(electronic music) >> Hi, welcome to today's very special in-studio presentation of theCUBE, I'm Peter Burris, Chief Research Officer of Wikibon, and we've got a great guest, we're going to talk about critical infrastructure today, which is a topic that deserves a lot of conversation, but sometimes ends up being a lot of talk and not as much action, and we've got Phil Quade, who's a Chief Information Security Officer of Fortinet to talk about it. Phil, thanks for coming to theCUBE. >> Appreciate being here, thank you. >> So Phil, the issue of security is something, as I said, that's frequently discussed, not often understood, and therefore often is not associated with action, or perhaps as much action as it should be. Talk about the conversation that you're having with customers and peers in the boardroom about the role that security is playing in business thinking today. >> Sure, thank you. The folks I've talked to, they're not dumb people, you don't make it into the C-Suite without having some type of intellect and perspective. What I found is that they recognize indeed that we are in the midst of another computing revolution, and the roots of that trace back from mobility to the cloud and now the Internet of Things. What they don't quite recognize, though, is that we're in the midst of a security revolution as well. And I look at that as going from security from being point solutions to being ubiquitous security everywhere, to having that security integrated so it works as a team. To have that team-oriented security simplified so it doesn't overwhelm the operators. And importantly into the future, much more automation, so highly automated to the degree that it will actually execute the intent of the operator and of the security people. >> So Phil, you made a very interesting point, you said security everywhere, we usually think about security as being something that existed at the perimeter, almost now, I guess, to walking into a building and securing the outside of the building, and once we secure the outside of the building, everything else was fine. But the nature of security everywhere means that the threats seem to be changing. Talk a little about the evolution of some of the threats, and why this notion of security everywhere becomes so important. >> You're right, we all know how well relying on boundary security alone works. It doesn't. You have to have boundary security where there is indeed a defined boundary, but increasingly, networks are borderless. You'll work from home, you'll work from your car. You'll work while you're taking a stroll in the park, but you also need to recognize that you have important assets there in your data centers, there in your clouds, so it's not about having point solutions at the border, it's about having ubiquitous security that can operate in your pocket, on your laptop, on the edge, in the data center, in the cloud as well, but this is importantly, having all those pieces working together as a team. >> We like to talk at Wikibon about the idea of, everybody talks about digital transformation, but to us, that means ultimately is that, companies are using data as an asset, that's the essence of digital transformation. This notion of border security becomes especially important, because our data becomes our representation of us, of our brand, data is acting on our behalf right now. So what are some of those key new things that we're concerned about, in terms of the new viruses? If we think about a hierarchy of concerns, bullying all the way down to strategic, where are we in understanding that hierarchy, and how we're dedicating the right resources to making sense of it? >> Sure, it's tempting to think that WannaCry and NotPetya represent the new normal, or the cutting edge of the cybersecurity threats we're seeing today, but I think we need to take a step back and recognize the intent of such threats. Some threats come at you because someone simply wants to cause mischief. Others because they are trying to bully you into doing certain things. Some of these threats are based on a criminal element, where they're trying to get some type of financial gain, but now others are much more, much more, I'll say harmful. Some might be due to revenge, so, look at the Sony incident. The Sony incident was primarily because a foreign leader was upset of a film company's portrayal of his country, or himself. And the two that are especially worrisome to me are threats that are motivated by military tactical advantages, but most importantly, strategic advantages, so for example, there's some countries that hope to hold our strategic assets at risk, and what I mean is, they'd like to be able to impose their national will on the United States, or other democracies, by holding some of our critical infrastructures at risk, as in preventing their reliable and safe operation, or causing folks to have a distrust of their financial system. So I'm really worried about the threats that come after us from a strategic perspective. Don't worry, WannaCry and NotPetya are important, but they're very different than being strategic threats. >> Now, this issue of strategic threats sounds like there's also a continuum of the characteristics of the threat, from, you totally bring something down, to you actually introduce behaviors that are not expected or not wanted. So talk a little bit about this notion of critical infrastructure, and how we're getting more, both planful, and subtle, and strategic in our responses to the threats against critical infrastructure. >> Well, it's the subtle ones, you're right, it's the subtle ones that worry you, meaning, it's relatively easy to recognize when something bad happens to you, 'cause you can immediately try and fix it, but when something subtle, oftentimes it passes, your prickly sensors don't come up. And the problem is, when all these subtle things build on top of each other, so that all of a sudden, 10 subtle things turn out to be one very big thing, and those are the types of things we need to worry about with some particular critical infrastructures. So for example, a terrorist's malicious activity might simply be looking for one big high-visible attack, meaning, causing heat and light to happen on a TV screen for an exploding oil field, or something like that, but a much more subtle malicious activity would be the gradual degradation of the quality or availability of water, or the gradual degradation on the precision of some of our critical manufacturing, so I'm with you, that some of the subtle things are what we need to worry about. We call those low-and-slow attacks, so it's, you not only be prepared for the loud and stealthy ones, but also the low and slow ones. >> Now, we used to think for example of one of the more famous portrayals of security concerns in movies and whatnot is the idea that I take off the last six decimal places of a transaction, I somehow amass millions of dollars. Is that the kind of thing you mean by low and slow? Those aren't necessarily the kind of threats, I know, but that kind of thing, it's subtle, and it doesn't have an immediate, obvious impact, but over time, it can lead to dramatic changes in how business, or an infrastructure, a national asset, works. >> That's a great analogy, the old financial attacks where they bleed off 0.01 cent per transaction, that adds up very quickly into a very high-volume loss. Well, imagine applying that style of attack on something that could result in not simply a financial loss, but could cause a physical or safety event, whether it be a pressure explosion on a pipeline, a degradation of water, or something of the sort. Those are very, very important, and we need to make sure we're looking for those too. Now, the question might be, well, how do you find such things? And the answer is automation. Human cognition is such that they're not going to be capable of tracking these very low and subtle and slow attacks, so you're going to need to use some always-on analytics to find those types of things. >> So I want to bring you back to a word that you use that, in the context of this conversation, it actually becomes very important. Simple, small word. We. In this world of security, when we start thinking about, for example, the internet, which is a network of networks, some of which are owned by that person, some of which are owned by that corporation, some of which may have more public sponsorship, the idea of we becomes crucially important. We all have to play our role, but to secure critical infrastructure's going to be a public-private effort. So talk a little about how we go about ensuring this degree of control over the public infrastructure. >> So bingo, oftentimes when I say we, it's the royal we, because as you know, as I know, critical infrastructure's not owned and operated by any one place, in fact, it's owned and operated by hundreds if not thousands of different entities. Unfortunately, some people think that the government, the US government, is going to swoop in and do something magical and magnificent to secure critical infrastructure. And the other, certainly, intent, not intent, there's a will to do such a thing, the government doesn't have the authority nor resources nor expertise to do such thing. So what it means is we, this is the royal we, the public sector, the private sector, and there's an even a role for individual citizens, we need to come together in new and innovative ways to get the security critical infrastructure to a much better place. >> And this is part of that conversation, having the conversation about the role that critical infrastructure plays in the economy, in social endeavors, in government, in democracy, becomes a crucial element of this whole thing, so when you think about it, what do the rest of us need to know about critical infrastructure to have these conversations, to be active and competent participants in ensuring that we are having, focusing on the right thing, making the right investment, putting our faith in the right people and corporations? >> I think the first step is taking a long-term approach. I'm a big believer in the old Chinese proverb, a journey of 1,000 miles starts with one small step. The problem with critical infrastructure security is that the problem is so big, and it's so important, that we're often paralyzed into inaction, and that gets back to the point we were talking about earlier, that no one single person is in charge. But we need to recognize that and get past it, we need to recognize that the solution lies in several folks, several communities coming together to try and figure out what we each can bring to this problem. And I believe there's some actional things we can do. I don't know what those 1,000 steps look like to get to where we need to be, but I do know what those first five, 10, 15, 25 things are, as do other folks in the community. So why don't we start acting on them now, and that has the side benefit of not only making incremental progress towards them, but it develops what I call muscle memory between the public and private sector, of how we go about working together on problems where no one entity owns the whole problem, or solution. >> So one of the things that makes critical infrastructure distinct from, again, this goes back to the idea of what do we need to know, is that critical infrastructure is distinct from traditional networking, or traditional infrastructure, in that critical infrastructure usually has a safety component to it, and you and I were talking beforehand about how IT folks like to talk about security, OT folks, or operational technology people, the people who are often responsible for a lot of these critical infrastructure elements, talk about safety. Bring that distinction out a little bit. What does it mean to have a perspective that starts with safety, and figures out how security can make that easier, versus starts with identity, and figures out how to control access to things? >> Right, I think that's an important point, because too often, the folks in the IT, information technology community, and folks in the operational technology community, the OT community, too often were talking past each other, and one of the reasons is just as you said, one focuses on the security of bits and bytes, and other focuses on the safety of water and chemical and electrons and things like that. >> Well, at the end of the day, it's hard to say, "I'm going to secure water by not letting this group drink." >> Right, that's right. >> You can do that kind of thing in the IT world. >> Right. So, very much so, the industrial control system folks, the OT folks, what's number one on their mind is the safety and reliability of their systems and equipment. They're serving the public with reliable transportation, water, electricity, and the like, and so one of the first things we need to do is recognize that, it's not either/or, security or safety, it's both, number one. Number two, I think an important solution is, an important part of the solution is mutual respect, meaning that, yes it's true that the IT folks have some important strategies and technologies to bring into the OT space, but the opposite's also true. The OT folks, some of the smartest folks I know in the business, have been doing what people recently breathlessly call the Internet of Things. So in the critical infrastructure world, they have what's called the Industrial Internet of Things, and they've been using these lightweight distributing appliances for decades successfully. And so I think that we need to take some of the lessons from IT, and apply it to the OT space, but the same is also true. There's some OT lessons learned, so we need to apply the OT space. So, the real solution though is now, taking both of those who are working together to address the increasingly blended critical infrastructures, IT, OT worlds. >> So Phil, if you were to have a recommendation of someone who has worked in, been familiar with the black security world, the black ops world, the black hat world as well as the white hat world, if you were to have a recommendation as to where people should focus their time and attention now, what would it be? What would kind of be the next thing, the next action that would recommend that people take? >> If I could, I'd like to answer that in two parts. First part is, what are the group of activities where we could naturally make some progress? Well, the first one is, getting some like-minded thought leaders together in agreeing that this is in fact a 10-year problem, not a one-year problem. And no matter what jobs we're all in, commit ourselves to working together over that period to get to a good spot, so one is a forming of like-minded people to agree on the vision and determination to help us get there. But then there's some practical things we can do, like, the mundane but important automating information-sharing. There's some critical infrastructures that do that very well today, the financial sector's often brought out as one of the best in that field. But some of the other sectors have a little ways to go, when it comes to automating information-sharing of the threats and the risks in the situations they're seeing. Another thing that I think we can do is, I call 'em pilots. Specifically, we need to explore all the dimensions of risk. Right now when we think about mitigating risk, we think about, how can I stop a threat, or how can I fix a vulnerability. But too often we're not talking about, what are the bad consequences I'm trying to avoid to begin with? And so, the critical infrastructure community especially is ensuring a discipline called consequence-based engineering, so it's mitigating risk by engineering out the bad consequences from the very beginning, and then using your technology to address the threats and the vulnerabilities. So I'd like to see us do some public-private partnerships, some pilots, based on consequence-based engineering, and that will not only reduce overall risk, but it will create, as I mentioned earlier, that muscle memory. >> Consequence-based engineering. >> That's right. >> So is there one particular domain where you have, like when you sit back and say, "I want to see these public-private partnerships," is there a place where you'd like to see that start? Part of the whole critical infrastructure story. >> Right. You can't ignore the electric critical infrastructure. And the good news is that they've been practicing this science, this art, consequence-based engineering, for some time now. So for example, in the electric grid, as you certainly know, there are three major interconnects in the United States, the eastern, western, Texas interconnect. So they already create segments, or islands, so that one failure won't propagate across the whole US. So the mythical US-wide power grid is in fact a myth. But even within those segments, the eastern, the western, and the Texas interconnect, there's other further segmentation. They don't quite call it segmentation, they call it islanding. So when things fail, they fail in a relatively safe way, so islands of power can continue to be generated, transmitted, and distributed. So, in the sense, some of the folks in the electric companies, the electric sectors, are already practicing this discipline. We need to, though, pivot that and use it in some of those other disciplines as well. Think, oil and gas, transportation, water, critical manufacturing, and possibly a couple others. >> So Phil, I find it fascinating, you were talking about the electric grid as a network, and all networks have kind of similar problems, we have to think about them in similar ways, and Fortinet has been at the vanguard of thinking about the relationship between network and security for a long time now. How is your knowledge, how is Fortinet's knowledge of that relationship, going to manifest itself when we start thinking about bringing more networking, more network thinking to critical infrastructure overall? >> You're right, the strategy of segmentation is still king in the security business, and that's especially true in the IT space. At Fortinet, we offer a range of security solutions from the IoT to the cloud, and can segment within each of those different pieces of the network, but more importantly, what we offer is a security fabric that allows you to integrate the security at the edge, at the cloud, in the data center, and other parts of your network, integrate that into a fully-cooperating team of security appliances. What that allows you to do is to integrate your security, automate it much more so, because you don't want to bring a knife to a gun fight, meaning, the adversaries are coming at us in lots of different ways, and you need to be prepared to meet on their terms, if not better. But it also greatly decreases the complexity in managing a network, by leveraging greater automation and greater visibility of your assets. So, you're right. Segmentation is a strategy that's proven the test of time, it's true of the IT space, and it's especially true to the OT space, and at Fortinet, we'd like to see the blending of the planning and implementation of some of these strategies, so we can get these critical infrastructures to a better spot. >> Well, Phil Quade, thank you very much for coming on theCUBE and talking with us about critical infrastructure and the role the network is going to play in ensuring that we have water to drink and we have electricity to turn on our various devices, and watch theCUBE! Philip Quade, CISO of Fortinet, thank you very much. >> My pleasure, thank you. >> And I'm Peter Burris, and I'm, again, Chief Research Officer working on SiliconANGLE, you've been watching theCUBE, thank you very much for being here as part of this very important discussion, and we look forward to seeing you in the future! (electronic music)

(upbeat instrumental music) >> Hey welcome back everybody. Jeff Frick here with the Cube. We're at the RSA Conference in downtown San Francisco. 40,000 security professionals here talking about how to keep us all safe, especially when we're in autonomous vehicles, especially when we have connected nest devices. It's a crazy wild world. We're excited to be joined by Derek Manky, the global security strategist for Fortinet. Welcome. >> Hey thanks, pleasure to be here. >> Absolutely. >> We'll talk security right? >> Well I hope so. So for folks that aren't familiar with Fortinet, give us kind of the overview of what you guys are doing. >> Sure I mean tons of different things. So, you know, my department, I work directly with our global threat intelligence team and our labs. So for over 15 years now, we've been building up our labs. We have over 200 threat analysts and researchers worldwide combing through data at any given minute. But the problem is, the data. We live in a big data world now. There's so much, it's very easy to become overwhelmed with data. So we've taken an approach where we have a very intelligent human expertise team, but we've invested a lot into automation, machine learning, artificial intelligence, that you're going to find that's a very important thing moving forward because we need to be able to stay on par with the bad guys. >> Right right. >> The bad guys are very good at automation. They don't have anything holding them down. They're flying full-force, so we're trying to keep up to them. And, you know there's a lot of great initiatives like cyber threat alliance, of course, so we made a big announcement this week on that too. >> Right. So really as things have evolved over those 10 years, I mean the bad news is the amount of data that you guys have to keep track of is growing exponentially. The good news is the tools like machine learning and AI and Spark and Hadoop and, you know the tools that you have to use are much more sophisticated as well. It kind of works both sides of the coin at the same time. >> Yeah but you know what? One thing that we found is that there is a lot of information here, there is a lot of data being thrown out there. You have to make sense of the data. So a big theme and a big focus of ours is making data actionable. So threat intelligence actionable. How do you cross what we call the last mile? How do you take data and information and put it into transparent security controls so the end users, like all of our customers, don't have to do that manually. The manual work is what's killing a lot of people out there. There's a huge gap in cyber security professionals out there. People like network administrators, by the time they receive, say, a PDF document or something manual that they have to plug in an IP address or an update, it's often too late. A lot of this information is very perishable, very fluid. So, we're trying to automate that into the security controls. That comes from a lot of that big data, analytics on the back end. We call it a security fabric. So this is where we can weave in that information into all of our different products. End point, from end point all the way up to the cloud. And the cyber threat alliance is a very big initiative. So we're a founding member of that along with the other founding members I mentioned this week. We're working together to share information. And the goal of that is to share information on a platform and then as a member of the CTA founding member take that information in and push that out into those controls in near real time. That's the big thing. >> That was the big thing right? Because people have shared data before. But it's really kind of this real time emphasis to get it in real time. You know using things like Spark and streaming data. So that you're not reacting after the fact. In the old stat they used to quote us, you know people didn't even know for like 250 days. >> Derek: Yeah. >> Or whatever it was. >> We're bringing a lot of illumination to intelligence as well. Visibility's a big thing. Speed is a very big thing right? How can we get that information out very quickly because like I said the bad guys are moving a million miles a minute. So it's a really important initiative what we're doing with that. The other thing is the quality of information. A lot of information is too hastily shared and I think humans we're at that tipping point right now. Where humans can't fully trust automation. It's like autonomous vehicles. >> Right right. >> You're not going to put it fully in control right? You have to start getting a trust exercise with it and that's what we're trying to do, a lot of this intelligence. >> What was interesting in the keynote this morning one of the new threads they highlighted is people actually feeding the algorithms bad information. >> Poisoning yeah, yeah. Absolutely, yeah, yeah. >> Salting the algorithm is what they call it. To send it down a different path than it should be going. >> I mean the bad guys will put all this thought throughout and evasion techniques. But that's another really nice thing about the cyber threat alliance. Is that we're all collaborating. So we're giving confidence ratings to this. So it's also a quality of sharing system which the industry very badly needs in my opinion too. >> So what's next? Looking at 2017, we're getting started this February. Oh it's Valentine's Day February 14. >> Happy Valentine's Day. >> Happy Valentine's. So a year from now and we talk, what's the top of my priorities? What are you working on for the next little while? >> Yeah absolutely. Again we're going down the CMO automation. You're going to see a lot on the security fabric that we have. So this is how we can have machines automatically learning about environments. Automatically adapting to environments. You look at a lot of security problems out there a lot of the times it's security 101. It's people misconfiguring firewalls, misconfiguring policies and devices. Not having a proper security device in front of their crown jewels or their asset, their digital asset. So that is a big theme that we're doing, it's taking that intelligence and starting to empower our products and solutions to make intelligence decisions on their own. >> Right. >> That's a very big leap forward and we've made significant progress with that. >> It's interesting that you mention that. There's still a lot of 101 work that people aren't doing to the degree that they should. There was a great line in the keynote this morning that every company has at least one person that will click on anything. >> Weakest link in the chain right? Yeah. >> Absolutely. Alright well Derek thanks for stopping by. And congrats on a great show. And really some exciting stuff with that cyber threat alliance. >> Great yeah thanks, a pleasure. >> Alright he's Derek Manky I'm Jeff Frick. You're watching the Cube from RSA in downtown San Francisco. Thanks for watching. (instrumental music)

>> Commentator: Live from Las Vegas, Nevada. It's theCUBE. Covering Accelerate 2017. Brought to you by Fortinet. Now, here are your hosts, Lisa Martin and Peter Burris. >> Welcome back to theCUBE. We are live at Fortinet Accelerate 2017 in Las Vegas. We've got a great day so far talking to a lot of Fortinet folks, some of their technology alliances partners. And up next we've got Eric Kohl from Ingram Micro. Eric is the Vice President of Advanced Solutions and Eric's going to have a chit chat with myself, Lisa Martin and my co-host, Peter Burris. Eric, first and foremost, welcome to theCUBE. >> Thank you. >> Your first time on. Eric, you are an Ingram Micro veteran. >> Just a little bit. >> Just a little bit. You have previously been their Vice President of Network and Security Business Unit responsible for leadership, for strategy, and channel sales working with solutions, our networking SP's. Tell us about Ingram Micro. What is the role that Ingram Micro plays bolstering Fortinet's channel? >> Sure, yeah, I've been at Ingram for 18 years, it's kind of hard to believe. Our role is really to help kind of shorten the sale cycle for Fortinet partners. So we want to help our partners to become more highly trusted and more profitable security advisors. So I lead our, I'll all it our security practice because I think security is at the tipping point now, so where I used to be networking to security, my portfolio is primarily security and most of the networking guys are leaving the security as well. We play an integral role in really helping to make it easy to do business with our vendor partners. >> Lisa: Fantastic. One of the things that has been a topic that we have heard from the general session today and throughout a number of our guests is you mentioned really networking, but also networking in security really being no longer separate conversations. And the opportunities proliferation to mobile and IOT devices is really creating a talent impact. A talent shortage. How is Ingram Micro helping to maybe mitigate some of the challenges that companies are facing with respect to how to do deal with these daily attacks? >> Eric: Yeah, there's a couple key challenges. It's complexity. It's not just the complexity of some of the technology solutions that are supposed to help us in protecting our data. But when you think about DYOD and the internet of things, there's already a connected device for every human on this planet. And that's a security, that's like a CISO's nightmare is how to protect all of these things. So that's a huge challenge. And then to be able to have the resources to manage the solutions that are complex in themselves, that's a big challenge. And it's not just for the end users themselves, there's thousands and thousands of IT security integrators with varying degrees of competency. We're serving all of them. And even some of these guys are struggling with the complexity. I think one of the other things that we constantly hear from partners is SMB's and mid market companies are under attack like never before. They don't make the headlines like Yahoo or some of the things that are going on in the political world. These small companies are under attack and if they get attacked, they don't make the news, they just go out of business. >> Lisa: Right. >> So that's a huge challenge. >> So demand's going up, significantly. >> This is a great spot to be in. I go to conferences like these and a new breach hits the wire and we're high fiving. It's good for our industry. >> Peter: But that the same time, as demand goes up and the capacity to serve that demand increasingly has to move into technology because of some of these labor shortfalls, it means there's a whole bunch of reconfiguring of where are values created, who's creating value, how they're creating value. How is Ingram Micro finding itself mediating what partners want, what the industry has to offer, and ultimately what the customers of your partners are trying to serve. How are you finding your business evolving? >> Eric: We have transformed more into a services company than ever before. If you think about IT distribution, it used to be about getting a box from point A to point B. That was so far in the past. And for us it's around how do we help augment and provide services kind of what I would say throughout the security sales cycle so that we can help these trusted advisors? Or even if they're not a highly competent security advisor, how do we help them look like they are so they can serve and protect our clients better than anybody. >> Lisa: Actually, you brought up a good point there. Can we ask you about the security sale cycle? You mention you're an 18 year veteran at Ingram Micro. How have you seen the security sale cycle evolve as security itself has evolved and we have this daily expanding threat surface? What's that sales cycle like now? >> Eric: Like I said, many, many, many years ago it was all about moving the products or helping with some financial services but toady Ingram plays a pivotal role throughout that sales cycle. So for us, it kind of starts with training and education. Helping our partners to make sure that they understand the benefits of going to get certified for Fortinet Technologies. Or the benefits of getting your technical accreditation so you can move up into the partner stack and better serve your clients. It's also around helping our partners understand a position like security awareness trainings as an example. You can have the best technology in the world but if you still don't understand what today's threats are, you're a risk. The second area would be around what I would call pre-sales professional services such as assessment work. So the cyber threat assessment program that Fortinet has. So we're authorized to go and help our partners do that. We've done it in conjunction with partners. We have partners on the phone all the time, we'll set them on a demo, we'll help them get that CTAP done. And once that thing is in, it's closing a sale. So you can really drive demand. You have a better understanding of what's going on in the network. And that's all before we've even delivered a product, right? So then you kind of get into the core of what I would call channel enablement and operations. Which is, look yes we have to help our partners get the technology, but it's also around, we're serving more Fortinet resellers than any other company in any country from a distribution standpoint. I'm really proud of that. But they're all varying degrees of competency and so we have to act as though we're their Fortinet channel account manager. And so we love doing that type of work. The next part of that sale cycle would be around how do we finance that? So there's a multitude of financial services offerings. Or leading with Fortinet's MSSP program to help close an opportunity in the invariable financial models. And then it's around implementation. A lot of partners may find an opportunity and they can't get to Las Cruces, New Mexico. Well they can tap into our network and we'll help them find a provider that can do that implementation service. And then wrapping it up with remote monitoring and management or managed services of those things. And now, Fortinet plays a role in many of those categories. So we would lead with those solutions to make sure that a security advisor is really taking advantage of offerings throughout the sale cycle. Whether Fortinet offers them or whether we're working with a third party provider. >> So you mentioned that you are the largest distributor working with Fortinet Technologies. You also mentioned something earlier too that's interesting and that is, kind of leading into differentiation. You talked about Fortinet being able to go from the antiphrase down to the SMB and the fact that what we're hearing so much media about enterprise attacks that's what gets attention. >> Right. >> Talk to us about the differentiation that Ingram Micro is getting as a result of partnering in such a focused way with a Fortinet that is able to get into and help those small, medium businesses not go out of business. >> Right. And Fortinet's in a great spot because they've been serving from the SMB to the mid markets and the enterprise. And to your point, yes, the Sony's and the Yahoo's they make all the headlines. Companies like 80stees.com that got attacked and almost when out of business they don't make the news. And so we play an integral role because we're serving thousands of resellers that actually are working with those small companies. So we have to help them understand the technology, understand the new like there's announcements today. You know, we have to help get that message out to the Fortinet channel and really help augment their channel efforts with that. >> As think out over the next couple of years given that it is the movement from a product to a service orientation in many respects requires that much more data. The visibility that makes you that much more intimately tied to your partners, what will be the role as a business person, what will be the role of data, data security, more secure networks to you as business person? >> As a business person this is just going to keep accelerating. The demand for information isn't going to slow down. The demand over the networks, it's just going to keep expanding as quickly as are the devices in our hands. It's one human has a device or one device for every human on the planet today that's going to double or triple in the next few years. That demand for data and data protection is going to go right along with it. >> Lisa: One last question for you, Eric. One of the things that was interesting today was a lot of the predictions that we were learning from Fortinet. We had Derek Manky on the program and he did a blog, his team did, leads Fortiguard Labs about really six predominant evolutions and challenges and it was quite striking. I'm curious your perspective as we're seeing this threat surface expand. One of the things that he was talking about was the need to bridge the gap between public sector and private sector and what Fortinet is doing there to facilitate things where they don't have jurisdiction that maybe a police organization would need to be involved in. As we look at Fortinet going in that direction in helping to bridge the gap there and share knowledge and threat intelligence across public and private sector and to your point earlier helping the SMB market which doesn't get that visibility. Last question, what are you most excited about? Fortinet's just starting their fiscal year 17. What excites you most as a distributor for this year of opportunities? >> I would say it's a couple things. They had an exciting announcement today around their intent based and that's really exciting. To be able to drive simplicity and to management and being able to understand what's going on. Our partners and ultimately the clients, they don't want point products. There's a lot of security vendors that are offering point products. These customers want business outcomes and they want simplicity. It's really easy to be a cyber criminal today. Ransomware's a service. You can go out and start flooding emails out and then all the sudden you rent the malware and you'll get paid if you can infect somebody and they have to go pay for it. Protecting against that has to be as simple as it is to be a cyber criminal. I think that it's exciting with what they're doing there. In terms of this event, and Derek is a great leader in security. He was out at our big event in November so I was catching up with folks like him. I love these events to come and check in with our partners and we've been a Fortinet distributor, this will be our 10 year anniversary and we're also a customer. It's exciting for me to come in and see our friends and familiar faces and catch up with everybody and see what's new. We're really excited about the future with Fortinet. In those 10 years, we've been above market growth every year. Don't tell my boss, he assigns quotas. But they've been a great partner for us. >> It sounds like from what we've heard today from yourself and from your partners at Fortinet, this year presents a tremendous amount of opporunity and challenge. We wish you continued success, Eric. Thank you so much for your time on theCUBE. >> Thank you very much. >> We thank you for watching theCUBE as well. And I'll thank you on behalf of my esteemed colleague, Peter Burris. But, don't go away, we'll be right back.

>> Narrator: Live from Las Vegas, Nevada, it's the Cube, covering accelerate 2017, brought to you by Fortinet. Now here are your hosts, Lisa Martin and Peter Burris. >> Hi, welcome back to the cube, we are live in Las Vegas at Fortinet Accelerate 2017. I'm you host , Lisa Martin, joined by my cohost, Peter Burris, and we're really excited about or next guest. We are talking next with Derek Manky. Derek, you are-- first of all, welcome to the cube. >> Thank you very much, I'm excited to be here. >> You have a really important role in Fortinet, you are the Global Security Strategist. >> Correct, yes. >> You have a... Established yourself as a thought leader with over 15 year of cyber security expertise, and your goal is to make a positive impact towards the global war on cyber-crime, that's a big goal. >> That's a very, very big goal, but it's a big hairy goal, but it's... Critically important, I believe, I firmly believe this over my whole career, and I'm starting to see some good traction with the efforts that we're doing too. >> And it's becoming more, and more, critical every day as breaches, and hacks, are a daily occurrence, you're also the leader of FortiGuard Labs, you've got a team of over 200, tell our viewers that can't be here today, what is FortiGuard Labs, what are you doing to leverage threat intelligence to help Fortinet's customers. >> Sure, so we're trying to manage complexity, cause that's always the enemy of security, and we're trying to make it simple across the board, so we're managing security for all of our customers, 300 000 customers plus. That's a big deal, so we had to invest a lot into that in terms of how we can do that to make it simple to the end users. So what FortiGuard Labs is, is it's services we deliver to the end user, protection services across the spectrum, our whole product portfolio. So we have world-class expertise as a security vendor, 200 plus people on the team, experts in each domain. We have researchers, and experts, looking at things like industrial attacks, mobile problems, malicious websites, ripping apart, what we call reverse engineering, malware samples to find out digital fingerprints of who's creating these attacks, so we can work also in partnerships with that too. At the end of the day, we have the humans working on that, but we've also invested a ton into artificial intelligence, and machine learning, we have to comb through over 50 billion attacks in a day, and so the machines are also helping us to create a lot of this automated protection, that's all driven by our patents, by our world-class development teams, that gets down to the end user, so that they don't have to invest as much into their own security operations centers, cause that's a big OpEx, expansions to the expenditure, so we're helping to alleviate that issue, especially with this, as everybody knows, today, the big gap in cyber security, professionals, so that helps to alleviate that issue too. >> You said 50 billion attacks a day. >> That's correct sir, yes. Potential attacks. >> Oh, potential attacks. Clearly that means that increasing percentages of the total body of attacks are no longer coming from humans, they're coming from other things, >> Derek: Absolutely. >> And how's that playing out? >> It's a fascinating landscape right now. With every legitimate model, there's an illegitimate model to follow, especially with cyber crime, and what we see in the digital underground, dark web, all these sorts of things, you rewind back to the 90s, your opportunistic hacker was just trying to plot, plot, plot, a message bar on a Windows 95, or Windows 98 system at the time. Nowadays, of course, the attack surface has grown tremendously. You look back to DARPA, back in 1989, it had 60 000 system connected on the Internet, now we have IPv6, 20 plus billions connected devices, everything is a target now, especially with the Internet of Things. Smart televisions-- >> Peter: And a potential threat. >> Exactly, and a weapon. >> Exactly, and so to capitalize on that, what we're seeing now is cyber criminals developing automated systems of their own, to infect these systems, to report back to them, so they're doing a lot of that heavy work, to the heavy lifting, using their own machines to infect, and their own algorithms to infect these systems, and then from there, it'll escalate back up to them to further capitalize, and leverage those attacks. On any given minute, we're seeing between 500 000 to 700 000 hacking attempts across, and this is our own infrastructure, so we're leading in terms of firewalls in units shipped so we're able to get a good grasp on intelligence out there, what's happening, and in any given minute, well over 500 000 hacking attempts on systems worldwide. >> So every hour, 30 million. >> Derek: Yeah that's some quick math. >> Yeah, I'm amazing at multiplication. I almost got it wrong though, I have to say. 30 million hacks an hour. >> Yeah, and so our job is to identify that, we don't want to block things we shouldn't be, so there has to be a very big emphasis on quality of intelligence as well, we've done a lot with our machines to validate attacks, to be able to protect against those attacks, and not, especially when it comes to these attacks like intrusion prevention, that attack surface now, we got to be able to not just look at attacks on PCs now, so that's why that number keeps ticking up. >> Lisa: Right, proliferation of mobile, IoT. >> Derek: It's directly related, absolutely. >> So, this is clearly something that eyeballs are not going to solve. >> Not alone, so I'm very, very big advocate saying that we cannot win this war alone, just relying even on the brightest minds on the world, but we can also not just rely a hundred percent on machines to control, it's just like autonomous vehicles. You look at Tesla, and these other vehicles, and Google, what they're doing, it's a trust exercise again, you can never pass a hundred percent control to that automation. Rather you can get up to that 99 percent tile with automation, but you still need those bright minds looking at it. So to answer your questions, eyeballs alone, no, but the approach we've taken is to scale up, distribute, and use machines to identify it, to try to find that needle in a haystack, and then, escalate that to our bright minds, when we need to take a look at the big attacks that matter, and solve some more of the complex issues. >> Speaking of bright minds, you and your team, recently published an incredible blog on 2017 predictions. Wow, that's on the Fortinet blog? >> Derek: Yeah, that's correct >> We can find that? Really incredibly thorough, eye-opening, and there were six predictions, take us through maybe the top three. We talked about the proliferation of devices, the attack surface getting larger, more and more things becoming potential threats, what are the top three, maybe biggest threats that you were seeing, and is there any industry, in particular, that pops up as one of the prime targets? >> Absolutely. I'll get into some buckets on this, I think first, and foremost, what is primary now in what we're seeing is, what we're calling, autonomous malware, so this is the notion of, basically what we're just talking about to your question on what's driving this data, what's driving all these attack points. First of all, the Internet's been seeded with, what I call, ticking time bombs right now, we have 20 plus, whatever the number's going to be, all of these billions of devices that are connected, that are inherently, in my professional opinion, insecure. A lot of these devices are not following proper security development life cycles. >> Lisa: Is there accountability to begin with? >> No, not at this point. >> Right. >> Right. And that's something that DHS, and NIST, just released some guidelines on, at the end of last year, and I think we're going to see a lot of activity on accountability for that, but that has to be taken care of. Unfortunately right now, it's been seeded, this attack surfaces there, so we already have all these open avenues of attack, and that's why I call it a ticking time bomb, because it's been seeded, and now these are ripe for attack, and we're seeing attackers capitalize on this, so what we're seeing is the first indications of autonomous malware, malware that is capable of mapping out these vulnerable points. The machine's doing this, and the machine's attacking the other machines, so it's not just the eyeballs then, and the cyber criminals doing this. We saw last year, unprecedented DDoS attacks, this is directly related to Mirai BotNet. We had gone from a 600 gig to terabit plus DDoS attacks, that was unheard of before. They are leveraging all of these different IoT devices as a horsepower to attack these systems in a massive distributed denial-of-service attack. The interesting part about Mirai is that it's also using open-source intelligence as well, so this is something that humans, like a black hat attacker, would typically have to do, they would have to get reports back from one of their systems, and say, "okay, now I've found all these vulnerable systems, I'm going to attack all these systems.", but they're the glue, so they're now removing themselves as the glue, and making this completely automated, where a BotNet like Mirai is able to use Shodan, as an example, it's an open-source database, and say, "here are a whole bunch of vulnerable systems, I'm going to go attack it, and so that's to my point of view, that's the first indication of the smart-malware, because malware has always been guided by humans. But now, I think, we're starting to see a lot of, more of that intelligent attack, the offense, the intelligent offense being baked in to these pieces of malware. So I think it's going to open this whole new breed of attacks and malware, and obviously, we're in a whole new arms race when it comes to that. How can we get ahead of the bad guys, and so this is obviously what Fortinet instituting on the autonomous defense, our Security Fabric, and Fabric-ready approach, that's all about, beating them to the punch on that, having our machines, the defensive machines talk to each other, combine world-class intelligence like FortiGuard so that it can defend against those attacks, it's a though task, but I really firmly believe that this year is a year that we have the advantage, we can have the advantage as white hats to get one leg up on the black hat attackers. As I said, for 15 years at FortiGuard Labs, we have invested a ton into our AI machine, learning intelligence, so we're experts on the automation, I don't believe the black hat attackers are experts on automation. So I think for that reason, we have a really good opportunity this year, because you always hear about the black hats, another data breach, and all these things happening, they're always had the advantage, and I think, we can really turn the tables this year. >> You have some great experience working, not just in the private sector, but in the public sector as well, you've done work with NATO, with Interpol, with SERT, what is your perspective on public sector, and private sector, working together, is that essential to win this war on cyber crime? >> Absolutely, we need everybody at the table, we cannot win it, as one single vendor alone, a good example of that is, we're starting to do across the board, this is something, I firmly believe in, it's really near and dear to my heart, I've worked on it for the course of, well over six years now, and we have a lot of the existing partnerships, across organizations, so other security vendors, and experts, Cyber Threat Alliance is an excellent example, we're a founding member of that, and these are competitors, but security vendors getting together to level the playing field on intelligence, we can still really remain competitive on the solutions, and how we implement that intelligence, but at least-- it's like a Venn diagram, you look at that attack surface out there, you want to try to share all that information, so that you can deliver that to security controls, and protect against it. So, the Cyber Threat Alliance is a good example, but that's private sector. If you look at National Computer Emergency Response, law enforcement, we have made great inroads into that working with the likes of Computer Emergency Response, to give them intel. If we find bad stuff happening somewhere, we're not law enforcement, we can't go take the server down, and disrupt campaign, we can't arrest, or prosecute people, but they can, but they don't have all that expertise, and intelligence that we do, all the data points, so this is, you're starting to see a lot of this string up, and we're doing a lot of leadership in this area, and I think, it's absolutely essential. President Obama last year mentioned it, the Cyber Threat Alliance, and the public-private sector, needing to work together in one of his speeches at Stanford, and I believe it's the only way we can win this. You have to go up to the head of the snake too, if we just are always on the defense, and we're always just trying to disrupt cyber criminals, it's a slap on the wrist for them, they're going to go set up shop somewhere else. We need to be able to actually go and prosecute these guys, and we had a really good case last year, we took down, working with Interpol, and the EFCC, a 62 million dollar crime ring in the US. They went, and prosecuted the kingpin of this operation, out of Nigeria. It's an unprecedented random example, but we need to do more of that, but it's a good example of a healthy working public-private sector relationship >> What an incredible experience that you have, what you have achieved with FortiGuard Labs, what excites you most, going forward, we're just at the beginning of 2017, with what's been announced here, the partnerships that you guys have formed, what excites you most about this year, and maybe... Some of the key steps you want to take against cyber crime as Fortinet. >> Sure, so I think we want to, so Cyber Threat Alliance is a very big machine, there's a lot of exciting things happening, so that's going to be a really good initiative, that's going to carry forward momentum this year. What excites me most? Well, it's not always a good thing I guess, but if you look at all the bad news that's out there, like I said, I think it's just going to be, there's so much fuel, that's being thrown on the fire when it comes to attacks right now. Like I said, these time bombs that have been planted out there. We're going to see the year of IoT attacks for sure, a new version of Marai has already come out, they're starting to sell this, commercialize this, and it's even more advanced in terms of intelligence than the previous one, so that sort of stuff. It depends on your definition of the word, excites, of course, but these are the things that we have opportunity, and again I think going back to my first point, the white hats having, for the first time in my point of view, a leg up on the black hats, that opportunity, that really excites me. When we look at what's happening, moving forward in 2017, healthcare, I think, is going to be a very big thing in terms of attack targets, so we're going to be focused on that, in terms of attacks on, not just healthcare records, which are more valuable than financial records as an example, but medical devices, again the IoT play in healthcare, that's a big deal, we're starting to already see attacks on that. Smart cities as well, you look forward to the next three years, building management systems, a lot of people talk about SCADA industrial control, this is definitely a big attack target to a certain... Attack surface, obviously, power plants, electrical grids, but building management systems, and these automated systems that are being put in, even smart vehicles, and smart homes is another big target that's unfolding over the next year. >> Hard to air gap a home, and certainly not a city. >> Absolutely, yeah, and again it goes back to the point that a lot of these devices being installed in those homes are inherently, insecure. So that's a big focus for us, and that's a big thing FortiGuard is doing, is looking at what those attacks are, so we can defend against that at the network layer, that we can work with all of our business partners that are here at Accelerate this year, to deliver those solutions, and protect against it. >> Wow, it sounds like, and I think Peter would agree, your passion for what you do is very evident, as those bad actors are out there, and as the technologies on the baton are getting more advanced, and intelligent, as you say, it's great to hear what you, and your team are doing to help defend against that on the enterprise side, and one day on the consumer side as well. So Derek Manky, Global Security Strategist for Fortinet, thank you so much cube and sharing your expertise with us. >> It's my pleasure, any time, thank you very much. >> Well, on behalf of my cohost, Peter Burris, I'm Lisa Martin, you've been watching the Cube, and stick around, we'll be right back. (electronic music)

>> Announcer: Live, from Las Vegas, Nevada, it's theCUBE, covering Accelerate 2017. Brought to you by Fortinet. Now, here are your hosts, Lisa Martin and Peter Burris. >> Welcome back to theCUBE, I'm Lisa Martin joined by Peter Burris. We have been in Vegas all day at Accelerate 2017. What an exciting, buzz-filled day that we've had, Peter. I feel like we've learned, I've learned a lot myself, but also just that the passion and the opportunity for helping companies become more secure, as security is evolving, is really palpable. >> Well, yeah, I totally agree with you, Lisa. In fact, if there's one kind of overarching theme of what we heard and what we experienced, it's this is one of the first conferences, security conferences, that I've been to, where we spent more time talking about business opportunity, business outcome, the role that security is going to play in facilitating business change. And we spent a lot less time talking about security speed, security feeds, geeking out about underlying security technologies. And I think that portends a pretty significant seismic shift in how people regard security. We'll still always have to be very focused and understand those underlying technologies in the speeds and feeds, but increasingly, the business conversation is creeping into, and in fact, starting to dominate how we regard security. It's past become reviewed in a digital world, it has to become viewed as a strategic business asset, and not just as the thing you do to make sure your devices don't get stolen or appropriated. >> Right, and that context was set from the beginning with the keynotes this morning. The CEO Ken Xie, a lot of folks that we talked to today, said he normally gets quite technical in keynotes, and today kept things really at a business level. >> And we heard that many people thought it was the best keynote they've seen him give in a long time. >> That's right, that's a great point. >> And one of his key messages was that at the end of the day, digital business is not about some new observations on channels or new observations on products. It really is about how you use data to differentiate, differentially create sustained customers. My words, not his, but it's very, very much in line. The difference between any business and digital business is how you use your data. And we heard that over and over and over today, and how security, technologies, and practices, and capabilities have to evolve to focus more on what businesses want to do with data. That is where, certainly Fortinet, sees the market going, and they're trying to steer their customers so that they can take advantages of those opportunities. >> Right, and that's a great point that you made. Their CFO, who we had on the program as well, Drew Del Matto, talked about in his keynote, that it's critical for a company to be able to have digital trust. We talk about trust in lots of different contexts, but what does trust mean to a business? >> As you said, he's the CFO. It's interesting, CFO is typically focused on things like is the ownership getting a return on the capital that they've invested in this company? It was very, to me anyway, refreshing to hear a CFO expressly state data is becoming an increasing feature of the capital stock of the company. And we have to take explicit steps to start to protect it and secure it, because in fact, it's through security that data is turned into an asset. If you don't secure your data, it's everywhere. It's easily copied, it flies around. Data and security-- at least data asset, the concept of data asset, and security, are inextricably bound because it is through security that you create the asset notion of data. The thing that generates value. Because if you don't, it's everywhere. It's easy to copy. I thought he did a wonderful job of starting to tie together the idea of data in business in a very straightforward, tactical, CFO approach. It was a good conversation about where business people are starting to think about how this is going to evolve. >> He also talked about the role of the CSO, and there was a panel during the general session of three CSOs from different industries. That's an interesting evolution as security has evolved from perimeter only to web, to cloud, to-- Now, where we need to be as Ken Xie talked about, we're at this third generation. It's about fabric. He talked about that, and the importance of that, and the capabilities. But it's also interesting to hear security's now a conversation in the boardroom. This is not something that is simply owned by a CIO or CSO, that that role has to facilitate a company becoming a digital army in order to create value from that data. A lot of folks said today, too, that mindset of "If I can't see it, I can't protect it." >> Yeah, we heard that this morning from the CFO, we also heard it from George, the CSO of Azure, Microsoft Azure. We heard the relationship, the evolving role of the CSO, or the Chief Security Officer multiple times today. Security's hard. This is not easy stuff. We can bring a lot of automation, and we can bring a lot of technology to bear on making it easier and simplifying it. And we heard a lot about how that's happening. But this is a hard, hard thing to do, for a lot of reasons. But it's one that must be done, especially in a digital world. And the role, or the impact on the CSO role, is profound. You're not going to have everybody in the organization-- They all have a stake in it, but they're all not going to perform security routines, necessarily. Yet, it's too big, as we heard from George, for one person. We have to start increasingly thinking about security as a strategic business capability that may be championed by the CSO, but is going to be undertaking in a lot of different places. One of the things that the Microsoft gentleman, George-- >> Lisa: George Moore. >> George Moore bought up, was the idea that increasingly, if you do security right, you can secure things at a relatively technical level and present them as services so that other parts of the business can start to consume them, and they become part of their security architecture. And it goes into their products, or it goes into their services, or it goes into how they engage customers. >> Facilitating scale. >> Or whatever else it might be, logistics. I think that that is a very powerful way of thinking about how security's going to work through a fabric, being able to present a hierarchy of security capabilities that go all the way out to your customers and actually allow you to engage your customers at a security conversation level. Which is, we also heard that talked about a little bit today. The role, the brand value of trust, but we still don't have an answer for how that's going to play out. >> If we look at some of the other things that were talked about in Ken's keynote, hyperconnectivity. From the proliferation of mobile and IoT, which IoT devices, there's 20 billion that are predicted to be connected by 2020, which is just a few years away. As that sounds, well it doesn't sound, it is increasing the threat surface, and we are also hearing from some of the folks that were on the program today, Derek Manky being one of them, who wrote a great blog just published recently on Fortinet talking about the major trends that are being seen and the challenges there. I think we're also seeing that companies like Fortinet and their suite of technology alliance partners like Microsoft, like Nazomi, going all the way out to the endpoints and back, that these companies are coming together to collaborate, to start mitigating the risks that are increasingly there with the threat surface being larger. I think there was a lot more positivity than I honestly anticipated. When you hear of all these attacks that it's daily, and that's such a common thing. The collaboration of the technology and the integration is exciting to hear where these companies are going to be able to limit damage. >> And to put one more number on it, the 20 billion devices, but it's what those devices are doing. Again, George Moore from Microsoft Azure talked about I think he said, it was 800 billion events that they're dealing with a day. And in 2017, Microsoft Azure is going to cross a threshold of dealing with one trillion events a day that they have to worry about from a security standpoint. If you think about that industry wide, Microsoft Azure's big, but there are others. We're talking today, probably somewhere, I just estimated, he said, "Yeah, that sounds about right," about five trillion, five trillion events a day that businesses have to worry about in aggregate from a security standpoint. And that number is just going to keep growing exponentially. In a year's time, he talked about three, four, five x. So we're talking about hundreds of trillions of events. >> Staggering numbers. >> Within the next decade or so. There is virtually no way that human beings are set up to deal with those kinds of numbers. It's going to require great technology-- >> Automation. >> That provides great automation. That nonetheless, works with humans so that the discretion that human beings bring, the smarts, and the collaboration that human beings bring to bear. The value that they create stays there. We're going to see more productivity coming out of these incredibly smart people that are doing security, because the tooling's going to improve and make it possible. And if it doesn't happen, then that's going to put a significant break on how fast a lot of this digital business evolution takes place. >> Another point that was quite prevalent among our conversations today, was that there isn't, with the exception maybe of healthcare, it's quite an agnostic problem that enterprises are facing in terms of security threats. When we talked to Derek, he mentioned healthcare being one because that information is so pervasive. It's very personal and private. But something that kind of surprised me, I almost thought we might see or hear about a hierarchy, maybe healthcare, financial services. But really, what everyone talked about today, was that the security threats are really pervasive across all industries. All the way, even to industrial control systems and HVAC systems. Which shows you the breadth of the challenge ahead. But to your point, and some of the points that some of our guests made, it's going to be a combination of the humans and the machines coming together to combat these challenges. >> Well I think what we're seeing is that there's a high degree of data specialization within a lot of industries based on different terms, different tactics, different risk profiles, et cetera. But that many of the algorithms necessary to understand exceptions or deal with anomalies, or one of those other things, are applicable across a lot of different industries. What we are likely to see over the next few years is we're still likely to see some of that specialization by industry, by data. Nonetheless, become featured in the output, but the algorithms are going to be commonly applied. They'll get better and better and better. There's still likely to be some degree of specialization if only because the data itself is somewhat specialized, but the other thing that we heard is that it's pretty clear that the bad guys want to get access. Well, let's put it this way, not all data is of equal value. And the bad guys want to get access to the data that is especially valuable to them. A lot of that data is in healthcare systems. To bring these common algorithms that specialize data to secure the especially challenging problems associated with healthcare is a real, real big issue for a lot of businesses today. Not just healthcare businesses, but people who are buying insurance for their employees, et cetera. >> Exactly, it becomes a pervasive problem. You were mentioning today that this was very much a business conversation versus speeds and fees. We did hear about a couple of technologies moving forward that are going to be key to driving security forward. Analytics, data science, in fact-- We also talked about kind of the difference between security fabric which Fortinet rolled out last year, and a platform and how businesses are kind of mobilized around that, and the differences there. Control versus spreading that out. One of the things that Forinet did about, I think it was in June of last year, was they acquired AccelOps. Bringing in monitoring, bringing in realtime analytics. A lot of our guests talked about the essentialness of that realtime capability to discover, detect, remediate, and clear things up. From a 2017 perspective, besides analytics and data science, what are some of the other things you see here as essential technologies to facilitate where the security evolution trajectory is going? >> I think in many respects, it comes back to some of the things we just talked about. That as digital business increasingly-- Let's step back. The way we define, at Wikibon SiliconANGLE, what digital business is, what differentiates your digital business from any other kind of business is data. It's how you use your data to create and sustain customers. That's a pretty big world. There's a lot of-- You know, most of us operate in the analog world. There's some very interesting ways of turning that analog information into digital information. There's voice, there's photographs, there's a lot of other-- We talked a little bit about industrial internetive things. There's an enormous set of investments being made today to turn the analog world that all of us operate in, and the processes that we normally think about, into digital representations that then can be turned into models for action, models for insight, new software systems that can then have an impact on how the business actually operates. And I think that, if we think the notion of analytics and data science, and by the way, security's one of those places where that set of disciplines have really, really matured through fraud detection and other types of things. But I think what we're going to look at, is as new types of data are created by different classes of business or different classes of industry, or different roles and responsibilities, that that data, too, will have to be made secure. What we're going to see, is as the world figures out new ways of using data to create new types of value, that the security industry is going to have to be moving in lockstep so that security doesn't once again become the function that says no to everything, but rather the function that says, "Yeah, we can do that." We can go from idea to execution really fast, because we know how to make that data secure. >> Well, Peter, it's been such a pleasure, an honor, co-hosting with you today. Thank you so much for sharing the desk with me. >> Absolutely, Lisa. >> Look forward to doing it some other time. And we want to thank you so much for joining us on theCUBE today as well. I want to also point you to some of the upcoming events. Go to SiliconANGLE.tv. Next week, we've got the VTUG Winter Warmer going on. You'll also be able to see that on the website. Women and Data Science with yours truly in early February. And then the Spark Summit in February, Feb 7-9 in Boston. Again, that's SiliconANGLE.tv. For my co-host Peter Burris, I'm Lisa Martin. Thanks so much for watching, and we'll see ya next time. (techno music)

>> Announcer: Live from Las Vegas, Nevada it's theCube. Covering, Accelerate 2017. Brought to you by Fortinet. Now, here are your hosts, Lisa Martin, and Peter Buress. (tech music) >> Lisa: Hi, welcome back to theCube. We are Silicon Angle's Flagship Program, where we go out to the events and extract the signal to the noise, bringing it directly to you. Today, we are in beautiful Las Vegas with Fortinet. It's their Accelerate 2017 Event. I'm your host, Lisa Martin, joined by my cohost, Peter Buress. And we're very excited to be joined by a Technology Alliance Partner, Nozomi Networks, Edgard Capdevielle. You are the CEO? >> Yes, that's right. >> And, welcome to theCube. >> Thank you, happy to be here. >> So, a couple of great things that Nozomi announced, just a couple of months ago, one was, they just secured fantastic $7.5 million in Series A Funding. And the second thing they announced was you, as the new CEO, so congratulations on your new post. >> Thank you very much, thank you. >> So, Nozomi is focused on the Industrial Control Systems Industry. What was it about this particular opportunity, that attracted you to want to lead Nozomi? >> Yeah, great question. Two things mainly. One, is the team. The two founders are truly rock stars, they have a great background in Cyber Security, and how do we apply Artificial Intelligence to Industrial Cyber Security. And two was, I had been working with the founders for a little bit, and I saw, with my own eyes, how the customers adopted the technology, how easy it was to deploy in an industrial setting, which tends to have a lot of friction. Not a lot of equipment gets into those networks. And the ease of proof of concepts, I saw it with my own eyes. And the frictionless interactions, made me join. >> So Nozomi was started in 2013, you're already monitoring over 50,000 industrial installations. >> That's right. >> Some of the themes that we've talked about, at the event today, so far, with Fortinet's senior leaders, is the evolution of security, where they're positioning, really at this third generation of that. As we're seeing that, and we're seeing that in order for businesses to digitalize successfully, they have to have trust in that data. What is Nozomi seeing, in terms of your industrial customers? What are some of the biggest concerns that they have, regarding security? And how are you working with Fortinet, to help mitigate or limit damage from cyber attacks? >> A lot of our customers in our space, are going through what's called IT/OT Conversions. OT networks, have traditionally been serial, point to point, run over two step para copper and they've recently adopted ethernet. When you adopt ethernet, you have a gravitational force, which is to connect. So these OT networks used to be air gaps, segregated, and now they're being converged with IT technology, under sometimes, IT operation. And therefore, they start suffering the traditional IT attacks. Those traditional IT attacks, are particularly harmful when it comes to industrial, critical infrastructure. And they require special technology that understands those protocols, to be able to detect anomalies, and white list or black list, certain activities. >> Give some example, of an IOT network. So, what is, you say critical infrastructure, gives us some examples, what are we talking about? >> IOT's a very broad term. We focus very specifically on industrial IOT. >> Or, industrial IOT. >> Industrial IOT, could be a network that controls a refining, so the refining process in a refinery. It could be electrical distribution, any form of electrical generation, oil and gas, upstream or downstream. Manufacturing, everything that moves in manufacturing, is controlled by an industrial control networks. Pharma, in the same subsegment, if you will. Some transportation, we're based in San Francisco, so our barge system is controlled with industrial control systems. >> So, we're talking about, as you say critical infrastructure, we're talking about things that, where getting control of some element of that critical infrastructure, >> Correct. >> Especially in the process manufacturing businesses, can have enormously harmful effects? >> Correct. >> On not only business, but an entire community? >> The disruption that it can cause is tremendous. From lights out in a city, to harm to people, in a transportation case, oil and gas case. Environmental damage, leakage. The damage can be tremendous. And that's basically, one of the huge differences between IT and OT. In IT, if your network blinks, your email may be two seconds late, my print job may need to be resent. In OT, you may not be able to turn off that valve, or stop this process from happening, or receive an alarm in time. >> Right, so like, I live in Palo Alto. Not too from me is, some of the big refineries up in Richmond, California. And not too long ago, they had an OT outage, and it led to nearly a billion dollars worth of damage, to that plant, and to the local environment. >> Correct. >> So this is real serious stuff. >> So with a product like Nozomi, you can detect anomalies. Anomalies come in three flavors. One could be equipment damage, malfunction. The other one could be human error, which is very very common. And the other one could be cyber. Any one of those could be an anomaly, and if it tries to throw the process into a critical state, we would detect that, and that's where ... >> Talking about cyber, from a cyber attack perspective, what is it about industrial control systems that makes them such a target? >> Yeah. It is that they had been used to be isolated networks, just like I said. When IT and OT converges, are taking networks that used to be serial security was not really a concern, in industrial control networks, you don't really have identity, you don't have authentication. You're just starting to have encryption. Basically, if you drop a command in the network, that command will get executed. So, it's about the vulnerability of those. >> Vulnerability, maybe it's an easy target? And then from a proliferation perspective, we mentioned the evolution of security. But, the evolution of cyber attacks, the threat surface is increasing. What is the potential, give us some examples, some real world examples, of the proliferation that a cyber attack, >> That is a great question. >> And an industrial control system, can have on a retailer or a bank, energy company? >> The industry was put in the map in 2010, with Stuxnet. Stuxnet was the first attack, everybody talked about Stuxnet for a while. And it was very hard to create a market out of that, because it was done really by a nation's state, and it was done like once. Since then, 2010, 2013 and now 'til today, attacks have increased in frequency dramatically, and in use cases. Not only are nation states attacking each other, like in the case now of the Ukraine, but now you have traditional security use cases, your malicious insider, you're compromised insiders, doing industrial cyber attacks. In 2015, the Department of Homeland Security reported 295, industrial cyber attacks, in our nation's critical infrastructure. And those are not mandated, they don't have a reporting mandate, so those are voluntary reports. >> Wow. >> So that number, could be two or three times as big. If you think about it, from 2010, we've gone from once a year, to 2015 once per day. So, it's happening. It's happening all the time. And it's increasing not only in frequency, but in sophistication. >> So, it's 295 reported. But there's a bunch of unreported, >> Correct. >> That we know about, and then there's a bunch that we don't know about? >> Correct. >> So, you're talking about potentially thousands of efforts? And you're trying with Fortinet and others, to bring technology, as well as, a set of best practices and thought leadership, for how to mitigate those problems? >> That's right. With Fortinet, we have a very comprehensive solution. We basically combine Fortinet's sophistication or robustness from a cyber security platform, with Nozomi's industrial knowledge. Really, we provide anomaly detection, we detect, like I said, any sort of anomaly, when it comes to error, cyber, or malfunction. And we feed it to Fortinet. Fortinet can be our enforcement arm if you will, to stop, quarantine, block, cyber attacks. >> So, Nozomi's building models, based on your expertise of how industrial IOT works, >> That's right. >> And you're deploying those models with clients, but integrating the back into the Fortinet sandbox, and other types of places. So, when problems are identified, it immediately gets published, communicated to Fortinet, and then all Fortinet customers get visibility into some of those problems? >> We connect with Fortinet in two ways. One, is we have 40 SIM, so we alert everybody. We become part of the information, security information environment. But we also used Nozomi Fortigates, to block, to become active in the network. Our product is 100% passive. We have to be passive to be friendly deployed in industrial networks. But, for the level of attack or the level or risk is very high, you can actually configure Fortinet to receive a command from Fortinet, and from Nozomi, and actually block or quarantine a particular contaminated node, or something like that. Does that make sense? >> Oh, totally. Makes 100%, because as you said, so you let Fortinet do the active work, of actually saying yes or no, something can or cannot happen, based on the output of your models? >> That's right. Yep. >> So, when you think about IOT, or industrial IOT, there's an enormous amount of investment being made of turning all these analog feeds, into digital signals, that then can be modeled. Tell us a little bit about how your customers are altering their perspective on, what analog information needs to be captured, so that your models can get smarter and smarter, and better and better at predicting and anticipating and stopping problems. >> When it comes to industrial models, you need to pretty much capture all the data. So, we size the deployment of our product based on the number of nodes or PLC's that exist in an industrial network. We have designed our product to scale, so the more information or the more number of nodes, the better our models are going to be, and our products will scale to build those models. But, capturing all the data is required. Not only capturing, but parsing all the data, and extracting the insides and the correlations between all the data, is a requirement for us to have the accuracy in anomaly detection that we have. >> What is the customer looking at in terms of going along that, that seems like an arduous task, a journey. What does, and you don't have to give us a customer name, but what does that journey look like, working together with Nozomi, and Fortinet, to facilitate that transformation, from analog to digital, if all the information is critical? >> That transformation is happening already. A lot of these industrial networks are already working on top of ethernet, a standard DCPIP. The way the journey works for us, is we provide, as soon as we show up, an immediate amount of visibility. These networks don't have the same tool sets from a visibility and asset management perspective that IT networks have. So, the first value add is visibility. We capture an incredible amount of information. And the first and best way to deploy it initially, is with, let me look at my network, understand how many PLC's do I have, how the segmentation should be properly done. And then, during all this time, our model building is happening, we're learning about the physical process and about the network. After we've done with the learning our system, determines that now it's ready to enforce, or detect anomalies, and we become at that point, active in anomaly detection. At that point, the customer may connect us with Fortinet, and we may be able to enforce quarantine activities, or blocking activities, if the problem requires it. >> Is there any one particular, use case that sticks out in your mind, as a considerable attack, that Nozomi has helped to stop? >> We obviously can't name any one in particular, but when it comes to defending yourself against cyber criminals, we have defended companies against malicious insiders. Sometimes, an employee didn't like how something may have happened, with them or with somebody else, and that person leaves the company, but nobody removed their industrial credentials. And they decide to do something harmful, and it's very hard. Industrial malicious insider activity, is extremely hard to pinpoint, extremely hard to troubleshoot. Industrial issues in general, are very hard to troubleshoot. So, one of the things that Nozomi adds a lot of value is, is allowing troubleshooting from the keyboard, without eliminating trucks and excel sheets, you quickly can pinpoint a problem, and stop the bad things before they happen. >> One more quick question for you. With the announcements that Fortinet has made today, regarding, you mentioned some of the products, what are you looking forward to most in 2017, in terms of being able to take it to the next level with your customers? To help them, help themselves? >> Listen, the solution works amazingly well. We have to tell more people about it. I think the critical infrastructure has not had the attention in prior years, and I think this year's going to be a year where, ICS security is going to be, and Fortinet of course, is very aware of this, is going to be a lot more relevant for a lot more people. The number of attacks, and the you know, the attacks surface that will never be, it's all playing so that, this year's going to be a big year. >> Yeah, I think we were talking, before we started, that the U.S. Department of Homeland Security, has just identified the U.S. Election System, as a critical infrastructure. >> That's right. >> So maybe it's going to take more visible things, that have global implications, to really help move this forward. >> I think the one point I would make when it comes to government, government has been great, if you make an analogy, this is an analogy that I have on the top of my head, if you look at cars in the automotive industry, seat belts and airbags have saved a lot of lives. We don't have that in industrial cyber security. And we need the government to tell us, what are the seat belts? And what are the minimum set of requirements that are electrical, infrastructures should be able to sustain? And that way, it makes the job easier for a lot of us, because nobody can tell you today, how much security to invest, and what's the mix of security solutions that you should have. And therefore, in the places where you don't have a lot of investment, you don't have none. And you become very vulnerable. Today, if you want to ship a car, and you want your car to be driven on the road, it has to have airbags, and it has to have seat belts, and that makes it a minimum bar for proper operation, if you will. >> But the proper, the way it typically works, is government is going to turn to folks like yourself, to help advise and deliver visibility, into what should be the appropriate statements about regulation, and what needs to be in place. So, it's going to be interesting because you and companies like you, will in fact be able to generate much of the data, that will lead to hopefully, less ambiguous types of regulations. >> Yes, that's right. That's right. I agree 100%. >> Wow, it's an exciting prospect. Edgard Capdevielle, thank you so much. CEO of Nozomi Networks, it's been a pleasure to have you on the program today. >> Thank you. >> On behalf of my cohost Peter Buress, Peter, thank you. We thank you for watching theCube, but stick around, we've got some more up, so stay tuned. (tech music)

>> Narrator: Live form Las Vegas, Nevada, it's the Cube, covering Accelerate 2017, brought to you by Fortinet. Now here are your hosts, Lisa Martin and Peter Burris. >> Welcome back to the Cube, we are live in Las Vegas, at Fortinet's Accelerate 2017 event. A really exciting busy day that I have had with my cohost, Peter Burris, I'm Lisa Martin, we are very excited to be joined by Zeus Kerravala next, of ZK research. Welcome to the cube. >> Thanks Lisa, it's a-- >> We're happy to have you here. >> Yeah, it's great to be here. >> And we, as I've mentioned, Peter and I have been talking with a lot of great folks all day, from Fortinet, from Technology Alliance Partners. The buzz is here, obviously, the security as an industry of the market, there is tremendous change going on there, breaches are happening daily with, from big brands that we're all very aware of as consumers to the small mom 'n pop. So, Zeus, you founded ZK Research, you said a little over five years ago... >> Zeus: That's correct. But you've been in the industry as an analyst for quite a long time, and you actually were in IT as well as CIO. >> Yeah, I was. I was, I played a number of different roles, I started off as an engineer, I held a role as a CIO for a while, I worked for Avar, and then I got tired of doing that, and I became an industry analyst, and I've been doing that about 15 years now >> Excellent, so one of the things that we'd love to ask you about is, during the keynote this morning, the CEO of the Fortinet, Ken Xie, talked about this big impact that hyperconnectivity is having in general, this proliferation of mobile devices, of IoT devices, that are really causing a lot of challenges for security, but also talked about, that there will be tremendous growth in the security market, what's your take on where the security market is going? >> Yeah, I really liked Ken's keynote, in fact, Ken typically delivers very technical keynotes, and that's worked well for him, cause customers tend to love him, and this one is a little higher level, and I really like that, and Ken's right, we're moving into a world, where everything is connected, literally everything, our cars, our pets, the things we wear, the things in our home, everything in our business, and that has some profound implications for business. Alright, first of all, security is becoming a, an asymmetric problem for security professionals, what I mean by that is, it used to be you had one way into the network, and you had to protect it, and the bad guys had to come through that way. Now, security professionals have to protect tens, hundreds, thousands of new entry points, created from all these connections, to the Cloud, to IoT devices, but the bad guys still only have to find one way in, and once they're in, we assume that environment is secure, and they can meander around, and the bad guys can figure out what to steal. And so, I think, one of the points that was underscored in Ken's keynote is the fact that security is changing, it's evolving from something that was focused at the perimeter. >> Lisa: Right. >> To something that needs to be focused more internal. In fact, my research shows that 90 percent of security spend is still focused at the perimeter, and only 20 percent of the breaches occur there. So, you can see customers are misaligned with how they're spending they're money, and I thought a lot of the messages from Ken's keynote were, I think, well received by the audience, because it's something they need to hear. >> Yeah, he talked about the security evolution, which I also thought was quite interesting. I saw a graphic the other day that showed, by decades, security evolution, you talked about perimeter in the 1990s, it was focused on perimeter, obviously still important, but not the only thing, you talked about, there's a lot of ways in now. Then going onto Web 2.0, web security, then Cloud security in the 2010s, and now getting to this, what Ken described as the third generation of a Fabric needing automation, needing resilient energy, talked about kind of internal, so that I thought that was a really interesting way of looking at that, but also very interesting that you're saying almost that 80, 20 rule, with your clients, how are you helping them, to sort of switch that from a spend, and really show, even in some ways maybe, how the technology that they would employ from a security perspective can actually bring revenue opportunities. >> Yeah, well, I think they have to rely more on the technology, and automation, typically security has been deployed, box by box, device by device, at specific points in the network using manual processes, and frankly, that's kind of slow, right. And security already has a bit of a bad rap, that it slows the business down, users tend to turn things off in their computers, because it slows them down, and in this digital era, and I was glad Ken talked about digital transformation, because in the digital era, the new currency of business is speed. Companies need to move with unprecedented speed. Those, that can do that, will be able to stay in market leadership, and those that can't, will fall behind, and frankly, over the last five years, we've seen a bunch of big name vendors, brands that we all knew, go away, right, because they couldn't keep up. Now, when you think about what companies are trying to do in order to be a digital enterprise, you need to be agile, but you're only as agile as your least agile IT component, and today, that's the network. So, if I've got this fully automated IT stack, and I've got containers popping up, and new applications being deployed, and I'm accessing things from the Cloud, but my engineers have to run around with security appliances, and deploy them, all that does is slow the business down, and so, I think the concept of the Security Fabric is to ensure that you have the right services in the right places that you can turn on, and now, security becomes a business enabler, and not an inhibitor, so in some ways, we're flipping the model around where security, like I said, has been viewed as something that's held the company back, but it's now something that can allow us to differentiate ourselves, because we'll have the trust from the customers that we have the right security in the right places. >> I want to follow up on a point you made about the 90 percent of the investment at perimeter, and 20 percent. There might be another way of thinking about it, and I'm going to test this with you, is that it takes that 90 percent of security investment is what it takes to ensure that no more than 20 percent of the attacks occur at the perimeter, so does that mean that we need to reallocate that 100 percent sources, where that 100 percent is going to grow 3x, because it's still going to require that 90 percent to keep the perimeter secure. >> Yeah, I think it's a bit of both, but I do think, we will see the spend of security go up, because we have to secure more things. Like if you look at some of the big breaches that we've seen, in fact, almost all of them occurred from inside the network. So bad guys are smart, the hackers are clearly they're some of the most brilliant minds out there, that's why they're able to do what they do, and they know that the perimeter security today is so well-built that the amount of effort it takes to break through it is very, very high, so you're right, that amount of spend is required to keep all those threats out. >> Peter: But it's not the only answer. >> It's not the only answer. >> So we're going to need to continue to invest in an in-point, and perimeter, but as you were saying, we also have to invest in data, and have a balanced approach to the whole thing, which we adjust to this notion of Fabric. >> Yeah, and I think the automation capabilities of the Fabric can really help of certainly, because I don't want people watching this to think, "oh, my God, my security budget is going to be like triple what I had.", because frankly the people cost associated with security from my research are almost about 60 percent of the cost. I mean the equipment itself isn't all that much, right. So if I can invest more in the right technology, and I can automate a lot of the things I can do today, now I can reallocate those people cost somewhere else. So, in fact, I may wind up spending the same amount from an overall perspective, or maybe a little bit less, but I'll be far more secure, because I have the right technology in the right places. >> So where are those people going to go? >> I hear all the time, an I think this is one of the things that has held automation back from IT people that they're scared to death of automation, because they think their jobs are at stake, but if you look... All the way back to the mainframe, we've always had this transition, right, where we did things, and then new technology came in, and new skills are needed to do new things, and I think if you look at IT today, there's a crying need for data scientists, for analytic skills, I mean security itself Is less about point products, and more about data gathering, and data analytics, and there's very few of those professionals out there, so if I'm a professional, security professional today, I want to automate those traditional tasks because I need to invest in myself to make sure that my skillset is current today, and also a decade from now, and I think a lot of that's going to come in the area of data sciences. >> Yeah, and as you said, a lot of those skills in doing the models of security, and this Fabric notion are transferable to other domains. >> Oh, absolutely, because if you don't want to stay a security professional, but most security people like security, that's why they're doing it. But I do think there will always be need for skills in the next thing, the key for the security professionals is don't get stuck in the old world, you know, embrace this new world, embrace automation because it's going to free up their time to do things that are more strategic to the company, which is going to allow them to be more valuable as well. >> You touched on the Fabric term a minute ago, and that's one of the things that Fortinet announced last year was the Security Fabric approach. Can you talk to us about Fabric versus Platform, what are your thoughts there, and how are they different? >> Yeah, I think, first of all, the Fabric, and Platform, are both roughly trying to solve the same problem that... Too many vendors doesn't make you more secure, in fact, my research shows that on average, companies have 32 vendors, different security vendors, which you can't build any kind of strategy around that. So the concept of either, a Fabric, or a Platform, is that I can reduce the number of vendors, I can simplify my architecture, and I get more intelligence across the entirety of the Platform, or the Fabric. Now the difference though, is I think the Fabric, think of what a Fabric is, it's a big cloth where any point is connected to any point, and so the security intelligence is spread across that Fabric, and I can drop new components in, or take em out, and things will continue to work. So, it allows me, that if I put a new IoT device in, I can push security capabilities there, if I started using a new cloud service, I can push security capabilities there. A Platform to me, is more dependent on a centralized point of control, and I can attach things to that point of control, but if I take that point of control out, none of the things works, and so I think, the Fabric almost democratizes security capabilities across the infrastructure, because it's more dynamic, and more distributed, and we're clearly living in a world where dynamism, and distribution, are the norm, and so the security architecture needs to follow that. >> Paradoxically, doesn't that centralized security platform the become the biggest security risk in the company? >> Zeus: Yeah, well, if you breach that, you can get anywhere. >> Get anywhere. >> Zeus: Right, right. And so I think the Security Fabric is the right way to think about it, you're not trying to beef off one particular area here, you're trying to make a set of security services available across your entire infrastructure. >> Is that, that kind of, a key advice that you give to your clients that are looking for, this now requires a new approach, new architecture, is that kind of the key advice that you offer to them? >> Yeah, well that's the biggest conversation I have with security professionals today, is they don't really know where to go from here, they've invested all this money in all these tools, and the environment has gotten increasingly more complicated, right. So, they're falling behind. It's very, very slow, and it's not working. The average number of days to find a breach is a hundred days, think of what can happen in a hundred days, that's over a quarter. And so, there's a great desire to be able to find breaches faster, but also first simplify the architecture, and that's always my advice is, you can't move forward, until you take a step back, and simplify, right. And the concepts, I think of the Fabric, are really aligned with that, it's simplification, automation, and it removes a tremendous amount of the human burden from security operations, which frankly I think is holding things back. >> What are some of the things that you're most excited about? You were in the keynote this morning, we chatted about that, we talked about some of the things that were discussed there with the evolution of security, the third generation, you mentioned speed as currency, and actually kind jogged my memory about something that you were talking about with respect to data, and also that was brought up this morning as the data value, if it is not valuable to a business, you know, that business has-- >> Well one of the things we talked about this morning specifically was that security used to be the department of no, as you said earlier, and companies that can collapse the time between an idea, and execution, in a world where, at least in the digital world, where digital security is so essential, are going to provide an enormous net new set of value propositions to their customers, and I'm sure you've seen that. >> Yeah, well, no doesn't work anymore because of shadow IT, if you say no to a line of business, they're just going to go find a different way to do it, and that can have incredibly... That can be incredibly risky, because now IT has no control, in fact... Some of the interesting data points from my research is that 50 percent of companies, don't know what devices are attached to their network, and I think 96 percent of companies have IT services that have been procured not through IT, directly by the line of business, so it's become the norm, and I think, if you look across the entirety of the world today, from business processes through IT strategy, right, data and analytics has become the key differentiator, to be able to take the data, analyze it, and then be able to create some new insights. Now from a line of business perspective, their trying to understand the way you like to shop, the sports teams you like, the things you like to buy, and push more relevant content to you. From a security perspective, it's being able to find those breaches faster, and then, being able to cut that number down from 100 days to frankly, we've got to get to minutes, and I thought some of the more exciting things they showed in the keynote were the ability to take the data, and then show it visually, because I've always said you can't secure what you can't see, right, and if you're blind to what's going on in the network, you'll never ever, ever be able to truly secure it, and so I think we're-- Fortinet is entering an era now, where they're actually harnessing the power of all the date they have, but they're focused more on the UI in the new FortiOS 5.6, a big part of that is the new user interface to be able to display the data in a way that's understandable by the people using the tools. >> So that's a great point that you can't secure what you can't see. >> Zeus: You cannot secure what you can't see, yeah. >> Well, Derek Manky, was actually talking earlier, who's the global security strategist here at Fortinet, I'm sure you know Derek. >> Zeus: Yeah. >> Was actually talking about one of the things he's excited about, and want to get your take on this point, is that he thinks 2017 may be the year that the white hats get the upper hand. >> Well hopefully, I do think-- >> Peter: Because of this notion of automation, and-- >> Yeah, you know, I talked about the asymmetric problems to security where the bad guys need to find one way in, I think data, and visualization can reverse that, because once they're in the network, the bad guys need to stay hidden, and the good guys, right, the internal security department, only needs to find one instance of anomalous traffic, or something that could indicate a breach to be able to start the process of remediation, and so you're right, I think in some ways, 2017, well maybe a little, maybe next year, but hopefully, this year, the white hats start to, they'll at least gain ground this year, and I think that we'll start to see that assymetry problem flipped. >> Precisely, because you only need one instance of a bad action. >> correct, correct. And a lot of that, a lot of these bad actions come from users specifically being targeted, and sometimes, security, no matter how much training they do, you just don't know, you get an email from somebody, you click on it, somebody sends you a file, I've talked to HR people that have gotten resumes emailed to them that have viruses in them, and they don't know, but once that action starts, the data, and visualization tools can help identify those very, very quickly, and the important part about that is the faster you find it, the smaller the blast radius. So if I find it in five seconds, maybe only that HR person's computer is affected, but if it takes me a hundred days, now the whole department, or maybe a whole building has been impacted, so containing that blast radius, I think, is something that security professionals need to focus on. >> Now is a blast radius typically a function of time, or is it also a function of proximity to other business activities, or both? >> I think it's primarily a function of time, and I think it's exponential. So the longer the time goes exponentially, the greater the damage. >> Well gentlemen, tremendous conversation, there's a tremendous amount of opportunity, I think is what we've heard today, thank you very much, Zeus, for sharing your insight, your research with us. Let's hope that 2017 is the year, the white hats get the upper hand. >> Yeah, I think it's a really exciting time for security professionals, and first time in a long time, they have the opportunity to fight back, in a battle that they've been losing ground in for really the better part of a decade. >> Well Zeus, thank you so much for joining us. >> Zeus: Thank you. >> On behalf of my colleague, Peter Burris, thank you for watching, stay tuned, we'll be right back to wrap up the day. (electronic music)

>> Narrator: Live from Las Vegas, Nevada, it's theCUBE covering Accelerate 2017 brought to you by Fortinett. Now, here are your hosts, Lisa Martin and Peter Burris. >> Hi, welcome back to theCUBE. We are SiliconANGLE's flagship program where we go out to the events and extract the signal from the noise. Today, we are with Fortinet at their 2017 Accelerate event in Las Vegas. I'm your host, Lisa Martin, and I'm joined by my cohost, Peter Burris. We are fortunate right now to be joined by George Moore. George is the technology, excuse me, the CSO for Microsoft Azure who is a big technology alliance partner for Fortinet. George, welcome to theCUBE. >> Nice to have you, thank you. >> We are excited to have you on. You are, as you mentioned, the CSO at Azure, but you are the CSO for all of the Azure computer services. You are one of the founders of the Azure engineering team from back in 2006, and we were talking off-line. You hold over 40 patents in things like security deployment, interactive design, et cetera. You are a busy guy. >> I am, yes. (laughing) >> One of the things we have been talking about with our guests on the show today, and a great topic that was in the general session was about the value of data, and how do businesses transform to digital businesses. The value in that data has to be critical. I'd love to get your take on as businesses have to leverage that data to become more successful or to become successful as digital businesses, we know the security of the perimeter is not the only thing. It needs to be with the data. What is Azure doing to secure the cloud for your customers, and how do you help them mitigate or deal with the proliferation of mobile devices and IOT devices that they have that are connecting to their networks? >> Digital disruption is affecting everybody, and it is a huge thing that many companies are struggling to understand and to adopt to their business models, and to really leverage what digital can do for them, and certainly we are doing in the public cloud with Azure helps that significantly. As you mentioned, there is just a proliferation of devices, a proliferation of data, so how do you have defense in depth so you don't have perimeter-based security, but you actually have defense in depth at every level, and at its heart, it really falls down to how do you do encryption at rest, how do you secure the data encrypted? Who holds the keys for the data? What is the proliferation of the keys? How did the controls manage for that? Of course, of the data is encrypted, you really want to be able to do things upon it. You want to be able computer over it. You want to be able to queries, analytics, everything, so there's the question of how to securely exchange the keys? How do you make sure that the right virtual machines are running, the right computers running at the time to do the queries? That's the set of controls and security models and services that we provide in Azure that makes it super easy for customers to actually use that. >> Azure represent what's called the second big transformation for Microsoft where the first one might have been associated with Explorer, those amazing things that Microsoft did to transform itself in the 1990s and it seems to be going pretty well. How is security facilitating this transformation from a customer value proposition? >> Security is absolutely the number one question that every customer has whenever they start talking about the cloud, and so we take that very, very seriously. Microsoft spends over billion dollars a year on all of our security products all up. We have literally armies of people who do nothing every day but wake up and make sure that the product is secure, and that really boils down to two big pieces. One is how do we keep the platform secure from the security control that we have ourselves in the compliance ADA stations and everything to make sure that when customers bring their workloads to us, they are in fact kept secure. Second is a set of security controls that we provide the customers so they can actually secure their workloads, integrate their security models with whatever they're running on premise, and have the right security models, ADA stations, multifactor authentication, identity controls, et cetera for their own workloads. >> Security is very context specific. I'm not necessarily getting into a conversation about industry or whatnot, but in terms of the classifications of services that need to be provided, we were talking a little bit about how some of the services that you provide end being part of the architecture for other services within the Azure cloud. Talk a little bit about how you envision security over time evolving as a way of thinking about how different elements of the cloud are going to be integrated and come together in the role that security is going to play in making that possible and easy. >> You are absolutely right. Azure is composed of, right now, 80 some-odd different services and there's definitely a layering where for example, my components around the compute pieces are used by the higher order of services around HD insight and some of the analytic services and such, and so the security models we have in place internally for compute in turn are used by those higher order services, and the real value we can provide is having a common customer-facing security model for customers, so there is a common way by which they can access the control plane, do management operations upon these services, how they can access the endpoints of the services using a common identity model, a common security model, role-based access control, again, from a common perspective, logging, auditing, reporting, so all this has to be cohesive, correct, and unified so that customers aren't facing this tumultuous array of different services that speak different languages, so to speak. >> We are here at Fortinet Accelerate 2017. Tell us how long Microsoft Azure and Fortinet have been working together, and what are you most excited about with some of the announcements from Fortinet today? >> Microsoft and Fortinet partnership has been going on for quite some time. Specifically in Azure space we've been doing two different, two major thrusts around integration with the Azure Security Center which is a set of services that we have within Azure that provides turnkey access to many, many different vendors including Fortinet as one of our primary partners, and Fortinet also has all their products in Azure marketplace so that customers can readily in a turnkey manner use Fortinet next generation firewalls and such as virtual machines, incorporate those directly within their workloads, and have a very seamless billing model, a very seamless partnership model, a very seamless go-to-market strategy for how we jointly promote, jointly provide the services. >> One of the things that one of our guests was talking with us about today was really about it's an easy sell, if you will, at the C-level to sell the value of investing in the right infrastructure to secure environments. Looking at that in correlation to the fact that there's always historically been a challenge or concerned with security when it comes to enterprises moving workloads to the cloud, I'm curious about this easy-sell position that cyber security and the rise of attacks brings to seeing the adoption of more enterprise workloads. We are seeing numbers that are going to show, or predicting that north of 85% of enterprise workloads will be in the cloud by 2020. How much is Microsoft Azure seeing the fact that cyber security attacks are becoming more and more common, hitting some pretty big targets, affecting a lot of big names. How much are using that as an impetus to and maybe drive that adoption higher and higher from an enterprise perspective? >> Absolutely, I see that everyday. I give many, many talks to the C-level, to CSOs, CEOs, et cetera, and I can say in many industries like the banking industry, financial sector, 18 months ago banks did not have any interest in public cloud. Is just like, "Thank you, we have no interest in cloud," but recently there has been the dawning realization that Azure and the public cloud products are in fact, in many cases, more secure than what the banks and other financial industry sectors can actually provide themselves because we are providing huge amounts of investments from an ongoing basis that we can actually provide better security, better integrated security than what they can afford on premise, so as a result, we are seeing this now, literally, stampede of customers coming to us and saying, "Okay, I get it. "You can actually have a very, very "highly secure environment. "You can provide security controls "that can go well above and beyond "whatever I could do on premise, "and it's better integrated "than what I could ever pull together on premise." >> One of the reasons for that is because of the challenge of finding talent, and you guys can find a really talented person, bring them in, and that person can build security architectures for your cloud that then can be served, can be used by a lot of different customers, so what will be the role of or how will this need for talent in the future, what would be the role for how people engage your people, client's people engage your people to ensure that that people side and moves forward, and how do you keep scaling that is you scale the cloud? >> Certainly people are always the bottleneck in virtually every industry, and specifically within the computing space. The value that we are seeing from customers is that the people that they had previously on premise who were working to secure the base level common infrastructure are now freed because they don't have to do that work. They can do other interesting things at the application level and move their value added further up the stack which means I can innovate more rapidly, they can add more features more quickly, because they are not having to worry about the lower-level infrastructure pieces that are secured by Azure, so we are seeing the dawning realization that we are moving to this new golden age where there is higher degree of agility with respect to innovation happening at the application level, because remember, applications have to be, if you are having a compliant workload, if you are having PCI compliance within the credit card industry for example, you have to have the entire application and its infrastructure part of the compliance boundary, so that means when you are building that app, you have to give your auditors the complete stack for them to pass that. If you are only having to worry about this much as opposed to that much, then the amount of work that you can do, the amount of integration, the amount agility, the amount of innovation you can do at that level is many orders of magnitude higher, so you really see that the value that a lot of customers are having here is that their talented people can be put to use on more important higher order business-related problems as opposed to lower-level infrastructure level issues. >> Let's talk about that for second because one of the things that we see within our research is that the era of cloud as renting virtual machines is starting to transition as people start renting applications, or applications as services that they themselves can start putting together. Partly the reason why that's exciting is because it will liberate more developers. It brings more developers into the process of creating value in the cloud, but as they do that, they now have visibility, or they are going to be doing things that touch an enormous set of resources, so how do you make security easier to developers in Azure? >> The key is that we can do high degrees of integration at the low level between these very services. >> Peter: It goes back to that issue of a cascading of your stuff up into the other Azure services. >> Absolutely, I mean think about it, we sat on top a mountain of information. We have analytics and log files that know about virtually everything that's happening in the cloud, and we can have machine learning, we can have intelligence, we can have machine intelligence and such, that can extract signals from noise that would otherwise be impossible to discover from a single customer's perspective. If you have a low and slow attack by some sort of persistent individual, the fact that they are trying the slow and low attack means that we are able to pull that signal out and extract that information that would not be really physically possible, or economically possible for most companies to do on premise. >> Does this get embedded to some of the toolkits that we are going to use to build these next-generation cloud-based apps? >> It gets embedded into the toolkits, but it also gets embedded at the set of services like the Azure Security Center. A single pane of glass that's integrated with the products from Fortinet and others where the customer can go and have a single view across all their work was running within Azure and get comprehensive alerts and understanding about the analytics that we are able to pull out and provide to those customers. >> What's next? >> Security is an ever evolving field, and the bad guys are always trying new things, so the work that is really happening, a lot of the innovation that's happening is within the analytics, machine learning space around being able to pull more log files out, being able to refine the algorithms and basically being able to provide more AI to the logs themselves so that we can provide integrated alerts, like for example, if you have a kill chain of an individual coming in attacking one of your product, and then using that to the lateral mobility to other products, or other services within your product, we can pull this together in a common log. We can show to customers here's the sequence of this one individual that across three, or four, or five different services. You have top level disability, and we can give you then guidance to say if you insert separation of duties between these two individuals, then you could've broken that kill chain. We can do proactive guidance to customers to help them secure their own workloads even if they necessarily initially were not deployed in a necessarily most secure manner. >> George, we just have a couple of minutes left, but I'd like to get your perspective. You showed a tremendous amount of the accomplishments that Azure has made in public cloud and in security. What are the opportunities for partners to sell and resell Azure services? >> Absolutely. Microsoft has historically always worked incredibly well with partners. We have a very large partner ecosystem. >> Peter: It's the biggest. >> Is the biggest, exactly. Okay, I don't want to brag too much, yes. (laughing) >> That's what I'm here for, George. >> We see specifically in the security space that partners are increasingly, around 40% of their revenue increasingly is coming from cloud-based assets, cloud-based sales. We are setting up the necessary partner channels and partner models where we can make sure that the reseller channels and our partners are an integral part of our environment, and they can get the necessary revenue shares, and we can give them the leads on how the whole system evolves. Absolutely we believe that partners are first and foremost to our success, and we are making deep, deep, deep investments in the partner programs to make that possible. >> Well George, we wish you and Microsoft Azure continued success as well as your partnership with Fortinet. We thank you so much for taking the time to join us on theCUBE today. >> Thank you. >> And for my cohost, Peter Burris, I'm Lisa Martin. Stick around, we will be right back on theCUBE.

>> Narrator: Live from Las Vegas, Nevada, it's The Cube, covering Accelerate 2017. Brought to you by Fortinet. Now, here's your host, Lisa Martin. >> Hi, welcome back to The Cube. We are Silicon Angle's flagship live streaming program, where we go out to the events and we extract the signal from the noise, and we bring it right to you. We are in beautiful Las Vegas with Fortinet. Today, or this week is their Accelerate 2017 event, and we've been excited to be chatting with a lot of their folks and technology partners. Today we are joined by two gentlemen from Fortinet. First, we have John Maddison. You are the Senior Vice President of Products and Solutions. >> Indeed. >> Lisa: Hey John. >> Hi. >> Lisa: Thanks for joining us. We've got Joe Sykora who is the Vice President of America's Channels. >> Thanks Lisa. >> So guys, a lot of exciting stuff going on today. I wanted to give the viewers here who haven't had a chance to meet you guys yet, what you're both doing. John, you have a veteran. You're a veteran of over 20 years experience at telecom >> At least. >> At least 20 in IT infrastructure, security industries, you've lived in Europe and Asia and the U.S. and worked in those. Joe, you oversee quite a big channel of over 7400 America's partners and the entire channel strategy. So you guys are kind of busy. >> A little bit. >> Joe, you're probably pretty proud of this. You were named, in 2015, by CRN as one of the 50 Most Influential Channel Chiefs. >> Yes I was. >> Did you get like a button or hat? >> No, I think it's a t-shirt. >> Oh, t-shirt. >> Absolutely. >> Outstanding, so speaking of t-shirts, I have no segue there, wanted to understand, we've been talking to a lot of your folks today, as I mentioned. We talked to your CEO who was talking about this third generation of security and kind of where we are today with that. And then we talked to Drew, the CFO, who was really talking about the criticalness of trusting data. With the announcement today, maybe John I'll throw this to you, the announcement today of the new products and technologies, how are they going to continue to facilitate or enable your customers, direct or indirect to be able to trust their data? >> Yeah, so we announced the fabric last year. Today, we announced our operating system Fi.6, which is extension of the fabric. We also announced something called intent-based network security, which is the next generation of network security that Ken Xie, our founder, talked about. And then we also announced, the third thing is our new security operations solution, which brings together several products for the infosec world. So I think all of these come together to make sure that we're continuing the effort to make sure our customers are safer, that they can integrate the fabric into their infrastructure and obviously, that's very important to their brand. >> That was going to be one of the things I was going to talk about is are you seeing that you're making a difference in the brand of a customer? We were talking, before we started today, and a lot of you are familiar with some of the the big breaches, I mean, breaches are a common, daily occurrence, but when when they start happening in brands it's the consumers know who aren't in technology becomes a suddenly, can I trust this particular brand where I normally go and buy household products. So it sounds like the announcements today are really next generation leading you guys to continue to be able to deliver, not just that comfort level that your customers need in terms of we can trust our data, but also helping them improve their brand so that their customers trust their brand. >> Exactly and so, you know, the fabric has expanded in that we've expanded it across multiple now attack vectors so what used to be really focused on the core network, we can now cover email, we can now cover the web, endpoint and also, you can see some of our partners around here, we've also expanded our fabric-ready so the fabric here has several APIs, multiple APIs that allow different partners to connect into it. And so, we haven't announced it totally yet but we've got six new partners, some big companies like Cisco and HBE, actually joining our fabric-ready program to be part of the fabric. So we can cover the entire infrastructure of any company. >> Fantastic, so speaking, we'll get to that in a minute but one of the topics that's also come out today, as we've seen the evolution of security from perimeter based security in the 90s to you know, web security, cloud security. Moving towards 2020 and the fact that it's 2017, a little scary, we're pretty close to that and we're seeing this explosion and proliferation of mobile devices, of IOT devices, lot of lack of security there. As we get to that point, one of the other themes that we're hearing a lot about here today is that there is a gap in terms of of resources. What is Fortinet doing to help bridge that gap, that your customers are facing? Where it comes to, specifically, network security programs? >> So one of the programs we launched again, a couple of years ago was the Network Security Expert program, NSE, in 2016, we had over 30,000 certificates issued on NSE. It's probably one of the largest security programs, 'cause one of the big issues for customers and our partners is just the skills gap, cybersecurity. We also, actually, use a lot of those materials and assets and give them to Universities who are starting to do their programs as well. That's really essential for our partners to be trained at the lowest level in terms of the basics, but also, we've had about 40 people take part in our Network Security Eight architecture program. You can see them, these are the pins, actually, we have, which are NSE one to seven, but the NSE eight are the red ones and there's about 40 now of what we call security solution architects, who can go into companies and look at their complete infrastructure and give them an update in terms of security. >> Excellent, so want to touch on the channel, for a moment. Ken talked about the security fabric architecture, you mentioned that it was launched last year. What has been the reaction of the channel? >> Oh, it's been absolutely great. It's about mid-year last year's when we announced that. Embraced by the channel, in fact, CRN named it the security product of the year, for 2016. >> Lisa: Oh, fantastic, congratulations. >> Very proud of that. And that's actually the feedback of the channel partners. It resonates. It's creating new opportunities for our partners. Combine that with the training that John just talked about, I mean, they're armed to really just go out there and help solve all those end user programs, problems. >> Thank you, and sorry for interrupting. What are some of the main pain points that you're hearing through the channel, that customers are experiencing as we start to see big attacks have become more and more prevalent, the Dyn attack recently, DdOS being common types of attacks. As more and more things, like critical infrastructures are becoming plugged into corporate networks, and more mobile and more IOT, what are some of the pain points that your customers are experiencing, and how are they, looking to resolve and mitigate some of the challenges that they have leveraging the security fabric architecture? >> Sure, well attacks are going to happen, right. We know they're going to happen. It's how fast can you react to those attacks. And the fabric actually enarms our partners to just have intelligence on what is actionable and what's not actionable. So we're tryin' to automate that. Some of the future stuff that we're going to be doing later in the year is going to even enable them more. But it's all about simplifying it for our partners to react to what needs to be reacted to. >> Are you seeing, from an industry perspective, we were talking with Derek Menke, excuse me, about healthcare really being at the top of the at risk from an industry perspective. But in the general session today, there was a CSO panel and there was Verizon was there, Levi's was there, as well as Lazard. We saw Telefonica throughout the event today, the Steelers. Are you seeing through the channel, and maybe this is a question for both of you, are you seeing particular industries at more risk coming to you through your customers' needs or is it fairly agnostic from a security perspective? >> Yeah, I think on the channel side, obviously, everyone's at risk, right. So I think it's the value of those of the incidences is really more highlighted. So when Derek talks about healthcare, for example, dealing with people's lives is important along with you health records. So that's much more valuable than say, at the Steelers, not being able to get on the guest wifi. So I think everyone's at risk. All of our channel partners have different verticals that they go after, and it's all the same, it really is. >> Yeah, I would say the risk is pretty broad across every vertical, I mean, yes healthcare, the healthcare records are extremely valuable, but also the financial industry. You've also got industrial controls systems, for example. You've also got retail and so, I think every vertical, every industry is taking security very, very seriously. And back to your previous question about how is the fabric helping partners, I think, previously, they had to kind of stitch together a lot of point solutions themselves. I think with the fabric, it gives them an architecture or a framework. It could be mostly Fortinet gear. It could be Fortinet plus some of their other partners. It helps them put that in place across the entire infrastructure. >> You bring up a good point, John, that that was brought up a number of times today and that is the role of the CSO now being, you know, kind of think, is that guy or girl at the lead of the digital army? But that person is inheriting, we were seeing a couple of different reports, North of 25 different security technology, really kind of a patchwork environment. In that kind of situation, where now security is a board level conversation, how is Fortinet direct, and through the channel, helping that CSO? Is that a key buyer for you that you're helping to figure out, I've got this patchwork here, how do I build it into a fabric or a fabric around it? >> What we've seen, what I've experienced in the last 10 plus years in security is, I'd often go into a room and there'll be the network security people on one side of the table, and the security people on the other side of the table with the CSO and the CIO and I think, that gradually over the last three years, I've seen more cooperation. So now, when we have briefings with customers and partners, you'll see both teams together. You'll see a new role inside customers called the Security Architect, that's looking holistically longer term over the security architecture. And one of our announcements today around the security operations center is to do, just do that, bring together the SOC and the infosec world, together with the network security world. We did a demo today on stage showing that bringing together our Forti SIM, our Forti analyzer with our fabric to bring those two worlds together, because as Joe says, you know, there's a report done by Verizon on the breach report that says, within 60 seconds, you can be compromised. You've got basically 60 seconds to stop that threat and so speed is very important. So giving our partners this ability to bring together a fabric, with Fortinet gear, with our partners' gear, that provides very fast protection is very important. >> Excellent, one of the things, too, that I found interesting today was learning about what FortiGuard Labs is doing. I read over the weekend what Derek Menke's team published, the 2017 predictions. Really quite frightening. And he was on the show earlier and saying, that they're already seeing a number of these things already in play. How much more intelligent malware is getting, and the pervasiveness of the threats there. How are some of the new technologies announced today, maybe enhancing or what FortiLabs is doing from a threat intelligence perspective, is that something that was part of? >> Yeah, that's a really important area. I think the vendor community needs to do better in sharing the threat intelligence. I think, today, it's in pockets, but I think long term, it's absolutely essential that threat intelligence get shared across the whole community because, with some of the new threats coming, the machine to machine threats, the scale and the speed's going to be even more. You saw the Dyn attack last year on Ddos. That's going to be small compared to some things coming up. So I think, longer term, the fabric across the infrastructure, and then the security vendors getting together and sharing that threat intelligence so you've got a bigger view of the attack surface is absolutely essential to stop the new type of threats. >> Exactly, and as that attack surface is growing by the day. So last question, before we wrap up here, give you guys both a chance to answer. At the beginning of your fiscal year, here we are in January, what are you most excited about for the channel in 2017, for example? >> Sure, opportunity, right. For our channel partners, we've got probably one of the strongest channel partners just the overall. We're aligning, realigning with our field teams, so just the resources that all of these partners have. I think the opportunity's great, the market's great, like you said, you open up anything now, and you see, okay, it's been infiltrated, it's been hacked. So I think we're all going to have a really good 2017. >> Fantastic, John, what about you? What are you most excited for? >> I was most excited about this interview, actually, that's what I was looking forward to. >> Wow, fantastic, we'll close there. (laughter). >> No, I think it's obviously, rolling out more of our technology, integrating more of our partners, training more of our partners and helping them with their customers. >> Fantastic, well the buzz and the momentum here and also, the passion for both yourselves and your roles and your peers and your colleagues is really palpable. So I want to thank you both for joining us on the Cube today. >> Thank you. >> And we wish you the best of luck at the rest of the event. >> Thanks Lisa. >> Alright, for John and Joe, I'm Lisa Martin. You've been watching the Cube, but stick around, we'll be right back.

>> Announcer: Live from Las Vegas, Nevada. It's the Cube covering Accelerate 2017, brought to you by Fortinet. Now here are your hosts Lisa Martin and Peter Burris. >> Hi welcome back to the Cube. I'm Lisa Martin joined by my co-host Peter Burris and we are with Fortinet in beautiful Las Vegas at their Fortinet Accelerate 2017 event. A great event that brings together over 700 partners from 93 countries. And right now we're very excited to be joined by one of their technology partners, Carbon Black. Jim Rein, welcome to the Cube. >> Thank you very much, I appreciate it. Great to be here. >> Absolutely. You are a key alliance partner, Carbon Black, as you're the director of technology alliances. I knew you've been at Carbon Black for three years but you're quite the veteran in terms of technology, engineering, sales, channel services expertise, quite the veteran, quite the sage. But some interesting things that I wanted to let our viewers know about Carbon Black, and we'll have you expand upon this is that you guys are the leading cloud based endpoint security company that stops cyber threats. And that your roots are actually in offensive security. You now protect more than seven million endpoints worldwide and 30 of the Fortune 100 are your customers. Tell our viewers a little more about Carbon Black. what are you doing? What are some of the things that you are seeing as security now as a boardroom level topic? >> We're seeing a lot of changes. It's the idea of taking an endpoint context, what's actually happening at the endpoints. The endpoints are always the real source of where the attacker was really targeting to get to the information. For such a long period of time we've used legacy technology to really to do that. So we're looking at what are some things that we need to do now to really change that entire game. And one of the key things about that is looking beyond just simple files. Malware's bad, we know that, and we have great ways of stopping that for years and our attackers are moving well beyond just malware today and they're moving really into leveraging different attacks by actual actors within the customers' environments. And so we're really positioning ourselves to stop those next threats, the new threats that we're seeing and do it in such a way that it's very easy for a customer to do. Still manage, still maintain it, and then integrate that with other things. >> And I think the key word is integrate it with other things. Because it's not just enough to know what the endpoint's doing, you have to know what the endpoint's doing in the context of what its supposed to be able to do with those other things. Talk a little bit about that and Fortinet come together for customers. >> So it was really important. We've had a really strong opinion that open APIs are very important. The idea that we're better together than we are apart. And that really is true in security. For too long we've had different vendors that have tried to installing everything under one roof and the problem is that most customers will make financial investments within a given product and then they need to capitalize on that, on every single new product they bring on board. With us at Endpoint Contacts we really wanted to make sure that our endpoint data, the actual vision of what we're seeing, could be shared with network entities, could be shared with a sock. And so the sock can have a holistic picture of the entire environment not just on premise but also off. >> Talking about endpoints, tablets, mobile, the proliferation of IOT devices, how does a company nowadays that, we we're talking off air, but the day of everyone getting issued a phone or a Black Berry is over. But when we're all providing our own devices as employees, how realistic is it for a company to actually secure the things that I as an employee are doing with my own devices? On a corporate network. >> It's really tough. It's really tough. We have to control the things we can control, right? Which are the endpoints that we issue. So the laptops, the desktops, the home systems. For a lot of engineers now with a remote context, they're working from home on an iMac. We need to be able to protect that as it was on a corporate network. And so part of that is taking that off network devices, but enabling the corporate assets, the actual on network devices, to leverage that. And that's what we've done with Fortinet. We leverage the FortiSandbox so that whenever we see a brand new binary on an endpoint, we can submit that to FortiSandbox and say, is it good or is it bad? Obviously we don't know that binary at that point, we're making a determination. And if FortiSandbox comes back and says that is malicious, we can not only stop it from executing again, but also terminating in motion. >> One of the things I'm curious about, during the general session this morning, there was a Cecil panel of Levis, AT&T, and Lizard was there. There were also some great customer videos. Pittsburgh Stealers. And some other telecommunications companies. When we're talking about what you're doing at Fortinet, expand upon that a little bit more in terms of the integration. Also are you focused on certain industries that might be at higher risk? Health care, financial services, for example? >> I mean I'd like to say yes, but honestly I think everybody's at a high risk. The hard part today is that attackers are going after wherever they can find the most valuable data to them. And it's not based upon my role or my job or my industry, it's based upon what that attacker actually needs. And so we see it in small mom and pop shops, we see it in health care, we see it in finance. Definitely see it in retail a lot recently and manufacturing. And so we really view it as the customer needs to take a proper assessment, understand where their assets are, and then deploy multiple different layers, which includes an endpoint solution, to actually stop that. So you take our next generation endpoint. You take Fortinet's advanced capabilities on the network. You take the visibility what they've done with the fabric, and now all of a sudden you have this really great solution that does protect the assets they can control. For IOT I mean honestly that'll be something that we'll have to challenged for with a while. But if these can segment that a little bit and protect what I can control, I don't throw my hands up and say I can't do anything. Now I have IOT segment in such a way that I can properly address that with an overall posture. >> Can we presume that your customers have this awareness as knowledge that we're already breached, we now have to be providing or limiting damage? Is that the feeling and the vibe that you're getting when you're talking to customers about endpoint security? >> We hope so. We came out about three years ago and said that there's an assumption of breach. Which is don't assume you won't be, assume it's already happened. And assume you just don't know about it. And that's really a reality I think for a lot of people nowadays. You know Ponamon does a really great yearly expose where it talks about how long a breach has occurred within environments, and it's 200 plus days or some number. The point is it's always a significant amount of time. So the ability to have more visibility within a network, not only on the network side but also on the endpoint side, and combine that into one view is so important. Because most customers honestly don't know they have that. And then what it is, it's a panic situation. And that's rough. >> But increasingly, in enterprise, it's providing service to a customer or partner, is really providing service to an endpoint somewhere. >> It is. >> And so we know for example that when the bad guys are trying to do something malicious, they're just not getting into your network, and working their way through your systems until they can find the most valuable data. They also know that if you are a trading partner, that even if your data is not that valuable, the trading partner's data may be very valuable. And so they are hopping corporate boundaries as well. And so trading partners absolutely have to be able to secure and validate that their relations are working the way that they're supposed to be working. So how does my ability to be a trading partner go up and down based on my ability to demonstrate that I've got great endpoint security in my business? >> You know it's a great question, because I don't know of too many customers that have a strict validation to say if I'm a partner of yours, not a technology partner but a business partner, that I expect you to maintain a certain level of security protection. There's just an automatic assumption that we partner with you know Sea-bil or somebody else and of course they have a protection enabled. I think you have to raise it up a level. So we have to have a policy mindset to not say that you know obviously we have different solutions deployed, but what have I enabled? From a very broad perspective, what kind of things do I allow my endpoints or do I allow my network to do? What kind of things do I disallow, do I block? Do I have control of domain admin? Something as simple as that. But that forms a policy, and then different companies can match policies together and say, yes you actually do comply with our policy or our security posture, therefore we're going to enable the partnership. Because you're right. If I come in through a partner, does that allow my insurance to cover me from a cyber protection perspective? That may be disallowed because it may be seen as an authorized entry within an environment, not a breach. And so there's all kinds of complexities that come out of that. But we have to have a better way of communicating between our companies. >> So as Ken Xie, the CEO of Fortinet, talked about this morning in his key note. He was talking about the evolution of security, going from the perimeter to web, and web 2.0, cloud, and now we're moving towards 2020 in this time of needing to have resilience and automation. And it's also an interesting time as we get towards 2020, and that's not that far away. You know this is 2017, if you can believe that. The proliferation of mobile and IOT and tablet, I mean there's suspected to be about 20 billion IOT devices connected in 2020, and only about a billion PCs. As you see that proliferation, and you look at the future from an endpoint perspective, how has the game changed today, and how do you expect the game for endpoint security to change in the next few years as we get to 2020? >> I mean it's interesting, because I remember the days when I was first installing the firewall, the only one in my enterprise, and working through that, that kind of perimeter and barrier concept. And now that barrier's disappeared. So we see a lot of things moving to cloud. And I think that really is the key enabler. What Fortinet is doing with the structure, they're really targeting for a cloud controller, cloud protection, we're seeing it from a lot of vendors. There's a lot of focus on that right now. Because if I have a mobile device, I may not be able to attach the mobile itself, because of the operating system or restrictions from the provider like IOS has in it. But I can control the application, I can tie into that. And if I tie that back to my corporate environment, so the same policies are being applied, and I can apply that down to my endpoint to make sure that at least from an application perspective, what's running on my laptop is the same control segment running on my application in the cloud. I now have a better control of the entire environment. And I think that's where our first step is. There's going to be a lot of advances I believe really in the next 10 years, five years or less for 2020, that really bring about some unique things concerning to mobile and IOT. >> Can you share with us a little bit more exactly how your technologies integrate with Fortinet's technologies, especially kind of looking at the announcements today? What they're doing with FortiGate, the announcements with the operating system? >> Absolutely. So today from an endpoint perspective, anytime we see a binary that comes on from our CB protection product, we'll send that to FortiSandbox. First we'll quarry it, find out whether or not they've seen it before. If they haven't, we'll send it to them, and they can do a detonation. Obviously we're taking the results of that back and we're making a block determination on that. Obviously those are things that we haven't already seen before. So different protection modes, different protection policies are in place. But if I haven't seen that particular binary, something brand new, it could be malicious, it could be a zero day. I can play that against the FortiSandbox and find out whether or not it actually does have that malicious nature to it and then act upon it. >> I've always though of endpoint security, and tell me if I'm right, as the first line of defense. >> It is. We've always thought of the firewall as the first line, because we think outward in. But really it is inward out, because you use your laptops at home, right? So it is the first place that everything always starts. >> So it's the first line of defense, to my perspective, and increasingly as businesses deliver, provide, or their services are in fact based on data, that that notion of the first line of defense creates new new responsibilities for both customers as well as vendors, as well as sellers. So over the next few years, how is that notion of the first line of defense going to change? Are we going to see customers start thinking about this, and whether or not I'm a good customer? How do we anticipate kind of some of the social changes that are going to be made possible by evolution of endpoint security and how it will make new demands on endpoint security? >> It's going to start with more visibility. I don't mean that in a very broad sense. But today we have antivirus solutions that we're really targeted about, just simply binary yes or no. Do I allow something to execute or not? And that worked very well 10 15 years ago. Increasingly over time we know that it really hasn't, because advanced attacks have come around. So now we're applying more visibility to that endpoint, saying what actually is occurring, and how are those processes working together? If I see something operate from an email file, I click on it, something else happens, now all of a sudden there's code executing. That sequence of events or that stream becomes very very important for the visibility standpoint. Our project CB defense takes that streaming prevention. We say what is the risk factor scoring that we've applied to this, and how does that sum together not only blocking good and bad, but now I'm getting to actions. So now that I'm paying more attention, that rolls into what are users doing? What are they actually doing on the endpoints, and how does that policy dictate? I think for so long we've said that we can't approach endpoints because we can't control them, and that's the CEO's device or whatever it is. We're really changing that methodology. I think mindset wise people are okay with I need more controls on the endpoint, I need more capabilities. That's going to start transitioning to having conversations about well how do you control your endpoints? And suddenly there's more of a focus, besides just saying do you have something installed to block stuff? That conversation got really short, because it just doesn't work today. So I'm not saying do I have Carbon Black installed or anything else installed, it's what am I doing, what policy am I applying there, and then how does that match up to my business partners? >> I've made commitments to this customer, this customer's made commitments to me. Are those commitments being fulfilled, and is someone trying to step beyond those commitments to do something bad? >> I never want to be the source of an attack to my partner. (laughing) That would be the worst. >> And well there are some very high profile cases where an HVAC company for example suddenly discovered that they were a security risk to some very very big companies. It wasn't supposed to happen that way. >> And to your point before, it was an HVAC company. Nobody thought about HVAC being a targeted industry. >> A critical infrastructure, right, right. >> Exactly, it doesn't matter. People are after the data. They're after what's on the endpoint, and that's why we need to protect the endpoints as the first step. But obviously combining that with a bigger motion, because it's not all endpoint. There has to be a network barrier. You have to have other things involved. There's cloud now and were transitioning to Quickway, and that's where partnerships are going to be formed. I really believe that you're going to see more and more partnerships over time with this collective nature of leveraging Fortinet calls it the intent-based networking, right? So intent-based, what is the intent behind it? What is the attacker really trying to do? And I love that and that concept, because it really does match up well with us. >> Well but as security practices and technologies improve in one area, security practices and technologies have to improve in all areas. Otherwise one part of that security infrastructure becomes the point that everybody's using for the attack. >> A vulnerability, right. >> Yeah, it's a vulnerability. My point is a lot of people are now starting to think, oh endpoint security, that's not that, this. No, that too has to evolve. And it's going to create value, and it has to, in context, it has to evolve in the context of the broader class of attacks and the things that people are trying to do with their data in digital business. >> Absolutely. I think that a lot of customers have realized that they're making that a part of their overall security planning. You know for three years our what am I going to do, and where do I stand at today? And obviously there's existing license cycles and things like that on the network side as well. But I think a lot of customers are starting to formulate a whole plan about how do I look at my entire infrastructure? Forget what I have. Let me say I want to have certain protections in place. First off, do I have them? And if not can I plug something in that actually still will seamlessly integrate? And that's a really important point for a lot of our customer base. >> And speaking on kind of giving you the last word Jim, you both talked about evolution here. As we look at where Carbon Black is today, you were just named by Forrester as the market leader for endpoint security, fantastic. Looking at that going into 2017 as we're in January 2017, the announcements from Fortinet today. What most excites you about this continued technology partnership? >> Continued with Fortinet? >> With Fortinet, yes. >> Okay, I thought you were talking over all, it's good. Honestly it's something as simple as their approach to the APIs. I mean it sounds silly, but at the end of the day, if their approach is really to leverage and to work with other partners, and that's what ours has been for a long time. So we're not saying it just has to be our product, it just has to be our solutions. They're saying whatever the customer is already invested in, we're going to make it better. And that's a strong message we've had for a long time as well. I don't care what you've put in for a firewall necessarily. But I do want to be able to integrate with that, because the customer needs that. It's not me being very selfish so to speak. Customers are demanding that they have a simpler solution to manage. And it's that simplistic way, that's where we're headed from and endpoint perspective, of having a solution that actually takes in everything from the environment and really makes it a common view, for the instant responder and the personnel. >> And it's all essential for digital business transformation which is as we've been talking about Peter is the crux of that is data and that. Well Jim Rein from Carbon Black, thank you so much for joining us on the Cube today. And on behalf of Peter Burris and myself Lisa Martin, we thank you so much for watching the Cube, and we're going to be right back.

>> Announcer: Live from Las Vegas, Nevada; it's the theCUBE covering Accelerate 2017. Brought to you by Fortinet. Now, here are your hosts Lisa Martin and Peter Buriss. >> Hey, welcome back to theCUBE. We are live in Las Vegas at Fortinet 2017. Fortinet Accelerate 2017 I should say. I'm your host Lisa Martin. Joined by my co-host Peter Buriss. We're really excited to be here today. First time for theCUBE and we are next joined by, Drew Del Motto, who is the CFO of Fortinet. Drew, welcome to theCUBE. >> Thank you, Lisa. >> Great to have you. I really enjoyed your keynote this morning. If you weren't able to see it, very passionate, very intellectual keynote. Some of the nuggets here that I wanted to talk to you about first just to kick things off; is just sharing with us, you have over 20 years of financial management experience in network security. You said, you started as a CPA. As we look at the generation of the business economy the digital economy and also now we're at this dawn of data. Love to get your perspective on defining that to our viewers. You mentioned that data is worthless is we can't trust it. And really that it's key to business value. Can you expound upon that? How critical is data trust for an organization to achieve? >> I think it's just core to value creation because it's as simple as if you're putting information out there and you think somebody's going to get to it, then you may not put the information out there. I think I've shared a statistic where a consulting group said that there was 5X the value for data that you trust. You created more data if you trusted it and they got about 5X the data. The monetizable data, which ultimately is what drives value in the new economy. So if you look at the most valuable companies in the world, I think I mentioned Amazon, Alphabet, Google, Facebook and Microsoft. All of them cloud, mobility, analytics. They're using data in their business models to drive it, right? But you trust them, right? And that's the key point. And they feverishly, energetically protect that data. And that's why you trust your data to put it there. >> But it's not just trust the data, because one of the interesting things about data is because it can be copied, be shared, it's trust in future uses of that data. that's one of the big challenges. Not only do we have to be able to demonstrate that we have an infrastructure or a fabric of capabilities that allow us to trust data now, but also that it will allow us to change how we use the data, introduce new ways of using the data, and very quickly validate and verify that we can trust that use too. Is that true? >> Absolutely, Peter, I think that's right. And I think most companies participating in a meaningful way to the new economy, very thoughtful about what data they're looking for and how they're going to monetize that data. I think of the business models of, clearly advertising and anything that's related to advertising. Very clear to see that they need data to grow their business right. And the core is the trust of that, and they continue to do that. But then you look at the other data that's around, many people aggregate data that they use and sell back to you in some way, for location based services or personalized services. Especially in healthcare, where you see that and that's a very valuable story. And if you don't trust your healthcare data, you're probably not going to trust whatever they're trying to sell you, right? But there's a lot about of value for you personally, simply because you can improve your health. Maybe you live longer, maybe you avoid some illness that could be pretty painful. But you have to ultimately trust that, that's being used in a useful way for you and is protected, so it doesn't get in the wrong hands. >> So we think about digital business as, boils down to very simply, a digital business uses data to differentially created sustained customers. >> Drew: Fair enough. >> So, the idea then, is that I now have to start looking at my data as an asset, that can generate a return for shareholders. Generate return for customers, generate return for the stakeholders. We don't typically think of data as an asset though. As you and your peers start thinking about how to start evaluating data, or thinking about data as an asset, where are we on that journey of getting to a point where we actually look at data as something that is a source of value in and of itself and creates value in new ways? >> Peter I think it might be helpful to actually even share some numbers. 'Cause what comes to mind for me was the McKinsey study that said there was about $7.8 trillion alone generated in 2015 that's monetizing data, right? So if that data weren't there, Then, that value wouldn't be there. And that's about 10% of the global economy. That's amazing. Just think about that and you think about the companies that I mentioned earlier, the value there are about two trillion dollars of market cap right there. Clearly, the lynchpin to that is digital trust, their use of data, until you can grow it all the time. I think of it as an asset. I think that I want to have it. I want to know how to protect it. I want an architecture that's proactive. That is driven by the business, right? But complimented by a secure infrastructure, So that I know, people know, that I have digital trust. I can trust the data, right? I have to print data as a CFO, right? If my investors don't trust it, guess what? I have a problem, right? So I think it's the same way around in anything you do business wise and just think as data being the fuel of the next generation economy. Look, data's also power, not to get into politics, but think of the power of the data that the Trump campaign had in the upper Mid-West. They had some data that obviously, the other side didn't have and it was very useful for them crafting their message and getting elected. >> I think we can definitely agree, no matter what side of the fence you're on, that there was influence there from an election perspective. One of the things that I'm interested in getting your perspective on is you were talking about, in your keynote this morning, the role of the C-Suite, how it's changing. You said, "It's kind of cliche," but in the last five to seven years we've seen this either emergence of the CSO or maybe an evolution from the CSO to the CSO. And there was a panel this morning of three CSO's from AT&T, Lazard and Levi's. My ear went up wondering if I was going to hear cyber security differences based on the industry. And it really seemed, and what we've heard from some of your peers and technology partners on the show today is, it's quiet agnostic. But I'd love to get your take on, you were talking about how you view, as a CFO, data as an asset. In the role of the CSO, is this guy or gal, when it comes to cyber security, are they now on the front lines as the leader of a cooperation's digital army? Or is that digital army now maybe a little bit more broad across that C-Suite in a company that needs to trust data in order to have value? >> Great question, Lisa and it was a great panel. What I took away from it was that the CSO is very much the quarter back, right? So I think everybody plays a role, it's a team. And when they break huddle, everybody has an assignment. They look at the play they're going to call and they run it and the CSO is really taking information from everybody and rolling it together in a way to underlie the trust, making sure that they're driving towards digital trust ultimately. That's the role and they have to take input from the CEO on the business propositions, the vision. The CFO on risks and the investment profile. The CIO on how they're going to drive the business with IT, and then their role is ultimately to advise and help drive the business going forward. And make sure they're compliant. When you talk about verticals, I think it's generally agnostic. I think there are some areas where there's obviously some compliance with credit cards and financial institutions and healthcare clearly, given the information there. But generally speaking, I think it's the same all around. If they're successful, the key is to not be right themselves, but to get it right with that team. >> I love the analogy of the quarter back actually. We were talking, actually before we started this segment that there's estimates that a CSO is inheriting more than 25 different security technologies to defend and protect and remediate and we've been talking as well with some other guests, today on this show that a lot of companies now have this sort of assumed breach mentality. Can you expand a little bit more on that CSO as the quarter back. What they're inheriting and how they need to navigate through that environment in order to extract value from that data? >> Well, it's the vectors that we all hear everyday right? It's IOT, you here more mobility, more cloud and more data. And even some of the things out there just generate data, right? I think it's just an aggregation of an architecture that reflects that. There's a lot of silent business units ruling their own technology, right? And there's a lack of talent. I think that came up a lot this morning was just a complete lack of talent. There's a lot of people in college, but they don't have a lot of experience yet. So, I still think we have a dearth of talent. There's some compliance and then ultimately, you're trying to get the best architecture for the company. So, I think that's the quarterback. Really trying to bring all those conversations to the table. Help the company draft a vision that's business forward that reflects digital trust ultimately, and reflects something that's affordable and manageable. And I think you do that with an architecture, a lot of listening, I think they key is listening. Again, what I said earlier, it's not about any one person being right, it's about getting it right for the company and their customers, so they trust the data. >> That's a great message, fantastic. >> As you think about the evolution of the relationship between the CFO, who has a responsibility for risk and generating return on assets and the CSO, who is part of this new team that's going to increasingly have to think in terms of creating digital asset value. How is that relationship going to change over the next few years? >> Well, I think the new awakening, the message is that there's an opportunity for value creation. One of the things I said this morning, as a CFO, I love it when somebody brings me and investment an alternative. If they just bring me a cost, (laughing) >> That's cost and you say no. >> I take a deep breathe (chuckles) and I try not to say no, sometimes you can't control it, but really you always want to think about the business first. That's the job, right? CFO certainly. You think about your shareholders. Your trying to find them an appropriate return, the best possible return on the investment. So, it's always investment forward. Think about the investment. Does it provide the right type of return? And I don't see how anybody can argue that in this dawn of data, if you will, all the analytical opportunities out there, and the ability to drive a business with that data, and the value it creates. That trust isn't at the core and investing in that trust is a great idea. >> Also, it means, I would think, that there's going to be some experience curves associated with this process. And your ability to off the experience curves in your business is highly dependent upon how successful you are at choosing partners and laying trust in those partners so that they can do a great job of what they're doing as well. How does Fortinet tell its story to its customers, that working with us you will have a trusted partner, but also we will be providing the platform that will facilitate you being a more trusted partner? >> Well Peter, from my perspective that's an easy question. It's Fortinet's security fabric and everybody's talking about platform, but platform is like a ship with containers on it, right? You may bolt them down, but if the ship tilts they fall off. A fabric is knitted together, right? It's not a patchwork. It's not thread. it's a coat, right? It's something that you bought to protect you. And Fortinet's that security fabric reflects the breadth of product portfolio we have. It goes through the cloud, into IOT, provides the performance necessary to run the business. It doesn't create friction. It's broad, it's powerful and it's secure. And you get that transparency across the business. It updates itself automatically. It's fully integrated and it works for today and tomorrow. >> So one last question here. >> Sure. >> Drew, giving you the last word. One of the things that I also found very intriguing this morning was that you were talking about the difference between selling fear versus selling value. As we look at where Fortinet is today, and also Ken Xie the CEO did mention this morning that you got this goal as a company to become number one by 2020, which is just a few years away. What excites you about the announcements today as well as the vision of Fortinet going forward to really enable your customers and your partners to deliver the trust those customers need? >> Yeah, I think we're helping them be business forward. I think we're helping them be business first. When I look out there and I see everybody saying, "Oh the attack surface is increasing, "cyber crime, cyber criminals, somebody hacking away "in a garage in some country far away, "and they can easily do this." Those things are generally true, but what I really want to do is build an infrastructure that drives my business, so that I could participate in a big way where the economy is going and that's about data and analytics. It's like I said, it's the dawn of data. And I think we can do that in a very differentiated way and very value oriented way for our customers that no one else can do and that's Fortinet's security fabric. >> Well, what a fantastic way to end the conversation there. I love that you said how important the role of listening is. I think that's quiet an agnostic importance there. Drew Del Matto CFO of Fortinet. Thanks so much for joining us on theCUBE. >> Thank you Lisa, Thank you Peter. >> Peter: Thank you, Drew. >> And on behalf of Peter Buriss, I am Lisa Martin. You've been watching the theCUBE, stay tuned. We'll be right back. (upbeat music)

(soft music) >> Narrator: Live from Las Vegas Navada, it's theCUBE, covering Accelerate 2017, brought to you by Fortinet. Now here are your hosts, Lisa Martin, and Peter Burris. (soft music) >> Hey welcome back to theCUBE, I'm Lisa Martin with my co-host Peter Burris. We're coming to you live from Las Vegas, we're with Fortinet today, at their Accelerate 2017 event, which brings together end-users, over 700 partners from 93 countries, great buzz today, very excited to be joined by Richard Hannah, who is the VP of information services at Gibson Energy. Richard, welcome to theCUBE. >> Thank you for having me. >> Great to have you here, first and foremost, Richard, help us understand, what is VP of information services? >> So maybe first off, I'll just explain Gibson Energy. >> Yes, that was probably my first question. (laughs) >> So Gibson Energy is a Calgary Canada based midstream oil and gas company. But we do have locations throughout North America. In all the major oil base in throughout North America. We're considered a mid-stream oil and gas company, which if you, the categories of the, of the Energy industry is really, upstream would be the companies, that are taking the product under the ground. Downstream would be closer to retail, and we're in the middle, so midstream side, so basically that entails, logistics, so, think trucking, train, some moving of the oil and gas, um, infrastructure, around storage, um >> You're getting into refinery >> Pipelines that kind of stuff, yeah, and then the marketing side, would be, the actual going to the end customers, so our marketing group would be looking for the end customer, like refineries et cetera. So that's kind of what makes up, makes up our company. About two, over 200 locations, pretty complex business. So to your question, Gibson is a 60 year old company never had a kind of a senior IT leader in its history, but through a number of acquisitions, we had doubled in size, kind of coming into, 2013, and so I was hired as their first VP of IT, and basically look after all of the strategy around technology, the operations around technology, security of technology for the company. >> So a lot of companies are now looking at IT as not just handling the operations of known processes and by known processes, I mean accounting, HR et cetera, >> Right. >> But they're actually looking at IT to be a partner in going after opportunities, that may not be so well formed. >> Right. >> That may require analytics or be dependent upon analytics, is Gibson starting to think in those terms? Is that a part of your remit as an executive within Gibson, is to help think that process through? >> Definitely yeah, I think you know, there's obviously the normal day to day keep the lights on, of IT, and there were some, major investments, and transformations if you will, that needed to happen on the technology side, and that's kind of what went on in the, say the 2015 to 2016 range, but now we are actually, you know as you discussed, we're actually now looking at ways of using technology to add value to the company, I think, you know IoT, is a great example of that, we're doing some interesting things with IoT, doing some interesting things with HoloLens, so we're actually starting to, you know, be that true, kind of, strategic enabler for the company. >> Well talk about some of those IoT opportunities, I mean, certainly, in the midstream oil and gas universe, there's a lot of very, very expensive equipment >> Right. >> But it has to be maintained and taken care of. So how is IoT starting to impact the way, the business operates >> [Right. So yeah, as you mentioned, we have, you know, thousands and thousands of devices in the field. >> Peter: Not little tiny things. >> Not little tiny things >> No. >> These are big things. >> Yeah. >> Bigger than a bread box kind of stuff. >> Exactly. So, um, you know, before the concept of IoT, um, any monitoring, or data that you had to get off any of those devices, was largely manual, or didn't exist at all. So a great example of our first, interest in IT was with one of our disposal wells, well sites, in the middle of Alberta, and, basically, you know, it disposes of things that can't be used within the, you know, within the downstream side of the business, so it environmentally safely disposes of dirt and mud and those types of things, water, a lot of water that obviusly comes out of the production side. So that disposal well, think of it as a large heater that, heats up to you known large, you know, temperatures and as part of the disposal process. So prior to IoT, there was no way to really have any data on how that well was functioning, and when was the proper time to actually do preventative maintenance on the well. So we connected the well to you know, using IoT technology, through to the Cloud, and then, and then provide an analytics on the back end, to actually provide information on how that well was actually performing, from a heating standpoint, et cetera. So the operation team can actually, now real time, look at how that well is performing, and then perform maintenance when it's actually time to do it versus just doing it, you know based on gut feel. So save you know, thousands of hours of maintenance, thousands of man time, et cetera, so that's just one example of how we're connecting, you know, some of our devices. We are actually now starting to connect our our weight scale, which is part of our our logistic side of things. So again, prior to connecting those, the weight scale, somebody actually had to go out and take the measurements, write them down, take them back and put them into the operational system. Now, we can do that real time as well. So considerable efficiencies gained at the same time, you mentioned the word transformation before, I think you both did, you also talked about this growth there, so from a Cloud journey perspective, as we think of transformation in that sense, what is what's been the strategy that you've been employing as your generating, bringing more IoT devices online, to support the business, make it more efficient. What has your journey to the Cloud been, especially related to the growth that's happened in such a quick pace? >> Right. So, when I arrived back in 2013, as I mentioned, there was a fair bit of transformation that had to happen, on the IT side, and we're talking, you know, new ERP, new, so a lot on the application side including, new ERP et cetera, but on the infrastructure side, we required, again, a lot of transformations, sorry to keep using that word, but I think it's overused a lot, but it's the best way to describe what was happening. >> Evolution, transformation >> But, everything from our network, to our data centers, to security et cetera. So on the data center side, because of, the number of acquisitions the company went through, we actually, were sitting with seven data centers, and for a company our size, I mean way too many data centers a lot of cost, a lot of, you know, man power, to maintain those data centers, four of them in the US, three of them in Canada. So part of our strategy as a pertain to data center, was to consolidate, and you know I remember the kind of as we spoke about the strategy, was we need to move from somewhere from seven to less than seven, and zero was the right answer. (laughs) So meaning, wanted to get out of the data center business, and wanted to to go to the Cloud as much as possible. So we're now on that journey, we have, by the end of 2017, we'll have one physical data center, and the rest will be in the Cloud with Azure. >> And you're on that journey with Microsoft Azure, which is a big technology, alliance partner with Fortinet. Talk to us about the consolidation of data centers, and where does the security angle enter the picture, is it there from the beginning or is it something that has evolved as you transformed? >> I would say, largely evolved, so as we started architecting our, our cloud strategy with Azure, I mean Azure comes with, you know, a lot of security components, but at the same time we wanted to be in control of our own destiny as it were, as it pertains a security, so we wanted to have access to the firewall side of things, so that's how we got into working with Fortinet. And it was, we had never been a Fortinet customer prior to that, but as we looked at how to we secure Azure and how do we provide access to our network team, as it pertains to our connectivity to the cloud. Fortinet kind of, came out as the clear winner, through our due diligence, and we've been quite impressed with their capabilities, their partnership with Microsoft and Azure and their, you know, their ability that helped us architect a real secure solution as pertains to our cloud connectivity. So over the next couple of years, you're going to see more IoT? >> Definitely, that's 2017, I's say you know, two main strategies for 2017, security and IoT. >> So are you going to be seeing more edge oriented IoT >> Yes. >> So you're going to be, doing a fair amount of processing close to the end because of physics, so one of the things that we say, is we think that there's going to be less data move back to the Cloud, and more Cloud move to the edge. >> Right. >> How are, how do you see the relationship between, midstream oil and gas, being, processing at the edge, doing, running models at the edge, and making sure that the data that's in flight, which can be very strategic and very valuable, a lot of different dimensions remains secure. >> So you know as I mentioned at the outset, very complex company, and moving a lot you know, a lot of might, you know, what we call, oil and gas, and the other products that go with that. And I think, so if, as we look at IT, similar, right, very complex, network, very complex system that we have in place. And so, analytics is becoming, you know, quite important, to our whole running of the business, and obviously IT being the enabler of analytics, so, that is, you know, that's really what's moving us towards, and to do that, sorry, and to do that with, devices in the field, thinking your network is becoming very complex. So, not just wired devices any longer, wireless is a huge part of our network now, and keeping those things secure, and the fact that we're actually connecting to things that run, you know, the crown jewel, so to speak, makes it even more imperative that we have, you know, very, focus on security, and obviously great partners like Fortinet to help us keep those assets secure. >> From a security perspective, just curious from your standpoint, are you kind of the, the leader of that digital army, within Gibson or with your other peers on that c-suite to facilitate not only this journey to cloud, and I really liked how you about it Peter with the cloud moving out to the end points, what's your role in sort of, and how is it measured, facilitating security from, from that, eventually one data center out to those mobile IoT devices in the field. >> Right. So, I mean you know, as I mentioned, security is kind of one of our top strategies, unfortunately, I guess it has to be. But it's not hard to sell the importance of security, with, you know, the other senior leaders of the team. I think, the you know, the incidence that are happening in the world and the media, attention on security, makes it, makes >> Even in Canada. >> Even in Canada, yeah. (laughs) Makes it, you know, apparent that, that is kind of one of the questions that everybody's asking, >> Right. >> And in our business energy business as well, I mean, health, you know HSS and eHealth, security is paramount to what we do, you know, physically in the field, so security, from a digital standpoint is, I guess an easy sell. To your question, it's very top-of-mind everybody and IT kind of holds that banner as it, as it pertains to um, you know, the security of our digital assets. >> In some, in some senses, you might be able to say that some of the recent breaches, and we know that now they happen daily, but some of the ones that have been, in the media that you mentioned, could in some cases, in your role, maybe even be an advocate or an advantage for, you were saying it's kind of an easy sell, we understand the importance here. We want to get out ahead of it. Understanding, at some point, we're probably go into, get to the point of really being able to limit damage, that it's not a challenge in terms of the buy-in from your executive management. >> Right, and you know, the risk I think for us is disruption, um, and you see, you know, there's incidences around the globe, where, whether it's, you know, other utilities have been disrupted, you know, through breaches, so you know, that is our focus is, how do we ensure that our day to day operations are not disrupted by you know something that could have happened to from a, you know, from a digital security standpoint. >> Got it. Well it sounds like you have a quite a big 2017 ahead, continued success in the big data center, from seven to eventually zero with Microsoft Azure, that you're going to do. We thank you Richard Hannah, VP of information services, at Gibson Energy, thank you so much for joining us on theCUBE today. >> Alright, thank you for having me. >> And on behalf of Peter Burris my co-host, and myself Lisa Martin, thank you so much for watching theCUBE, stick around and we'll be right back. (upbeat music)

>> Live from Las Vegas, Nevada, it's theCube, covering Accelerate 2017, brought to you by Fortinet. Now, here are your hosts, Lisa Martin and Peter Burris. >> Hi, welcome back to theCUBE, SiliconANGLE's flagship show, where we go out to the events, and extract the signal from the noise. Today we are in Las Vegas. I'm your host, Lisa Martin, joined by my co-host, Peter Burris. We are with Fortinet at their Accelerate 2017 event, and we're very excited to be joined by one of the keynotes today, Patriche Perche. You are the Senior Executive Vice President of Global Sales and Support. Welcome to theCUBE. >> Thank you. >> You've got a very interesting background. You've got over 20 years of experience in the IT security industry. You manage Fortinet's global sales and support organizations. As the leader of this, you've talked about it this morning in the keynote, where 700 partners are here, and users here as well, Fortinet is in 93 countries. The theme of the event: No Limits. What does that mean to you, what does that mean to your partner, and your channel community? >> Well, definitely this event is critical for us, and for our partners. You can see in the background, there's a lot of people. We have a strong representation across the world. The theme of this event is about the new challenge that we're all facing, due to the digital economy, the rise of the IoT, the rise of the virtualization, the Cloud, whether it is public or private, all those new premise for the digital economy need to be secure, so security becomes a big enabler for the future of the digital economy. Which means, for our partners, and also for customers, security needs to be embraced at a very high level, to be able to evolve their business, so that's really a critical point. We see that the overall network security came, and the cybersecurity, came to an affliction point, where, during the last 15 years, they'd been built by adding, in fact, point solutions, reacting to threats, which led to a very complex environment. We have also another major challenge, which is the skills shortage worldwide, so they cannot choose faith about this new technical challenge, so they have to find a solution where we can automate the protection and the defense, and also build more collaboration between the communities. That's all about the team of No Limits, and also the launch of Security Fabric, which provides strong coverage, so it's very broad, we can cover all aspects, whether it's IoT, virtualization, and, of course network security. It's also fed by cybersecurity regions, because you need to have those information pulled back to the device, to be able to react on time to new threats. This information, it's also very valuable for the business, because they can return on business value, and we know that digital age will be all about data value. I think it's really a very exciting moment for our partners, and we have seen that they're growing from last year. I think we added about, roughly, 16,000 partners worldwide, so we have a big, big number now. I think it's really the time to reduce the complexity, automate, elevate, of course, the knowledge, due to the skills shortage we have, that partners has as well, and be able to enable the next age of the digital economy. >> You had a panel on the General Sessions stage this morning, of CSOs from AT&T, Lazard, and Levi's, and one of the things that that panel was talking about, what you talked about, reducing complexity, is, really, we need to talk about the complexity, right? This is really critical to protect these critical infrastructures. So, from a complexity perspective, Peter, I'd love to get your thoughts on what you've heard today so far, and what Fortinet is doing with the Security Fabric to address that complexity. >> Well, there's a couple of things that I think we need to focus on, relative to complexity, and that is that the business is complex, but then, the individual elements that are intended to make business possible, are themselves, individually, complex. And I think one of the things that Fortinet's trying to do, is say, let's reduce the complexity of the security, so that that does not become a problem or barrier to the business. Because today we have data complexity, and application complexity, and security complexity, and organizational complexity, and financial complexity, and we need to find strategic and targeted ways to reduce the complexity of individual elements of that, so that we can focus more on the complexity of servicing the customer. And I think that that's a key message Fortinet's trying to bring, is, what can we do to reduce security complexity, or networking security complexity, and data security complexity, so that we can liberate more talent to focus on the business opportunities? Is that accurate? >> Yeah, that's definitely the case. We see that, as soon as we were able to reduce this complexity, we will add value to the business. If you look from any large organization on the IT, of course, the responsibility towards cybersecurity is becoming very important on that side, at C-level. And often they try to go down to the people inside, but you cannot blame the people at the level, or whatever, they click to an email where there's an attachment, because they have to do, in fact, anyway. So the complexity and the pressure that are being putting inside the organization, has to be reduced, and that's the purpose of building a system with people, knowledge, data, that can react on real-time. That's really the value of the Security Fabric we develop. >> So, it used to be that, as an ex IT guy, it used to be that the security team was the Office of No. No, you can't do that; no, we won't let you do that. And there used to be this strong trade-off between was the initiative going to be secure, and how long did it take to actually execute? I hear you saying, and I want to just confirm this, is that, now we're working on how we can collapse the time between opportunity and execution, by making security go away as a barrier. Have I got that right? >> Yeah, exactly. I think the behavior of the some of the people in charge of security in the last 10 years was... They have to face new problems, new threats, and then, typically they have both the simple solution, and then... We landed with almost 35 different vendors into the security environment, and they are not talking all together. In fact, that's just increase the complexity. They land into situation where they recognize those don't work anymore, and that's, in fact, increase, potentially, the risk, because there is so much hold on the system. The fact that the knowledge that they had, in fact, is becoming more spread across the entire organization, is also a big evolution in terms of the mentality. >> Let's build on that, Patrice, because today, most of the threats take a long to develop, they're very sophisticated. So, someone will access, or will acquire access, to a particular system, that may not be very valuable, but they'll use that to get access to another system, and they'll use that to get access to another system, and if the business doesn't have a fabric, as you say, that's cognizant, or aware, of how all of these different elements play together, then you are facilitating someone being able to move through... Not detect, as they try to move, and that increases the likelihood that a company has a problem. So, it sounds as though it's increasingly important that you think in terms of a fabric, that is capable of observing how people are getting in here, trying to get in there, and has awareness of how the different security infrastructures actually work together. >> Yeah, definitely, I think one of the critical points about security is knowing. So, you have to know whatever the people, you have to know whatever of kind device, where they are, because we know today that it's not limited to a country. Cybersecurity is about world attack, so we see a lot of attack coming from foreign countries. You have to build a system that can collect those information, react on time, and, I think, the different components, they are working together, because often the threats can come from email attachments. It can be a different approach, or a IPS attack, or DDOS attack. But because those threats are always combined in the system, so you cannot detect at the email, so potentially they will be going through the system, and result in a system that communicates all together, and you don't know that this IP address has been already flagged as potential problems, while the email is going through. It's all about having the system, they are automated, and be able to have this global view. I think this is a very important aspect, because it's not just US-centric attack, and be able to quickly provide the value to the decision maker, because we have also less people on the Security Operations Center, due to the lack of skill, the skills shortage. The information has to go to these people in a very efficient way, and already highlight the importance of the attacks, whatever they are. That's how we can really reduce the time to detect, and reduce the time to act. >> You both mentioned a skills shortage, and that was actually mentioned in the keynote of the general session this morning. Is it the expectation, of Fortinet and your partners, that it has to be technology that's going to solve for that skills shortage? >> Yeah, I think we participate also, to try to resolve part of the skill shortage. We have launched, what we call, the NSE program, which is a certification that we launched, and we had about 60,000, right now, certified engineers in the world. In fact, just last year, we had about 34,000, so it has been growing fast. But we see there is a big requirement about acquiring this knowledge, which is becoming very complex, because every month, you have a new system you attack, so you have to be trained almost ongoing. And the level of the expertise is very high, so it's not like 20 years ago, where a firewall just blocking a system, so, easy to understand, easy for an engineer to understand, like people doing networking management. Security is much more complex. That requires ongoing training and knowledge transfer, to keep the people at the highest level. >> So one of the things, Peter, you and I were talking about, is that the security conversation is a board-level, boardroom conversation. From a partner community perspective, are you seeing, within the partner and the customer base, that there is now an expectation that, we're already compromised, we've got to now limit damage? Is that a broad expectation that most companies and industries have today? >> Yeah, definitely, I think the people... The company recognize that, anyway, they are being attacked, there is an issue. The role of the CSO inside a company is becoming very important. It's a kind of business enabler. It's not just a compliance answer, where before, they was there just to check the box on SOX compliance, or SCADA. So now they have to help the other business unit managers to run the company, and to transform the company to the digital age. >> Yeah, let me build on a couple of points that are being made here very quickly. First off, going back to the question of, is technology crucial? The digital business means that there will be greater demands on the security capabilities of the business. We cannot expect most business people to become smart about security, because this is very technical, hard stuff. We have to, therefore, make that capability more productive, and the only way to do it, is through technology. And that has become... The board is now aware of that, that the board recognizes, most boards recognize, that security in a digital world is a strategic business capability. It's tied to your brand, it's tied to your products, it's tied to the promises you're making to the marketplace. And, to your point, Lisa, they also recognize that they are constantly under attack, that there are intrusions, and the need is to limit those intrusions, by taking a system approach to it. And so, this notion of a platform is really, really crucial to delivering on what the board needs: a set of realistic, strategic security capabilities, that the business can count on. >> Yeah, definitely, and I think, you may have learned this morning, one of our customers, a big financial bank in the US, which implemented, in fact, the fabric, in fact, and it has been able to measure the reduction of internal threats, which was, one of the auditors said, "What's happened? Your system's networking?" In fact, it was the benefit of implementing the fabric. So, definitely, they recognized there is an ongoing problem inside the network, because, as we also say last year, it's no longer just the... You have to protect the perimeter. The threats come from inside, can be from employees. We also, with the fabric, we are able to create, what we call, internal segmentation, so, try to protect the data where they are, as the closest, and then also look about who is accessing to the data, and then flag to the relevant people if there is anomaly, and normal activity around those access of the data. Because as this evolution, the value is all about the data, so we have to protect the data, and that's the challenge of the system, so it's complex. That's also require collaboration. We do collaborate with cert companies, so we exchange. We're also the alliance founder for the cyber threats community. And we also expand our fabric, because we feel that the Security Fabric will be at the heart of the security strategy. And then, because security has to talk about application, about networks, you go inside all the system. So we build this fabric-ready program, and onboard a lot of other vendors, and that's the value for our customers as well, because then we can automate it, the security, and potentially the rules that need to be implemented after an attack, going to, potentially, the network device. So, it's just a team effort. I don't think that, Fortinet by themself, we can resolve the problem. It's combination of knowledge, people, other peers in the industry, and then we can really try to go against the threats that we know. Your life's always a chase. >> So, here we are, last word, giving, Patrice, to you, at Accelerate 2017. Great buzz here, you can hear and see it behind us. 700 partners here, end users. The announcement that came out today, what excites you most about this new year, this 2017, for Fortinet, and being able to help customers truly transform to a digital business, and trust their data? What's most exciting to you? >> Well, I think it's definitely, we all... There is a lot of feedback where we feel that, what we built in the last 16 years, in terms of technology, came through a very strong value proposition today. That's moving so fast, and there is only few vendor, in fact, on this standards, that they can do it; in fact, we feel that we are the only one on the security space. That's the echo I got from both the end user, but as well, the partner, you can see they are growing fast. So, yes, good promise for '17, and as you say as leader, of course we are expecting a great result. >> Excellent, Patrice Perche, thank you so much for joining. Peter, and thank you for joining as well. We thank you for watching theCUBE. We are live at Fortinet's Accelerate 2017, and we'll be right back. (electronic music)

(techno music) >> Narrator: Live from Las Vegas, Nevada. It's the Cube! Covering Accelerate 2017. Brought to you by Fortinet. Now, here are your hosts, Lisa Martin and Peter Burress. (techno music ends) >> Hi, welcome back to the Cube, I'm Lisa Martin joined by my co-host Peter Burress And today we are at the beautiful Cosmopolitan in Las Vegas with Fortinet at their 2017 Accelerate event. We're very excited to be joined by the founder, chairman of the board, and CEO of Fortinet, Ken Xie. Ken, welcome to the Cube. >> Ken: Thank you Lisa, thank you Peter. >> It's great to have you here, your keynote was very exciting, but first I kind of want to start back with your background, did some investigating. You have a very impressive background. You started your own, and your first network security company, SIS? S-I-S? Back at Stanford in the 90's. And, then on to NetScreen, and then, just about 17 years ago, you started Fortinet. So, congratulations on that 17th year. A great event, you talked this morning in the keynote, 93 countries, over 700 partners here, there's end-users here as well. The theme of the event, No Limits, What does "No Limits" mean in today's world of information, the proliferation of mobile IOT, etc. What does that mean to you? What does that mean to your partner community, and to your customers? >> Good, thank you. First, network security was probably the only thing I know. That's all the three company, from SIS to NetScreen to Fortinet is all about. You can also see the change in the last 25-30 years in the network security space. From very low priority in IT spending, now become the top 1-2 in priority in IT spending, and a lot of data information all transfer over to internet. And our daily life, and also a lot of business have to come back over to internet. So that's making a, that's a huge opportunity going forward, and what's interesting about security space, really, this constant changing, it never stays still, and you need to keep learning, keep changing, follow the change. So that's where, today, we are now, we started guiding the surge generation, on network security. Interestingly, my two previous companies, one involved in the first generation network security, one involved in the second generation, and how we start getting in the third generation. And it's all about changing from secure, just some system, or some connection, now to secure whole infrastructure. Because what happened in the last 17 years since we started Fortinet, there's a lot of mobile devices now, everybody has, maybe multiple, and there's a lot of data go through the cloud, which not happened before, and a lot of other IOT, everything connected. So how to secure all this data, become an issue. Like, in the past, internet not that popular, you can just secure a few connections good. And now there's data everywhere. So that's where we need to keep in changing, follow the trends, secure the whole infrastructure. >> Can you expand a little bit more, you talked about the security evolution in your keynote this morning, can you expand a little bit more about the third generation of security and what that means for healthcare companies, for financial services, and some of those industries that might be at the greatest risk? >> Okay, let me go back a little bit. The first generation of mail security is very simple, just control the connection. Who can connect, who cannot, right? So that's the firewall that do the job. And then, VPN just encrypt the connection. So, make sure people not tapping the traffic because the data is very simple. There's not a variation of executable, and not a very active content. And then 17 years ago, when we started Fortinet, we see the data get much richer, there's a web data, there's active executionable data, the variance that transfer from the connection no longer floppy drive. So, just the connection no longer enough, you get infected by virus all from permanent connection, which people you know, and the sentinel, same thing, get infected by virus. So, we need to look inside the connection, the content, the application, even the user device behind, that's the second generation, but now there's, even control the connection no longer enough, because the data no longer just for the one connection, the data no longer just sit inside a company, they no longer just sitting inside a server, it's everywhere. On your mobile, in the cloud, in all connections. So, that's where we need to go to the third generation of infrastructure. Especially, you mention, in few applications, like healthcare, finance service, so you can do the banking on your mobile device now, right? You can also check your, whatever, health appointment, or record on your mobile device, which a lot of data oddly in the cloud. It's no longer in hospital, no longer in your company, anymore. So, all this needs to be secure. So that's what changing the whole landscape, just a few connections no longer enough. So you need to look at where the endpoint is, where the access is, where the connection, network still important there, and also, what's the application. Like, healthcare different than finance service different than e-commerce. And then, also the cloud IOT is other end. So it's a quite a big landscape, big architecture, big infrastructure to really pry together now. >> And one of the things I read, Peter, in your recent research is security at the premier? One of the things done back in the 90's, is no longer successful. Can you expand a little bit more upon that? >> Well, it's necessary still, you have to be able to secure, but one of the ways that I would at least generalize one of the things you said, Ken, is that the first generation of security was about securing the device and connection to the device. >> Ken: There's a trial side and trial side. >> Right, exactly. Second generation was securing your perimeter, and now we have to think about security in the data. Because a digital business is represented through its data, and it's not just going to do business with itself, it has to do business with the customers. This is a major challenge. What it means, at least from our, what our research shows, and here's the question, is that increasingly, a digital business, or a company that aspires to do more things digitally, needs to worry about how security travels with its data, how it's going to present itself. In many respects, you know, security becomes part of a company's brand. If you ask Target or anybody who's had a problem the last couple of years, security becomes a crucial element of the brand. So, as you look forward, as we move from security being a something that was, what I used to say is, the office of "no" with an IAT, to now, a feature, a huge business capability that can liberate new opportunities, how is Fortinet having that conversation with businesses about the role that security plays in creating the business opportunities? >> Yeah, that's where we, today we just promoted recorded security fabric, right? So that's where, because the data is, like you said, everywhere, no longer, there is just a trial side and trial side, you just want to make sure the data in the trial side. Now, even if it's in the trial side, like inside the company, there's all different ways you can connect all sides, and the data no longer stays inside company, they go out to the cloud, they go out to your mobile device, you need to bring home. So, that's where we need to look at, and data, like you say, is so important for all the company business there. So we need to see how the data flow, and how this information, how this infrastructure actually handles data, so that's why we need to apply all the security, not just in the network side, also from access part, authentication part, to the endpoint part, to the IOT, to the cloud. So, that's all need to be working together. A lot of times you can see there's one part probably very secure, working well, but then there's other part not communicating with each other, maybe belong to different company, maybe it's totally different part of the device that don't communicate. So, that's where the fabric give you some much broader coverage, make sure different part covers, communicate together, and also the, also make sure they are fast enough. Don't slow down the infrastructure, don't slow down your connect efficiency. And then the third part really, you also need to be automated, handle a lot of threat protection there, because you can like, detect intrusion from your sent box, or from your endpoint, now how to communicate to network device, which they can study how to have all this attack. So, all of this has to be working together, starting at more infrastructure planar. >> So businesses today are looking for companies that can demonstrate that they are rock-solid in that first generation, that connection, that transaction, rock-solid on the perimeter, trading partners want to make sure that your perimeter security is really, really good, you still have to, you be able to have that, but increasingly that you can put in place policies and security elements and capabilities that can move with the data. I'd even say that you're not just securing your data, you're securing your business' value. >> Exactly, because, like you say, the data keeping moving around, and everywhere now. So now we also need to follow the data because all the value's in the data, so you need to follow the data, secure the data, protect the value. >> Yeah, that's what we regard digital business, we say it's essentially the recognition by businesses today, that how they use data differentially creates sustained customers is crucial to their strategy. And you want to be able to say, oh, new way of using data, but then the security professional, through that fabric, needs to be able to say, got it, here's how we're going to secure it, so that it sustains its value and it delivers its value in predictable ways. >> Yes, and knows to protect all this value. >> And one other thing, and this is very important, I know you talk about intent-based security, and we've talked about the notion of plastic infrastructure, that the lag between going after that new opportunity and then being able to validate and verify that you are not sacrificing security is a crucially important test of any security vendor's proposition to its customers today. >> Ken: Yes. >> So how is Fortinet stepping up to be a leader in collapsing that time between good business idea, validated security approach to executing? >> Because right now we talk about infrastructure. In the past it's only a system or there's a platform, which all kind of own kind of since inside box, right? So, now you have multiple box across different infrastructure, and a lot of times, the business intention not quite reflect, because business also keeping changing daily, but you don't see the infrastructure changing that quick. >> Peter: Mm-hmm. >> That's your talk about intended base, elastic base, networking, all these kind of things. So, how to follow the business change, how to have the scalability, and also how to make sure the infrastructure is the best-fit for the data need. So that's where, the same thing for security, and security also follow the infrastructure, so result all these automated, result is intent-based, like if you still have the old infrastructure, and you apply some security there, they may not follow the data efficiently. So that's, both part has to working together. Automated and also make sure they can follow the change. The other part, also, you also need to react very quickly. Somehow, you detect the intrusion from one part of infrastructure, so how to apply that one quickly to the whole infrastructure. That's also important because today there's a business policy, there's a device configuration policy, it's two different language. How to make two different language communicate, translate to each other, quickly react to each other, that's how the intent, how the elastic network has to be working together. >> So, in this age of hyperconnectivity that you talked about, being in this third generation of security, the network conversation, the security conversation are no longer separate. It's critical, to your point, Peter, about data bringing value, it's essential that organizations, like Fortinet, ensure or help enable a business to have that digital trust. With that said, and what you've talked about with the Fortinet security fabric, and why enterprises need that, what's kind of the last things that you'd like to leave us and our viewers with today? >> I'd say that lot of value in the data, and now, because data everywhere, lot in the mobile, in the cloud, and still in the server, and you need to protect the whole infrastructure. Follow the data, protect the data, and fabric's the best solution to do that, right? So you have a much broader coverage, a much powerful compared to system in the power form, and also lot of automated change needed to make sure the fabric adopt to what the data flow is. >> Fantastic. Well, Ken Xie, CEO, founder and chairman of the board for Fortinet, thank you so much for joining us on the Cube today. >> Thank you, Lisa and Peter. >> Best of luck with the rest of the No Limits conference, and we look forward to having more of your colleagues on the show. Peter, thanks for your commentary. >> Peter: Excellent. >> Thank you for watching the Cube, we'll be right back. (techno music)