>> From around the globe it's theCUBE with digital coverage of IBM Think 2021 brought to you by IBM. >> Welcome to the theCUBE's coverage of IBM think 2021, the digital experience. I'm Lisa Martin. I've got two guests here with me next. We're going to be talking about IBM and Cisco. Please welcome Candace Tripp, a partner at Global Security Services Alliances at IBM. Kandyce, it's great to have you on theCUBE. >> Thank you. It's great to be here, Lisa. >> And Erin Jensen joins us as well. Global Partner Executive for IBM at Cisco. Erin, welcome to you as well. >> Yeah, thanks for having me. >> I love it, three women, power women on a tech panel. >> I know, I love it. >> Isn't that nice? It's rare. >> It is. >> Exciting. >> Praise God. All right, let's go ahead, Erin and we're going to start with you. Let's talk about Cisco's strategy and security and how that aligns with IBM. >> Absolutely. Thanks Lisa. So Cisco in the last seven years have made considerable amount of investment in our portfolio. And in fact, it's one reason why I joined Cisco. I've been hearing about customer problems across many security threat vectors and issues. And customers are really looking for a product portfolio that helps them across all their security needs. IBM has taken a similar approach, right? We're not just one product or one service. IBM also has a service portfolio that helps customers through the long haul and their security journey. We're both working to solve problems like Zero Trust, SAS, Cloud security, and helping all of our customers with digital transformation and moving to the cloud. And so both of us have really taken a similar long-term approach to our customer vision and security. >> We've heard a lot about security challenges and the expansion of threat vectors and surfaces and data in the last year or so. So that double-down focus from both IBM and Cisco on security is absolutely critical for customers. Kandyce, let's get your perspective now. Talk to me about IBM security services and the value that it delivers with Cisco's security portfolio, those two powerhouses together. >> Yeah. Great question. I really appreciate it. One of the things I want to point out is just that IBM security services is one of the largest MSPs in the industry. And I think it's a really exciting time and I'm very thrilled to be a part of that. And the answer to your question, we simplify security solutions, we reduce risk, we provide architectural consulting and systems integration. And we do that in support of our partnerships, just like with Cisco, with Cisco, excuse me. So I think it's a really exciting partnership and there's a lot of value provided. >> And then Kandyce also, you recently launched IBM security services Alliance program. What can you tell us about that? >> Yeah, absolutely. So I'm very excited about it. We launched it on March 1st of this year. And it is a very targeted program that's designed to promote support and reward us like set of partners. And Cisco is one of those partners that has been invited to participate. And these are the partners that are committed to doing a couple of different things. One of which is supporting the development of our offerings. It's also partners that are integrating into our technology platform and they also train and enable our engineers, our consultants as well as our sellers. So they bring a lot of value to the table. And like I said before, Cisco is one of the partners that have been invited to participate. And we're very excited. >> Yeah. >> Go ahead Erin. >> And just to add on that as Candace is saying like Cisco is really excited to participate in this program. It's really, truly about delivering an outcome to our customers. And so the program gives us tools to make investments integrations, et cetera. And the part about partnership it's an evolution of things, right? We want to work together. The landscape of the threats are changing, our world's changing, we're in a pandemic, we've got to be able to pivot and really help customers solve these problems together. And the Alliance program gives us a formal way a really kind of put in the wood behind the arrow. So we're really excited to participate. >> Thanks Erin, excited to have you. >> Great. So Kandyce, I'm curious, as Erin was saying that the threat vector, things are expanding, we've seen so much flux. They're saying we're in a dynamic market, situation is a pretty big understatement. What was the impetus of this Alliance? Was it, this Alliance program, did it have anything to do with the flux that we've been through in the last year? >> Well, I think anytime you launch a program or create a strategy, you're obviously solving a problem. And we all know that security is complex and we need to simplify it. And in today's market, there's a shortage of professionals in the industry. There's a lot of siloed processes and a lot of tools. And anytime that you can bring a strategy to the table that solves some of these challenges, it's definitely worthwhile. And our goal is to bring together advisors and integrated leading technologies vendors such as Cisco. And our goal is to help our clients obviously. And optimally, what we want to do is we want to align their security strategy. We want to make sure that we protect their digital users, their data, their assets. We also want to modernize our technology with these advisors. And ultimately, we found a partnership in Cisco in regards to this program, where we can solve some of our customer's challenges and we can leverage this partnership to the fullest. >> Can you talk to me a little bit about the difference between a technology alliances program and a security service Alliance partner at IBM security program? >> Kandyce: Absolutely. Well, I think it's to call out that Cisco is both actually. We do have a Technology Alliance partners as you mentioned, and Security Service Alliance partners and our Technology Alliance partners are purpose built integrations with IBM security products. On the opposite side, you have Security Service Alliance partners where there's kind of two aspects to it. It could be, it's an either situation where they're integrated into our security service offering or we build an offering around the partners technology. And in the case of Cisco there's many product integrations. I'll name two as examples, one being QRadar and the other being Resilient. But I think what makes the partnership so interesting is there's an extensive portfolio to choose from. And I think that makes it very exciting for our clients to kind of look at what we bring to the table jointly and create leverage out of that. Erin, do you have anything to add? >> A couple of things. So the questions we get a lot from customers is, is there overlap in some of these software solutions? And the fact is there really isn't. We are more complimentary than competitive. And one of the things that we want to do to enhance the customer experience is really give a customer the confidence, but also a full service solution. The way Cisco views IBM and security space is like the glue, right? We provide all the automation a lot of the visibility, our tools, for instance QRadar, pump all of the log information and help with instant response to how customers look at threats. And we really want them to, customers would feel confident by being together and really let's face it, IBM and Cisco are the biggest players in the market. But to Kandyce's point they're also looking for innovation from us and we giving them the roadmaps to go to the next level. So our partnership really provides that. And in fact, it's really important to note that IBM is actually a big Cisco client and has invested in some of our technologies around Umbrella, Next-Gen firewall and our IPS and AnyConnect Solution. So truly our use case is between our companies too not just for our customers. So it's part of our loyalty and commitment to each other but also to all the folks who are making investments working with IBM and Cisco. >> So there's a long history deep collaboration between IBM and Cisco here. I'm wondering if either of you and Kandyce we'll start with you, can you talk about anything that you saw in the last year. I'm thinking, from a security perspective we saw governments and schools and hospitals and healthcare organizations being attacked because they were, there was so much focus on those organizations. I'm curious if there's any industries that you guys saw in the last year or so in particular that really have benefited from your Security Services Alliance program? >> Well, I think we just launched the program in March. So we are currently in the process of rolling it out but will say, as a organization we spend a lot of time making sure that we're relevant to the community, that we're solving some of the deepest problems in the industry. And I think it's an exciting time and I know that IBM Security Services brings a lot of solutions to its clients and we'll continue to do so. >> And then Erin, tell me from Cisco's perspective and yes, Kandyce you mentioned that this is a brand new program. What are some of the things that you're looking forward to being able to help clients in industries that I mentioned and really any industry pivot as we're still in such a globally challenging situation? >> Yes. So I won't necessarily talk about verticals but let's talk about the pandemic. So many of our customers in all different kinds of verticals have had to take their business home. Securing all the remote workers, doing what we call Zero Trust and edge security making sure they are who they say they are when they're connecting to the mothership. And so we've really put a lot of effort at Cisco around addressing these problems in a fast and efficient way. And then IBM helps us manage that for customers. So if they don't have the bandwidth, once solutions go in and we turn the key on they don't have the bandwidth to manage this themselves, IBM really picks that ball up and runs with it. So that's another big value out of our partnership. But let's face it, gosh, a year and a half ago all of this changed on the dime. So we had to pivot really quickly. And because we have teams in place are already working together on how we service these solutions through IBM, this was not necessarily a very hard shift. We were able to do this quickly and provide information and kind of stay ahead of the curve while we saw our customers go through this transition. >> And I can only imagine how critical IBM and Cisco were together as you mentioned, Erin, that pivot to work from home happened so quickly for millions and millions, hundreds of millions of not more of people, and there's a good amount of us that are still in that situation that are reliant on technologies. But like IBM and Cisco are delivering, for collaboration, for communication, even to connect families I'm sure what you guys have done helping those customers pivot is just the tip of the iceberg in helping them not just survive this time but be able to thrive, maybe even focus resources on identifying new products on new services, new ways to delight their customers. >> Yeah, I think that's the other thing that's happening between our firms kind of within security and also more broadly is a lot of our customers are moving to the Cloud and they really need help with this kind of full service look and strategy and ongoing managing and the long haul from a partner. So one of the things that's also been really valuable in our partnership is we have teams of people on account level that really understand our customers and can make these recommendations based on what we're putting together behind the scenes and helping them through the journey. So security is clearly a big part of, kind of what's on everyone's mind, but as far as, can a regular IT operations and networking, it's all part of one journey. And so this layered approach is I think what differentiates our partnership absolutely in the marketplace. >> I agree with you, Erin. I think there's a lot to be excited about that. >> We'll good. Ladies, thank you for joining me today. Talking to me about this new security strategy Alliances Program, what it's offering, the power that IBM and Cisco are bringing jointly to your customers. We look forward to seeing what happens in the next year. Thanks for your time. >> Thank you, Lisa. >> Thank you. >> Well, Kandyce Tripp and Erin Jensen. I'm Lisa Martin. You're watching theCUBE's coverage of IBM Think, the digital experience. (soft upbeat music)

(piano music) >> Presenter: From around the globe it's theCUBE with digital coverage of IBM Think 2021 brought to you by IBM. >> Welcome to the theCUBE's coverage of IBM think 2021, the digital experience. I'm Lisa Martin. I've got two guests here with me next. We're going to be talking about IBM and Cisco. Please welcome Candace Tripp, a partner at Global Security Services Alliances at IBM. Kandyce, it's great to have you on theCUBE. >> Thank you. It's great to be here, Lisa. >> And Erin Jensen joins us as well. Global Partner Executive for IBM at Cisco. Erin, welcome to you as well. >> Yeah, thanks for having me. >> I love it, three women, power women on a tech panel. >> I know, I love it. >> Isn't that nice? It's rare. >> It is. >> Exciting. >> Praise God. All right, let's go ahead, Erin and we're going to start with you. Let's talk about Cisco's strategy and security and how that aligns with IBM. >> Absolutely. Thanks Lisa. So Cisco in the last seven years have made considerable amount of investment in our portfolio. And in fact, it's one reason why I joined Cisco. I've been hearing about customer problems across many security threat vectors and issues. And customers are really looking for a product portfolio that helps them across all their security needs. IBM has taken a similar approach, right? We're not just one product or one service. IBM also has a service portfolio that helps customers through the long haul and their security journey. We're both working to solve problems like Zero Trust, SAS, Cloud security, and helping all of our customers with digital transformation and moving to the cloud. And so both of us have really taken a similar long-term approach to our customer vision and security. >> We've heard a lot about security challenges and the expansion of threat vectors and surfaces and data in the last year or so. So that double-down focus from both IBM and Cisco on security is absolutely critical for customers. Kandyce, let's get your perspective now. Talk to me about IBM security services and the value that it delivers with Cisco's security portfolio, those two powerhouses together. >> Yeah. Great question. I really appreciate it. One of the things I want to point out is just that IBM security services is one of the largest MSPs in the industry. And I think it's a really exciting time and I'm very thrilled to be a part of that. And the answer to your question, we simplify security solutions, we reduce risk, we provide architectural consulting and systems integration. And we do that in support of our partnerships, just like with Cisco, with Cisco, excuse me. So I think it's a really exciting partnership and there's a lot of value provided. >> And then Kandyce also, you recently launched IBM security services Alliance program. What can you tell us about that? >> Yeah, absolutely. So I'm very excited about it. We launched it on March 1st of this year. And it is a very targeted program that's designed to promote support and reward us like set of partners. And Cisco is one of those partners that has been invited to participate. And these are the partners that are committed to doing a couple of different things. One of which is supporting the development of our offerings. It's also partners that are integrating into our technology platform and they also train and enable our engineers, our consultants as well as our sellers. So they bring a lot of value to the table. And like I said before, Cisco is one of the partners that have been invited to participate. And we're very excited. >> Yeah. >> Go ahead Erin. >> And just to add on that as Candace is saying like Cisco is really excited to participate in this program. It's really, truly about delivering an outcome to our customers. And so the program gives us tools to make investments integrations, et cetera. And the part about partnership it's an evolution of things, right? We want to work together. The landscape of the threats are changing, our world's changing, we're in a pandemic, we've got to be able to pivot and really help customers solve these problems together. And the Alliance program gives us a formal way a really kind of put in the wood behind the arrow. So we're really excited to participate. >> Thanks Erin, excited to have you. >> Great. So Kandyce, I'm curious, as Erin was saying that the threat vector, things are expanding, we've seen so much flux. They're saying we're in a dynamic market, situation is a pretty big understatement. What was the impetus of this Alliance? Was it, this Alliance program, did it have anything to do with the flux that we've been through in the last year? >> Well, I think anytime you launch a program or create a strategy, you're obviously solving a problem. And we all know that security is complex and we need to simplify it. And in today's market, there's a shortage of professionals in the industry. There's a lot of siloed processes and a lot of tools. And anytime that you can bring a strategy to the table that solves some of these challenges, it's definitely worthwhile. And our goal is to bring together advisors and integrated leading technologies vendors such as Cisco. And our goal is to help our clients obviously. And optimally, what we want to do is we want to align their security strategy. We want to make sure that we protect their digital users, their data, their assets. We also want to modernize our technology with these advisors. And ultimately, we found a partnership in Cisco in regards to this program, where we can solve some of our customer's challenges and we can leverage this partnership to the fullest. >> Can you talk to me a little bit about the difference between a technology alliances program and a security service Alliance partner at IBM security program? >> Kandyce: Absolutely. Well, I think it's to call out that Cisco is both actually. We do have a Technology Alliance partners as you mentioned, and Security Service Alliance partners and our Technology Alliance partners are purpose built integrations with IBM security products. On the opposite side, you have Security Service Alliance partners where there's kind of two aspects to it. It could be, it's an either situation where they're integrated into our security service offering or we build an offering around the partners technology. And in the case of Cisco there's many product integrations. I'll name two as examples, one being QRadar and the other being Resilient. But I think what makes the partnership so interesting is there's an extensive portfolio to choose from. And I think that makes it very exciting for our clients to kind of look at what we bring to the table jointly and create leverage out of that. Erin, do you have anything to add? >> A couple of things. So the questions we get a lot from customers is, is there overlap in some of these software solutions? And the fact is there really isn't. We are more complimentary than competitive. And one of the things that we want to do to enhance the customer experience is really give a customer the confidence, but also a full service solution. The way Cisco views IBM and security space is like the glue, right? We provide all the automation a lot of the visibility, our tools, for instance QRadar, pump all of the log information and help with instant response to how customers look at threats. And we really want them to, customers would feel confident by being together and really let's face it, IBM and Cisco are the biggest players in the market. But to Kandyce's point they're also looking for innovation from us and we giving them the roadmaps to go to the next level. So our partnership really provides that. And in fact, it's really important to note that IBM is actually a big Cisco client and has invested in some of our technologies around Umbrella, Next-Gen firewall and our IPS and AnyConnect Solution. So truly our use case is between our companies too not just for our customers. So it's part of our loyalty and commitment to each other but also to all the folks who are making investments working with IBM and Cisco. >> So there's a long history deep collaboration between IBM and Cisco here. I'm wondering if either of you and Kandyce we'll start with you, can you talk about anything that you saw in the last year. I'm thinking, from a security perspective we saw governments and schools and hospitals and healthcare organizations being attacked because they were, there was so much focus on those organizations. I'm curious if there's any industries that you guys saw in the last year or so in particular that really have benefited from your Security Services Alliance program? >> Well, I think we just launched the program in March. So we are currently in the process of rolling it out but will say, as a organization we spend a lot of time making sure that we're relevant to the community, that we're solving some of the deepest problems in the industry. And I think it's an exciting time and I know that IBM Security Services brings a lot of solutions to its clients and we'll continue to do so. >> And then Erin, tell me from Cisco's perspective and yes, Kandyce you mentioned that this is a brand new program. What are some of the things that you're looking forward to being able to help clients in industries that I mentioned and really any industry pivot as we're still in such a globally challenging situation? >> Yes. So I won't necessarily talk about verticals but let's talk about the pandemic. So many of our customers in all different kinds of verticals have had to take their business home. Securing all the remote workers, doing what we call Zero Trust and edge security making sure they are who they say they are when they're connecting to the mothership. And so we've really put a lot of effort at Cisco around addressing these problems in a fast and efficient way. And then IBM helps us manage that for customers. So if they don't have the bandwidth, once solutions go in and we turn the key on they don't have the bandwidth to manage this themselves, IBM really picks that ball up and runs with it. So that's another big value out of our partnership. But let's face it, gosh, a year and a half ago all of this changed on the dime. So we had to pivot really quickly. And because we have teams in place are already working together on how we service these solutions through IBM, this was not necessarily a very hard shift. We were able to do this quickly and provide information and kind of stay ahead of the curve while we saw our customers go through this transition. >> And I can only imagine how critical IBM and Cisco were together as you mentioned, Erin, that pivot to work from home happened so quickly for millions and millions, hundreds of millions of not more of people, and there's a good amount of us that are still in that situation that are reliant on technologies. But like IBM and Cisco are delivering, for collaboration, for communication, even to connect families I'm sure what you guys have done helping those customers pivot is just the tip of the iceberg in helping them not just survive this time but be able to thrive, maybe even focus resources on identifying new products on new services, new ways to delight their customers. >> Yeah, I think that's the other thing that's happening between our firms kind of within security and also more broadly is a lot of our customers are moving to the Cloud and they really need help with this kind of full service look and strategy and ongoing managing and the long haul from a partner. So one of the things that's also been really valuable in our partnership is we have teams of people on account level that really understand our customers and can make these recommendations based on what we're putting together behind the scenes and helping them through the journey. So security is clearly a big part of, kind of what's on everyone's mind, but as far as, can a regular IT operations and networking, it's all part of one journey. And so this layered approach is I think what differentiates our partnership absolutely in the marketplace. >> I agree with you, Erin. I think there's a lot to be excited about that. >> We'll good. Ladies, thank you for joining me today. Talking to me about this new security strategy Alliances Program, what it's offering, the power that IBM and Cisco are bringing jointly to your customers. We look forward to seeing what happens in the next year. Thanks for your time. >> Thank you, Lisa. >> Thank you. >> Well, Kandyce Tripp and Erin Jensen. I'm Lisa Martin. You're watching theCUBE's coverage of IBM Think, the digital experience. (soft upbeat music)

>> Narrator: Live from San Francisco, it's theCUBE, covering RSA Conference 2020 San Francisco. Brought to you by SiliconANGLE Media. >> Welcome back everyone. This is theCUBE's coverage from RSA Conference on Moscone South. I'm John Furrier, host of theCUBE. You know, cybersecurity is changing, and the next technology is right around the corner, and it's got to be invented somewhere, and of course Accenture Labs is part of it. Our next guest is Lisa O'Connor, Global Security R&D Lead for Accenture Labs. Lisa's working on some of those hard problems all around the world. Thank you for joining me today. Thanks for coming on. >> Thank you for having me. >> So, we always get the good scoop from Accenture, because you have a lot of smart people in that company. You know, they know their stuff. I know you got a huge analytics team. I've talked to Jean-Luc Chatelain before, and I know you got a massive amount of, deep bench of talent. But as you have to go do the applied R&D, and maybe some of the crazy ideas, you got to start thinking about where the puck is going to be. >> Absolutely. >> You got to understand that. Well, it's pretty clear to us that Cloud is certainly there. Palo Alto Networks had a disappointing earnings yesterday, because their on-premises business is shifting to the Cloud. You're seeing hybrid operating model and multicloud for the enterprise, but now you got global challenges. >> We absolutely do. >> Huge, so what are you guys working on that's coming? Tell us. >> So we're working on lots of exciting things, and Cloud is one of them. But, some of the things I'm so passionate about in labs, and I have the best job at Accenture. Don't tell anyone. (laughs) I do. So, we are working on, like Jean-Luc is working on applied intelligence, we are working on robust AI. So, when we think about AI in the future, how do we feel that, and know that it's okay? How do we put it out there and know it's safe in production, we've done the right training, we've made our model resilient to what's out there? One of the things we see happening, and I love AI, love it. It has great potential, and we get great insights out of it, but a lot of times we stop, we get the insights, and we say, "Okay, it's in the box, we got a couple hits there, "we're good, it's good." No, maybe not. And so really, it's learning and creating the actually applied attacks on AI, and then figuring out what the right defenses are. And, depending on what type of machine learning you're using, those defenses change. And so, we're having a great time in our lab in Washington D.C., working on basically defending AI and building those techniques, so that what we put out as Accenture is robust. >> You know, it's interesting, AI, you watch some of the hardcore, you know, social justice warriors out there going after Amazon, Google, you know, because they're doing some pretty progressive things. Oh, facial recognition, you got AI, you got Alexa. You know, a lot of people are like, "Oh, I'm scared." But, at the end of the day, they also have some challenges like network security, so you have all this AI up and down the stack. And, one thing I like about what's being talked about in the industry is the shared responsibility model. So, I got to ask you, as AI becomes exciting, but also, balancing, frightening to people, how do you get that shared responsibility model, so we get it right, do the experimentation, without people freaking out? (laughs) So, it's kind of like this weird mode we're in now, where I want to do more AI, because I think it benefits society, but everyone's freaking out. >> Yeah, so, in our tech vision that we just launched, The Tech Vision 2020, there's a lot of talk about value and values, which is really important when we think about AI because we can get great value out of it, but there's a values piece of it and it's how we're using it, how we're getting those insights. Because, the one thing, we have this circle, and it's between customer experience, because the companies that do customer experience well are going to excel, they're going to keep their clients, they're going to do amazing things, they're going to become sticky. But, to do that well, you have to be a good custodian of their data and their information, and curated experiences that they want, and not the creepy ones, not the ones they don't want. And so, we really look at that trust is necessary in that ecosystem, in building that, and keeping that with clients. So, that's something that came out of our technology vision. And, in fact, we're going to be talking at the Executive Women's Forum, this is tomorrow, and we're going to be having a panel on AI, and defending it, which will be very interesting. >> Make sure your people film that conference. We'd like to get a view of it on YouTube after. We love those conferences, really insightful. But, I want to get back to what you were talking about, the fun side. >> Yeah. >> You got a lot of new things on, your guys are kicking the tires on, scratching the surface on. You have two operating labs, one in Washington D.C., and one in Israel. What city in Israel? Is it in Tel Aviv or-- >> Herzliya. >> Okay, did not know. >> Yeah, the tech district, just north of Tel Aviv. It's the hotspot. >> So, Silicon Valley, D.C., and Israel, hotbeds of technology now. >> Yes. >> What's coming out of those labs, what's hot? >> Oh, there's so much exciting stuff coming out of our lab in Herzliya. One of the things that we have, and it's something that's been long and coming, it's been brewing for a while, but it's really looking at creating a model of the enterprise security posture. And, when I say a model of it, I'm talking about a cyber digital twin. Because, so much we can't do in our production networks, we don't have the capabilities. We can look around the room, but we don't have the capabilities on the SOCs team side, to ingest all this stuff. We need a playground where we can ask the what-ifs, where we can run high performance analytics, and we do that through a temporal knowledge graph. And, that's a hard thing to achieve, and it's a hard thing to do analytics at scale. So, that's one of the big projects that we're doing out of our Israel lab. >> Are you saying digital twins is a framework for that? >> Yeah. >> Does it really work well with that? >> So the knowledge graph, we can create digital twins around many things, because a digital twin is a model of processes, people, technologies, the statefulness of things, and configurations, whatever you want to pull in there. So, when we start thinking about, what would we take in to create the perfect enterprise security posture? What would give us all the insights? And, then we can ask the questions about, okay, how would an adversary do lateral movement through this? I can't fix everything that's a 10, but I could fix the right ones to reduce the risk impactfully. And, those are the kind of what-ifs that you can do. >> That's real sci-fi stuff, that's right around the corner. >> Yeah, it is. >> That simulation environment. >> It is. >> What-ifs. Oh my god, the company just got hacked, we're out of business. That's your simulation. You could get to, that's the goal, right? >> It absolutely is, to ask those good business questions about the data, and then to report on the risk of it. And, the other thing, as we move to 5G, this problem's getting bigger and bigger, and we're now bringing in very disparate kinds of compute platforms, computing-at-the-edge. And, what does that do to our nice little network model that we had, that our traditional systems are used to defending against? >> I mean, just the segmentation of the network, and the edge opens up so much more aperture-- >> Yes, it does (laughs). >> to the digital twin, or a knowledge graph. You brought up knowledge graph, I want to get your thoughts on this. I was just having dinner last night with an amazing woman out of New York. She's a Ph.D. in computer science. So, we're talking about graphs, and I love riffing on graph databases. But, the topic came up about databases in general, because with the cloud, it's horizontally scalable, you've got all kinds of simulation, a lot of elasticity going on, there's a lot of software being written on this. You got time series database, you got relational database, you got unstructured, and you got graphs. You got to make them all work together. This is kind of the unique challenge. And, with security, leveraging the right database, and the right construct is a super important thing. How do you guys look at that in the labs? Because, is it something that you guys think about, or is it going to be invisible someday? >> Oh, we think about it a lot. In fact, we've had a number of research projects over the last five years now, actually six years, where we've really pivoted hard in cyber security to graph databases. And, the reason for that is, the many-to-many relationships, and what we can do in terms of navigating, asking the questions, pulling on a thread, because in cyber hunting, that's what we're doing. In many of these use cases that we're trying to defend an enterprise, we're following the next new path based on the newest information of now what the challenge is, or what the current configuration is. So, that's really important. So, graph databases enable that so well. Now, there's still the architecture challenge of, okay, when I ask a query, what am I doing? Am I disrupting the whole apple cart? Do I have to process everything over, or is there a way to do that elegantly, where I can ask my query, and because of how I've structured it in storage, I can do it much better, and I can do it much more efficiently. And that, I think, is where the opportunities are. >> I got to tell you, I'm getting exited now on this whole database discussion, because you think about the logic around what you just said. A graph database with that kind of complexity, when you factor in contextually different things happening at any given time, the database needs to be parsed and managed differently. >> Yes. >> That's a huge challenge. >> It is a great research challenge, which is why we're doing it. >> What is that, how far along are we going to be able to have this dynamic, self-evolving, self-governing, self-healing data modeling? Is that coming soon, or... >> Yeah, I hope so. We wrote about it a couple of years ago. >> You did? >> The self-healing enterprise, aspirational. But I think, I mean, we try to get to real time, right? And, we try to get to real time, and again, refactoring. As we talk about what an adversary is going to do, or lateral movement through a business process, we're talking about a lot of computational horsepower to recalculate all that, process it again, update it, and then again present that back. So the number of things we're asking, how we're asking it becomes also very important to the structure. >> Just, it goes zooming up a little bit, high level, what we're really talking about here is value >> of the data. >> Absolutely. >> And, when you get into the valuation of the nodes, and the arcs, and all that graphs, and other databases, you got to know what to pay attention to. It's kind of like going into the hospital and hearing all these alarms going off. At some point you don't know what's, until they hear a flat line, or whatever. >> Right. That's a bad one. >> I mean, well that's obvious. But, now sometimes there's so many alerts, there's so many alarms. How do you understand at any given time what to pay attention to, because obviously when someone's having a problem you want to pay attention to it. If it's a security alert, that's prioritized. >> And the devil is in the analytics, right? What's the question we're asking, and the analytics that give us that prioritization? And that's non-trivial, because there are a lot of other folks that are doing prioritization in a different manner. To do it at scale, and to do it, not just one hop out, but I want to go all the way to the crown jewels, I want that whole path navigated, and I want to know where to cut along that path. That's a hard thing to do. And so, we've actually developed, and we've submitted patents for them, but we've developed new analytics that'll support that. >> Awesome. Well Lisa, I want to ask you kind of a, I'll give you a plug here, just going to get it out, because I think it's important. Skills gap's a big thing, so I want to give you a minute to explain, or share what you're looking for in your hiring. Who are you looking for? What kind of, the make-up of individual, obviously? Maybe, do you use straight, more academic paper kind of people, or practitioners? I mean, when you look to hire, what are some of the priorities that you look for, and who would thrive in an Accenture Lab's environment? >> Oh, my goodness. >> Take a minute to share what you're looking for. >> Yeah, so we love people that think out of the box, and those kinds of people come from very different backgrounds. And so, part of that is, some of them we look for Ph.D.'s, that have wonderful applied skills, and applied is a key word there. White papers are great, I need to be able to prove something, I need to be able to demo something that has value. So, having the applied skills to a business challenge is really important. So, that sort of ground, understanding the business, very important too. But, our talent comes from many different areas. I mean, I kind of joke, my lab looks like the UN, it's wonderful. I have people from across the globe that are in our cyber security lab. I have, in our Washington D.C. lab, we're 50% women, which is also exciting, because we want different experiences, and we shoot for cognitive diversity, right? So, we're looking for people that think differently about solving problems, and are not encumbered by what they've seen in the past, because we're trying to be tip of spear. And, I'm sure you know that from Paul Daugherty. >> Yeah. >> We are trying to be three to five years over the horizon. >> You guys got a good narrative. I always love talking to Accenture, they have a good vision. So, I got to ask you, the next logical question is, obviously, in the news, you see everyone talking about breaches, and ya know, it's not a breach if the door's open, you just walk in. They're really walking in, nothing was really breached, you're just giving it to them. >> Yeah. It's a passive invitation. >> (laughs) Hey come on in. Human error is a big part of it, but then, breach is obviously targeted, phishing, and all that good stuff. But, as those stories get told, there's a whole nother set of stories that aren't being told that are super important. So, I'd love to get your thoughts on, what are the most important stories that we should be talking about that aren't being talked about? >> Yeah, so I have two that are front-of-mind for me. One theme we come back to, and it's not sexy, it's hygiene. It is IT hygiene, and so many of the large companies, and even medium, small companies, we have legacy technology, and keeping that adds complexity, it adds to the whole breadth and depth of what we have to manage and defend. Keeping that attack surface simple and small, cloud-enabled, all those good things, is a real asset and it makes it much easier to defend. So, that's kind of the first non-sexy one, hygiene. The other one I'll say that I think is a challenge that we are not dealing with yet, quantum computing, right? And so, we're on the way to getting our post quantum cryptography in place, but there's another dimension to it, and it's our histories. So, all of the things that have passed on the wire, all the communications with the key exchanges, all that brilliant stuff, is sitting somewhere. Once we get to that point where this becomes very routine, and it's coming fast, we predicted eight years, two years ago. >> So, all that exhaust is somewhere, pent up. >> It's somewhere that, we have to think about how much data we're keeping as custodians, how we're managing it, and then we have to think about the exposure from our past, and say, "Okay, what does that mean that, that was out there?" "Is it aged enough that it doesn't have value?" And, I think there's a real triage that needs to be done, and certainly data management. >> I think, you know, the hygiene brings up a good point. It reminds me of the story Andy Jassy was telling about the mainframe customer that they couldn't find who had the password. They had to find their person, who was retired 10 years earlier to get the password. You don't forget things, but also, there's a human component in all this. Humans and machines are working together. >> Absolutely. >> And. that's a huge part of it. It's not just machines dominating it all, there's going to be a human component, there's a societal impact that we're seeing with information. And, whether that's out in the open, or behind closed doors, there's all kinds of things looming. >> There are, and I think one of the things in the companies that we're seeing who are embracing innovation well, are doing a lot of retraining. Because, the things that people are excellent at, AI is not good at, and the things that AI is good at, are not at all what people are good at. So, the good news is there is a beautiful teaming there, if we retool the skills, or if we re-envision those roles, so that people can get into those roles, and I think that's really important, because I'd rather see AI do all the heavy lifting well, and be trustworthy, and robust and all those great things, and the people be doing the much smarter things that require a human. >> Does the process serve the purpose? Does the purpose serve the process? Same kind of question, right? >> Exactly. >> AI, you can't have great AI that does nothing. >> That's right. >> (laughs) So, it has to be relevant. >> It absolutely does. >> Relevance is kind of a big thing. >> And we own that context, right? Humans own that context. >> Yeah. Yeah. Yeah. Well, thanks for coming in, and sharing the insight. Really appreciate it. Final question, it's always tough to pick your favorite child, but what is your most coolest thing you're working on right now? >> I'll tell you, the cyber digital twin stuff is so cool. >> The what? >> The cyber digital twin stuff is so cool. When you see the power of what that picture, and the analytics can do, we'll show ya. >> Do you have a demo of that now? >> We absolutely do. >> You do. Is it online, or is it more in person you got to see it? >> More in person. >> Okay. >> Folks can reach out, yeah. >> We'll have to get the exclusive on that. >> We do. >> I love those simulations. I think it's very beneficial. >> It is. >> A lot of learning. I mean, who doesn't want practice? >> Well, and a picture, you know that is worth a million dollars. It's just incredible to look at it, and it clicks. It clicks of all the potential things you could ask or do. And, that's the exciting part now, as we show this with customers' and we co-innovate with customers', they're coming up with a laundry list of questions. >> And, this is the beautiful thing about cloud, is that new capabilities are emerging every day, and you could use the good ones. Lisa O'Connor is here. Thank you very much for sharing your insights. Global Security R&D Lead for Accenture Labs. TheCUBE coverage, getting all the signal here on the show floor, extracting that from all the noise. I'm John Furrier, thanks for watching. (upbeat music)

>>live from San Francisco. It's the queue covering our essay conference 2020 San Francisco Brought to you by Silicon Angle Media >>Hey, welcome back here. Ready? Jeff Frick here with the Cube. We're in our 2020 the biggest security conference in the country, if not the world. I guess there's got to be 50,000 people. We'll get the official word tomorrow. It's our sixth year here and we're excited to be back. I'm not sure why. It's 2020. We're supposed to know everything at this point in time with the benefit on inside. We got two people that do. You know a lot. We're excited to have him. My left is Chris Bets is the SVP and chief security officer for Centurylink. Chris, Great to see you. And to his left is Chris Smith, VP Global security Services for Centurylink. Welcome. >>Thank you for having me. >>Absolutely. You guys just flew into town >>just for the conference's great To be here is always a really exciting space with just a ton of new technology coming out. >>So let's just jump into it. What I think is the most interesting and challenging part of this particular show we go to a lot of shows you 100 shows a year. I don't know that there's one that's got kind of the breadth and depth of vendors from the really, really big the really, really small that you have here. And, you know, with the expansion of Moscone, either even packing more women underneath Howard Street, what advice do you give to people who are coming here for the first time? Especially on more than the buyer side as to how do you navigate this place >>when I when I come here and see So I'm always looking at what the new technologies are. But honestly, having a new technology is not good enough. Attackers are coming up with new attacks all the time. The big trick for me is understanding how they integrate into my other solutions. So I'm not so I'm not just focused on the technology. I'm focused on how they all fit together. And so the vendors that have solutions that fit together that really makes a difference in my book. So I'm looking for for products that are designed to work with each other, not just separate >>from a practice standpoint. The theme of IRA say this year is the human element, and for us, if you look at this floor, it's overwhelming. And if you're a CSO of an average enterprise, it's hard to figure out what you need to buy and how to build a practice with all of the emerging tools. So for us core to our practice, I think any mature, 30 security practices having a pro services capability and consulting capability that can be solved this all together, that helps you understand what to buy, what things to piece together and how to make it all work >>right. And it's funny, the human element that is the kind of the global theme. And what's funny is for all the technology it sounds like. Still, the easiest way in is through the person, whether it's a phishing attack or there's a myriad of ways that people are getting him to the human. So that's kind of a special challenge or trying to use technology to help people do a better job. At the end of the day, sometimes you're squishy ISS or easier access point is not a piece of technology, but it's actually a person. It's >>often because We asked people to do the wrong things. We're having them. Focus on security steps. Use email. Security is an easy to grasp example way all go through training every year to teach folks how to make sure that they avoid clicking on the wrong emails for us more often than a year. So the downside of that is arresting people to take a step away from their job and try to figure out how to protect themselves. And is this a bad emails that are really focusing on the job? So that's why it's so important to me to make sure that we've got solutions that help make the human better and frankly, even worse in security. We don't have the staff that we need. And so how do we help Make sure that the right tools are there, that they work together. They automate because asking everybody to take those steps, it's just it's a recipe for disaster because people are going to make mistakes >>right? Let's go a little deeper into the email thing. A friend of mines and commercial real estate, and he was describing an email that he got from his banker describing a wire transfer from one of his suppliers that he has a regular, ongoing making relationship with. You know, it's not the bad pronunciation and bad grammar and kind of the things that used to jump out is an obvious. But he said it was super good to the point where thankfully, you know, it was just this time. But, you know, he called the banker like, did you just send me this thing? So you know where this as the sophistication of the bad guys goes up specifically targeting people, how do you try to keep up with how do you give them the tools to know Woe versus being efficient? I'm trying to get my job done. >>Yeah, for me, it starts with technology. That takes a look. We've only got so many security practitioners in the company. Actually. Defend your email example. We've got to defend every user from those kinds of problems. And so how do I find technology solutions that help take the load off security practitioners so they can focus on the niche examples that really, really well crafted emails and help take that load off user? Because users just not gonna be able to handle that right? It's not fair to ask them. And like you said, it was just poorly time that helped attack. So how do we help? Make sure that we're taking that technology load off, identify the threats in advance and protect them. And so I think one of the biggest things that Chris and I talk a lot about is how to our solutions help make it easier for people to secure themselves instead of just providing only technology technology advantage, >>our strategy for the portfolio and it sort of tied to the complexity. CN This floor is simplicity. So from our perspective, our goal is a network service provider is to deliver threat free traffic to our customers even before it gets to the human being. And we've got an announcement that we launched just a week ago in advance of the show called Rapid Threat Defense. And the idea is to take our mature threat Intel practice that Chris has a team of folks focused on that. We branded black Lotus labs and Way built a machine learning practice that takes all the bad things that we see out in the network and protects customers before it gets to their people. >>So that's an interesting take. You have the benefit of seeing a lot of network traffic from a lot of customers and not just the stuff that's coming into my building. So you get a much more aggregated approach, so tell us a little bit more about that. And what is the Black Lotus Labs doing? And I'm also curious from an industry point of view, you know, it's just a collaboration with the industry cause you guys are doing a lot of traffic. There's other big network providers carrying a lot of traffic. How well do you kind of work together when you identify some nasty new things that you're doing the horizon? And where do you draw the line between better together versus still independent environment? >>When we're talking about making the Internet safer, it's not really to me a lot about competitive environment. It's really about better together. That's one of things I love about the security community. I'm sure you see it every year when you're here. You're talking security practitioners how across every industry security folks work together to accomplish something that's meaningful. So as the largest world's largest global I P we get to see a ton of traffic, and it's really, really interesting we'll be able to put together, you know, at any given point in time. We're watching many tens of thousands of probable malware networks. We're protecting our customers from that. But we're also able to ourselves take down nearly 65 now where networks every month just knock them off the Internet. So identify the command and control, and we take it off the Internet. We work with our partners. We go talk to hosting providers, maybe competitors of ours. And we say, Hey, here's a bad, bad actors bad server that's being used to control now where? Going shut it down. And so the result of that is not only protecting our customers, but more importantly, protecting tens of thousands of customers every month. By removing now where networks that were attacking, that really makes a difference. To me, that's the biggest impact we bring. And so it really is a better together. It's a collaboration story and, of course, for said, we get the benefit of that information as we're developing it as we're building it, we can protect our customers right away while we're building the confidence necessary to take something as dramatic and action as shutting down on our network. Right. Unilaterally, >>Citrix. I was gonna ask you kind of the impact of I o t. Right in this in this crazy expansion of the tax services, when you hear about all the time with my favorite example, somebody told the story of attacking a casino through the connected thermometer in the fish tank in the lobby, which may or may not be true, is still a great story. Great story. But I'm curious, you know, looking at the network, feeding versus the devices connecting that's really in an interesting way to attack this proliferation of attack services. You're getting it before it necessarily gets to all these new points of presence doing it based on the source. For >>us, that's the only way to make it scalable. It is true that automation blocking it before it gets to the azure to a device. It is what will create simplicity and value for our customers. >>Right on the other piece of the automation. Of course, that we hear about all the time is there just aren't enough security professionals, period. So if you don't have the automation. You don't have the machine learning, as you said, to filter low hanging fruit and the focus your resource. If they need to be, you're not going to do it. The bad news is the bad guys, similar tools. So as you look at kind of the increase in speed of automation, the increase in automated connectivity between these devices making decisions amongst each other, how do you see that kind of evolving? But you're kind of role and making sure you stay a step ahead of the bad guys. For >>me, it's not about just automation. It's about allowing smart people to put their brains against hard problems, hard impactful problems and so on. So simply automating is not enough. It's making sure that automation is reducing the the load on people so that they're able to focus on those hard, unique problems really solve all those solutions and, yes, Attackers, Attackers build automation as well. And so if we're not building faster and better than we're falling behind, so like every other part of this race, it's about getting better, faster and why it's so important that technology work together because we're constantly throwing out more tools and if they don't work better together, even if we got incremental automation, these place way still miss overall because it's end to end that we need to defend ourselves and our customers >>layered on what he said. For the foreseeable future, you're gonna need smart security people that help protect your practice. Our goal in automation is take the road tasks out of out of the gate. They live so they can focus on the things that provide the most value protecting their enterprise. >>Right when you're looking, you talked about making sure things work together, for you talked about making sure things work together. How do you decide what's kind of on the top of the top of the stack, where everybody wants to own the single pane of glass? Everybody wants to be the control plane. Everybody wants to be that thing that's on your computer all the time, which is how you work your day to day. How do you kind of dictate what are the top level tools while still going out? And, he said, exploring some of these really cutting edge things out around the fringe, which don't necessarily have a full stack solution that you're going to rely on but might have some cool kind of point solutions if you will, or point products to help you plug some new and emerging holes. Yeah, >>yeah. So for us, yeah, we take security capabilities and we build them into the other things that we sell. So it's not a bolt on. So when you buy things from us, whether whether it's bandwidth or whether its SD wan and security comes baked in, so it's not something you have to worry about integrating later. It's an ingredient of the things that we sell in all of the automation that we build is built into our practice, So it's simple for our customers to understand, like, simple and then layered. On top of that, we've got a couple different ways that we bring pro services and consulting to our practice. So we've got a smart group of folks that could lean into staff, augment and sit on site, do just about anything to help customers build a practice from day zero to something more mature. But now we're toying with taking those folks in building them into products and services that we sell for 10 or 20 hours a month as an ingredient. So you get that consulting wrapper on top of the portfolio that we sell as a service provider. >>Get your take on kind of budgets and how people should think about their budgets. And when I think of security, I can't help but think of like insurance because you can't spend all your money on security. But you want to spend the right amount on security. But at the end of the day, you can't be 100% secure, right? So it's kind of kind of working the margins game, and you have to make trade offs in marketing, wants their money and product development, wants their money and sales, wants their money. So what people are trying to assess kind of the risk in their investment trade offs. What are some of the things they should be thinking about to determine what is the proper investment on security? Because it can't just be, you know, locker being 100% it's not realistic, and then all the money they help people frame that. >>Usually when companies come to us in, Centurylink plays in every different segment, all the way down to, you know, five people company all the way to the biggest multinationals on the planet. So that question is, in the budget is a little bit different, depending on the type of customer, the maturity and the lens are looking at it. So, typically, way have a group of folks that we call security account managers those our consultants and we bring them in either in a dedicated or a shared way. Help companies that's us, wear their practices today in what tool sets for use again things that they need to purchase and integrate to get to where they need to be >>really kind of a needs analysis based on gaps as much as anything else. >>That's part of the reason why we try to build prisons earlier, so many of the technologies into our solution so that so that you buy, you know, SD wan from us, and you get a security story is part of it is that that allows you to use the customer to save money and really have one seamless solution that provides that secure experience. We've been building firewalls and doing network based security for going on two decades now, in different places. So at this point, that is a good place that way, understand? Well, we can apply automation against it. We can dump, tail it into existing services and then allow focused on other areas of security. So it helps. From a financial standpoint, it also helps customers understand from where they put their talent. Because, as you talked about, it's all about talents even more so than money. Yes, we need to watch our budgets. But if you buy these tools, how do you know about the talent to deploy them? And easier You could make it to do that simpler. I think the better off right >>typical way had the most success selling security practices when somebody is either under attacker compromised right, then the budget opens right up, and it's not a problem anymore. So we thought about how to solve that commercially, and I'll just use Vitas is an example. We have a big D dos global DDOS practice that's designed to protect customers that have applications out on the Internet that are business critical, and if they go down, whether it's an e commerce or a trading site losing millions of dollars a day, and some companies have the money to buy that up front and just have it as a service. And some companies don't purchase it from us until they're under attack. And the legacy telco way of deploying that service was an order and a quote. You know, some days later, we turned it up. So we've invested with Christine the whole orchestration layer to turn it up in minutes and that months so you can go to our portal. You can enter a few simple commercial terms and turn it on when you need it. >>That's interesting. I was gonna ask you kind of how has cloud kind of changed the whole go to market and the way people think about it. And even then you hear people have stuff that's secure in the cloud, but they mis configured a switch left something open. But you're saying, too it enables you to deploy in a very, very different matter based on you know, kind of business conditions and not have that old, you know, get a requisite get a p o requisition order, install config. Take on another kind of crazy stuff. Okay, so before I let you go, last question. What are your kind of priorities for this show for Centurylink when it's top of mind, Obviously, you have the report and the Black Lotus. What do you guys really prioritizing for this next week? Here for Cisco. >>We're here to help customers. We have a number of customers, a lot of learning about our solutions, and that's always my priority. And I mentioned earlier we just put out a press release for rapid threat defense. So we're here to talk about that, and I think the industry and what we're doing this little bit differently. >>I get to work with Chris Motions Week with customers, which is kind of fun. The other part that I'm really excited about, things we spent a bunch of time with partners and potential partners. We're always looking at how we bring more, better together. So one of the things that we're both focused on is making sure that we're able to provide more solutions. So the trick is finding the right partners who are ready to do a P I level integration. The other things that Chris was talking about that really make this a seamless and experience, and I think we've got a set of them that are really, really interested in that. And so those conversations this week will be exceptionally well, I think that's gonna help build better technology for our customers even six months. >>Alright, great. Well, thanks for kicking off your week with the Cube and have a terrific week. Alright. He's Chris. He's Chris. I'm Jeff. You're watching the Cube. Where? The RSA Conference in downtown San Francisco. Thanks for watching. See you next time. >>Yeah, yeah.

>> Narrator: Live from Las Vegas, Nevada, it's the Cube, covering accelerate 2017, brought to you by Fortinet. Now here are your hosts, Lisa Martin and Peter Burris. >> Hi, welcome back to the cube, we are live in Las Vegas at Fortinet Accelerate 2017. I'm you host , Lisa Martin, joined by my cohost, Peter Burris, and we're really excited about or next guest. We are talking next with Derek Manky. Derek, you are-- first of all, welcome to the cube. >> Thank you very much, I'm excited to be here. >> You have a really important role in Fortinet, you are the Global Security Strategist. >> Correct, yes. >> You have a... Established yourself as a thought leader with over 15 year of cyber security expertise, and your goal is to make a positive impact towards the global war on cyber-crime, that's a big goal. >> That's a very, very big goal, but it's a big hairy goal, but it's... Critically important, I believe, I firmly believe this over my whole career, and I'm starting to see some good traction with the efforts that we're doing too. >> And it's becoming more, and more, critical every day as breaches, and hacks, are a daily occurrence, you're also the leader of FortiGuard Labs, you've got a team of over 200, tell our viewers that can't be here today, what is FortiGuard Labs, what are you doing to leverage threat intelligence to help Fortinet's customers. >> Sure, so we're trying to manage complexity, cause that's always the enemy of security, and we're trying to make it simple across the board, so we're managing security for all of our customers, 300 000 customers plus. That's a big deal, so we had to invest a lot into that in terms of how we can do that to make it simple to the end users. So what FortiGuard Labs is, is it's services we deliver to the end user, protection services across the spectrum, our whole product portfolio. So we have world-class expertise as a security vendor, 200 plus people on the team, experts in each domain. We have researchers, and experts, looking at things like industrial attacks, mobile problems, malicious websites, ripping apart, what we call reverse engineering, malware samples to find out digital fingerprints of who's creating these attacks, so we can work also in partnerships with that too. At the end of the day, we have the humans working on that, but we've also invested a ton into artificial intelligence, and machine learning, we have to comb through over 50 billion attacks in a day, and so the machines are also helping us to create a lot of this automated protection, that's all driven by our patents, by our world-class development teams, that gets down to the end user, so that they don't have to invest as much into their own security operations centers, cause that's a big OpEx, expansions to the expenditure, so we're helping to alleviate that issue, especially with this, as everybody knows, today, the big gap in cyber security, professionals, so that helps to alleviate that issue too. >> You said 50 billion attacks a day. >> That's correct sir, yes. Potential attacks. >> Oh, potential attacks. Clearly that means that increasing percentages of the total body of attacks are no longer coming from humans, they're coming from other things, >> Derek: Absolutely. >> And how's that playing out? >> It's a fascinating landscape right now. With every legitimate model, there's an illegitimate model to follow, especially with cyber crime, and what we see in the digital underground, dark web, all these sorts of things, you rewind back to the 90s, your opportunistic hacker was just trying to plot, plot, plot, a message bar on a Windows 95, or Windows 98 system at the time. Nowadays, of course, the attack surface has grown tremendously. You look back to DARPA, back in 1989, it had 60 000 system connected on the Internet, now we have IPv6, 20 plus billions connected devices, everything is a target now, especially with the Internet of Things. Smart televisions-- >> Peter: And a potential threat. >> Exactly, and a weapon. >> Exactly, and so to capitalize on that, what we're seeing now is cyber criminals developing automated systems of their own, to infect these systems, to report back to them, so they're doing a lot of that heavy work, to the heavy lifting, using their own machines to infect, and their own algorithms to infect these systems, and then from there, it'll escalate back up to them to further capitalize, and leverage those attacks. On any given minute, we're seeing between 500 000 to 700 000 hacking attempts across, and this is our own infrastructure, so we're leading in terms of firewalls in units shipped so we're able to get a good grasp on intelligence out there, what's happening, and in any given minute, well over 500 000 hacking attempts on systems worldwide. >> So every hour, 30 million. >> Derek: Yeah that's some quick math. >> Yeah, I'm amazing at multiplication. I almost got it wrong though, I have to say. 30 million hacks an hour. >> Yeah, and so our job is to identify that, we don't want to block things we shouldn't be, so there has to be a very big emphasis on quality of intelligence as well, we've done a lot with our machines to validate attacks, to be able to protect against those attacks, and not, especially when it comes to these attacks like intrusion prevention, that attack surface now, we got to be able to not just look at attacks on PCs now, so that's why that number keeps ticking up. >> Lisa: Right, proliferation of mobile, IoT. >> Derek: It's directly related, absolutely. >> So, this is clearly something that eyeballs are not going to solve. >> Not alone, so I'm very, very big advocate saying that we cannot win this war alone, just relying even on the brightest minds on the world, but we can also not just rely a hundred percent on machines to control, it's just like autonomous vehicles. You look at Tesla, and these other vehicles, and Google, what they're doing, it's a trust exercise again, you can never pass a hundred percent control to that automation. Rather you can get up to that 99 percent tile with automation, but you still need those bright minds looking at it. So to answer your questions, eyeballs alone, no, but the approach we've taken is to scale up, distribute, and use machines to identify it, to try to find that needle in a haystack, and then, escalate that to our bright minds, when we need to take a look at the big attacks that matter, and solve some more of the complex issues. >> Speaking of bright minds, you and your team, recently published an incredible blog on 2017 predictions. Wow, that's on the Fortinet blog? >> Derek: Yeah, that's correct >> We can find that? Really incredibly thorough, eye-opening, and there were six predictions, take us through maybe the top three. We talked about the proliferation of devices, the attack surface getting larger, more and more things becoming potential threats, what are the top three, maybe biggest threats that you were seeing, and is there any industry, in particular, that pops up as one of the prime targets? >> Absolutely. I'll get into some buckets on this, I think first, and foremost, what is primary now in what we're seeing is, what we're calling, autonomous malware, so this is the notion of, basically what we're just talking about to your question on what's driving this data, what's driving all these attack points. First of all, the Internet's been seeded with, what I call, ticking time bombs right now, we have 20 plus, whatever the number's going to be, all of these billions of devices that are connected, that are inherently, in my professional opinion, insecure. A lot of these devices are not following proper security development life cycles. >> Lisa: Is there accountability to begin with? >> No, not at this point. >> Right. >> Right. And that's something that DHS, and NIST, just released some guidelines on, at the end of last year, and I think we're going to see a lot of activity on accountability for that, but that has to be taken care of. Unfortunately right now, it's been seeded, this attack surfaces there, so we already have all these open avenues of attack, and that's why I call it a ticking time bomb, because it's been seeded, and now these are ripe for attack, and we're seeing attackers capitalize on this, so what we're seeing is the first indications of autonomous malware, malware that is capable of mapping out these vulnerable points. The machine's doing this, and the machine's attacking the other machines, so it's not just the eyeballs then, and the cyber criminals doing this. We saw last year, unprecedented DDoS attacks, this is directly related to Mirai BotNet. We had gone from a 600 gig to terabit plus DDoS attacks, that was unheard of before. They are leveraging all of these different IoT devices as a horsepower to attack these systems in a massive distributed denial-of-service attack. The interesting part about Mirai is that it's also using open-source intelligence as well, so this is something that humans, like a black hat attacker, would typically have to do, they would have to get reports back from one of their systems, and say, "okay, now I've found all these vulnerable systems, I'm going to attack all these systems.", but they're the glue, so they're now removing themselves as the glue, and making this completely automated, where a BotNet like Mirai is able to use Shodan, as an example, it's an open-source database, and say, "here are a whole bunch of vulnerable systems, I'm going to go attack it, and so that's to my point of view, that's the first indication of the smart-malware, because malware has always been guided by humans. But now, I think, we're starting to see a lot of, more of that intelligent attack, the offense, the intelligent offense being baked in to these pieces of malware. So I think it's going to open this whole new breed of attacks and malware, and obviously, we're in a whole new arms race when it comes to that. How can we get ahead of the bad guys, and so this is obviously what Fortinet instituting on the autonomous defense, our Security Fabric, and Fabric-ready approach, that's all about, beating them to the punch on that, having our machines, the defensive machines talk to each other, combine world-class intelligence like FortiGuard so that it can defend against those attacks, it's a though task, but I really firmly believe that this year is a year that we have the advantage, we can have the advantage as white hats to get one leg up on the black hat attackers. As I said, for 15 years at FortiGuard Labs, we have invested a ton into our AI machine, learning intelligence, so we're experts on the automation, I don't believe the black hat attackers are experts on automation. So I think for that reason, we have a really good opportunity this year, because you always hear about the black hats, another data breach, and all these things happening, they're always had the advantage, and I think, we can really turn the tables this year. >> You have some great experience working, not just in the private sector, but in the public sector as well, you've done work with NATO, with Interpol, with SERT, what is your perspective on public sector, and private sector, working together, is that essential to win this war on cyber crime? >> Absolutely, we need everybody at the table, we cannot win it, as one single vendor alone, a good example of that is, we're starting to do across the board, this is something, I firmly believe in, it's really near and dear to my heart, I've worked on it for the course of, well over six years now, and we have a lot of the existing partnerships, across organizations, so other security vendors, and experts, Cyber Threat Alliance is an excellent example, we're a founding member of that, and these are competitors, but security vendors getting together to level the playing field on intelligence, we can still really remain competitive on the solutions, and how we implement that intelligence, but at least-- it's like a Venn diagram, you look at that attack surface out there, you want to try to share all that information, so that you can deliver that to security controls, and protect against it. So, the Cyber Threat Alliance is a good example, but that's private sector. If you look at National Computer Emergency Response, law enforcement, we have made great inroads into that working with the likes of Computer Emergency Response, to give them intel. If we find bad stuff happening somewhere, we're not law enforcement, we can't go take the server down, and disrupt campaign, we can't arrest, or prosecute people, but they can, but they don't have all that expertise, and intelligence that we do, all the data points, so this is, you're starting to see a lot of this string up, and we're doing a lot of leadership in this area, and I think, it's absolutely essential. President Obama last year mentioned it, the Cyber Threat Alliance, and the public-private sector, needing to work together in one of his speeches at Stanford, and I believe it's the only way we can win this. You have to go up to the head of the snake too, if we just are always on the defense, and we're always just trying to disrupt cyber criminals, it's a slap on the wrist for them, they're going to go set up shop somewhere else. We need to be able to actually go and prosecute these guys, and we had a really good case last year, we took down, working with Interpol, and the EFCC, a 62 million dollar crime ring in the US. They went, and prosecuted the kingpin of this operation, out of Nigeria. It's an unprecedented random example, but we need to do more of that, but it's a good example of a healthy working public-private sector relationship >> What an incredible experience that you have, what you have achieved with FortiGuard Labs, what excites you most, going forward, we're just at the beginning of 2017, with what's been announced here, the partnerships that you guys have formed, what excites you most about this year, and maybe... Some of the key steps you want to take against cyber crime as Fortinet. >> Sure, so I think we want to, so Cyber Threat Alliance is a very big machine, there's a lot of exciting things happening, so that's going to be a really good initiative, that's going to carry forward momentum this year. What excites me most? Well, it's not always a good thing I guess, but if you look at all the bad news that's out there, like I said, I think it's just going to be, there's so much fuel, that's being thrown on the fire when it comes to attacks right now. Like I said, these time bombs that have been planted out there. We're going to see the year of IoT attacks for sure, a new version of Marai has already come out, they're starting to sell this, commercialize this, and it's even more advanced in terms of intelligence than the previous one, so that sort of stuff. It depends on your definition of the word, excites, of course, but these are the things that we have opportunity, and again I think going back to my first point, the white hats having, for the first time in my point of view, a leg up on the black hats, that opportunity, that really excites me. When we look at what's happening, moving forward in 2017, healthcare, I think, is going to be a very big thing in terms of attack targets, so we're going to be focused on that, in terms of attacks on, not just healthcare records, which are more valuable than financial records as an example, but medical devices, again the IoT play in healthcare, that's a big deal, we're starting to already see attacks on that. Smart cities as well, you look forward to the next three years, building management systems, a lot of people talk about SCADA industrial control, this is definitely a big attack target to a certain... Attack surface, obviously, power plants, electrical grids, but building management systems, and these automated systems that are being put in, even smart vehicles, and smart homes is another big target that's unfolding over the next year. >> Hard to air gap a home, and certainly not a city. >> Absolutely, yeah, and again it goes back to the point that a lot of these devices being installed in those homes are inherently, insecure. So that's a big focus for us, and that's a big thing FortiGuard is doing, is looking at what those attacks are, so we can defend against that at the network layer, that we can work with all of our business partners that are here at Accelerate this year, to deliver those solutions, and protect against it. >> Wow, it sounds like, and I think Peter would agree, your passion for what you do is very evident, as those bad actors are out there, and as the technologies on the baton are getting more advanced, and intelligent, as you say, it's great to hear what you, and your team are doing to help defend against that on the enterprise side, and one day on the consumer side as well. So Derek Manky, Global Security Strategist for Fortinet, thank you so much cube and sharing your expertise with us. >> It's my pleasure, any time, thank you very much. >> Well, on behalf of my cohost, Peter Burris, I'm Lisa Martin, you've been watching the Cube, and stick around, we'll be right back. (electronic music)