>>Hey everyone. Welcome to the Cube's presentation of the AWS startup showcase. Season two, episode four, I'm your host. Lisa Martin. This topic is cybersecurity detect and protect against threats. Very excited to welcome a Cub alumni back to the program. SNA hall, autonomy, the co-founder and CEO of horizon three joins me SNA hall. It's great to have you back in the studio. >>Likewise, thanks for the invite. >>Tell us a little bit about horizon three. What is it that you guys do you we're founded in 2019? Got a really interesting group of folks with interesting backgrounds, but talk to the audience about what it is that you guys are aiming to do. >>Sure. So maybe back to the problem we were trying to solve. So my background, I was a engineer by trade. I was a CIO at G capital CTO at Splunk and helped, helped grows scale that company and then took a break from industry to serve within the department of defense. And in every one of my jobs where I had cyber security in my responsibility, I suffered from the same problem. I had no idea I was secure or that we were fixing the right vulnerabilities or logging the right data in Splunk or that our tools and processes and people worked together well until the bad guys had showed up. And by then it was too late. And what I wanted to do was proactively verify my security posture, make sure that my security tools were actually effective, that my people knew how to respond to a breach before the bad guys were there. And so this whole idea of continuously verifying my security posture through security testing and pen testing became a, a passion project of mine for over a decade. And I, through my time in the DOD found the right group of an early people that had offensive cyber experience that had defensive cyber experience that knew how to build and ship and, and deliver software at scale. And we came together at the end of 2019 to start horizon three. >>Talk to me about the current threat landscape. We've seen so much change in flux in the last couple of years globally. We've seen, you know, the threat actors are just getting more and more sophisticated as is the different types of attacks. What are you seeing kind of horizontally across the threat landscape? >>Yeah. The biggest thing is attackers don't have to hack in using zero days. Like you see in the movies. Often they're able to just log in with valid credentials that they've collected through some mechanism. As an example, if I wanted to compromise a large organization, say United airlines, one of the things that an attacker's gonna go off and do is go to LinkedIn and find all of the employees that work at United airlines. Now you've got, say 7,000 pilots of those pilots. You're gonna figure out quickly that their use varie and passwords or their use varie@leastarefirstnamelastinitialatunited.com. Cool. Now I have 7,000 potential logins and all it takes is one of them to reuse a compromise password for their corporate email. And now you've got an initial user in the system and most likely that initial user has local admin on their laptops. And from there, an attacker can dump credentials and find a path to becoming a domain administrator. >>And what happens oftentimes is security tools. Don't detect this because it looks like valid behavior in the organization. And this is pretty common. This idea of collecting information on an organization or a topic or target using open source intelligence, using a mix of credentialed spraying and kinda low priority or low severity exploitations or misconfigurations to get in. And then from there systematically dumping credentials, reusing those credentials and finding a path towards compromise and almost less than 2% of, of CVEs are actually used in exploits. Most of the time attackers chain together misconfigurations bad product defaults. And so really the threat landscape is attackers don't hack in. They log in and organizations have to focus on getting the basics right and fundamentals right first, before they layer on some magic, easy button that is some security AI tools hoping that that's gonna save their day. And that's what we found systemically across the board. >>So you're finding that across the board, probably pan industry, that, that a lot of companies need to go back to basics. We talk about that a lot when we're talking about security, why do you think that >>Is? I think it's because one, most organizations are barely treading water. When you look at the early rapid adopters of horizon threes, pen testing, product, autonomous pen testing, the early adopters tended to be teams where the it team and the security team were the same person and they were barely treading water. And the hardest part of my job as a CIO was deciding what not to fix because the bottleneck in the security processes, the actual capacity to fix problems. And so fiercely prioritizing issues becomes really important, but the, the tools and the processes don't focus on prioritizing what's exploitable, they prioritize, you know, by some arbitrary score from some arbitrary vulnerability scanner. And so we have as a fundamental breakdown of the small group of folks with the expertise to fix problems, tend to be the most overworked and tend to have the most noise to need to sift through. So they don't even have time to get to the basics. They're just barely treading water doing their day jobs. And they're often sacrificing their nights and weekends. All of us at horizon three were practitioners at one point in our career, we've all been called in on the weekend. So that's why, what we did was fiercely focus on helping customers and users fix problems that truly matter, and allowing them to quickly retack and verify that the problems were truly fixed. >>So when it comes to today's threat landscape, what is it that organizations across the board should really be focused on? >>I think systemically what we see are bad password or credential policies, least access, privileged management type processes, not being well implemented. The domain user tends to be the local admin on the box, no ability to understand what is a valid login versus a, a malicious login. Those are some of the basics that we see systemically. And if you layer that with, it's very easy to say misconfigure vCenter, or misconfigure a piece of Cisco gear, or you're not gonna be installing monitoring and OB observa security observability tools on that. HP integrated lights out server. And so on. What you'll find is that you've got people overworked that don't have the capacity to fix. You have the fundamentals or the basics, not, not well implemented. And you have a whole bunch of blind spots in your security posture, and defenders have to be right. Every time attackers only have to be right once. And so what we have is this asymmetric fight where attackers are very likely to get in. And we see this on the news all the time. >>So, and, and nobody of course wants to be the next headline. Right? Talk to me a little bit about autonomous pen testing as a service, what you guys are delivering and what makes it unique and different than other tools that have been out there as, as you're saying that clearly have >>Gaps. Yeah. So first and foremost was the approach we took in building our product. What we set up front was our primary users should be it administrators, network, engineers, and P. And that, that it intern who in three clicks should have the power of a 20 year pen testing expert. So the whole idea was empower and enable all of the fixers to find, fix in verify their security weaknesses continuously. That was the design goal. Most other security products are designed for security people, but we already know they're they're task saturated. They've got way too many tools under the belt. So first and foremost, we wanted to empower the fixers to fix problems. That truly matter, the second part was we wanted to do that without having to install credentialed agents all over the place or writing your own custom attack scripts, or having to do a bunch of configurations and make sure that it's safe to run against production systems so that you could, you could test your entire attack surface your on-prem, your cloud, your external perimeter. >>And this is where AWS comes in to be very important, especially hybrid customers where you've got a portion of your infrastructure on AWS, a portion on-prem and you use horizon three to be able to attack your complete attack surface. So we can start on Preem and we will find, say the AWS credentials file that was mistakenly saved on a, a share drive, and then reuse that to become admin in the cloud. AWS didn't do anything wrong. The cloud team didn't do anything wrong. A developer happened to share a password or save a password file locally. That's how attackers get in. So we can start from on-prem and show how we can compromise the cloud, start from the cloud and, and, and show how we can compromise. On-prem start from the outside and break in. And we're able to show that complete attack surface at scale for hybrid customers. >>So showing that complete attack surface sort of from the eyes of the attacker, >>That's exactly right, because while blue teams or the defenders have a very specific view of their environment, you have to look at yourself through the eyes of the attacker to understand what are your blind spots? What do do they see that you don't see? And it's actually a discipline that is well entrenched within military culture. And that's also important for us as the company. We're about a third of horizon, three served in us special operations or the intelligence community with the United States, and then do OD writ large. And a lot of that red team mindset view yourself through the eyes of the attacker and this idea of training. Like you fight in building muscle memories. So you know how to react to the real incident when it occurs is just ingrained in how we operate. And we disseminate that culture through all of our customers as well. >>And, and at this point in time, it's, every business needs to assume an attacker's gonna get in >>That's right. There are way too many doors and windows in the organization. Attackers are going to get in, whether it's a single customer that reused their Netflix password for their corporate email, a patch that didn't get applied properly, or a new zero day that just gets published a piece of Cisco software that was misconfigured, you know, not by anything more than it's easy to misconfigure. These complex pieces of technology attackers are going to get in. And what we want to understand as customers is once they're in, what could they do? Could they get to my crown Jewel's data and systems? Could they borrow and prepare for a much more complicated attack down the road? If you assume breach, now you wanna understand what can they get to, how quickly can you detect that breach and what are your ways to stifle their ability to achieve their objectives. And culturally, we would need a shift from talking about how secure I am to how defensible are we. Security is kind of a state, a point in time, state of your organization, defense ability is how quickly you can adapt to the attacker to stifle their ability to achieve their objective >>As things are changing >>Constantly. That's exactly right. >>Yeah. Talk to me about a typical customer engagement. If there's, you mentioned folks treading water, obviously there's the huge cybersecurity skills gap that we've been talking about for a long time. Now that's another factor there, but when you're in customer conversations, who were you talking to? What typically are, what are they coming to you for help? >>Yeah. One big thing is you're not gonna win and, and win a customer by taking 'em out to steak dinners. Not anymore. The way we focus on, on our go to market and our sales motion is cultivating champions. At the end of the proof of concept, our internal measure of successes is that person willing to get a horizon three tattoo. And you do that, not through state dinners, not through cool swag, not through marketing, but by letting your results do the talking. Now, part of those results should not require professional services or consulting it. The whole experience should be self-service frictionless and insightful. And that really is how we've designed the product and designed the entire sales motion. So a prospect will learn or discover about us, whether it's through LinkedIn, through social, through the website, but often because one of their friends or colleagues heard about us saw our result and is advocating on our behalf. >>When we're not in the room from there, they're gonna be able to self-service just log to our product through their LinkedIn ID, their Google ID. They can engage with a salesperson if they want to, they can run a pen test right there on the spot against their home, without any interaction with a sales rep, let those results do the talking, use that as a starting point to engage in a, in a more complicated proof of value. And the whole idea is we don't charge for these. We let our results do the talking. And at the end, after they've run us to find problems they've gone off and fixed those issues. And they've rerun us to verify that what they've fixed was properly fixed, then they're hooked. And we have a hundred percent technical win rate with our prospects when they hit that fine fix verify cycle, which is awesome. And then we get the tattoo for them, at least give them the template. And then we're off to the races >>That it sounds like you're making the process more simple. There's so much complexity behind it, but allowing users to be able to actually test it out themselves in a, in a simplified way is huge. Allowing them to really focus on becoming defensible. >>That's exactly right. And you know, the value is we're all, especially now in security, there's so much hype and so much noise. There's a lot more time being spent, self discovering and researching technologies before you engage in a commercial discussion. And so what we try to do is optimize that entire buying experience around enabling people to discover and research and learn the other part, right. Remember is offensive cyber and ethical hacking. And so on is very mysterious and magical to most defenders. It's such a complicated topic with many nuance tools that they don't have the time to understand or learn. And so if you surface the complexity of all those attacker tools, you're gonna overwhelm a person that is already overwhelmed. So we needed the, the experience to be incredibly simple and, and optimize that fine fix verify aha moment. And once again, be frictionless and be insightful, >>Frictionless and insightful. Excellent. Talk to me about results. You mentioned results. We, we love talking about outcomes. When a customer goes through the, the POC POB that you talked about, what are some of the results that they see that hook them? >>Yeah. The biggest thing is what attackers do today is they will find a low from machine one, plus a low from machine two equals compromised domain. What they're doing is they're chaining together issues across multiple parts of your system or your organization to hone your environment. What attackers don't do is find a critical vulnerability and exploit that single machine it's always a chain is always, always multiple steps in the attack. And so the entire product and experience in actually our underlying tech is around attack pads. Here is the path, the attack path an attacker could have taken. You know, that node zero, our product took here is the proof of exploitation for every step along the way. So, you know, this isn't a false positive, in fact, you can copy and paste the attacker command from the product and rerun it yourself and see it for yourself. >>And then here is exactly what you have to go fix and why it's important to fix. So that path proof impact and fix action is what the entire experience is focused on. And that is the results doing the talking, because remember, these folks are already overwhelmed. They're dealing with a lot of false positives. And if you tell them you've got another critical to fix their immediate reaction is Nope. I don't believe you. This is a false positive. I've seen this plenty of times. That's not important. So you have to in your product experience in sales process and adoption process immediately cut through that defensive or that reflex and its path proof impact. Here's exactly what you fix here are the exact steps to fix it. And then you're off to the races. What I learned at Splunk was you win hearts and minds of your users through amazing experience, product experience, amazing documentation, yes, and a vibrant community of champions. Those are the three ingredients of success, and we've really made that the core of the product. So we win on our documentation. We win on the product experience and we've cultivated pretty awesome community. >>Talk to me about some of those champions. Is there a customer story that you think really articulates the value of no zero and what it is that, that you are doing? Yeah. >>I'll tell you a couple. Actually, I just gave this talk at black hat on war stories from running 10,000 pen tests. And I'll try to be gentle on the vendors that were involved here, but the reality is you gotta be honest and authentic. So a customer, a healthcare organization ran a pen test and they were using a very well known, managed security services provider as their, as their security operations team. And so they initiate the pen test and they were, they wanted to audit their response time of their MSSP. So they run the pen test and we're in and out. The whole pen test runs two hours or less. And in those two hours, the pen test compromises, the domain gets access to a bunch of sensitive data. Laterally, maneuvers rips the entire entire environment apart. It took seven hours for the MSSP to send an email notification to the it director that said, Hey, we think something's suspicious is wow. Seven hours. That's >>A long time >>We were in and out in two, seven hours for notification. And the issue with that healthcare company was they thought they had hired the right MSSP, but they had no way to audit their performance. And so we gave them the, the details and the ammunition to get services credits to hold them accountable and also have a conversation of switching to somebody else. >>That accountability is key, especially when we're talking about the, the threat landscape and how it's evolving day to day. That's >>Exactly right. Accountability of your suppliers or, or your security vendors, accountability of your people and your processes, and not having to wait for the bad guys to show up, to test your posture. That's, what's really important. Another story is interesting. This customer did everything right. It was a banking customer, large environment, and they had Ford net installed as their, as their EDR type platform. And they, they initiate us as a pen test and we're able to get code execution on one of their machines. And from there laterally maneuver to become a domain administrator, which insecurity is a really big deal. So they came back and said, this is absolutely not possible. Ford net should have stopped that from occurring. And it turned out because we showed the path and the proof and the impact Forder net was misconfigured on three machines out of 5,000. And they had no idea. Wow. So it's one of those you wanna don't trust that your tools are working. Don't trust your processes. Verify them, show me we're secure today. Show me we're secured tomorrow. And then show me again, we're secure next week, because my environment's constantly changing. And the, and the adversary always has a vote, >>Right? The, the constant change in flux is, is huge challenge for organizations, but those results clearly speak for themselves. You, you talked about the speed in terms of time, how quickly can a customer deploy your technology, identify and remedy problems in their environment. >>Yeah. You know, this fine fix verify aha moment. If you will. So traditionally a customer would have to maybe run one or two pen tests a year and then they'd go off and fix things. They have no capacity to test them cuz they don't have the internal attack expertise. So they'd wait for the next pen test and figure out that they were still exploitable. Usually this year's pen test results look identical the last years that isn't sustainable. So our customers shift from running one or two pen tests a year to 40 pen tests a month. And they're in this constant loop of finding, fixing and verifying all of the weaknesses in their infrastructure. Remember there's infrastructure, pen testing, which is what we are really good at. And then there's application level pen testing that humans are much better at solving. Okay. So we focus on the infrastructure side, especially at scale, but can you imagine so 40 pen tests a month, they run from the perimeter, the inside from a specific subnet from work from home machines, from the cloud. And they're running these pen tests from many different perspectives to understand what does the attacker see from each of these locations in their organization and how do they systemically fix those issues? And what they look at is how many critical problems were found, how quickly were they fixed? How often do they reoccur? And that third metric is important because you might fix something. But if it shows up again next week, because you've got bad automation, you're not gonna you're in a rat race. So you wanna look at that reoccurrence rate also >>The recurrence rate. What are you most excited about as obviously the threat landscape continues to evolve, but what are you most excited about for the company and what it is that you're able to help organizations across industries achieve in such tumultuous times? Yeah. You >>Know, one of the coolest things is back because I was a customer for many of these products, I, I despised threat intelligence products. I despised them because they were basically generic blog posts maybe delivered as a, as a, as a data feed to my Splunk environment or something. But they're always really generic. Like you may have a problem here. And as a result, they weren't very actionable. So one of the really cool things that we do, it's just part of the product is this concept of, of flares flares that we shoot up. And the idea is not to be, to cause angst or anxiety or panic, but rather we look at threat intelligence and then because all, all the insights we have from your pen test results, we connect those two together and say your VMware horizon instance at this IP is exploitable. You need to fix it as fast as possible or as very likely to be exploited. >>And here is the threat intelligence and in the news from CSUN elsewhere, that shows why it's important. So I think what is really cool is we're able to take together threat intelligence out in the wild combined with very precise understanding of your environment, to give you very accurate and actionable starting points for what you need to go fix or test or verify. And when we do that, what we see is almost like, imagine this ball bouncing, that is the first drop of the ball. And then that drives the first major pen test. And then they'll run all these subsequent pen tests to continue to find and fix and verify. And so what we see is this tremendous amount of AC excitement from customers that we're actually giving them accurate, detailed information to take advantage of, and we're not causing panic and we're not causing alert, fatigue as a result. >>That's incredibly important in this type of environment. Last question for you. If, if autonomous pen testing is obviously critical and has tremendous amount of potential for organizations, but it's not, it's only part of the equation. What's the larger vision. >>Yeah. You know, we are not a pen testing company and that's something we decided upfront. Pen testing is a sensor. It collects and understands a tremendous amount of data for your attack surface. So the natural next thing is to analyze the pen test results over time, to start to give you a more accurate understanding of your governance risk and compliance posture. So now what happens is we are able to allow customers to go run 40 pen tests a month. And that kind of becomes the, the initial land or flagship product. But then from there we're able to upsell or increase value to our customers and start to compete and take out companies like security scorecard or risk IQ and other companies like that, where there tended to be. I was a user of all those tools, a lot of garbage in garbage out, okay, where you can't fill out a spreadsheet and get an accurate understanding of your risk posture. You need to look at your detailed pen, test results over time and use that to accurately understand what are your hotspots, what's your recurrence rate and so on. And being able to tell that story to your auditors, to your regulators, to the board. And actually it gives you a much more accurate way to show return on investment of your security spend also, which >>Is huge. So where can customers and, and those that are interested go to learn more. >>So horizon three.ai is the website. That's a great starting point. We tend to very much rely on social channels. So LinkedIn in particular to really get our stories out there. So finding us on LinkedIn is probably the next best thing to go do. And we're always at the major trade shows and events also. >>Excellent SNA. It's been a pleasure talking to you about horizon three. What it is that you guys are doing, why and the greater vision we appreciate your insights and your time. >>Thank you, likewise. >>All right. For my guest. I'm Lisa Martin. We wanna thank you for watching the AWS startup showcase. We'll see you next time.

>> live from Orlando, Florida It's the que covering Accelerate nineteen. Brought to you by Fortunate >> Welcome back to the Cube. Lisa Martin with Peter Burgers. We are coming to you Live from Orlando, Florida We've been at forty nine. Accelerate twenty nineteen all day. Peter, What a day our third year co hosting the Cuba Forty and accelerate. We heard a lot about industry leadership, product, leadership in innovation, partner. Success fourteen and accelerate. What? Some of the things that really stuck with you from the keynote all the way to the end of our interviews. >> Well, I was going to say first put a fork in May. Um, uh, Here's one of the things that I've observed. I've been doing the analyst thing and been a practitioner I t for over thirty years now on DH. Uh, it's amazing the degree to its security. People are often some of the smartest people you meet and some of the most straightforward people you meet, and partly that's because they are paid to ferret out nonsense. It's very, very difficult to fake security on. Uh, it just is, if there's one thing that even more than the last couple of years just struck me today. Perhaps it's because we're coming more familiar. Affording it is how smart these guys are, how smart they are, how informed they are, how well spoken they are. I mean, the interviews have been a breeze. I learned something from every single one of these for Jeanette interviews. So that's probably the first thing I'd say. The second thing I'd say is, um, the Ford. It has taken a different tack. We talked about this in the open, they have acknowledged, or they believe that having a degree of control over the underlying hardware is going to be a source of benefit to the customer on a source of advantage to Ford in it. And they continue to push that, and it appears pretty clear that they made a good bet that regard. We heard a lot about how a lot of new products are being placed on top of that platform and top those appliances a lot of additional functionality. But it also is pretty obvious that the ecosystem is growing faster, even in many respects and fortunate is in terms of the number of the amount of invention and innovation it's happening, and that's in part made possible by having a platform that's just higher performance. Oh, and if there's one last thing that I'd say is the degree to which Fortunate has made talked about this a second ago but made good bets and it appears clear that they're going to continue to make good bets bringing full circle Smart people that get stuff done in a domain that's absolutely essential to business are in a position to really shape the way that all this digital business transformation of digital business evolves. And Ford Net is punching above their weight in terms of how they're influencing the directions of the industry. >> They are punching up that there way. I think you mentioned that during one of our interview segment. I think they're proud of that. I think their confidence in what they're delivering and their history of being able to be pretty good at predicting what's going to happen was evident from the keynote this morning, where they showed a number of times where they are from an industry leadership in a market share perspective, calling out the names of their competitors, showing how much how far they've come, how much their customers are benefiting how much their business is growing as a result. So that confidence on pride was evident from the first time CEO Kinsey stepped on stage this morning. And I think we heard that throughout every interview segment today that you and I did with their leaders and some of their partners as well that there's since there that they know what they're doing. To your point, I agree. There was a lot of clarity of message. It's a very it's Security's a very interesting topic of conversation because it's pervasive across every industry. >> There wasn't the interviews weren't interchangeable. Each of them bought their expertise to bear on DH had something really interesting and useful to say, But it's at the core. You could see that the culture is thriving, that obviously it's a great Tam's great total addressable market that's growing. There's a lot of excitement inside the fortunate employee base about the possibilities and the role that they're likely to play, and I are playing on, you know, they talked a lot about Canada, Dabo's and some of the new. Some of the new alliance isn't even able to put together and influence. I mean, it's just It's a very good story in a market that is increasingly important. That's a potent combination for the Cube and for customers overall. >> And they did a great job on the education piece. Education was you mentioned Davis. That was an interesting kind of nod back to what they talked about last year's Accelerate twenty eighteen Educate education Ecosystem technology knows of the three pillars that were discussed in Davos is being essential components for safe and secure digital transformation, which they even set of Davos. Hey, there's the potential here in the next ten years for digital transformation to unlock. Ten can't be million. Maybe it is a huge value for businesses for society, and they said, Hey, fortunate, we've talked about these three tenants last year. We talked to John both just a little bit ago about how they are actively educating the channel from their bars to help them become msp sto. MSS peas their distributors how they're really educating, helping to mitigate some of the ostensible cybersecurity skills gap that we've talked about a very long time. But that's a a dedicated business model for them that hey, they want to drive preference with their partners. Everybody has. His customers have toys. Partners have choice. They've put a very strategic and evolutionary focus on evolving that. So customers in any industry have the opportunity to leverage security as as a best practice it as a benefit to their business. >> And there's a degree of altruism for why they did it, because they recognize that there's three and a half million open cybersecurity positions in the world. But they also demonstrated how smart and practical it is. Try to take that leadership. They want to become more competency based. How? Okay, great. Now, what does that allow you to do? It allows you to have your partners, your partner, network, connect independent of you to create solutions independent of you still based in your technology and basing your capabilities and services, but to engage customers in faster ways that may not necessarily involve you. Okay, so competency leads to new partner arrangements. Well, that also leads to more complex kinds of customer relations that generate greater value, greater service, all with the certainty of trust behind it, because you've done a better job of articulating what constitutes competency in an extremely complex domain. So it's a It's a It's a really interesting story. They've. They've clearly taken some best practices that we've seen emerge in the industry over the last few years and applied them anew. In a company that's going quite fast and a market that's growing faster than any other in Tech, >> this is largely this event accelerated. Think Derek Banky. I mention this is his seven. So around the seventh or eighth forty nine accelerate event that started its history wise as a partner conference. Obviously, it's grown tremendously, but there's a lot of partners here I would love to hear next year from the voice of the customer, a customer who has faced these challenges. We were speaking with one of their partners. It'LL come to me with Siemens, who was talking about Hey together. Seaman's from an O. T. Challenge and Opportunity, Perspective and Fortunate can help a customer transform and converge, and ot and thirty days in a harsh type of environment that's huge would love to hear more stories like showed the impact that customers can make by addressing these challenges and leveraging these technologies to not just react to threats as they come all the time. But she eventually become proactive and predictive. >> Well, the the the world economic form Dabo's uh, sport that put up a couple charts that showed how the World Economic Forum is basically putting cyber security at the center of a lot of the new economic activity associated with digital business on way would tend to agree with that. That's a very, very important feature, if for no other reason than just this notion of trust becomes so very essential. And so you know, for Net is in a position to make some crucial to really have a strong influence on how this industry plays out to make some pretty decent money. This they're generating more patents, then eighty percent. I mean, I don't know what the number is, but three times as many patents in the segment that they're operating in as anybody else. Lot of innovation, lot of dedication to doing that kind of stuff. But I think it is important for them to take on Maura the customer. You and I were talking about this earlier. They did it, you know, this conference and the keynotes and the conversations spoke to network administrators, network pros, security prose partners. We would weigh. Both believe that digital business outcomes are going to be tied into a CZ moral economic form. Does that core cybersecurity capability of abyss that of his says? And so it would be nice to have them feature more customers, but also to do eh clear job of taking a pull on that thread from outcome all the way to technology because the market needs that. It's not clear to a lot of people what really is the relationship between investment in cyber security and how that translates into new classes of business value that are gonna have a long term implications on how markets operate. >> Yeah, and it's going to be We gotta hear more than scalability, flexibility and speed those air obvious. But how our industry's being and business is being transformed. I know they >> are >> so waken boy, a lot of that down to that, that simple word trust. I mean, we heard a lot here. If there has been an erosion of trust and a lot of the most important institutions that we operate under, and if that continues, that's going to create a whole bunch of problems looking forward and so having a brand have trust associated with it in a physical as well as the digital world is going to be a major determinant of whether or not a company is going to be able to transform and take advantage of some of the new technologies and approaches to doing business in the future. >> That's a great point. Well, Peter, I enjoyed co hosting the Cube with you at our third ported. Accelerate. Appreciate all your insights and your time. >> You too. >> Thank you so much. We want to thank you for watching the queue began. We've been live here. Fortinet Accelerate twenty nineteen from Florida, Orlando, Florida for Peter Bourjos. Lisa Martin, You're watching the Cube?

>> Live from Orlando, Florida It's the que covering Accelerate nineteen. Brought to you by important >> Welcome back to the Cubes Coverage of Fortinet. Accelerate twenty nineteen. Live from Orlando, Florida I'm Lisa Martin with Peter Burress, and we're welcoming to the keep for the first time. Jeff Fully senior business development manager from Siemens. Jeff. Thanks for joining Peter and me today. >> Thanks for having me appreciate >> it. So everybody knows Seaman's in some form or fashion or capacity. Ah, here we are in a cyber security event. Talk to us a little bit about what Seamen's and Fortinet are doing together as partners and a little bit about your role in business. >> Sure, so the organization the part of semen that I'm a part of, is more of a digital industries. So what we do is ah, lot of NT operational technology environment area. So it's it's more of the harsh environments oil and gas, waste water, rail transportation. So we do a lot of the communication and the cyber security around that. We're working with Fortinet in order to bring the best of the practices on cybersecurity into that OT environment. So we're doing a collaboration between the two because there's that communication that needs to happen. They still need that access point into at OT environment >> Now. Explain why? Because because, you know, guys have grown up presuming that everything was going to be connected and a lot of business leaders presume that everything's going to be connected. The okey guys have had to work in a very, very different world where they had to do real time work, sometimes for thirty years. So take us a little bit through that dynamic. And why is it that today we actually Khun, start having conversations about how these two things come together, work together and generate value together? >> Sure, so typically from operational technology environment when they put something together, is normally for a twenty or thirty year span. They want to put something in the network and the environment that's going to last. That's going to be out there. It's not. They don't change it. They don't upgrade it normally, as they do in the ninety environment, which typically has like a five year life cycle. So in OT environment, what's happening? Noah's know times are changing and all these cyber attacks are happening. They're being mandated to do this. A good example is, in two thousand five, President Obama signed into a legislative order that you, we must in the US secure critical infrastructure and part of that securing that, saying We're going to make sure that you know we're not going to be happy because in the utility market, if we take down four of the major interconnects between their power grid than that stated that us had become a third world country in eight days. So what we're doing is >> not do that. >> No, we're trying to help prevent that. So by doing so, we need to add security. And historically, from noti environment, it's always been about there's not been remote access. There's not been that connectivity. It's always been about electrical and mechanical devices. But now is these devices are getting smarter. They're getting Mohr intelligent. There's more information to get out of it. You get more efficiency and more information out of so you can know. Do your job better. You could do remote access. And like in Florida, here we have a bunch of hurricanes. There's the ability to say after a hurricane, I could get remote access or I could do that communication out to these devices where you wouldn't be able to do periodically in the past. So because of that, because connectivity we need to start securing our infrastructure to make sure that no, as we get access to that potential, that the bad guys get access to those devices, too. So we're working with our product portfolio and partners like Fortinet in order to make sure that we're applying the best of the security in the O t world. >> So when this convergence, we're talking probably with folks who are not used to change. Change is hard for everybody. However, as you said and back in two thousand five became a presidential mandate. But also it >> was two thousand fifteen >> two thousand five. Obama signed in tow the listen president till two thousand. And I'm sorry. >> Thank you for the mass >> housing one. >> Yeah, just years ago on the math expert. So just a few years ago, there was this mandate from President Obama which we clarified was only four years ago. So but historically, folks that are not used to having to change system so quickly. Yet here's this mandate. There's also this increasing abundance of separate tax. How do you have those, I presume, difficult conversations with Theo Teesside about the opportunity for OT convergence and the benefits and why they have to get on board with this. >> So historically, from the OT side, they've been very reluctant to do something like this. They want to own their own environment. They want to do that. It's always been the perception that if you bring that cyber security of the world into that OT environment, it's going to hinder their operations. But that's not really the case. The convergence of T and O. T has been happening for decades now. I started my job seem it's in two thousand in the telecom world, and we were doing that convergence of n ot back in two thousand when we're doing voiceover. I pay right because that was happening back then. So this convergence of Tino Tee is It's an ongoing thing. It's just in. Different markets are different industries, so now that we're doing that, we're bringing it in there. They're starting to have that conversation, but then it becomes a really who owns that The operation are who owns that security? No ot still wants to drive their own. They want to own their own. Where I saying, Look, I know we have the knowledge we have experience. Let's help you get there So there's generally a demarcation point that they've come to an agreement on where I Teo say we're going to help you to this point. And then you can own all the critical assets out on the far end. >> So let's talk about that demarcation point. What constitutes what characterizes that demarcation point? What are where are we today? Because we're moving from hardwired, uh, thirty year footprint to increasingly wireless, uh, faster. We're moving towards that, but we're how far our way when you talk to customers. What is what are the attributes of that demarcation point? It's >> interesting because we sew it. That goes everything we saw of customers that are on dialogue, communication, serial communication, Ethernet fiber, wireless. Lt s o. There's a broad range of that we call the pipe. So you know the pipe is the communication just between the side down to the OT side really helps to find that demarcation is when you get down to what are the critical assets, what's really the operation or what's making money for that company on those of the assets, which really the operational organization's own and then the side really provides that communication down to that to that ball. >> Got it. So it's really business specific. But are we starting to see Are we started to see? Well, it's got a little bit more processing power or it's got a little bit more. There's the's security attributes that are associated with it or ot guys picking up on T related security, starting elements of it faster than others >> they are on. But really, it's it's ah, it's region and as industry specific and it's really what's driving it So like in the U. S. Like I meant in the utility sector, three utility sector has requirements called no exit, and these narcs IP requirements said you must do these things and they get very specific to the point of. You must have something that will detect anti virus or malware. You must do this if you look into Canada. Canada just recently passed away. Be requirements for Ontario and those are based upon framework cyber security framework to do that. So it's really debate the industry that they're in and the region that they're in. That's what's really driving that our how deeper and far they're going to go. >> And it goes back to your original point that it's being driven by regulatory edict or a past exposure and trying to make sure it doesn't happen again. >> They don't want to make the news, and they don't want to be pushed by the government. But those were really the two things in the operational technology or environment that's really driving for that cyber. >> Thank you, Sierra, One of your favorite success stories that really highlights the opportunities that O. T. And I t Convergence have enabled for customers of forty nine Seaman's >> Oh yeah, there's, ah again because I'm global experience. No, I've got around the world, but actually one of the favorites is Actually, there's two of them that have happened just here in North America, Oneness in Texas and one is in Canada. And both of these requirements came to say that they had a specific date, that they needed to make requirements to meet the regulatory otherwise, that they were going to get fined and they came to us and it is both home were pretty last minute. So what we're able to do is to say, Look, we have this platform that's rated for harsh environment. That's no into your networking to provide that communication. So then what we could do is we can work with our partners, put that application on that OT environment and then install and get certified for your application. So there was two of you, Like I said, one in the U. S. And one in Canada. Which way made the deadline's where they came back and said, No, thank you very much, very appreciative. >> And how quickly were you able to get this up and running is that they didn't miss the deadline and we're able to certain gleanings value from this. >> I just did a write up on one. We got a phone call on a Friday that they needed to provide a solution. So we worked over the weekend, and on Monday we proposed a solution. So once you do that, no, obviously they need to go through their value chain to get to sign offs, and we have to go through our process. But it was within thirty days were able to install it make their deadline and make sure that they were compliant. >> That's a pretty good marketing message to deliver that you guys could enable Such It is such a big convergence and it's a month's period >> of thirty days. >> Pretty impressive. >> That was, That was That was one thing that I think we all worked out. There was a deadline. We all work toward that. It was a trusted partner thing, you know. The customer came to us, they were asking for some stuff. They trusted us to do that. So like I said, we worked over the weekend, help them do that. We felt we had the right solution to address their requirements and at the end of the day were ableto meet that thirty day deadline. >> But the trust is not just with you. It's not just a seaman's. It's with an expanding array of cos it Seaman's is working. That's correct. What is it like working with a company like Ford Net to try to ensure that these new domains that are characterized by enormous uncertainty, technological operational organisational are not undermined by challenges of crafting that sushi solution together in such ways, it can be implemented quickly and with a high degree facility. >> I think it's a great opportunity for saying it's important not to be working together only from the fact of Fortinet has got the history. They've got the technology. They've got the name in their market space on DH. They've got the capability to deliver that Siemens. And for if you look from our customer space in our environment, no, we're very well developed, well entrenched in our customer. So to be able to bring the technology and the experience and the know how and bring that those cyber security requirements which are now being pushed down into the OT environment in and no amount of time it's not. There's no development needed, there's no additional stuff fourteen and already has that knowledge from the space. So to bring that into the environment, it's very beneficial. I think both of us, in order to help drive their customer opportunities in our market. >> And they talked a lot this morning during the keynote about where they are from the competitive leadership perspective that was peppered, ah, lot throughout the first at least ninety minutes of the keynote. But presumably obviously everybody has choice. Everybody likes choice. Simons has choice there. I'm just curious to get your take on some of the announcements that came out today from Fortinet. Does that excite Seaman's? Were you involved in that? In terms of being able to take the next set of customers who have the same challenge that you describe with the Texas based on Canada based customers and show them we can help you together? Seaman's importing that transform in thirty days. >> I think it's very exciting with fourteen that's doing in the new capabilities and functional yet they're coming out with. I think that's really going to be able to enhance our offering because it's really a differentiator for us. If you look at us from the operational technology side, there's not a lot of people out there that can actually do with porting that's able to bring to the table. So all these additional features functionality that was coming out by Fortinet to be able to put it on to our platform and our environment and to be able to offer that in the operational technology side. So I think it's a big differentiator from our competitors for both forty and for seeming to be able to jointly provide this offering to our customers. >> Just one question about your competition. A lot of companies like Siemens, especially that especially strong in the OT space, not just your customers. But suppliers like yourselves have also struggled a bit as they try to find a Z trying navigate that way forward to convergence of tea. No tea on appropriate convergence of tea. No tea. What is it about Seamans that has allowed you to not stub your toe or cut off your leg? Like some of the competitors, >> I believe that's because we've had a long history in both the A I T o T space. If you look at the vertical, are the digital industry that we're in right now. It's been very much ot centric for the last twenty five thirty years, but we have seen minces No. Three hundred seventy nine thousand people worldwide strong. We're very embracing the newer technology and the newer capabilities myself coming. No, starting with Siemens twenty years ago with a nice background being able to bring that knowledge that ability and doing that convergence of the idea no t within Seaman's for so long. I think we understand our customers, and we've been listening to them. And then we're partnering up with companies like Fortinet. Health says, Bring that technology that capability to our customers >> said that expertise, that partnership, What's your recommendation has be wrapped things up here for customers who are at the precipice of being able to understand why I know Teenie to converge with your recommendation for them to tackle this challenge successfully. >> I think the best advice I could have is let's sit down and have that conversation. Let's see what the requirements are. Let's see what they're trying to accomplish because I believe with the solutions that Siemens has between communication, the network in the security and then they technology and the capability that forty nets bring to the table we can to help design a customized solution for their environment in order to make sure that they can address their cyber security needs >> and do so quickly. Well, Jeff, thank you so much for joining Peter and me on the cute this afternoon. We appreciate your time. >> Thank you for >> for Peter. Boris. I'm Lisa Martin. You're watching the Cube