>> Narrator: Live from Las Vegas, Nevada, it's theCUBE covering Accelerate 2017 brought to you by Fortinett. Now, here are your hosts, Lisa Martin and Peter Burris. >> Hi, welcome back to theCUBE. We are SiliconANGLE's flagship program where we go out to the events and extract the signal from the noise. Today, we are with Fortinet at their 2017 Accelerate event in Las Vegas. I'm your host, Lisa Martin, and I'm joined by my cohost, Peter Burris. We are fortunate right now to be joined by George Moore. George is the technology, excuse me, the CSO for Microsoft Azure who is a big technology alliance partner for Fortinet. George, welcome to theCUBE. >> Nice to have you, thank you. >> We are excited to have you on. You are, as you mentioned, the CSO at Azure, but you are the CSO for all of the Azure computer services. You are one of the founders of the Azure engineering team from back in 2006, and we were talking off-line. You hold over 40 patents in things like security deployment, interactive design, et cetera. You are a busy guy. >> I am, yes. (laughing) >> One of the things we have been talking about with our guests on the show today, and a great topic that was in the general session was about the value of data, and how do businesses transform to digital businesses. The value in that data has to be critical. I'd love to get your take on as businesses have to leverage that data to become more successful or to become successful as digital businesses, we know the security of the perimeter is not the only thing. It needs to be with the data. What is Azure doing to secure the cloud for your customers, and how do you help them mitigate or deal with the proliferation of mobile devices and IOT devices that they have that are connecting to their networks? >> Digital disruption is affecting everybody, and it is a huge thing that many companies are struggling to understand and to adopt to their business models, and to really leverage what digital can do for them, and certainly we are doing in the public cloud with Azure helps that significantly. As you mentioned, there is just a proliferation of devices, a proliferation of data, so how do you have defense in depth so you don't have perimeter-based security, but you actually have defense in depth at every level, and at its heart, it really falls down to how do you do encryption at rest, how do you secure the data encrypted? Who holds the keys for the data? What is the proliferation of the keys? How did the controls manage for that? Of course, of the data is encrypted, you really want to be able to do things upon it. You want to be able computer over it. You want to be able to queries, analytics, everything, so there's the question of how to securely exchange the keys? How do you make sure that the right virtual machines are running, the right computers running at the time to do the queries? That's the set of controls and security models and services that we provide in Azure that makes it super easy for customers to actually use that. >> Azure represent what's called the second big transformation for Microsoft where the first one might have been associated with Explorer, those amazing things that Microsoft did to transform itself in the 1990s and it seems to be going pretty well. How is security facilitating this transformation from a customer value proposition? >> Security is absolutely the number one question that every customer has whenever they start talking about the cloud, and so we take that very, very seriously. Microsoft spends over billion dollars a year on all of our security products all up. We have literally armies of people who do nothing every day but wake up and make sure that the product is secure, and that really boils down to two big pieces. One is how do we keep the platform secure from the security control that we have ourselves in the compliance ADA stations and everything to make sure that when customers bring their workloads to us, they are in fact kept secure. Second is a set of security controls that we provide the customers so they can actually secure their workloads, integrate their security models with whatever they're running on premise, and have the right security models, ADA stations, multifactor authentication, identity controls, et cetera for their own workloads. >> Security is very context specific. I'm not necessarily getting into a conversation about industry or whatnot, but in terms of the classifications of services that need to be provided, we were talking a little bit about how some of the services that you provide end being part of the architecture for other services within the Azure cloud. Talk a little bit about how you envision security over time evolving as a way of thinking about how different elements of the cloud are going to be integrated and come together in the role that security is going to play in making that possible and easy. >> You are absolutely right. Azure is composed of, right now, 80 some-odd different services and there's definitely a layering where for example, my components around the compute pieces are used by the higher order of services around HD insight and some of the analytic services and such, and so the security models we have in place internally for compute in turn are used by those higher order services, and the real value we can provide is having a common customer-facing security model for customers, so there is a common way by which they can access the control plane, do management operations upon these services, how they can access the endpoints of the services using a common identity model, a common security model, role-based access control, again, from a common perspective, logging, auditing, reporting, so all this has to be cohesive, correct, and unified so that customers aren't facing this tumultuous array of different services that speak different languages, so to speak. >> We are here at Fortinet Accelerate 2017. Tell us how long Microsoft Azure and Fortinet have been working together, and what are you most excited about with some of the announcements from Fortinet today? >> Microsoft and Fortinet partnership has been going on for quite some time. Specifically in Azure space we've been doing two different, two major thrusts around integration with the Azure Security Center which is a set of services that we have within Azure that provides turnkey access to many, many different vendors including Fortinet as one of our primary partners, and Fortinet also has all their products in Azure marketplace so that customers can readily in a turnkey manner use Fortinet next generation firewalls and such as virtual machines, incorporate those directly within their workloads, and have a very seamless billing model, a very seamless partnership model, a very seamless go-to-market strategy for how we jointly promote, jointly provide the services. >> One of the things that one of our guests was talking with us about today was really about it's an easy sell, if you will, at the C-level to sell the value of investing in the right infrastructure to secure environments. Looking at that in correlation to the fact that there's always historically been a challenge or concerned with security when it comes to enterprises moving workloads to the cloud, I'm curious about this easy-sell position that cyber security and the rise of attacks brings to seeing the adoption of more enterprise workloads. We are seeing numbers that are going to show, or predicting that north of 85% of enterprise workloads will be in the cloud by 2020. How much is Microsoft Azure seeing the fact that cyber security attacks are becoming more and more common, hitting some pretty big targets, affecting a lot of big names. How much are using that as an impetus to and maybe drive that adoption higher and higher from an enterprise perspective? >> Absolutely, I see that everyday. I give many, many talks to the C-level, to CSOs, CEOs, et cetera, and I can say in many industries like the banking industry, financial sector, 18 months ago banks did not have any interest in public cloud. Is just like, "Thank you, we have no interest in cloud," but recently there has been the dawning realization that Azure and the public cloud products are in fact, in many cases, more secure than what the banks and other financial industry sectors can actually provide themselves because we are providing huge amounts of investments from an ongoing basis that we can actually provide better security, better integrated security than what they can afford on premise, so as a result, we are seeing this now, literally, stampede of customers coming to us and saying, "Okay, I get it. "You can actually have a very, very "highly secure environment. "You can provide security controls "that can go well above and beyond "whatever I could do on premise, "and it's better integrated "than what I could ever pull together on premise." >> One of the reasons for that is because of the challenge of finding talent, and you guys can find a really talented person, bring them in, and that person can build security architectures for your cloud that then can be served, can be used by a lot of different customers, so what will be the role of or how will this need for talent in the future, what would be the role for how people engage your people, client's people engage your people to ensure that that people side and moves forward, and how do you keep scaling that is you scale the cloud? >> Certainly people are always the bottleneck in virtually every industry, and specifically within the computing space. The value that we are seeing from customers is that the people that they had previously on premise who were working to secure the base level common infrastructure are now freed because they don't have to do that work. They can do other interesting things at the application level and move their value added further up the stack which means I can innovate more rapidly, they can add more features more quickly, because they are not having to worry about the lower-level infrastructure pieces that are secured by Azure, so we are seeing the dawning realization that we are moving to this new golden age where there is higher degree of agility with respect to innovation happening at the application level, because remember, applications have to be, if you are having a compliant workload, if you are having PCI compliance within the credit card industry for example, you have to have the entire application and its infrastructure part of the compliance boundary, so that means when you are building that app, you have to give your auditors the complete stack for them to pass that. If you are only having to worry about this much as opposed to that much, then the amount of work that you can do, the amount of integration, the amount agility, the amount of innovation you can do at that level is many orders of magnitude higher, so you really see that the value that a lot of customers are having here is that their talented people can be put to use on more important higher order business-related problems as opposed to lower-level infrastructure level issues. >> Let's talk about that for second because one of the things that we see within our research is that the era of cloud as renting virtual machines is starting to transition as people start renting applications, or applications as services that they themselves can start putting together. Partly the reason why that's exciting is because it will liberate more developers. It brings more developers into the process of creating value in the cloud, but as they do that, they now have visibility, or they are going to be doing things that touch an enormous set of resources, so how do you make security easier to developers in Azure? >> The key is that we can do high degrees of integration at the low level between these very services. >> Peter: It goes back to that issue of a cascading of your stuff up into the other Azure services. >> Absolutely, I mean think about it, we sat on top a mountain of information. We have analytics and log files that know about virtually everything that's happening in the cloud, and we can have machine learning, we can have intelligence, we can have machine intelligence and such, that can extract signals from noise that would otherwise be impossible to discover from a single customer's perspective. If you have a low and slow attack by some sort of persistent individual, the fact that they are trying the slow and low attack means that we are able to pull that signal out and extract that information that would not be really physically possible, or economically possible for most companies to do on premise. >> Does this get embedded to some of the toolkits that we are going to use to build these next-generation cloud-based apps? >> It gets embedded into the toolkits, but it also gets embedded at the set of services like the Azure Security Center. A single pane of glass that's integrated with the products from Fortinet and others where the customer can go and have a single view across all their work was running within Azure and get comprehensive alerts and understanding about the analytics that we are able to pull out and provide to those customers. >> What's next? >> Security is an ever evolving field, and the bad guys are always trying new things, so the work that is really happening, a lot of the innovation that's happening is within the analytics, machine learning space around being able to pull more log files out, being able to refine the algorithms and basically being able to provide more AI to the logs themselves so that we can provide integrated alerts, like for example, if you have a kill chain of an individual coming in attacking one of your product, and then using that to the lateral mobility to other products, or other services within your product, we can pull this together in a common log. We can show to customers here's the sequence of this one individual that across three, or four, or five different services. You have top level disability, and we can give you then guidance to say if you insert separation of duties between these two individuals, then you could've broken that kill chain. We can do proactive guidance to customers to help them secure their own workloads even if they necessarily initially were not deployed in a necessarily most secure manner. >> George, we just have a couple of minutes left, but I'd like to get your perspective. You showed a tremendous amount of the accomplishments that Azure has made in public cloud and in security. What are the opportunities for partners to sell and resell Azure services? >> Absolutely. Microsoft has historically always worked incredibly well with partners. We have a very large partner ecosystem. >> Peter: It's the biggest. >> Is the biggest, exactly. Okay, I don't want to brag too much, yes. (laughing) >> That's what I'm here for, George. >> We see specifically in the security space that partners are increasingly, around 40% of their revenue increasingly is coming from cloud-based assets, cloud-based sales. We are setting up the necessary partner channels and partner models where we can make sure that the reseller channels and our partners are an integral part of our environment, and they can get the necessary revenue shares, and we can give them the leads on how the whole system evolves. Absolutely we believe that partners are first and foremost to our success, and we are making deep, deep, deep investments in the partner programs to make that possible. >> Well George, we wish you and Microsoft Azure continued success as well as your partnership with Fortinet. We thank you so much for taking the time to join us on theCUBE today. >> Thank you. >> And for my cohost, Peter Burris, I'm Lisa Martin. Stick around, we will be right back on theCUBE.