>> Live from San Francisco, its theCUBE. Covering RSA Conference 2019. Brought to you by Forescout. >> Hey welcome back everybody Jeff Frick here with theCUBE. We're at RSA Conference North America 2019. 40,000 plus people in the brand newly refinished. Moscone, they finally got it done and it looks great, we're excited to be here and the guy, one of the many people responsible for this whole event is joining us for a return visit. He's Rohit Ghai, the president of RSA. Rohit, congratulations on another incredible event. >> Thank you, it is incredible indeed and the scope of the conversation, the breadth of the conversation, amazing. >> Right, I was looking a couple of years ago I think it was Valentine's Day, thankfully you didn't do Valentine's Day this year 'cause I don't think Moscone was ready for you. >> That's right, I don't think that would have played out well, yes (laughs). >> So lets jump into it a little bit, kind of general impressions you know security is not getting any less in demand. We're seeing increased threats, we're getting dumbed down to breaches. Give me the facts, how many vendors are here displaying today, how many sponsors? What are are some of the basics? >> Yeah, so look 40,000 plus attendees you know we have 800 plus folks on the show floor. There is a total of 1,700 plus vendors in this industry so its a very fragmented industry and everybody whose anybody in cyber-security is actually here. The other stat that is interesting is in terms of shared voice and the media coverage that actually happens at the RSA conference, if you just put that together that's more than any of the social conversations throughout the year. So this one week will generate more shared voice around cyber-security than the entire year. >> It's the place to be. So let's jump into it, so one of the big issues that you've always talked about is using a really kind of business approach to assessing risk and some of the math behind making a good business decision on how much you invest and what do you protect. You've expanded that vision a little bit this year. Tell us a little more about that. >> We see our role as RSA to provide a safe passage of the world to its digital future state. As you know digital transformation is a buzz-word. Every company is trying to go digital but they don't know what they don't know. Technology is premiering things where its never been before. It's inside baby monitors, inside pace makers, inside cars. Companies that are adapting this technology don't have the competency to actually mitigate risk. The stat I use is one-trillion lines of code will be shipped over the next decade by companies that have shipped exactly zero lines of code. >> One trillion new marginal lines of code. >> So, the meta point is we face unprecedented digital risk, because of adoption of digital technology. So technology is a force for the good but you have to embrace it mindfully and pay attention to digital risk management and that's our role. The role of RSA is to help companies manage digital risk. >> Right, and how do they sort through it all? I just feel for all this between the number of threats, the number of solutions, the IOT is coming on board, 'Internet of Things'. The OT is now being connected to the IT, your head's got to be just spinning. >> It feels overwhelming doesn't it. What I say is anytime you feel overwhelmed you could do three things. You have to reduce the amount of work, you do that by designing security in, resilient infrastructure. Second is that you have to automate work. Which is basically using technology like artificial intelligence and machine learning. But as you know the bad guys have all the AI and ML we the good guys do. So the third recipe for success is business driven security. Which means you have to apply business contacts to your security posture, so you focus on the right problems. The right cyber incidents right here right now. And that's our unique advantage the good guys, the only advantage we the good guys have is our understanding of our business contacts. We call that business driven security. >> So an interesting piece of that is how the value proposition is changing. It used to be the young kid hacking the school site giving himself an A. Then it got to people getting into bank accounts and personal information. But now we're seeing with the nation's states, we're seeing political motivation. >> Exactly. >> There's a lot of different motivations so it gets into this whole evaluation of data, what is the data that they want and is it valuable? Because what they want or is valuable tomorrow might be different than what it was today. >> You're right, the clock speed of digital business is markedly enhanced. So you need solutions that can move at the pace of business. So its no longer about efficacy, its about speed, both on the risk side and security you need solutions that can process this vast ocean of data, make sense of it, to prioritize your response. To focus on the things that are most important right now. >> Yeah, its crazy. Then we have this other trend that's happening now, which is kind of Big-Tech like from Big-Oil meaning not a positive connotation in a blowback. Where people are kind of waking up to the fact that my data is important and people are using it for ways that I didn't necessarily want them to. So this trust issue is really really significant. >> It is significant because in fact the topic of my keynote yesterday. We call it the trust landscape in which we painted a story that we are at the beginning of an era which is a trust crisis. Where people are losing faith in technology as a force for good and unless we act now we will put humanity in harms way and get in the way of human progress. And I think there is some things we need to do, if you think about trust, trust is based on reputation. Trust is not perfection, I don't trust you because you're perfect. I trust you because I can count on how you're going to behave in certain circumstances. Its based on your reputation. >> Right. >> If you think about today we are inviting complete strangers into our cars and homes with platforms like Airbnb and Uber Lyft. Because there is a technology trust platform. We need that on the enterprise side and what we're doing in the cyber security world is, we are actually making withdrawals from our trust or reputation bank account because breaches and bad news is the only thing that's reported. We are not reporting good cyber incidents. So that's the place where we need to work toward, where we are able to not just take withdrawals from our reputation bank account but make deposits by reporting not just bad cyber news but good cyber news. >> Right. >> When we prevent breaches or when we mitigate business impact or cyber incidents. All of those things we need to be more transparent about that. >> But its kind of tricky right now because its the old spy dilemma, you don't want to tell them that you caught them because then you are not in a position to catch them the next time. >> Yes, I think there is solutions there though. I think the reason we have been guarded in cyber security to share good news is because again we don't want to reveal details of our security posture. And we don't want to taunt the bad guy and attract attention towards ourselves. Having said that I think there is a way to do that anonymously without compromising your security posture and having this quantified way to measure your reputation or your cyber capability. >> Right, its really interesting that you go down this trust angle because the whole fake news thing. Is protecting your reputation really of more significant value than necessarily, I don't know, make up some other kind of silly data breach but your reputation and the trust that comes from that or the relationship you have with your customer is really really important. >> Absolutely, your reputation ascertains how your company will live through any crisis incident, right? And in the past corporate reputations were based on things like corporate social responsibility. Your conduct in the physical world, environment, sustainability, corporate ethics, in terms of how you are treating your employees on a fair basis. In the digital world, just like you have corporate social responsibility, you have corporate digital responsibility. You need to demonstrate conduct in terms of how you deal with data, how you take care of consumer data and are a good custodian for it. How you participate in the ecosystem. The Facebook Cambridge analytica example, when you share data with partners you have to feel accountability to that. So in this hyper-connected economy, third-party risk is actually probably higher than first party risk. So you no longer just need to worry about your own data landscape and your own infrastructure landscape. You need to worry about your ecosystem as well. >> Right, and that's before you count in if its an API based economy and you've got stuff in the cloud, you've got stuff in your data center, you've got stuff at remote locations. So the complexity is significantly changed. >> Absolutely. The good news is there's a great recipe which is digital risk management. Risk and trust have to coexist right? If you don't take risks you can't make progress or innovate but in order to have trust you need to have predictability. And that comes through a risk management approach and that's why RSA is so excited about this idea of digital risk management. Its a great responsibility to chart the course to the digital future of the world. >> Well you've certainly got everybody's ear as you said everybody whose anybody is here and this is the place to be this week so congratulations again on a very big and successful show and we're excited that we got to sit down this time not standing in the hallway. >> Thank you, thank you. >> Alright thanks again. >> I enjoyed the conversation. >> Alrighty, he's Rohit, I'm Jeff, you're watching theCUBE. We're at RSA North American conference in Moscone. Thanks for watching we'll see you next time.