it goes whoa, I have to actually understand why they're doing this, and what they're going to do with it, and honestly, it's making for not only better products, because they have more information, but it's making for more socially conscious companies. >> Yeah, but it's interesting, right? Because when people start collecting data for a certain purpose, they might not know other uses for that data down the road, so it's kind of a tough situation when you don't really know what the purposes of that data might become. >> No, that's right, but I think that's the real positive note of what we're starting to see, there's obviously going to be bad actors, we're never saying that there are not going to be flaws, or people who are going to do the wrong thing, but we're at this really interesting point that companies know that if they can't get the trust, and the data to make those next set of products, that they're not going to be in business, and so they're policing themselves more than they have in the past. >> Right. There's this kind of interesting thing that's going on with all the automation, 'cause on one hand, it is a much more personal connection that you're going to have with a company. On the other hand, we want to drive as much software automation based on data as we can. If you look at the ad tech market as one of the more mature versions, you're starting to see some impacts of that, where it's kind of crashing into the social, things recently at YouTube, and Facebook, where, a technology platform is suddenly being looked at to have responsibility, has to do some type of monitoring, which then, of course, begs a whole 'nother question, as to, your tomato is my tomato, there's a whole free speech element-- >> Yeah? >> Well, so open that up to a much broader set of interactions, it's going to be interesting times. >> It is, and I think that's where everybody's coming to, is that, on one hand, you have this huge pressure around automation. It says, it's just going to be more efficient to have machines doing a lot of the things that these companies do in scale, but at the same point in time, is that the moment that you automate something, you change it. You change how you do your supply chain, you change how you provide medical care, you change the way the transportation system works, and the problem that people are running into, as companies, is that in order to automate, you have to have the people that are going to be comfortable with the change, that means regulators have to be comfortable with the change, your employees have to be comfortable with the change, and your consumers do too, and so now, that big picture of what you're looking at means that I'm not a product company anymore, I'm not a service company anymore, I'm actually shaping the whole market. >> Yeah, I want to dig into one thing, of your five trends that we're going to be talking about later tonight, and that's the extended reality. 'Cause there's a lot of AR, VR, there's so many Rs, and you guys just went with the big E. Rolls it all into one. >> You got to go broad, it's the end distance, yeah. >> But it's pretty interesting, 'cause there's a bunch of demos downstairs, we just the interview at Baobab Studios, he's trying to drive innovation around move-making and storytelling in VR, but it's really, I think, it's the mix which is really going to see the quickest uptake, and the quickest kind of eye delivery. >> It is, and we're super excited about this trend, fundamentally because, we're at this tipping point right now, is that we're finally getting to a point where you see big companies like GE are using it to rewire turbines, you see folks downstairs that are helping you to build new cars, to sell vehicles, and do a lot of new training things, and all of these things are real, happening now, but they beauty of it is that it's really just that first step to something bigger, where folks are talking about, as you said, what if I'm walking around and I could have any experience or any information at my fingertips, and that's got to big change from everything from education, to healthcare, to just how we live and interact with other people. >> Never-ending opportunity for a century, I don't think. >> No. (Jeff laughs) It is a really good time to be a technology company, and I think that's why we keep pushing every company to do it, is that this is just the beginning, every time we have something new, there's so much new opportunity out there, and there's so much opportunity to really make peoples' lives better, and so you got a potential to have it both ways, make money, and really help people out. >> Alright, Mike, well the autonomous jazz band is getting a little loud-- >> It is-- >> So I'm going to cut you loose and say thanks for taking a minute. >> Thanks for having me. >> Alright, he's Michael, I'm Jeff, you're watching theCUBE for the Accenture Technology Vision 2018. Thanks for watching. (soothing electronic music)

(techno music) >> Narrator: Live, from Barcelona, Spain, it's theCUBE, covering Cisco Live 2018. Brought to you by Cisco, Veeam, and theCUBE's ecosystem partners. (techno music) >> Okay, welcome back everyone. This is theCUBE's exclusive coverage. Day two. We're wrapping up the show here at Cisco Live 2018, in Europe. We're in Barcelona, Spain. The past two days we've been here. I'm John Furrier with Stu Miniman, talking to the most important people at Cisco, the top executives, some developers, and really kind of getting the lay of the land. It's the first time theCUBE has been at Cisco Live in its existence, so it's great to be here. Stu, Cisco Live, a lot of smart people. So it's great to have theCUBE. The Cube fits beautifully with Cisco Live because you've got people sharing, you have great, smart networking guys, but they are also doing applications. This is really an awesome opportunity because this is like the perfect storm for Cisco. This is an opportuity to galvanize their base, grow them into the new talent to move forward in this cloud edge world, where the network needs to be more intelligent. This is your wheelhouse. You have been covering this for a long time. >> So, John, yeah, I was looking forward to this. It's been years since I've attended Cisco Live in person. There is a term we haven't talked about a lot this week, but I think it fits. It's the digital transformation. And Cisco is in the midst of this transformation. I said in our open on day one, my barometer was going to be, look how is Cisco doing becoming a software company? Of course, things like IOS have been in the guts of what they did from networking, but being here in the DevNet Zone. DevNet, Susie Lee's team, really helping to drive some of that transformation. We had a great conversation with Rowan talking about the future. Talking about apps. Talking about so many of the different things that Cisco is doing to not just be boxes and ports. Hardware still an important piece. >> Yep. >> I'm actually concerned that maybe they have a little bit of that hardware holding them back a tiny bit because Cisco has skills there. They have lots of expertise. It might be mostly software, but even when they talk about things like collaboration there is hardware underneath a lot of that. >> Stu, Rowan Trollope, who is the SVP, general manager of the applications team, is the rising star. He is being promoted, and watch. This is a signal from Cisco. They recognize it. So, we heard from Andy Jassy at AWS re:Invent, there is the old guard meaning, they are talking about Oracle, and then the new guard, trying to obviously position themselves as the new guard to carry customers into the future. Rowan Trollope, on his keynote yesterday, who the big story cause the CEO wasn't here. He was the lead dog. So he's getting promoted. He was telling about the future. So the question I have for you is, as an analyst, is Cisco an old guard, or are they a new guard? Or, are they moving to be a new guard? What is your opinion? >> Yeah, too soon to say. Cisco was one of the four horsemen of the internet era. Absolutely, they should have a place going forward. But look, they're not one of the big public cloud providors. They don't sell a lot to the hyper-scale players. But, they have a very strong position in a lot of places. Still dominant in traditional networking. Do very well in collaboration. Have a lot of software pieces. They have made a number of acquisitions. The telecompany we had tracked before doing well inside of Cisco. AppD, lot of buzzwords going on. We got to learn a bunch about Spark this week, John. Heck, even little tidbits I got. There is these two colored globes sitting behind you. It's like, oh, it's Alexa apps. And there's been people doing developer labs this entire week. So Cisco, part of helping to educate and do that transformation. Other companies, like Pivotal, is a partner. Lots of partnerships. And not just the traditional infrastructure companies, but we heard about what they are doing with Google, with Apple, and others. So, I'm not ready to anoint Cisco as a winner in the new world. But, if multi-cloud, which I'd love to get your take on, What you think with the multi-cloud strategy is. But, Cisco at least has a right to be at the table. They've got strong customer relationships. Strong in the enterprise. Strong in service providers. >> But if Oracle is an old guard, then why isn't Cisco? I mean, Oracle is plumbing. They have these database deals. They're not going anywhere soon. So, you can make an argument that Oracle is not going to be displaced anytime soon, cause they have the massive deals. But a lot of people will say, and we even said, that Oracle's relevance is waning with new database growth happening outside the proprietary database. So, is Cisco relevant? >> Yeah, John. It's a good question. So for one piece, if you say okay how are they doing on the transition to becoming recurring revenue rather than boxes, they still have quite a ways to go. They are not far enough along that journey. But, my measuring stick was how much are they a software company? How much are they an infrastructure company? They're kind of straddling the line. They are moving up the stack. More than some of the other initiatives in the past. It's taken hold. Thousands of people, so I give them good marks, John. What's your take? >> I mean, I don't know. I think, here's my take on Cisco. Cisco knows the networking. You can't, like I was saying with Oracle, they're not going anywhere. No one is going to rip out Cisco and replace it. There's nothing else to replace it with. I mean, there is no other competition, really. The competition to Oracle, I mean Cisco, is not being on the right side of history. So to me, I think Cisco should be worried about one thing, making the bet wrong on architecture. So, they own the network. The other thing that people don't know about Cisco, that is a competitive advantage is, they know the edge of the network. They have been doing edge computing since it existed. So, okay sending it out to IOT is not a big deal, in my opinion. I think that is going to be an easy get for Cisco. Extending it to wireless, they have that with their deal with Jasper. That's interesting. That's going to be a game changer. But that's not going to be their problem. Wireless, human, cars, that's the new edge. That's just an extension for Cisco. That is a major advantage. So competitively speaking, I think that is a real point that they are going to really nail home that a lot of people don't understand. The second thing is that their DevNet program is showing that they're upgrading and advancing their capabilities up the stack and bringing along with them their entire developer consistencies, which were essentially network engineers. So, they were once the rock stars, those network engineers, of any enterprise. You go into any enterprise you say, the network engineers, they ran the show. Now, the threat is coming from alpha perspective from developers. So now you have this kind of dynamic going on Stu, where the network engineers need to move up the stack to meet the new developers, and that is where the rubbing is going on, right. That's where the action is. That's what DevNet's doing. They're doing a masterful job, in my opinion. They are not over driving, not overplaying their hand. They are in the cloud native rule with DevNet Create. So I think their best move is to just continue to march down that path, but they got to own the IOT edge. Without the IOT edge, Cisco could crumble. >> Yeah, so a couple comments on that, John. One, IOT, Cisco started messaging IOT really early, and they've gone through a couple of iterations, so that what they're talking about IOT wasn't what they were talking about a few years ago. I like their story much better today. Absolutely, both from a wireless standpoint, they have got the hardware gear like Meraki, they talked on stage. From the software standpoint, like Jasper. One of the areas we got feedback from the community, John, they are talking about containers and Kubernetes, sure. They're not involved with serverless yet. And that is a blindness. Is it something that the big public cloud's are going to do there? >> Well I have an opinion on that. >> They're, I'm sorry? >> I have an opinion on that. >> Okay. >> Cisco is running billion dollar partnerships. They're doing billions of dollars in revenue. So I think you can't really judge them there by their participation in these open source projects yet. I think they've got to bring something to the party quickly. I think it's too early to tell, I would agree with you on that point. On this piece, they've got to go to open source. And they've got to figure out a way to do it in a way that is not distracting from the core mission. If I am Cisco, if I'm advising the CEO, I'm like, march with the network as the value, maximize the software play, and don't blow off open source. They cannot blow off open source. Are they brilliant at open source right now? Outside of Lew Tucker, who do we see? >> Look, no. I mean, from a network standpoint, Cisco has been involved across lots of projects, not just open stack containers. We've talked about what they are doing with Kubernetes and Istio. >> Give them a grade, open source, give them a grade. A, B, C, or D, or F? >> You know, I tell you at least a strong B. >> Okay, that's decent. >> Yeah, I mean look, they are not monetizing open source. They're not rallying around the flag. They are doing great with developers, which John, I guess we say, is it contributing for contributing sake or how does it fit in the business model? We did a couple of interviews here where it said, no open source, we're not negative on it. They're not pushing against public cloud. They're not against these things. It just doesn't fit as much into their environment. >> I think the multi-cloud thing, well getting back to you're question about containers. So containers are being commoditized. Red Hat just bought Core OS. Docker's Docker. Docker's got a business model challenge. We've reported on that, Stu. And we're doing a feature report on it now. And so what are they going to do? But still, container is a goodness. People like containers. Is it super complicated? Not really. Is Kubernetes strategic and important? Yes, that's obvious. So the service mesh is interesting to me. And I think the net devops positioning that they announced here, Cisco is bringing this devops culture to the networking world. They are kind of creating a new devops ethos at a networking layer. I think that's going to be a really, really big deal. And that is either going to be a go big or go home situation. It is either going to work like a charm, or it's going to fail miserably. So, what do you think? I mean the smell, it lines up with Istio, it lines up with Service Mesh, programmable infrastructures, managing micro services. I mean, it kind of hangs together, Stu. What do you think? >> Yeah, I mean, John, it goes along with the whole trend we have been seeing. The people that were managing the network can't be managing devices, or even groups of devices. Intent based networking is one of the big items coming into here. It's how do I let the machine learning, the programmability help me in this environment because it is only going to get more complicated. The edge you talked about is critical. IOT keeps growing. And it's not something that people alone can do, it needs to be people plus machines. And I've seen nice maturation of how Cisco does this. Cisco, to be critical on Cisco for the last decade, is thy have thrived in complexity. And I think they are trying to get over that some and shift their model to more of a softer model. >> Well, Stu, I think you nailed that this. So here's my take. Software model allows them to scale. With machine learning, they can do what Facebook and Google has done. So if you go to Google, for instance, how they manage their data center, they have site reliability engineers. They have changed the IT model to scale the number of machines that they have. The number of devices that are coming on the network cannot be physically managed by people. So this means machine learning and software has to automate. That is Cisco's opportuity. I'm not seeing it clearly right now, but if that's what they're talking about, that to me will be the tell sign. If Cisco can create a site reliability engine, like what Google did for networks, that's a game changer. Alright Stu, final thoughts. Let's go through, let's riff on what we saw here. Obviously Barcelona great city. The weather's been phenomenal. It's been really great. Good food, good tapas. But Cisco, good vibe. Cube in the DevNet Zone, it's been really interesting to watch. People love the labs. It's very chill and relaxed, but very active. The keynote looking forward, not looking back. Notable point, the CEO wasn't here. So that to me-- >> It's the end of the quarter and he was just at Davos, and there is a bunch there. He didn't come last year either. >> John: Okay. >> But Chuck will be at the Orlando show. Hoping we'll have him on theCUBE when we go there. We're going to be at the Orlando show. We've got theCUBE at the DevNet Create show again. And John, chill I think was the right word. And part of me is wondering, is it because we are here in Barcelona and it is just a relaxed atmosphere of a city. I've really enjoyed it this week. Or, network people, it used to be a little bit uptight. I mean, it's the risk and fear are things that kind of ruled in networking before. And people seemed a little bit more chill here. >> Pros and cons, Stu. Or observations that were good and not so good? Observations to me were, on the good side, was a lot of activity in the DevNet Zone. A lot of energy in the hallway, and in Barcelona wise. There was a lot of European flavor. The signal I thought was good was the keynote was packed. You and I thought it might be empty, right. But people strolled in. They packed every seat. The other area is that you can just tell people were interested in the new direction. The critical analysis to me would be, I didn't hear enough data driven. I want to see more data driven, but I didn't want to hear AI is changing the world. I want to see real, practical examples of data-driven impact to data center and I wanted to see more meat on the bone on multicloud. Because I didn't really see much there, I just heard about it. It was almost like a, "we're going there," not a lot of data driven, not a lot of multicloud. Outside of that, I thought it was really, really a great conference. >> And John, we had some phenomenal guests here. So on the data driven piece, Michelle Dennedy, the Chief Privacy Officer, really good piece and she said, oh, you guys are missing it if you didn't hear the data-driven. And she drove home in the interview with us how Cisco is involved there. So, John, there is a lot going on. Cisco is a big company. Big show. There is a lot we are not going to be able to get. Reaz Rehan, got the IOT piece, seeing some new players. Really helping to shift along this transition. Love Susie Lee's discussion about the four year transformation that we are talking. And Rowan, strong executive, good bench at Cisco. Stock has been up, like most of the tech stocks the last few months. >> I mean, we forgot to mention that, good point, Stu. New sheriff in town on IOT, that was a great interview. Again, Susie's at DevNet's hit a home run here. She's got a great group she's developing. Awesome stuff. >> So last thing, John. If Chuck Robbins gave you a call and said, Hey John, I've got that 10, 20, 30 billion dollars that I might be able to play with. Any final advice for him? >> I would really sure up the collab stuff. I think there is a distraction there from the sense of that I get why its developing. But if you use WebEx or all these tools, you're biased. You don't understand, it's the tools you use. You're just going to use it. I think that is a great data. And I think that the collab apps, if you look at it not as a software play, but as an IOT edge device, data-driven device. That's a good play. So I like the direction. I would throw a lot of dough at the collab and make that an IOT edge feature. Cause they can cross connect great data from WebEx to Spark. And I think Spark feels like an app. I want to see, it's not an app. It's a platform. >> Look, it's a messy space. Who leads in those spaces tends to be a lot more the consumer companies that did this. Cisco killed most of their consumer stuff. Then they did, after they had Flip in the set top boxes. So very different Cisco. What assets do they have? >> But to answer your question, Stu, what I would say, I would say Chuck, own the edge. This is a strategic imperative. I would throw the kitchen sink at owning the edge of the network. That means from the core to the edge, and I'd push that edge all the way to the wearables. All the way to the implants in your brain in the future. Own it end to end. Lock that down. Make it dynamic. Make it programmable. That is a holy grail moment and to me, lock it down. And everything will fall into place. You'll have cloud traction. You'll have app traction. Everything will happen. >> And they don't need to be the owner of the public cloud to be successful in what you said, John. So good strategy, I like that. >> Alright, theCUBE, with all the strategy for the CEO, Chuck Robbins, who's watching. Chuck, good to see you. Thanks for having us at Cisco Live. Stu, great analysis. I want to thank all the guests, thank the crew here. Tony Day and the team, and Brendan and Brian, great job. And all the people back home at theCUBE network and theCUBE network operating center in Palo Alto and Boston. This is live coverage. This is our wrap-up from Barcelona, Spain. Cube is calling it a day here at Cisco Live 2018 in Europe. Thanks for watching. (techno music)

(electronic music) >> Narrator: Live from Barcelona, Spain. It's theCUBE covering Cisco Live 2018. Brought to you by Cisco, Veeam, and theCUBE's ecosystem partners. >> Hey welcome back everyone, this is theCUBE's exclusive live coverage here at Barcelona, Spain for Cisco Live 2018 Europe. I'm John Furrier, the co-founder of SiliconANGLE Media and co-host of theCUBE with my partner co-host this week, Stu Miniman, host theCUBE hundreds of events also an analyst at Wikibond.com. Our next guest is Rowan Trollope, who's the SVP and General Manager of the applications division groups plural applications. Welcome to theCUBE, good to see you again. >> Good to see you, too. >> So you did the Keynote up on stage here in Europe and, obviously, Europe is the 2018 kickoff. So it's officially Cisco Live Europe but it's 2018. >> Rowan: Welcome to 2018, it's here. Europe is a big exploding area. You got GDPR on the horizon, you got sophisticated customers, lot of networking, lot of cloud discussions, lot of futuristic views in your speech. How is Cisco changing now? That just really nailed it in the Keynote. What is the future vision that you see for Cisco? >> You're really seeing a new Cisco emerge at this point, I think. A software-defined, faster-paced company, frankly. The idea that what got us here won't get us there, we have to reinvent the company. We have to reinvent what we'd done for so long. And that's what the team is doing. And that was, what was so impressive, frankly, about the network intuitive launch last year was just how dramatically that team had reimagined the concept of, in this case, campus networking, right? But we know that it doesn't stop there. As David said yesterday, it's going to go into the data center, it's going to apply across the rest of, and even the cloud. >> One of the things that Cisco's always had and observe in just as an industry participant over the past 30 years is, you know when open standards TCP/IP came out, that created an industry. So much happened from there, but Cisco's been an enabling company. You guys enable people to be successful. That's always been kind of the network stack. The disruption from going after the old SNA and DECnet protocols, Sonova protocols. >> You're going back before me. (laughing) >> Yeah, but going forward and your speech was not about looking back, it was about looking forward. So now, how is Cisco going to be enabling that future generation of customers, stakeholders, developers, and where is that value going to be unlocked? Where's it going to come from? >> I think that if we were to have a history book and be living the world 2050 right now and then we had a book called the history of the internet, the last 50 years, what would that book say? And how would it talk about 2018 and the world we live in today? And I bet you that it would sort of almost be quaint or sort of Jurassic era internet to the users of 2050 or the inhabitants, the citizens of 2050. That we would look back on this era that we're in today and just say, "Wow, I can't, could you believe the." You know I could imagine my kids are like, "You guys had all these security problems? "Oh my God that's crazy, how could you have lived that way?" >> You carried a phone around? (laughing) >> Yeah, like this is crazy, in other words, we kind of haven't even really started with the internet yet. We just tried a few things and it seems pretty cool and we know there's a few problems and one of them's like, "Gosh, it can't be so manual." We know we're going to have to fix that. "Gosh, it can't be so insecure." We know we're going to have to fix that. "Oh my gosh, this cloud thing's "pretty cool but turns out there's "a little more complexity." We solve that, you know, as well. So it's really going through those things and, at least the way my brain works, it's kind of that I put myself in the future and look backwards and it helps me to sort of think that, gosh, we just got to really think about this in a bigger way and start moving faster. >> Rowan, I love that. If they go back in the history book and it was like, okay, that era networking, dominated by Cisco, tracked by ports and revenue and the old Cisco and the seven dwarfs. Now the future era: software, it's applications. What defineds who Cisco is in the market and how do we track who the winners and losers are? >> Well, I think what you said earlier is right. Cisco is an enabling company and Cisco is a special kind of company, frankly. I think a different kind of company than what you see out there in the world. We're a company that has created orders of magnitude more value than we've captured. And we've captured a lot but when you think about some companies don't do that. Some companies create, almost capture the same amount of volume that they create or they keep almost all of it for themselves. And there's some notable current examples, but I won't name names, where they're really capturing almost all the value that they're creating. Cisco's a different kind of company. We're creating a platform for society, frankly, to be able to exist on this planet in a meaningful way in the future and it reminds me, the way that Cisco is, it reminds me of a great line that's been going around recently which is, "A society grows great when men plant "trees whose shade they know they will never sit in." And that's how I think about the next generation infrastructure. This is going to take a long time to get out there. And we are creating that future for our next generation, but doesn't mean that we have to wait. We need to get started now. There's urgency. >> Rowan, one of the observations that we made yesterday, Stu and I were talking about it when we were walking in this morning is, we usually talk about competition but not this year. It's almost as if this point in history, it's not about competition being names of other companies; the competition is being on the right side of history. >> Right. >> And so you bring up this point, right this is really clear, but the question is architecturally, there's some decisions that companies, and companies are trying to face this, your customers are trying to figure out I want to be on the right side of history because that future is coming. What in your mind's eye is that architecture, obviously software, billion connected devices, I get that, but specifically, what is the history line going to look like? What line, where should people be on, what side of history do you see unfolding that customers can go to for safe harbor to put the 20 year plan together for their business? >> You know I think right now we're at a moment where customers do have to make choices but the choice is pretty clear to everyone. It isn't like there's a lot of questions. We know that the network needs to be reinvented. We've built the products and they're here now. So it's really about, do you start now? And in my view, it's sort of a matter of life or death. Except for many of these companies, waiting is not an option. So, I think that the dividing line on history will be did you get started? Did you transform your business at that time? If you didn't, it's unlikely that your company will be around for very long. And so that will sort of define the future in my mind. It's who got started early. Who said, "Okay, now is the time "we got to get onto this stuff," >> And in 10BASE networking, in context, great message, love that. That's certainly an architecture that's data driven. But not a lot of data driven constructs in the Keynotes, probably in the sessions there are, but what's the role of data? Obviously we had your Chief Privacy Officer Michelle Dennedy on earlier, she was awesome, data is now the asset that will probably value businesses so you have on the app side we had the collab team over, it's a platform, not just a tool, a set of tools that's throwing off data. This data is the instrumenting valuation for companies. How are you looking at this and how does Cisco evolve to skate to where the puck will be? Cause it's still early but developing really fast on the data front. >> I think that academics today and a lot of Cisco thought leaders would agree with this, are looking at a next-generation networking principle called Information-Centric Networks, or data oriented networking architectures. And it's the idea that current networking architectures are based on the N10 principle, which are systems-based. System A connects to system B and they can send bits. Well, the next generation networks not going to be system-based, it's going to be information-based, which means I don't ask for the Microsoft.com URL and then get the IP address and connect to a system. I find out, I want to see, show me the product list for Microsoft and the network serves me that up. And Microsoft publishes it and says, I have that information. So when someone asks for it, I say I have it and I publish it. So the network abstracts to a higher level that is at the data layer, not at the connectivity layer and that is what I think is going to happen over time. Is you're going to see this continuing abstraction up the stack of all this infrastructure where it gets easier and easier and easier for developers to interact with the infrastructure. >> So here's a philosophical question for you. Network theory, we all know how packets move around, folks may or may not care, if they don't are in that business. >> Rowan: We care. >> Well I mean someone in the business might not care how OSPF routing protocol works but I mean it's a network theory. Social networking and IoT are connected devices, they're nodes on a network. How do you take that DNA of being competent in network DNA to applications that are inherently more graph databases? More network-oriented where attention, reputation, intent, context, it's always been like a search paradigm, not a networking-moving packet paradise. So, I guess my question is, how do you connect those two worlds, how does Cisco do that? Cause you do dominate the network, network theory, network graphs. >> Yeah, I think that, you said it's a philosophical question so I can give you a philosophical answer. You know, we live in a world today where we don't actually really access the internet. We access it through companies that have put a business model on top of it. You go to Google or any other search engine, that's the case. So they've essentially layered this data-oriented layer on top of the network already. But you're paying for it. And you're paying a price because if you search and you search and I search, we're going to get three different answers. I mean this whole idea of filter bubbles and what's going on with social networks today is a true phenomenon. And the internet was never really meant to be that way. So I think there's an opportunity for us to reimagine that. And some of the basic, sort of, principles of the network can be reconsidered. Now, obviously, we've got the short-term things we need to do over the next few years like have companies deploy our new gear and buy our stuff and everything else. But we are thinking about these next generations, I'd say pretty keenly and, you know, I think that the infrastructure of the future, the way that I think about it, does provide a much higher level of abstraction to the network than what we have today. >> They're making it programmable, you mean. Making it resilient. >> Yeah, as a developer, I shouldn't have to worry about standing up a server. I should be able to write some code and publish some data and subscribe to data and that's it. >> Rowan, I loved actually the open of your Keynote. You talked about it's a new era and a new infrastructure. We've seen Cisco change the dynamic; the applications, some of the acquisitions you made, the push much deeper into software. What are some of the biggest challenges you face there 'cause I think we agree, if Cisco is alive and thriving in 2015, we don't think of it as infrastructure networking company. So, what's the biggest challenge for the company to move that way, up the stack. >> Well, I think the biggest challenge is how quickly we moved. I think that we have to constantly be challenging ourselves to move faster. We know, I think we have a pretty good sense for where the future is going and what we'd like to create. The question is how quickly can we and our customers move. And we have to make it easier for our customers. So advance services plays a big part in that. That's why we have such a big investment there and why we're so over-rotating onto staffing that for the network intuitive. The collaboration business is going through the same transformation, IoT in the same way. So really, we're racing to keep up with our customers as much as they're racing to keep up with us. And that's the biggest opportunity and challenge, I think, for the company right now. Is can we move fast enough. And if we do, a $40 stock price will look like, you know, again, quaint. >> So developers are going to be a key role. Obviously a developer-focused, developer.Cisco.com. You guys had that around for a long, long time. You guys, when vertically-integrated Cisco works great, Cisco on Cisco, as you go out and have more APIs and things like Uber Nettes with cloud-native open up more non-Cisco. One trend we're seeing here at Cisco Live is a lot of developers that aren't necessarily a hardcore network guys are coming into the Cisco fold. That's going to be more of the trend going forward. How do you view and what does Cisco need to do to capture that mind share and convert them into valuable participants in the community building on top of Cisco, because integration with non-Cisco related things, whether it's open source and/or other systems be imbedding into the sales force and what not. That has to be the new normal for you guys. What's your view on that and how do you drive that forward? >> I think companies of the future, next generation companies, there's not going to be a distinction between tech companies and non-tech companies. Every company will be a tech company and you won't have sort of the difference between the application and your business. The application is your business. So the app is your business and you're a tech company and that's that. And all companies will be that way, essentially. Powered by software. In that kind of a world, it's developers that are key to delivering on your company's mission. And so I think developers will continue to accelerate. We see the DevNet zone grows here every year. It's phenomenal, it's bigger than ever this year. And the examples in the programmability that we've been adding to the network, to the collaboration portfolio, every time I come here, it blows my mind. And so I think that's certainly a vision of the future, when you come and take a look at what's going on here. You can see that the developer is the key for those businesses of the future and we're going to service them. I mean, that is our mission is to get very, very focused on servicing developers with the platforms that we're building. >> If you had to extract out and describe to a college buddy or customer or friend, they asked you, "Rowan, what's the big wave "that you're riding for the next 20 years?" These waves are coming. We're seeing a lot of examples of crypto and blockchain on one end, really active, you certainly got cloud as a wave, data AI as a wave. Is it all one big wave? I mean waves of innovation come once a generation this size. We've said on theCUBE, we think it's the biggest wave we've seen in a long, long time. I mean right now, it's a combination of all those things. Your thoughts of the wave, how would you describe that to someone. >> I think the biggest and most meaningful thing to us is the connectivity of everything. I think that's probably the big one. Data comes along with that, all the other parts of it come along with it. But, if you think about the history of where we've been, for the last 30 years the internet was largely here and here. That's where it is. >> Like that remote. (laughing) >> And it's not in your lights and it's not in your cameras and it's not in the desk and it's not in your chair, but it will be. That to me is the biggest transformation. It's going to take a long time. You know, I think we've been talking about this transformation for a long time but as we get to that level of connectivity, as we get to that level of pervasiveness of the network, that's the biggest transformation to me is that the network goes from here to everywhere. >> And the common threads to your point is data, cloud, no-no, data, network-- >> Yep, cloud, security-- >> And software. >> Yeah, I mean look-- >> Things that'll never change. There will always be data, there will always be the network. >> Yep, and there will always be compute of some sort or another. We just think that if you look at our portfolio, we are really well positioned to create that next generation infrastructure. We've got the products now in many, across the boards. And we're thinking about, when you think about data as one of the most interesting things I think about, one of the most important transitions for the company is around data. It's about pivoting our focus from moving packets to addressing data. And what we want to be ultimately for in enterprise is a central nervous system and the real-time platform for data. We're not going to be the database. We're not going to be the analytics company. We're going to be that real-time source of information. You could think about it as a nervous system for a business. >> You're taking your network DNA and expanding it. Not trying to land grab new trends. >> No I think there's plenty of work for us to do. >> Rowan, a final question, what's the vibe here in Barcelona? Obviously, great Keynote. Stu and I both really enjoyed, love the vision. And then the meaty part of the intent that came after was great. What's going on, your conversations in the hallway, customers, dinners, what's the vibe like here in Europe for Cisco this year? >> Well, it's a thrilling vibe, especially down here on the show floor and right here at the epicenter of that which is the DevNet, sort of workshops and all the things that are going on, they're packed. So I think if you're going to come down, get down here soon because they are just absolutely filled up and so, that's one thing. I think a tremendous amount of optimism for the company is what I'm picking up as I talk to customers. People that have been coming up to me have been just very excited about Cisco's future and very excited about our vision and very excited about what we're doing and what we are doing together. I think the idea that Cisco is a different kind of company. We're the kind of company that is an enabler for our customers to do great things. And that, to me, is a very noble pursuit. >> Alright, Rowan Trollope, SVP and general manager applications Cisco, headlining Cisco Live 2018 here in Europe. This is theCUBE's live coverage from the DevNet zone here in Barcelona. I'm John Furrier, Stu Miniman. More live CUBE coverage after this short break. Thanks for watching.