>> What are you? This's and who we are today? A za country as a university. Congratulations, Reggie Jackson. You are Cube alumni? >> No. >> Live from San Diego, California. It's the queue covering Sisqo live US 2019 Tio by Cisco and its ecosystem barkers. >> Welcome back to San Diego. Everybody who went to the Cube, the leader in live tech coverage. My name is Dave Volante, and I'm here with my co host Student of the day. One of our wall to wall coverage of Sisqo Live 2019 behind us is the definite zone. A lot of action here. A lot of the C c e E. Folks learning howto code infrastructure. A big trend in the business G written houses here is the senior vice president and general manager of the security business group Francisco. Gee, thanks for coming on the Cube. My pleasure. Thank you for inviting me. So we've been talking on the cube a lot about Cisco coming at it. Multi cloud, for example, from a position of strength, try to convince your customers that your networks air higher performance, more cost effective and very importantly, more secure, of course. And I mean everybody always wants more performance. They want lower costs. Security in many ways has begun to trump those other two attributes. They they become table stakes, security as well. But security is really number one. Now talk about that. Talk about the major trends that you're seeing. >> Well, of course, of course, security now is top of mind for everyone. Board level conversations, executive level conversations all the time. I think what ends up happening is in the past. We would think about it as network performance cost, etcetera security as a tangent kind of side conversation. Now, of course, it's built into everything that we do in the conversations that we have. And it's equally around performance, but also round simplicity, because security tends to be a little bit hard and lots of process. And how do you go through with compliance? Regulations were also folk. He's in a lot of effort on making it simple. >> Okay, so the big trendy, obviously, here's people talk about what you used to put all the money in the perimeter, hardened the perimeter. Now you can't dig a moat anymore. The queen leaves your castle. Yeah, it's a whole new paradigm. Yeah, So customers are realizing that it's a board level topic. Now, how is Cisco responding to that trend specifically? >> Well, quite frankly, what we're doing is taking that old perimeter and moving that perimeter to the appropriate spots Could be your branch. Now doing direct Internet access will move the perimeter to the branch. Could be your users. Your local mobile workforce will move the perimeter to surround those users and, of course, those applications that are sitting in the data center. Now, as they moved to and from the public cloud, we put segmentation, micro segmentation and follow them as well, to those perimeters are breaking down from one giant moat with the queen. Now we have lots and lots of little ones. >> So it's like the cubes do. You could bring it in exactly everywhere, everywhere built in. >> So you know what we know. It's a multi cloud world for customers today. One of the important pieces to help pull together the multi cloud is the SD land piece. Francisco, as a few diff different solutions in that space, an area. I was hoping you could explain that security piece of S t win, because people think of it so It's kind of like the old way, an opt or some of these other things. But security is such an important piece of that, you know, ever growing landscape. >> So you know, it's funny because people are adopting Ston for simplicity as well as lower costs, and the last thing we want to have forced people to do is to have tto bolt on various security solutions. Right then also, you know, the next day your network operations is complex again. So what we did last year was we took part of the security portfolio and built it directly into our on premises ston appliances so that you could take that ston deploy it. And so security is built in. That is a huge, huge market opportunity. And of course, since we also have a secure cloud platform, we're moving that same feature functionality into the clouds. So whether our customers want to secure their ston with technologies on Prem or in the cloud, Cisco has both ends >> covered wound. It ties into the whole development dev ops mentality and Christians appropriate here in the definite soon. But do you want to ask you how have organizations? However, there was security regimes or how are they evolving? How are they changing? It used to be okay. SEC ops. That's your problem, guys. It's your problem. And we know that doesn't work. Yes, a team effort. But talk about the organizational evolution that you're saying. >> We'll not only so the organizational effort. You were seeing a lot of the technology emerge and from an organization perspective, whether it's it's under a CEO or see. So that's a separate conversation. But from a technology perspective, they're getting heavily, heavily integrated. And that is now forcing network people to actually think about policy segmentation security muchmore than they were in the past and, conversely, security people starting to think about mobile devices and networking and things like that. So we're seeing this big blur across the organization, both from an operational perspective as well as processes and work flows. >> What about the role of data and analytics in terms of Howard informs you how that's evolving machine intelligence coming into play? How Cisco exploiting that? What's it going to >> mean for your customers? Well, as the industry leader in terms of security, we consume massive amounts of data. For example, we block 6,000,000,000 events per day. That's more than Google queries, right? We do 185,000,000,000 DNA s queries. That's 5% of the global Internet traffic. Of course, Ria's humans can't like calculate what's the good in the bad? So we rely heavily on machine learning, artificial intelligence and whatnot. We have the largest non government threat research group in the industry, and that's what they do day after day, looking for those needles in a haystack, thes threats in the sea of normal. >> And you can't do that with with alerts. I mean, just that way you've gotta have automation. So in his world of cloud, so so talk a little bit about the automation principles that you guys are done designing into your products. >> Well, security is one of the fields where not only do we have to calculate the alert, but we operate in the environment of false positives. You could turn on like we're going to protect you and block everything. But then also a lot of things that appear as threats actually weren't threats, those air, false positives. So our goal is to protect the enterprise and get zero false positive go all the way to the edge and the way we do that, of course, is not only tow, automate and say these are all your events, but we have to rank. Stack them in terms of importance. There's only a certain amount of time in the day, so you want to go to the most important, most critical event. Automate that, then go next the neck. So we automate but also ranks stack in the presence >> of false and do you see the day? Or maybe you're starting to get their ready where the machine actually acts as an agent for you and certainly, I'm sure a plugs, holes and things like that, but actually takes it one step further and makes decisions about what to go after. So >> in many cases, yes, particularly riel time around files and things like that in other cases? No, because there's a work floor flow there that says I'm actually not going to deploy those firewall >> rules >> until I test them and evaluate them and whatnot. So everything from rial time into probably >> aware you need a human and that you do, in the end, the Yeah, yeah, >> So in an ever 10 changing threat landscape. But, you know, how do you make sure you keep up? Cisco's made a number of acquisitions. How do you make it a seamless, you know, security environment for them, despite all of these various threats and attacks. >> So welcome to my day job studio. So essentially, we've done two things. We've taken all these assets, and we do accumulate and acquire the market leaders in the space. And the first thing that we do is integrate the back end. Though all those events I was telling you about, they're coming from all of these technologies, so we bring them all back so that we can focus on the efficacy. That is a big step, but that's what we do first. Then the second step, once that's done, is to integrate the front end so that the user, the customer, can sit there and go. Oh, I'm tracking an event. It came in through our email. It came in through a firewall, came through our end point and unify the front and experience. But the first thing we do is always on the back, >> so you get a lot of pressure from customers, obviously, because you are the network. You get a lot of pressure for them. But you in a position now, toe, actually lead the transformation with your customers. I mean, the whole paradigm shift, the mind, this shift. And what do you doing along those lines? >> So we are absolutely leading our customers were leading it and secure D A direct Internet access and SD win. The other thing that we've been investing heavily is in zero trust. So instead of just allowing everyone on the network and follow the threats we acquired Duo last year the leader in M F A. A and zero Trust. And now we're integrating that into the network so that we can also establish trust. But then block and verify. >> Craigie, I know you gotta jump, so thanks so much for your time. I recognize you. Thank you so much for coming. You're welcome. Great to have you. All right, keep it right to everybody. We'll be back with her next guess right after this short break, David, want a student at Lisa? Martin is also here. You watching the Cube from Cisco Live? San Diego back? >> No,

>> From theCUBE Studios in Palo Alto in Boston, bringing you data driven insights from theCUBE and ETR, This is "Breaking Analysis with Dave Vellante". >> Black Hat 22 was held in Las Vegas last week, the same time as theCUBE Supercloud event. Unlike AWS re:Inforce where words are carefully chosen to put a positive spin on security, Black Hat exposes all the warts of cyber and openly discusses its hard truths. It's a conference that's attended by technical experts who proudly share some of the vulnerabilities they've discovered, and, of course, by numerous vendors marketing their products and services. Hello, and welcome to this week's Wikibon CUBE Insights powered by ETR. In this "Breaking Analysis", we summarize what we learned from discussions with several people who attended Black Hat and our analysis from reviewing dozens of keynotes, articles, sessions, and data from a recent Black Hat Attendees Survey conducted by Black Hat and Informa, and we'll end with the discussion of what it all means for the challenges around securing the supercloud. Now, I personally did not attend, but as I said at the top, we reviewed a lot of content from the event which is renowned for its hundreds of sessions, breakouts, and strong technical content that is, as they say, unvarnished. Chris Krebs, the former director of Us cybersecurity and infrastructure security agency, CISA, he gave the keynote, and he spoke about the increasing complexity of tech stacks and the ripple effects that that has on organizational risk. Risk was a big theme at the event. Where re:Inforce tends to emphasize, again, the positive state of cybersecurity, it could be said that Black Hat, as the name implies, focuses on the other end of the spectrum. Risk, as a major theme of the event at the show, got a lot of attention. Now, there was a lot of talk, as always, about the expanded threat service, you hear that at any event that's focused on cybersecurity, and tons of emphasis on supply chain risk as a relatively new threat that's come to the CISO's minds. Now, there was also plenty of discussion about hybrid work and how remote work has dramatically increased business risk. According to data from in Intel 471's Mark Arena, the previously mentioned Black Hat Attendee Survey showed that compromise credentials posed the number one source of risk followed by infrastructure vulnerabilities and supply chain risks, so a couple of surveys here that we're citing, and we'll come back to that in a moment. At an MIT cybersecurity conference earlier last decade, theCUBE had a hypothetical conversation with former Boston Globe war correspondent, Charles Sennott, about the future of war and the role of cyber. We had similar discussions with Dr. Robert Gates on theCUBE at a ServiceNow event in 2016. At Black Hat, these discussions went well beyond the theoretical with actual data from the war in Ukraine. It's clear that modern wars are and will be supported by cyber, but the takeaways are that they will be highly situational, targeted, and unpredictable because in combat scenarios, anything can happen. People aren't necessarily at their keyboards. Now, the role of AI was certainly discussed as it is at every conference, and particularly cyber conferences. You know, it was somewhat dissed as over hyped, not surprisingly, but while AI is not a panacea to cyber exposure, automation and machine intelligence can definitely augment, what appear to be and have been stressed out, security teams can do this by recommending actions and taking other helpful types of data and presenting it in a curated form that can streamline the job of the SecOps team. Now, most cyber defenses are still going to be based on tried and true monitoring and telemetry data and log analysis and curating known signatures and analyzing consolidated data, but increasingly, AI will help with the unknowns, i.e. zero-day threats and threat actor behaviors after infiltration. Now, finally, while much lip service was given to collaboration and public-private partnerships, especially after Stuxsnet was revealed early last decade, the real truth is that threat intelligence in the private sector is still evolving. In particular, the industry, mid decade, really tried to commercially exploit proprietary intelligence and, you know, do private things like private reporting and monetize that, but attitudes toward collaboration are trending in a positive direction was one of the sort of outcomes that we heard at Black Hat. Public-private partnerships are being both mandated by government, and there seems to be a willingness to work together to fight an increasingly capable adversary. These things are definitely on the rise. Now, without this type of collaboration, securing the supercloud is going to become much more challenging and confined to narrow solutions. and we're going to talk about that little later in the segment. Okay, let's look at some of the attendees survey data from Black Hat. Just under 200 really serious security pros took the survey, so not enough to slice and dice by hair color, eye color, height, weight, and favorite movie genre, but enough to extract high level takeaways. You know, these strongly agree or disagree survey responses can sometimes give vanilla outputs, but let's look for the ones where very few respondents strongly agree or disagree with a statement or those that overwhelmingly strongly agree or somewhat agree. So it's clear from this that the respondents believe the following, one, your credentials are out there and available to criminals. Very few people thought that that was, you know, unavoidable. Second, remote work is here to stay, and third, nobody was willing to really jinx their firms and say that they strongly disagree that they'll have to respond to a major cybersecurity incident within the next 12 months. Now, as we've reported extensively, COVID has permanently changed the cybersecurity landscape and the CISO's priorities and playbook. Check out this data that queries respondents on the pandemic's impact on cybersecurity, new requirements to secure remote workers, more cloud, more threats from remote systems and remote users, and a shift away from perimeter defenses that are no longer as effective, e.g. firewall appliances. Note, however, the fifth response that's down there highlighted in green. It shows a meaningful drop in the percentage of remote workers that are disregarding corporate security policy, still too many, but 10 percentage points down from 2021 survey. Now, as we've said many times, bad user behavior will trump good security technology virtually every time. Consistent with the commentary from Mark Arena's Intel 471 threat report, fishing for credentials is the number one concern cited in the Black Hat Attendees Survey. This is a people and process problem more than a technology issue. Yes, using multifactor authentication, changing passwords, you know, using unique passwords, using password managers, et cetera, they're all great things, but if it's too hard for users to implement these things, they won't do it, they'll remain exposed, and their organizations will remain exposed. Number two in the graphic, sophisticated attacks that could expose vulnerabilities in the security infrastructure, again, consistent with the Intel 471 data, and three, supply chain risks, again, consistent with Mark Arena's commentary. Ask most CISOs their number one problem, and they'll tell you, "It's a lack of talent." That'll be on the top of their list. So it's no surprise that 63% of survey respondents believe they don't have the security staff necessary to defend against cyber threats. This speaks to the rise of managed security service providers that we've talked about previously on "Breaking Analysis". We've seen estimates that less than 50% of organizations in the US have a SOC, and we see those firms as ripe for MSSP support as well as larger firms augmenting staff with managed service providers. Now, after re:Invent, we put forth this conceptual model that discussed how the cloud was becoming the first line of defense for CISOs, and DevOps was being asked to do more, things like securing the runtime, the containers, the platform, et cetera, and audit was kind of that last line of defense. So a couple things we picked up from Black Hat which are consistent with this shift and some that are somewhat new, first, is getting visibility across the expanded threat surface was a big theme at Black Hat. This makes it even harder to identify risk, of course, this being the expanded threat surface. It's one thing to know that there's a vulnerability somewhere. It's another thing to determine the severity of the risk, but understanding how easy or difficult it is to exploit that vulnerability and how to prioritize action around that. Vulnerability is increasingly complex for CISOs as the security landscape gets complexified. So what's happening is the SOC, if there even is one at the organization, is becoming federated. No longer can there be one ivory tower that's the magic god room of data and threat detection and analysis. Rather, the SOC is becoming distributed following the data, and as we just mentioned, the SOC is being augmented by the cloud provider and the managed service providers, the MSSPs. So there's a lot of critical security data that is decentralized and this will necessitate a new cyber data model where data can be synchronized and shared across a federation of SOCs, if you will, or mini SOCs or SOC capabilities that live in and/or embedded in an organization's ecosystem. Now, to this point about cloud being the first line of defense, let's turn to a story from ETR that came out of our colleague Eric Bradley's insight in a one-on-one he did with a senior IR person at a manufacturing firm. In a piece that ETR published called "Saved by Zscaler", check out this comment. Quote, "As the last layer, we are filtering all the outgoing internet traffic through Zscaler. And when an attacker is already on your network, and they're trying to communicate with the outside to exchange encryption keys, Zscaler is already blocking the traffic. It happened to us. It happened and we were saved by Zscaler." So that's pretty cool. So not only is the cloud the first line of defense, as we sort of depicted in that previous graphic, here's an example where it's also the last line of defense. Now, let's end on what this all means to securing the supercloud. At our Supercloud 22 event last week in our Palo Alto CUBE Studios, we had a session on this topic on supercloud, securing the supercloud. Security, in our view, is going to be one of the most important and difficult challenges for the idea of supercloud to become real. We reviewed in last week's "Breaking Analysis" a detailed discussion with Snowflake co-founder and president of products, Benoit Dageville, how his company approaches security in their data cloud, what we call a superdata cloud. Snowflake doesn't use the term supercloud. They use the term datacloud, but what if you don't have the focus, the engineering depth, and the bank roll that Snowflake has? Does that mean superclouds will only be developed by those companies with deep pockets and enormous resources? Well, that's certainly possible, but on the securing the supercloud panel, we had three technical experts, Gee Rittenhouse of Skyhigh Security, Piyush Sharrma who's the founder of Accurics who sold to Tenable, and Tony Kueh, who's the former Head of Product at VMware. Now, John Furrier asked each of them, "What is missing? What's it going to take to secure the supercloud? What has to happen?" Here's what they said. Play the clip. >> This is the final question. We have one minute left. I wish we had more time. This is a great panel. We'll bring you guys back for sure after the event. What one thing needs to happen to unify or get through the other side of this fragmentation and then the challenges for supercloud? Because remember, the enterprise equation is solve complexity with more complexity. Well, that's not what the market wants. They want simplicity. They want SaaS. They want ease of use. They want infrastructure risk code. What has to happen? What do you think, each of you? >> So I can start, and extending to the previous conversation, I think we need a consortium. We need a framework that defines that if you really want to operate on supercloud, these are the 10 things that you must follow. It doesn't matter whether you take AWS, Slash, or TCP or you have all, and you will have the on-prem also, which means that it has to follow a pattern, and that pattern is what is required for supercloud, in my opinion. Otherwise, security is going everywhere. They're like they have to fix everything, find everything, and so on and so forth. It's not going to be possible. So they need a framework. They need a consortium, and this consortium needs to be, I think, needs to led by the cloud providers because they're the ones who have these foundational infrastructure elements, and the security vendor should contribute on providing more severe detections or severe findings. So that's, in my opinion, should be the model. >> Great, well, thank you, Gee. >> Yeah, I would think it's more along the lines of a business model. We've seen in cloud that the scale matters, and once you're big, you get bigger. We haven't seen that coalesce around either a vendor, a business model, or whatnot to bring all of this and connect it all together yet. So that value proposition in the industry, I think, is missing, but there's elements of it already available. >> I think there needs to be a mindset. If you look, again, history repeating itself. The internet sort of came together around set of IETF, RSC standards. Everybody embraced and extended it, right? But still, there was, at least, a baseline, and I think at that time, the largest and most innovative vendors understood that they couldn't do it by themselves, right? And so I think what we need is a mindset where these big guys, like Google, let's take an example. They're not going to win at all, but they can have a substantial share. So how do they collaborate with the ecosystem around a set of standards so that they can bring their differentiation and then embrace everybody together. >> Okay, so Gee's point about a business model is, you know, business model being missing, it's broadly true, but perhaps Snowflake serves as a business model where they've just gone out and and done it, setting or trying to set a de facto standard by which data can be shared and monetized. They're certainly setting that standard and mandating that standard within the Snowflake ecosystem with its proprietary framework. You know, perhaps that is one answer, but Tony lays out a scenario where there's a collaboration mindset around a set of standards with an ecosystem. You know, intriguing is this idea of a consortium or a framework that Piyush was talking about, and that speaks to the collaboration or lack thereof that we spoke of earlier, and his and Tony's proposal that the cloud providers should lead with the security vendor ecosystem playing a supporting role is pretty compelling, but can you see AWS and Azure and Google in a kumbaya moment getting together to make that happen? It seems unlikely, but maybe a better partnership between the US government and big tech could be a starting point. Okay, that's it for today. I want to thank the many people who attended Black Hat, reported on it, wrote about it, gave talks, did videos, and some that spoke to me that had attended the event, Becky Bracken, who is the EIC at Dark Reading. They do a phenomenal job and the entire team at Dark Reading, the news desk there, Mark Arena, whom I mentioned, Garrett O'Hara, Nash Borges, Kelly Jackson, sorry, Kelly Jackson Higgins, Roya Gordon, Robert Lipovsky, Chris Krebs, and many others, thanks for the great, great commentary and the content that you put out there, and thanks to Alex Myerson, who's on production, and Alex manages the podcasts for us. Ken Schiffman is also in our Marlborough studio as well, outside of Boston. Kristen Martin and Cheryl Knight, they help get the word out on social media and in our newsletters, and Rob Hoff is our Editor-in-Chief at SiliconANGLE and does some great editing and helps with the titles of "Breaking Analysis" quite often. Remember these episodes, they're all available as podcasts, wherever you listen, just search for "Breaking Analysis Podcasts". I publish each on wikibon.com and siliconangle.com, and you could email me, get in touch with me at david.vellante@siliconangle.com or you can DM me @dvellante or comment on my LinkedIn posts, and please do check out etr.ai for the best survey data in the enterprise tech business. This is Dave Vellante for theCUBE Insights powered by ETR. Thanks for watching, and we'll see you next time on "Breaking Analysis". (upbeat music)

(gentle upbeat music) >> Welcome back everyone, to "theCUBE"'s live stage performance here in Palo Alto, California at "theCUBE" Studios. I'm John Furrier with Dave Vellante, kicking off our first inaugural Supercloud event. It's an editorial event, we wanted to bring together the best in the business, the smartest, the biggest, the up-and-coming startups, venture capitalists, everybody, to weigh in on this new Supercloud trend, this structural change in the cloud computing business. We're about to run the Ecosystem Speaks, which is a bunch of pre-recorded companies that wanted to get their voices on the record, so stay tuned for the rest of the day. We'll be replaying all that content and they're going to be having some really good commentary and hear what they have to say. I had a chance to interview and so did Dave. Dave, this is our closing segment where we kind of unpack everything or kind of digest and report. So much to kind of digest from the conversations today, a wide range of commentary from Supercloud operating system to developers who are in charge to maybe it's an ops problem or maybe Oracle's a Supercloud. I mean, that was debated. So so much discussion, lot to unpack. What was your favorite moments? >> Well, before I get to that, I think, I go back to something that happened at re:Invent last year. Nick Sturiale came up, Steve Mullaney from Aviatrix; we're going to hear from him shortly in the Ecosystem Speaks. Nick Sturiale's VC said "it's happening"! And what he was talking about is this ecosystem is exploding. They're building infrastructure or capabilities on top of the CapEx infrastructure. So, I think it is happening. I think we confirmed today that Supercloud is a thing. It's a very immature thing. And I think the other thing, John is that, it seems to me that the further you go up the stack, the weaker the business case gets for doing Supercloud. We heard from Marianna Tessel, it's like, "Eh, you know, we can- it was easier to just do it all on one cloud." This is a point that, Adrian Cockcroft just made on the panel and so I think that when you break out the pieces of the stack, I think very clearly the infrastructure layer, what we heard from Confluent and HashiCorp, and certainly VMware, there's a real problem there. There's a real need at the infrastructure layer and then even at the data layer, I think Benoit Dageville did a great job of- You know, I was peppering him with all my questions, which I basically was going through, the Supercloud definition and they ticked the box on pretty much every one of 'em as did, by the way Ali Ghodsi you know, the big difference there is the philosophy of Republicans and Democrats- got open versus closed, not to apply that to either one side, but you know what I mean! >> And the similarities are probably greater than differences. >> Berkely, I would probably put them on the- >> Yeah, we'll put them on the Democrat side we'll make Snowflake the Republicans. But so- but as we say there's a lot of similarities as well in terms of what their objectives are. So, I mean, I thought it was a great program and a really good start to, you know, an industry- You brought up the point about the industry consortium, asked Kit Colbert- >> Yep. >> If he thought that was something that was viable and what'd they say? That hyperscale should lead it? >> Yeah, they said hyperscale should lead it and there also should be an industry consortium to get the voices out there. And I think VMware is very humble in how they're putting out their white paper because I think they know that they can't do it all and that they do not have a great track record relative to cloud. And I think, but they have a great track record of loyal installed base ops people using VMware vSphere all the time. >> Yeah. >> So I think they need a catapult moment where they can catapult to the cloud native which they've been working on for years under Raghu and the team. So the question on VMware is in the light of Broadcom, okay, acquisition of VMware, this is an opportunity or it might not be an opportunity or it might be a spin-out or something, I just think VMware's got way too much engineering culture to be ignored, Dave. And I think- well, I'm going to watch this very closely because they can pull off some sort of rallying moment. I think they could. And then you hear the upstarts like Platform9, Rafay Systems and others they're all like, "Yes, we need to unify behind something. There needs to be some sort of standard". You know, we heard the argument of you know, more standards bodies type thing. So, it's interesting, maybe "theCUBE" could be that but we're going to certainly keep the conversation going. >> I thought one of the most memorable statements was Vittorio who said we- for VMware, we want our cake, we want to eat it too and we want to lose weight. So they have a lot of that aspirations there! (John laughs) >> And then I thought, Adrian Cockcroft said you know, the devs, they want to get married. They were marrying everybody, and then the ops team, they have to deal with the divorce. >> Yeah. >> And I thought that was poignant. It's like, they want consistency, they want standards, they got to be able to scale And Lori MacVittie, I'm not sure you agree with this, I'd have to think about it, but she was basically saying, all we've talked about is devs devs devs for the last 10 years, going forward we're going to be talking about ops. >> Yeah, and I think one of the things I learned from this day and looking back, and some kind of- I've been sauteing through all the interviews. If you zoom out, for me it was the epiphany of developers are still in charge. And I've said, you know, the developers are doing great, it's an ops security thing. Not sure I see that the way I was seeing before. I think what I learned was the refactoring pattern that's emerging, In Sik Rhee brought this up from Vertex Ventures with Marianna Tessel, it's a nuanced point but I think he's right on which is the pattern that's emerging is developers want ease-of-use tooling, they're driving the change and I think the developers in the devs ops ethos- it's never going to be separate. It's going to be DevOps. That means developers are driving operations and then security. So what I learned was it's not ops teams leveling up, it's devs redefining what ops is. >> Mm. And I think that to me is where Supercloud's going to be interesting- >> Forcing that. >> Yeah. >> Forcing the change because the structural change is open sources thriving, devs are still in charge and they still want more developers, Vittorio "we need more developers", right? So the developers are in charge and that's clear. Now, if that happens- if you believe that to be true the domino effect of that is going to be amazing because then everyone who gets on the wrong side of history, on the ops and security side, is going to be fighting a trend that may not be fight-able, you know, it might be inevitable. And so the winners are the ones that are refactoring their business like Snowflake. Snowflake is a data warehouse that had nothing to do with Amazon at first. It was the developers who said "I'm going to refactor data warehouse on AWS". That is a developer-driven refactorization and a business model. So I think that's the pattern I'm seeing is that this concept refactoring, patterns and the developer trajectory is critical. >> I thought there was another great comment. Maribel Lopez, her Lord of the Rings comment: "there will be no one ring to rule them all". Now at the same time, Kit Colbert, you know what we asked him straight out, "are you the- do you want to be the, the Supercloud OS?" and he basically said, "yeah, we do". Now, of course they're confined to their world, which is a pretty substantial world. I think, John, the reason why Maribel is so correct is security. I think security's a really hard problem to solve. You've got cloud as the first layer of defense and now you've got multiple clouds, multiple layers of defense, multiple shared responsibility models. You've got different tools for XDR, for identity, for governance, for privacy all within those different clouds. I mean, that really is a confusing picture. And I think the hardest- one of the hardest parts of Supercloud to solve. >> Yeah, and I thought the security founder Gee Rittenhouse, Piyush Sharrma from Accurics, which sold to Tenable, and Tony Kueh, former head of product at VMware. >> Right. >> Who's now an investor kind of looking for his next gig or what he is going to do next. He's obviously been extremely successful. They brought up the, the OS factor. Another point that they made I thought was interesting is that a lot of the things to do to solve the complexity is not doable. >> Yeah. >> It's too much work. So managed services might field the bit. So, and Chris Hoff mentioned on the Clouderati segment that the higher level services being a managed service and differentiating around the service could be the key competitive advantage for whoever does it. >> I think the other thing is Chris Hoff said "yeah, well, Web 3, metaverse, you know, DAO, Superclouds" you know, "Stupercloud" he called it and this bring up- It resonates because one of the criticisms that Charles Fitzgerald laid on us was, well, it doesn't help to throw out another term. I actually think it does help. And I think the reason it does help is because it's getting people to think. When you ask people about Supercloud, they automatically- it resonates with them. They play back what they think is the future of cloud. So Supercloud really talks to the future of cloud. There's a lot of aspects to it that need to be further defined, further thought out and we're getting to the point now where we- we can start- begin to say, okay that is Supercloud or that isn't Supercloud. >> I think that's really right on. I think Supercloud at the end of the day, for me from the simplest way to describe it is making sure that the developer experience is so good that the operations just happen. And Marianna Tessel said, she's investing in making their developer experience high velocity, very easy. So if you do that, you have to run on premise and on the cloud. So hybrid really is where Supercloud is going right now. It's not multi-cloud. Multi-cloud was- that was debunked on this session today. I thought that was clear. >> Yeah. Yeah, I mean I think- >> It's not about multi-cloud. It's about operationally seamless operations across environments, public cloud to on-premise, basically. >> I think we got consensus across the board that multi-cloud, you know, is a symptom Chuck Whitten's thing of multi-cloud by default versus multi- multi-cloud has not been a strategy, Kit Colbert said, up until the last couple of years. Yeah, because people said, "oh we got all these multiple clouds, what do we do with it?" and we got this mess that we have to solve. Whereas, I think Supercloud is something that is a strategy and then the other nuance that I keep bringing up is it's industries that are- as part of their digital transformation, are building clouds. Now, whether or not they become superclouds, I'm not convinced. I mean, what Goldman Sachs is doing, you know, with AWS, what Walmart's doing with Azure connecting their on-prem tools to those public clouds, you know, is that a supercloud? I mean, we're going to have to go back and really look at that definition. Or is it just kind of a SAS that spans on-prem and cloud. So, as I said, the further you go up the stack, the business case seems to wane a little bit but there's no question in my mind that from an infrastructure standpoint, to your point about operations, there's a real requirement for super- what we call Supercloud. >> Well, we're going to keep the conversation going, Dave. I want to put a shout out to our founding supporters of this initiative. Again, we put this together really fast kind of like a pilot series, an inaugural event. We want to have a face-to-face event as an industry event. Want to thank the founding supporters. These are the people who donated their time, their resource to contribute content, ideas and some cash, not everyone has committed some financial contribution but we want to recognize the names here. VMware, Intuit, Red Hat, Snowflake, Aisera, Alteryx, Confluent, Couchbase, Nutanix, Rafay Systems, Skyhigh Security, Aviatrix, Zscaler, Platform9, HashiCorp, F5 and all the media partners. Without their support, this wouldn't have happened. And there are more people that wanted to weigh in. There was more demand than we could pull off. We'll certainly continue the Supercloud conversation series here on "theCUBE" and we'll add more people in. And now, after this session, the Ecosystem Speaks session, we're going to run all the videos of the big name companies. We have the Nutanix CEOs weighing in, Aviatrix to name a few. >> Yeah. Let me, let me chime in, I mean you got Couchbase talking about Edge, Platform 9's going to be on, you know, everybody, you know Insig was poopoo-ing Oracle, but you know, Oracle and Azure, what they did, two technical guys, developers are coming on, we dig into what they did. Howie Xu from Zscaler, Paula Hansen is going to talk about going to market in the multi-cloud world. You mentioned Rajiv, the CEO of Nutanix, Ramesh is going to talk about multi-cloud infrastructure. So that's going to run now for, you know, quite some time here and some of the pre-record so super excited about that and I just want to thank the crew. I hope guys, I hope you have a list of credits there's too many of you to mention, but you know, awesome jobs really appreciate the work that you did in a very short amount of time. >> Well, I'm excited. I learned a lot and my takeaway was that Supercloud's a thing, there's a kind of sense that people want to talk about it and have real conversations, not BS or FUD. They want to have real substantive conversations and we're going to enable that on "theCUBE". Dave, final thoughts for you. >> Well, I mean, as I say, we put this together very quickly. It was really a phenomenal, you know, enlightening experience. I think it confirmed a lot of the concepts and the premises that we've put forth, that David Floyer helped evolve, that a lot of these analysts have helped evolve, that even Charles Fitzgerald with his antagonism helped to really sharpen our knives. So, you know, thank you Charles. And- >> I like his blog, by the I'm a reader- >> Yeah, absolutely. And it was great to be back in Palo Alto. It was my first time back since pre-COVID, so, you know, great job. >> All right. I want to thank all the crew and everyone. Thanks for watching this first, inaugural Supercloud event. We are definitely going to be doing more of these. So stay tuned, maybe face-to-face in person. I'm John Furrier with Dave Vellante now for the Ecosystem chiming in, and they're going to speak and share their thoughts here with "theCUBE" our first live stage performance event in our studio. Thanks for watching. (gentle upbeat music)

>> From theCUBE studios in Palo Alto in Boston bringing you data driven insights from theCUBE and ETR. This is breaking analysis with Dave Vellante. >> The term Supercloud is somewhat new, but the concepts behind it have been bubbling for years, early last decade when NIST put forth a definition of cloud computing it said services had to be accessible over a public network essentially cutting the on-prem crowd out of the cloud conversation. Now a guy named Chuck Hollis, who was a field CTO at EMC at the time and a prolific blogger objected to that criterion and laid out his vision for what he termed a private cloud. Now, in that post, he showed a workload running both on premises and in a public cloud sharing the underlying resources in an automated and seamless manner. What later became known more broadly as hybrid cloud that vision as we now know, really never materialized, and we were left with multi-cloud sets of largely incompatible and disconnected cloud services running in separate silos. The point is what Hollis laid out, IE the ability to abstract underlying infrastructure complexity and run workloads across multiple heterogeneous estates with an identical experience is what super cloud is all about. Hello and welcome to this week's Wikibon cube insights powered by ETR and this breaking analysis. We share what we hope to learn from super cloud 22 next week, next Tuesday at 9:00 AM Pacific. The community is gathering for Supercloud 22 an inclusive pilot symposium hosted by theCUBE and made possible by VMware and other founding partners. It's a one day single track event with more than 25 speakers digging into the architectural, the technical, structural and business aspects of Supercloud. This is a hybrid event with a live program in the morning running out of our Palo Alto studio and pre-recorded content in the afternoon featuring industry leaders, technologists, analysts and investors up and down the technology stack. Now, as I said up front the seeds of super cloud were sewn early last decade. After the very first reinvent we published our Amazon gorilla post, that scene in the upper right corner here. And we talked about how to differentiate from Amazon and form ecosystems around industries and data and how the cloud would change IT permanently. And then up in the upper left we put up a post on the old Wikibon Wiki. Yeah, it used to be a Wiki. Check out my hair by the way way no gray, that's how long ago this was. And we talked about in that post how to compete in the Amazon economy. And we showed a graph of how IT economics were changing. And cloud services had marginal economics that looked more like software than hardware at scale. And this would reset, we said opportunities for both technology sellers and buyers for the next 20 years. And this came into sharper focus in the ensuing years culminating in a milestone post by Greylock's Jerry Chen called Castles in the Cloud. It was an inspiration and catalyst for us using the term Supercloud in John Furrier's post prior to reinvent 2021. So we started to flesh out this idea of Supercloud where companies of all types build services on top of hyperscale infrastructure and across multiple clouds, going beyond multicloud 1.0, if you will, which was really a symptom, as we said, many times of multi-vendor at least that's what we argued. And despite its fuzzy definition, it resonated with people because they knew something was brewing, Keith Townsend the CTO advisor, even though he frankly, wasn't a big fan of the buzzy nature of the term Supercloud posted this awesome Blackboard on Twitter take a listen to how he framed it. Please play the clip. >> Is VMware the right company to make the super cloud work, term that Wikibon came up with to describe the taking of discreet services. So it says RDS from AWS, cloud compute engines from GCP and authentication from Azure to build SaaS applications or enterprise applications that connect back to your data center, is VMware's cross cloud vision 'cause it is just a vision today, the right approach. Or should you be looking towards companies like HashiCorp to provide this overall capability that we all agree, or maybe you don't that we need in an enterprise comment below your thoughts. >> So I really like that Keith has deep practitioner knowledge and lays out a couple of options. I especially like the examples he uses of cloud services. He recognizes the need for cross cloud services and he notes this capability is aspirational today. Remember this was eight or nine months ago and he brings HashiCorp into the conversation as they're one of the speakers at Supercloud 22 and he asks the community, what they think, the thing is we're trying to really test out this concept and people like Keith are instrumental as collaborators. Now I'm sure you're not surprised to hear that mot everyone is on board with the Supercloud meme, in particular Charles Fitzgerald has been a wonderful collaborator just by his hilarious criticisms of the concept. After a couple of super cloud posts, Charles put up his second rendition of "Supercloudifragilisticexpialidoucious". I mean, it's just beautiful, but to boot, he put up this picture of Baghdad Bob asking us to just stop, Bob's real name is Mohamed Said al-Sahaf. He was the minister of propaganda for Sadam Husein during the 2003 invasion of Iraq. And he made these outrageous claims of, you know US troops running in fear and putting down their arms and so forth. So anyway, Charles laid out several frankly very helpful critiques of Supercloud which has led us to really advance the definition and catalyze the community's thinking on the topic. Now, one of his issues and there are many is we said a prerequisite of super cloud was a super PaaS layer. Gartner's Lydia Leong chimed in saying there were many examples of successful PaaS vendors built on top of a hyperscaler some having the option to run in more than one cloud provider. But the key point we're trying to explore is the degree to which that PaaS layer is purpose built for a specific super cloud function. And not only runs in more than one cloud provider, Lydia but runs across multiple clouds simultaneously creating an identical developer experience irrespective of a state. Now, maybe that's what Lydia meant. It's hard to say from just a tweet and she's a sharp lady, so, and knows more about that market, that PaaS market, than I do. But to the former point at Supercloud 22, we have several examples. We're going to test. One is Oracle and Microsoft's recent announcement to run database services on OCI and Azure, making them appear as one rather than use an off the shelf platform. Oracle claims to have developed a capability for developers specifically built to ensure high performance low latency, and a common experience for developers across clouds. Another example we're going to test is Snowflake. I'll be interviewing Benoit Dageville co-founder of Snowflake to understand the degree to which Snowflake's recent announcement of an application development platform is perfect built, purpose built for the Snowflake data cloud. Is it just a plain old pass, big whoop as Lydia claims or is it something new and innovative, by the way we invited Charles Fitz to participate in Supercloud 22 and he decline saying in addition to a few other somewhat insulting things there's definitely interesting new stuff brewing that isn't traditional cloud or SaaS but branding at all super cloud doesn't help either. Well, indeed, we agree with part of that and we'll see if it helps advanced thinking and helps customers really plan for the future. And that's why Supercloud 22 has going to feature some of the best analysts in the business in The Great Supercloud Debate. In addition to Keith Townsend and Maribel Lopez of Lopez research and Sanjeev Mohan from former Gartner analyst and principal at SanjMo participated in this session. Now we don't want to mislead you. We don't want to imply that these analysts are hopping on the super cloud bandwagon but they're more than willing to go through the thought experiment and mental exercise. And, we had a great conversation that you don't want to miss. Maribel Lopez had what I thought was a really excellent way to think about this. She used TCP/IP as an historical example, listen to what she said. >> And Sanjeev Mohan has some excellent thoughts on the feasibility of an open versus de facto standard getting us to the vision of Supercloud, what's possible and what's likely now, again, I don't want to imply that these analysts are out banging the Supercloud drum. They're not necessarily doing that, but they do I think it's fair to say believe that something new is bubbling and whether it's called Supercloud or multicloud 2.0 or cross cloud services or whatever name you choose it's not multicloud of the 2010s and we chose Supercloud. So our goal here is to advance the discussion on what's next in cloud and Supercloud is meant to be a term to describe that future of cloud and specifically the cloud opportunities that can be built on top of hyperscale, compute, storage, networking machine learning, and other services at scale. And that is why we posted this piece on Answering the top 10 questions about Supercloud. Many of which were floated by Charles Fitzgerald and others in the community. Why does the industry need another term what's really new and different? And what is hype? What specific problems does Supercloud solve? What are the salient characteristics of Supercloud? What's different beyond multicloud? What is a super pass? Is it necessary to have a Supercloud? How will applications evolve on superclouds? What workloads will run? All these questions will be addressed in detail as a way to advance the discussion and help practitioners and business people understand what's real today. And what's possible with cloud in the near future. And one other question we'll address is who will build super clouds? And what new entrance we can expect. This is an ETR graphic that we showed in a previous episode of breaking analysis, and it lays out some of the companies we think are building super clouds or in a position to do so, by the way the Y axis shows net score or spending velocity and the X axis depicts presence in the ETR survey of more than 1200 respondents. But the key callouts to this slide in addition to some of the smaller firms that aren't yet showing up in the ETR data like Chaossearch and Starburst and Aviatrix and Clumio but the really interesting additions are industry players Walmart with Azure, Capital one and Goldman Sachs with AWS, Oracle, with Cerner. These we think are early examples, bubbling up of industry clouds that will eventually become super clouds. So we'll explore these and other trends to get the community's input on how this will all play out. These are the things we hope you'll take away from Supercloud 22. And we have an amazing lineup of experts to answer your question. Technologists like Kit Colbert, Adrian Cockcroft, Mariana Tessel, Chris Hoff, Will DeForest, Ali Ghodsi, Benoit Dageville, Muddu Sudhakar and many other tech athletes, investors like Jerry Chen and In Sik Rhee the analyst we featured earlier, Paula Hansen talking about go to market in a multi-cloud world Gee Rittenhouse talking about cloud security, David McJannet, Bhaskar Gorti of Platform9 and many, many more. And of course you, so please go to theCUBE.net and register for Supercloud 22, really lightweight reg. We're not doing this for lead gen. We're doing it for collaboration. If you sign in you can get the chat and ask questions in real time. So don't miss this inaugural event Supercloud 22 on August 9th at 9:00 AM Pacific. We'll see you there. Okay. That's it for today. Thanks for watching. Thank you to Alex Myerson who's on production and manages the podcast. Kristen Martin and Cheryl Knight. They help get the word out on social media and in our newsletters. And Rob Hof is our editor in chief over at SiliconANGLE. Does some really wonderful editing. Thank you to all. Remember these episodes are all available as podcasts wherever you listen, just search breaking analysis podcast. I publish each week on wikibon.com and Siliconangle.com. And you can email me at David.Vellantesiliconangle.com or DM me at Dvellante, comment on my LinkedIn post. Please do check out ETR.AI for the best survey data in the enterprise tech business. This is Dave Vellante for theCUBE insights powered by ETR. Thanks for watching. And we'll see you next week in Palo Alto at Supercloud 22 or next time on breaking analysis. (calm music)

>> Announcer: From theCUBE Studios in Palo Alto and Boston, connecting with thought leaders all around the world, this is the CUBE Conversation. >> Hello everybody, welcome to this special CXO Series that I've been running over the past couple weeks, my name is Dave Vellante and what I've been doing is bringing in executives from around the industry to try to better understand how they're dealing with this COVID crisis, what some of their fundamental communications principles are, and I'm really pleased to invite in Sri Srinivasan, who's the Senior Vice President and GM of Cisco Collaborations. Sri, great to see you again. It seems like just a long time ago actually, but it was just January that we were in Barcelona together, wow, a lot has changed. >> A lot has changed, Dave. Dave, thanks for having me on the show, it's always a pleasure to see you and I'm so happy to see you safe and sound today. >> Yeah, ditto, we're all in this together, as they say so I want to go back to, I mean we were in January we were getting clenches of this thing. We were definitely a little bit worried but not really fully grasping the impact. At what point did you kind of realize that you were going to have to adjust, and how did you shift your priorities as a leader? >> Yeah, so, Dave we started seeing this right out of the Chinese New Year, coming out of the Chinese New Year, on February 11th, if my memory serves me right. Users out of China started increasing, connecting to their global sites by multiples. Like, they went up as much as 22 times, on the night of February 11th and right off the bat we started seeing it expanding to South Korea, Japan, Singapore, Australia, Malaysia, Vietnam, Thailand, and towards the end of February, we started seeing it going to Europe in terms of expanded volumes where people working from home. Europe has expanded nearly four times for us, Asia pack has expanded nearly three to four times in terms of total usage and from the second week of March, it's US, our biggest market, which has more than doubled and as you may have heard, this past month in March, we served 324 million attendees on our meeting platform. We provide a whole slew of collaboration capability set. The fundamental principle for us that we apply is, provide customers with business continuity, while keeping their employees and their families safe. That is the fundamental principle we apply and one of my engineers said it really well. He said, "for every WebEx engineer-hour spent, "we now keep people safe for 14 thousand hours, "or 583 days". That is the amount of time through virtual capability set we're able to bring people together safely and continue their businesses forward as is nearly normal. >> I mean, the numbers are unbelievable. Chuck Robbins, over a month ago, said you guys held, and this is early March, 3.2 million meetings and 5.5 billion minutes, and the numbers have just gone up from then. Guys, I wonder if you could bring up the chart, I want to set up this conversation and so, we along with our partner ETR, we're one of the first to report sort of the impact of COVID on IT Budgets and what this chart is showing is that, that gray bar says 35% of those CIO's that we talked to said they don't expect any change in spending for 2020. >> Sri: Mhm. >> Dave: The green side over 20% said they expect to spend more and then you can see the big red. So overall, we've taken the overall forecast at the beginning of the year was plus 4% was kind of the consensus for IT spend. We're now down to minus 4%. The point though is that it would be a lot worse Sri, were it not for that green, which is being driven by the work from home offset, and it's not just collaborations tools, its networking, its security, its VPN, it's all the infrastructure around that so I wonder if you could comment and add a little bit of color to what you're seeing in the space. >> I think we're seeing immense expansion of work from home capabilities. Work from home is new for so many people, like for people like me it's the norm but there's so many people who are coming into it cold for the very first time, it can be daunting and that requires investments from organizations, I think CIOs IT infrastructure heads are working to make sure they provide the best secure collaboration canvas for people to work in from home, understanding the challenges of last mile excellence, security challenges and things of that sort so there is a ton of investment going on, in speeding up that investment and I see something coming out of this, which is recognition that organizations are going to have to fix and modernize their digital infrastructure. Why is that important? I think environmental sustainability has something called LEED Certification. Very similar to that work from home is going to have some type of certification that says, an organization is ready for this type of a mass upheaval moment where their infrastructures keep their businesses alive, kicking and thriving through any situation and I think what we have seen is many organizations struggle getting to that first step. Now, technology allows them to move very fast these days but no organization wants to struggle through it in the future, whether it's public sector or commercial enterprise, it's one and the same. >> I think that's a great point, one of the things I wanted to ask you was about some of the things that you've learned and maybe some of the things that are going to be permanent and I think that, people didn't expect this obviously and so do you feel as though that organizations will kind of rethink and that portions of this will become permanent, maybe they'll sub-optimize, in the near-term profitability and try to optimize for business resilience and the flexibility to do things like work from home, your thoughts. >> So Dave, I do see some things becoming permanent, right? Do I expect the volumes of collaboration to go down? No, it's never going to go back to the same level. The world as we know it is going to change forever. We are going to have a Post-COVID era and that's going to be changed for the better. There's a number of employees who are being skeptical, reticent to working from home, who are suddenly going to say, work from home thing is not so bad after all so you're going to have that moment for sure and then you're going to also have a set of employers who are going to look at a much wider pool of applicants that are cross timezone, geography, language barriers, it's going to help an organization increase their diversity and inclusiveness ocean, making their products and services much better so I think we are opening up the surface area for innovation as a result and you will see a lot of the work from home technologies get better and better, we're being forced to be better because we now have to be relatable, discernible easy to a new class of worker that has never seen these technologies and it is across all kinds of barriers that technology has to adhere itself to so I do see a lot of goodness coming in and you know what, at the end of the day, it's really good for the environment too >> I want to ask you how you're supporting customers. The data partner that I mentioned ETR, the other day I sat in one of their CIO Roundtables and it's a private conversation with (mumbles) and CIOs and they were asking them like, who's helping you through this and who's not and they mentioned, for instance, back in the 2009 timeframe, there was one company they won't mention. It was doing audits right after the crisis. That was not a cool thing but I got to give Cisco some props it came up that they really were helping in three areas and one of the CIOs just really mentioned this and called it out. He said, collaboration tools, network, we're a Cisco customer so we're relying more on the network and then the security piece so specifically how are you supporting your customers in this crisis? >> So, towards the end of February, what we did is we opened up our collaboration technology and Chuck said something very profound to me. He basically said, "let's make sure we do right by our customers "and keep them safe through this exercise." What we came out with was a set of free offers. We expanded (mumbles) free offer by providing unlimited meeting time, up to a hundred participants toll dial-in into our meetings infrastructure in 52 countries. We didn't basically just say, hey, only in countries afflicted by the virus, we basically made it as global as we could make it possible and then we provided enterprise trials through our partner routes to market that is an enterprise could sign up for a 90-day thing, no strings attached. Just take on the collaboration platform and whether it's calling, meetings, our device infrastructure and just take advantage of it and in a secure fashion using our security portfolio using extensions of our network portfolio and just continue to operate so we've added close to north of 15 million users through our free offers to date that (mumbles) >> Wow. >> and no strings attached. We're not asking for a credit card or a contract at the end of it, if you like it, and we come out at the other end of it, we are happy that they're safe and if they stay a long-term customer of ours, we are happy about that too. >> I mean, that's awesome. We saw recently a lot of talk about big tech and a lot of attacks on big tech and you're seeing big tech really step up, so thank you for that. You know us. We're not gotcha media, but it's I feel it's really important to ask you this. Zoom has had some clear issues with security. Eric Yuan, was instrumental in developing WebEx so what assurances can you give (Sri coughs) your customers and our audience that you're not subjected to similar security gaps and flaws? >> So let's talk about our security principles, right? Our security principles are very clear, we are open and transparent about the issues we face, the investments we make and we will be very open in terms of our posture. Secondly, we will never rent or sell customers data. Thirdly, we have a growth mindset around security. It's a differentiator. You never get complacent about security, you keep on investing in it and to be honest with you, WebEx has come a very long way since some of the comments that were made in the press by some of our competitors. circa 2012 WebEx versus now there's so much innovation that has happened Dave. We've had over 100 major software updates so I would rather have our competitors focus on their issues rather than, give us kudos in public. Our promise to our customers is to be open, transparent and continuously invest in the space because the moment you take your eyes off it, you've opened yourself up for a set of attacks so we're not going to ever say we are fully secure. You just have to continually invest in the growing threat posture world we live in today. >> So I want to follow up on that because I mean, I'm not a security expert, but I've interviewed enough people to know that they will tell you, you can't just bolt on security, you got to build it in and it's a hard thing to do. Some of your security pros Gee Rittenhouse, TK Keanini would definitely second this so, >> Yeah. >> How, you're saying you've spent a lot of time obviously designing in and I'm inferring not bolting on so I wonder if you could add some color to the sort of types of things that you've done to really, assure your customers that you're secure. >> Yeah, so I think security is in the DNA of Cisco, pun intended in many ways. We pride ourselves in our craft and to be honest with you, security starts at the time of design for us and it's not a checkbox exercise at the end of the ship cycle. You build for security. You build for privacy and compliance and you build with one simple rule. It's your customers data, we are custodians and we need to be protectors of it all the way through. We do not sacrifice experience for security. We never will. We build high-grade experiences but we never give up on security capability set and whether it's free, whether it's premium, whether it's paid. We have the same levels of security, yes, we do have additional security add ons and finally, we have a culture where there are groups within Cisco that continually test us. They don't report to me, they report to chuck and the board and they pretty much are continuously measuring our threat posture. These are world class organizations that keep you on your toes and I'm so thankful for that. It helps our customers safe, it helps us be better. It helps us stay current with the threat postures and this is years of investment. This is not something you can do in 90 days or 30 days. You'd be doing lip service to it. This is something you've got to do, critical, intentional, deliberate investments that pay off in the long-term. >> Yeah, and things like penetration testing, it's not a one shot deal, you got to do it on an ongoing basis. I want to come back to productivity. There are some organizations that are concerned they're struggling a little bit with productivity, particularly with the work from home. What advice would you give to organizations in terms of being able to maintain that productivity? They might take a little bit of hit but what would you tell them? >> I think change is difficult. Change is not easy. I'll take my own story here. Dave, two years back when I joined Cisco work from home was a alien culture to me based on where I came from, for the first month I did struggle. I had my questions, I had my trepidations of is this really going to work? Am I going to be able to run thousands of engineers, multibillion dollar business from home or while traveling on a plane because we have so many development centers across the globe and I'm a remote worker. I really saw this as opening up new horizons for me starting the first month. I took it on with gusto so I think my guidance to organizations is help end users deal with that change. If you force it down their throats, it's not going to work. You've got to understand their pains, you've going to make it more pleasing. You've got to introduce things like a digital water cooler talk, you've got to make it easy on them, you've got to talk about improvements in a remote-work setting like providing them with a set of accessories that make it easier for you to work from home. One of the core principles we have and i espouse within my organization is by working from home, you're intruding into your family's space. I think it's so important to make sure you let your family in on your work and when kids walk into the door, today, when we work at Cisco, we actually share our family and we share our joy with the wider teams and we are so proud of such culture so be very open and make sure that you understand that you're intruding into somebody else's house when you're working from home. >> Yeah, we have dogs barking, we have kids playing games and crawling all over us, that's great. one of the... >> The dogs barking we have solved we have an AI technology that brings it down. >> Mutes the barking. That's good, I need one. >> Absolutely. >> So one of my big takeaways and you really underscored it here is we're not going back to 2019. The digital transformation that we talk about and that frankly many give lip service (mumbles) but it is now going to be accelerated and it's ironic, we're starting a new decade but this digital transformation is going to be accelerated and collaboration is going to be a key underpinning so I'll ask you to give us some final thoughts, will you please? >> Yeah, I think, people to people collaboration is so important in this day and age. As such, industry has been changing from a task-based hierarchy driven world to a group-outcome based synergistic, a bring people along type culture and that brings people along type cultures now, thanks to collaboration technology, becoming independent of timezone, you don't have to worry about language barriers anymore or cultural boundaries. Think of the type of ideation you can do by bringing people across the world together with a low carbon footprint and what this time has shown us is that businesses can still continue to operate and operate really well when you bring people together using these virtual technologies and capability sets. You're saving people some time by having them work from home like you don't have to travel 30 and 40 minutes to get to work. You're just doing doing your thing from wherever you are and that saves so much in cost, in capability sets and the concept of hoteliering and open spaces in different organizations is only going to sprout even further because not everybody is going to have a home office, have an office, a set office, in within the enterprise CEOs are going to see that as a cost saving opportunity that they can funnel back into the growth of the organization. Right? So I think it's a plethora of opportunity in front of us and that these technologies are going to get monumentally better in the months to come. >> We're definitely entering a new chapter. Sri, thanks so much for sharing your insights and some of your leadership principles and thanks to Cisco, for all that you guys are doing some of the pro bono work. I know some of the volunteerism that Chuck has talked about. Really appreciate your time. >> Thanks Dave. Always a pleasure, stay safe. >> And thank you for watching everybody. This is Dave Vellante for theCUBE, we'll see you next time. (upbeat music)