(bright upbeat music) >> Welcome back to theCube's coverage of HPE's Green Lake announcement. We've been following the caves of Green Lake's announcement for several quarters now, and even years. And we're going to look at cloud adoption and frameworks to help facilitate cloud adoptions. You know, in 2020, the world was on a forced march to digital and there was a lot that they didn't know. Big part of that was how to automate, how to reduce your reliance on physically, manually and plugging things in. And so, customers need an adoption framework to better understand and how to de-risk that journey to the cloud. And with me to talk about that are Alexia Clements, who's the Vice President at Worldwide go to market for GreenLake cloud services at HPE and Alexei Gerasimov who's the vice president of Hybrid Cloud Delivery advisory and professional services at Hewlett Packard Enterprise. Folks, welcome to theCube. >> Alexia: Thanks so much for having us. >> You're very welcome. So, Alexei, what is a cloud adoption framework? How does that all work? >> Gerasimov: Yeah, thanks Dave. So the framework is a structured approach to elevate the conversation, to help our customers get outcomes. So we've been helping customers adopt the benefits in the most of IT for a decade. And we've noticed that they basically focus on eight key areas as they transform to cloud-like capabilities. It's a strategy and governance, it's innovation, people, a dev ops applications, operations security, and data. So we've structured our framework around those core components to help our customers get value. Because end of the day, it's all about changing the way they operate. To get the advantage of all of it. >> Yes. So you can't just pave the cow path and kind of plug your existing process. There's a lot that's unknown, as I said up front. So, so Alexia, maybe you could talk a little bit more about some of the real problems that you're solving with customers that you see in the field. >> Alexey: Yeah, absolutely. So most customers are going through some form of digital transformation and these transformations are difficult and they need a structured approach to help them through that journey. I kind of like to think of it as a recipe to make a meal. So you need to know what ingredients to buy and what are the steps to perform to make that meal. >> Okay. So when you talk to customers, what do you, what do you tell them? That's in it for them after the, after you've actually successfully helped them deploy? What are they telling you? >> Yeah, well, they're telling they now have reached their business outcomes and they're, you know, they're a more agile organization. >> What's the experience look like when you, when you go through one of these journeys and you, you apply the adoption framework, can you sort of paint a picture for us? >> Yeah, absolutely. So every customer is in some sort of transformation, like Alexia said, that transformation implies you've got to know where you start and again, know where you're going. So the experience traditionally is customers need to understand what are my current hybrid cloud capabilities? What do I have, what am I missing? What's lacking and then determine where do you want to go? And in order to get from point A to point B, they have to get a prescriptive approach. So the framework sort of breaks down their path from where they are to their desired maturity. And it takes them in the very prescriptive path to get there. >> So you start with an assessment, you do a gap analysis based on their skill sets. I presume you identify what's possible, help them understand, you know, best practice, which they may not achieve, but this is kind of their north star. Right? And then do you help? How do you help them fill those gaps? Because are skills gaps. Everybody talks about that today. You guys presumably can provide additional services to do that, but so can you add a little bit color to that scope? >> Yeah, yeah, absolutely. And so to your point, the first is a maturity level. So once you figure out the maturity level, you understand what needs to be done. So if you look at our domain, the eight domains that I mentioned and the framework, people is a big one, right? Most of the folks are struggling with people's skills and organizational capabilities. And it's so because it's an operating model change, right? And people are the key component to this operating model change. So we help our customers figure out how do we achieve that optimal operating level and operating a model maturity. And that could be on-prem that could be on public cloud. That could be hybrid. That could be at the edge. And yeah, we, if we can HP, the framework, by the way is pretty, pretty open and pretty objective. If we can help our customers address and achieve their sales gaps great. If we can not directly, then we can have a partner that can help them, you know, plug in something that we don't have. >> Are you finding that, that in terms of the maturity that most people have some kind of experience with, with cloud, but they're struggling to bring that cloud experience to their on-premise state. They don't want to just shove everything into the cloud. Right. So, what does that kind of typical journey look like for folks? I know there's--it's a wide spectrum, or you've got people that are maybe more mature. Maybe some of the folks in financial services got more resources, but can you sort of give us a sense as to what the typical, the average. >> Oh yeah yeah yeah, absolutely. By the way. So that give you a customer example, perfect example of a large North American integrated energy company. They decided to go cloud fresh, like a lot of companies. that wants to do cloud first. And why? The reason was agility. So they started going to the cloud and they realized in order to get agility, you can't just go to you, pick your public CSP, you got to change the way to operate. So they brought us in and they asked, could you help me figure out how we can change the organization? So we actually operate on the proper level of maturity. So we brought our team in. We help them figure out what do we need to look at? We need to look at operations. We need to look at people. We need to look at applications, and we need to figure out what gives you the best value. So when all said and done, they realized that their initial desire of, you know, public first or cloud first, wasn't really public cloud first. It's a way to operate. So now the customer is in three different public CSPs. They're on-prem, there are at edge and everywhere. So that's the focus. Yeah. >> Is the scope predominantly the technical organization. How deep does it go into the, to the business? Is it obviously the application development team is involved, but how deep into the business does this go? The framework. >> Right, and it's absolutely not a technology focused, the whole concept areas, it's outcomes based, and it's a results based. So if you look at the framework, there's really not a single element of the framework that says tech, like storage or compute. No, it's its people, its data, it's business value, strategy and governance, because the goal for us is being objective is we're just trying to help them address the outcomes. Not necessarily to give them more tech. >> So Alexia, I like that answer because it's a wider scope as, I mean, if we just focused on the tech and that's the swim lane, it'd be a lot easier. But as we all know, it's the people in the process that are really the hard part. So that, that makes the challenge for customers greater. You're hurting more cats. So what are the, some of the obstacles that potentially you help customers before they dive in understand. >> Yeah. So we're giving them a roadmap on where they need to go. So we're like I mentioned that recipe, so we're really trying to identify what is their strategy and where do they, what are the outcomes that they're trying to drive and help them on a street, you know, with that path to meet those outcomes. So some of those, I mean, every customer's a little bit different. I mean, we had one customer, which was a, one of the largest hospitals in north America and they, they would needed to, they wanted to go to the cloud, but they realized they couldn't put all of their patient data on the cloud. So what we did was we helped them in changing their operating model and really look to see how does that, how do they need to what's that end game for them, and actually help redo their operating model to have some in the cloud and some on-prem and, and really identify, you know, where they needed to go for their roadmap. So that was an obstacle that they had, hey, we can't put all this stuff out there. How does that now need to work in this new world? >> I would think the data model is a big deal here. I mean, you just gave an example where there's a, there's a, there's a governance and compliance aspect to it. So thinking about that example, did they have to change the way in which they provided federated governance was that presumably identify whose whose responsibility that was to adjudicate, but also had to get the, the implementers to follow that's the, how does that all work? Is it just the deep conversations? And then you figure out how to codify it or. >> No. So what so we have, so through those eight domains that Alexia mentioned, we go through, step-by-step how they need to think about it. And within mind, what are their business outcomes and goals that they're trying to achieve? So really identifying how they need to change that operating model to meet those business outcomes. >> So what's the output, it's a plan, right. That's tailored to the customer. Is that, is that correct? And, and then sort of assistance in implementing downstream or what do they get? >> Yeah, yeah, absolutely. Just to piggyback to what Alexia said, the alignment, the early alignment, the strategy and governance, as you mentioned, this is probably the most important thing, because everybody says we want to be cloud first, but what does that mean? Cloud first means different things to everyone. So we said, give him a plan. The first we'll help with figure out is what does that mean for you? Because at the end of the day, you're not going to the cloud for the sake of cloud, or anywhere you go into the cloud to get some sort of value. So what's that alignment. So the plan is supposed to help you on your road to that value, right? So we'll help them figure out what I want to do, why, for what purpose, what's going to actually address my business value. So yes, they will get a plan as part of it. But more importantly, they get, they get a set of activities, communication plans, which by the way, another block that you got to address. >> Dave: Huge. >> Yeah. >> Yeah. I mean, a lot of executives tell me, look, if you don't change your operating model and go to the cloud, yeah. You're talking, you know, nickels and dimes. If you want to get telephone numbers, you know, big companies, you want to get into bees with billions, you have to change the operating model. And the problem that they tell me is a lot of times the corner offices, okay, we're doing this, but everybody in the fat middle says, what are we doing? >> Right. And now more than ever, I mean, customers need to look at that model like a more modern operating model to realize the benefits of cloud capabilities, whether that be at the edge, their data centers, their colos cloud. So they really need to look at that. And what we've seen is with our framework, we're really helping customers accelerate their business outcomes. De-risk their transformation, and really optimize that cloud operating model. >> It's that alignment you reducing friction within the organization, confusing confusion. When people don't know which direction they're going, they'll just going to go wherever they're pointed. Right. Right. >> And you back to the alignment. So you've got alignment and you mentioned communication. You have to communicate up and down and left and right across the organization because that's one of the most probably ignored elements of any transformation lots of people don't know. So you got to communicate. And then you have to actually measure and report on how they, you know, how the transformation is happening. So we can help in all three of those. >> Especially when everybody's remote. Yeah. Right. And then I said, hey, these digital transformations, there's so much, that's unknown. >> Alexia: Right. It's difficult. >> It's a lot of new. And so you also have to, I presume part of the plan is, Hey, you're not, it's not going to be a hundred percent perfect. So you have to have. >> Alexia: Right. And you're constantly iterating on that plan. >> What does this have to do with GreenLake? >> Alexia: Yeah. So, I mean, GreenLake is HPE's you know, cloud everywhere. And what we're really doing is this framework is helping customers with that path to get that cloud-like experience and as a service model. And so the framework is really helping clients understand where do they need to go and what GreenLake solutions can help them get there. >> So the fundamental assumption of not every cloud player necessarily bad, I would say most hyperscalers is, hey, ultimately, all the data and the workloads are going to go to the cloud, that's their operating premise. So they all have an operating framework to facilitate that. >> Alexia: Right. >> It's, it's tongue in cheek, but it's true. So, but everybody has one of these. How was yours different? >> Yeah. So like, like you said, there's lots of different, you know, frameworks out there, but what we're really focused on is meeting those business goals and outcomes for clients. So we didn't focus on the technology. Like we mentioned what we were really focusing around. I mean, we kind of learned early on that every customer has technical capabilities, applications, data in multiple clouds, on-prem in colos and at the edge. So we didn't focus on like just the technology. So it's really driving business outcomes and their goals and, and the tech, all those frameworks that we just mentioned, they're really specifically driving a particular technology tool or vendor implementing a particular technology or vendor. >> So we've talked about outcomes a lot, but I wonder if we could peel the onion on that. So, you know, the highest level outcome is I want to increase revenue, cut costs, drop to the bottom line, increase shareholder value, improve employee experiences and retention, make customers happier, grow my business. I mean, those are, I mean, I, I don't know a lot of businesses that don't... >> Alexia: Right. >> want to do that, So. Okay. That's cool. But then I'm imagining you really start to peel the layers and say, okay, this is how we're going to get there. And you get down to specific objectives as to the, how is that sort of how this works? >> Right, and that's due to echo at Alexia. So that's exactly why ours is different. We're not focusing on how to adopt Microsoft or AWS or Alibaba with focusing on how we can deliver the customer experience or a better revenue, you know, or, you know, increase the value for the consumer for whatever the company will help him. So the framework we'll look at that and figure out how do we actually address it, whether it's on public cloud, whether it's on prem, whether it's at the edge. >> You mentioned Alexia, that something, hey, if we don't have the skills, we can get a partner who does, a big company. You got a huge partner network. So for example, if you might not have necessarily a deep industry expertise, that's where you might lean on a partner or is that, is that a good example or is there a better one? >> Yes and we know. We're not going to just like you mentioned AWS or Microsoft, Alibaba thing that everything will go to public cloud. I don't believe so, but at the same time we know not everything will stay on-prem. So the combination of on-prem, the edge, you know, private cloud and public cloud is what the customers are after. So our partners could be either third party, system integrator that can help us implement something or even the public CSPs, because we know our customers have capabilities everywhere. So the question becomes, how can we holistically address their needs, whether it's on-prem, whether it's in public cloud. >> Great. Guys, thanks so much. >> Alexia: Thank you. Thanks for having us. Appreciate it. >> My pleasure and thank you for watching everybody's as theCube's continuous coverage of HPE's GreenLake announcement, keep it right there for more great content. (bright upbeat music)

(energetic music) >> Announcer: From our studios in the heart of Silicon Valley; Palo Alto, California. This is a CUBE Conversation. >> Hi everyone, welcome to this special CUBE Power Panel recorded here in Palo Alto, California. We've got remote guests from around the Internet. We have Evan Anderson, Mark Anderson, Phil Lohaus. Thanks for comin' on. Evan is with INVNT/IP, an organization with companies and individuals that fight nation-sponsored intellectual property theft and also author of the huge report Theft Nation Almost a 100 pages of really comprehensive analysis on it. Mark Anderson with the Future in Review CEO of Pattern, Computer and Strategic New Service Chairman of Future in Review Conference, and author of the book "The Pattern Future: "Find the World's Greatest Secrets "and Predicting the Future Using Discovery Patterns" and Phil Lohaus, American Enterprise Institute. Former intelligent analyst, researcher at the American Enterprise Institute, studying competitive strategy and emerging technologies. Guys, thanks for coming on. This topic is, is industrial IoT the new battleground? Mark, you cover the Future Review. Security is the battleground. It's not just a silo'd space. It's horizontally scalable across every single touch point of the Internet, individuals, national security, companies, global, what's your perspective on this new battleground? >> Well, thank you, I took some time and watched your last presentation on this, which I thought was excellent. And maybe I'll try to pick up from there. There's a lot of discussion there about the technical aspects of IoT, or IIoT, and some of the weaknesses, you know firewalls failing, assuming that someone's in your network. But I think that there's a deeper aspect to this. And the problem I think, John, is that yes, they are in your network already, but the deeper problem here is, who is it? Is it an individual? Is it a state? And whoever it is, I'm going to put something out that I think is going to be worth talking more deeply about, and that is, if people who can do the most damage are already in there, and are ready to do it, the question isn't "Can they?" It's "Why have they not?" And so literally, I think if you ask world leaders today, are they in the electric grid? Yes. Is Russia in ours, are we in theirs? Yes. If you said, is China in our most important areas of enterprise? Absolutely. Is Iran in our banks and so forth? They are. And you actually see states of war going on, that are nuisances, but are not what you might call Cybergeddon. And I really believe that the world leaders are truly afraid. Perhaps more afraid of that than of nuclear war. So the amount of death and destruction that could happen if everybody cut loose at the same time, is so horrifying, my guess is that there's a human restraint involved in this, but that technically, it's already game over. >> Phil, Cybergeddon, I love that term, because that's a part of our theme here, is apocalypse now or later? Industrial IoT, or IIoT, or the Internet, all these touch points are creating a surface area that for penetration's purposes, any packet can get in. Nation-states, malware, you name it. It's all problem. But this is the new war battleground. This is now digital Cybergeddon. Forget the wall on the southern border, physical wall. We're talking about a digital wall. We have major threats going on to our society in the United States, and global. This is new, rules of engagement, or no rules of engagement on how to compete in a digital war. This is something that the government's supposed to protect us for. I mean, if someone drops troops in California, physical people, the government's supposed to stop that. But if it's a digital war, it's packets. And the companies are responsible for all this. This doesn't make any sense to me. Break it down, what's the problem? And how do we solve this? >> Sure, well the problem is is that we're actually facing different kinds of threats than we were typically used to facing in the past. So in the past when we go to war, we may have a problem with a foreign country, or a conflict is coming up. We tend to, and by we I mean the United States, we tend to think of these things as we're going to send troops in, or we're going to actually have a physical fight, or we're going to have some other kind of decisive culmination of events, end of a conflict. What we're dealing with now is very different. And it's actually something that isn't entirely new. But the adversaries that we're facing now, so let's say China, Russia, and Iran, just to kind of throw them into some buckets, they think about war very differently. They think about the information space more broadly, and partially because they've been so used to having to kind of be catching up to America in terms of technology, they found other ways to compete with America, and ways that we really haven't been focusing on. And that really, I would argue, extends most prominently to the information space. And by the information space I'm speaking very broadly. I'm talking about, not just information in terms of social media, and emails, and things like that, but also things like what we're talking about today, like IIoT. And these are new threat landscapes, and ones where our competitors have a integrated way of approaching the conflict, one in which the state and private sectors kind of are molded or fused or at least are compelled to work together and we have a very different space here in the United States. And I'm happy to unpack that as we talk about that today, but what we're now facing, is not just about technical capabilities, it's about differences in governing systems, differences in governing paradigms. And so it's much bigger than just talking about the technical specifics. >> Evan, I want you to weigh in on this because one of the things that I feel strongly about, and this is pretty obvious from the commentary, and experts I talk to is, the United States has always been good at defending itself physically, you know war, in being places. Digitally, we've been really good at offense, but terrible on defense, has been the metaphor. I spoke with former four-star General Keith Alexander, who ran the NSA and was first commander of the cyber command, who is now the CEO of IronNet. He and I were talking on-camera and privately and he's saying, "Look it. "we suck at defense digitally. "We're great at offense, we can take someone out "on the offense." But we're talking about IoT, about monitoring. These are technical challenges. This is network nerds, and software engineers have to solve this problem with the prism of defense. This is a new paradigm. This is what we're kind of getting to. And Mark, you kind of addressed it. But this is the challenge. IoT is going to create more points that we have to defend that we suck now at defending, how are we going to get better. This is the paradox. >> Yeah, I think that's certainly accurate. And one of our problems here is that as a society we've always been open. And that was how the Internet was born. And so we have a real paradigm shift now from a world in which the U.S. was leading an open world, that was using the Internet for, I mean there have been problems with security since day one, but originally the Internet was an information-sharing exercise. And we reached a point in human history now where there are enough malicious hackers that have the capabilities we didn't want them to have, but we need to change that outlook. So, looking at things like Industrial IoT, what you're seeing is not so much that this is the battlefield in specific, it's that everything like it is now the battlefield. So in my work specifically we're focused more on economic problems. Economic conflicts and strategies. And if you look at the doctrines that have come out of our adversaries in the last decade, or really 20 years, they very much did what Phil said, and they looked at our weaknesses, and one of those biggest weaknesses that we've always had is that an open society is also unable necessarily to completely defend itself from those who would seek to exploit that openness. And so we have to figure out as a society, and I believe we are. We're running a fine line, we're negotiating this tightrope right now that involves defending the values and the foundational critical aspects of our society that require openness, while also making sure that all the doors aren't open for adversaries. And so we'll continue to deal with that as a society. Everything is now a battlefield and a much grayer area, and IoT certainly isn't helping. And that's why we have to work so hard on it. >> I want to talk about the economic piece on the next talk track of rounds. Theft, and intellectual property that you cover deeply. But Mark and Phil, this notion of Cybergeddon meets the fact that we have to be more defensive. Again, principles of openness are out there. I mean, we have open source. There is a potential path here. Open source software has been, I think, depending on who you talk to, fourth generation, or fifth, depending on how old you are, but it's now mainstream enough now. Are we ever going to get to a formula where we can actually be strong in defense as well as just offense with respect to protecting digitally? >> Phil, do you want that? >> Well, yeah, I would just say that I'm glad to hear that General Alexander is confident about our offensive capabilities. But one of the... To NSA that is conducting these offensive capabilities. When we talk about Russia, Iran, China, or even a smaller group, like let's say an extremist group or something like that, there's an integration between command and control, that we simply don't have here in the States. For example, the Panasonic and Sony examples always come to mind, as ones where there are attacks that can happen against American companies that then have larger implications that go beyond just those companies. So and this may not be a case where the NSA is even tracking the threat. There's been some legislation that's come out, rather controversial legislation about so-called hacking back initiatives and things like that. But I think everybody knows that this is already kind of happening. The real question is going to be, how does the public sector, and how does the private sector work together to create this environment where they're working in synergy, rather than at cross purposes? >> Yeah, and this brings up, I've heard this before. I've heard people talk about the fact that open source nation states can actually empower by releasing tools in open source via the Dark Web or other vehicles, to not actually have, quote, their finger prints, on any attacks. This seems to be a tactic. >> Or go through criminals, right? Use proxies, things like that. It's getting even more complicated and Alexander's talked about that as well, right? He's talked about the convergence of crime and nation-state actions. So whereas with nation-states it's already hard-attributed enough, if that's being outsourced to either whether it's patriotic hackers or criminal groups, it's even more difficult. >> I think you know, Keith is a good friend of all of ours, obviously, good guy. His point is a good one. I'd like to take it a little more extreme state and say, defense is worth doing and probably hopeless. (everyone laughs) So, as they always say, all it takes is one failure. So, we always talk about defense, but really, he's right. Offense is easy. You want to go after somebody? We can get them. But if you want to play defense against a trillion potential points of failure, there's no chance. One way to say this is, if we ignore individuals for a moment and just look at nation-states, it's pretty clear that any nation-state of size, that wants to get into a certain network, will get in. And then the question will be, Well, once they're in, can they actually do damage? And the answer is probably yeah, they probably can. Well, why don't they? Why don't they do more damage? We're kind of back to the original premise here, that there's some restraint going on. And I suspect that Keith's absolutely right because in general, they don't want to get attacked. They don't want to have to come back at them what they're about to do to your banks or your grid, and we could do that. We all could do that. So my guess is, there's a little bit of failure on our part to have deep discussions about how great our defenses either are, or are not, when frankly the idea of defense is a good idea, worthwhile idea, but not really achievable. >> Yeah, that's a great point. That comes up a lot where it's like, people don't want retaliation, so it's a big, critical event that happens, that's noticeable as a counterstrike or equivalent. But there's been discussion of the, I call it "the slow bleed" where they push the line of where that is, like slowly infiltrate, and just cause disruption and inconvenience, as a tactic. This has become something we're seeing a lot of. Whether it's misinformation campaigns on fake news, to just disrupting operations slowly over time, and just kind of, 1,000 paper cuts, if you will. Your guys' thoughts on that? Is that something you guys see out there that's happening? >> Well, you saw Iran go after our banks. And we were pushing Iran pretty hard on the sanctions. Everybody knows they did that. It wasn't very much fun for anybody. But what they didn't do is take down the entire banking system. Not sure they could, but they didn't. >> Yeah, I would just add there that you see this on multiple fronts. You see this is by design. I'm sure that Mark is talking about this in his report but... they talk about this incremental approach that over time, this is part of the problem, right? Is that we have a very kind of black or white conception of warfare in this country. And a lot of times, even companies are going to think, well you know, we're at peace, so why would I do something that may actually be construed as something that's warlike or offensive or things like that? But in reality, even though we aren't technically at war, all of these other actors view this as a real conflict. And so we have to get creative about how we think about this within the paradigm that we have and the legal strictures that we have here in this country. >> Well there's no doubt at least in my non-expert military opinion, but as someone who is a techie, been on the Internet from day one, all my life, and all those tools, you guys as well, I personally think we're at war. 100%, there's no debate on that. And I think that we have to get better policy around this and understand it better. Because it's happening. And one of the obvious areas that we see in the news everyday, it's Huawei and intellectual property theft. This is an economic impact. I mean just look at what's happening in Brexit in the U.K. If that was essentially manipulated, that's the ultimate smart bomb, is to just destroy their financial system, which ended up happening through that misinformation. So there are economic realizations here, Evan,that not only come from the misinformation campaigns and other attacks, but there's real value with intellectual property. This is the report you put out. Your thoughts? >> There's very much an active conflict going on in the economic sphere, and that's certainly an excellent point. I think one of the most important things that most of the world doesn't quite understand yet, but our adversaries certainly understand, is that wars are fought for usually, just a few reasons. And there's a lot of different justification that goes on. But often it's for economic benefit. And if you look at human history, and you look at modern history, a lot of wars are fought for some form of economic benefit, often in the form of territory, et cetera, but in the modern age, information can directly and very quite obviously translate into economic benefit. And so when you're bleeding information, you're really bleeding money. And when I say information, again, it's a broad word, but intellectual property, which our definition, here at INVNT/IP is quite broad too, is incredibly valuable. And so if you have an adversary that's consistently removing intellectual property from what I would call our information ecosystem, and our business ecosystem, we're losing a lot of economic value there, and that's what wars are fought over. And so to pretend that this conflict is inactive, and to pretend that the underlying economy and economic strength that is bolstered or created by intellectual property isn't critical would be silly. And so I think we need to look at those kinds of dynamics and the kind of Gerasimov Doctrine, and the essential doctrine of unrestricted warfare that came out of the People's Republic of China are focused on avoiding kinetic conflict while succeeding at the kinds of conflict that are more preferable, particularly in an asymmetric environment. So that's what we're dealing with. >> Mark and Phil, people waking up to this reality are certainly. People in the know are that I talk to, but generally speaking across the board, is this a woke moment for tech? This Armageddon now or later? >> Woke moment for politicians not for tech, I think. I'm sure Phil would agree with this, but the old guard, go back to when Keith was running the NSA. But at that time, there was a very clear distinction between military and economic security. And so when you said security, that meant military. And now all the rules have changed. All the ways CFIUS works in the United States have changed. The legislation is changing, and now if you want to talk about security, most major nations equate economic security with national security. And that wasn't true 10 years ago. >> That's a great point. That's really profound, I totally agree. Phil. >> I think you're seeing a change in realization in Washington about this. I mean, if you look at the cybersecurity strategy of 2018, it specifically says that we're going to be moving from a posture of active defense to one of defending forward. And we can get into the discussion about what those words mean, but the way I usually boil down is it means, going from defending, but maybe a little bit forward, to actually going out and making sure that our interests are protected. And the reason why that's important, and we're talking about offense versus defense here, obviously the reason why, from what Mark was saying, if they're already in the networks, and they haven't actually done anything, it's because they're afraid of what that offensive response could be. So it's important that we selectively demonstrate what costs we could impose on different actors for different kinds of actions, especially knowing that they're already operating inside of our network. >> That's a great point. I mean, I think that's again another profound statement because it's almost like the pin in the grenade. Once they pull it, the damage is done. Again, back to our theme, Armageddon, now or later? What's the answer to this, guys? Is it the push to policy conversation and the potential consequences higher? Get that narrative going. Is it more technical protection in the networks? What's some of the things that people are talking about and thinking about around this? >> And it's really all of the above. So the tough part about this for any society and for our society is that it's expensive to live in a world with this much insecurity. And so when these kind of low-level conflicts are going on, it costs money and it costs resources. And companies had to deal with that. They spent a long time trying to dodge security costs, and now particularly with the advent of new law like the GDPR in Europe, it's becoming untenable not to spend that defensive money, even as a company, right? But we also are looking at a deepening to change policy. And I think there's been a lot of progress made. Mark mentioned the CFIUS reforms. There are a lot of different essentially games of Whack-A-Mole being played all around the world right now figuring out how to chase these security problems that we let go too long, but there's many, many, many fronts that we need to-- >> Whack-A-Mole's a great example. The visualization of that is just horrendous. You know, not the ideal scenario. But I got to get your point on this, because one of the things that comes up all the time in our conversations in theCUBE is, the government's job is to protect our securities. So again, if someone came in, and invaded my town in Palo Alto, it's not my responsibility to fight for the town. Maybe defend my own house. But if I'm a company being attacked by Russia, or China or Iran, isn't it the government's responsibility to protect me as a citizen and the company doing business there? So again, this is kind of the confusion that people have. If somebody's going to defend their hack, I certainly got to put security practices in place. This is new ground for the government, digitally speaking. >> When we started this INVNT/IP project, it was about seven years ago. And I was told by a very smart guy in D.C. that our greatest challenge was going to be American corporations, global corporations. And he was absolutely right. Literally in this fight to protect intellectual property, and to protect the welfare even of corporations, our greatest enemies so far have been American corporations. And they lobby hard for China, while China is busy stealing from them, and stealing from their company, and stealing from their country. All that stuff's going on, on a daily basis and they're in D.C. lobbying in favor of China. Don't do anything to make them mad. >> They're getting their pockets picked at the same time. And they're trying to do business in China. They're getting their pockets picked. That's what you're saying. >> They're going for the quarterly earnings report and that's all. >> So the problem is-- >> Yeah so-- >> The companies themselves are kind of self-inflicted wounds here for them. >> Yes. >> Yeah, just to add to that, on this note, there have been some... Business to settle interest. And this is something you're seeing a little bit more of. There's been legislation through CFIUS and things like that. There have been reforms that discourage the flow of Chinese money in the Silicon Valley. And there's actually a measurable difference in that. Because people just don't want to deal with the paperwork. They don't want to deal with the reputational risk, et cetera, et cetera. And this is really going to be the key challenge, is having policy makers not only that are interested in addressing this issue, because not all of them are even convinced it's a problem, if you can believe it or not, but having them interested and then having them understand the issue in a way that the legislation can actually be helpful and not get in the way of things that we value, such as innovation and entrepreneurialism and things like that. So it's going to take sophisticated policy-making and providing incentives so that companies actually want to participate and helping to make America safer. >> You're so right about the politicians. Capitol Hill's really not educated. I mean I tell my kids, and they ask the same questions, just look at Mark Zuckerberg and Sundar Pichai present to the government. They don't even know what an Android phone versus an iPhone is, nevermind what the Internet, and how this global economy works. This has become a makeup problem of the personnel in Capitol Hill. You guys see any movement? I'm seeing some change with a new guard, a new generation of younger people coming in. Certainly from the military, that's an easy when you see people get this. But a new generation of young millennials who are saying, "Hey, why are we doing this the old way?" and actually becoming more informed. Not being the lawyer at law-making. It's actually more technically savvy. Is there any movement, any bright hope there? >> I think there's a little hope in the sense that at a time when Congress has trouble keeping the lights on, they seem to have bipartisan agreement on this set of issues that we're talking about. So, that's hopeful. You know, we've seen a number of strongly bipartisan issues supported in Congress, with the Senate, with the House, all agreeing that this is an issue for us all, that they need to protect the country. They need to protect IP. They need to extend the definition of security. There's no argument there. And that's a very strange thing in today's D.C. to have no argument between the parties. There's no error between the GOP and the Democrats as far as I can tell. They seem to all agree on this, and so it is hopeful. >> Freedom has its costs and I think this is a new era of modern freedom and warfare and protection and all these dynamics are changing, just like Cloud 2.0 is changing application developers. Guys, this is a really important topic. Thank you so much for coming on, appreciate it. Love to do a follow-up on this again with you guys. Thanks for sharing your insight. Some great, profound statements there, appreciate it. Thank you very much. >> Thank you. >> Thanks for having us. >> It's been a CUBE Power Panel here from Palo Alto, California with Evan Anderson, Mark Anderson, and Phil Lohaus. Thank you guys for coming on. Power Panel: The Next Battleground in Industrial IoT. Security is a big part of it. Thanks for watching, this has been theCUBE. (energetic music)