(upbeat music) >> Welcome back to Supercloud 2, which is an open industry collaboration between technologists, consultants, analysts, and of course, practitioners, to help shape the future of cloud. And at this event, one of the key areas we're exploring is the intersection of cloud and data, and how building value on top of hyperscale clouds and across clouds is evolving, a concept we call supercloud. And we're pleased to welcome Harvir Singh, who's the chief data architect and global head of data at Western Union. Harvir, it's good to see you again. Thanks for coming on the program. >> Thanks, David, it's always a pleasure to talk to you. >> So many things stand out from when we first met, and one of the most gripping for me was when you said to me, "When data moves, money moves." And that's the world we live in today, and really have for a long time. Money has moved as bits, and when it has to move, we want it to move quickly, securely, and in a governed manner. And the pressure to do so is only growing. So tell us how that trend is evolved over the past decade in the context of your industry generally, and Western Union, specifically. Look, I always say to people that we are probably the first ones to introduce digital currency around the world because, hey, somebody around the world needs money, we move data to make that happen. That trend has actually accelerated quite a bit. If you look at the last 10 years, and you look at all these payment companies, digital companies, credit card companies that have evolved, majority of them are working on the same principle. When data moves, money moves. When data is stale, the money goes away, right? I think that trend is continuing, and it's not just the trend is in this space, it's also continuing in other spaces, specifically around, you know, acquisition of customers, communication with customers. It's all becoming digital, and it's, at the end of the day, it's all data being moved from one place or another. At the end of the day, you're not seeing the customer, but you're looking at, you know, the data that he's consuming, and you're making actionable items on it, and be able to respond to what they need. So I think 10 years, it's really, really evolved. >> Hmm, you operate, Western Union operates in more than 200 countries, and you you have what I would call a pseudo federated organization. You're trying to standardize wherever possible on the infrastructure, and you're curating the tooling and doing the heavy lifting in the data stack, which of course lessens the burden on the developers and the line of business consumers, so my question is, in operating in 200 countries, how do you deal with all the diversity of laws and regulations across those regions? I know you're heavily involved in AWS, but AWS isn't everywhere, you still have some on-prem infrastructure. Can you paint a picture of, you know, what that looks like? >> Yeah, a few years ago , we were primarily mostly on-prem, and one of the biggest pain points has been managing that infrastructure around the world in those countries. Yes, we operate in 200 countries, but we don't have infrastructure in 200 countries, but we do have agent locations in 200 countries. United Nations says we only have like 183 are countries, but there are countries which, you know, declare themselves countries, and we are there as well because somebody wants to send money there, right? Somebody has an agent location down there as well. So that infrastructure is obviously very hard to manage and maintain. We have to comply by numerous laws, you know. And the last few years, specifically with GDPR, CCPA, data localization laws in different countries, it's been a challenge, right? And one of the things that we did a few years ago, we decided that we want to be in the business of helping our customers move money faster, security, and with complete trust in us. We don't want to be able to, we don't want to be in the business of managing infrastructure. And that's one of the reasons we started to, you know, migrate and move our journey to the cloud. AWS, obviously chosen first because of its, you know, first in the game, has more locations, and more data centers around the world where we operate. But we still have, you know, existing infrastructure, which is in some countries, which is still localized because AWS hasn't reached there, or we don't have a comparable provider there. We still manage those. And we have to comply by those laws. Our data privacy and our data localization tech stack is pretty good, I would say. We manage our data very well, we manage our customer data very well, but it comes with a lot of complexity. You know, we get a lot of requests from European Union, we get a lot of requests from Asia Pacific every pretty much on a weekly basis to explain, you know, how we are taking controls and putting measures in place to make sure that the data is secured and is in the right place. So it's a complex environment. We do have exposure to other clouds as well, like Google and Azure. And as much as we would love to be completely, you know, very, very hybrid kind of an organization, it's still at a stage where we are still very heavily focused on AWS yet, but at some point, you know, we would love to see a world which is not reliant on a single provider, but it's more a little bit more democratized, you know, as and when what I want to use, I should be able to use, and pay-per-use. And the concept started like that, but it's obviously it's now, again, there are like three big players in the market, and, you know, they're doing their own thing. Would love to see them come collaborate at some point. >> Yeah, wouldn't we all. I want to double-click on the whole multi-cloud strategy, but if I understand it correctly, and in a perfect world, everything on-premises would be in the cloud is, first of all, is that a correct statement? Is that nirvana for you or not necessarily? >> I would say it is nirvana for us, but I would also put a caveat, is it's very tricky because from a regulatory perspective, we are a regulated entity in many countries. The regulators would want to see some control if something happens with a relationship with AWS in one country, or with Google in another country, and it keeps happening, right? For example, Russia was a good example where we had to switch things off. We should be able to do that. But if let's say somewhere in Asia, this country decides that they don't want to partner with AWS, and majority of our stuff is on AWS, where do I go from there? So we have to have some level of confidence in our own infrastructure, so we do maintain some to be able to fail back into and move things it needs to be. So it's a tricky question. Yes, it's nirvana state that I don't have to manage infrastructure, but I think it's far less practical than it said. We will still own something that we call it our own where we have complete control, being a financial entity. >> And so do you try to, I'm sure you do, standardize between all the different on-premise, and in this case, the AWS cloud or maybe even other clouds. How do you do that? Do you work with, you know, different vendors at the various places of the stack to try to do that? Some of the vendors, you know, like a Snowflake is only in the cloud. You know, others, you know, whether it's whatever, analytics, or storage, or database, might be hybrid. What's your strategy with regard to creating as common an experience as possible between your on-prem and your clouds? >> You asked a question which I asked when I joined as well, right? Which question, this is one of the most important questions is how soon when I fail back, if I need to fail back? And how quickly can I, because not everything that is sitting on the cloud is comparable to on-prem or is backward compatible. And the reason I say backward compatible is, you know, there are, our on-prem cloud is obviously behind. We haven't taken enough time to kind of put it to a state where, because we started to migrate and now we have access to infrastructure on the cloud, most of the new things are being built there. But for critical application, I would say we have chronology that could be used to move back if need to be. So, you know, technologies like Couchbase, technologies like PostgreSQL, technologies like Db2, et cetera. We still have and maintain a fairly large portion of it on-prem where critical applications could potentially be serviced. We'll give you one example. We use Neo4j very heavily for our AML use cases. And that's an important one because if Neo4j on the cloud goes down, and it's happened in the past, again, even with three clusters, having all three clusters going down with a DR, we still need some accessibility of that because that's one of the biggest, you know, fraud and risk application it supports. So we do still maintain some comparable technology. Snowflake is an odd one. It's obviously there is none on-prem. But then, you know, Snowflake, I also feel it's more analytical based technology, not a transactional-based technology, at least in our ecosystem. So for me to replicate that, yes, it'll probably take time, but I can live with that. But my business will not stop because our transactional applications can potentially move over if need to. >> Yeah, and of course, you know, all these big market cap companies, so the Snowflake or Databricks, which is not public yet, but they've got big aspirations. And so, you know, we've seen things like Snowflake do a deal with Dell for on-prem object store. I think they do the same thing with Pure. And so over time, you see, Mongo, you know, extending its estate. And so over time all these things are coming together. I want to step out of this conversation for a second. I just ask you, given the current macroeconomic climate, what are the priorities? You know, obviously, people are, CIOs are tapping the breaks on spending, we've reported on that, but what is it? Is it security? Is it analytics? Is it modernization of the on-prem stack, which you were saying a little bit behind. Where are the priorities today given the economic headwinds? >> So the most important priority right now is growing the business, I would say. It's a different, I know this is more, this is not a very techy or a tech answer that, you know, you would expect, but it's growing the business. We want to acquire more customers and be able to service them as best needed. So the majority of our investment is going in the space where tech can support that initiative. During our earnings call, we released the new pillars of our organization where we will focus on, you know, omnichannel digital experience, and then one experience for customer, whether it's retail, whether it's digital. We want to open up our own experience stores, et cetera. So we are investing in technology where it's going to support those pillars. But the spend is in a way that we are obviously taking away from the things that do not support those. So it's, I would say it's flat for us. We are not like in heavily investing or aggressively increasing our tech budget, but it's more like, hey, switch this off because it doesn't make us money, but now switch this on because this is going to support what we can do with money, right? So that's kind of where we are heading towards. So it's not not driven by technology, but it's driven by business and how it supports our customers and our ability to compete in the market. >> You know, I think Harvir, that's consistent with what we heard in some other work that we've done, our ETR partner who does these types of surveys. We're hearing the same thing, is that, you know, we might not be spending on modernizing our on-prem stack. Yeah, we want to get to the cloud at some point and modernize that. But if it supports revenue, you know, we'll invest in that, and get the, you know, instant ROI. I want to ask you about, you know, this concept of supercloud, this abstracted layer of value on top of hyperscale infrastructure, and maybe on-prem. But we were talking about the integration, for instance, between Snowflake and Salesforce, where you got different data sources and you were explaining that you had great interest in being able to, you know, have a kind of, I'll say seamless, sorry, I know it's an overused word, but integration between the data sources and those two different platforms. Can you explain that and why that's attractive to you? >> Yeah, I'm a big supporter of action where the data is, right? Because the minute you start to move, things are already lost in translation. The time is lost, you can't get to it fast enough. So if, for example, for us, Snowflake, Salesforce, is our actionable platform where we action, we send marketing campaigns, we send customer communication via SMS, in app, as well as via email. Now, we would like to be able to interact with our customers pretty much on a, I would say near real time, but the concept of real time doesn't work well with me because I always feel that if you're observing something, it's not real time, it's already happened. But how soon can I react? That's the question. And given that I have to move that data all the way from our, let's say, engagement platforms like Adobe, and particles of the world into Snowflake first, and then do my modeling in some way, and be able to then put it back into Salesforce, it takes time. Yes, you know, I can do it in a few hours, but that few hours makes a lot of difference. Somebody sitting on my website, you know, couldn't find something, walked away, how soon do you think he will lose interest? Three hours, four hours, he'll probably gone, he will never come back. I think if I can react to that as fast as possible without too much data movement, I think that's a lot of good benefit that this kind of integration will bring. Yes, I can potentially take data directly into Salesforce, but I then now have two copies of data, which is, again, something that I'm not a big (indistinct) of. Let's keep the source of the data simple, clean, and a single source. I think this kind of integration will help a lot if the actions can be brought very close to where the data resides. >> Thank you for that. And so, you know, it's funny, we sometimes try to define real time as before you lose the customer, so that's kind of real time. But I want to come back to this idea of governed data sharing. You mentioned some other clouds, a little bit of Azure, a little bit of Google. In a world where, let's say you go more aggressively, and we know that for instance, if you want to use Google's AI tools, you got to use BigQuery. You know, today, anyway, they're not sort of so friendly with Snowflake, maybe different for the AWS, maybe Microsoft's going to be different as well. But in an ideal world, what I'm hearing is you want to keep the data in place. You don't want to move the data. Moving data is expensive, making copies is badness. It's expensive, and it's also, you know, changes the state, right? So you got governance issues. So this idea of supercloud is that you can leave the data in place and actually have a common experience across clouds. Let's just say, let's assume for a minute Google kind of wakes up, my words, not yours, and says, "Hey, maybe, you know what, partnering with a Snowflake or a Databricks is better for our business. It's better for the customers," how would that affect your business and the value that you can bring to your customers? >> Again, I would say that would be the nirvana state that, you know, we want to get to. Because I would say not everyone's perfect. They have great engineers and great products that they're developing, but that's where they compete as well, right? I would like to use the best of breed as much as possible. And I've been a person who has done this in the past as well. I've used, you know, tools to integrate. And the reason why this integration has worked is primarily because sometimes you do pick the best thing for that job. And Google's AI products are definitely doing really well, but, you know, that accessibility, if it's a problem, then I really can't depend on them, right? I would love to move some of that down there, but they have to make it possible for us. Azure is doing really, really good at investing, so I think they're a little bit more and more closer to getting to that state, and I know seeking our attention than Google at this point of time. But I think there will be a revelation moment because more and more people that I talk to like myself, they're also talking about the same thing. I'd like to be able to use Google's AdSense, I would like to be able to use Google's advertising platform, but you know what? I already have all this data, why do I need to move it? Can't they just go and access it? That question will keep haunting them (indistinct). >> You know, I think, obviously, Microsoft has always known, you know, understood ecosystems. I mean, AWS is nailing it, when you go to re:Invent, it's all about the ecosystem. And they think they realized they can make a lot more money, you know, together, than trying to have, and Google's got to figure that out. I think Google thinks, "All right, hey, we got to have the best tech." And that tech, they do have the great tech, and that's our competitive advantage. They got to wake up to the ecosystem and what's happening in the field and the go-to-market. I want to ask you about how you see data and cloud evolving in the future. You mentioned that things that are driving revenue are the priorities, and maybe you're already doing this today, but my question is, do you see a day when companies like yours are increasingly offering data and software services? You've been around for a long time as a company, you've got, you know, first party data, you've got proprietary knowledge, and maybe tooling that you've developed, and you're becoming more, you're already a technology company. Do you see someday pointing that at customers, or again, maybe you're doing it already, or is that not practical in your view? >> So data monetization has always been on the charts. The reason why it hasn't seen the light is regulatory pressure at this point of time. We are partnering up with certain agencies, again, you know, some pilots are happening to see the value of that and be able to offer that. But I think, you know, eventually, we'll get to a state where our, because we are trying to build accessible financial services, we will be in a state that we will be offering those to partners, which could then extended to their customers as well. So we are definitely exploring that. We are definitely exploring how to enrich our data with other data, and be able to complete a super set of data that can be used. Because frankly speaking, the data that we have is very interesting. We have trends of people migrating, we have trends of people migrating within the US, right? So if a new, let's say there's a new, like, I'll give you an example. Let's say New York City, I can tell you, at any given point of time, with my data, what is, you know, a dominant population in that area from migrant perspective. And if I see a change in that data, I can tell you where that is moving towards. I think it's going to be very interesting. We're a little bit, obviously, sometimes, you know, you're scared of sharing too much detail because there's too much data. So, but at the end of the day, I think at some point, we'll get to a state where we are confident that the data can be used for good. One simple example is, you know, pharmacies. They would love to get, you know, we've been talking to CVS and we are talking to Walgreens, and trying to figure out, if they would get access to this kind of data demographic information, what could they do be better? Because, you know, from a gene pool perspective, there are diseases and stuff that are very prevalent in one community versus the other. We could probably equip them with this information to be able to better, you know, let's say, staff their pharmacies or keep better inventory of products that could be used for the population in that area. Similarly, the likes of Walmarts and Krogers, they would like to have more, let's say, ethnic products in their aisles, right? How do you enable that? That data is primarily, I think we are the biggest source of that data. So we do take pride in it, but you know, with caution, we are obviously exploring that as well. >> My last question for you, Harvir, is I'm going to ask you to do a thought exercise. So in that vein, that whole monetization piece, imagine that now, Harvir, you are running a P&L that is going to monetize that data. And my question to you is a there's a business vector and a technology vector. So from a business standpoint, the more distribution channels you have, the better. So running on AWS cloud, partnering with Microsoft, partnering with Google, going to market with them, going to give you more revenue. Okay, so there's a motivation for multi-cloud or supercloud. That's indisputable. But from a technical standpoint, is there an advantage to running on multiple clouds or is that a disadvantage for you? >> It's, I would say it's a disadvantage because if my data is distributed, I have to combine it at some place. So the very first step that we had taken was obviously we brought in Snowflake. The reason, we wanted our analytical data and we want our historical data in the same place. So we are already there and ready to share. And we are actually participating in the data share, but in a private setting at the moment. So we are technically enabled to share, unless there is a significant, I would say, upside to moving that data to another cloud. I don't see any reason because I can enable anyone to come and get it from Snowflake. It's already enabled for us. >> Yeah, or if somehow, magically, several years down the road, some standard developed so you don't have to move the data. Maybe there's a new, Mogli is talking about a new data architecture, and, you know, that's probably years away, but, Harvir, you're an awesome guest. I love having you on, and really appreciate you participating in the program. >> I appreciate it. Thank you, and good luck (indistinct) >> Ah, thank you very much. This is Dave Vellante for John Furrier and the entire Cube community. Keep it right there for more great coverage from Supercloud 2. (uplifting music)

>>We're back at Supercomputing 22 in Dallas, winding down day four of this conference. I'm Paul Gillan, my co-host Dave Nicholson. We are talking, we've been talking super computing all week and you hear a lot about what's going on in the United States, what's going on in China, Japan. What we haven't talked a lot about is what's going on in Europe and did you know that two of the top five supercomputers in the world are actually from European countries? Well, our guest has a lot to do with that. Florian, bearish, I hope I pronounce that correctly. My German is, German is not. My strength is the operations director for price, ais, S B L. And let's start with that. What is price? >>So, hello and thank you for the invitation. I'm Flon and Price is a partnership for Advanced Computing in Europe. It's a non-profit association with the seat in Brussels in Belgium. And we have 24 members. These are representatives from different European countries dealing with high performance computing in at their place. And we, so far, we provided the resources for our European research communities. But this changed in the last year, this oral HPC joint undertaking who put a lot of funding in high performance computing and co-funded five PET scale and three preis scale systems. And two of the preis scale systems. You mentioned already, this is Lumi and Finland and Leonardo in Bologna in Italy were in the place for and three and four at the top 500 at least. >>So why is it important that Europe be in the top list of supercomputer makers? >>I think Europe needs to keep pace with the rest of the world. And simulation science is a key technology for the society. And we saw this very recently with a pandemic, with a covid. We were able to help the research communities to find very quickly vaccines and to understand how the virus spread around the world. And all this knowledge is important to serve the society. Or another example is climate change. Yeah. With these new systems, we will be able to predict more precise the changes in the future. So the more compute power you have, the better the smaller the grid and there is resolution you can choose and the lower the error will be for the future. So these are, I think with these systems, the big or challenges we face can be addressed. This is the climate change, energy, food supply, security. >>Who are your members? Do they come from businesses? Do they come from research, from government? All of the >>Above. Yeah. Our, our members are public organization, universities, research centers, compute sites as a data centers, but But public institutions. Yeah. And we provide this services for free via peer review process with excellence as the most important criteria to the research community for free. >>So 40 years ago when, when the idea of an eu, and maybe I'm getting the dates a little bit wrong, when it was just an idea and the idea of a common currency. Yes. Reducing friction between, between borders to create a trading zone. Yes. There was a lot of focus there. Fast forward to today, would you say that these efforts in supercomputing, would they be possible if there were not an EU super structure? >>No, I would say this would not be possible in this extent. I think when though, but though European initiatives are, are needed and the European Commission is supporting these initiatives very well. And before praise, for instance 2008, there were research centers and data centers operating high performance computing systems, but they were not talking to each other. So it was isolated praise created community of operation sites and it facilitated the exchange between them and also enabled to align investments and to, to get the most out of the available funding. And also at this time, and still today for one single country in Europe, it's very hard to provide all the different architectures needed for all the different kind of research communities and applications. If you want to, to offer always the latest technologies, though this is really hardly possible. So with this joint action and opening the resources for other research groups from other countries, you, we, we were able to, yeah, get access to the latest technology for different communities at any given time though. And >>So, so the fact that the two systems that you mentioned are physically located in Finland and in Italy, if you were to walk into one of those facilities and meet the people that are there, they're not just fins in Finland and Italians in Italy. Yeah. This is, this is very much a European effort. So this, this is true. So, so in this, in that sense, the geography is sort of abstracted. Yeah. And the issues of sovereignty that make might take place in in the private sector don't exist or are there, are there issues with, can any, what are the requirements for a researcher to have access to a system in Finland versus a system in Italy? If you've got a EU passport, Hmm. Are you good to go? >>I think you are good to go though. But EU passport, it's now it becomes complicated and political. It's, it's very much, if we talk about the recent systems, well first, let me start a praise. Praise was inclusive and there was no any constraints as even we had users from US, Australia, we wanted just to support excellence in science. And we did not look at the nationality of the organization, of the PI and and so on. There were quotas, but these quotas were very generously interpreted. So, and if so, now with our HPC joint undertaking, it's a question from what European funds, these systems were procured and if a country or being country are associated to this funding, the researchers also have access to these systems. And this addresses basically UK and and Switzerland, which are not in the European Union, but they were as created to the Horizon 2020 research framework. And though they could can access the systems now available, Lumi and Leono and the Petascale system as well. How this will develop in the future, I don't know. It depends to which research framework they will be associated or not. >>What are the outputs of your work at price? Are they reference designs? Is it actual semiconductor hardware? Is it the research? What do you produce? >>So the, the application we run or the simulation we run cover all different scientific domains. So it's, it's science, it's, but also we have industrial let projects with more application oriented targets. Aerodynamics for instance, for cars or planes or something like this. But also fundamental science like the physical elementary physics particles for instance or climate change, biology, drug design, protein costa, all these >>Things. Can businesses be involved in what you do? Can they purchase your, your research? Do they contribute to their, I'm sure, I'm sure there are many technology firms in Europe that would like to be involved. >>So this involving industry though our calls are open and is, if they want to do open r and d, they are invited to submit also proposals. They will be evaluated and if this is qualifying, they will get the access and they can do their jobs and simulations. It's a little bit more tricky if it's in production, if they use these resources for their business and do not publish the results. They are some, well, probably more sites who, who are able to deal with these requests. Some are more dominant than others, but this is on a smaller scale, definitely. Yeah. >>What does the future hold? Are you planning to, are there other countries who will be joining the effort, other institutions? Do you plan to expand your, your scope >>Well, or I think or HPC joint undertaking with 36 member states is quite, covers already even more than Europe. And yeah, clearly if, if there are other states interest interested to join that there is no limitation. Although the focus lies on European area and on union. >>When, when you interact with colleagues from North America, do you, do you feel that there is a sort of European flavor to supercomputing that is different or are we so globally entwined? No. >>So research is not national, it's not European, it's international. This is also clearly very clear and I can, so we have a longstanding collaboration with our US colleagues and also with Chap and South Africa and Canada. And when Covid hit the world, we were able within two weeks to establish regular seminars inviting US and European colleagues to talk to to other, to each other and exchange the results and find new collaboration and to boost the research activities. So, and I have other examples as well. So when we, we already did the joint calls US exceed and in Europe praise and it was a very interesting experience. So we received applications from different communities and we decided that we will review this on our side, on European, with European experts and US did it in US with their experts. And you can guess what the result was at the meeting when we compared our results, it was matching one by one. It was exactly the same. Recite >>That it, it's, it's refreshing to hear a story of global collaboration. Yeah. Where people are getting along and making meaningful progress. >>I have to mention you, I have to to point out, you did not mention China as a country you were collaborating with. Is that by, is that intentional? >>Well, with China, definitely we have less links and collaborations also. It's also existing. There, there was initiative to look at the development of the technologies and the group meet on a regular basis. And there, there also Chinese colleagues involved. It's on a lower level, >>Yes, but is is the con conversations are occurring. We're out of time. Florian be operations director of price, European Super Computing collaborative. Thank you so much for being with us. I'm always impressed when people come on the cube and submit to an interview in a language that is not their first language. Yeah, >>Absolutely. >>Brave to do that. Yeah. Thank you. You're welcome. Thank you. We'll be right back after this break from Supercomputing 22 in Dallas.

hello I'm John Furrier with thecube and welcome to this special presentation of the cube and Horizon 3.ai they're announcing a global partner first approach expanding their successful pen testing product Net Zero you're going to hear from leading experts in their staff their CEO positioning themselves for a successful Channel distribution expansion internationally in Europe Middle East Africa and Asia Pacific in this Cube special presentation you'll hear about the expansion the expanse partner program giving Partners a unique opportunity to offer Net Zero to their customers Innovation and Pen testing is going International with Horizon 3.ai enjoy the program [Music] welcome back everyone to the cube and Horizon 3.ai special presentation I'm John Furrier host of thecube we're here with Jennifer Lee head of Channel sales at Horizon 3.ai Jennifer welcome to the cube thanks for coming on great well thank you for having me so big news around Horizon 3.aa driving Channel first commitment you guys are expanding the channel partner program to include all kinds of new rewards incentives training programs help educate you know Partners really drive more recurring Revenue certainly cloud and Cloud scale has done that you got a great product that fits into that kind of Channel model great Services you can wrap around it good stuff so let's get into it what are you guys doing what are what are you guys doing with this news why is this so important yeah for sure so um yeah we like you said we recently expanded our Channel partner program um the driving force behind it was really just um to align our like you said our Channel first commitment um and creating awareness around the importance of our partner ecosystems um so that's it's really how we go to market is is through the channel and a great International Focus I've talked with the CEO so you know about the solution and he broke down all the action on why it's important on the product side but why now on the go to market change what's the what's the why behind this big this news on the channel yeah for sure so um we are doing this now really to align our business strategy which is built on the concept of enabling our partners to create a high value high margin business on top of our platform and so um we offer a solution called node zero it provides autonomous pen testing as a service and it allows organizations to continuously verify their security posture um so we our company vision we have this tagline that states that our pen testing enables organizations to see themselves Through The Eyes of an attacker and um we use the like the attacker's perspective to identify exploitable weaknesses and vulnerabilities so we created this partner program from a perspective of the partner so the partner's perspective and we've built It Through The Eyes of our partner right so we're prioritizing really what the partner is looking for and uh will ensure like Mutual success for us yeah the partners always want to get in front of the customers and bring new stuff to them pen tests have traditionally been really expensive uh and so bringing it down in one to a service level that's one affordable and has flexibility to it allows a lot of capability so I imagine people getting excited by it so I have to ask you about the program What specifically are you guys doing can you share any details around what it means for the partners what they get what's in it for them can you just break down some of the mechanics and mechanisms or or details yeah yep um you know we're really looking to create business alignment um and like I said establish Mutual success with our partners so we've got two um two key elements that we were really focused on um that we bring to the partners so the opportunity the profit margin expansion is one of them and um a way for our partners to really differentiate themselves and stay relevant in the market so um we've restructured our discount model really um you know highlighting profitability and maximizing profitability and uh this includes our deal registration we've we've created deal registration program we've increased discount for partners who take part in our partner certification uh trainings and we've we have some other partner incentives uh that we we've created that that's going to help out there we've we put this all so we've recently Gone live with our partner portal um it's a Consolidated experience for our partners where they can access our our sales tools and we really view our partners as an extension of our sales and Technical teams and so we've extended all of our our training material that we use internally we've made it available to our partners through our partner portal um we've um I'm trying I'm thinking now back what else is in that partner portal here we've got our partner certification information so all the content that's delivered during that training can be found in the portal we've got deal registration uh um co-branded marketing materials pipeline management and so um this this portal gives our partners a One-Stop place to to go to find all that information um and then just really quickly on the second part of that that I mentioned is our technology really is um really disruptive to the market so you know like you said autonomous pen testing it's um it's still it's well it's still still relatively new topic uh for security practitioners and um it's proven to be really disruptive so um that on top of um just well recently we found an article that um that mentioned by markets and markets that reports that the global pen testing markets really expanding and so it's expected to grow to like 2.7 billion um by 2027. so the Market's there right the Market's expanding it's growing and so for our partners it's just really allows them to grow their revenue um across their customer base expand their customer base and offering this High profit margin while you know getting in early to Market on this just disruptive technology big Market a lot of opportunities to make some money people love to put more margin on on those deals especially when you can bring a great solution that everyone knows is hard to do so I think that's going to provide a lot of value is there is there a type of partner that you guys see emerging or you aligning with you mentioned the alignment with the partners I can see how that the training and the incentives are all there sounds like it's all going well is there a type of partner that's resonating the most or is there categories of partners that can take advantage of this yeah absolutely so we work with all different kinds of Partners we work with our traditional resale Partners um we've worked we're working with systems integrators we have a really strong MSP mssp program um we've got Consulting partners and the Consulting Partners especially with the ones that offer pen test services so we they use us as a as we act as a force multiplier just really offering them profit margin expansion um opportunity there we've got some technology partner partners that we really work with for co-cell opportunities and then we've got our Cloud Partners um you'd mentioned that earlier and so we are in AWS Marketplace so our ccpo partners we're part of the ISP accelerate program um so we we're doing a lot there with our Cloud partners and um of course we uh we go to market with uh distribution Partners as well gotta love the opportunity for more margin expansion every kind of partner wants to put more gross profit on their deals is there a certification involved I have to ask is there like do you get do people get certified or is it just you get trained is it self-paced training is it in person how are you guys doing the whole training certification thing because is that is that a requirement yeah absolutely so we do offer a certification program and um it's been very popular this includes a a seller's portion and an operator portion and and so um this is at no cost to our partners and um we operate both virtually it's it's law it's virtually but live it's not self-paced and we also have in person um you know sessions as well and we also can customize these to any partners that have a large group of people and we can just we can do one in person or virtual just specifically for that partner well any kind of incentive opportunities and marketing opportunities everyone loves to get the uh get the deals just kind of rolling in leads from what we can see if our early reporting this looks like a hot product price wise service level wise what incentive do you guys thinking about and and Joint marketing you mentioned co-sell earlier in pipeline so I was kind of kind of honing in on that piece sure and yes and then to follow along with our partner certification program we do incentivize our partners there if they have a certain number certified their discount increases so that's part of it we have our deal registration program that increases discount as well um and then we do have some um some partner incentives that are wrapped around meeting setting and um moving moving opportunities along to uh proof of value gotta love the education driving value I have to ask you so you've been around the industry you've seen the channel relationships out there you're seeing companies old school new school you know uh Horizon 3.ai is kind of like that new school very cloud specific a lot of Leverage with we mentioned AWS and all the clouds um why is the company so hot right now why did you join them and what's why are people attracted to this company what's the what's the attraction what's the vibe what do you what do you see and what what do you use what did you see in in this company well this is just you know like I said it's very disruptive um it's really in high demand right now and um and and just because because it's new to Market and uh a newer technology so we are we can collaborate with a manual pen tester um we can you know we can allow our customers to run their pen test um with with no specialty teams and um and and then so we and like you know like I said we can allow our partners can actually build businesses profitable businesses so we can they can use our product to increase their services revenue and um and build their business model you know around around our services what's interesting about the pen test thing is that it's very expensive and time consuming the people who do them are very talented people that could be working on really bigger things in the in absolutely customers so bringing this into the channel allows them if you look at the price Delta between a pen test and then what you guys are offering I mean that's a huge margin Gap between street price of say today's pen test and what you guys offer when you show people that they follow do they say too good to be true I mean what are some of the things that people say when you kind of show them that are they like scratch their head like come on what's the what's the catch here right so the cost savings is a huge is huge for us um and then also you know like I said working as a force multiplier with a pen testing company that offers the services and so they can they can do their their annual manual pen tests that may be required around compliance regulations and then we can we can act as the continuous verification of their security um um you know that that they can run um weekly and so it's just um you know it's just an addition to to what they're offering already and an expansion so Jennifer thanks for coming on thecube really appreciate you uh coming on sharing the insights on the channel uh what's next what can we expect from the channel group what are you thinking what's going on right so we're really looking to expand our our Channel um footprint and um very strategically uh we've got um we've got some big plans um for for Horizon 3.ai awesome well thanks for coming on really appreciate it you're watching thecube the leader in high tech Enterprise coverage [Music] [Music] hello and welcome to the Cube's special presentation with Horizon 3.ai with Raina Richter vice president of emea Europe Middle East and Africa and Asia Pacific APAC for Horizon 3 today welcome to this special Cube presentation thanks for joining us thank you for the invitation so Horizon 3 a guy driving Global expansion big international news with a partner first approach you guys are expanding internationally let's get into it you guys are driving this new expanse partner program to new heights tell us about it what are you seeing in the momentum why the expansion what's all the news about well I would say uh yeah in in international we have I would say a similar similar situation like in the US um there is a global shortage of well-educated penetration testers on the one hand side on the other side um we have a raising demand of uh network and infrastructure security and with our approach of an uh autonomous penetration testing I I believe we are totally on top of the game um especially as we have also now uh starting with an international instance that means for example if a customer in Europe is using uh our service node zero he will be connected to a node zero instance which is located inside the European Union and therefore he has doesn't have to worry about the conflict between the European the gdpr regulations versus the US Cloud act and I would say there we have a total good package for our partners that they can provide differentiators to their customers you know we've had great conversations here on thecube with the CEO and the founder of the company around the leverage of the cloud and how successful that's been for the company and honestly I can just Connect the Dots here but I'd like you to weigh in more on how that translates into the go to market here because you got great Cloud scale with with the security product you guys are having success with great leverage there I've seen a lot of success there what's the momentum on the channel partner program internationally why is it so important to you is it just the regional segmentation is it the economics why the momentum well there are it's there are multiple issues first of all there is a raising demand in penetration testing um and don't forget that uh in international we have a much higher level in number a number or percentage in SMB and mid-market customers so these customers typically most of them even didn't have a pen test done once a year so for them pen testing was just too expensive now with our offering together with our partners we can provide different uh ways how customers could get an autonomous pen testing done more than once a year with even lower costs than they had with with a traditional manual paint test so and that is because we have our uh Consulting plus package which is for typically pain testers they can go out and can do a much faster much quicker and their pain test at many customers once in after each other so they can do more pain tests on a lower more attractive price on the other side there are others what even the same ones who are providing um node zero as an mssp service so they can go after s p customers saying okay well you only have a couple of hundred uh IP addresses no worries we have the perfect package for you and then you have let's say the mid Market let's say the thousands and more employees then they might even have an annual subscription very traditional but for all of them it's all the same the customer or the service provider doesn't need a piece of Hardware they only need to install a small piece of a Docker container and that's it and that makes it so so smooth to go in and say okay Mr customer we just put in this this virtual attacker into your network and that's it and and all the rest is done and within within three clicks they are they can act like a pen tester with 20 years of experience and that's going to be very Channel friendly and partner friendly I can almost imagine so I have to ask you and thank you for calling the break calling out that breakdown and and segmentation that was good that was very helpful for me to understand but I want to follow up if you don't mind um what type of partners are you seeing the most traction with and why well I would say at the beginning typically you have the the innovators the early adapters typically Boutique size of Partners they start because they they are always looking for Innovation and those are the ones you they start in the beginning so we have a wide range of Partners having mostly even um managed by the owner of the company so uh they immediately understand okay there is the value and they can change their offering they're changing their offering in terms of penetration testing because they can do more pen tests and they can then add other ones or we have those ones who offer 10 tests services but they did not have their own pen testers so they had to go out on the open market and Source paint testing experts um to get the pen test at a particular customer done and now with node zero they're totally independent they can't go out and say okay Mr customer here's the here's the service that's it we turn it on and within an hour you're up and running totally yeah and those pen tests are usually expensive and hard to do now it's right in line with the sales delivery pretty interesting for a partner absolutely but on the other hand side we are not killing the pain testers business we do something we're providing with no tiers I would call something like the foundation work the foundational work of having an an ongoing penetration testing of the infrastructure the operating system and the pen testers by themselves they can concentrate in the future on things like application pen testing for example so those Services which we we're not touching so we're not killing the paint tester Market we're just taking away the ongoing um let's say foundation work call it that way yeah yeah that was one of my questions I was going to ask is there's a lot of interest in this autonomous pen testing one because it's expensive to do because those skills are required are in need and they're expensive so you kind of cover the entry level and the blockers that are in there I've seen people say to me this pen test becomes a blocker for getting things done so there's been a lot of interest in the autonomous pen testing and for organizations to have that posture and it's an overseas issue too because now you have that that ongoing thing so can you explain that particular benefit for an organization to have that continuously verifying an organization's posture yep certainly so I would say um typically you are you you have to do your patches you have to bring in new versions of operating systems of different Services of uh um operating systems of some components and and they are always bringing new vulnerabilities the difference here is that with node zero we are telling the customer or the partner package we're telling them which are the executable vulnerabilities because previously they might have had um a vulnerability scanner so this vulnerability scanner brought up hundreds or even thousands of cves but didn't say anything about which of them are vulnerable really executable and then you need an expert digging in one cve after the other finding out is it is it really executable yes or no and that is where you need highly paid experts which we have a shortage so with notes here now we can say okay we tell you exactly which ones are the ones you should work on because those are the ones which are executable we rank them accordingly to the risk level how easily they can be used and by a sudden and then the good thing is convert it or indifference to the traditional penetration test they don't have to wait for a year for the next pain test to find out if the fixing was effective they weren't just the next scan and say Yes closed vulnerability is gone the time is really valuable and if you're doing any devops Cloud native you're always pushing new things so pen test ongoing pen testing is actually a benefit just in general as a kind of hygiene so really really interesting solution really bring that global scale is going to be a new new coverage area for us for sure I have to ask you if you don't mind answering what particular region are you focused on or plan to Target for this next phase of growth well at this moment we are concentrating on the countries inside the European Union Plus the United Kingdom um but we are and they are of course logically I'm based into Frankfurt area that means we cover more or less the countries just around so it's like the total dark region Germany Switzerland Austria plus the Netherlands but we also already have Partners in the nordics like in Finland or in Sweden um so it's it's it it's rapidly we have Partners already in the UK and it's rapidly growing so I'm for example we are now starting with some activities in Singapore um um and also in the in the Middle East area um very important we uh depending on let's say the the way how to do business currently we try to concentrate on those countries where we can have um let's say um at least English as an accepted business language great is there any particular region you're having the most success with right now is it sounds like European Union's um kind of first wave what's them yes that's the first definitely that's the first wave and now we're also getting the uh the European instance up and running it's clearly our commitment also to the market saying okay we know there are certain dedicated uh requirements and we take care of this and and we're just launching it we're building up this one uh the instance um in the AWS uh service center here in Frankfurt also with some dedicated Hardware internet in a data center in Frankfurt where we have with the date six by the way uh the highest internet interconnection bandwidth on the planet so we have very short latency to wherever you are on on the globe that's a great that's a great call outfit benefit too I was going to ask that what are some of the benefits your partners are seeing in emea and Asia Pacific well I would say um the the benefits is for them it's clearly they can they can uh talk with customers and can offer customers penetration testing which they before and even didn't think about because it penetrates penetration testing in a traditional way was simply too expensive for them too complex the preparation time was too long um they didn't have even have the capacity uh to um to support a pain an external pain tester now with this service you can go in and say even if they Mr customer we can do a test with you in a couple of minutes within we have installed the docker container within 10 minutes we have the pen test started that's it and then we just wait and and I would say that is we'll we are we are seeing so many aha moments then now because on the partner side when they see node zero the first time working it's like this wow that is great and then they work out to customers and and show it to their typically at the beginning mostly the friendly customers like wow that's great I need that and and I would say um the feedback from the partners is that is a service where I do not have to evangelize the customer everybody understands penetration testing I don't have to say describe what it is they understand the customer understanding immediately yes penetration testing good about that I know I should do it but uh too complex too expensive now with the name is for example as an mssp service provided from one of our partners but it's getting easy yeah it's great and it's great great benefit there I mean I gotta say I'm a huge fan of what you guys are doing I like this continuous automation that's a major benefit to anyone doing devops or any kind of modern application development this is just a godsend for them this is really good and like you said the pen testers that are doing it they were kind of coming down from their expertise to kind of do things that should have been automated they get to focus on the bigger ticket items that's a really big point so we free them we free the pain testers for the higher level elements of the penetration testing segment and that is typically the application testing which is currently far away from being automated yeah and that's where the most critical workloads are and I think this is the nice balance congratulations on the international expansion of the program and thanks for coming on this special presentation really I really appreciate it thank you you're welcome okay this is thecube special presentation you know check out pen test automation International expansion Horizon 3 dot AI uh really Innovative solution in our next segment Chris Hill sector head for strategic accounts will discuss the power of Horizon 3.ai and Splunk in action you're watching the cube the leader in high tech Enterprise coverage foreign [Music] [Music] welcome back everyone to the cube and Horizon 3.ai special presentation I'm John Furrier host of thecube we're with Chris Hill sector head for strategic accounts and federal at Horizon 3.ai a great Innovative company Chris great to see you thanks for coming on thecube yeah like I said uh you know great to meet you John long time listener first time caller so excited to be here with you guys yeah we were talking before camera you had Splunk back in 2013 and I think 2012 was our first splunk.com and boy man you know talk about being in the right place at the right time now we're at another inflection point and Splunk continues to be relevant um and continuing to have that data driving Security in that interplay and your CEO former CTO of his plug as well at Horizon who's been on before really Innovative product you guys have but you know yeah don't wait for a breach to find out if you're logging the right data this is the topic of this thread Splunk is very much part of this new international expansion announcement uh with you guys tell us what are some of the challenges that you see where this is relevant for the Splunk and Horizon AI as you guys expand uh node zero out internationally yeah well so across so you know my role uh within Splunk it was uh working with our most strategic accounts and so I looked back to 2013 and I think about the sales process like working with with our small customers you know it was um it was still very siled back then like I was selling to an I.T team that was either using this for it operations um we generally would always even say yeah although we do security we weren't really designed for it we're a log management tool and we I'm sure you remember back then John we were like sort of stepping into the security space and and the public sector domain that I was in you know security was 70 of what we did when I look back to sort of uh the transformation that I was witnessing in that digital transformation um you know when I look at like 2019 to today you look at how uh the IT team and the security teams are being have been forced to break down those barriers that they used to sort of be silent away would not commute communicate one you know the security guys would be like oh this is my box I.T you're not allowed in today you can't get away with that and I think that the value that we bring to you know and of course Splunk has been a huge leader in that space and continues to do Innovation across the board but I think what we've we're seeing in the space and I was talking with Patrick Coughlin the SVP of uh security markets about this is that you know what we've been able to do with Splunk is build a purpose-built solution that allows Splunk to eat more data so Splunk itself is ulk know it's an ingest engine right the great reason people bought it was you could build these really fast dashboards and grab intelligence out of it but without data it doesn't do anything right so how do you drive and how do you bring more data in and most importantly from a customer perspective how do you bring the right data in and so if you think about what node zero and what we're doing in a horizon 3 is that sure we do pen testing but because we're an autonomous pen testing tool we do it continuously so this whole thought I'd be like oh crud like my customers oh yeah we got a pen test coming up it's gonna be six weeks the week oh yeah you know and everyone's gonna sit on their hands call me back in two months Chris we'll talk to you then right not not a real efficient way to test your environment and shoot we saw that with Uber this week right um you know and that's a case where we could have helped oh just right we could explain the Uber thing because it was a contractor just give a quick highlight of what happened so you can connect the doctor yeah no problem so um it was uh I got I think it was yeah one of those uh you know games where they would try and test an environment um and with the uh pen tester did was he kept on calling them MFA guys being like I need to reset my password we need to set my right password and eventually the um the customer service guy said okay I'm resetting it once he had reset and bypassed the multi-factor authentication he then was able to get in and get access to the building area that he was in or I think not the domain but he was able to gain access to a partial part of that Network he then paralleled over to what I would assume is like a VA VMware or some virtual machine that had notes that had all of the credentials for logging into various domains and So within minutes they had access and that's the sort of stuff that we do you know a lot of these tools like um you know you think about the cacophony of tools that are out there in a GTA architect architecture right I'm gonna get like a z-scale or I'm going to have uh octum and I have a Splunk I've been into the solar system I mean I don't mean to name names we have crowdstriker or Sentinel one in there it's just it's a cacophony of things that don't work together they weren't designed work together and so we have seen so many times in our business through our customer support and just working with customers when we do their pen tests that there will be 5 000 servers out there three are misconfigured those three misconfigurations will create the open door because remember the hacker only needs to be right once the defender needs to be right all the time and that's the challenge and so that's what I'm really passionate about what we're doing uh here at Horizon three I see this my digital transformation migration and security going on which uh we're at the tip of the spear it's why I joined sey Hall coming on this journey uh and just super excited about where the path's going and super excited about the relationship with Splunk I get into more details on some of the specifics of that but um you know well you're nailing I mean we've been doing a lot of things on super cloud and this next gen environment we're calling it next gen you're really seeing devops obviously devsecops has already won the it role has moved to the developer shift left is an indicator of that it's one of the many examples higher velocity code software supply chain you hear these things that means that it is now in the developer hands it is replaced by the new Ops data Ops teams and security where there's a lot of horizontal thinking to your point about access there's no more perimeter huge 100 right is really right on things one time you know to get in there once you're in then you can hang out move around move laterally big problem okay so we get that now the challenges for these teams as they are transitioning organizationally how do they figure out what to do okay this is the next step they already have Splunk so now they're kind of in transition while protecting for a hundred percent ratio of success so how would you look at that and describe the challenge is what do they do what is it what are the teams facing with their data and what's next what are they what are they what action do they take so let's use some vernacular that folks will know so if I think about devsecops right we both know what that means that I'm going to build security into the app it normally talks about sec devops right how am I building security around the perimeter of what's going inside my ecosystem and what are they doing and so if you think about what we're able to do with somebody like Splunk is we can pen test the entire environment from Soup To Nuts right so I'm going to test the end points through to its I'm going to look for misconfigurations I'm going to I'm going to look for um uh credential exposed credentials you know I'm going to look for anything I can in the environment again I'm going to do it at light speed and and what what we're doing for that SEC devops space is to you know did you detect that we were in your environment so did we alert Splunk or the Sim that there's someone in the environment laterally moving around did they more importantly did they log us into their environment and when do they detect that log to trigger that log did they alert on us and then finally most importantly for every CSO out there is going to be did they stop us and so that's how we we do this and I think you when speaking with um stay Hall before you know we've come up with this um boils but we call it fine fix verifying so what we do is we go in is we act as the attacker right we act in a production environment so we're not going to be we're a passive attacker but we will go in on credentialed on agents but we have to assume to have an assumed breach model which means we're going to put a Docker container in your environment and then we're going to fingerprint the environment so we're going to go out and do an asset survey now that's something that's not something that Splunk does super well you know so can Splunk see all the assets do the same assets marry up we're going to log all that data and think and then put load that into this long Sim or the smoke logging tools just to have it in Enterprise right that's an immediate future ad that they've got um and then we've got the fix so once we've completed our pen test um we are then going to generate a report and we can talk about these in a little bit later but the reports will show an executive summary the assets that we found which would be your asset Discovery aspect of that a fix report and the fixed report I think is probably the most important one it will go down and identify what we did how we did it and then how to fix that and then from that the pen tester or the organization should fix those then they go back and run another test and then they validate like a change detection environment to see hey did those fixes taste play take place and you know snehaw when he was the CTO of jsoc he shared with me a number of times about it's like man there would be 15 more items on next week's punch sheet that we didn't know about and it's and it has to do with how we you know how they were uh prioritizing the cves and whatnot because they would take all CBDs it was critical or non-critical and it's like we are able to create context in that environment that feeds better information into Splunk and whatnot that brings that brings up the efficiency for Splunk specifically the teams out there by the way the burnout thing is real I mean this whole I just finished my list and I got 15 more or whatever the list just can keeps growing how did node zero specifically help Splunk teams be more efficient like that's the question I want to get at because this seems like a very scale way for Splunk customers and teams service teams to be more so the question is how does node zero help make Splunk specifically their service teams be more efficient so so today in our early interactions we're building customers we've seen are five things um and I'll start with sort of identifying the blind spots right so kind of what I just talked about with you did we detect did we log did we alert did they stop node zero right and so I would I put that you know a more Layman's third grade term and if I was going to beat a fifth grader at this game would be we can be the sparring partner for a Splunk Enterprise customer a Splunk Essentials customer someone using Splunk soar or even just an Enterprise Splunk customer that may be a small shop with three people and just wants to know where am I exposed so by creating and generating these reports and then having um the API that actually generates the dashboard they can take all of these events that we've logged and log them in and then where that then comes in is number two is how do we prioritize those logs right so how do we create visibility to logs that that um are have critical impacts and again as I mentioned earlier not all cves are high impact regard and also not all or low right so if you daisy chain a bunch of low cves together boom I've got a mission critical AP uh CPE that needs to be fixed now such as a credential moving to an NT box that's got a text file with a bunch of passwords on it that would be very bad um and then third would be uh verifying that you have all of the hosts so one of the things that splunk's not particularly great at and they'll literate themselves they don't do asset Discovery so dude what assets do we see and what are they logging from that um and then for from um for every event that they are able to identify one of the cool things that we can do is actually create this low code no code environment so they could let you know Splunk customers can use Splunk sword to actually triage events and prioritize that event so where they're being routed within it to optimize the Sox team time to Market or time to triage any given event obviously reducing MTR and then finally I think one of the neatest things that we'll be seeing us develop is um our ability to build glass cables so behind me you'll see one of our triage events and how we build uh a Lockheed Martin kill chain on that with a glass table which is very familiar to the community we're going to have the ability and not too distant future to allow people to search observe on those iocs and if people aren't familiar with it ioc it's an instant of a compromise so that's a vector that we want to drill into and of course who's better at Drilling in the data and smoke yeah this is a critter this is an awesome Synergy there I mean I can see a Splunk customer going man this just gives me so much more capability action actionability and also real understanding and I think this is what I want to dig into if you don't mind understanding that critical impact okay is kind of where I see this coming got the data data ingest now data's data but the question is what not to log you know where are things misconfigured these are critical questions so can you talk about what it means to understand critical impact yeah so I think you know going back to the things that I just spoke about a lot of those cves where you'll see um uh low low low and then you daisy chain together and they're suddenly like oh this is high now but then your other impact of like if you're if you're a Splunk customer you know and I had it I had several of them I had one customer that you know terabytes of McAfee data being brought in and it was like all right there's a lot of other data that you probably also want to bring but they could only afford wanted to do certain data sets because that's and they didn't know how to prioritize or filter those data sets and so we provide that opportunity to say hey these are the critical ones to bring in but there's also the ones that you don't necessarily need to bring in because low cve in this case really does mean low cve like an ILO server would be one that um that's the print server uh where the uh your admin credentials are on on like a printer and so there will be credentials on that that's something that a hacker might go in to look at so although the cve on it is low is if you daisy chain with somebody that's able to get into that you might say Ah that's high and we would then potentially rank it giving our AI logic to say that's a moderate so put it on the scale and we prioritize those versus uh of all of these scanners just going to give you a bunch of CDs and good luck and translating that if I if I can and tell me if I'm wrong that kind of speaks to that whole lateral movement that's it challenge right print serve a great example looks stupid low end who's going to want to deal with the print server oh but it's connected into a critical system there's a path is that kind of what you're getting at yeah I use Daisy Chain I think that's from the community they came from uh but it's just a lateral movement it's exactly what they're doing in those low level low critical lateral movements is where the hackers are getting in right so that's the beauty thing about the uh the Uber example is that who would have thought you know I've got my monthly Factor authentication going in a human made a mistake we can't we can't not expect humans to make mistakes we're fallible right the reality is is once they were in the environment they could have protected themselves by running enough pen tests to know that they had certain uh exposed credentials that would have stopped the breach and they did not had not done that in their environment and I'm not poking yeah but it's an interesting Trend though I mean it's obvious if sometimes those low end items are also not protected well so it's easy to get at from a hacker standpoint but also the people in charge of them can be fished easily or spearfished because they're not paying attention because they don't have to no one ever told them hey be careful yeah for the community that I came from John that's exactly how they they would uh meet you at a uh an International Event um introduce themselves as a graduate student these are National actor States uh would you mind reviewing my thesis on such and such and I was at Adobe at the time that I was working on this instead of having to get the PDF they opened the PDF and whoever that customer was launches and I don't know if you remember back in like 2008 time frame there was a lot of issues around IP being by a nation state being stolen from the United States and that's exactly how they did it and John that's or LinkedIn hey I want to get a joke we want to hire you double the salary oh I'm gonna click on that for sure you know yeah right exactly yeah the one thing I would say to you is like uh when we look at like sort of you know because I think we did 10 000 pen tests last year is it's probably over that now you know we have these sort of top 10 ways that we think and find people coming into the environment the funniest thing is that only one of them is a cve related vulnerability like uh you know you guys know what they are right so it's it but it's it's like two percent of the attacks are occurring through the cves but yeah there's all that attention spent to that and very little attention spent to this pen testing side which is sort of this continuous threat you know monitoring space and and this vulnerability space where I think we play a such an important role and I'm so excited to be a part of the tip of the spear on this one yeah I'm old enough to know the movie sneakers which I loved as a you know watching that movie you know professional hackers are testing testing always testing the environment I love this I got to ask you as we kind of wrap up here Chris if you don't mind the the benefits to Professional Services from this Alliance big news Splunk and you guys work well together we see that clearly what are what other benefits do Professional Services teams see from the Splunk and Horizon 3.ai Alliance so if you're I think for from our our from both of our uh Partners uh as we bring these guys together and many of them already are the same partner right uh is that uh first off the licensing model is probably one of the key areas that we really excel at so if you're an end user you can buy uh for the Enterprise by the number of IP addresses you're using um but uh if you're a partner working with this there's solution ways that you can go in and we'll license as to msps and what that business model on msps looks like but the unique thing that we do here is this C plus license and so the Consulting plus license allows like a uh somebody a small to mid-sized to some very large uh you know Fortune 100 uh consulting firms use this uh by buying into a license called um Consulting plus where they can have unlimited uh access to as many IPS as they want but you can only run one test at a time and as you can imagine when we're going and hacking passwords and um checking hashes and decrypting hashes that can take a while so but for the right customer it's it's a perfect tool and so I I'm so excited about our ability to go to market with uh our partners so that we understand ourselves understand how not to just sell to or not tell just to sell through but we know how to sell with them as a good vendor partner I think that that's one thing that we've done a really good job building bring it into the market yeah I think also the Splunk has had great success how they've enabled uh partners and Professional Services absolutely you know the services that layer on top of Splunk are multi-fold tons of great benefits so you guys Vector right into that ride that way with friction and and the cool thing is that in you know in one of our reports which could be totally customized uh with someone else's logo we're going to generate you know so I I used to work in another organization it wasn't Splunk but we we did uh you know pen testing as for for customers and my pen testers would come on site they'd do the engagement and they would leave and then another release someone would be oh shoot we got another sector that was breached and they'd call you back you know four weeks later and so by August our entire pen testings teams would be sold out and it would be like well even in March maybe and they're like no no I gotta breach now and and and then when they do go in they go through do the pen test and they hand over a PDF and they pack on the back and say there's where your problems are you need to fix it and the reality is that what we're going to generate completely autonomously with no human interaction is we're going to go and find all the permutations of anything we found and the fix for those permutations and then once you've fixed everything you just go back and run another pen test it's you know for what people pay for one pen test they can have a tool that does that every every Pat patch on Tuesday and that's on Wednesday you know triage throughout the week green yellow red I wanted to see the colors show me green green is good right not red and one CIO doesn't want who doesn't want that dashboard right it's it's exactly it and we can help bring I think that you know I'm really excited about helping drive this with the Splunk team because they get that they understand that it's the green yellow red dashboard and and how do we help them find more green uh so that the other guys are in red yeah and get in the data and do the right thing and be efficient with how you use the data know what to look at so many things to pay attention to you know the combination of both and then go to market strategy real brilliant congratulations Chris thanks for coming on and sharing um this news with the detail around the Splunk in action around the alliance thanks for sharing John my pleasure thanks look forward to seeing you soon all right great we'll follow up and do another segment on devops and I.T and security teams as the new new Ops but and super cloud a bunch of other stuff so thanks for coming on and our next segment the CEO of horizon 3.aa will break down all the new news for us here on thecube you're watching thecube the leader in high tech Enterprise coverage [Music] yeah the partner program for us has been fantastic you know I think prior to that you know as most organizations most uh uh most Farmers most mssps might not necessarily have a a bench at all for penetration testing uh maybe they subcontract this work out or maybe they do it themselves but trying to staff that kind of position can be incredibly difficult for us this was a differentiator a a new a new partner a new partnership that allowed us to uh not only perform services for our customers but be able to provide a product by which that they can do it themselves so we work with our customers in a variety of ways some of them want more routine testing and perform this themselves but we're also a certified service provider of horizon 3 being able to perform uh penetration tests uh help review the the data provide color provide analysis for our customers in a broader sense right not necessarily the the black and white elements of you know what was uh what's critical what's high what's medium what's low what you need to fix but are there systemic issues this has allowed us to onboard new customers this has allowed us to migrate some penetration testing services to us from from competitors in the marketplace But ultimately this is occurring because the the product and the outcome are special they're unique and they're effective our customers like what they're seeing they like the routineness of it many of them you know again like doing this themselves you know being able to kind of pen test themselves parts of their networks um and the the new use cases right I'm a large organization I have eight to ten Acquisitions per year wouldn't it be great to have a tool to be able to perform a penetration test both internal and external of that acquisition before we integrate the two companies and maybe bringing on some risk it's a very effective partnership uh one that really is uh kind of taken our our Engineers our account Executives by storm um you know this this is a a partnership that's been very valuable to us [Music] a key part of the value and business model at Horizon 3 is enabling Partners to leverage node zero to make more revenue for themselves our goal is that for sixty percent of our Revenue this year will be originated by partners and that 95 of our Revenue next year will be originated by partners and so a key to that strategy is making us an integral part of your business models as a partner a key quote from one of our partners is that we enable every one of their business units to generate Revenue so let's talk about that in a little bit more detail first is that if you have a pen test Consulting business take Deloitte as an example what was six weeks of human labor at Deloitte per pen test has been cut down to four days of Labor using node zero to conduct reconnaissance find all the juicy interesting areas of the of the Enterprise that are exploitable and being able to go assess the entire organization and then all of those details get served up to the human to be able to look at understand and determine where to probe deeper so what you see in that pen test Consulting business is that node zero becomes a force multiplier where those Consulting teams were able to cover way more accounts and way more IPS within those accounts with the same or fewer consultants and so that directly leads to profit margin expansion for the Penn testing business itself because node 0 is a force multiplier the second business model here is if you're an mssp as an mssp you're already making money providing defensive cyber security operations for a large volume of customers and so what they do is they'll license node zero and use us as an upsell to their mssb business to start to deliver either continuous red teaming continuous verification or purple teaming as a service and so in that particular business model they've got an additional line of Revenue where they can increase the spend of their existing customers by bolting on node 0 as a purple team as a service offering the third business model or customer type is if you're an I.T services provider so as an I.T services provider you make money installing and configuring security products like Splunk or crowdstrike or hemio you also make money reselling those products and you also make money generating follow-on services to continue to harden your customer environments and so for them what what those it service providers will do is use us to verify that they've installed Splunk correctly improved to their customer that Splunk was installed correctly or crowdstrike was installed correctly using our results and then use our results to drive follow-on services and revenue and then finally we've got the value-added reseller which is just a straight up reseller because of how fast our sales Cycles are these vars are able to typically go from cold email to deal close in six to eight weeks at Horizon 3 at least a single sales engineer is able to run 30 to 50 pocs concurrently because our pocs are very lightweight and don't require any on-prem customization or heavy pre-sales post sales activity so as a result we're able to have a few amount of sellers driving a lot of Revenue and volume for us well the same thing applies to bars there isn't a lot of effort to sell the product or prove its value so vars are able to sell a lot more Horizon 3 node zero product without having to build up a huge specialist sales organization so what I'm going to do is talk through uh scenario three here as an I.T service provider and just how powerful node zero can be in driving additional Revenue so in here think of for every one dollar of node zero license purchased by the IT service provider to do their business it'll generate ten dollars of additional revenue for that partner so in this example kidney group uses node 0 to verify that they have installed and deployed Splunk correctly so Kitty group is a Splunk partner they they sell it services to install configure deploy and maintain Splunk and as they deploy Splunk they're going to use node 0 to attack the environment and make sure that the right logs and alerts and monitoring are being handled within the Splunk deployment so it's a way of doing QA or verifying that Splunk has been configured correctly and that's going to be internally used by kidney group to prove the quality of their services that they've just delivered then what they're going to do is they're going to show and leave behind that node zero Report with their client and that creates a resell opportunity for for kidney group to resell node 0 to their client because their client is seeing the reports and the results and saying wow this is pretty amazing and those reports can be co-branded where it's a pen testing report branded with kidney group but it says powered by Horizon three under it from there kidney group is able to take the fixed actions report that's automatically generated with every pen test through node zero and they're able to use that as the starting point for a statement of work to sell follow-on services to fix all of the problems that node zero identified fixing l11r misconfigurations fixing or patching VMware or updating credentials policies and so on so what happens is node 0 has found a bunch of problems the client often lacks the capacity to fix and so kidney group can use that lack of capacity by the client as a follow-on sales opportunity for follow-on services and finally based on the findings from node zero kidney group can look at that report and say to the customer you know customer if you bought crowdstrike you'd be able to uh prevent node Zero from attacking and succeeding in the way that it did for if you bought humano or if you bought Palo Alto networks or if you bought uh some privileged access management solution because of what node 0 was able to do with credential harvesting and attacks and so as a result kidney group is able to resell other security products within their portfolio crowdstrike Falcon humano Polito networks demisto Phantom and so on based on the gaps that were identified by node zero and that pen test and what that creates is another feedback loop where kidney group will then go use node 0 to verify that crowdstrike product has actually been installed and configured correctly and then this becomes the cycle of using node 0 to verify a deployment using that verification to drive a bunch of follow-on services and resell opportunities which then further drives more usage of the product now the way that we licensed is that it's a usage-based license licensing model so that the partner will grow their node zero Consulting plus license as they grow their business so for example if you're a kidney group then week one you've got you're going to use node zero to verify your Splunk install in week two if you have a pen testing business you're going to go off and use node zero to be a force multiplier for your pen testing uh client opportunity and then if you have an mssp business then in week three you're going to use node zero to go execute a purple team mssp offering for your clients so not necessarily a kidney group but if you're a Deloitte or ATT these larger companies and you've got multiple lines of business if you're Optive for instance you all you have to do is buy one Consulting plus license and you're going to be able to run as many pen tests as you want sequentially so now you can buy a single license and use that one license to meet your week one client commitments and then meet your week two and then meet your week three and as you grow your business you start to run multiple pen tests concurrently so in week one you've got to do a Splunk verify uh verify Splunk install and you've got to run a pen test and you've got to do a purple team opportunity you just simply expand the number of Consulting plus licenses from one license to three licenses and so now as you systematically grow your business you're able to grow your node zero capacity with you giving you predictable cogs predictable margins and once again 10x additional Revenue opportunity for that investment in the node zero Consulting plus license my name is Saint I'm the co-founder and CEO here at Horizon 3. I'm going to talk to you today about why it's important to look at your Enterprise Through The Eyes of an attacker the challenge I had when I was a CIO in banking the CTO at Splunk and serving within the Department of Defense is that I had no idea I was Secure until the bad guys had showed up am I logging the right data am I fixing the right vulnerabilities are my security tools that I've paid millions of dollars for actually working together to defend me and the answer is I don't know does my team actually know how to respond to a breach in the middle of an incident I don't know I've got to wait for the bad guys to show up and so the challenge I had was how do we proactively verify our security posture I tried a variety of techniques the first was the use of vulnerability scanners and the challenge with vulnerability scanners is being vulnerable doesn't mean you're exploitable I might have a hundred thousand findings from my scanner of which maybe five or ten can actually be exploited in my environment the other big problem with scanners is that they can't chain weaknesses together from machine to machine so if you've got a thousand machines in your environment or more what a vulnerability scanner will do is tell you you have a problem on machine one and separately a problem on machine two but what they can tell you is that an attacker could use a load from machine one plus a low from machine two to equal to critical in your environment and what attackers do in their tactics is they chain together misconfigurations dangerous product defaults harvested credentials and exploitable vulnerabilities into attack paths across different machines so to address the attack pads across different machines I tried layering in consulting-based pen testing and the issue is when you've got thousands of hosts or hundreds of thousands of hosts in your environment human-based pen testing simply doesn't scale to test an infrastructure of that size moreover when they actually do execute a pen test and you get the report oftentimes you lack the expertise within your team to quickly retest to verify that you've actually fixed the problem and so what happens is you end up with these pen test reports that are incomplete snapshots and quickly going stale and then to mitigate that problem I tried using breach and attack simulation tools and the struggle with these tools is one I had to install credentialed agents everywhere two I had to write my own custom attack scripts that I didn't have much talent for but also I had to maintain as my environment changed and then three these types of tools were not safe to run against production systems which was the the majority of my attack surface so that's why we went off to start Horizon 3. so Tony and I met when we were in Special Operations together and the challenge we wanted to solve was how do we do infrastructure security testing at scale by giving the the power of a 20-year pen testing veteran into the hands of an I.T admin a network engineer in just three clicks and the whole idea is we enable these fixers The Blue Team to be able to run node Zero Hour pen testing product to quickly find problems in their environment that blue team will then then go off and fix the issues that were found and then they can quickly rerun the attack to verify that they fixed the problem and the whole idea is delivering this without requiring custom scripts be developed without requiring credential agents be installed and without requiring the use of external third-party consulting services or Professional Services self-service pen testing to quickly Drive find fix verify there are three primary use cases that our customers use us for the first is the sock manager that uses us to verify that their security tools are actually effective to verify that they're logging the right data in Splunk or in their Sim to verify that their managed security services provider is able to quickly detect and respond to an attack and hold them accountable for their slas or that the sock understands how to quickly detect and respond and measuring and verifying that or that the variety of tools that you have in your stack most organizations have 130 plus cyber security tools none of which are designed to work together are actually working together the second primary use case is proactively hardening and verifying your systems this is when the I that it admin that network engineer they're able to run self-service pen tests to verify that their Cisco environment is installed in hardened and configured correctly or that their credential policies are set up right or that their vcenter or web sphere or kubernetes environments are actually designed to be secure and what this allows the it admins and network Engineers to do is shift from running one or two pen tests a year to 30 40 or more pen tests a month and you can actually wire those pen tests into your devops process or into your detection engineering and the change management processes to automatically trigger pen tests every time there's a change in your environment the third primary use case is for those organizations lucky enough to have their own internal red team they'll use node zero to do reconnaissance and exploitation at scale and then use the output as a starting point for the humans to step in and focus on the really hard juicy stuff that gets them on stage at Defcon and so these are the three primary use cases and what we'll do is zoom into the find fix verify Loop because what I've found in my experience is find fix verify is the future operating model for cyber security organizations and what I mean here is in the find using continuous pen testing what you want to enable is on-demand self-service pen tests you want those pen tests to find attack pads at scale spanning your on-prem infrastructure your Cloud infrastructure and your perimeter because attackers don't only state in one place they will find ways to chain together a perimeter breach a credential from your on-prem to gain access to your cloud or some other permutation and then the third part in continuous pen testing is attackers don't focus on critical vulnerabilities anymore they know we've built vulnerability Management Programs to reduce those vulnerabilities so attackers have adapted and what they do is chain together misconfigurations in your infrastructure and software and applications with dangerous product defaults with exploitable vulnerabilities and through the collection of credentials through a mix of techniques at scale once you've found those problems the next question is what do you do about it well you want to be able to prioritize fixing problems that are actually exploitable in your environment that truly matter meaning they're going to lead to domain compromise or domain user compromise or access your sensitive data the second thing you want to fix is making sure you understand what risk your crown jewels data is exposed to where is your crown jewels data is in the cloud is it on-prem has it been copied to a share drive that you weren't aware of if a domain user was compromised could they access that crown jewels data you want to be able to use the attacker's perspective to secure the critical data you have in your infrastructure and then finally as you fix these problems you want to quickly remediate and retest that you've actually fixed the issue and this fine fix verify cycle becomes that accelerator that drives purple team culture the third part here is verify and what you want to be able to do in the verify step is verify that your security tools and processes in people can effectively detect and respond to a breach you want to be able to integrate that into your detection engineering processes so that you know you're catching the right security rules or that you've deployed the right configurations you also want to make sure that your environment is adhering to the best practices around systems hardening in cyber resilience and finally you want to be able to prove your security posture over a time to your board to your leadership into your regulators so what I'll do now is zoom into each of these three steps so when we zoom in to find here's the first example using node 0 and autonomous pen testing and what an attacker will do is find a way to break through the perimeter in this example it's very easy to misconfigure kubernetes to allow an attacker to gain remote code execution into your on-prem kubernetes environment and break through the perimeter and from there what the attacker is going to do is conduct Network reconnaissance and then find ways to gain code execution on other machines in the environment and as they get code execution they start to dump credentials collect a bunch of ntlm hashes crack those hashes using open source and dark web available data as part of those attacks and then reuse those credentials to log in and laterally maneuver throughout the environment and then as they loudly maneuver they can reuse those credentials and use credential spraying techniques and so on to compromise your business email to log in as admin into your cloud and this is a very common attack and rarely is a CV actually needed to execute this attack often it's just a misconfiguration in kubernetes with a bad credential policy or password policy combined with bad practices of credential reuse across the organization here's another example of an internal pen test and this is from an actual customer they had 5 000 hosts within their environment they had EDR and uba tools installed and they initiated in an internal pen test on a single machine from that single initial access point node zero enumerated the network conducted reconnaissance and found five thousand hosts were accessible what node 0 will do under the covers is organize all of that reconnaissance data into a knowledge graph that we call the Cyber terrain map and that cyber Terrain map becomes the key data structure that we use to efficiently maneuver and attack and compromise your environment so what node zero will do is they'll try to find ways to get code execution reuse credentials and so on in this customer example they had Fortinet installed as their EDR but node 0 was still able to get code execution on a Windows machine from there it was able to successfully dump credentials including sensitive credentials from the lsas process on the Windows box and then reuse those credentials to log in as domain admin in the network and once an attacker becomes domain admin they have the keys to the kingdom they can do anything they want so what happened here well it turns out Fortinet was misconfigured on three out of 5000 machines bad automation the customer had no idea this had happened they would have had to wait for an attacker to show up to realize that it was misconfigured the second thing is well why didn't Fortinet stop the credential pivot in the lateral movement and it turned out the customer didn't buy the right modules or turn on the right services within that particular product and we see this not only with Ford in it but we see this with Trend Micro and all the other defensive tools where it's very easy to miss a checkbox in the configuration that will do things like prevent credential dumping the next story I'll tell you is attackers don't have to hack in they log in so another infrastructure pen test a typical technique attackers will take is man in the middle uh attacks that will collect hashes so in this case what an attacker will do is leverage a tool or technique called responder to collect ntlm hashes that are being passed around the network and there's a variety of reasons why these hashes are passed around and it's a pretty common misconfiguration but as an attacker collects those hashes then they start to apply techniques to crack those hashes so they'll pass the hash and from there they will use open source intelligence common password structures and patterns and other types of techniques to try to crack those hashes into clear text passwords so here node 0 automatically collected hashes it automatically passed the hashes to crack those credentials and then from there it starts to take the domain user user ID passwords that it's collected and tries to access different services and systems in your Enterprise in this case node 0 is able to successfully gain access to the Office 365 email environment because three employees didn't have MFA configured so now what happens is node 0 has a placement and access in the business email system which sets up the conditions for fraud lateral phishing and other techniques but what's especially insightful here is that 80 of the hashes that were collected in this pen test were cracked in 15 minutes or less 80 percent 26 of the user accounts had a password that followed a pretty obvious pattern first initial last initial and four random digits the other thing that was interesting is 10 percent of service accounts had their user ID the same as their password so VMware admin VMware admin web sphere admin web Square admin so on and so forth and so attackers don't have to hack in they just log in with credentials that they've collected the next story here is becoming WS AWS admin so in this example once again internal pen test node zero gets initial access it discovers 2 000 hosts are network reachable from that environment if fingerprints and organizes all of that data into a cyber Terrain map from there it it fingerprints that hpilo the integrated lights out service was running on a subset of hosts hpilo is a service that is often not instrumented or observed by security teams nor is it easy to patch as a result attackers know this and immediately go after those types of services so in this case that ILO service was exploitable and were able to get code execution on it ILO stores all the user IDs and passwords in clear text in a particular set of processes so once we gain code execution we were able to dump all of the credentials and then from there laterally maneuver to log in to the windows box next door as admin and then on that admin box we're able to gain access to the share drives and we found a credentials file saved on a share Drive from there it turned out that credentials file was the AWS admin credentials file giving us full admin authority to their AWS accounts not a single security alert was triggered in this attack because the customer wasn't observing the ILO service and every step thereafter was a valid login in the environment and so what do you do step one patch the server step two delete the credentials file from the share drive and then step three is get better instrumentation on privileged access users and login the final story I'll tell is a typical pattern that we see across the board with that combines the various techniques I've described together where an attacker is going to go off and use open source intelligence to find all of the employees that work at your company from there they're going to look up those employees on dark web breach databases and other forms of information and then use that as a starting point to password spray to compromise a domain user all it takes is one employee to reuse a breached password for their Corporate email or all it takes is a single employee to have a weak password that's easily guessable all it takes is one and once the attacker is able to gain domain user access in most shops domain user is also the local admin on their laptop and once your local admin you can dump Sam and get local admin until M hashes you can use that to reuse credentials again local admin on neighboring machines and attackers will start to rinse and repeat then eventually they're able to get to a point where they can dump lsas or by unhooking the anti-virus defeating the EDR or finding a misconfigured EDR as we've talked about earlier to compromise the domain and what's consistent is that the fundamentals are broken at these shops they have poor password policies they don't have least access privilege implemented active directory groups are too permissive where domain admin or domain user is also the local admin uh AV or EDR Solutions are misconfigured or easily unhooked and so on and what we found in 10 000 pen tests is that user Behavior analytics tools never caught us in that lateral movement in part because those tools require pristine logging data in order to work and also it becomes very difficult to find that Baseline of normal usage versus abnormal usage of credential login another interesting Insight is there were several Marquee brand name mssps that were defending our customers environment and for them it took seven hours to detect and respond to the pen test seven hours the pen test was over in less than two hours and so what you had was an egregious violation of the service level agreements that that mssp had in place and the customer was able to use us to get service credit and drive accountability of their sock and of their provider the third interesting thing is in one case it took us seven minutes to become domain admin in a bank that bank had every Gucci security tool you could buy yet in 7 minutes and 19 seconds node zero started as an unauthenticated member of the network and was able to escalate privileges through chaining and misconfigurations in lateral movement and so on to become domain admin if it's seven minutes today we should assume it'll be less than a minute a year or two from now making it very difficult for humans to be able to detect and respond to that type of Blitzkrieg attack so that's in the find it's not just about finding problems though the bulk of the effort should be what to do about it the fix and the verify so as you find those problems back to kubernetes as an example we will show you the path here is the kill chain we took to compromise that environment we'll show you the impact here is the impact or here's the the proof of exploitation that we were able to use to be able to compromise it and there's the actual command that we executed so you could copy and paste that command and compromise that cubelet yourself if you want and then the impact is we got code execution and we'll actually show you here is the impact this is a critical here's why it enabled perimeter breach affected applications will tell you the specific IPS where you've got the problem how it maps to the miter attack framework and then we'll tell you exactly how to fix it we'll also show you what this problem enabled so you can accurately prioritize why this is important or why it's not important the next part is accurate prioritization the hardest part of my job as a CIO was deciding what not to fix so if you take SMB signing not required as an example by default that CVSs score is a one out of 10. but this misconfiguration is not a cve it's a misconfig enable an attacker to gain access to 19 credentials including one domain admin two local admins and access to a ton of data because of that context this is really a 10 out of 10. you better fix this as soon as possible however of the seven occurrences that we found it's only a critical in three out of the seven and these are the three specific machines and we'll tell you the exact way to fix it and you better fix these as soon as possible for these four machines over here these didn't allow us to do anything of consequence so that because the hardest part is deciding what not to fix you can justifiably choose not to fix these four issues right now and just add them to your backlog and surge your team to fix these three as quickly as possible and then once you fix these three you don't have to re-run the entire pen test you can select these three and then one click verify and run a very narrowly scoped pen test that is only testing this specific issue and what that creates is a much faster cycle of finding and fixing problems the other part of fixing is verifying that you don't have sensitive data at risk so once we become a domain user we're able to use those domain user credentials and try to gain access to databases file shares S3 buckets git repos and so on and help you understand what sensitive data you have at risk so in this example a green checkbox means we logged in as a valid domain user we're able to get read write access on the database this is how many records we could have accessed and we don't actually look at the values in the database but we'll show you the schema so you can quickly characterize that pii data was at risk here and we'll do that for your file shares and other sources of data so now you can accurately articulate the data you have at risk and prioritize cleaning that data up especially data that will lead to a fine or a big news issue so that's the find that's the fix now we're going to talk about the verify the key part in verify is embracing and integrating with detection engineering practices so when you think about your layers of security tools you've got lots of tools in place on average 130 tools at any given customer but these tools were not designed to work together so when you run a pen test what you want to do is say did you detect us did you log us did you alert on us did you stop us and from there what you want to see is okay what are the techniques that are commonly used to defeat an environment to actually compromise if you look at the top 10 techniques we use and there's far more than just these 10 but these are the most often executed nine out of ten have nothing to do with cves it has to do with misconfigurations dangerous product defaults bad credential policies and it's how we chain those together to become a domain admin or compromise a host so what what customers will do is every single attacker command we executed is provided to you as an attackivity log so you can actually see every single attacker command we ran the time stamp it was executed the hosts it executed on and how it Maps the minor attack tactics so our customers will have are these attacker logs on one screen and then they'll go look into Splunk or exabeam or Sentinel one or crowdstrike and say did you detect us did you log us did you alert on us or not and to make that even easier if you take this example hey Splunk what logs did you see at this time on the VMware host because that's when node 0 is able to dump credentials and that allows you to identify and fix your logging blind spots to make that easier we've got app integration so this is an actual Splunk app in the Splunk App Store and what you can come is inside the Splunk console itself you can fire up the Horizon 3 node 0 app all of the pen test results are here so that you can see all of the results in one place and you don't have to jump out of the tool and what you'll show you as I skip forward is hey there's a pen test here are the critical issues that we've identified for that weaker default issue here are the exact commands we executed and then we will automatically query into Splunk all all terms on between these times on that endpoint that relate to this attack so you can now quickly within the Splunk environment itself figure out that you're missing logs or that you're appropriately catching this issue and that becomes incredibly important in that detection engineering cycle that I mentioned earlier so how do our customers end up using us they shift from running one pen test a year to 30 40 pen tests a month oftentimes wiring us into their deployment automation to automatically run pen tests the other part that they'll do is as they run more pen tests they find more issues but eventually they hit this inflection point where they're able to rapidly clean up their environment and that inflection point is because the red and the blue teams start working together in a purple team culture and now they're working together to proactively harden their environment the other thing our customers will do is run us from different perspectives they'll first start running an RFC 1918 scope to see once the attacker gained initial access in a part of the network that had wide access what could they do and then from there they'll run us within a specific Network segment okay from within that segment could the attacker break out and gain access to another segment then they'll run us from their work from home environment could they Traverse the VPN and do something damaging and once they're in could they Traverse the VPN and get into my cloud then they'll break in from the outside all of these perspectives are available to you in Horizon 3 and node zero as a single SKU and you can run as many pen tests as you want if you run a phishing campaign and find that an intern in the finance department had the worst phishing behavior you can then inject their credentials and actually show the end-to-end story of how an attacker fished gained credentials of an intern and use that to gain access to sensitive financial data so what our customers end up doing is running multiple attacks from multiple perspectives and looking at those results over time I'll leave you two things one is what is the AI in Horizon 3 AI those knowledge graphs are the heart and soul of everything that we do and we use machine learning reinforcement techniques reinforcement learning techniques Markov decision models and so on to be able to efficiently maneuver and analyze the paths in those really large graphs we also use context-based scoring to prioritize weaknesses and we're also able to drive collective intelligence across all of the operations so the more pen tests we run the smarter we get and all of that is based on our knowledge graph analytics infrastructure that we have finally I'll leave you with this was my decision criteria when I was a buyer for my security testing strategy what I cared about was coverage I wanted to be able to assess my on-prem cloud perimeter and work from home and be safe to run in production I want to be able to do that as often as I wanted I want to be able to run pen tests in hours or days not weeks or months so I could accelerate that fine fix verify loop I wanted my it admins and network Engineers with limited offensive experience to be able to run a pen test in a few clicks through a self-service experience and not have to install agent and not have to write custom scripts and finally I didn't want to get nickeled and dimed on having to buy different types of attack modules or different types of attacks I wanted a single annual subscription that allowed me to run any type of attack as often as I wanted so I could look at my Trends in directions over time so I hope you found this talk valuable uh we're easy to find and I look forward to seeing seeing you use a product and letting our results do the talking when you look at uh you know kind of the way no our pen testing algorithms work is we dynamically select uh how to compromise an environment based on what we've discovered and the goal is to become a domain admin compromise a host compromise domain users find ways to encrypt data steal sensitive data and so on but when you look at the the top 10 techniques that we ended up uh using to compromise environments the first nine have nothing to do with cves and that's the reality cves are yes a vector but less than two percent of cves are actually used in a compromise oftentimes it's some sort of credential collection credential cracking uh credential pivoting and using that to become an admin and then uh compromising environments from that point on so I'll leave this up for you to kind of read through and you'll have the slides available for you but I found it very insightful that organizations and ourselves when I was a GE included invested heavily in just standard vulnerability Management Programs when I was at DOD that's all disa cared about asking us about was our our kind of our cve posture but the attackers have adapted to not rely on cves to get in because they know that organizations are actively looking at and patching those cves and instead they're chaining together credentials from one place with misconfigurations and dangerous product defaults in another to take over an environment a concrete example is by default vcenter backups are not encrypted and so as if an attacker finds vcenter what they'll do is find the backup location and there are specific V sender MTD files where the admin credentials are parsippled in the binaries so you can actually as an attacker find the right MTD file parse out the binary and now you've got the admin credentials for the vcenter environment and now start to log in as admin there's a bad habit by signal officers and Signal practitioners in the in the Army and elsewhere where the the VM notes section of a virtual image has the password for the VM well those VM notes are not stored encrypted and attackers know this and they're able to go off and find the VMS that are unencrypted find the note section and pull out the passwords for those images and then reuse those credentials across the board so I'll pause here and uh you know Patrick love you get some some commentary on on these techniques and other things that you've seen and what we'll do in the last say 10 to 15 minutes is uh is rolled through a little bit more on what do you do about it yeah yeah no I love it I think um I think this is pretty exhaustive what I like about what you've done here is uh you know we've seen we've seen double-digit increases in the number of organizations that are reporting actual breaches year over year for the last um for the last three years and it's often we kind of in the Zeitgeist we pegged that on ransomware which of course is like incredibly important and very top of mind um but what I like about what you have here is you know we're reminding the audience that the the attack surface area the vectors the matter um you know has to be more comprehensive than just thinking about ransomware scenarios yeah right on um so let's build on this when you think about your defense in depth you've got multiple security controls that you've purchased and integrated and you've got that redundancy if a control fails but the reality is that these security tools aren't designed to work together so when you run a pen test what you want to ask yourself is did you detect node zero did you log node zero did you alert on node zero and did you stop node zero and when you think about how to do that every single attacker command executed by node zero is available in an attacker log so you can now see you know at the bottom here vcenter um exploit at that time on that IP how it aligns to minor attack what you want to be able to do is go figure out did your security tools catch this or not and that becomes very important in using the attacker's perspective to improve your defensive security controls and so the way we've tried to make this easier back to like my my my the you know I bleed Green in many ways still from my smoke background is you want to be able to and what our customers do is hey we'll look at the attacker logs on one screen and they'll look at what did Splunk see or Miss in another screen and then they'll use that to figure out what their logging blind spots are and what that where that becomes really interesting is we've actually built out an integration into Splunk where there's a Splunk app you can download off of Splunk base and you'll get all of the pen test results right there in the Splunk console and from that Splunk console you're gonna be able to see these are all the pen tests that were run these are the issues that were found um so you can look at that particular pen test here are all of the weaknesses that were identified for that particular pen test and how they categorize out for each of those weaknesses you can click on any one of them that are critical in this case and then we'll tell you for that weakness and this is where where the the punch line comes in so I'll pause the video here for that weakness these are the commands that were executed on these endpoints at this time and then we'll actually query Splunk for that um for that IP address or containing that IP and these are the source types that surface any sort of activity so what we try to do is help you as quickly and efficiently as possible identify the logging blind spots in your Splunk environment based on the attacker's perspective so as this video kind of plays through you can see it Patrick I'd love to get your thoughts um just seeing so many Splunk deployments and the effectiveness of those deployments and and how this is going to help really Elevate the effectiveness of all of your Splunk customers yeah I'm super excited about this I mean I think this these kinds of purpose-built integration snail really move the needle for our customers I mean at the end of the day when I think about the power of Splunk I think about a product I was first introduced to 12 years ago that was an on-prem piece of software you know and at the time it sold on sort of Perpetual and term licenses but one made it special was that it could it could it could eat data at a speed that nothing else that I'd have ever seen you can ingest massively scalable amounts of data uh did cool things like schema on read which facilitated that there was this language called SPL that you could nerd out about uh and you went to a conference once a year and you talked about all the cool things you were splunking right but now as we think about the next phase of our growth um we live in a heterogeneous environment where our customers have so many different tools and data sources that are ever expanding and as you look at the as you look at the role of the ciso it's mind-blowing to me the amount of sources Services apps that are coming into the ciso span of let's just call it a span of influence in the last three years uh you know we're seeing things like infrastructure service level visibility application performance monitoring stuff that just never made sense for the security team to have visibility into you um at least not at the size and scale which we're demanding today um and and that's different and this isn't this is why it's so important that we have these joint purpose-built Integrations that um really provide more prescription to our customers about how do they walk on that Journey towards maturity what does zero to one look like what does one to two look like whereas you know 10 years ago customers were happy with platforms today they want integration they want Solutions and they want to drive outcomes and I think this is a great example of how together we are stepping to the evolving nature of the market and also the ever-evolving nature of the threat landscape and what I would say is the maturing needs of the customer in that environment yeah for sure I think especially if if we all anticipate budget pressure over the next 18 months due to the economy and elsewhere while the security budgets are not going to ever I don't think they're going to get cut they're not going to grow as fast and there's a lot more pressure on organizations to extract more value from their existing Investments as well as extracting more value and more impact from their existing teams and so security Effectiveness Fierce prioritization and automation I think become the three key themes of security uh over the next 18 months so I'll do very quickly is run through a few other use cases um every host that we identified in the pen test were able to score and say this host allowed us to do something significant therefore it's it's really critical you should be increasing your logging here hey these hosts down here we couldn't really do anything as an attacker so if you do have to make trade-offs you can make some trade-offs of your logging resolution at the lower end in order to increase logging resolution on the upper end so you've got that level of of um justification for where to increase or or adjust your logging resolution another example is every host we've discovered as an attacker we Expose and you can export and we want to make sure is every host we found as an attacker is being ingested from a Splunk standpoint a big issue I had as a CIO and user of Splunk and other tools is I had no idea if there were Rogue Raspberry Pi's on the network or if a new box was installed and whether Splunk was installed on it or not so now you can quickly start to correlate what hosts did we see and how does that reconcile with what you're logging from uh finally or second to last use case here on the Splunk integration side is for every single problem we've found we give multiple options for how to fix it this becomes a great way to prioritize what fixed actions to automate in your soar platform and what we want to get to eventually is being able to automatically trigger soar actions to fix well-known problems like automatically invalidating passwords for for poor poor passwords in our credentials amongst a whole bunch of other things we could go off and do and then finally if there is a well-known kill chain or attack path one of the things I really wish I could have done when I was a Splunk customer was take this type of kill chain that actually shows a path to domain admin that I'm sincerely worried about and use it as a glass table over which I could start to layer possible indicators of compromise and now you've got a great starting point for glass tables and iocs for actual kill chains that we know are exploitable in your environment and that becomes some super cool Integrations that we've got on the roadmap between us and the Splunk security side of the house so what I'll leave with actually Patrick before I do that you know um love to get your comments and then I'll I'll kind of leave with one last slide on this wartime security mindset uh pending you know assuming there's no other questions no I love it I mean I think this kind of um it's kind of glass table's approach to how do you how do you sort of visualize these workflows and then use things like sore and orchestration and automation to operationalize them is exactly where we see all of our customers going and getting away from I think an over engineered approach to soar with where it has to be super technical heavy with you know python programmers and getting more to this visual view of workflow creation um that really demystifies the power of Automation and also democratizes it so you don't have to have these programming languages in your resume in order to start really moving the needle on workflow creation policy enforcement and ultimately driving automation coverage across more and more of the workflows that your team is seeing yeah I think that between us being able to visualize the actual kill chain or attack path with you know think of a of uh the soar Market I think going towards this no code low code um you know configurable sore versus coded sore that's going to really be a game changer in improve or giving security teams a force multiplier so what I'll leave you with is this peacetime mindset of security no longer is sustainable we really have to get out of checking the box and then waiting for the bad guys to show up to verify that security tools are are working or not and the reason why we've got to really do that quickly is there are over a thousand companies that withdrew from the Russian economy over the past uh nine months due to the Ukrainian War there you should expect every one of them to be punished by the Russians for leaving and punished from a cyber standpoint and this is no longer about financial extortion that is ransomware this is about punishing and destroying companies and you can punish any one of these companies by going after them directly or by going after their suppliers and their Distributors so suddenly your attack surface is no more no longer just your own Enterprise it's how you bring your goods to Market and it's how you get your goods created because while I may not be able to disrupt your ability to harvest fruit if I can get those trucks stuck at the border I can increase spoilage and have the same effect and what we should expect to see is this idea of cyber-enabled economic Warfare where if we issue a sanction like Banning the Russians from traveling there is a cyber-enabled counter punch which is corrupt and destroy the American Airlines database that is below the threshold of War that's not going to trigger the 82nd Airborne to be mobilized but it's going to achieve the right effect ban the sale of luxury goods disrupt the supply chain and create shortages banned Russian oil and gas attack refineries to call a 10x spike in gas prices three days before the election this is the future and therefore I think what we have to do is shift towards a wartime mindset which is don't trust your security posture verify it see yourself Through The Eyes of the attacker build that incident response muscle memory and drive better collaboration between the red and the blue teams your suppliers and Distributors and your information uh sharing organization they have in place and what's really valuable for me as a Splunk customer was when a router crashes at that moment you don't know if it's due to an I.T Administration problem or an attacker and what you want to have are different people asking different questions of the same data and you want to have that integrated triage process of an I.T lens to that problem a security lens to that problem and then from there figuring out is is this an IT workflow to execute or a security incident to execute and you want to have all of that as an integrated team integrated process integrated technology stack and this is something that I very care I cared very deeply about as both a Splunk customer and a Splunk CTO that I see time and time again across the board so Patrick I'll leave you with the last word the final three minutes here and I don't see any open questions so please take us home oh man see how you think we spent hours and hours prepping for this together that that last uh uh 40 seconds of your talk track is probably one of the things I'm most passionate about in this industry right now uh and I think nist has done some really interesting work here around building cyber resilient organizations that have that has really I think helped help the industry see that um incidents can come from adverse conditions you know stress is uh uh performance taxations in the infrastructure service or app layer and they can come from malicious compromises uh Insider threats external threat actors and the more that we look at this from the perspective of of a broader cyber resilience Mission uh in a wartime mindset uh I I think we're going to be much better off and and will you talk about with operationally minded ice hacks information sharing intelligence sharing becomes so important in these wartime uh um situations and you know we know not all ice acts are created equal but we're also seeing a lot of um more ad hoc information sharing groups popping up so look I think I think you framed it really really well I love the concept of wartime mindset and um I I like the idea of applying a cyber resilience lens like if you have one more layer on top of that bottom right cake you know I think the it lens and the security lens they roll up to this concept of cyber resilience and I think this has done some great work there for us yeah you're you're spot on and that that is app and that's gonna I think be the the next um terrain that that uh that you're gonna see vendors try to get after but that I think Splunk is best position to win okay that's a wrap for this special Cube presentation you heard all about the global expansion of horizon 3.ai's partner program for their Partners have a unique opportunity to take advantage of their node zero product uh International go to Market expansion North America channel Partnerships and just overall relationships with companies like Splunk to make things more comprehensive in this disruptive cyber security world we live in and hope you enjoyed this program all the videos are available on thecube.net as well as check out Horizon 3 dot AI for their pen test Automation and ultimately their defense system that they use for testing always the environment that you're in great Innovative product and I hope you enjoyed the program again I'm John Furrier host of the cube thanks for watching

(light music) >> Hello, and welcome to theCUBE's special presentation with Horizon3.ai with Rainer Richter, Vice President of EMEA, Europe, Middle East and Africa, and Asia Pacific, APAC Horizon3.ai. Welcome to this special CUBE presentation. Thanks for joining us. >> Thank you for the invitation. >> So Horizon3.ai, driving global expansion, big international news with a partner-first approach. You guys are expanding internationally. Let's get into it. You guys are driving this new expanse partner program to new heights. Tell us about it. What are you seeing in the momentum? Why the expansion? What's all the news about? >> Well, I would say in international, we have, I would say a similar situation like in the US. There is a global shortage of well-educated penetration testers on the one hand side. On the other side, we have a raising demand of network and infrastructure security. And with our approach of an autonomous penetration testing, I believe we are totally on top of the game, especially as we have also now starting with an international instance. That means for example, if a customer in Europe is using our service, NodeZero, he will be connected to a NodeZero instance, which is located inside the European Union. And therefore, he doesn't have to worry about the conflict between the European GDPR regulations versus the US CLOUD Act. And I would say there, we have a total good package for our partners that they can provide differentiators to their customers. >> You know, we've had great conversations here on theCUBE with the CEO and the founder of the company around the leverage of the cloud and how successful that's been for the company. And obviously, I can just connect the dots here, but I'd like you to weigh in more on how that translates into the go-to-market here because you got great cloud scale with the security product you guys are having success with. Great leverage there, I'm seeing a lot of success there. What's the momentum on the channel partner program internationally? Why is it so important to you? Is it just the regional segmentation? Is it the economics? Why the momentum? >> Well, there are multiple issues. First of all, there is a raising demand in penetration testing. And don't forget that in international, we have a much higher level number or percentage in SMB and mid-market customers. So these customers, typically, most of them even didn't have a pen test done once a year. So for them, pen testing was just too expensive. Now with our offering together with our partners, we can provide different ways how customers could get an autonomous pen testing done more than once a year with even lower costs than they had with a traditional manual pen test, and that is because we have our Consulting PLUS package, which is for typically pen testers. They can go out and can do a much faster, much quicker pen test at many customers after each other. So they can do more pen test on a lower, more attractive price. On the other side, there are others or even the same one who are providing NodeZero as an MSSP service. So they can go after SMP customers saying, "Okay, you only have a couple of hundred IP addresses. No worries, we have the perfect package for you." And then you have, let's say the mid-market. Let's say the thousand and more employees, then they might even have an annual subscription. Very traditional, but for all of them, it's all the same. The customer or the service provider doesn't need a piece of hardware. They only need to install a small piece of a Docker container and that's it. And that makes it so smooth to go in and say, "Okay, Mr. Customer, we just put in this virtual attacker into your network, and that's it and all the rest is done." And within three clicks, they can act like a pen tester with 20 years of experience. >> And that's going to be very channel-friendly and partner-friendly, I can almost imagine. So I have to ask you, and thank you for calling out that breakdown and segmentation. That was good, that was very helpful for me to understand, but I want to follow up, if you don't mind. What type of partners are you seeing the most traction with and why? >> Well, I would say at the beginning, typically, you have the innovators, the early adapters, typically boutique-size of partners. They start because they are always looking for innovation. Those are the ones, they start in the beginning. So we have a wide range of partners having mostly even managed by the owner of the company. So they immediately understand, okay, there is the value, and they can change their offering. They're changing their offering in terms of penetration testing because they can do more pen tests and they can then add others ones. Or we have those ones who offered pen test services, but they did not have their own pen testers. So they had to go out on the open market and source pen testing experts to get the pen test at a particular customer done. And now with NodeZero, they're totally independent. They can go out and say, "Okay, Mr. Customer, here's the service. That's it, we turn it on. And within an hour, you are up and running totally." >> Yeah, and those pen tests are usually expensive and hard to do. Now it's right in line with the sales delivery. Pretty interesting for a partner. >> Absolutely, but on the other hand side, we are not killing the pen tester's business. We are providing with NodeZero, I would call something like the foundational work. The foundational work of having an ongoing penetration testing of the infrastructure, the operating system. And the pen testers by themselves, they can concentrate in the future on things like application pen testing, for example. So those services, which we are not touching. So we are not killing the pen tester market. We are just taking away the ongoing, let's say foundation work, call it that way. >> Yeah, yeah. That was one of my questions. I was going to ask is there's a lot of interest in this autonomous pen testing. One because it's expensive to do because those skills are required are in need and they're expensive. (chuckles) So you kind of cover the entry-level and the blockers that are in there. I've seen people say to me, "This pen test becomes a blocker for getting things done." So there's been a lot of interest in the autonomous pen testing and for organizations to have that posture. And it's an overseas issue too because now you have that ongoing thing. So can you explain that particular benefit for an organization to have that continuously verifying an organization's posture? >> Certainly. So I would say typically, you have to do your patches. You have to bring in new versions of operating systems, of different services, of operating systems of some components, and they are always bringing new vulnerabilities. The difference here is that with NodeZero, we are telling the customer or the partner the package. We're telling them which are the executable vulnerabilities because previously, they might have had a vulnerability scanner. So this vulnerability scanner brought up hundreds or even thousands of CVEs, but didn't say anything about which of them are vulnerable, really executable. And then you need an expert digging in one CVE after the other, finding out is it really executable, yes or no? And that is where you need highly-paid experts, which where we have a shortage. So with NodeZero now, we can say, "Okay, we tell you exactly which ones are the ones you should work on because those are the ones which are executable. We rank them accordingly to risk level, how easily they can be used." And then the good thing is converted or in difference to the traditional penetration test, they don't have to wait for a year for the next pen test to find out if the fixing was effective. They run just the next scan and say, "Yes, closed. Vulnerability is gone." >> The time is really valuable. And if you're doing any DevOps, cloud-native, you're always pushing new things. So pen test, ongoing pen testing is actually a benefit just in general as a kind of hygiene. So really, really interesting solution. Really bringing that global scale is going to be a new coverage area for us, for sure. I have to ask you, if you don't mind answering, what particular region are you focused on or plan to target for this next phase of growth? >> Well, at this moment, we are concentrating on the countries inside the European Union plus United Kingdom. And of course, logically, I'm based in the Frankfurt area. That means we cover more or less the countries just around. So it's like the so-called DACH region, Germany, Switzerland, Austria, plus the Netherlands. But we also already have partners in the Nordic, like in Finland and Sweden. So we have partners already in the UK and it's rapidly growing. So for example, we are now starting with some activities in Singapore and also in the Middle East area. Very important, depending on let's say, the way how to do business. Currently, we try to concentrate on those countries where we can have, let's say at least English as an accepted business language. >> Great, is there any particular region you're having the most success with right now? Sounds like European Union's kind of first wave. What's the most- >> Yes, that's the first. Definitely, that's the first wave. And now with also getting the European INSTANCE up and running, it's clearly our commitment also to the market saying, "Okay, we know there are certain dedicated requirements and we take care of this." And we are just launching, we are building up this one, the instance in the AWS service center here in Frankfurt. Also, with some dedicated hardware, internet, and a data center in Frankfurt, where we have with the DE-CIX, by the way, the highest internet interconnection bandwidth on the planet. So we have very short latency to wherever you are on the globe. >> That's a great call out benefit too. I was going to ask that. What are some of the benefits your partners are seeing in EMEA and Asia Pacific? >> Well, I would say, the benefits for them, it's clearly they can talk with customers and can offer customers penetration testing, which they before even didn't think about because penetration testing in a traditional way was simply too expensive for them, too complex, the preparation time was too long, they didn't have even have the capacity to support an external pen tester. Now with this service, you can go in and even say, "Mr. Customer, we can do a test with you in a couple of minutes. We have installed a Docker container. Within 10 minutes, we have the pen test started. That's it and then we just wait." And I would say we are seeing so many aha moments then. On the partner side, when they see NodeZero the first time working, it's like they say, "Wow, that is great." And then they walk out to customers and show it to their typically at the beginning, mostly the friendly customers like, "Wow, that's great, I need that." And I would say the feedback from the partners is that is a service where I do not have to evangelize the customer. Everybody understands penetration testing, I don't have to describe what it is. The customer understanding immediately, "Yes. Penetration testing, heard about that. I know I should do it, but too complex, too expensive." Now for example, as an MSSP service provided from one of our partners, it's getting easy. >> Yeah, and it's great benefit there. I mean, I got to say I'm a huge fan of what you guys are doing. I like this continuous automation. That's a major benefit to anyone doing DevOps or any kind of modern application development. This is just a godsend for them, this is really good. And like you said, the pen testers that are doing it, they were kind of coming down from their expertise to kind of do things that should have been automated. They get to focus on the bigger ticket items. That's a really big point. >> Exactly. So we free them, we free the pen testers for the higher level elements of the penetration testing segment, and that is typically the application testing, which is currently far away from being automated. >> Yeah, and that's where the most critical workloads are, and I think this is the nice balance. Congratulations on the international expansion of the program, and thanks for coming on this special presentation. I really appreciate it. Thank you very much. >> You're welcome. >> Okay, this is theCUBE special presentation, you know, checking on pen test automation, international expansion, Horizon3.ai. A really innovative solution. In our next segment, Chris Hill, Sector Head for Strategic Accounts, will discuss the power of Horizon3.ai and Splunk in action. You're watching theCUBE, the leader in high tech enterprise coverage. (steady music)

>>Okay, welcome back everyone to the Cube's live coverage here in Las Vegas for Amazon re Mars two days of coverage, we're getting down to wrapping up day one. I'm John furrier host of the cube space is a big topic here. You got machine learning, you got automation, robotics, all spells Mars. The two great guests here to really get into the whole geo scene. What's going on with the data. We've got Marcus Norren business development and geo data. Sogeti part of cap Gemini group, and Yoki well kissed portfolio lead data and AI with Sogeti part of cap, Gemini gentlemen, thanks for coming on the queue. Appreciate it. Thanks >>For having us. >>Let me so coming all the way from Sweden to check out the scene here and get into the weeds and the show. A lot of great technology being space is the top line here, but software drives it. Um, you got robotics. Lot of satellite, you got the aerospace industry colliding with hardcore industrial. I say IOT, robotics, one, whatever you want, but space kind of highlights the IOT opportunity. There is no edge in space, right? So the edge, the intelligent edge, a lot going on in space. And satellite's one of 'em you guys are in the middle of that. What are you guys working on? What's the, the focus here for cap gem and I Sogeti part of cap >>Gemini. I would say we focus a lot of creating business value, real business value for our clients, with the satellites available, actually a free available satellite images, working five years now with this, uh, solutioning and, uh, mostly invitation management and forestry. That's our main focus. >>So what's the product value you guys are offering. >>We basically, for now the, the most value we created is working with a forest client to find park Beal infests, uh, in spruce forest. It's a big problem in European union and, uh, Northern region Sweden, where we live now with the climate change, it's getting warmer, the bark beetle bases warm more times during the summer, which makes it spread exponentially. Uh, so we help with the satellite images to get with data science and AI to find these infestations in time when they are small, before it's spread. >>So satellite imagery combined with data, this is the intersection of the data piece, the geo data, right? >>Yeah. You can say that you have, uh, a lot of open satellite data, uh, and uh, you want to analyze that, that you also need to know what you're looking for and you need data to understand in our case, a certain type of damage. So we have large data sets that we have to sort of clean and train ML models from to try to run that on that open data, to detect these models. And, and when we're saying satellite data and open data, it's basically one pixel is 10 by 10 meters. So it's not that you will see the trees, but we're looking at the spectral information in the image and finding patterns. So we can actually detect attacks that are like four or five trees, big, uh, using that type. And we can do that throughout the season so we can see how you start seeing one, two attacks and it's just growing. And then you have this big area of just damage. So >>How, how long does that take? Give me some scope to scale because it sounds easy. Oh, the satellites are looking down on us. It's not, it's a lot of data there. What's the complexity. What are the challenges that you guys are overcoming scope to scale? >>It's so much complexity in this first, you have clouds, so it's, uh, open data set, you download it and you figure out here, we have a satellite scene, which is cloudy. We need to have some analytics doing that, taking that image away basically, or the section of the image with it cloudy. Then we have a cloud free image. We can't see anything because it's blurry. It's too low resolution. So we need to stack them on top of each other. And then we have the next problem to correlate them. So they are pixel perfect overlapping. Yeah. So we can compare them in time. And then they have the histogram adjustment to make them like, uh, the sensitivity is the same on all the images, because you have solar storms, you have shady clouds, which, uh, could be used still that image. So we need to compare that. Then we have the ground proof data coming from, uh, a harvester. For instance, we got 200,000 data points from the harvester real data points where they had found bark Beal trees, and they pulled them down. The GPS is drifting 50 meters. So you have an uncertainty where the actually harvest it was. And then we had the crane on 20 meters. So, you know, the GPS is on the home actually of the home actual machine and the crane were somewhere. So you don't really know you have this uncertainty, >>It's a data integration problem. Yeah. Massive, >>A lot of, of, uh, interesting, uh, things to adjust for. And then you could combine this into one deep learning model and build. >>But on top of that, I don't know if you said that, but you also get the data in the winter and you have the problem during the summer. So we actually have to move back in time to find the problem, label the data, and then we can start identifying. >>So once you get all that heavy lifting done or, or write the code, or I don't know if something's going on there, you get the layering, the pixel X see all the, how complex that is when the deep learning takes over. What happens next? Is it scale? Is it is all the heavy lifting up front? Is the work done front or yeah. Is its scale on the back end? >>So first the coding is heavy work, right? To gets hands on and try different things. Figure out in math, how to work with this uncertainty and get everything sold. Then you put it into a deep learning model to train that it actually run for 10 days before it was accurate, or first, first ation, it wasn't accurate enough. So we scrap that, did some changes. Then we run it again for 10 days. Then we have a model which we could use and interfere new images. Like every day, pretty quickly, every day it comes a new image. We run it. We have a new outcome and we could deliver that to clients. >>Yeah. I can almost imagine. I mean, the, the cloud computing comes in handy here. Oh yeah. So take me through the benefits because it sounds like the old, the old expression, the juice is not worth the squeeze here. It is. It's worth the squeeze. If you can get it right. Because the alternative is what more expensive gear, different windows, just more expensive monolithic solutions. Right? >>Think about the data here. So it's satellite scene. Every satellite scene is hundred by a hundred kilometers. That pretty much right. And then you need a lot of these satellite scene over multiple years to combine it. So if you should do this over the whole Northern Europe, over the whole globe, it's a lot of data just to store that it's a problem. You, you cannot do it on prem and then you should compute it with deep learning models. It's a hard problem >>If you don't have, so you guys got a lot going on. So, so talk about spaghetti, part of cap, Gemini, explain that relationship, cuz you're here at a show that, you know, you got, I can see the CAPI angle. This is like a little division. Is it a group? Are you guys like lone wolves? Like, what's it like, is this dedicated purpose built focus around aerospace? >>No, it's actually SOI was the, the name of the CAPI company from the beginning. And they relaunched the brand, uh, 2001, I think roughly 10, 20 years ago. So we actually celebrate some anniversary now. Uh, and it's a brand which is more local close to clients out in different cities. And we also tech companies, we are very close to the new technology, trying things out. And this is a perfect example of this. It was a crazy ID five years ago, 2017. And we started to bring in some clients explore, really? Open-minded see, can we do something on these satellite data? And then we took it step by step together of our clients. Yeah. And it's a small team where like 12 >>People. Yeah. And you guys are doing business development. So you have to go out there and identify the kinds of problems that match the scope of the scale. >>So what we're doing is we interact with our clients, do some simple workshops or something and try to identify like the really valuable problems like this Bruce Park people that that's one of those. Yep. And then we have to sort of look at, do we think we can do something? Is it realistic? And we will not be able to answer that to 100% because then there's no innovation in this at all. But we say, well, we think we can do it. This will be a hard problem, but we do think we can do it. And then we basically just go for it. And this one we did in 11 to 12 weeks, a tightly focused team, uh, and just went at it, uh, super slim process and got the job done and uh, the >>Results. Well, it's interesting. You have a lot of use cases. We gotta go down, do that face to face belly to belly, you know, body to body sales, BI dev scoping out, have workshops. Now this market here, Remar, they're all basically saying a call to arms more money's coming in. The problems are putting on the table. The workshop could be a lunch meeting, right. I mean, because Artis and there's a big set of problems to tackle. Yes. So I mean, I'm just oversimplifying, but that being said, there's a lot going on opportunity wise here. Yeah. That's not as slow maybe as the, the biz dev at, you know, coming in, this is a huge demand. It will be >>Explode. >>What's your take on the demand here, the problems that need to be solved and what you guys are gonna bring to bear for the problem. >>So now we have been focus mainly in vegetation management and forestry, but vegetation management can be applicable in utility as well. And we actually went there first had some struggle because it's quite detailed information that's needed. So we backed out a bit into vegetation in forestry again, but still it's a lot of application in, in, uh, utility and vegetation management in utility. Then we have a whole sustainability angle think about auditing of, uh, rogue harvesting or carbon offsetting in the future, even biodiversity, offsetting that could be used. >>And, and just to point out and give it a little extra context, all the keynotes, talk about space as a global climate solution, potentially the discoveries and or also the imagery they're gonna get. So you kind of got, you know, top down, bottoms up. If you wanna look at the world's bottom and space, kind of coming together, this is gonna open up new kinds of opportunities for you guys. What's the conversation like when you, when this is going on, you're like, oh yeah, let's go in. Like, what are you guys gonna do? What's the plan, uh, gonna hang around and ride that wave. >>I think it's all boils down to finding that use case that need to be sold because now we understand the satellite scene, they are there. We could, there is so many new satellites coming up already available. They can come up the cloud platform, AWS, it's great. We have all the capabilities needed. We have AI and ML models needed data science skills. Now it's finding the use cases together with clients and actually deliver on them one by >>One. It's interesting. I'd like to get your reaction to this Marcus two as well. What you guys are kind of, you have a lot bigger and, and, and bigger than some of the startups out there, but a startup world, they find their niches and they, the workflows become the intellectual property. So this, your techniques of layering almost see is an advantage out there. What's your guys view of that on intellectual property of the future, uh, open source is gonna run all the software. We know that. So software's no going open source scale and integration. And then new kinds of ways are new methods. I won't say for just patents, but like just for intellectual property, defen differentiation. How do you guys see this? As you look at this new frontier of intellectual property? >>That's, it's a difficult question. I think it's, uh, there's a lot of potential. If you look at open innovation and how you can build some IP, which you can out license, and some you utilize yourself, then you can build like a layer business model on top. So you can find different channels. Some markets we will not go for. Maybe some of our models actually could be used by others where we won't go. Uh, so we want to build some IP, but I think we also want to be able to release some of the things we do >>Open >>Works. Yeah. Because it's also builds presence. It it's >>Community. >>Yeah, exactly. Because this, this problem is really hard because it's a global thing. And, and it's imagine if, if you have a couple of million acres of forest and you just don't go out walking and trying to check what's going on because it's, you know, >>That's manuals hard. Yeah. It's impossible. >>So you need this to scale. Uh, and, and it's a hard problem. So I think you need to build a community. Yeah. Because this is, it's a living organism that we're trying to monitor. If you talk about visitation of forest, it's, it's changing throughout the year. So if you look at spring and then you look at summer and you look at winter, it's completely different. What you see. Yeah. Yeah. So >>It's, it's interesting. And so, you know, I wonder if, you know, you see some of these crowdsourcing models around participation, you know, small little help, but that doesn't solve the big puzzle. Um, but you have open source concepts. Uh, we had Anna on earlier, she's from the Amazon sustainability data project. Yeah, exactly. And then just like open up the data. So the data party for her. So in a way there's more innovation coming, potentially. If you can get that thing going, right. Get the projects going. Exactly. >>And all this, actually our work is started because of that. Yes, exactly. So European space agency, they decided to hand out this compar program and the, the Sentinel satellites central one and two, which we have been working with, they are freely available. It started back in 2016, I think. Yeah. Uh, and because of that, that's why we have this work done during several years, without that data freely available, it wouldn't have happened. Yeah. I'm, I'm >>Pretty sure. Well, what's next for you guys? Tell, tell me what's happening. Here's the update put a plug in for the, for the group. What are you working on now? What's uh, what are you guys looking to accomplish? Take a minute to put a plug in for the opportunity. >>I would say scaling this scaling, moving outside. Sweden. Of course we see our model that they work in in us. We have tried them in Canada. We see that we work, we need to scale and do field validation in different regions. And then I would say go to the sustainability area. This goes there, there is a lot of great >>Potential international too is huge. >>Yeah. One area. I think that is really interesting is the combination of understanding the, like the carbon sink and the sequestration and trying to measure that. Uh, but also on top of that, trying to classify certain Keystone species habitats to understand if they have any space to live and how can we help that to sort of grow back again, uh, understanding the history of the, sort of the force. You have some date online, but trying to map out how much of, of this has been turned into agricultural fields, for example, how much, how much of the real old forest we have left that is really biodiverse? How much is just eight years young to understand that picture? How can we sort of move back towards that blueprint? We probably need to, yeah. And how can we digitize and change forestry and the more business models around that because you, you can do it in a different way, or you can do both some harvesting, but also, yeah, not sort of ruining the >>Whole process. They can be more efficient. You make it more productive, save some capital, reinvest it in better ways >>And you have robotics and that's not maybe something that we are not so active in, but I mean, starting to look at how can autonomy help forestry, uh, inventory damages flying over using drones and satellites. Uh, you have people looking into autonomous harvesting of trees, which is kind of insane as well, because they're pretty big <laugh> but this is also happening. Yeah. So I mean, what we're seeing here is basically, >>I mean, we, I made a story multiple times called on sale drone. One of my favorite stories, the drones that are just like getting Bob around in the ocean and they're getting great telemetry data, cuz they're indestructible, you know, they can just bounce around and then they just transmit data. Exactly. You guys are creating a opportunity. Some will say problem, but by opening up data, you're actually exposing opportunities that never have been seen before because you're like, it's that scene where that movie, Jody frost, a contact where open up one little piece of information. And now you're seeing a bunch of new information. You know, you look at this large scale data, that's gonna open up new opportunities to solve problems that were never seen before. Exactly. You don't, you can't automate what you can't see. No. Right. That's the thing. So no, we >>Haven't even thought that these problems can be solved. It's basically, this is how the world works now. Because before, when you did remote sensing, you need to be out there. You need to fly with a helicopter or you put your boots on out and go out. Now you don't need that anymore. Yeah. Which opened up that you could be, >>You can move your creativity in another problem. Now you open up another problem space. So again, I like the problem solving vibe of the, it's not like, oh, catastrophic. Well, well, well the earth is on a catastrophic trajectory. It's like, oh, we'll agree to that. But it's not done deal yet. <laugh> I got plenty of time. Right. So like the let's get these problems on the table. Yeah. Yeah. And I think this is, this is the new method. Well, thanks so much for coming on the queue. Really appreciate the conversation. Thanks a lot. Love it. Opening up new world opportunities, challenges. There's always opportunities. When you have challenges, you guys are in the middle of it. Thanks for coming on. I appreciate it. Thank you. Thanks guys. Okay. Cap Gemini in the cube part of cap Gemini. Um, so Getty part of cap Gemini here in the cube. I'm John furrier, the host we're right back with more after this short break.

(upbeat music) >> Welcome back to Las Vegas. theCUBE is here, live at AWS re:Invent 2021. Lisa Martin with Dave Nicholson. theCUBE has two sets today, two, not one, two, two live sets, two remote sets, over 100 guests on the program at this event, it's a lot, talking about the next generation of cloud innovation with AWS and its massive ecosystem of partners and we are pleased to welcome Walton Smith to the program, the public sector, director of strategic partnerships for Worldwide Technology, Walton welcome to the program. >> Thank you so much for having me, it's really amazing to be here and look forward to a great conversation. Isn't it great to be in person again? >> It's so nice to be in person, I mean I'm glad everybody's being safe and, and checking vaccine status and whatnot, but it's good to get back and, and, and work with people cause we can really drive innovation when, when we get together. >> Those hallway conversations or those conversations here at events that you just can't replicate by video conferencing, right? Not replicate that, you getting grabbed in the hall and say, hey, have you thought about leveraging XYZ to do something? To me that's what makes this conference great. >> Talk to me about what's going on at WWT. What are some of the, the things that you guys have been working on? >> It's a really exciting time at Worldwide, we're really working closely with AWS to drive innovation to the edge. We're excited about their outpost offering, we actually have one in our data center, Sandy announced it today in a partnership with Intel to, to allow our customers to try to work out use cases, to, to kick the tires, so to speak, to see how it works as well as our partners to get their ISV products certified on the outpost platform. >> So I'm familiar with your ATC in St. Louis, is that what you're referring to? >> That's correct. >> Give us a little, give us a little insight into what goes on there, I know it's pretty amazing from a customer perspective because you are agnostic. because you are agnostic. >> Walton: Correct. >> You're there to serve the customer, but tell me, tell me what happens in the ATC. >> We say we're agnostic, but we have our, our, our preferences because we know- >> sure, sure, okay. what actually works. But our ATC is our crown jewel, it's about a $600 million data center that we built solely for proof of concepts for our customers. So our, our top customers come in and say, I have this problem, how can I solve it? And so with us being the single biggest reseller of just about every ISV is out there, I can stand up a, a, a Dell, I can stand up a, a, a Dell, Dell compute next to NetApp storage with Cisco router on top of it to replicate what my customer has at the VA, for example, and then to be able to plug in an outpost to show how leveraging the outpost can give them a single pane of glass to be able to work on their workload, so the training that our FSI, Federal System Integrators have put into their staff or our government customers on the Amazon platform can now be driven into their data center, so it's really taking the cloud down to where the data is. >> In terms of public sector, what are some of the prominent use cases that you guys are helping customers to solve, especially given the tumultuous times that we're still living in? Sure, so what we saw during COVID especially was how most of the government agencies had the capability to allow say 5% to 10% of their workforce to work remotely. And then with COVID, they went to 95% to a 100% workforce. So, a lot of the time we've spent over the last year is how do we securely allow our government employees to get access to the information, because as we know, the government was more valuable than ever to get us through this pandemic, we had to give them the tools that they needed to be able to make the decisions to, to move the country forward. >> Talk about security if you will for a second, we have seen such a dramatic change in the security landscape, the threat landscape, ransomware as a service, it's, you know, the cyber criminals, lot of money in it, they're becoming far more brazen. What are some of the things that you're seeing specifically with respect to security use cases? >> It's, it's gone from, let me just buy everything that's out there and that'll give me security to, I need to have visibility into my environment, because if, if you look at target, it's a great case studies around that, they had all the tools, they just didn't tie it all together. And so as more and more nation state actors And so as more and more nation state actors try to attack our government, or it's a great way to make money, I mean, in, in this, in the presentation, Sandy's today, they talked about, if you looked at the GDP of what's been taken in ransomware, it's like the 10th biggest country in the world, I mean, it's scary and staggering how much money is lost. So what we think, going back to our ATC, we can stand up their environment, we can work with the top security providers in the world to show those customers how we can give them that visibility, the, the, the protection and the ability to get back up, because there's really only two types of organizations, those who've been hacked and those who don't know they've been hacked, they're going to get in, it's how do we mitigate the damage, how do we get them back up and running and how we protect my customers or have some of the most sensitive data in the world, how do we protect that so our government can keep us safe and keep us moving forward. >> Yeah, cause these days it's a matter of when we get hacked, not if. And of course we are only hearing about the large attacks. >> Walton: Correct. We don't hear about- all of the ones that go on day in and day out, I think, I think I saw a stat recently that a ransomware attack happens like once every 11 seconds. >> Correct, I mean, just walking through here, how many text messages you've gotten? You want a free iPad click here, I mean, they're, they're down to the individual level. It's a whole lot cheaper to give a couple people, really powerful laptops, pizza and beer, and have them go attack, than it is to, to set up a real business and so, unfortunately, as long as there's money in it, there's going to be bad actors out there. We think partnering with AWS and other partners can help build solutions. >> You know, WWT has had an interesting history because you didn't start with the dawn of cloud. >> Walton: Right. So you've been in the business of AT for a long time So you've been in the business of AT for a long time and logistics out of St. Louis in a lot of ways. What does that look like in terms of navigating that divide? You know, there's a, there's a whole storied history of companies that were not able to cross the divide from the mainframe era to the client server era, let alone to cloud. You seem to have, you seem to be doing that pretty well. >> I, I appreciate that, I mean, we're the biggest company no one's ever heard of. We're 14, $15 billion privately held firm, the same two guys that founded it, still run it today and all they want to do is do cool things, they want it to be truly the best place to work. So from day one, they've invested in training our staff, building the ATC to give us the tools we need to be successful and then because we're a trusted partner with Amazon Intel and our other partners out there, they're investing in us to help build solutions, so we have over 6,000 engineers, they get up every day, how do I build something that can help our customers really drive change and innovation? So it's been a really fun ride and the, the best is yet to come. >> Talk to me about your customer focus, you know, when we talk, here we are at reinvent, we always talk with AWS about their, you know, Dave, we talked about this customer obsession, the fact that they're working backwards from the customer, do you share that sort of philosophy? Does WWT share that philosophy with AWS? >> 100%?, if you go to WWT.com we've published everything that we have so you can get full access to our lab to learn about x ISV and go deep to learn about x ISV and go deep and see the million and a half labs we've built around, say Red Hat and go and get access to it. So we think that if we educate our customers, there are going to be customers for life, and they're going to come to us with their biggest problems. And that what's, is what's exciting and what enables us to, to really continue to grow. >> And how did the customers help you innovate? And that's one of the things we, I was thinking yesterday with, with this AWS flywheel of when Adam was introducing, and now we have a, now we have, and it was because he would say, we did this, but you needed more, but you being the customer needed more. >> 100%, it, it's we want our customers to come to us with their biggest problems, because that's when we, the exciting innovation works. And so the ability to sit down with the foremost expert in, in virus control and be able to, in, in virus control and be able to, what are the tools that she need to be able to get ahead of the next change to COVID? How can we give them the tools to do that? That's what we want to do, the scalability, the ability to reach out to others is what Amazon brings. So we can bring the data science, we can bring the understanding of the storage, the security, and the network and then AWS gives that limitless scalability to solve those problems and to bring in someone from Africa, to bring in someone from the European Union to, to work together to solve those problems, that's what's, what's exciting and then coming back to the outpost, to be able to put that in the data center, we know the data center is better than just about anybody out there, so it would be the ability to add innovation to them, to bring those part ISV partners together. It's really exciting that Intel is funding it because they know that if, if customers can see the art of the possible, they're going to push that innovation. >> One of the things we've also sort of thematically Dave and I with guests, and the other has been talking about this week is that every company has to be a data company, whether it's public sector, private sector, if you're not, or if you're not on your way, there's a competitor right here in the rear view mirror ready to take your place. How do you help public sector organizations really develop, embrace an execute a data full course strategy? >> So we have a cadre of over 125 data scientists that work every day to help organizations unlock their most valuable asset, that data, their people and be able to put the data in the right place at the right time and so by investing in those data scientists, investing in the networking folks to be able to look at the holistic picture is how we can bring those solutions to our customers, because the data is the new oil of, of the environment and sorry for my Southern twang on the oil, but it, but it truly is the most valuable asset they have and so, how do we unlock that? How do they pull that data together, secure it? Because now that you're aggregating all that data, you're making it a treasure trove for those bad actors that are out there, so you've got to secure it, but then to be able to learn and, and automate based on, on what you learned from that data. >> You know I, I think with hindsight, it's easy to, it's easy to say, well, of course WWT is where WWT is today. Five years ago, though, I think it would have been an honest question to ask, how are you going to survive in the world of cloud? And here we are, you've got outposts. >> Walton: Sure. >> And, and of course it makes sense because you're focused on customers, sounds like I'm doing a commercial for you, But I'm a fan- >> I'll gladly apreciate that- because I, I, I've worked with you guys in a variety of roles for a long time, seems like yesterday we were testing a bunch of different storage arrays of the ATC and now you've got outposts in cloud and you're integrating it together. It's really more of the same, I'm sure if we had your founders here, they'd tell you, Dave, it's all the same. >> Walton: Correct. It's all the same. >> It's AT, it's where, where's the compute, where's the storage, how do you get access to it and the cloud has given the ability to, to scale and do things you could never imagine. I think it's the reason we're here is because our leadership continues to invest and pushing that envelope to give people the freedom to go out with that crazy idea, what if we did this? And having the tools and the ability to do that is, is what, what drives our innovation and that's what we bring to our customers and our partners, that ability to innovate to, that ability to innovate to, to tackle that next problem. >> So what's the tip of the spear right now for you guys? What are you, what's, what's, what's kind of, what's next? What are you waiting to have delivered to the ATC to racket, stack and cable up? >> Lot's of stuff that I can't tell you about because there, there's things that Amazon is, is always working on that we work with before it, it's, it's made public, so there's a lot of really cool stuff in the pipeline, because the, as you think about moving to the data center, that's one thing, moving to truly to the edge, where you can help that war fighter, where you can help that mission, where you can do disaster recovery, leveraging the snowball family, the outpost family, and custom built tools that really allow for quick response and custom built tools that really allow for quick response to whatever that problem is, is that next front and that's where we've been for a long time, helping our, our war fighters and folks do what needs to be done. Outpost sees that you can leverage big AWS Outpost sees that you can leverage big AWS to build the models, push it down to the edge because you don't have time or the bandwidth to get it back into the big cloud, to be able to put that compute and storage and analytics on the edge to make real time decisions, is what we have to do to stay relevant and that's where the joint partnership is really exciting. >> It's what you have to do to stay relevant, it's also what your customers need, cause one of the things that we've learned in the pandemic is that real-time data and access to it is no longer, longer a nice to have, this is business critical for everything. >> Correct and even if you have a fat pipe to get it, you need to make real time decisions and if you're in a really sandy space, excuse me, making hard decisions, you've got to get the best information to that soldier when, when they need it to, to save our lives or to save the other people's lives so it's, it's, it's not just a nice to have, it's mission critical. >> It is mission critical, Walton, thank you so much, we're out of time, but thank you for joining Dave and me talking about- >> Really enjoyed it. all the stuff going on with, with worldwide, the partnership with AWS, how you're helping really transform the public sector, we appreciate your time and your insights. >> Thank you so much, have a great conference. >> Thanks, you too. >> Okay, thanks. >> All right, from my buddy, Dave Nicholson, I'm Lisa Martin, you're watching theCUBE, the global leader in live tech coverage. (upbeat music)

>> Well, hello everybody, John Walls here on theCUBE and continuing our coverage. So splunk.com for 21, you know, we talk about big data these days, you realize the importance of speed, right? We all get that, but certainly Formula One Racing understands speed and big data, a really neat marriage there. And with us to talk about that is James Hodge, who was the global vice president and chief strategy officer international at Splunk. James, good to see it today. Thanks for joining us here on theCUBE. >> Thank you, John. Thank you for having me and yeah, the speed of McLaren. Like I'm, I'm all for it today. >> Absolutely. And I find it interesting too, that, that you were telling me before we started the interview that you've been in Splunk going on nine years now. And you remember being at splunk.com, you know, back in the past other years and watching theCUBE and here you are! you made it. >> I know, I think it's incredible. I love watching you guys every single year and kind of the talk that guests. And then more importantly, like it reminds me of conf for every time we see theCUBE, no matter where you are, it reminds me of like this magical week there's dot com for us. >> Well, excellent. I'm glad that we could be a part of it at once again and glad you're a part of it here on theCUBE. Let's talk about McLaren now and the partnership, obviously on the racing side and the e-sports side, which is certainly growing in popularity and in demand. So just first off characterize for our audience, that relationship between Splunk and McLaren. >> Well, so we started the relationship almost two years ago. And for us it was McLaren as a brand. If you think about where they were, they recently, I think it's September a Monza. They got a victory P1 and P2. It was over 3200 days since their last victory. So that's a long time to wait. I think of that. There's 3000 days of continual business transformation, trying to get them back up to the grid. And what we found was that ethos, the drive to digital the, the way they're completely changing things, bringing in kind of fluid dynamics, getting people behind the common purpose that really seem to fit the Splunk culture, what we're trying to do and putting data at the heart of things. So kind of Formula One and McLaren, it felt a really natural place to be. And we haven't really looked back since we started at that partnership. It's been a really exciting last kind of 18 months, two years. >> Well, talk a little bit about, about the application here a little bit in terms of data cars, the, the Formula One cars, the F1 cars, they've got hundreds of sensors on them. They're getting, you know, hundreds of thousands or a hundred thousand data points almost instantly, right? I mean, there's this constant processing. So what are those inputs basically? And then how has McLaren putting them to use, and then ultimately, how is Splunk delivering on that from McLaren? >> So I learned quite a lot, you know, I'm, I'm, I been a childhood Formula One fan, and I've learned so much more about F1 over the last kind of couple of years. So it actually starts with the car going out on the track, but anyone that works in the IT function, the car can not go out on track and less monitoring from the car actually is being received by the garage. It's seen as mission critical safety critical. So IT, when you see a car out and you see the race engineer, but that thumbs up the mechanical, the thumbs up IT, get their vote and get to put the thumbs up before the car goes out on track there around about 300 sensors on the car in practice. And there were two sites that run about 120 on race day that gets streamed on a two by two megabits per second, back to the FIA, the regulating body, and then gets streams to the, the garage where they have a 32 unit rack near two of them that have all of their it equipment take that data. They then stream it over the internet over the cloud, back to the technology center in working where 32 race engineers sit in calm conditions to be able to go and start to make decisions on when the car should pit what their strategy should be like to then relate that back to the track side. So you think about that data journey alone, that is way more complicated and what you see on TV, you know, the, the race energy on the pit wall and the driver going around at 300 kilometers an hour. When we look at what Splunk is doing is making sure that is resilient. You know, is the data coming off the car? Is it actually starting to hit the garage when it hits that rack into the garage, other than streaming that back with the right latency back to the working technology center, they're making sure that all of the support decision-making tools there are available, and that's just what we do for them on race weekend. And I'll give you one kind of the more facts about the car. So you start the beginning of the season, they launched the car. The 80% of that car will be different by the end of the season. And so they're in a continual state of development, like constantly developing to do that. So they're moving much more to things like computational fluid dynamics applications before the move to wind tunnel that relies on digital infrastructure to be able to go and accelerate that journey and be able to go make those assumptions. That's a Splunk is becoming the kind of underpinning of to making sure those mission critical applications and systems are online. And that's kind of just scratching the surface of kind of the journey with McLaren. >> Yeah. So, so what would be an example then maybe on race day, what's a stake race day of an input that comes in and then mission control, which I find fascinating, right? You've got 32 different individuals processing this input and then feeding their, their insights back. Right. And so adjustments are being made on the fly very much all data-driven what would be an example of, of an actual application of some information that came in that was quickly, you know, recorded, noted, and then acted upon that then resulted in an improved performance? >> Well, the most important one is pit stop strategy. It can be very difficult to overtake on track. So starting to look at when other teams go into the pit lane and when they come out of the, the pit lane is incredibly important because it gives you a choice. Do you stay also in your current set of tires and hope to kind of get through that team and kind of overtake them, or do you start to go into the pits and get your fresh sets of tires to try and take a different strategy? There are three people in mission control that have full authority to go and make a Pit lane call. And I think like the thing that really resonated for me from learning about McLaren, the technology is amazing, but it's the organizational constructs on how they turn data into an action is really important. People with the right knowledge and access to the data, have the authority to make a call. It's not the team principle, it's not the person on the pit wall is the person with the most amount of knowledge is authorized and kind of, it's an open kind of forum to go and make those decisions. If you see something wrong, you are just as likely to be able to put your hand up and say, something's wrong here. This is my, my decision than anyone else. And so when we think about all these organizations that are trying to transform the business, we can learn a lot from Formula One on how we delegate authority and just think of like technology and data as the beginning of that journey. It's the people in process that F1 is so well. >> We're talking a lot about racing, but of course, McLaren is also getting involved in e-sports. And so people like you like me, we can have that simulated experience to gaming. And I know that Splunk has, is migrating with McLaren in that regard. Right. You know, you're partnering up. So maybe if you could share a little bit more about that, about how you're teaming up with McLaren on the e-sports side, which I'm sure anybody watching this realizes there's a, quite a big market opportunity there right now. >> It's a huge market opportunity is we got McLaren racing has, you know, Formula One, IndyCar and now extreme E and then they have the other branch, which is e-sports so gaming. And one of the things that, you know, you look at gaming, you know, we were talking earlier about Ted Lasso and, you know, the go to the amazing game of football or soccer, depending on kind of what side of the Atlantic you're on. I can go and play something like FIFA, you know, the football game. I can be amazing at that. I have in reality, you know, in real life I have two left feet. I am never going to be good at football however, what we find with e-sports is it makes gaming and racing accessible. I can go and drive the same circuits as Lando Norris and Daniel Ricardo, and I can improve. And I can learn like use data to start to discover different ways. And it's an incredibly expanding exploding industry. And what McLaren have done is they've said, actually, we're going to make a professional racing team, an e-sports team called the McLaren Shadow team. They have this huge competition called the Logitech KeyShot challenge. And when we looked at that, we sort of lost the similarities in what we're trying to achieve. We are quite often starting to merge the physical world and the digital world with our customers. And this was an amazing opportunity to start to do that with the McLaren team. >> So you're creating this really dynamic racing experience, right? That, that, that gives people like me, or like our viewers, the opportunity to get even a better feel for, for the decision-making and the responsiveness of the cars and all that. So again, data, where does that come into play there? Now, What, what kind of inputs are you getting from me as a driver then as an amateur driver? And, and how has that then I guess, how does it express in the game or expressed in, in terms of what's ahead of me to come in a game? >> So actually there are more data points that come out of the F1 2021 Codemasters game than there are in Formula One car, you get a constant stream. So the, the game will actually stream out real telemetry. So I can actually tell your tire pressures from all of your tires. I can see the lateral G-Force longitudinal. G-Force more importantly for probably amateur drivers like you and I, we can see is the tire on asphalt, or is it maybe on graphs? We can actually look at your exact position on track, how much accelerator, you know, steering lock. So we can see everything about that. And that gets pumped out in real time, up to 60 Hertz. So a phenomenal amount of information, what we, when we started the relationship with McLaren, Formula One super excited or about to go racing. And then at Melbourne, there's that iconic moment where one of the McLaren team tested positive and they withdrew from the race. And what we found was, you know, COVID was starting and the Formula One season was put on hold. The FIA created this season and called i can't remember the exact name of it, but basically a replica e-sports gaming F1 series. We're using the game. Some of the real drivers like Lando, heavy gamer was playing in the game and they'd run that the same as race weekends. They brought celebrity drivers in there. And I think my most surreal zoom call I ever was on was with Lando Norris and Pierre Patrick Aubameyang, who was who's the arsenal football captain, who was the guest driver in the series to drive around Monaco and Randy, the head of race strategy as McLaren, trying to coach him on how to go drive the car, what we ended up with data telemetry coming from Splunk. And so Randy could look out here when he pressing the accelerator and the brake pedal. And what was really interesting was Lando was watching how he was entering corners on the video feed and intuitively kind of coming to the same conclusions as Randy. So kind of, you could see that race to intuition versus the real stats, and it was just incredible experience. And it really shows you, you know, racing, you've got that blurring of the physical and the virtual that it's going to be bigger and bigger and bigger. >> So to hear it here, as I understand what you were just saying now, the e-sports racing team actually has more data to adjust its performance and to modify its behaviors, then the real racing team does. Yep. >> Yeah, it completely does. So what we want to be able to do is turn that into action. So how do you do the right car setup? How do you go and do the right practice laps actually have really good practice driver selection. And I think we're just starting to scratch the surface of what really could be done. And the amazing part about this is now think of it more like a digital twin, what we learn on e-sports we can actually say we've learned something really interesting here, and then maybe a low, you know, if we get something wrong, it may be doesn't matter quite as much as maybe getting an analytics wrong on race weekend. >> Right. >> So we can actually start to look and improve through digital and then start to move that support. That's over to kind of race weekend analytics and supporting the team. >> If I could, you know, maybe pun intended here, shift gears a little bit before we run out of time. I mean, you're, you're involved on the business side, you know, you've got, you know, you're in the middle east Africa, right? You've got, you know, quite an international portfolio on your plate. Now let's talk about just some of the data trends there for our viewers here in the U S who maybe aren't as familiar with what's going on overseas, just in terms of, especially post COVID, you know, what, what concerns there are, or, or what direction you're trying to get your clients to, to be taking in terms of getting back to work in terms of, you know, looking at their workforce opportunities and strengths and all those kinds of things. >> I think we've seen a massive shift. I think we've seen that people it's not good enough just to be storing data its how do you go and utilize that data to go and drive your business forwards I think a couple of key terms we're going to see more and more over the next few years is operational resilience and business agility. And I'd make the assertion that operational resilience is the foundation for the business agility. And we can dive into that in a second, but what we're seeing take the Netherlands. For example, we run a survey last year and we found that 87% of the respondents had created new functions to do with data machine learning and AI, as all they're trying to do is go and get more timely data to front line staff to go. And next that the transformation, because what we've really seen through COVID is everything is possible to be digitized and we can experiment and get to market faster. And I think we've just seen in European markets, definitely in Asia Pacific is that the kind of brand loyalty is potentially waning, but what's the kind of loyalty is just to an experience, you know, take a ride hailing app. You know, I get to an airport, I try one ride hailing app. It tells me it's going to be 20 minutes before a taxi arrives. I'm going to go straight to the next app to go and stare. They can do it faster. I want the experience. I don't necessarily want the brand. And we're find that the digital experience by putting data, the forefront of that is really accelerating and actually really encouraging, you know, France, Germany are actually ahead of UK. Let's look, listen, their attitudes and adoption to data. And for our American audience and America, America is more likely, I think it's 72% more likely to have a chief innovation officer than the rest of the world. I think I'm about 64% in EMEA. So America, you are still slightly ahead of us in terms of kind of bringing some of that innovation that. >> I imagine that gap is going to be shrinking though I would think. >> It is massively shrinking. >> So before we, we, we, we are just a little tight on time, but I want to hear about operational resilience and, and just your, your thought that definition, you know, define that for me a little bit, you know, put a little more meat on that bone, if you would, and talk about why, you know, what that is in, in your thinking today and then why that is so important. >> So I think inputting in, in racing, you know, operational resilience is being able to send some response to what is happening around you with people processing technology, to be able to baseline what your processes are and the services you're providing, and be able to understand when something is not performing as it should be, what we're seeing. Things like European Union, in financial services, or at the digital operational resilience act is starting to mandate that businesses have to be operational in resilient service, monitoring fraud, cyber security, and customer experience. And what we see is really operational resilience is the amount of change that can be absorbed before opportunities become risk. So having a stable foundation of operational resilience allows me to become a more agile business because I know my foundation and people can then move and adjust quickly because I have the awareness of my environment and I have the ability to appropriately react to my environment because I've thought about becoming a resilient business with my digital infrastructure is a theme. I think we're going to see in supply chain coming very soon and across all other industries, as we realize digital is our business. Nowadays. >> What's an exciting world. Isn't it, James? That you're, that you're working in right now. >> Oh, I, I love it. You know, you said, you know, eight and an eight and a half years, nine years at Splunk, I'm still smiling. You know, it is like being at the forefront of this diesel wave and being able to help people make action from that. It's an incredible place to be. I, is liberating and yeah, I can't even begin to imagine what's, you know, the opportunities are over the next few years as the world continually evolves. >> Well, every day is a school day, right? >> It is my favorite phrase >> I knew that. >> And it is, James Hodge. Thanks for joining us on theCUBE. Glad to have you on finally, after being on the other side of the camera, it's great to have you on this side. So thanks for making that transition for us. >> Thank you, John. You bet James Hodge joining us here on the cube coverage of splunk.com 21, talking about McLaren racing team speed and Splunk.

>>From around the globe. It's the Cube covering data citizens 21 brought to you by culebra. Hello everyone john walls here as we continue our cube conversations here as part of Data citizens 21 the conference ongoing caliber at the heart of that really at the heart of data these days and helping companies and corporations make sense. All of those data chaos that they're dealing with, trying to provide new insights, new analyses being a lot more efficient and effective with your data. That's what culebra is all about and their founder and their Chief data Citizen if you will stand christians joins us today and stan I love that title. Chief Data Citizen. What is that all about? What does that mean? >>Hey john thanks for having me over and hopefully we'll get to the point where the chief data citizen titlists cleaves to you. Thanks by the way for giving us the opportunity to speak a little bit about what we're doing with our Chief Data Citizen. Um we started the community, the company about 13 years ago, uh 2008 and over those years as a founder, I've worn many different hats from product presales to partnerships and a bunch of other things. But ultimately the company reaches a certain point, a certain size where systems and processes become absolutely necessary if you want to scale further for us. This is the moment in time when we said, okay, we probably need a data office right now ourselves, something that we've seen with many of our customers. So he said, okay, let me figure out how to lead our own data office and figure out how we can get value out of data using our own software at Clear Bright Self. And that's where it achieved. That a citizen role comes in on friday evening. We like to call that, drinking our own champagne monday morning, you know, eating our own dog food. But essentially um this is what we help our customers do build out the offices. So we're doing this ourselves now when we're very hands on. So there's a lot of things we're learning again, just like our customers do. And for me at culebra, this means that I'm responsible as achieved data citizen for our overall data strategy, which talks a lot about data products as well as our data infrastructure, which is needed to power data problems now because we're doing this in the company and also doing this in a way that is helpful to our customers. Were also figuring out how do we translate the learning that we have ourselves and give them back to our customers, to our partners, to the broader ecosystem as a whole. And that's why uh if you summarize the strategy, I like the sometimes refer to it as Data office 2025, it's 2025. What is the data office looked like by then? And we recommend to our customers also have that forward looking view just as well. So if I summarize the the answer a little bit it's very similar to achieve their officer role but because it has the external evangelization component helping other data leaders we like to refer to it as the chief data scientist. >>Yeah that that kind of uh you talk about evangelizing obviously with that that you're talking about certain kinds of responsibilities and obligations and when I think of citizenship in general I think about privileges and rights and about national citizenship. You're talking about data citizenship. So I assume that with that you're talking about appropriate behaviors and the most uh well defined behaviors and kind of keep it between the lanes basically. Is that is that how you look at being a data citizen. And if not how would you describe that to a client about being a data citizen? >>It's a very good point as a citizen. You have the rights and responsibilities and the same is exactly true for a day to citizens. For us, starting with what it is right for us. The data citizen is somebody who uses data to do their job. And we've purposely made that definition very broad because today we believe that everyone in some way uses data, do their job. You know, data universal. It's critical to business processes and its importance is only increasing and we want all the data citizens to have appropriate access to data and and the ability to do stuff with data but also to do that in the right way. And if you think about it, this is not just something that applies to you and your job but also extends beyond the workplace because as a data citizen, you're also a human being. Of course. So the way you do data at home with your friends and family, all of this becomes important as well. Uh and we like to think about it as informed privacy. Us data citizens who think about trust in data all the time because ultimately everybody's talking today about data as an asset and data is the new gold and the new oil and the new soil. And there is a ton of value uh data but it's not just organizations themselves to see this. It's also the bad actors out there were reading a lot more about data breaches for example. So ultimately there is no value without rescue. Uh so as the data citizen you can achieve value but you also have to think about how do I avoid these risks? And as an organization, if you manage to combine both of those, that's when you can get the maximum value out of data in a trusted manner. >>Yeah, I think this is pretty interesting approach that you've taken here because obviously there are processes with regard to data, right? I mean you know that's that's pretty clear but there are there's a culture that you're talking about here that not only are we going to have an operational plan for how we do this certain activity and how we're going to uh analyze here, input here action uh perform action on that whatever. But we're gonna have a mindset or an approach mentally that we want our company to embrace. So if you would walk me through that process a little bit in terms of creating that kind of culture which is very different then kind of the X's and oh's and the technical side of things. >>Yeah, that's I think where organizations face the biggest challenge because you know, maybe they're hiring the best, most unique data scientists in the world, but it's not about what that individual can do, right? It's about what the combination of data citizens across the organization can do. And I think there it starts first by thinking as an individual about universal goal Golden rule, treat others as you would want to be treated yourself right the way you would ethically use data at your job. Think about that. There's other people and other companies who you would want to do the same thing. Um now from our experience and our own data office at cordoba as well as what we see with our customers, a lot of that personal responsibility, which is where culture starts, starts with data literacy and you know, we talked a little bit about Planet Rock and small statues in brussels Belgium where I'm from. But essentially um here we speak a couple of languages in Belgium and for organizations for individuals, Data literacy is very similar. You know, you're able to read and write, which are pretty essential for any job today. And so we want all data citizens to also be able to speak and read and write data fluently if I if I can express it this way. And one of the key ways of getting that done and establishing that culture around data uh is lies with the one who leads data in the organization, the Chief Petty Officer or however the roll is called. They play a very important role in this. Um, the comparison maybe that I always make there is think about other assets in your organization. You know, you're you're organized for the money asset for the talent assets with HR and a bunch of other assets. So let's talk about the money asset for a little bit, right? You have a finance department, you have a chief financial officer. And obviously their responsibility is around managing that money asset, but it's also around making others in the organization think about that money asset and they do that through established processes and responsibilities like budgeting and planning, but also ultimately to the individual where, you know, through expense sheets that we all off so much they make you think about money. So if the CFO makes everyone in the company thinks about think about money, that data officer or the data lead has to think has to make everyone think uh in the company about data as a as it just as well and and those rights those responsibilities um in that culture, they also change right today. They're set this and this way because of privacy and policy X. And Y. And Z. But tomorrow for example as with the european union's new regulation around the eye, there's a bunch of new responsibilities you have to think about. >>Mhm. You know you mentioned security and about value and risk which is certainly um they are part and parcel right? If I have something important, I gotta protect it because somebody else might want to um to create some damage, some harm uh and and steal my value basically. Well that's what's happening as you point out in the data world these days. So so what kind of work are you doing in that regard in terms of reinforcing the importance of security, culture, privacy culture, you know this kind of protective culture within an organization so that everybody fully understands the risks. But also the huge upsides if you do enforce this responsibility and these good behaviors that that obviously the company can gain from and then provide value to their client base. So how do you reinforce that within your clients to spread that culture if you will within their organizations? >>Um spreading a culture is not always an easy thing. Um especially a lot of organizations think about the value around data but to your point, not always about the risks that come associated with it sometimes just because they don't know about it yet. Right? There's new architecture is that come into play like the clouds and that comes with a whole bunch of new risk. That's why one of the things that we recommend always to our uh customers and to data officers and our customers organizations is that next to establishing that that data literacy, for example, and working on data products is that they also partners strongly with other leaders in their organization. On the one hand, for example, the legal uh folks, where typically you find the aspects around privacy and on the other hand, um the information security folks, because if you're building up a sort of map of your data, look at it like a castle, right that you're trying to protect. Uh if you don't have a map of your castle with the strong points and weak points and you know, where people can build, dig a hole under your wall or what have you, then it's very hard to defend. So you have to be able to get a map of your data. A data map if you will know what data is out there with being used by and and why and how and then you want to prioritize that data which is the most important, what are the most important uses and put the appropriate protections and controls in place. Um and it's fundamental that you do that together with your legal and information security partners because you may have as a data leader you may have the data module data expertise, but there's a bunch of other things that come into play when you're trying to protect, not just the data but really your company on its data as a whole. >>You know you were talking about 2025 a little bit ago and I think good for you. That's quite a crystal ball that you have you know looking uh with the headlights that far down the road. But I know you have to be you know that kind of progressive thinking is very important. What do you see in the long term for number one? You're you're kind of position as a chief data citizen if you will. And then the role of the chief data officer which you think is kind of migrating toward that citizenship if you will. So maybe put on those long term vision uh goggles of yours again and and tell me what do you see as far as these evolving roles and and these new responsibilities for people who are ceos these days? >>Um well 2025 is closer than we think right? And obviously uh my crystal ball is as Fuzzy as everyone else's but there's a few things that trends that you can easily identify and that we've seen by doing this for so long at culebra. Um and one is the push around data I think last year. Um the years 2020, 2020 words uh sort of Covid became the executive director of digitalization forced everyone to think more about digital. And I expect that to continue. Right. So that's an important aspect. The second important aspect that I expect to continue for the next couple of years, easily. 2025 is the whole movement to the cloud. So those cloud native architecture to become important as well as the, you know, preparing your data around and preparing your false, he's around it, et cetera. I also expect that privacy regulations will continue to increase as well as the need to protect your data assets. Um And I expect that a lot of achieved that officers will also be very busy building out those data products. So if you if you think that that trend then okay, data products are getting more important for t data officers, then um data quality is something that's increasingly important today to get right otherwise becomes a garbage in garbage out kind of situation where your data products are being fed bad food and ultimately their their outcomes are very tricky. So for us, for the chief data officers, Um I think there was about one of them in 2002. Um and then in 2019 ISH, let's say there were around 10,000. So there's there's plenty of upside to go for the chief data officers, there's plenty of roles like that needed across the world. Um and they've also evolved in in responsibility and I expect that their position, you know, it it is really a sea level position today in most organizations expect that that trend will also to continue to grow. But ultimately, those achieved that officers have to think about the business, right? Not just the defensive and offensive positions around data like policies and regulations, but also the support for businesses who are today shifting very fast and we'll continue to uh to digital. So those Tv officers will be seen as heroes, especially when they can build out a factory of data products that really supports the business. Um, but at the same time, they have to figure out how to um reach and always branch to their technical counterparts because you cannot build that factory of data products in my mind, at least without the proper infrastructure. And that's where your technical teams come in. And then obviously the partnerships with your video and information security folks, of course. >>Well heroes. Everybody wants to be the hero. And I know that uh you painted a pretty clear path right now as far as the Chief data officer is concerned and their importance and the value to companies down the road stan. We thank you very much for the time today and for the insight and wish you continued success at the conference. Thank you very much. >>Thank you very much. Have a nice day healthy. >>Thank you very much Dan Christians joining us talking about chief data citizenship if you will as part of data citizens 21. The conference being put on by caliber. I'm John Wall's thanks for joining us here on the Cube. >>Mhm.

>> - From around the globe, it's the cube covering data citizens, 21 brought to you by Collibra. >> Hello, everyone, John Walls here, As we continue our cube conversations here as part of data citizens, 21, the conference ongoing. Collibra at the heart of that, really at the heart of data these days and helping companies and corporations make sense. Although this data chaos that they're dealing with, trying to provide new insights, new analysis being a lot more efficient and effective with your data. That's what Collibra is all about. And their founder and their chief data citizen, if you will, Stan Christiaens joins us today. And Stan, I love that title, chief data citizen. What does that all about? What does that mean? >> Hey John, thanks for having me over. And hopefully we'll get to a point where the chief data citizen Titelist cleaves to you. Thanks by the way, for giving us the opportunity to speak a little bit about what we're doing with our chief data citizen. We started the company about 13 years ago, 2008. And over those years, as a founder I've worn many different hats from product to pre-sales to partnerships and a bunch of obvious things. But ultimately the company reaches a certain point a certain size where systems and processes become absolutely necessary if you want to scale further. And for us, this is the moment in time where we said, okay we probably need a data office right now ourselves, something that we've seen with many of our customers. So we said, okay, let me figure out how to lead our own data office and figured out how we can get value out of data using our own software at Collibra itself. And that's where the chief data citizen role comes in. On Friday evening, we like to call that drinking our own champagne moment morning, either eating our own dog food but, essentially this is what we help our customers do, build out the data offices. So we're doing this ourselves now, when we're very hands-on. So there's a lot of things that we're learning, again just like our customers do. And for me, at Collibra, this means that I'm responsible as a chief data citizen for our overall data strategy, which talks a lot about data products, as well as our data infrastructure, which is needed to power data products. Now, because we're doing this in the company and also doing this in a way that is helpful to our customers. We're also figuring out how do we translate the learnings that we have ourselves and give them back to our customers, to our partners, to the broader ecosystem as a whole. And that's why if you summarize the strategy, I like to sometimes refer to it as data office 2025, it's 2025. What is the data office look like by then? And we recommend to our customers to also have that forward looking view just as well. So if I summarize the, the answer a little bit and it's fairly similar to achieve that officer role but, because it has the external evangelization component, helping other data leaders, we like to refer to it as the chief data citizens. >> Yeah, and that, that kind of, you talked about evangelizing, obviously with that, that you're talking about certain kinds of responsibilities and obligations. And I, when I think of citizenship in general I think about privileges and rights and you know, about national citizenship. You're talking about data citizenship, So I assume that with that you're talking about appropriate behaviors and the most well-defined behaviors, and kind of keeping it between the lanes basically. Is that, is that how you look at being a data citizen or, and if not, how would you describe that to a client about being a data citizen? >> It's a very good point, as a citizen you have rights and responsibilities, and the same is exactly true for a data citizen. For us, starting with what it is, right for us, A data citizen is somebody who uses data to do their job. And we've purposely made that definition very broad because today we believe that everyone in some way uses data to do their job. You know, data is universal. It's critical to business processes and it's importance is only increasing. And we want all the data citizens to have appropriate access to data and the ability to do stuff with data but, also to do that in the right way. And if you think about it this is not just something that applies to you in your job but, also extends beyond the workplace because as a data citizen, you're also a human being, of course. So, the way you do data at home with your friends and family, all of this becomes important as well. And we like to think about it as informed privacy aware, data citizens should think about trust in data all the time, because ultimately everybody's talking today about data as an asset, and data is the new gold, and the new oil, and the new soil, and there is a ton of value in data but, as much as organizations themselves to see this, it's also the bad actors out there. We're reading a lot more about data breaches, for example. So, ultimately there's no value without risk. So, as a data citizen, you can achieve a value but, you also have to think about, how do I avoid these risks, and as an organization, if you manage to combine both of those, that's when you can get the maximum value out of data in a trusted manner. >> Yeah, I think this is pretty, an interesting approach that you've taken here because obviously there there are processes with regard to data, right? I mean, the, you know, that that's pretty clear but, there are also, there's a culture that you're talking about here that, that not only are we going to have an operational plan for how we do this certain activity and how we're going to analyze here, input here, action, or perform action on that, whatever but we're going to have a mindset or an approach mentally that we want our company to embrace. So, if you would walk me through that process a little bit in terms of creating that kind of culture, which is very different than kind of the X's and O's and the technical side of things. >> Yeah. That's I think when organizations face the biggest challenge, because, you know maybe they're hiding the best most unique data scientists in the world but, it's not about what that individual can do, right? It's about what the combination of data citizens across the organization can do. And I think it starts first by thinking as an individual about universal goal, golden rule, treat others as you would want to be treated yourself, right? The way you would ethically use data at your job. Think about that, There's other people at other companies, who you would want to do the same thing. Now, from our experience, in our own data office at Collibra, as well as what we see with our customers. A lot of that personal responsibility which is where culture starts, starts with data literacy. And, you know, we talked a little bit about Plymouth rock and the small statues in Brussels Belgium, where I'm from but, essentially here we speak a couple of languages in Belgium. And for organizations, for individuals data literacy is very similar. You know, you're able to read and write which are pretty essential for any job today. And so we want all data citizens to also be able to speak and read and write data fluently. If I, if I can express it this way. And one of the key ways of getting that done and establishing that culture around data, lies with the one who leads data in the organization, the chief data officer, or however the role is called. They play a very important role in this. In comparison, maybe that I always make there is think about other assets in your organization. You know, you're organized for the money assets, for the talent assets, with HR and a bunch of other assets. So let's talk about the, the money assets for a little bit, right? You have a finance department, you have a chief financial officer, and obviously their responsibility is around managing that money asset. But it's also around making others in the organization think about that money. And they do that through established processes and responsibilities like budgeting and planning but, also ultimately to the individual where, you know, through expense sheets that we all love so much, they make you think about money. So, if the CFO makes everyone in the company thinks about think about money, that data officer, or the data lead, has to think, has to make everyone think in the company about data assets, asset, just as well. And those rights, those responsibilities in that culture, they also change, right? Today, they're set this and this way because of privacy and policy X and Y and Z. But tomorrow, for example, as, as with the European union's new regulation around BI, there's a bunch of new responsibilities you'll have to think about. >> You mentioned security and about value and risk, which is certainly, they are part and parcel, right? If I have something important I've got to protect it because somebody else might want to, to create some damage, some harm and and steal my value, basically when that's, what's happening as you point out in the data world these days. So, so what kind of work are you doing in that regard in terms of reinforcing the importance of security culture, privacy culture, you know, this kind of protective culture within an organization so that everybody fully understands, you know, the risks but, also the huge upsides. If you do enforce this responsibility and these good behaviors that that obviously the company can gain from, and then provide value to their client base. So how do you reinforce that within your clients to spread that culture, if you will, within their organizations? >> Spreading a culture is not always an easy thing, And especially a lot of organizations think about the value around data, but to your point, not always about the risks that come associated with it. Sometimes just because they don't know about it yet, right, there's new architectures that come into play, like the clouds and that comes with a whole bunch of new risks. That, that's why one of the things that we recommend always to our customers and to data officers in our customer's organizations, is that next to establishing that, that data literacy, for example, and working on data products is that they also partner strongly with other leaders in their organization. On the one hand, for example, the legal folks, where typically you find the the aspects around privacy and on the other hand, the information security folks, because if you're building up sort of map of your data, look at it like a castle, right, that you're trying to protect. If you don't have a map of your castle, with the strong points and the weak points, and you know where people can build, dig a hole under your wall or what have you, then it's very hard to defend. So, you have to be able to get a map of your data, a data map if you will, know what data is out there. Who its being used by, and why and how, and then you want to prioritize that data, which is the most important what are the most important uses and put the appropriate protections and controls in place. And it's fundamental that you do that together with your legal and information security partners because you may have as a data lead that you may have the data knowledge, the data expertise but, there's a bunch of other things that come into play when you're trying to protect, not just the data but, really your company on its data as a whole. >> No, you Were talking about 2025 a little bit ago, and I thought good for you, that's quite a crystal ball that you have it, you know looking to, you know, with the headlights that far down the road, but I know you have to be, you know that kind of progressive thinking is very important. What do you see in, in the long-term for number one, your kind of position as a chief data citizen, if you will, and then the role of the chief data officer, which you think is kind of migrating toward that citizenship, if you will. So, maybe put on those long-term vision goggles of yours again, and tell me, what do you see as far as these evolving roles and, and these new responsibilities for people who are CEOs these days? >> Well, 2025 is closer than we think right? Then obviously, my crystal ball is as fuzzy as everyone else's but, there's a few things, that trends that you can easily identify and that we've seen by doing this for so long at Collibra. And one is the, the push around data. I think last year, the years, 2020,` where sort of COVID became the executive director of digitalization. Forced everyone to think more about digital, and I expect that to continue. So, that's an important aspect. The second important aspect that I expect to continue for the next couple of years, easily in 2025 is the whole movement to the cloud. So these cloud native architectures become important, as well as the, you know, preparing your data around it, preparing your policies around it, etc.. I also expect that privacy regulations will continue to increase as well as the needs to protect your data assets. And I expected a lot of key data officers will also be very busy building out those data products. So if you, if you take that that trend then, okay data products are getting more important for key data officer's, then data quality is something that's increasingly important today to get right, otherwise, becomes a garbage in garbage out kind of situation, where your data products are being fed bad foods and ultimately their outcomes aren't very clear. So for us, for the chief data officers, I think it was about one of them in 2002, and then 2019 ish, let's say there were 10,000. So there's plenty of upsides for the chief data officer there's plenty of roles like that needed across the world. And they've also evolved in, in responsibility. And I expect that their position, you know, as it it is really a C-level position today in most organizations. Expect that, that trend will also continue to grow. But ultimately those chief data officers have to think about the business, right? Not just the defensive and offensive positions around data, like almost policies and regulations but, also the support for businesses who are today, shifting very fast and will continue to, to digital. So, those key data officers will be seen as key notes. Especially when they can build out the factory of data products that really supports the business. But at the same time, they have to figure out how to reaching all of the branch to their technical counterparts, because you cannot build a factory of data products in my mind at least, without the proper infrastructure. And that's where your technical teams come in. And then obviously the partnerships with your video and information security folks, of course. >> Well heroes, everybody wants to be the hero. And I know that's a, you painted a pretty clear path right now, as far as the chief data officer's concerned and their importance and the value to companies down the road. Stan, we thank you very much for the time today and for the insight, and wish you continued success at the conference. Thank you very much. >> Thank you very much. Have a nice day. Stay healthy. >> Thank you very much Stan Christiaen's joining us, talking about chief data citizenship, if you will, as part of data citizens, 21 the conference being put on by Collibra. I'm John Walls. Thanks for joining us here on the cube. (upbeat music)

>>Hello. I'm Professor Toru Suzuki Cherif cardiovascular medicine on associate dean of the College of Life Sciences at the University of Leicester in the United Kingdom, where I'm also director of the Lester Life Sciences accelerator. I'm also honorary consultant cardiologist within our university hospitals. It's part of the national health system NHS Trust. Today, I'd like to talk to you about our Lester Clinical Data Science Initiative. Now brief background on Lester. It's university in hospitals. Lester is in the center of England. The national health system is divided depending on the countries. The United Kingdom, which is comprised of, uh, England, Scotland to the north, whales to the west and Northern Ireland is another part in a different island. But national health system of England is what will be predominantly be discussed. Today has a history of about 70 years now, owing to the fact that we're basically in the center of England. Although this is only about one hour north of London, we have a catchment of about 100 miles, which takes us from the eastern coast of England, bordering with Birmingham to the west north just south of Liverpool, Manchester and just south to the tip of London. We have one of the busiest national health system trust in the United Kingdom, with a catchment about 100 miles and one million patients a year. Our main hospital, the General Hospital, which is actually called the Royal Infirmary, which can has an accident and emergency, which means Emergency Department is that has one of the busiest emergency departments in the nation. I work at Glen Field Hospital, which is one of the main cardiovascular hospitals of the United Kingdom and Europe. Academically, the Medical School of the University of Leicester is ranked 20th in the world on Lee, behind Cambridge, Oxford Imperial College and University College London. For the UK, this is very research. Waited, uh, ranking is Therefore we are very research focused universities as well for the cardiovascular research groups, with it mainly within Glenn Field Hospital, we are ranked as the 29th Independent research institution in the world which places us. A Suffield waited within our group. As you can see those their top ranked this is regardless of cardiology, include institutes like the Broad Institute and Whitehead Institute. Mitt Welcome Trust Sanger, Howard Hughes Medical Institute, Kemble, Cold Spring Harbor and as a hospital we rank within ah in this field in a relatively competitive manner as well. Therefore, we're very research focused. Hospital is well now to give you the unique selling points of Leicester. We're we're the largest and busiest national health system trust in the United Kingdom, but we also have a very large and stable as well as ethnically diverse population. The population ranges often into three generations, which allows us to do a lot of cohort based studies which allows us for the primary and secondary care cohorts, lot of which are well characterized and focused on genomics. In the past. We also have a biomedical research center focusing on chronic diseases, which is funded by the National Institutes of Health Research, which funds clinical research the hospitals of United Kingdom on we also have a very rich regional life science cluster, including med techs and small and medium sized enterprises. Now for this, the bottom line is that I am the director of the letter site left Sciences accelerator, >>which is tasked with industrial engagement in the local national sectors but not excluding the international sectors as well. Broadly, we have academics and clinicians with interest in health care, which includes science and engineering as well as non clinical researchers. And prior to the cove it outbreak, the government announced the £450 million investment into our university hospitals, which I hope will be going forward now to give you a brief background on where the scientific strategy the United Kingdom lies. Three industrial strategy was brought out a za part of the process which involved exiting the European Union, and part of that was the life science sector deal. And among this, as you will see, there were four grand challenges that were put in place a I and data economy, future of mobility, clean growth and aging society and as a medical research institute. A lot of the focus that we have been transitioning with within my group are projects are focused on using data and analytics using artificial intelligence, but also understanding how chronic diseases evolved as part of the aging society, and therefore we will be able to address these grand challenges for the country. Additionally, the national health system also has its long term plans, which we align to. One of those is digitally enabled care and that this hope you're going mainstream over the next 10 years. And to do this, what is envision will be The clinicians will be able to access and interact with patient records and care plants wherever they are with ready access to decision support and artificial intelligence, and that this will enable predictive techniques, which include linking with clinical genomic as well as other data supports, such as image ing a new medical breakthroughs. There has been what's called the Topol Review that discusses the future of health care in the United Kingdom and preparing the health care workforce for the delivery of the digital future, which clearly discusses in the end that we would be using automated image interpretation. Is using artificial intelligence predictive analytics using artificial intelligence as mentioned in the long term plans. That is part of that. We will also be engaging natural language processing speech recognition. I'm reading the genome amusing. Genomic announced this as well. We are in what is called the Midland's. As I mentioned previously, the Midland's comprised the East Midlands, where we are as Lester, other places such as Nottingham. We're here. The West Midland involves Birmingham, and here is ah collective. We are the Midlands. Here we comprise what is called the Midlands engine on the Midland's engine focuses on transport, accelerating innovation, trading with the world as well as the ultra connected region. And therefore our work will also involve connectivity moving forward. And it's part of that. It's part of our health care plans. We hope to also enable total digital connectivity moving forward and that will allow us to embrace digital data as well as collectivity. These three key words will ah Linkous our health care systems for the future. Now, to give you a vision for the future of medicine vision that there will be a very complex data set that we will need to work on, which will involve genomics Phanom ICS image ing which will called, uh oh mix analysis. But this is just meaning that is, uh complex data sets that we need to work on. This will integrate with our clinical data Platforms are bioinformatics, and we'll also get real time information of physiology through interfaces and wearables. Important for this is that we have computing, uh, processes that will now allow this kind of complex data analysis in real time using artificial intelligence and machine learning based applications to allow visualization Analytics, which could be out, put it through various user interfaces to the clinician and others. One of the characteristics of the United Kingdom is that the NHS is that we embrace data and captured data from when most citizens have been born from the cradle toe when they die to the grave. And it's important that we were able to link this data up to understand the journey of that patient. Over time. When they come to hospital, which is secondary care data, we will get disease data when they go to their primary care general practitioner, we will be able to get early check up data is Paula's follow monitoring monitoring, but also social care data. If this could be linked, allow us to understand how aging and deterioration as well as frailty, uh, encompasses thes patients. And to do this, we have many, many numerous data sets available, including clinical letters, blood tests, more advanced tests, which is genetics and imaging, which we can possibly, um, integrate into a patient journey which will allow us to understand the digital journey of that patient. I have called this the digital twin patient cohort to do a digital simulation of patient health journeys using data integration and analytics. This is a technique that has often been used in industrial manufacturing to understand the maintenance and service points for hardware and instruments. But we would be using this to stratify predict diseases. This'll would also be monitored and refined, using wearables and other types of complex data analysis to allow for, in the end, preemptive intervention to allow paradigm shifting. How we undertake medicine at this time, which is more reactive rather than proactive as infrastructure we are presently working on putting together what's it called the Data Safe haven or trusted research environment? One which with in the clinical environment, the university hospitals and curated and data manner, which allows us to enable data mining off the databases or, I should say, the trusted research environment within the clinical environment. Hopefully, we will then be able to anonymous that to allow ah used by academics and possibly also, uh, partnering industry to do further data mining and tool development, which we could then further field test again using our real world data base of patients that will be continually, uh, updating in our system. In the cardiovascular group, we have what's called the bricks cohort, which means biomedical research. Informatics Center for Cardiovascular Science, which was done, started long time even before I joined, uh, in 2010 which has today almost captured about 10,000 patients arm or who come through to Glenn Field Hospital for various treatments or and even those who have not on. We asked for their consent to their blood for genetics, but also for blood tests, uh, genomics testing, but also image ing as well as other consent. Hable medical information s so far there about 10,000 patients and we've been trying to extract and curate their data accordingly. Again, a za reminder of what the strengths of Leicester are. We have one of the largest and busiest trust with the very large, uh, patient cohort Ah, focused dr at the university, which allows for chronic diseases such as heart disease. I just mentioned our efforts on heart disease, uh which are about 10,000 patients ongoing right now. But we would wish thio include further chronic diseases such as diabetes, respiratory diseases, renal disease and further to understand the multi modality between these diseases so that we can understand how they >>interact as well. Finally, I like to talk about the lesser life science accelerator as well. This is a new project that was funded by >>the U started this January for three years. I'm the director for this and all the groups within the College of Life Sciences that are involved with healthcare but also clinical work are involved. And through this we hope to support innovative industrial partnerships and collaborations in the region, a swells nationally and further on into internationally as well. I realized that today is a talked to um, or business and commercial oriented audience. And we would welcome interest from your companies and partners to come to Leicester toe work with us on, uh, clinical health care data and to drive our agenda forward for this so that we can enable innovative research but also product development in partnership with you moving forward. Thank you for your time.

(upbeat music) >> Announcer: From the CUBE studios in Palo Alto, in Boston, connecting with thought leaders all around the world. This is theCUBE Conversation. >> Hey, welcome back everybody Jeffrey Frick with theCUBE. We are getting through the COVID crisis. It continues and impacting the summer. I can't believe the summer's almost over, but there's a whole lot of things going on in terms of privacy and contact tracing and this kind of this feeling that there's this conflict between kind of personal identification and your personal privacy versus the public good around things like contact tracing. And I was in a session last week with two really fantastic experts. I wanted to bring them on the show and we're really excited to have back for I don't even know how many times Michelle has been on Michelle Dennedy, She is the former chief privacy officer at Cisco and now she's running the CEO of Identity, Michelle great to see you. >> Good to see you always Jeff >> Yeah and for the first time Dr. Ann Cavoukian and she is the executive director Global Privacy & Security By Design Center. Joining us from Toronto, worked with the government and is not short on opinions about privacy. (laughing) Ann good to see you. >> Hi Jeff thank you >> Yes, so let's jump into it cause I think one of the fundamental issues that we keep hearing is this zero-sum game. And I know and it's a big topic for you that there seems to be this trade off this either or and specifically let's just go to contact tracing. Cause that's a hot topic right now with COVID. I hear that it's like you're telling everybody where I'm going and you're sharing that with all these other people. How is this even a conversation and where do I get to choose whether I want to participate or not? >> You can't have people traced and tracked and surveil. You simply can't have it and it can't be an either or win lose model. You have to get rid of that data. Zero-sum game where only one person can win and the other one loses and it sums to a total of zero. Get rid of that, that's so yesterday. You have to have both groups winning positive sum. Meaning yes, you need public health and public safety and you need privacy. It's not one versus the other. We can do both and that's what we insist upon. So the contact term tracing app that was developed in Canada was based on the Apple Google framework, which is actually called exposure notification. It's totally privacy protective individuals choose to voluntarily download this app. And no personal information is collected whatsoever. No names, no geolocation data, nothing. It's simply notifies you. If you've been exposed to someone who is COVID-19 positive, and then you can decide on what action you wish to take. Do you want to go get tested? Do you want to go to your family doctor, whatever the decision lies with you, you have total control and that's what privacy is all about. >> Jeffrey: But what about the person who was sick? Who's feeding the top into that process and is the sick person that you're no notifying they obviously their personal information is part of that transaction. >> what the COVID alerts that we developed based on the Apple Google framework. It builds on manual contact tracing, which also take place the two to compliment each other. So the manual contact tracing is when individuals go get to get tested and they're tested as positive. So healthcare nurses will speak to that individual and say, please tell us who you've been in contact with recently, family, friends, et cetera. So the two work together and by working together, we will combat this in a much more effective manner. >> Jeffrey: So shifting over to you Michelle, you know, there's PIN and a lot of conversations all the time about personal identifiable information but right. But then medical has this whole nother class of kind of privacy restrictions and level of care. And I find it really interesting that on one hand, you know, we were trying to do the contract tracing on another hand if you know, my wife works in a public school. If they find out that one of the kids in this class has been exposed to COVID somehow they can't necessarily tell the teacher because of HIPAA restriction. So I wonder if you could share your thoughts on this kind of crossover between privacy and health information when it gets into this kind of public crisis and this inherent conflict for the public right to know and should the teacher be able to be told and it's not a really clean line with a simple answer, I don't think. >> No and Jeff, and you're also layering, you know, when you're talking about student data, you layering another layer of legal restriction. And I think what you're putting your thumb on is something that's really critical. When you talk about privacy engineering, privacy by design and ethics engineering. You can't simply start with the legal premise. So is it lawful to share HIPAA covered data. A child telling mommy I don't feel well not HIPAA covered. A child seeing a doctor for medical services and finding some sort of infection or illness covered, right? So figuring out the origin of the exact same zero one. Am I ill or not, all depends on context. So you have to first figure out, first of all let's tackle the moral issues. Have we decided that it is a moral imperative to expose certain types of data. And I separate that from ethics intentionally and with apologies to true ethicists. The moral imperative is sort of the things we find are so wrong. We don't want a list of kids who are sick or conversely once the tipping point goes the list of kids who are well. So then they are called out that's the moral choice. The ethical choice is just because you can should you, and that's a much longer conversation. Then you get to the legal imperative. Are you allowed to based on the past mistakes that we made. That's what every piece of litigation or legislation is particularly in a common law construct in the US. It's very important to understand that civil law countries like the European theater. They try to prospectively legislate for things that might go wrong. The construct is thinner in a common law economy where you do, you use test cases in the courts of law. That's why we are such a litigious society has its own baggage. But you have to now look at is that legal structure attempting to cover past harms that are so bad that we've decided as a society to punish them, is this a preventative law? And then you finally get to what I say is stage four for every evaluation is isn't viable, are the protections that you have to put on top of these restrictions. So dire that they either cannot be maintained because of culture process or cash or it just doesn't make sense anymore. So does it, is it better to just feel someone's forehead for illness rather than giving a blood assay, having it sent away for three weeks and then maybe blah, blah, blah, blah, blah, blah. >> Right. >> You have to look at this as a system problem solving issue. >> So I want to look at it in the context of, again kind of this increased level of politicization and or, you know, kind of exposure outside of what's pretty closed. And I want to bring up AIDS and the porn industry very frankly right? Where people behaving in the behavior of the business risk a life threatening disease of which I still don't think it as a virus. So you know why, cause suddenly, you know, we can track for that and that's okay to track for that. And there's a legitimate reason to versus all of the other potential medical conditions that I may or may not have that are not necessarily brought to bear within coming to work. And we might be seeing this very soon. As you said, if people are wanting our temperatures, as we come in the door to check for symptoms. How does that play with privacy and healthcare? It's still fascinates me that certain things is kind of pop out into their own little bucket of regulation. I'm wondering if you could share your thoughts on that Ann. >> You know, whenever you make it privacy versus fill in the blank, especially in the context of healthcare. You end up turning it to a lose lose as opposed to even a win lose. Because you will have fewer people wanting to allow themselves to be tested, to be brought forward for fear of where that information may land. If it lands in the hands of your employer for example or your whoever owns your house if you're in renting, et cetera. It creates enormous problems. So regardless of what you may think of the benefits of that model. History has shown that it doesn't work well that people end up shying away from being tested or seeking treatment or any of those things. Even now with the contact tracing apps that have been developed. If you look globally the contact tracing apps for COVID-19. They have failed the ones that identify individuals in the UK, in Australia, in Western Canada that's how it started out. And they've completely dropped them because they don't work. People shy away from them. They don't use them. So they've gotten rid of that. They've replaced it with the, an app based on the Apple Google framework, which is the one that protects privacy and will encourage people to come forward and seek to be tested. If there's a problem in Germany. Germany is one of the largest privacy data protection countries in the world. Their privacy people are highly trusted in Germany. Germany based their app on the Apple Google framework. About a month ago they released it. And within 24 hours they had 6.5 million people download the app. >> Right. >> Because there is such trust there unlike the rest of the world where there's very little trust and we have to be very careful of the trust deficit. Because we want to encourage people to seek out these apps so they can attempt to be tested if there's a problem, but they're not going to use them. They're just going to shy away from them. If there is such a problem. And in fact I'll never forget. I did an interview about a month ago, three weeks ago in the US on a major major radio station that has like 54 million people followers. And I was telling them about the COVID alert the Canadian contact tracing app, actually it's called exposure notification app, which was built on the Apple Google framework. And people in hoard said they wouldn't trust anyone with it in the US. They just wouldn't trust it. So you see there's such a trust deficit. That's what we have to be careful to avoid. >> So I want to hold on the trust for just a second, but I want to go back to you Michelle and talk about the lessons that we can learn post 9/11. So the other thing right and keep going back to this over and over. It's not a zero-sum game. It's not a zero-sum game and yet that's the way it's often positioned as a way to break down existing barriers. So if you go back to 9/11 probably the highest profile thing being the Patriot Act, you know, where laws are put in place to protect us from terrorism that are going to do things that were not normally allowed to be done. I bet without checking real exhaustively that most of those things are still in place. You know, cause a lot of times laws are written. They don't go away for a long time. What can we learn from what happened after 9/11 and the Patriot Act and what should be really scared of, or careful of or wary of using that as a framework for what's happening now around COVID and privacy. >> It's a perfect, it's not even an analogy because we're feeling the shadows of the Patriot Act. Even now today, we had an agreement from the United States with the European community until recently called the Privacy Shield. And it was basically if companies and organizations that were, that fell under the Federal Trade Commissions jurisdiction, there's a bit of layering legal process here. But if they did and they agreed to supply enough protection to data about people who were present in the European Union to the same or better level than the Europeans would. Then that information could pass through this Privacy Shield unencumbered to and from the United States. That was challenged and taken down. I don't know if it's a month ago or if it's still March it's COVID time, but very recently on basis that the US government can overly and some would say indifferent nations, improperly look at European data based on some of these Patriot Act, FISA courts and other intrusive mechanisms that absolutely do apply if we were under the jurisdiction of the United States. So now companies and private actors are in the position of having to somehow prove that they will mechanize their systems and their processes to be immune from their own government intrusion before they can do digital trade with other parts of the world. We haven't yet seen the commercial disruption that will take place. So the unintended consequence of saying rather than owning the answers or the observations and the intelligence that we got out of the actual 9/11 report, which said we had the information we needed. We did not share enough between the agencies and we didn't have the decision making activity and will to take action in that particular instance. Rather than sticking to that knowledge. Instead we stuck to the Patriot Act, which was all but I believe to Congress people. When I mean, you see the hot mess. That is the US right now. When everyone but two people in the room vote for something on the quick. There's probably some sort of a psychological gun to your head. That's probably well thought out thing. We fight each other. That's part of being an American dammit. So I think having these laws that say, you've got to have this one solution because the boogeyman is coming or COVID is coming or terrorists or child pornographers are coming. There's not one solution. So you really have to break this down into an engineering problem and I don't mean technology when I say engineering. I mean looking at the culture, how much trust do you have? Who is the trusted entity? Do we trust Microsoft more than we trust the US government right now? Maybe that might be your contact. How you're going to build people, process and technology not to avoid a bad thing, but to achieve a positive objective because if you're not achieving that positive objective of understanding that safe to move about without masks on, for example, stop, just stop. >> Right, right. My favorite analogy Jeff, and I think I've said this to you in the past is we don't sit around and debate the merits of viscosity of water to protect concrete holes. We have to make sure that when you lead them to the concrete hole, there's enough water in the hole. No, you're building a swimming pool. What kind of a swimming pool do you want? Is it commercial, Is it toddlers? Is it (indistinct), then you build in correlation, protection and da da da da. But if you start looking at every problem as how to avoid hitting a concrete hole. You're really going to miss the opportunity to build and solve the problem that you want and avoid the risk that you do not want. >> Right right, and I want to go back to you on the trust thing. You got an interesting competent in that other show, talking about working for the government and not working directly for the people are voted in power, but for the kind of the larger bureaucracy and agency. I mean, the Edelman Trust Barometer is really interesting. They come out every year. I think it's their 20th year. And they break down kind of like media, government and business. And who do you trust and who do you not trust? What what's so fascinating about the time we're in today is even within the government, the direction that's coming out is completely diametrically opposed oftentimes between the Fed, the state and the local. So what does kind of this breakdown of trust when you're getting two different opinions from the same basic kind of authority due to people's ability or desire to want to participate and actually share the stuff that maybe or maybe not might get reshared. >> It leaves you with no confidence. Basically, you can't take confidence in any of this. And when I was privacy commissioner. I served for three terms, each term that was a different government, different political power in place. And before they had become the government, they were all for privacy and data protection believed in and all that. And then once they became the government all that changed and all of a sudden they wanted to control everyone's information and they wanted to be in power. No, I don't trust government. You know, people often point to the private sector as being the group you should distrust in terms of privacy. I say no, not at all. To me far worse is actually the government because everyone thinks they're there to do good job and trust them. You can't trust. You have to always look under the hood. I always say trust but verify. So unfortunately we have to be vigilant in terms of the protections we seek for privacy both with private sector and with the government, especially with the government and different levels of government. We need to ensure that people's privacy remains intact. It's preserved now and well into the future. You can't give up on it because there's some emergency a pandemic, a terrorist incident whatever of course we have to address those issues. But you have to insist upon people's privacy being preserved. Privacy forms the foundation of our freedom. You cannot have free and open societies without a solid foundation of privacy. So I'm just encouraging everyone. Don't take anything at face value, just because the government tells you something. It doesn't mean it's so always look under the hood and let us ensure the privacy is strongly protected. See emergencies come and go. The pandemic will end. What cannot end is our privacy and our freedom. >> So this is a little dark in here, but we're going to lighten it up a little bit because there's, as Michelle said, you know, if you think about building a pool versus putting up filling a hole, you know, you can take proactive steps. And there's a lot of conversation about proactive steps and I pulled Ann your thing Privacy by Design, The 7 Foundational Principles. I have the guys pull up a slide. But I think what's really interesting here is, is you're very, very specific prescriptive, proactive, right? Proactive, not reactive. Privacy is the default setting. You know, don't have to read the ULAs and I'm not going to read the, all the words we'll share it. People can find it. But what I wanted to focus on is there is an opportunity to get ahead of the curve, but you just have to be a little bit more thoughtful. >> That's right, and Privacy By Design it's a model of prevention, much like a medical model of prevention where you try to prevent the harms from arising, not just deal with them after the facts through regulatory compliance. Of course we have privacy laws and that's very important, but they usually kick in after there's been a data breach or privacy infraction. So when I was privacy commissioner obviously those laws were intact and we had to follow them, but I wanted something better. I wanted to prevent the privacy harms from arising, just like a medical model of prevention. So that's a Privacy By Design is intended to do is instantiate, embed much needed privacy protective measures into your policies, into your procedures bake it into the code so that it has a constant presence and can prevent the harms from arising. >> Jeffrey: Right right. One of the things I know you love to talk about Michelle is compliance, right? And is compliance enough. I know you like to talk about the law. And I think one of the topics that came up on your guys' prior conversation is, you know, will there be a national law, right? GDPR went through on the European side last year, the California Protection Act. A lot of people think that might become the model for more of a national type of rule. But I tell you, when you watch some of the hearings in DC, you know, I'm sure 90% of these people still print their emails and have their staff hand them to them. I mean, it's really scary that said, you know, regulation always does kind of lag probably when it needs to be put in place because people maybe abuse or go places they shouldn't go. So I wonder if you could share your thoughts on where you think legislation is going to going and how should people kind of see that kind of playing out over the next several years, I guess. >> Yeah, it's such a good question Jeff. And it's like, you know, I think even the guys in Vegas are having trouble with setting the high laws on this. Cameron said in I think it was December of 2019, which was like 15 years ago now that in the first quarter of 2020, we would see a federal law. And I participated in a hearing at the Senate banking committee, again, November, October and in the before times. I'm talking about the same thing and here we are. Will we have a comprehensive, reasonable, privacy law in the United States before the end of this president's term. No, we will not. I can say that with just such faith and fidelity. (laughing) But what does that mean? And I think Katie Porter who I'm starting to just love, she's the Congresswoman who's famous for pulling on her white board and just saying, stop fudging the numbers. Let's talk about the numbers. There's about a, what she calls the 20% legislative flip phone a caucus. So there are 20% or more on both sides of the aisle of people in the US who are in the position of writing our laws. who are still on flip phones and aren't using smart phones and other kinds of technologies. There's a generation gap. And as much as I can kind of chuckle at that a little bit and wink, wink, nudge, nudge, isn't that cute. Because you know, my dad, as you know, is very very technical and he's a senior citizen. This is hard. I hope he doesn't see that but... (laughing) But then it's not old versus young. It's not let's get a whole new group and crop and start over again. What it is instead and this is, you know, as my constant tome sort of anti compliance. I'm not anti compliance. You got to put your underwear on before your pants or it's just really hard. (laughing) And I would love to see anyone who is capable of putting their underwater on afterwards. After you've made the decision of following the process. That is so basic. It comes down to, do you want the data that describes or is donated or observed about human beings. Whether it's performance of your employees. People you would love to entice onto your show to be a guest. People you'd like to listen and consume your content. People you want to meet. People you want to marry. Private data as Ann says, does the form the foundation of our freedom, but it also forms the foundation of our commerce. So that compliance, if you have stacked the deck proactively with an ethics that people can understand and agree with and have a choice about and feel like they have some integrity. Then you will start to see the acceleration factor of privacy being something that belongs on your balance sheet. What kind of data is high quality, high nutrition in the right context. And once you've got that, you're in good shape. >> I'm laughing at privacy on the balance sheet. We just had a big conversation about data on the balance sheets. It's a whole, that's a whole another topic. So we can go for days. I have Pages and pages of notes here. But unfortunately I know we've got some time restrictions. And so, and I want to give you the last word as you look forward. You've been in this for a while. You've been in it from the private side, as well as the government side. And you mentioned lots of other scary things, kind of on the horizon. Like the kick of surveillance creep, which there's all kinds of interesting stuff. You know, what advice do you give to citizens. What advice do you give to leaders in the public sector about framing the privacy conversation >> I always want to start by telling them don't frame privacy as a negative. It's not a negative. It's something that can build so much. If you're a business, you can gain a competitive advantage by strongly protecting your customer's privacy because then it will build such loyalty and you'll gain a competitive advantage. You make it work for you. As a government you want your citizens to have faith in the government. You want to encourage them to understand that as a government you respect their privacy. Privacy is highly contextual. It's only the individual who can make determinations relating to the disclosure of his or her personal information. So make sure you build that trust both as a government and as a business, private sector entity and gain from that. It's not a negative at all, make it work for you, make it work for your citizens, for your customers, make it a plus a win win that will give you the best returns. >> Isn't it nice when doing the right thing actually provides better business outcomes too. It's like diversity of opinion and women on boards. And kind of things- >> I love that. we cover these days. >> Well ladies, thank you very very much for your time. I know you've got a hard stop, so I'm going to cut you loose or else we would go for probably another hour and a half, but thank you so much for your time. Thank you for continuing to beat the drum out there and look forward to our next conversation. Hopefully in the not too distant future. >> My pleasure Jeff. Thank you so much. >> Thank you. >> Thank you too. >> All right She's Michelle. >> She's Ann. I'm Jeff. You're watching theCUBE. Thanks for watching. We'll see you next time. (upbeat music)

(upbeat electronic music) >> Narrator: From theCUBE studios in Palo Alto and Boston, connecting with thought leaders all around the world, this is a CUBE conversation. >> Okay, hello everyone. I'm John Furrier with theCUBE. We're here with Meet the Analysts segment Sunday morning. We've got everyone around the world here to discuss a bit of the news around the EU killing the privacy deal, striking it down, among other topics around, you know, data privacy and global commerce. We got great guests here, Ray Wang, CEO of Constellation Research. Bill Mew, founder and CEO of Cyber Crisis Management from the Firm Crisis Team. And JD, CEO of Spearhead Management. JD, I can let you say your name because I really can't pronounce it. How do I (laughs) pronounce it, doctor? >> I wouldn't even try it unless you are Dutch, otherwise it will seriously hurt your throat. (Ray laughing) So, JD works perfect for me. >> Doctor Drooghaag. >> And Sarbjeet Johal, who's obviously an influencer, a cloud awesome native expert. Great, guys. Great to have you on, appreciate it, thanks for comin' on. And Bill, thank you for initiating this, I appreciate all your tweets. >> Happy Sunday. (Bill laughing) >> You guys have been really tweeting up a storm, I want to get everyone together, kind of as an analyst, Meet the Analyst segment. Let's go through with it. The news is the EU and U.S. Privacy Shield for data struck down by the court, that's the BBC headline. Variety of news, different perspectives, you've got an American perspective and you've got an international perspective. Bill, we'll start with you. What does this news mean? I mean, basically half the people in the world probably don't know what the Privacy Shield means, so why is this ruling so important, and why should it be discussed? >> Well, thanks to sharing between Europe and America, it's based on a two-way promise that when data goes from Europe to America, the Americans promise to respect our privacy, and when data goes form America to Europe, the Europeans promise to respect the American privacy. Unfortunately, there are big cultural differences between the two blocks. The Europeans have a massive orientation around privacy as a human right. And in the U.S., there's somewhat more of a prioritization on national security, and therefore for some time there's been a mismatch here, and it could be argued that the Americans haven't been living up to their promise because they've had various different laws, and look how much talk about FISA and the Cloud Act that actually contravene European privacy and are incompatible with the promise Americans have given. That promise, first of all, was in the form of a treaty called Safe Harbor. This went to court and was struck down. It was replaced by Privacy Shield, which was pretty much the same thing really, and that has recently been to the court as well, and that has been struck down. There now is no other means of legally sharing data between Europe and America other than what are being called standard contractual clauses. This isn't a broad treaty between two nations, these are drawn by each individual country. But also in the ruling, they said that standard contractual clauses could not be used by any companies that were subject to mass surveillance. And actually in the U.S., the FISA courts enforce a level of mass surveillance through all of the major IT firms, of all major U.S. telcos, cloud firms, or indeed, social media firms. So, this means that for all of the companies out there and their clients, business should be carrying on as usual apart from if you're one of those major U.S. IT firms, or one of their clients. >> So, why did this come about? Was there like a major incident? Why now, was it in the court, stuck in the courts? Were people bitchin' and moanin' about it? Why did this go down, what's the real issue? >> For those of us who have been following this attentively, things have been getting more and more precarious for a number of years now. We've had a situation where there are different measures being taken in the U.S., that have continued to erode the different protections that there were for Europeans. FISA is an example that I've given, and that is the sort of secret courts and secret warrants that are issued to seize data without anyone's knowledge. There's the Cloud Act, which is a sort of extrajudicial law that means that warrants can be served in America to U.S. organizations, and they have to hand over data wherever that data resides, anywhere in the world. So, data could exist on a European server, if it was under the control of an American company, they'd have to hand that over. So, whilst FISA is in direct conflict with the promises that the Americans made, things like the Cloud Act are not only in controversion with the promise they've made, there's conflicting law here, because if you're a U.S. subsidiary of a big U.S. firm, and you're based in Europe, who do you obey, the European law that says you can't hand it over because of GDPR, or the American laws that says they've got extrajudicial control, and that you've got to hand it over. So, it's made things a complete mess. And to say has this stuff, hasn't really happened? No, there's been a gradual erosion, and this has been going through the courts for a number of years. And many of us have seen it coming, and now it just hit us. >> So, if I get you right in what you're saying, it's basically all this mishmash of different laws, and there's no coherency, and consistency, is that the core issue? >> On the European side you could argue there's quite a lot of consistency, because we uphold people's privacy, in theory. But there have been incidents which we could talk about with that, but in theory, we hold your rights dear, and also the rights of Europeans, so everyone's data should be safe here from the sort of mass surveillance we're seeing. In the U.S., there's more of a direct conflict between everything, including there's been a, in his first week in the White House, Donald Trump signed an executive order saying that the Privacy Act in the U.S., which had been the main protection for people in the U.S., no longer applied to non-U.S. citizens. Which was, if you wanted try and cause a storm, and if you wanted to try and undermine the treaty, there's no better way of doing it than that. >> A lot of ways, Ray, I mean simplify this for me, because I'm a startup, I'm hustlin', or I'm a big company, I don't even know who runs the servers anymore, and I've got data stored in multiple clouds, I got in regions, and Oracle just announced more regions, you got Amazon, a gazillion regions, I could be on-premise. I mean bottom line, what is this about? I mean, and -- >> Bill's right, I mean when Max Schrems, the Austrian. Bill's right, when Max Schrems the Austrian activist actually filed his case against Facebook for where data was being stored, data residency wasn't as popular. And you know, what it means for companies that are in the cloud is that you have to make sure your data's being stored in the region, and following those specific region rules, you can't skirt those rules anymore. And I think the cloud companies know that this has been coming for some time, and that's why there's been announced in a lot of regions, a lot of areas that are actually happening, so I think that's the important part. But going back to Bill's earlier point, which is important, is America is basically the Canary Islands of privacy, right? Privacy is there, but it isn't there in a very, very explicit sense, and I think we've been skirting the rules for quite some time, because a lot of our economy depends on that data, and the marketing of the data. And so we often confuse privacy with consent, and also with value exchange, and I think that's part of the problem of what's going on here. Companies that have been building their business models on free data, free private data, free personally identifiable data information are the ones that are at risk! And I think that's what's going on here. >> It's the classic Facebook issue, you're the product, and the data is your product. Well, I want to get into what this means, 'cause my personal take away, not knowing the specifics, and just following say, cyber security for instance, one of the tenets there is that data sharing is an invaluable, important ethos in the community. Now, everyone has their own privacy, or security data, they don't want to let everyone know about their exploits but, but it's well known in the security world that sharing data with each other, different companies and countries is actually a good thing. So, the question that comes in my mind, is this really about data sharing or data privacy, or both? >> I think it's about both. And actually what the ruling is saying here is, all we're asking from the European side is please stop spying on us and please give us a level of equal protection that you give to your own citizens. Because data comes from America to Europe, whatever that data belongs to, a U.S. citizen or a European citizen, it's given equal protection. It is only if data goes in the other direction, where you have secret courts, secret warrants, seizure of data on this massive scale, and also a level of lack of equivalence that has been imposed. And we're just asking that once you've sorted out a few of those things, we'd say everything's back on the table, away we go again! >> Why don't we merge the EU with the United States? Wouldn't that solve the problem? (Bill laughing) >> We just left Europe! (laughs heartily) >> Actually I always -- >> A hostile takeover of the UK maybe, the 52nd state. (Bill laughing loudly) >> I always pick on Bill, like Bill, you got all screaming loud and clear about all these concerns, but UKs trying to get out of that economic union. It is a union at the end of the day, and I think the problem is the institutional mismatch between the EU and U.S., U.S. is old democracy, bigger country, population wise, bigger economy. Whereas Europe is several countries trying to put together, band together as one entity, and the institutions are new, like you know, they're 15 years old, right? They're maturing. I think that's where the big mismatch is and -- >> Well, Ray, I want to get your thoughts on this, Ray wrote a book, I forget what year it was, this digital disruption, basically it was digital transformation before it was actually a trend. I mean to me it's like, do you do the process first and then figure out where the value extraction is, and this may be a Silicon Valley or an American thing, but go create value, then figure out how to create process or understand regulations. So, if data and entrepreneurship is going to be a new modern era of value, why wouldn't we want to create a rule based system that's open and enabling, and not restrictive? >> So, that's a great point, right? And the innovation culture means you go do it first, and you figure out the rules later, and that's been a very American way of getting things done, and very Silicon Valley in our perspective, not everyone, but I think in general that's kind of the trend. I think the challenge here is that we are trading privacy for security, privacy for convenience, privacy for personalization, right? And on the security level, it's a very different conversation than what it is on the consumer end, you know, personalization side. On the security side I think most Americans are okay with a little bit of "spying," at least on your own side, you know, to keep the country safe. We're not okay with a China level type of spying, which we're not sure exactly what that means or what's enforceable in the courts. We look like China to the Europeans in the way we treat privacy, and I think that's the perspective we need to understand because Europeans are very explicit about how privacy is being protected. And so this really comes back to a point where we actually have to get to a consent model on privacy, as to knowing what data is being shared, you have the right to say no, and when you have the right to say no. And then if you have a value exchange on that data, then it's really like sometimes it's monetary, sometimes it's non-monetary, sometimes there's other areas around consensus where you can actually put that into place. And I think that's what's missing at this point, saying, you know, "Do we pay for your data? Do we explicitly get your consent first before we use it?" And we haven't had that in place, and I think that's where we're headed towards. And you know sometimes we actually say privacy should be a human right, it is in the UN Charter, but we haven't figured out how to enforce it or talk about it in the digital age. And so I think that's the challenge. >> Okay, people, until they lose it, they don't really understand what it means. I mean, look at Americans. I have to say that we're idiots on this front, (Bill chuckling) but you know, the thing is most people don't even understand how much value's getting sucked out of their digital exhaust. Like, our kids, TikTok and whatnot. So I mean, I get that, I think there's some, there's going to be blow back for America for sure. I just worry it's going to increase the cost of doing business, and take away from the innovation for citizen value, the people, because at the end of the day, it's for the people right? I mean, at the end of the day it's like, what's my privacy mean if I lose value? >> Even before we start talking about the value of the data and the innovation that we can do through data use, you have to understand the European perspective here. For the European there's a level of double standards and an erosion of trust. There's double standards in the fact that in California you have new privacy regulations that are slightly different to GDPR, but they're very much GDPR like. And if the boot was on the other foot, to say if we were spying on Californians and looking at their personal data, and contravening CCPA, the Californians would be up in arms! Likewise if we having promised to have a level of equality, had enacted a local rule in Europe that said that when data from America's over here, actually the privacy of Americans counts for nothing, we're only going to prioritize the privacy of Europeans. Again, the Americans would be up in arms! And therefore you can see that there are real double standards here that are a massive issue, and until those addressed, we're not going to trust the Americans. And likewise, the very fact that on a number of occasions Americans have signed up to treaties and promised to protect our data as they did with Safe Harbor, as they did with Privacy Shield, and then have blatantly, blatantly failed to do so means that actually to get back to even a level playing field, where we were, you have a great deal of trust to overcome! And the thing from the perspective of the big IT firms, they've seen this coming for a long time, as Ray was saying, and they sought to try and have a presence in Europe and other things. But the way this ruling has gone is that, I'm sorry, that isn't going to be sufficient! These big IT firms based in the U.S. that have been happy to hand over data, well some of them maybe more happy than others, but they all need to hand over data to the NSA or the CIA. They've been doing this for some time now without actually respecting this data privacy agreement that has existed between the two trading blocks. And now they've been called out, and the position now is that the U.S. is no longer trusted, and neither are any of these large American technology firms. And until the snooping stops and equality is introduced, they can now no longer, even from their European operations, they can no longer use standard contractual clauses to transfer data, which is going to be a massive restriction on their business. And if they had any sense, they'd be lobbying very, very hard right now to the Senate, to the House, to try and persuade U.S. lawmakers actually to stick to some these treaties! To stop introducing really mad laws that ride roughshod over other people's privacy, and have a certain amount of respect. >> Let's let JD weigh in, 'cause he just got in, sorry on the video, I made him back on a host 'cause he dropped off. Just, Bill, real quick, I mean I think it's like when, you know, I go to Europe there's the line for Americans, there's the line for EU. Or EU and everybody else. I mean we might be there, but ultimately this has to be solved. So, JD, I want to let you weigh in, Germany has been at the beginning forefront of privacy, and they've been hardcore, and how's this all playing out in your perspective? >> Well, the first thing that we have to understand is that in Germany, there is a very strong law for regulation. Germans panic as soon as they know regulation, so they need to understand what am I allowed to do, and what am I not allowed to do. And they expect the same from the others. For the record I'm not German, but I live in Germany for some 20 years, so I got a bit of a feeling for them. And that sense of need for regulation has spread very fast throughout the European Union, because most of the European member states of the European Union consider this, that it makes sense, and then we found that Britain had already a very good framework for privacy, so GDPR itself is very largely based on what the United Kingdom already had in place with their privacy act. Moving forward, we try to find agreement and consensus with other countries, especially the United States because that's where most of the tech providers are, only to find out, and that is where it started to go really, really bad, 2014, when the mass production by Edward Snowden came out, to find out it's not data from citizens, it's surveillance programs which include companies. I joined a purchasing conference a few weeks ago where the purchase of a large European multinational, where the purchasing director explicitly stated that usage of U.S. based tech providers for sensitive data is prohibited as a result of them finding out that they have been under surveillance. So, it's not just the citizens, there's mass -- >> There you have it, guys! We did trust you! We did have agreements there that you could have abided by, but you chose not to, you chose to abuse our trust! And you're now in a position where you are no longer trusted, and unless you can lobby your own elected representatives to actually recreate a level playing field, we're not going to continue trusting you. >> So, I think really I -- >> Well I mean that, you know, innovation has to come from somewhere, and you know, has to come from America if that's the case, you guys have to get on board, right? Is that what it -- >> Innovation without trust? >> Is that the perspective? >> I don't think it's a country thing, I mean like, it's not you or them, I think everybody -- >> I'm just bustin' Bill's chops there. >> No, but I think everybody, everybody is looking for what the privacy rules are, and that's important. And you can have that innovation with consent, and I think that's really where we're going to get to. And this is why I keep pushing that issue. I mean, privacy should be a fundamental right, and how you get paid for that privacy is interesting, or how you get compensated for that privacy if you know what the explicit value exchange is. What you're talking about here is the surveillance that's going on by companies, which shouldn't be happening, right? That shouldn't be happening at the company level. At the government level I can understand that that is happening, and I think those are treaties that the governments have to agree upon as to how much they're going to impinge on our personal privacy for the trade off for security, and I don't think they've had those discussions either. Or they decided and didn't tell any of their citizens, and I think that's probably more likely the case. >> I mean, I think what's happening here, Bill, you guys were pointing out, and Ray, you articulated there on the other side, and my kind of colorful joke aside, is that we're living a first generation modern sociology problem. I mean, this is a policy challenge that extends across multiple industries, cyber security, citizen's rights, geopolitical. I mean when would look, and even when we were doing CUBE events overseas in Europe, in North American companies we'd call it abroad, we'd just recycle the American program, and we found there's so much localization value. So, Ray, this is the digital disruption, it's the virtualization of physical for digital worlds, and it's a lot of network theory, which is computer science, a lot of sociology. This is a modern challenge, and I don't think it so much has a silver bullet, it's just that we need smart people working on this. That's my take away! >> I think we can describe the ideal endpoint being somewhere we have meaningful protection alongside the maximization of economic and social value through innovation. So, that should be what we would all agree would be the ideal endpoint. But we need both, we need meaningful protection, and we need the maximization of economic and social value through innovation! >> Can I add another axis? Another axis, security as well. >> Well, I could -- >> I put meaningful protection as becoming both security and privacy. >> Well, I'll speak for the American perspective here, and I won't speak, 'cause I'm not the President of the United States, but I will say as someone who's been from Silicon Valley and the east coast as a technical person, not a political person, our lawmakers are idiots when it comes to tech, just generally. (Ray laughing) They're not really -- (Bill laughing loudly) >> They really don't understand. They really don't understand the tech at all! >> So, the problem is -- >> I'm not claiming ours are a great deal better. (laughs) >> Well, this is why I think this is a modern problem. Like, the young people I talk to are like, "Why do we have this rules?" They're all lawyers that got into these positions of Congress on the American side, and so with the American JEDI Contract you guys have been following very closely is, it's been like the old school Oracle, IBM, and then Amazon is leading with an innovative solution, and Microsoft has come in and re-pivoted. And so what you have is a fight for the digital future of citizenship! And I think what's happening is that we're in a massive societal transition, where the people in charge don't know what the hell they're talkin' about, technically. And they don't know who to tap to solve the problems, or even shape or frame the problems. Now, there's pockets of people that are workin' on it, but to me as someone who looks at this saying, it's a pretty simple solution, no one's ever seen this before. So, there's a metaphor you can draw, but it's a completely different problem space because it's, this is all digital, data's involved. >> We've got a lobbyists out there, and we've got some tech firms spending an enormous amount of lobbying. If those lobbyists aren't trying to steer their representatives in the right direction to come up with law that aren't going to massively undermine trade and data sharing between Europe and America, then they're making a big mistake, because we got here through some really dumb lawmaking in the U.S., I mean, there are none of the laws in Europe that are a problem here. 'Cause GDPR isn't a great difference, a great deal different from some of the laws that we have already in California and elsewhere. >> Bill, Bill. >> The laws that are at issue here -- >> Bill, Bill! You have to like, back up a little bit from that rhetoric that EU is perfect and U.S. is not, that's not true actually. >> I'm not saying we're perfect! >> No, no, you say that all the time. >> But I'm saying there's a massive lack of innovation. Yeah, yeah. >> I don't, I've never said it! >> Arm wrestle! >> Yes, yes. >> When I'm being critical of some of the dumb laws in the U.S, (Sarbjeet laughing) I'm not saying Europe is perfect. What we're trying to say is that in this particular instance, I said there was an equal balance here between meaningful protection and the maximization of economic and social value. On the meaningful protection side, America's got it very wrong in terms of the meaningful protection it provides to civil European data. On the maximization of economic and social value, I think Europe's got it wrong. I think there are a lot of things we could do in Europe to actually have far more innovation. >> Yeah. >> It's a cultural issue. The Germans want rules, that's what they crave for. America's the other way, we don't want rules, I mean, pretty much is a rebel society. And that's kind of the ethos of most tech companies. But I think you know, to me the media, there's two things that go on with this tech business. The company's themselves have to be checked by say, government, and I believe in not a lot of regulation, but enough to check the power of bad actors. Media so called "checking power", both of these major roles, they don't really know what they're talking about, and this is back to the education piece. The people who are in the media so called "checking power" and the government checking power assume that the companies are bad. Right, so yeah, because eight out of ten companies like Amazon, actually try to do good things. If you don't know what good is, you don't really, (laughs) you know, you're in the wrong game. So, I think media and government have a huge education opportunity to look at this because they don't even know what they're measuring. >> I support the level of innovation -- >> I think we're unreeling from the globalization. Like, we are undoing the globalization, and that these are the side effects, these conflicts are a side effect of that. >> Yeah, so all I'm saying is I support the focus on innovation in America, and that has driven an enormous amount of wealth and value. What I'm questioning here is do you really need to spy on us, your allies, in order to help that innovation? And I'm starting to, I mean, do you need mass surveillance of your allies? I mean, I can see you may want to have some surveillance of people who are a threat to you, but wait, guys, we're meant to be on your side, and you haven't been treating our privacy with a great deal of respect! >> You know, Saudi Arabia was our ally. You know, 9/11 happened because of them, their people, right? There is no ally here, and there is no enemy, in a way. We don't know where the rogue actors are sitting, like they don't know, they can be within the walls -- >> It's well understood I think, I agree, sorry. it's well understood that nation states are enabling terrorist groups to take out cyber attacks. That's well known, the source enables it. So, I think there's the privacy versus -- >> I'm not sure it's true in your case that it's Europeans that's doing this though. >> No, no, well you know, they share -- >> I'm a former officer in the Royal Navy, I've stood shoulder to shoulder with my U.S. counterparts. I put my life on the line on NATO exercises in real war zones, and I'm now a disabled ex-serviceman as a result of that. I mean, if I put my line on the line shoulder to shoulder with Americans, why is my privacy not respected? >> Hold on -- >> I feel it's, I was going to say actually that it's not that, like even the U.S., right? Part of the spying internally is we have internal actors that are behaving poorly. >> Yeah. >> Right, we have Marxist organizations posing as, you know, whatever it is, I'll leave it at that. But my point being is we've got a lot of that, every country has that, every country has actors and citizens and people in the system that are destined to try to overthrow the system. And I think that's what that surveillance is about. The question is, we don't have treaties, or we didn't have your explicit agreements. And that's why I'm pushing really hard here, like, they're separating privacy versus security, which is the national security, and privacy versus us as citizens in terms of our data being basically taken over for free, being used for free. >> John: I agree with that. >> That I think we have some agreement on. I just think that our governments haven't really had that conversation about what surveillance means. Maybe someone agreed and said, "Okay, that's fine. You guys can go do that, we won't tell anybody." And that's what it feels like. And I don't think we deliberately are saying, "Hey, we wanted to spy on your citizens." I think someone said, "Hey, there's a benefit here too." Otherwise I don't think the EU would have let this happen for that long unless Max had made that case and started this ball rolling, so, and Edward Snowden and other folks. >> Yeah, and I totally support the need for security. >> I want to enter the -- >> I mean we need to, where there are domestic terrorists, we need to stop them, and we need to have local action in UK to stop it happening here, and in America to stop it happening there. But if we're doing that, there is absolutely no need for the Americans to be spying on us. And there's absolutely no need for the Americans to say that privacy applies to U.S. citizens only, and not to Europeans, these are daft, it's just daft! >> That's a fair point. I'm sure GCHQ and everyone else has this covered, I mean I'm sure they do. (laughs) >> Oh, Bill, I know, I've been involved, I've been involved, and I know for a fact the U.S. and the UK are discussing I know a company called IronNet, which is run by General Keith Alexander, funded by C5 Capital. There's a lot of collaboration, because again, they're tryin' to get their arms around how to frame it. And they all agree that sharing data for the security side is super important, right? And I think IronNet has this thing called Iron Dome, which is essentially like they're saying, hey, we'll just consistency around the rules of shared data, and we can both, everyone can have their own little data. So, I think there's recognition at the highest levels of some smart people on both countries. (laughs) "Hey, let's work together!" The issue I have is just policy, and I think there's a lot of clustering going on. Clustered here around just getting out of their own way. That's my take on that. >> Are we a PG show? Wait, are we a PG show? I just got to remember that. (laughs) (Bill laughing) >> It's the internet, there's no regulation, there's no rules! >> There's no regulation! >> The European rules or is it the American rules? (Ray laughing) >> I would like to jump back quickly to the purpose of the surveillance, and especially when mass surveillance is done under the cover of national security and terror prevention. I worked with five clients in the past decade who all have been targeted under mass surveillance, which was revealed by Edward Snowden, and when they did their own investigation, and partially was confirmed by Edward Snowden in person, they found out that their purchasing department, their engineering department, big parts of their pricing data was targeted in mass surveillance. There's no way that anyone can explain me that that has anything to do with preventing terror attacks, or finding the bad guys. That is economical espionage, you cannot call it in any other way. And that was authorized by the same legislation that authorizes the surveillance for the right purposes. I'm all for fighting terror, and anything that can help us prevent terror from happening, I would be the first person to welcome it. But I do not welcome when that regulation is abused for a lot of other things under the cover of national interest. I understand -- >> Back to the lawmakers again. And again, America's been victim to the Chinese some of the individual properties, well documented, well known in tech circles. >> Yeah, but just 'cause the Chinese have targeted you doesn't give you free right to target us. >> I'm not saying that, but its abuse of power -- >> If the U.S. can sort out a little bit of reform, in the Senate and the House, I think that would go a long way to solving the issues that Europeans have right now, and a long way to sort of reaching a far better place from which we can all innovate and cooperate. >> Here's the challenge that I see. If you want to be instrumenting everything, you need a closed society, because if you have a free country like America and the UK, a democracy, you're open. If you're open, you can't stop everything, right? So, there has to be a trust, to your point, Bill. As to me that I'm just, I just can't get my arms around that idea of complete lockdown and data surveillance because I don't think it's gettable in the United States, like it's a free world, it's like, open. It should be open. But here we've got the grids, and we've got the critical infrastructure that should be protected. So, that's one hand. I just can't get around that, 'cause once you start getting to locking down stuff and measuring everything, that's just a series of walled gardens. >> So, to JD's point on the procurement data and pricing data, I have been involved in some of those kind of operations, and I think it's financial espionage that they're looking at, financial security, trying to figure out a way to track down capital flows and what was purchased. I hope that was it in your client's case, but I think it's trying to figure out where the money flow is going, more so than trying to understand the pricing data from competitive purposes. If it is the latter, where they're stealing the competitive information on pricing, and data's getting back to a competitor, that is definitely a no-no! But if it's really to figure out where the money trail went, which is what I think most of those financial analysts are doing, especially in the CIA, or in the FBI, that's really what that probably would have been. >> Yeah, I don't think that the CIA is selling the data to your competitors, as a company, to Microsoft or to Google, they're not selling it to each other, right? They're not giving it to each other, right? So, I think the one big problem I studied with FISA is that they get the data, but how long they can keep the data and how long they can mine the data. So, they should use that data as exhaust. Means like, they use it and just throw it away. But they don't, they keep mining that data at a later date, and FISA is only good for five years. Like, I learned that every five years we revisit that, and that's what happened this time, that we renewed it for six years this time, not five, for some reason one extra year. So, I think we revisit all these laws -- >> Could be an election cycle. >> Huh? >> Could be an election cycle maybe. (laughs) >> Yes, exactly! So, we revisit all these laws with Congress and Senate here periodically just to make sure that they are up to date, and that they're not infringing on human rights, or citizen's rights, or stuff like that. >> When you say you update to check they're not conflicting with anything, did you not support that it was conflicting with Privacy Shield and some of the promises you made to Europeans? At what point did that fail to become obvious? >> It does, because there's heightened urgency. Every big incident happens, 9/11 caused a lot of new sort of like regulations and laws coming into the picture. And then the last time, that the Russian interference in our election, that created some sort of heightened urgency. Like, "We need to do something guys here, like if some country can topple our elections, right, that's not acceptable." So, yeah -- >> And what was it that your allies did that caused you to spy on us and to downgrade our privacy? >> I'm not expert on the political systems here. I think our allies are, okay, loose on their, okay, I call it village politics. Like, world is like a village. Like it's so only few countries, it's not millions of countries, right? That's how I see it, a city versus a village, and that's how I see the countries, like village politics. Like there are two camps, like there's Russia and China camp, and then there's U.S. camp on the other side. Like, we used to have Russia and U.S., two forces, big guys, and they managed the whole world balance somehow, right? Like some people with one camp, the other with the other, right? That's how they used to work. Now that Russia has gone, hold on, let me finish, let me finish. >> Yeah. >> Russia's gone, there's this void, right? And China's trying to fill the void. Chinese are not like, acting diplomatic enough to fill that void, and there's, it's all like we're on this imbalance, I believe. And then Russia becomes a rogue actor kind of in a way, that's how I see it, and then they are funding all these bad people. You see that all along, like what happened in the Middle East and all that stuff. >> You said there are different camps. We thought we were in your camp! We didn't expect to be spied on by you, or to have our rights downgraded by you. >> No, I understand but -- >> We thought we were on your side! >> But, but you have to guys to trust us also, like in a village. Let me tell you, I come from a village, that's why I use the villager as a hashtag in my twitter also. Like in village, there are usually one or two families which keep the village intact, that's our roles. >> Right. >> Like, I don't know if you have lived in a village or not -- >> Well, Bill, you're making some great statements. Where's the evidence on the surveillance, where can people find more information on this? Can you share? >> I think there's plenty of evidence, and I can send some stuff on, and I'm a little bit shocked given the awareness of the FISA Act, the Cloud Act, the fact that these things are in existence and they're not exactly unknown. And many people have been complaining about them for years. I mean, we've had Safe Harbor overturned, we've had Privacy Shield overturned, and these weren't just on a whim! >> Yeah, what does JD have in his hand? I want to know. >> The Edward Snowden book! (laughs) >> By Edward Snowden, which gives you plenty. But it wasn't enough, and it's something that we have to keep in mind, because we can always claim that whatever Edward Snowden wrote, that he made it up. Every publication by Edward Snowden is an avalanche of technical confirmation. One of the things that he described about the Cisco switches, which Bill prefers to quote every time, which is a proven case, there were bundles of researchers saying, "I told you guys!" Nobody paid attention to those researchers, and Edward Snowden was smart enough to get the mass media representation in there. But there's one thing, a question I have for Sabjeet, because in the two parties strategy, it is interesting that you always take out the European Union as part. And the European Union is a big player, and it will continue to grow. It has a growing amount of trade agreements with a growing amount of countries, and I still hope, and I think think Bill -- >> Well, I think the number of countries is reducing, you've just lost one! >> Only one. (Bill laughing loudly) Actually though, those are four countries under one kingdom, but that's another point. (Bill chortling heartily) >> Guys, final topic, 5G impact, 'cause you mentioned Cisco, couldn't help think about -- >> Let me finish please my question, John. >> Okay, go ahead. How would you the United States respond if the European Union would now legalize to spy on everybody and every company, and every governmental institution within the United States and say, "No, no, it's our privilege, we need that." How would the United States respond? >> You can try that and see economically what happens to you, that's how the village politics work, you have to listen to the mightier than you, and we are economically mightier, that's the fact. Actually it's hard to swallow fact for, even for anybody else. >> If you guys built a great app, I would use it, and surveil all you want. >> Yeah, but so this is going to be driven by the economics. (John laughing) But the -- >> That's exactly what John said. >> This is going to be driven by the economics here. The big U.S. cloud firms are got to find this ruling enormously difficult for them, and they are inevitably going to lobby for a level of reform. And I think a level of a reform is needed. Nobody on your side is actually arguing very vociferously that the Cloud Act and the discrimination against Europeans is actually a particularly good idea. The problem is that once you've done the reform, are we going to believe you when you say, "Oh, it's all good now, we've stopped it!" Because with Crypto AG scandal in Switzerland you weren't exactly honest about what you were doing. With the FISA courts, so I mean FISA secret courts, the secret warrants, how do we know and what proof can we have that you've stopped doing all these bad things? And I think one of the challenges, A, going to be the reform, and then B, got to be able to show that you actually got your act together and you're now clean. And until you can solve those two, many of your big tech companies are going to be at a competitive disadvantage, and they're going to be screaming for this reform. >> Well, I think that, you know, General Mattis said in his book about Trump and the United states, is that you need alliances, and I think your point about trust and executing together, without alliances, it really doesn't work. So, unless there's some sort of real alliance, (laughs) like understanding that there's going to be some teamwork here, (Bill laughing) I don't think it's going to go anywhere. So, otherwise it'll continue to be siloed and network based, right? So to the village point, if TikTok can become a massively successful app, and they're surveilling, so and then we have to decide that we're going to put up with that, I mean, that's not my decision, but that's what's goin' on here. It's like, what is TikTok, is it good or bad? Amazon sent out an email, and they've retracted it, that's because it went public. I guarantee you that they're talkin' about that at Amazon, like, "Why would we want infiltration by the Chinese?" And I'm speculating, I have no data, I'm just saying, you know. They email those out, then they pull it back, "Oh, we didn't mean to send that." Really, hmm? (laughs) You know, so this kind of -- >> But the TRA Balin's good, you always want to get TRA Balin out there. >> Yeah, exactly. There's some spying going on! So, this is the reality. >> So, John, you were talking about 5G, and I think you know, the role of 5G, you know, the battle between Cisco and Huawei, you just have to look at it this way, would you rather have the U.S. spy on you, or would you rather have China? And that's really your binary choice at this moment. And you know both is happening, and so the question is which one is better. Like, the one that you're in alliance with? The one that you're not in alliance with, the one that wants to bury you, and decimate your country, and steal all your secrets and then commercialize 'em? Or the one kind of does it, but doesn't really do it explicitly? So, you've got to choose. (laughs) >> It's supposed to be -- >> Or you can say no, we're going to create our own standard for 5G and kick both out, that's an option. >> It's probably not as straightforward a question as, or an answer to that question as you say, because if we were to fast-forward 50 years, I would argue that China is going to be the largest trading nation in the world. I believe that China is going to have the upper hand on many of these technologies, and therefore why would we not want to use some of their innovation, some of their technology, why would we not actually be more orientated around trading with them than we might be with the U.S.? I think the U.S. is throwing its weight around at this moment in time, but if we were to fast-forward I think looking in the longterm, if I had to put my money on Huawei or some of its competitors, I think given its level of investments in research and whatever, I think the better longterm bet is Huawei. >> No, no, actually you guys need to pick a camp. It's a village again. You have to pick a camp, you can't be with both guys. >> Global village. >> Oh, right, so we have to go with the guys that have been spying on us? >> How do you know the Chinese haven't been spying on you? (Ray and John laughing loudly) >> I think I'm very happy, you find a backdoor in the Huawei equipment and you show it to us, we'll take them to task on it. But don't start bullying us into making decisions based on what-ifs. >> I don't think I'm, I'm not qualified to represent the U.S., but what we would want to say is that if you look at the dynamics of what's going on, China, we've been studying that as well in terms of the geopolitical aspects of what happens in technology, they have to do what they're doing right now. Because in 20 years our population dynamics go like this, right? You've got the one child policy, and they won't have the ability to go out and fight for those same resources where they are, so what they're doing makes sense from a country perspective and country policy. But I think they're going to look like Japan in 20 years, right? Because the xenophobia, the lack of immigration, the lack of inside stuff coming in, an aging population. I mean, those are all factors that slow down your economy in the long run. And the lack of bringing new people in for ideas, I mean that's part of it, they're a closed system. And so I think the longterm dynamics of every closed system is that they tend to fail versus open systems. So, I'm not sure, they may have better technology along the way. But I think a lot of us are probably in the camp now thinking that we're not going to aid and abet them, in that sense to get there. >> You're competing a country with a company, I didn't say that China had necessarily everything rosy in its future, it'll be a bigger economy, and it'll be a bigger trading partner, but it's got its problems, the one child policy and the repercussions of that. But that is not one of the things, Huawei, I think Huawei's a massively unlimited company that has got a massive lead, certainly in 5G technology, and may continue to maintain a lead into 6G and beyond. >> Oh yeah, yeah, Huawei's done a great job on the 5G side, and I don't disagree with that. And they're ahead in many aspects compared to the U.S., and they're already working on the 6G technologies as well, and the roll outs have been further ahead. So, that's definitely -- >> And they've got a great backer too, the financer, the country China. Okay guys, (Ray laughing) let's wrap up the segment. Thanks for everyone's time. Final thoughts, just each of you on this core issue of the news that we discussed and the impact that was the conversation. What's the core issue? What should people think about? What's your solution? What's your opinion of how this plays out? Just final statements. We'll start with Bill, Ray, Sarbjeet and JD. >> All I'm going to ask you is stop spying on us, treat us equally, treat us like the allies that we are, and then I think we've got to a bright future together! >> John: Ray? >> I would say that Bill's right in that aspect in terms of how security agreements work, I think that we've needed to be more explicit about those. I can't represent the U.S. government, but I think the larger issue is really how do we view privacy, and how we do trade offs between security and convenience, and you know, what's required for personalization, and companies that are built on data. So, the sooner we get to those kind of rules, an understanding of what's possible, what's a consensus between different countries and companies, I think the better off we will all be a society. >> Yeah, I believe the most important kind of independence is the economic independence. Like, economically sound parties dictate the terms, that's what U.S. is doing. And the smaller countries have to live with it or pick the other bigger player, number two in this case is China. John said earlier, I think, also what JD said is the fine balance between national security and the privacy. You can't have, you have to strike that balance, because the rogue actors are sitting in your country, and across the boundaries of the countries, right? So, it's not that FISA is being fought by Europeans only. Our internal people are fighting that too, like how when you are mining our data, like what are you using it for? Like, I get concerned too, when you can use that data against me, that you have some data against me, right? So, I think it's the fine balance between security and privacy, we have to strike that. Awesome. JD? I'll include a little fake check, fact check, at the moment China is the largest economy, the European Union is the second largest economy, followed directly by the USA, it's a very small difference, and I recommend that these two big parties behind the largest economy start to collaborate and start to do that eye to eye, because if you want to balance the economical and manufacturing power of China, you cannot do that as being number two and number three. You have to join up forces, and that starts with sticking with the treaties that you signed, and that has not happened in the past, almost four years. So, let's go back to the table, let's work on rules where from both sides the rights and the privileges are properly reflected, and then do the most important thing, stick to them! >> Yep, I think that's awesome. I think I would say that these young kids in high school and college, they need to come up and solve the problems, this is going to be a new generational shift where the geopolitical landscape will change radically, you mentioned the top three there. And new alliances, new kinds of re-imagination has to be there, and from America's standpoint I'll just say that I'd like to see lawmakers have, instead of a LinkedIn handle, a GitHub handle. You know, when they all go out on campaign talk about what code they've written. So, I think having a technical background or some sort of knowledge of computer science and how the internet works with sociology and societal impact will be critical for our citizenships to advance. So, you know rather a lawyer, right so? (laughs) Maybe get some law involved in that, I mean the critical lawyers, but today most people are lawyers in American politics, but show me a GitHub handle of that congressman, that senator, I'd be impressed. So, that's what we need. >> Thanks, good night! >> Ray, you want to say something? >> I wanted to say something, because I thought the U.S. economy was 21 trillion, the EU is sittin' at about 16, and China was sitting about 14, but okay, I don't know. >> You need to do math man. >> Hey, we went over our 30 minutes time, we can do an hour with you guys, so you're still good. (laughs) >> Can't take anymore. >> No go on, get in there, go at it when you've got something to say. >> I don't think it's immaterial the exact size of the economy, I think that we're better off collaborating on even and fair terms, we are -- >> We're all better off collaborating. >> Yeah. >> Gentlemen -- >> But the collaboration has to be on equal and fair terms, you know. (laughs) >> How do you define fair, good point. Fair and balanced, you know, we've got the new -- >> We did define fair, we struck a treaty! We absolutely defined it, absolutely! >> Yeah. >> And then one side didn't stick to it. >> We will leave it right there, and we'll follow up (Bill laughing) in a later conversation. Gentlemen, you guys are good. Thank you. (relaxing electronic music)

>> Announcer: From theCUBE studios in Palo Alto, in Boston, connecting with thought leaders all around the world. This is a CUBE conversation. >> Hey welcome back everybody. Jeff Frick here with theCUBE. Coming to you today from our Palo Alto studios. It's COVID is still going on. So, there's still no shows, but the good news is we've got the technology we can reach out to the community, and bring them in from far, far away. So today joining us from Virginia across the country is Dave Scott. He is the director of Product Management for Veritas, Dave, great to see you. >> Thanks Jeff, great to be here. >> Absolutely. So let's jump into it. You guys have been about backup and recovery for years and years and years, but oh my goodness, how the landscape continues to evolve between, you know, public cloud and you know, all the things happening with Amazon and Google, and Microsoft. And then now, of course big push for Hybrid. And, you know, we're the workloads, and kind of application centric infrastructure. You guys still got a backup and secure all this things. I wonder if you can give us a little bit of your perspective on, you know, kind of the increasing complexity of the computing environment, has all these different kind of pieces of the puzzle, are kind of gaining traction at the same time. >> Yeah, absolutely. I mean, I'm on the compliance side of the company. So I'm more on looking after requirements around collection of content preparation for litigation, making sure you're adhering to compliance regulations in different parts of the world. And, I mean that's a constantly evolving space. One of the, so basically the products I look after are Enterprise Vaults, Enterprise Vault.cloud, and eDiscovery platform. And, as you say, I mean, one of the biggest challenges is that customers are starting to move, you know, customers are looking for flexibility in how they deploy our solutions. We've had a product in market with enterprise vault for about 20 years. And so, we have a lot of customers that have a lot of data on premise, and now they're starting, you know, they've got cloud mandates, they want to move that content to the cloud. So we have gotten very aggressive at building out our SaaS, archiving solution, Enterprise Vault.cloud. But we also provide other options. Like if you want to move enterprise vault from your data center on premise, to your tenant in Azure, Amazon, we fully support that. In fact, we're taking advantage of cloud services to make that a much more viable option for our customers. >> So let's get into the regulation and the compliance, 'cause that's a big piece of the motivation beyond just, you know, making sure that the business can recover, that the regulation and compliance thing is huge. You know, the GDPR, which has been around now for a couple of years, California protection act. And I think what I find interesting from your perspective is you have this kind of crazy sea of regulations that are different by country, by industry, by data type, and they're evolving all the time. So, that's got to be a relatively complex little grid you got to keep track of. >> Yeah, it makes the job interesting. But it also is a huge competitive advantage for us. We have a team that researches data privacy regulations around the world, and it's been a competitive advantage in that we can be incredibly nimble in creating a new policy. We had some opportunities come up in Turkey, there's a regulation there that mirrors GDPR called KVKK or KVKK I think they call it locally. And it's, a joke that it's kind of like GDPR, but with jail time for noncompliance. So there's a lot more motivation on the part of an IT department, to make sure they're meeting that requirement. But it has to do with dealing with, you know, data privacy again, and ensuring the safety of the continent. That's proliferating throughout the world. You mentioned California Consumer Privacy Act, many other States are starting to follow what the California Consumer Privacy Act. And I'm sure, it won't be long before we have a data privacy act in the US, that's nationwide instead of at the state level. In other industries that we serve, like the financial services industry. There's, you know, there's always been a lot of regulation around SEC and FINRA in the US, that's spreading to other countries now, you know, MiFID II in the European union has been huge. And that dictates you need to capture all voice conversations, all text conversations, instant messages, everything that goes on between a broker and the end customer, has to be captured, has to be supervised, and has to be maintained on warm storage. So that's a great segment for us as well. That's an area we play very well in. >> So it's interesting. 'Cause in preparing for this, I saw some of the recent announcements around the concept of data supervision. So I think a lot of people are familiar with backup and recovery, and continuity, but specifically data supervision. What does that really mean? How is that different than kind of traditional backup and recovery, and what are some of the really key features or attributes to make that a successful platform? >> Yeah, no, it is really outside of the realm of backup and recovery. Archiving is very different from backup and recovery. And then archiving is about preserving the communication, and being able to monitor that communication, for the purposes of meeting compliance regulations. So, in the case of our solution, Veritas advanced supervision, It sounds a bit big brotherish, if I'm being honest, but it is a requirement for the financial service community that you sample a subset of those communications looking for violations. So you're looking for insider trading, you're looking for money laundering. In some companies, at the HR departments, or even just trying to ensure that their employees are being compliant. And so you may sample a subset of content. But it's absolutely required within the financial services community. And we're starting to see a lot of other industries, you know, leveraging this technology just to ensure compliance with different regulations, or compliance with their own internal policies. Ensuring a safe work place, ensuring that there's not any sexual harassment, or that type of thing going on through office communications. So it is a way of just monitoring your employees communications. >> So it's while I remember when, when people used to talk about messaging, and kind of the generic sense, like I could never understand why, you know, it's an email, it's a text. I mean, little did I know that every single application is now installed on every single device that I have, has a messaging app, you know, has a direct messaging feature. So, I mean the complexity and, and I guess the, the variability in the communication methods, across all these applications and, you know, probably more than half of them, that most of us work on are SaaS as well, really adds a ton of complexity to the challenge that you were just talking about. >> Oh, absolutely. I mean, I'm old. You know, when I started, all of my communications were on a Microsoft mail server, all my files were in the file, you know, the server room down the hall. Now I've got about 20 different ways to communicate on my phone. And, the fragmentation of communication does make that job a lot more, more challenging. You know, now you need to take a voice conversation, convert it to text. With COVID and with, you know, the dawn of telemedicine, or at least the rapid growth, and telemessaging, telemedicine sorry. There is a whole new potential market for this kind of supervision tool. Now you can capture every doctor patient interaction that takes place over Zoom or over a Team's video, transcribe that content, and there's a wealth of value in that conversation. Not only can you tell if the doctor is responding to the patient, if the interaction is positive or negative, is the doctor helping to calm the patient down? Do they have good quality of interaction? That sort of thing. And so there's incredible value in capturing those communications, so you can learn from the... you know learn best practices, I guess. And then, feed that into a broader data lake, and correlate the interaction with patient outcomes, who are your great doctors? who are your, you know, that type of thing. So that's an area that we're very excited about going forward. >> Wow, that's pretty interesting. I never kind of thought that through, because I would have assumed that, you know, kind of most of the calls for this type of data were based on some type of a litigation. You know, it was some type of an ask or a request, that I was going to ask you, now how does that actually work within the context of this sea of data, that you have. Is it usually around a specific individual, who's got some issues and you're kind of looking at their ecosystem of communications, or is it more of a pattern, or is it potentially more of a keyword type of thing that's triggering, You know, kind of this forensics into this tremendous amount of data that's in all these enterprises. >> Yeah, it's a little bit of everything. Like, so first of all, we have the ability to capture a lot of different native content sources. But we also leverage partners to bring in other content sources. We can capture over 80 different content sources, all the, you know, instant messaging, social media, of course email, but even voice communications and video communications. And to answer your question as far as litigation, I mean, it really depends on the incident right? in the past, in the old days, any kind of litigation resulted in a fire drill where you're trying to find every scrap of evidence, every piece of information related to the case. By being a little bit proactive and capturing your email, and your communication streams into immutable storage in an archive, you're ready for that litigation event. And you've already indexed that content, you've already classified that content. So you can find the needle in the haystack. You can find the relevant content to prove your innocence, or at least to comply with the request for information. Now that has also led to solving similar issues for public sector. US federal, with the Freedom of Information Act. They're getting all kinds of requests for right now for COVID related communications. And that could be related to lawsuits. it could be related to just information around how stimulus funds are being spent. And they've got to respond to these requests very, very quickly. Our team came up with a COVID-19 classification policy, where we can actually weed out the communications related to COVID-19. To allow those federal agencies, and even state and local agencies, to quickly respond to those types of requests. So that's been an exciting area for us. And then there's still the SEC requirements to monitor broker dealers and conversations with end users, to ensure they're not doing anything, they shouldn't be doing like insider trading, >> Right. Which is so different, than kind of a post event, you know, kind of forensics investigation, and then collecting that data. So I'm curious, you know, how often are you having to update policies and update, you know, kind of the sniffers and the intelligence that goes behind the monitoring to trigger a flag, And then that just go into their own internal kind of compliance reg and set off a whole another chain of events? I would imagine. >> Yeah. I mean, there's a lot of things we can do with our classification policies. And like, in the case of the COVID policy, we just kind of crowd source that internally, and created a policy, in about a week, really. That we, you know, we shaped the basic policy and then kept refining it, refining it, testing it. And we were able to go from start to finish, and have it publicly available within about a week and a half. It was really a great effort. And we have that kind of ability to be very nimble, to react to different types of regulations as they become, you know, get out there. And then there's also a constant refining of even data privacy for every country that we support. You know, we have data privacy regulations for the entire European union and for most countries around the world, obviously the US, Canada, Australia, and so on. And, you can always make those policies better. So we've introduced feedback loops where our customers can give us feedback on what works and what isn't working, and we can tweak the policies as needed. But it is a great way to respond to whatever's going on in the world, to help our customer base, which, you know, is largely the financial verticals, the public sector verticals, but even healthcare is becoming more important for us. >> So Dave, I wonder if there's some other use cases that people aren't thinking about, where you guys have seen value in this type of analytics. >> Yeah, I mean, definitely the one thing that I think is just starting to emerge as the value that's inherent in communications. So I mentioned earlier the telemedicine idea, and, you know, can you learn from doctor-patient interactions if you're capturing them over telemedicine vehicles, you know again, Video Chat, Zoom, and that sort of thing. But similarly, if you've captured communications for a long time, as many of our customers have, what can you do with that data? And how can it feed into a broader data lake to give you new insights? So for example, if you want to gauge whether a major deal is about to close, you know, you can rely on your sales reps to populate the CRM and give you an indication it's 10% complete, it's 50% complete, whatever. But you're dependent on all the games that salespeople play. It would be far better to look at the pattern of a traditional deal Closing. You know, first you start out with one person at your company talking, to one person at the target customer that leads to meetings, that leads to calendar invites, that leads to emails being sent back and forth. You can look at the time of response, how quickly does the target customer respond to the sales rep? How often are they interacting? How many people are they interacting with? Is it spanning different GEOS? Is it spanning different groups within the company? Are there certain documents being sent back and forth, like, a quote for example. All of this can give you a higher confidence that that deal is going to close, or that deals failing. You don't really know. You can also look at historical data, and compare the current account manager to his predecessor. You know, does the current account manager interact with his customer as much as the former rep did? And is there a correlation in their effectiveness? You know, based on kind of their interactions, and their just basic skills. So I think that's an exciting field, and it shines a new light on the data that you have to collect, to comply with regulations, the data you have to collect for litigation and other reasons. Now there's other value there. >> Right. That's a fascinating story. So the reason that you guys would be involved in this, is because you're sitting on, you're sitting all that comms data, because you have to, for the regulation. I mean, what you're describing sounds like a perfect, you know, kind of sales force. Plug in. >> Absolutely. >> With a much richer dataset, versus as you said, relying on the sales person to input the sales force, information which would require them to remember their password, which gets reset every three weeks. So the chances of that are pretty slim. (laughs) >> Yeah. There's a fact, I think I've read a stat recently that about, you know, only 10% of information is actually captured in a CRM. You know, contact information and that sort of thing. But if you're looking at their emails, if you're looking at their phone calls and their texts, and that sort of thing, you get a rich set of data on contacts and people that you're interacting with at a target customer, and, you know, sales. More than any other job, I think sales has high turnover. And so you need that record of, you know, off the counter. One account rep leaves, you don't want to lose all their contacts and start over again. You want a smooth handover to the next person. >> Right. >> If you capture all that content from their communications into CRM, you're in great shape. >> Dave, I want to get your take on something that's happening now, because you're so dialed into policy, and policy and regulations, which are such a giant determinant of what people can and should and should not do, with data. When you take something like COVID and the conversations about people going back to work, and contact tracing. To me it's like, Wow! You know, it's kind of this privacy clash against HIPAA, and, you know, that's medical information. And yet it's like this particular disease has been deemed such that it kind of falls outside the traditional, you know, kind of HIPAA rules. They're not going to test me for any other ailments before I come in the door at work, but they, you know, eventually we're going to be scanning people. So, you know, the levels of complexity and dynamicism, if that's even a word, around something like that, that's even a one off, within a specific, you know, kind of medical data is got to be, you know, I guess, interesting and challenging, but from a policy perspective and an actual handling of that information, that's got to be a crazy challenge. >> Yeah. I mean, we do expect that COVID it's going to lead to all kinds of litigation and Freedom of Information Act request. And that's a big reason why we saw the importance very quickly, that we need a classification policy to highlight that content. So what we can do in this case is we can, first of all, identify where that content is stored. We have a product called data insight that can monitor your file system and quickly locate. If you've got a document that includes, you know, patient data or anything related to COVID-19, we can find that. And now as we bring in the communications, we can flag communications, as we archive them and say, this is related to COVID-19. Then when a litigation happens, you can look, you can do a quick search and you can filter on the COVID-19 tag. And the people you're concerned with, and the date range you're concerned with, you can easily pull in all of the communications, all of the file content, anything related to COVID-19. And this is huge for, again, for public sector, where there are subject to finance, you know, sorry, Freedom of Information Act request. But it's also going to affect every company, because like, it's going to be litigation around, when a company decided that they would work from home, and did they wait too long. You know, and did someone get sick because they weren't aggressive enough. There's going to be frivolous lawsuits, there's going to be more tangible lawsuits, and, there's going to be all kinds of activity around how stimulus funds were spent and that sort of thing. So, yeah. That's a great example of a case where you've got to find the content quickly and respond to requests very quickly. Classification go a long way there. >> Yeah. That's the lawyers have hardly gotten involved in this COVID thing yet. And, to your point, it's going to be both frivolous as well as justified. And did people come back too early? Did they take the right steps? It's going to be messy and sloppy, but it sounds like you're in a good position to help people get through it. So, you know, just kind of your final thoughts you've been in this business for a long time. The rate and pace of change is only increasing the complexity of veracity, stealing some good, old, big data words. Velocity of the data is only increasing, the sources are growing exponentially. You know, as you kind of sit back and reflect obviously, a lot of exciting stuff ahead, but what do you think about what gets you up in the morning beyond just continuing to race to keep up with the neverending see of changing regulatory environment? >> Yeah, that's a great question. I mean, I think we have a great portfolio that can really help us react to change, and to take advantage of some of these new trends. And that is exciting, like telemedicine, the changes that come with COVID-19, what we could do for telemedicine rating doctors gauging their performance. We could do the same sort of thing for tele-education. You know, like I have two kids that have had, you know, homeschooling for the last three months, and, probably are going to face that in the fall. And, there might be some needs to just rate how the teachers are doing, how well are the classes interacting, and what can we learn from best practices there. So I think that's interesting and interesting space as well. But what keeps me going is the fact that we've got market leading products in archiving, eDiscovery, and supervision. We're putting a lot of new energy into those solutions. They've been around a long time. We've been archiving since 1998 I think, and doing supervision and discovery for 20 years. And, it's strange, the market's still there, it's still expanding, it's still growing. And, it's kind of just keeping up to change and, trying to find better ways of surfacing the relevant human communications content that said that's kind of the key to the job, I think. >> Right. Well yeah, Finding that signal amongst the noise is going to get increasingly... >> Exactly. >> More difficult than has been kind of a recurring theme here over the last 12 weeks or 15 weeks, or however long it's been. As you know, this kind of light switch moment on digital transformation is no longer, when are we going to get to it, or we're going to do a POC or let's experiment a little bit, you know, here and there it's, you know, ready, set, go. Whether you're ready or not, whether that's a kindergarten teacher, that's never taught online, a high school teacher running a big business. So nothing but a great opportunity. (laughs) >> Absolutely. >> All right. >> Absolutely. I mean, it's a very, a changing world and lots of opportunity comes with that. >> All right. Well Dave, thank you for sharing your insight, obviously regulation compliance, and I like that, you know, data supervision is not just backup and recovery is much, much bigger opportunity, in a lot higher value activity. So congrats to you and the team. And thanks for the update. >> All right. Thank you, Jeff. Thanks for the time. >> All right. He's Dave and I'm Jeff. You're watching theCUBE. Thanks for watching, we'll see you next time. (upbeat music)

>> Narrator: From around the globe it's theCUBE, covering HPE Discover Virtual Experience brought to you by HPE. >> Hi everybody. Welcome back. This is Dave Vellante for theCUBE, and this is our coverage of discover 2020, the virtual experience of HPE discover. We've done many, many discoveries, as usually we're on the show floor, theCUBE has been virtualized and we talk a lot at HPE discovers, a lot of storage and server and infrastructure and networking which is great. But the conversation we're going to have now is really, we're going to be talking about helping the world solve some big problems. And I'm very excited to welcome back to theCUBE Dr. Eng Lim Goh. He's a senior vice president of and CTO for AI, at HPE. Hello, Dr. Goh. Great to see you again. >> Hello. Thank you for having us, Dave. >> You're welcome. And then our next guest is Professor Joachim Schultze, who is the Professor for Genomics, and Immunoregulation at the university of Bonn amongst other things Professor, welcome. >> Thank you all. Welcome. >> And then Prasad Shastry, is the Chief Technologist for the India Advanced Development Center at HPE. Welcome, Prasad. Great to see you. >> Thank you. Thanks for having me. >> So guys, we have a CUBE first. I don't believe we've ever had of three guests in three separate times zones. I'm in a fourth time zone. (guests chuckling) So I'm in Boston. Dr. Goh, you're in Singapore, Professor Schultze, you're in Germany and Prasad, you're in India. So, we've got four different time zones. Plus our studio in Palo Alto. Who's running this program. So we've got actually got five times zones, a CUBE first. >> Amazing. >> Very good. (Prasad chuckles) >> Such as the world we live in. So we're going to talk about some of the big problems. I mean, here's the thing we're obviously in the middle of this pandemic, we're thinking about the post isolation economy, et cetera. People compare obviously no surprise to the Spanish flu early part of last century. They talk about the great depression, but the big difference this time is technology. Technology has completely changed the way in which we've approached this pandemic. And we're going to talk about that. Dr. Goh, I want to start with you. You've done a lot of work on this topic of swarm learning. If we could, (mumbles) my limited knowledge of this is we're kind of borrowing from nature. You think about, bees looking for a hive as sort of independent agents, but somehow they come together and communicate, but tell us what do we need to know about swarm learning and how it relates to artificial intelligence and we'll get into it. >> Oh, Dave, that's a great analogy using swarm of bees. That's exactly what we do at HPE. So let's use the of here. When deploying artificial intelligence, a hospital does machine learning of the outpatient data that could be biased, due to demographics and the types of cases they see more also. Sharing patient data across different hospitals to remove this bias is limited, given privacy or even sovereignty the restrictions, right? Like for example, across countries in the EU. HPE, so I'm learning fixers this by allowing each hospital, let's still continue learning locally, but at each cycle we collect the lumped weights of the neural networks, average them and sending it back down to older hospitals. And after a few cycles of doing this, all the hospitals would have learned from each other, removing biases without having to share any private patient data. That's the key. So, the ability to allow you to learn from everybody without having to share your private patients. That's swarm learning, >> And part of the key to that privacy is blockchain, correct? I mean, you you've been too involved in blockchain and invented some things in blockchain and that's part of the privacy angle, is it not? >> Yes, yes, absolutely. There are different ways of doing this kind of distributed learning, which swarm learning is over many of the other distributed learning methods. Require you to have some central control. Right? So, Prasad, and the team and us came up together. We have a method where you would, instead of central control, use blockchain to do this coordination. So, there is no more a central control or coordinator, especially important if you want to have a truly distributed swamp type learning system. >> Yeah, no need for so-called trusted third party or adjudicator. Okay. Professor Schultze, let's go to you. You're essentially the use case of this swarm learning application. Tell us a little bit more about what you do and how you're applying this concept. >> I'm actually by training a physician, although I haven't seen patients for a very long time. I'm interested in bringing new technologies to what we call precision medicine. So, new technologies both from the laboratories, but also from computational sciences, married them. And then I basically allow precision medicine, which is a medicine that is built on new measurements, many measurements of molecular phenotypes, how we call them. So, basically that process on different levels, for example, the genome or genes that are transcribed from the genome. We have thousands of such data and we have to make sense out of this. This can only be done by computation. And as we discussed already one of the hope for the future is that the new wave of developments in artificial intelligence and machine learning. We can make more sense out of this huge data that we generate right now in medicine. And that's what we're interesting in to find out how can we leverage these new technologies to build a new diagnostics, new therapy outcome predictors. So, to know the patient benefits from a disease, from a diagnostics or a therapy or not, and that's what we are doing for the last 10 years. The most exciting thing I have been  through in the last three, four, five years is really when HPE introduced us to swarm learning. >> Okay and Prasad, you've been helping Professor Schultze, actually implements swarm learning for specific use cases that we're going to talk about COVID, but maybe describe a little bit about what you've been or your participation in this whole equation. >> Yep, thank. As Dr Eng Lim Goh, mentioned. So, we have used blockchain as a backbone to implement the decentralized network. And through that we're enabling a privacy preserved these centralized network without having any control points, as Professor explained in terms of depression medicines. So, one of the use case we are looking at he's looking at the blood transcriptomes, think of it, different hospitals having a different set of transcriptome data, which they cannot share due to the privacy regulations. And now each of those hospitals, will clean the model depending upon their local data, which is available in that hospital. And shared the learnings coming out of that training with the other hospitals. And we played to over several cycles to merge all these learnings and then finally get into a global model. So, through that we are able to kind of get into a model which provides the performance is equal of collecting all the data into a central repository and trying to do it. And we could really think of when we are doing it, them, could be multiple kinds of challenges. So, it's good to do decentralized learning. But what about if you have a non ID type of data, what about if there is a dropout in the network connections? What about if there are some of the compute nodes we just practice or probably they're not seeing sufficient amount of data. So, that's something we tried to build into the swarm learning framework. You'll handle the scenarios of having non ID data. All in a simple word we could call it as seeing having the biases. An example, one of the hospital might see EPR trying to, look at, in terms of let's say the tumors, how many number of cases and whereas the other hospital might have very less number of cases. So, if you have kind of implemented some techniques in terms of doing the merging or providing the way that different kind of weights or the tuneable parameters to overcome these set of challenges in the swarm learning. >> And Professor Schultze, you you've applied this to really try to better understand and attack the COVID pandemic, can you describe in more detail your goals there and what you've actually done and accomplished? >> Yeah. So, we have actually really done it for COVID. The reason why we really were trying to do this already now is that we have to generate it to these transcriptomes from COVID-19 patients ourselves. And we realized that the scene of the disease is so strong and so unique compared to other infectious diseases, which we looked at in some detail that we felt that the blood transcriptome would be good starting point actually to identify patients. But maybe even more important to identify those with severe diseases. So, if you can identify them early enough that'd be basically could care for those more and find particular for those treatments and therapies. And the reason why we could do that is because we also had some other test cases done before. So, we used the time wisely with large data sets that we had collected beforehand. So, use cases learned how to apply swarm learning, and we are now basically ready to test directly with COVID-19. So, this is really a step wise process, although it was extremely fast, it was still a step wise probably we're guided by data where we had much more knowledge of which was with the black leukemia. So, we had worked on that for years. We had collected many data. So, we could really simulate a Swarm learning very nicely. And based on all the experience we get and gain together with Prasad, and his team, we could quickly then also apply that knowledge to the data that are coming now from COVID-19 patients. >> So, Dr. Goh, it really comes back to how we apply machine intelligence to the data, and this is such an interesting use case. I mean, the United States, we have 50 different States with 50 different policies, different counties. We certainly have differences around the world in terms of how people are approaching this pandemic. And so the data is very rich and varied. Let's talk about that dynamic. >> Yeah. If you, for the listeners who are or viewers who are new to this, right? The workflow could be a patient comes in, you take the blood, and you send it through an analysis? DNA is made up of genes and our genes express, right? They express in two steps the first they transcribe, then they translate. But what we are analyzing is the middle step, the transcription stage. And tens of thousands of these Transcripts that are produced after the analysis of the blood. The thing is, can we find in the tens of thousands of items, right? Or biomarkers a signature that tells us, this is COVID-19 and how serious it is for this patient, right? Now, the data is enormous, right? For every patient. And then you have a collection of patients in each hospitals that have a certain demographic. And then you have also a number of hospitals around. The point is how'd you get to share all that data in order to have good training of your machine? The ACO is of course a know privacy of data, right? And as such, how do you then share that information if privacy restricts you from sharing the data? So in this case, swarm learning only shares the learnings, not the private patient data. So we hope this approach would allow all the different hospitals to come together and unite sharing the learnings removing biases so that we have high accuracy in our prediction as well at the same time, maintaining privacy. >> It's really well explained. And I would like to add at least for the European union, that this is extremely important because the lawmakers have clearly stated, and the governments that even non of these crisis conditions, they will not minimize the rules of privacy laws, their compliance to privacy laws has to stay as high as outside of the pandemic. And I think there's good reasons for that, because if you lower the bond, now, why shouldn't you lower the bar in other times as well? And I think that was a wise decision, yes. If you would see in the medical field, how difficult it is to discuss, how do we share the data fast enough? I think swarm learning is really an amazing solution to that. Yeah, because this discussion is gone basically. Now we can discuss about how we do learning together. I'd rather than discussing what would be a lengthy procedure to go towards sharing. Which is very difficult under the current privacy laws. So, I think that's why I was so excited when I learned about it, the first place with faster, we can do things that otherwise are either not possible or would take forever. And for a crisis that's key. That's absolutely key. >> And is the byproduct. It's also the fact that all the data stay where they are at the different hospitals with no movement. >> Yeah. Yeah. >> Learn locally but only shared the learnings. >> Right. Very important in the EU of course, even in the United States, People are debating. What about contact tracing and using technology and cell phones, and smartphones to do that. Beside, I don't know what the situation is like in India, but nonetheless, that Dr. Goh's point about just sharing the learnings, bubbling it up, trickling just kind of metadata. If you will, back down, protects us. But at the same time, it allows us to iterate and improve the models. And so, that's a key part of this, the starting point and the conclusions that we draw from the models they're going to, and we've seen this with the pandemic, it changes daily, certainly weekly, but even daily. We continuously improve the conclusions and the models don't we. >> Absolutely, as Dr. Goh explained well. So, we could look at like they have the clinics or the testing centers, which are done in the remote places or wherever. So, we could collect those data at the time. And then if we could run it to the transcripting kind of a sequencing. And then as in, when we learn to these new samples and the new pieces all of them put kind of, how is that in the local data participate in the kind of use swarm learning, not just within the state or in a country could participate into an swarm learning globally to share all this data, which is coming up in a new way, and then also implement some kind of continuous learning to pick up the new signals or the new insight. It comes a bit new set of data and also help to immediately deploy it back into the inference or into the practice of identification. To do these, I think one of the key things which we have realized is to making it very simple. It's making it simple, to convert the machine learning models into the swarm learning, because we know that our subject matter experts who are going to develop these models on their choice of platforms and also making it simple to integrate into that complete machine learning workflow from the time of collecting a data pre processing and then doing the model training and then putting it onto inferencing and looking performance. So, we have kept that in the mind from the beginning while developing it. So, we kind of developed it as a plug able microservices kind of packed data with containers. So the whole library could be given it as a container with a kind of a decentralized management command controls, which would help to manage the whole swarm network and to start and initiate and children enrollment of new hospitals or the new nodes into the swarm network. At the same time, we also looked into the task of the data scientists and then try to make it very, very easy for them to take their existing models and convert that into the swarm learning frameworks so that they can convert or enabled they're models to participate in a decentralized learning. So, we have made it to a set callable rest APIs. And I could say that the example, which we are working with the Professor either in the case of leukemia or in the COVID kind of things. The noodle network model. So we're kind of using the 10 layer neural network things. We could convert that into the swarm model with less than 10 lines of code changes. So, that's kind of a simply three we are looking at so that it helps to make it quicker, faster and loaded the benefits. >> So, that's an exciting thing here Dr. Goh is, this is not an R and D project. This is something that you're actually, implementing in a real world, even though it's a narrow example, but there are so many other examples that I'd love to talk about, but please, you had a comment. >> Yes. The key thing here is that in addition to allowing privacy to be kept at each hospital, you also have the issue of different hospitals having day to day skewed differently. Right? For example, a demographics could be that this hospital is seeing a lot more younger patients, and other hospitals seeing a lot more older patients. Right? And then if you are doing machine learning in isolation then your machine might be better at recognizing the condition in the younger population, but not older and vice versa by using this approach of swarm learning, we then have the biases removed so that both hospitals can detect for younger and older population. All right. So, this is an important point, right? The ability to remove biases here. And you can see biases in the different hospitals because of the type of cases they see and the demographics. Now, the other point that's very important to reemphasize is what precise Professor Schultze mentioned, right? It's how we made it very easy to implement this.Right? This started out being so, for example, each hospital has their own neural network and they training their own. All you do is we come in, as Pasad mentioned, change a few lines of code in the original, machine learning model. And now you're part of the collective swarm. This is how we want to easy to implement so that we can get again, as I like to call, hospitals of the world to uniting. >> Yeah. >> Without sharing private patient data. So, let's double click on that Professor. So, tell us about sort of your team, how you're taking advantage of this Dr. Goh, just describe, sort of the simplicity, but what are the skills that you need to take advantage of this? What's your team look like? >> Yeah. So, we actually have a team that's comes from physicians to biologists, from medical experts up to computational scientists. So, we have early on invested in having these interdisciplinary research teams so that we can actually spend the whole spectrum. So, people know about the medicine they know about them the biological basics, but they also know how to implement such new technology. So, they are probably a little bit spearheading that, but this is the way to go in the future. And I see that with many institutions going this way many other groups are going into this direction because finally medicine understands that without computational sciences, without artificial intelligence and machine learning, we will not answer those questions with this large data that we're using. So, I'm here fine. But I also realize that when we entered this project, we had basically our model, we had our machine learning model from the leukemia's, and it really took almost no efforts to get this into the swarm. So, we were really ready to go in very short time, but I also would like to say, and then it goes towards the bias that is existing in medicine between different places. Dr. Goh said this very nicely. It's one aspect is the patient and so on, but also the techniques, how we do clinical essays, we're using different robots a bit. Using different automates to do the analysis. And we actually try to find out what the Swan learning is doing if we actually provide such a bias by prep itself. So, I did the following thing. We know that there's different ways of measuring these transcriptomes. And we actually simulated that two hospitals had an older technology and a third hospital had a much newer technology, which is good for understanding the biology and the diseases. But it is the new technology is prone for not being able anymore to generate data that can be used to learn and then predicting the old technology. So, there was basically, it's deteriorating, if you do take the new one and you'll make a classifier model and you try old data, it doesn't work anymore. So, that's a very hard challenge. We knew it didn't work anymore in the old way. So, we've pushed it into swarm learning and to swarm recognize that, and it didn't take care of it. It didn't care anymore because the results were even better by bringing everything together. I was astonished. I mean, it's absolutely amazing. That's although we knew about this limitations on that one hospital data, this form basically could deal with it. I think there's more to learn about these advantages. Yeah. And I'm very excited. It's not only a transcriptome that people do. I hope we can very soon do it with imaging or the DCNE has 10 sites in Germany connected to 10 university hospitals. There's a lot of imaging data, CT scans and MRIs, Rachel Grimes. And this is the next next domain in medicine that we would like to apply as well as running. Absolutely. >> Well, it's very exciting being able to bring this to the clinical world And make it in sort of an ongoing learnings. I mean, you think about, again, coming back to the pandemic, initially, we thought putting people on ventilators was the right thing to do. We learned, okay. Maybe, maybe not so much the efficacy of vaccines and other therapeutics. It's going to be really interesting to see how those play out. My understanding is that the vaccines coming out of China, or built to for speed, get to market fast, be interested in U.S. Maybe, try to build vaccines that are maybe more longterm effective. Let's see if that actually occurs some of those other biases and tests that we can do. That is a very exciting, continuous use case. Isn't it? >> Yeah, I think so. Go ahead. >> Yes. I, in fact, we have another project ongoing to use a transcriptome data and other data like metabolic and cytokines that data, all these biomarkers from the blood, right? Volunteers during a clinical trial. But the whole idea of looking at all those biomarkers, we talking tens of thousands of them, the same thing again, and then see if we can streamline it clinical trials by looking at it data and training with that data. So again, here you go. Right? We have very good that we have many vaccines on. In candidates out there right now, the next long pole in the tenth is the clinical trial. And we are working on that also by applying the same concept. Yeah. But for clinical trials. >> Right. And then Prasad, it seems to me that this is a good, an example of sort of an edge use case. Right? You've got a lot of distributed data. And I know you've spoken in the past about the edge generally, where data lives bringing moving data back to sort of the centralized model. But of course you don't want to move data if you don't have to real time AI inferencing at the edge. So, what are you thinking in terms of other other edge use cases that were there swarm learning can be applied. >> Yeah, that's a great point. We could kind of look at this both in the medical and also in the other fields, as we talked about Professor just mentioned about this radiographs and then probably, Using this with a medical image data, think of it as a scenario in the future. So, if we could have an edge note sitting next to these medical imaging systems, very close to that. And then as in when this the systems producers, the medical immediate speed could be an X-ray or a CT scan or MRI scan types of thing. The system next to that, sitting on the attached to that. From the modernity is already built with the swarm lending. It can do the inferencing. And also with the new setup data, if it looks some kind of an outlier sees the new or images are probably a new signals. It could use that new data to initiate another round up as form learning with all the involved or the other medical images across the globe. So, all this can happen without really sharing any of the raw data outside of the systems but just getting the inferencing and then trying to make all of these systems to come together and try to build a better model. >> So, the last question. Yeah. >> If I may, we got to wrap, but I mean, I first, I think we've heard about swarm learning, maybe read about it probably 30 years ago and then just ignored it and forgot about it. And now here we are today, blockchain of course, first heard about with Bitcoin and you're seeing all kinds of really interesting examples, but Dr. Goh, start with you. This is really an exciting area, and we're just getting started. Where do you see swarm learning, by let's say the end of the decade, what are the possibilities? >> Yeah. You could see this being applied in many other industries, right? So, we've spoken about life sciences, to the healthcare industry or you can't imagine the scenario of manufacturing where a decade from now you have intelligent robots that can learn from looking at across men building a product and then to replicate it, right? By just looking, listening, learning and imagine now you have multiple of these robots, all sharing their learnings across boundaries, right? Across state boundaries, across country boundaries provided you allow that without having to share what they are seeing. Right? They can share, what they have lunch learnt You see, that's the difference without having to need to share what they see and hear, they can share what they have learned across all the different robots around the world. Right? All in the community that you allow, you mentioned that time, right? That will even in manufacturing, you get intelligent robots learning from each other. >> Professor, I wonder if as a practitioner, if you could sort of lay out your vision for where you see something like this going in the future, >> I'll stay with the medical field at the moment being, although I agree, it will be in many other areas, medicine has two traditions for sure. One is learning from each other. So, that's an old tradition in medicine for thousands of years, but what's interesting and that's even more in the modern times, we have no traditional sharing data. It's just not really inherent to medicine. So, that's the mindset. So yes, learning from each other is fine, but sharing data is not so fine, but swarm learning deals with that, we can still learn from each other. We can, help each other by learning and this time by machine learning. We don't have to actually dealing with the data sharing anymore because that's that's us. So for me, it's a really perfect situation. Medicine could benefit dramatically from that because it goes along the traditions and that's very often very important to get adopted. And on top of that, what also is not seen very well in medicine is that there's a hierarchy in the sense of serious certain institutions rule others and swarm learning is exactly helping us there because it democratizes, onboarding everybody. And even if you're not sort of a small entity or a small institutional or small hospital, you could become remembering the swarm and you will become as a member important. And there is no no central institution that actually rules everything. But this democratization, I really laugh, I have to say, >> Pasad, we'll give you the final word. I mean, your job is very helping to apply these technologies to solve problems. what's your vision or for this. >> Yeah. I think Professor mentioned about one of the very key points to use saying that democratization of BI I'd like to just expand a little bit. So, it has a very profound application. So, Dr. Goh, mentioned about, the manufacturing. So, if you look at any field, it could be health science, manufacturing, autonomous vehicles and those to the democratization, and also using that a blockchain, we are kind of building a framework also to incentivize the people who own certain set of data and then bring the insight from the data into the table for doing and swarm learning. So, we could build some kind of alternative monetization framework or an incentivization framework on top of the existing fund learning stuff, which we are working on to enable the participants to bring their data or insight and then get rewarded accordingly kind of a thing. So, if you look at eventually, we could completely make dais a democratized AI, with having the complete monitorization incentivization system which is built into that. You may call the parties to seamlessly work together. >> So, I think this is just a fabulous example of we hear a lot in the media about, the tech backlash breaking up big tech but how tech has disrupted our lives. But this is a great example of tech for good and responsible tech for good. And if you think about this pandemic, if there's one thing that it's taught us is that disruptions outside of technology, pandemics or natural disasters or climate change, et cetera, are probably going to be the bigger disruptions then technology yet technology is going to help us solve those problems and address those disruptions. Gentlemen, I really appreciate you coming on theCUBE and sharing this great example and wish you best of luck in your endeavors. >> Thank you. >> Thank you. >> Thank you for having me. >> And thank you everybody for watching. This is theCUBE's coverage of HPE discover 2020, the virtual experience. We'll be right back right after this short break. (upbeat music)