(soft upbeat music) >> The past two and a half years have seen a dramatic change in the security posture of virtually all organizations. By accelerating the digital business mandate, the isolation economy catalyzed a move toward cloud computing to support remote workers. This, we know. This had several ripple effects on CISO and CIO strategies that were highly visible at the board of directors level. Now, the first major change was to recognize that the perimeter had suddenly been vaporized. Protection, as a result, moved away from things like perimeter-based firewalls toward more distributed endpoints, cloud security, and modern identity management. The second major change was a heightened awareness of the realities of ransomware. Ransomware as a service, for example, emerged as a major threat where virtually anyone with access to critical data and criminal intentions could monetize corporate security exposures. The third major change was a much more acute understanding of how data protection needed to become a fundamental component of cyber security strategies. And more specifically, CIOs quickly realized that their business resilient strategies were too narrowly DR-focused, that their DR approach was not cost efficient and needed to be modernized, and that new approaches to operational resilience were needed to reflect the architectural and business realities of this new environment. Hello and welcome to Why Ransomware isn't your Only Problem, a service of theCUBE made possible by Druva, and in collaboration with IDC. I'm your host, Dave Vellante, and today we're presenting a three-part program. We'll start with the data. IDC recently conducted a global survey of 500 business technology practitioners across 20 industries to understand the degree to which organizations are aware of and prepared for the threats they face in today's new world. IDC Research Vice President, Phil Goodwin is here to share the highlights of the study and summarize the findings from a recent research report on the topic. After that, we're going to hear from Curtis Preston, who's the Chief Technical Evangelist at Druva. I've known Curtis for decades. He's one of the world's foremost experts on backup and recovery, specifically in data protection generally. Curtis will help us understand how the survey data presented by IDC aligns with the real world findings from the field, from his point of view. And he'll discuss why so many organizations have failed to successfully recover from an attack without major pains and big costs, and how to avoid such operational disruptions and disasters. And then finally, we'll hear from the technical experts at Druva, Stephen Manley and Anjan Srinivas. Stephen is a 10-time (indistinct) and chief technology officer at Druva. And Anjan is vice president and general manager of product management at the company. And these individuals will specifically address how Druva is closing the gaps presented in the IDC survey through their product innovation. Right now I'm going to toss it to Lisa Martin, another one of the hosts, for today's program. Lisa, over to you. (soft upbeat music) >> Phil Goodwin joins me next, the VP of research at IDC. We're going to be breaking down what's going on in the threat landscape. Phil, welcome to the program. It's great to have you back on theCUBE. >> Hey, Lisa, it's great to be here with you. >> So talk to me about the state of the global IT landscape as we see cyber attacks massively increasing, the threat landscape changing so much, what is IDC seeing? >> You really hit the top topic that we find from IT organizations as well as business organizations. And really it's that digital resilience that ransomware that has everybody's attention. And it has the attention not just of the IT people, but of the business people alike, because it really does have profound effects across the organization. The other thing that we're seeing, Lisa, is really a move towards cloud. And I think part of that is driven by the economics of cloud, which fundamentally changed the way that we can approach disaster recovery, but also was accelerated during the pandemic for all the reasons that people have talked about in terms of work from home and so on. And then really the third thing is the economic uncertainty. And this is relatively new for 2022. But within IDC we've been doing a lot of research around what are those impacts going to be. And what we find people doing is they want greater flexibility, they want more cost certainty, and they really want to be able to leverage those cloud economics to be have the scale up or scale down on demand nature of cloud. So those are in a nutshell kind of the three things that people are looking at. >> You mentioned ransomware. It's a topic we've been talking about a lot. It's a household word these days. It's now, Phil, no longer if we're going to get attacked, it's when, it's how often, it's the severity. Talk about ransomware as a priority all the way up the stack to the C-suite. And what are they trying to do to become resilient against it? >> Well, what some of the research that we did is we found that about 77% of organizations have digital resilience as a top priority within their organization. And so what you're seeing is organizations trying to leverage things to become more resilient, more digitally resilient, and to be able to really hone in on those kinds of issues that are keeping them awake at night, quite honestly. If you think about digital resilience, it really is foundational to the organization, whether it's through digital transformation or whether it's simply data availability, whatever it might happen to be. Digital resilience is really a large umbrella term that we use to describe that function that is aimed at avoiding data loss, assuring data availability, and helping the organization to extract value from their data. >> And digital resilience, data resilience, as every company these days has to be a data company to be competitive. Digital resilience, data resilience, are you using those terms interchangeably or is data resilience defined as something a little bit different? >> Well, sometimes yeah, that we do get caught using them when one is the other. But data resilience is really a part of digital resilience, if you think about the data itself in the context of of IT computing. So it really is a subset of that. But it is foundational to IT resilience. You can't have it resilience without data resilience. So that's where we're coming from on it >> Inextricably linked. And it's becoming a corporate initiative, but there's some factors that can complicate digital resilience, data resilience, for organizations. What are some of those complications that organizations need to be aware of? >> Well, one of the biggest is what you mentioned at the top of the segment, and that is the area of ransomware. The research that we found is about 46% of organizations have been hit within the last three years. It's kind of interesting how it's changed over the years. Originally, being hit by ransomware had a real stigma attached to it. Organizations didn't want to admit it, and they really avoided confronting that. Nowadays, so many people have been hit by it, that that stigma has gone. And so really it is becoming more of a community kind of effort as people try to defend against these ransomwares. The other thing about it is, it's really a lot like Whack-A-Mole. They attack us in one area, and we defend against it, so they attack us in another area, and we defend against it. And in fact, I had an individual come up to me at a show not long ago and said, "You know, one of these days we're going to get pretty well defended against ransomware and it's going to go away." And I responded, "I don't think so, because we're constantly introducing new systems, new software, and introducing new vulnerabilities. And the fact is ransomware is so profitable the bad guys aren't going to just fade into the night without giving it a lot of fight." So I really think that ransomware is one of those things that is here for the long term, and something that we have to address and have to get proactive about. >> You mentioned some stats there, and recently IDC and Druva did a white paper together that really revealed some quite shocking results. Talk to me about some of the things. Let's talk a little bit about the demographics of the survey and then talk about what was the biggest finding there, especially where it's concerning ransomware. >> Yeah, this was in a worldwide study, it was sponsored by Druva and conducted by IDC as an independent study. And what we did, we surveyed 500, is a little over 500 different individuals across the globe, in North America, select countries in Western Europe as well as several in Asia-Pacific. And we did it across industries where 20 different industries represented. They're all evenly represented. We had surveys that included IT practitioners, primarily CIOs, CTOs, VP of infrastructure, managers of data centers, things like that. And the biggest finding that we had in this, Lisa, was really finding that there is a huge disconnect, I believe, between how people think they are ready and what the actual results are when they get attacked. Some of the statistics that we learned from this, Lisa, include 83% of organizations believe, or told us that they have a playbook that they have for ransomware. I think 93% said that they have a high degree, or a high or very high degree of confidence in their recovery tools and are fully automated. And yet when you look at the actual results, I told you a moment ago, 46% have been attack successfully. I can also tell you that in separate research, fewer than a third of organizations were able to fully recover their data without paying the ransom. And some two thirds actually had to pay the ransom. And even when they did, they didn't necessarily achieve their full recovery. The bad guys aren't necessarily to be trusted. And so the software that they provide sometimes is fully recovered, sometimes it's not. So you look at that and you go, "Wow." On the one hand, people think they're really prepared, and on the other hand, the results are absolutely horrible. Two thirds of people having to pay the ransom. So you start to ask yourself, "Well, what's going on there?" And I believe that a lot of it comes down to... kind of reminds me of the old quote from Mike Tyson. "Everybody has a plan until they get punched in the mouth." And I think that's kind of what happens with ransomware. You think you know what you're doing, you think you're ready, based on the information you have, and these people are smart people and they're professionals, but oftentimes you don't know what you don't know. And like I say, the bad guys are always dreaming up new ways to attack us. And so I think for that reason a lot of these have been successful. So that was kind of the key finding to me in kind of the "aha" moment, really, in this whole thing, Lisa. >> That's a massive disconnect, with the vast majority saying, "We have a cyber recovery playbook," yet, nearly half being the victims of ransomware in the last three years, and then half of them experiencing data loss. What is it then that organizations in this situation across any industry can do to truly enable cyber resilience, data resilience, as we said, this is a matter of this is going to happen, just a matter of when and how often? >> It is a matter, yeah, as you said, it's not if when or how often, it's really how badly. So I think what organizations are really doing now is starting to turn more to cloud-based services. Finding professionals who know what they're doing, who have that breadth of experience, and who have seen the kinds of necessary steps that it takes to do a recovery. And the fact of the matter is a disaster recovery and a cyber recovery are really not the same thing. And so organizations need to be able to plan the kinds of recovery associated with cyber recovery in terms of forensics, in terms of scanning, in terms of analysis, and so forth. So they're turning to professionals in the cloud much more in order to get that breadth of experience and to take advantage of cloud-based services that are out there. >> Talk to me about some of the key advantages of cloud-based services for data resilience versus traditional legacy on-prem equipment. What are some of the advantages? Why is IDC seeing this big shift to cloud where data resilience is concerned? >> Well, the first and foremost is the economics of it. You can have on-demand resources. And in the old days when we had disaster recoveries where there we had two different data centers and a failover and so forth, you had double the infrastructure if your financial services, it might even be triple the infrastructure. It was very complicated, very difficult. By going to the cloud, organizations can subscribe to disaster recovery as a service. And increasingly what we see is a new market of cyber recovery as a service. So being able to leverage those resources to be able to have the forensic analysis available to them, to be able to have the other resources available that are on-demand, and to have that plan in place to have those resources in place. I think what happens in a number of situations, Lisa, is that organizations think they're ready, but then all of a sudden they get hit, and all of a sudden they have to engage with outside consultants, or they have to bring in other experts. And that extends the time to recover that they have, and it also complicates it. So if they have those resources in place, then they can simply turn them on, engage them, and get that recover going as quickly as possible. >> So what do you think the big issue here is? Is it that these IT practitioners, over 500 that you surveyed across 20 industries, this a global survey, do they not know what they don't know? What's the overlying issue here? >> Yeah, I think that's right. It's you don't know what you don't know and until you get into a specific attack... there are so many different ways that organizations can be attacked. And in fact, from this research that we found, is that in many cases, data exfiltration exceeds data corruption by about 50%. And when you think about that, the issue is, once I have your data, what are you going to do? I mean, there's no amount of recovery that is going to help. So organizations are either faced with paying the ransom to keep the data from perhaps being used on the dark web or whatever, or simply saying no and taking their chances. So best practice things like encryption, immutability, things like that that organizations can put into place. Certainly air gaps, having a solid backup foundation to where data is, you have a high probability of recovery, things like that, those are the kinds of things that organizations have to put into place, really is a baseline to assure that they can recover as fast as possible and not lose data in the event of a ransomware attack. >> Given some of the disconnect that you articulated, the stats that show so many think, "We are prepared, we've got a playbook," yet so many are are being attacked, the vulnerabilities as the landscape, threat landscape, just gets more and more amorphous, what do you recommend organizations? Do you talk to the IT practitioners, but does this go all the way up to the board level in terms of, "Hey guys, across every industry we are vulnerable, this is going to happen, we've got to make sure that we are truly resilient and proactive"? >> Yes, and in fact, what we found from this research is in more than half of cases, the CEO is directly involved in the recovery. So this is very much a C-suite issue. And if you look at the the consequences of ransomware it's not just the ransom, it's the lost productivity, it's the loss of revenue, it's the loss of customer faith and goodwill. And organizations that have been attacked have suffered those consequences, and many of them are permanent. So people at the board level, whether it's the CEO, the CFO, the CIO, the CISO, whoever it is, they're extremely concerned about this. And I can tell you they are fully engaged in addressing these issues within their organization. >> So all the way at the top critically important, business critical for any industry. I imagine some industries may be a little bit more vulnerable than others, financial services, healthcare, education, we've just seen big attack in Los Angeles County. But in terms of establishing data resilience, you mentioned ransomware isn't going anywhere, it's a big business, it's very profitable, but what is IDC's prediction where ransomware is concerned? Do you think that organizations, if they truly adopt cloud and status-based technologies, can they get to a place where the C-suite doesn't have to be involved to the point where they really actually have a functioning playbook? >> I don't know if we'll ever get to the point where the C-suite is not involved. It's probably very important to have that level of executive sponsorship. But what we are seeing is, in fact, we predict predict that by 2025, 55% of organizations will have shifted to a cloud-centric strategy for their data resilience. And the reason we say that is workloads on premises aren't going away, so that's the core. We have an increasing number of workloads in the cloud and at the edge, and that's really where the growth is. So being able to take that cloud-centric model and take advantage of cloud resources, like immutable storage, being able to move data from region to region inexpensively and easily, and to be able to take that cloud-centric perspective and apply it on premises as well as in the cloud and at the edge, is really where we believe that organizations are shifting their focus. >> Got it. We're just cracking the surface here, Phil. I wish we had more time. But I had a chance to read the Druva-sponsored IDC white paper. Fascinating finds. I encourage all of you to download that. Take a read. You're going to learn some very interesting statistics and recommendations for how you can really truly deploy data resilience in your organization. Phil, it's been a pleasure to have you on the program. Thank you for joining me. >> No problem. Thank you, Lisa. (gentle music)

>>The past two and a half years have seen a dramatic change in the security posture of virtually all organizations. By accelerating the digital business mandate, the isolation economy catalyzed a move toward cloud computing to support remote workers. This, we know this had several ripple effects on CISO and CIO strategies that were highly visible at the board of directors level. Now, the first major change was to recognize that the perimeter had suddenly been vaporized protection. As a result moved away from things like perimeter based firewalls toward more distributed endpoints, cloud security, and modern identity management. The second major change was a heightened awareness of the realities of ransomware. Ransomware as a service, for example, emerges a major threat where virtually anyone with access to critical data and criminal intentions could monetize corporate security exposures. The third major change was a much more acute understanding of how data protection needed to become a fundamental component of cybersecurity strategies. >>And more specifically, CIOs quickly realized that their business resilient strategies were too narrowly DR focused that their DR approach was not cost efficient and needed to be modernized. And that new approaches to operational resilience were needed to reflect the architectural and business realities of this new environment. Hello and welcome to Why Ransomware isn't your Only Problem, a service of the Cube made possible by dva. And in collaboration with idc. I'm your host, Dave Ante, and today we're present a three part program. We'll start with the data. IDC recently conducted a global survey of 500 business technology practitioners across 20 industries to understand the degree to which organizations are aware of and prepared for the threats they face. In today's new world, IDC Research Vice President Phil Goodwin is here to share the highlights of the study and summarize the findings from a recent research report on the topic. >>After that, we're gonna hear from Curtis Preston, who's the Chief Technical Evangelist at Druva. I've known Curtis for decades. He's one of the world's foremost experts on backup and recovery, specifically in data protection. Generally. Curtis will help us understand how the survey data presented by IDC aligns with the real world findings from the field, from his point of view. And he'll discuss why so many organizations have failed to successfully recover from an attack without major pains and big costs, and how to avoid such operational disruptions and disasters. And then finally, we'll hear from the technical experts at dva, Steven Manly and Anja Serenas. Steven is a 10 time cubo and Chief technology officer at dva, and Anjan is vice president and general manager of product management at the company. And these individuals will specifically address how DVA is closing the gaps presented in the IDC survey through their product innovation. Or right now I'm gonna toss it to Lisa Martin, another one of the hosts for today's program. Lisa, over to you. >>Bill Goodwin joins me next, the VP of research at idc. We're gonna be breaking down what's going on in the threat landscape. Phil, welcome to the program. It's great to have you back on the cube. >>Hey, Lisa, it's great to be here with you. >>So talk to me about the state of the global IT landscape as we see cyber attacks massively increasing, the threat landscape changing so much, what is IDC seeing? >>You know, you, you really hit the, the top topic that we find from IT organizations as well as business organizations. And really it's that digital resilience that that ransomware that has everybody's attention and it has the attention not just of the IT people, but of the business people alike, because it really does have profound effects across the organization. The other thing that we're seeing, Lisa, is really a move towards cloud. And I think part of that is driven by the economics of cloud, which fundamentally changed the way that we can approach disaster recovery, but also is accelerated during the pandemic for all the reasons that people have talked about in terms of work from home and so on. And then really the third thing is the economic uncertainty. And this is relatively new for 2022, but within idc we've been doing a lot of research around what are those impacts going to be. And what we find people doing is they want greater flexibility, they want more cost certainty, and they really want to be able to leverage those cloud economics to be, have the scale, upper scale, down on demand nature of cloud. So those are in a nutshell, kind of the three things that people are looking at. >>You mentioned ransomware, it's a topic we've been talking about a lot. It's a household word these days. It's now Phil, no longer if we're gonna get attacked. It's when it's how often it's the severity. Talk about ransomware as a priority all the way up the stack to the C-suite. And what are they trying to do to become resilient against it? >>Well, what, what some of the research that we did is we found that about 77% of organizations have digital resilience as a, as a top priority within their organization. And so what you're seeing is organizations trying to leverage things to become more, more resilient, more digitally resilient, and to be able to really hone in on those kinds of issues that are keeping keeping them awake at night. Quite honestly, if you think about digital resilience, it really is foundational to the organization, whether it's through digital transformation or whether it's simply data availability, whatever it might happen to be. Digital resilience is really a, a large umbrella term that we use to describe that function that is aimed at avoiding data loss, assuring data availability, and helping the organization to extract value from their data >>And digital resilience, data resilience as every company these days has to be a data company to be competitive, digital resilience, data resilience. Are you using those terms interchangeably or data resilience to find as something a little bit different? >>Well, sometimes yeah, that we do get caught using them when, when one is the other. But data resilience is really a part of digital resilience, if you think about the data itself and the context of of IT computing. So it really is a subset of that, but it is foundational to IT resilience. You, you really, you can't have it resilience about data resilience. So that, that's where we're coming from on it >>Inextricably linked and it's becoming a corporate initiative, but there's some factors that can complicate digital resilience, data resilience for organizations. What are some of those complications that organizations need to be aware of? >>Well, one of the biggest is what, what you mentioned at the, at the top of the segment and, and that is the, the area of ransomware, the research that we found is about 46% of organizations have been hit within the last three years. You know, it's kind of interesting how it's changed over the years. Originally being hit by ransomware had a real stigma attached to it. Organizations didn't want to admit it, and they really avoided confronting that. Nowadays, so many people have been hit by it, that that stigma has gone. And so really it is becoming more of a community kind of effort as people try to, to defend against these ransoms. The other thing about it is it's really a lot like whackamole. You know, they attack us in one area and and, and we defend against it. They, so they attack us in another area and we defend against it. >>And in fact, I had a, an individual come up to me at a show not long ago and said, You know, one of these days we're gonna get pretty well defended against ransomware and it's gonna go away. And I responded, I don't think so because we're constantly introducing new systems, new software, and introducing new vulnerabilities. And the fact is ransomware is so profitable, the bad guys aren't gonna just fade into the night without giving it a a lot of fight. So I really think that ransomware is one of those things that here is here for the long term and something that we, we have to address and have to get proactive about. >>You mentioned some stats there and, and recently IDC and DVA did a white paper together that really revealed some quite shocking results. Talk to me about some of the things. Let, let's talk a little bit about the demographics of the survey and then talk about what was the biggest finding there, especially where it's concern concerning ransomware. >>Yeah, this, this was a worldwide study. It was sponsored by DVA and conducted by IDC as an independent study. And what we did, we surveyed 500 is a little over 500 different individuals across the globe in North America select countries in in western Europe, as well as several in, in Asia Pacific. And we did it across industries with our 20 different industries represented. They're all evenly represented. We had surveys that included IT practitioners, primarily CIOs, CTOs, VP of of infrastructure, you know, managers of data centers, things like that. And the, and the biggest finding that we had in this, Lisa, was really finding that there is a huge disconnect, I believe, between how people think they are ready and what the actual results are when they, when they get attacked. Some of the, some of the statistics that we learned from this, Lisa, include 83% of organizations believe or tell, told us that they have a, a playbook that, that they have for ransomware. >>I think 93% said that they have a high degree or a high or very high degree of confidence in their recovery tools and, and are fully automated. And yet when you look at the actual results, you know, I told you a moment ago, 46% have been attacked successfully. I can also tell you that in separate research, fewer than a third of organizations were able to fully recover their data without paying the ransom. And some two thirds actually had to pay the ransom. And even when they did, they didn't necessarily achieve their full recovery. You know, the bad guys aren't, aren't necessarily to be trusted. And, and so the software that they provide sometimes is, is fully recovered, sometimes it's not. So you look at that and you go, Wow. On, on the one hand people think they're really, really prepared and on the other hand the results are, are absolutely horrible. >>You know, two thirds of people having, having to pay their ransom. So you start to ask yourself, well, well, what is, what's going on there? And I believe that a lot of it comes down to, kind of reminds me of the old quote from Mike Tyson. Everybody has a plan until they get punched in the mouth. And I think that's kind of what happens with ransomware. You, you think you know what you're, you're doing, you think you're ready based on the information you have. And these people are smart people and, and they're professionals, but oftentimes you don't know what you don't know. And like I say, the bad guys are always dreaming up new ways to attack us. And so I think for that reason, a lot of these have been successful. So that was kind of the key finding to me in kind of the aha moment really in this whole thing. Lisa, >>That's a massive disconnect with the vast majority saying we have a cyber recovery playbook, yet nearly half being the victims of ransomware in the last three years and then half of them experiencing data loss. What is it then that organizations in this situation across any industry can do to truly enable cyber resilience data resilience as it's, as we said, this is a matter of this is gonna happen just a matter of when and how often >>It it is a matter, Yeah, as you said, it's not if when or, or how often. It's really how badly. So I think what organizations are really do doing now is starting to turn more to cloud-based services. You know, finding professionals who know what they're doing, who have that breadth of experience and who have seen the kinds of, of necessary steps that it takes to do a recovery. And the fact of the matter is a disaster recovery and a cyber recovery are really not the same thing. And so organizations need to be able to, to plan the kinds of recovery associated with cyber recovery in terms of forensics, in terms of, of scanning, in terms of analysis and so forth. So they're, they're turning to professionals in the cloud much more in order to get that breadth of experience and, and to take advantage of cloud based services that are out there. >>Talk to me about some of the key advantages of cloud-based services for data resilience versus traditional legacy on-prem equipment. What are some of the advantages? Why are is IDC seeing this big shift to cloud where, where data resilience is concerned? >>Well, the first and foremost is the economics of it. You know, you can, you can have on demand resources. And in the old days when we had disaster recoveries where there we had two different data centers and a failover and so forth, you know, you had double the infrastructure. If your financial services, it might even be triple, the infrastructure is very complicated, very difficult by going to the cloud. Organizations can subscribe to disaster recovery as a service. It increasingly what we see is a new market of cyber recovery as a service. So being able to leverage those resources to be able to have the forensic analysis available to them, to be able to have the other resources available that are on demand, and to have that plan in place to have those resources in place. I think what happens in a number of situations, Lisa, is that that organizations think they're ready, but then all of a sudden they get hit and all of a sudden they have to engage with outside consultants or they have to bring in other experts and that, and that extends the time to recover that they have and it also complicates it. >>So if they have those resources in place, then they can simply turn them on, engage them, and get that recover going as quickly as possible. >>So what do you think the big issue here is, is it that these, these I p T practitioners over 500 that you surveyed across 20 industries is a global survey? Do they not know what they don't know? What's the the overlying issue here? >>Yeah, I think that's right. It's, you don't know what you don't know and until you get into a specific attack, you know, there, there are so many different ways that, that organizations can be attacked. And in fact, from this research that we found is that in many cases, data exfiltration exceeds data corruption by about 50%. And when you think about that, the, the issue is, once I have your data, what are you gonna do? I mean, there's no amount of recovery that is gonna help. So organizations are either faced with paying the ransom to keep the data from perhaps being used on the dark web or whatever, or simply saying no and, and taking their chances. So best practice things like encryption, immutability, you know, things like that that organizations can put into place. Certainly air gaps. Having a, a solid backup foundation to, to where data is you have a high recovery, high probability of recovery, things like that. Those are the kinds of things that organizations have to put into place really is a baseline to assure that they can recover as fast as possible and not lose data in the event of a ransomware attack. >>Given some of the, the, the disconnect that you articulated, the, the stats that show so many think we are prepared, we've got a playbook, yet so many are being, are being attacked. The vulnerabilities and the, and the, as the, the landscape threat landscape just gets more and more amorphous. Why, what do you recommend organizations? Do you talk to the IT practitioners, but does this go all the way up to the board level in terms of, hey guys, across every industry we are vulnerable, this is gonna happen, we've gotta make sure that we are truly resilient and proactive? >>Yes, and in fact, what we found from this research is in more than half of cases, the CEO is directly involved in the recovery. So this is very much a C-suite issue. And if you look at the, the, the consequences of ransom where it's not just the ransom, it's the loss productivity, it's, it's the loss of, of revenue, it's, it's the loss of, of customer faith and, and, and goodwill and organizations that have been attacked have, have suffered those consequences. And, and many of them are permanent. So people at the board level where it's, whether it's the ceo, the cfo, the cio, the c cso, you know, whoever it is, they're extremely concerned about these. And I can tell you they are fully engaged in addressing these issues within their organization. >>So all the way at the top critically important, business critical for any industry. I imagine some industries may be a little bit more vulnerable than others, financial services, healthcare, education, we've just seen big attack in Los Angeles County. But in terms of establishing data resilience, you mentioned ransomware isn't going anywhere, it's a big business business, it's very profitable. But what is IDCs prediction where ransomware is concerned? Do you think that organizations, if they truly adopt cloud and status based technologies, can they get to a place where the C-suite doesn't have to be involved to the point where they're, they really actually have i i functioning playbook? >>I i, I don't know if we'll ever get to the point where the CCC C suite is not involved. It's probably very important to have that, that level of executive sponsorship. But, but what we are seeing is, in fact we predicted by 20 25, 50 5% of organizations we'll have shifted to a cloud centric strategy for their data resilience. And the reason we say that is, you know, workloads on premises aren't going away. So that's the core. We have an increasing number of workloads in the cloud and, and at the edge, and that's really where the growth is. So being able to take that cloud centric model and take advantage of, of cloud resources like immutable storage, being able to move data from region to region inexpensively and easily and, and to be able to take that cloud centric perspective and apply it on premises as well as in the cloud and at the edge is really where we believe that organizations are shifting their focus. >>Got it. We're just cracking the surface here. Phil, I wish we had more time, but I had a chance to read the Juba sponsored IDC White paper. Fascinating finds. I encourage all of you to download that. Take a read, you're gonna learn some very interesting statistics and recommendations for how you can really truly deploy data resilience in your organization. Phil, it's been a pleasure to have you on the program. Thank you for joining >>Me. No problem. Thank you, Lisa. >>In a moment, John Furrier will be here with his next guest. For right now, I'm Lisa Martin and you are watching The Cube, the leader in live tech coverage.

(upbeat music) >> Hey everyone, Lisa Martin for theCUBE here. Phil Goodwin joins me next, the VP of research at IDC. We're going to be breaking down what's going on in the threat landscape. Phil, welcome to the program. It's great to have you back on theCUBE. >> Hey, Lisa, it's great to be here with you. >> So talk to me about the state of the global IT landscape, as we see cyber attacks massively increasing, the threat landscape changing so much, what is IDC seeing? >> You really hit the top topic that we find from IT organizations, as well as business organizations, and really it's that digital resilience, that ransomware that has everybody's attention. And it has the attention, not just of the IT people, but of the business people alike, because it really does have profound effects across the organization. The other thing that we're seeing, Lisa, is really a move towards cloud. And I think part of that is driven by the economics of cloud, which fundamentally changed the way that we can approach disaster recovery, but also is accelerated during the pandemic for all the reasons that people have talked about in terms of work from home and so on. And then really the third thing is the economic uncertainty. And this is relatively new for 2022. But within IDC, we've been doing a lot of research around what are those impacts going to be? And what we find people doing is they want greater flexibility, they want more cost certainty, and they really want to be able to leverage those cloud economics to be have the scale up or scale down on demand nature of cloud. So those are in a nutshell kind of the three things that people are looking at. >> You mentioned ransomware, it's a topic we've been talking about a lot. It's a household word these days. It's now, Phil, no longer if we're going to get attacked, it's when, it's how often, it's the severity. Talk about ransomware as a priority all the way up the stack to the C-suite, and what are they trying to do to become resilient against it? >> Well, what some of the research that we did is what we found that about 77% of organizations have digital resilience as a top priority within their organization. And so what you're seeing is organizations trying to leverage things to become more resilient, more digitally resilient. And to be able to really hone in on those kinds of issues that are keeping them awake at night, quite honestly. If you think about digital resilience, it really is foundational to the organization. Whether it's through digital transformation, or whether it's simply data availability, whatever it might happen to be, digital resilience is really a large umbrella term that we use to describe that function that is aimed at avoiding data loss, assuring data availability, and helping the organization to extract value from their data. >> And digital resilience, data resilience, as every company These days has to be a data company to be competitive. Digital resilience, data resilience, are you using those terms interchangeably? Or is data resilience to find as something a little bit different? >> Well, sometimes, yeah, that we do get caught using them when one as the other, but data resilience is really a part of digital resilience if you think about the data itself and the context of IT computing. So it really is a subset of that. But it is foundational to IT resilience. You can't have it resilience without data resilience. So that's where we're coming from on it. >> Inextricably linked. And it's becoming a corporate initiative. But there's some factors that can complicate digital resilience, data resilience for organizations. What are some of those complications that organizations need to be aware of? >> Well, one of the biggest is what you mentioned at the top of the segment, and that is the area of ransomware. The research that we found is about 46% of organizations have been hit within the last three years. It's kind of interesting how it's changed over the years. Originally, being hit by ransomware had a real stigma attached to it. Organizations didn't want to admit it. And they really avoided confronting that. Nowadays, so many people have been hit by it, that stigma has gone. And so really it is becoming more of a community kind of effort, as people try to defend against these ransomwares. The other thing about it is it's really a lot like Whac-A-Mole. They attack us in one area and we defend against it, so they attack us in another area and we defend against it. And in fact, I had an individual come up to me at a show not long ago and said, "One of these days, we're going to get pretty well defended against ransomware, and it's going to go away." And I responded, "I don't think so because we're constantly introducing new systems, new software, and introducing new vulnerabilities." And the fact is ransomware is so profitable, the bad guys aren't going to just fade into the night without giving it a lot of fight. So I really think that ransomware is one of those things that is here for the long-term, and something that we we have to address and have to get proactive about. >> You mentioned some stats there. And recently, IDC and Druva did a white paper together that really revealed some quite shocking results. Talk to me about some of the things, let's talk a little bit about the demographics of the survey, and then talk about what was the biggest finding there, especially where it's concerning ransomware. >> Yeah, this was a worldwide study. It was sponsored by Druva and conducted by IDC as an independent study. And what we did, we surveyed 500, it's a little over 500 different individuals across the globe, in North America, select countries in Western Europe, as well as several in Asia Pacific. And we did it across industries where 20 different industries represented. They're all evenly represented. We had surveys that included IT practitioners, primarily CIOs, CTOs, BPO of infrastructure, managers of data centers, things like that. And the biggest finding that we had in this, Lisa, was really finding that there is a huge disconnect, I believe, between how people think they are ready and what the actual results are when they get attacked. Some of the statistics that we learned from this, Lisa, include 83% of organizations believe or told us that they have a playbook that they have for ransomware. I think 93% said that they have a high degree, or a high, or very high degree of confidence in their recovery tools, and are fully automated. And yet when you look at the actual results, I told you a moment ago, 46% have been attacked successfully. I can also tell you that in separate research, fewer than a 1/3 of organizations were able to fully recover their data without paying the ransom. And some 2/3 actually had to pay the ransom. And even when they did, they didn't necessarily achieve their full recovery. The bad guys aren't aren't necessarily to be trusted. And so the software that they provide, sometimes is fully recovered, sometimes it's not. So you look at that and you go, "Wow." On the one hand, people think they're really prepared. And on the other hand, the results are absolutely horrible. 2/3 of people having to pay the ransom. So you start to ask yourself, "Well, what's going on there?" And I believe that a lot of it comes down to, kind of reminds me of the old quote from Mike Tyson, "Everybody has a plan until they get punched in the mouth." And I think that's kind of what happens with ransomware. You think you know what you're doing, you think you're ready based on the information you have. And these people are smart people, and they're professionals. But oftentimes, you don't know what you don't know. And like I say, the bad guys are always dreaming up new ways to attack us. And so I think for that reason, a lot of these have been successful. So that was kind of the key finding to me, and kind of the aha moment, really, in this whole thing, Lisa. >> That's a massive disconnect with the vast majority saying, "We have a cyber recovery playbook," yet nearly half being the victims of ransomware in the last three years. And then half of them experiencing data loss. What is it then that organizations in this situation across any industry can do to truly enable cyber resilience, data resilience? As we said, this is a matter of this is going to happen. Just a matter of when and how often. >> It is a matter. Yeah, as you said, it's not if when or how often, it's really how badly. So I think what organizations are really doing now is starting to turn more to cloud based services. Finding professionals who know what they're doing, who have that breadth of experience, and who have seen the kinds of of necessary steps that it takes to do a recovery. And the fact of the matter is a disaster recovery and a cyber recovery are really not the same thing. And so organizations need to be able to plan the kinds of recovery associated with cyber recovery in terms of forensics, in terms of scanning, in terms of analysis, and so forth. So they're turning to professionals in the cloud much more in order to get that breadth of experience, and to take advantage of cloud-based services that are out there. >> Talk to me about some of the key advantages of cloud-based services for data resilience versus traditional legacy on-prem equipment. What are some of the advantages? Why is IDC seeing this big shift to cloud, where data resilience is concerned? >> Well, the first and foremost is the economics of it. You can have on demand resources. And in the old days when we had disaster recoveries, where there we had two different data centers and the failover and so forth, you have double the infrastructure. If your financial services, it might even be triple the infrastructure. It's very complicated, very difficult. By going to the cloud, organizations can subscribe to disaster recovery as a service. And increasingly, what we see is a new market of cyber recovery as a service. So being able to leverage those resources, to be able to have the forensic analysis available to them, to be able to have the other resources available that are on demand, and to have that plan in place, to have those resources in place. I think what happens in a number of situations, Lisa, is that that organizations think they're ready, but then all of a sudden they get hit. And all of a sudden, they have to engage with outside consultants, or they have to bring in other experts. And that extends the time to recover that they have. And it also complicates it. So if they have those resources in place, then they can simply turn them on, engage them, and get that recovery going as quickly as possible. >> So what do you think the big issue here? Is it that these IT practitioners over 500 that you surveyed across 20 industries, as a global survey, do they not know what they don't know? What's the overlying issue here? >> Yeah, I think that's right. It's you don't know what you don't know. And until you get into a specific attack, there are so many different ways that organizations can be attacked. And in fact, from this research that we found is that in many cases, data exfiltration exceeds data corruption by about 50%. And when you think about that, the issue is, once I have your data, what are you going to do? I mean, there's no amount of recovery that is going to help. So organizations are either faced with paying the ransom to keep the data from perhaps being used on the dark web, or whatever, or simply saying no, and taking their chances. So best practice, things like encryption, immutability, things like that that organizations can put into place. Certainly, air gaps, having a solid backup foundation to where data is, you have a high probability recovery, things like that. Those are the kinds of things that organizations have to put into place, really, is a baseline to assure that they can recover as fast as possible, and not lose data in the event of our ransomware attack. >> Given some of the disconnect that you articulated, the stats that show so many think we are prepared, we've got a playbook, yet so many are being attacked, the vulnerabilities, and as the threat landscape just gets more and more amorphous, what do you recommend organizations? Do you talk to the IT practitioners? But does this go all the way up to the board level in terms of, " Hey guys across every industry, we are vulnerable. This is going to happen. We've got to make sure that we are truly resilient and proactive." >> Yes, and in fact, what we found from this research is in more than half of cases, the CEO is directly involved in the recovery. So this is very much a C-suite issue. And if you look at the consequences of ransomware, it's not just the ransom, it's the loss productivity, it's the loss of revenue, it's the loss of customer faith and goodwill. And organizations that have been attacked have suffered those consequences, and many of them are permanent. So people at the board level, whether it's the CEO, the CFO, the CIO, the CSO, whoever it is, they're extremely concerned about these. And I can tell you, they are fully engaged in addressing these issues within their organization. >> So all the way at the top, business critical for any industry. I imagine some industries may be a little bit more vulnerable than others, financial services, healthcare, education. We've just seen big attack in Los Angeles County. But in terms of establishing data resilience, you mentioned, ransomware isn't going anywhere, it's a big business, it's very profitable, but what is IDC's prediction where ransomware is concerned? Do you think that organizations, if they truly adopt cloud and SaaS-based technologies, can they get to a place where the C-suite doesn't have to be involved? To the point where they really actually have a functioning playbook? >> I don't know if we'll ever get to the point where the C-suite is not involved. It's probably very important to have that level of executive sponsorship. But what we are seeing is, in fact, we predict that by 2025, 55% of organizations will have shifted to a cloud-centric strategy for their data resilience. And the reason we say that is workloads on-premises aren't going away. So that's the core. We have an increasing number of workloads in the cloud and at the edge, and that's really where the growth is. So being able to take that cloud-centric model and take advantage of cloud resources, like immutable storage, being able to move data from region to region inexpensively and easily, and and to be able to take that cloud-centric perspective and apply it on-premises, as well as in the cloud and at the edge is really where we believe that organizations are shifting their focus. >> Got it. We're just cracking the surface here. Phil, I wish we had more time, but I had a chance to read the Druva sponsored IDC white paper, fascinating finds. I encourage all of you to download that. Take a read. You're going to learn some very interesting statistics and recommendations for how you can really truly deploy data resilience in your organization. Phil, it's been a pleasure to have you on the program. Thank you for joining me. >> No problem. Thank you, Lisa. >> I'm, Lisa Martin. You're watching theCUBE, the leader in live tech coverage. (upbeat music)

welcome everybody to this cube conversation my name is dave vellante and we're joined today by richard goodwin who's the group director of i.t at ultraleap and abhishek kumar who manages dell's power store product line just directs that product line along with several other lines for the company gentlemen welcome to the cube hey dave hi that's me so richard ultra leap very cool company tracks hand movements and so forth tell us about the company and the technology are really interested in how it's used yeah we have many uh product lines uh obviously we're very innovative uh innovative um and the organization was spun up from phd a number of phd students who were the co-founders for ultra leap and initially with mid-air haptics as many people may have seen but also hand tracking mid-air touch uh sense and feel uh so yeah it's it's it's quite impressive um what we have produced and the number of sectors and markets that we are in um and obviously to to push us to where we are we have relied upon lots of the dell technology both software and hardware and what's your role at the company i'm the group i t director and i'm responsible for the it and business platforms um all infrastructure network hardware software um and also the transition of those platforms to ensure that we're scalable and we are able to develop our software and hardware um as rapidly as possible awesome yeah a lot of data behind that too i bet um okay avashek you direct a number of products at dell across the portfolio unity extreme io the sc series and of course power vault it's quite the portfolio that you look after so let's get into the case study if we can a bit uh richard maybe you could paint a picture of of your environment uh some of the key applications that you're supporting and maybe what your infrastructure looks like give us a high level view sure uh so um pre uh powerschool we had um quite a a disparate uh architecture so um a fairly significant split and siding on the side of uh cloud uh not as hybrid as we would like and not uh not as much as on-prem as we would have liked and hey that has changed quite significantly um so we now have a number of servers and storage and storage arrays that we have on on-premise um and then we host ourselves so we are moving quite rapidly you know as a startup and then moving to a scale-up we needed that that scalability and that versatility and also the whole op-ex versus capex and also not being driven by lots of um sas products and architecture and infrastructure where we needed to be in control because of our development cycles and our products product development so wait okay so so too much cloud i'm hearing you run a little bit a dose of on-prem explain that a little bit more the cloud wasn't doing it for you in terms of your development cycle your control can you double click on that yeah some of the some of the control and you know there's always a balance because there's certain elements of uh our development cycles and our engineering uh software engineering where we need a very high parallelism uh for some of the work that we're doing which then you know the capex investment makes things very very challenging and not commercially the right thing to do however uh there are some of our information some of our ip um some of the secure things that we do we also do not want upgrades as an example or any outages or certain types of server and spec that we need to be quite bespoke and unique and that needs to be within our control got it okay thank you for that abhishek we're going to talk about powerstor today so set it up please tell us about powerstor what it is you know why it's important to this conversation sure so power store is a product that we launched may of 2020 roughly a little bit more than a year now and it's a brand new architecture that dell technologies released and at the end of the day i'll talk about a few unique aspects of the product but at the end of the day the where we start with it's a storage platform right so uh where we see similar to what richard is saying here uh uh in terms of being able to consolidate the customer's environment whether it is block file v-balls physical virtual environments uh and and it's as i said it's a brand new architecture where we leveraged pieces of existing products where it made sense uh and it's a it's we are using all the latest and greatest technologies delivering the best performance based data reduction uh and and where we see a lot of traction is the options that it brings to the table for our customers in terms of flexibility whether they want to add capacity compute uh whether in fact uh we have a apps on dev deployment model where customers can consolidate their compute as well on the storage platform if needed so a lot of innovation from a platform perspective itself and it's not just about the platform itself but what comes along with it right so we referred it as an ecosystem part of it where we work with ansible playbook csi plug-in you name it right and it's the storage platform by itself doesn't that doesn't stand by itself in a customer's environment there are other aspects of the infrastructure that it needs to integrate with as well right so if they're using ansible playbooks we want to make sure the integration is there got it and last perhaps uh not the least is uh the intelligence built into the platform right so as we are building these capabilities into the product uh there is intelligence built into the product as well as outside the product where things like cloud iq things like uh technologies built into power store itself makes it that much easier for the pro for the customers to manage the infrastructure and go from there thank you for that so richard what was the workload so actually you started with sort of a green field on-prem if i understand it correctly what was the workload that you were sort of building around or workloads sorry we had a um a number of different applications some of which we cannot really talk about too much um and then we engaged them regarding um the storage uh issue that we had and we engaged the our account lead accounting exec and a number of solution architects were working with us to ensure that we had the optimal solution dell were selected over the competitors there's a many reasons you know the new technology the deduplication the compression the data overall data reduction um and the guarantee uh that also came uh came with that the four to one data reduction guarantee which was significant to us because of the amount of data that we hold and we have you know as i mentioned we're pulling further further data of ours back um into our hosted environments which will end up on the power store especially with the deduplication that we're now getting we've now actually hit nine to one which is you know significant we were expecting four to one maybe five to one with some of the data types and what was excellent dell where that confident that they did not even review our data types prior and they were willing to stand by that guarantee of four to one and we've excelled that you know we've got significant different data types on on that array and we've hit nine to one and that's gradually grown over the last nine months you know we were kind of at six and we moved to seven and now we're hitting nine to one ratios that's great so you get a little free storage that's interesting what you're saying richard because i just assumed that a company that's guarantees four to one is going to say okay let us let us inspect your workload first and then and then we'll do the deal uh so avashek what's the tech behind that data reduction that you're able to with such confidence not have to and pre-inspect the workload in this case anyway yes sir so it goes back to the technologies that goes behind the product right so so we stand behind the technology and we want to make it simpler for our customers as well where again we don't want to spend weeks looking at all the data scanning all the data before giving the guarantee so we stand behind the technology where we understand that as the data is coming in we are always going to duplicate it we are always going to compress it there is technology within the product where we are offloading some of that to the uh outside the cpu so it is not impacting the performance that the applications are going to see so data reduction by itself is not going good enough performance by itself is not good enough both of them have to be together right so and that's what powerstroke brings to the table yeah thank you so richard i'm interested i mean i remember the power store announcement uh i sort of saw it leading up to it and one of the big thrusts from dell the way i phrase it is essentially trying to create a cloud-like experience on-prem so really focus on simplicity so my question to you is let's start with just the deployment you know how complicated was it to install what was that process like you know how many clicks not that you have to tell me how many clicks but you know what i'm asking is is how difficult was it to get from zero to you know up and running well we actually stepped down a very difficult challenge um we were in quite a difficult situation where we'd pretty much gone off of a cliff in terms of our iops performance um so the rfp was quite rapid and then we needed to get which whoever which vendor was successful we need to get that deployed rather rapidly and on the floor in our data center and server rooms uh which we did um and it was very very simplistic within three weeks of placing the order we had that array in our server rack and we had begun the migration it was very simple to set up um and the management of that array has been we we've seen a i think 40 reduction in terms of effort to be able to manage our storage because it is very self-contained um you know even from a reporting perspective the deployment the migration was all very very very simplistic and you know we we've done some works recently where we had to also um do some work on the array and some other migrations that we were doing and the resilience came came to came to the forefront of where you know the the dual architecture and no single point of failure enabled us to do some things that we needed to do quite rapidly because of the the dual nodes and the resilience within within the unit within the power store itself was considerable where we kept performance up it will also prioritize any disk rebuilds keeps the incoming ingest rates uh high and prioritizes the you know the workloads which is you know really impressive especially when we are moving so quickly with our technology we don't really have much time to you know micromanage the estate can you can you just repeat what you said on the percent reduction i think i heard you you cut out there a little bit a potent reduction on on management on on on the labor side yeah so our uh our lead storage engineer is estimated around 40 less management wow okay so that's that's good so actually i love this conversation because uh you know in the early days of automation people like ah that's my job provisioning luns i'm really good at it but i think people are realizing that it's actually you know not something that you want to be really good at it's something that you want to eliminate so now maybe it's a he that storage engineer got his or her nights and weekends back uh but but what do they do now when they get that extra time what do you what do you put them on you know more strategic initiatives or you know other other things in the to-do list what's that like the last thing uh you know any of my team whether it's the the storage leads or some of the infrastructure team that are also involved and engaged because you know the organization we have to be quite versatile as a team in our skill sets we don't want to be doing those bau uh mundane tasks even the storage engineer does not want to be you know allocating luns and allocating storage to physical servers vms etc we want all of that to be automated and that you know those engineers are now working on you know some of the cutting edge things that we're trying to do with machine learning is as an example um which is much more interesting it's what they want to be doing um you know that aids the obvious things like retention interest and personal development we don't want to be you know that base i.t infrastructure management is is not not where you know any of the engineers want to be in terms of the decision to go with dell power store i'm definitely hearing there was a relationship there was an existing relationship with dell i'm sure that played into it um there were many things so you know the relationship wasn't really part of this even though i mentioned the end user compute you know in any sector or anything that we're procuring we want best of breed and you know a best of set and that was done on you know cost is definitely a driver the technology you know is of interest to us we're a tech company new technology to us is also fascinating not only our own uh but also the storage guarantee the simplicity um the resilience with it within the uh unit also the ability which was key to us because of what we're trying to do with our hybrid model and bring bring back and repatriate some of the data as it were from the cloud we needed that ability to with ease to be able to scale up and scale out and the uh power stall gave us that when you say cost uh i want to dig into that price or you know the the the price tag or the the cost i mean when you do the business case and i wonder if we could add a little color to that yeah there's two elements to this so they're not either the cost and the price tag uh but then also cost of ownership and the comparisons that we were running against the other vendors but also the comparisons that we were running from a capex investment against opex and what we have in the cloud and also the performance you know the performance that we get from um the cloud and our cloud storage and the resilience within that and then also the initial price tag and then comparing the capex investment to the opex were all elements that were key to us making our decision and you know that there has to be some credit taken by the dow account team and that their relationship towards the final throws of that rfp you know were key initially not all we were just looking for the best possible storage uh solution for ultralite and to to determine that on your end was that like a feature because it's sometimes fuzzy what the business impact is going to be like that 40 you mentioned or the data reduction at nine to one when there's a promise of four to one did you what did you do did you kind of do a feature function analysis and sort of line that up and and say okay i'm gonna map that to our business pro our processes our i.t processes and try to predict what the impact would be is that how you did it or did you take a different approach we did so we did that obviously between vendors as you'd expect in an rfp but then also mapping to how that would impact the business and that that is not an easy and easy process to go through and we've seen more games even comparing one vendor to another some of that because of the the technology the terminology is very very different and sometimes you have to bring that upper level and also gain a much more detailed understanding which at times can be challenging but we did a very like for like comparison um and also lots of research but you're quite right the the the business analysis to what we needed um we had quite a good forecast uh and from some of our historical information and data and also our engineering and business and strategic roadmap we were able to map those two together not the easiest of experiences not one that i want to repeat but we got yeah a little bit of art and science involved avishak maybe you could talk about power store what you know give us the commercial what makes it different from other products in the market uh things like cloud iq uh maybe you could talk about that a little bit sure so uh so again from uh it's music to my ears when richard talks about the ease of deployment and the management because there is a lot of focus on that but even as i said earlier from a technology perspective a lot of goodness built in in terms of being able to consolidate uh customers environment into onto the platform so that's more from a storage point of view give the best performance give the best data reduction storage efficiencies uh the second part of course the the flexibility the options that power store gives to the customers in terms of sort of disaggregating the storage and the compute aspects of it so if as a customer i want to start with different points in terms of what our customer requirements are today but going forward as your requirements change from a compute capacity perspective you can use the scale up and scale out capabilities um and and then the intelligence built in right so as you scale out your cluster being able to move storage around right as needed uh being able to do that non-disruptively so instead of saying that mr customer your uh your storage is going to you're at 90 capacity being able to say that based on your historical trending uh we expect you run out of capacity in six months some small things like that right and of course uh if the uh the dial home the support assist capabilities are enabled cloud iq brings a lot of intelligence to the table as well in addition to that as i mentioned earlier there is apps on capability that gives another level of flexibility to the customers to integrate your storage infrastructure into a virtual environment if the customer chooses to do that and last but not the least it's not just about the product right so it's about the the programs that we have put around it anytime upgrade is a big differentiator for us where it's an investment protection program for customers where if they want to have the peace of mind in terms of three months nine months three years down the line if we come out with new technologies being able to be upgrade to that non-destructively is a big part of it as well so it's a peace of mind for the customers that yes i'm getting into the power store architecture today but going forward i am i'm protected from that point of view so anytime upgrade it's a new business program that we put around leveraging the architectural benefits of power store uh whether your computer requirement your storage requirements change your your you're covered from that point of view so again a very quick overview of uh of what power store is why it is different and again that's where that comes from thank you for that richard are you are you actively using cloud iq do you get what kind of value do you get from it not currently um however we have we have had plans to to do that the um uptake and how basically our our internal work node is not allowed us to to do that but one of the other key reasons for selecting powersupport was the the non-disruptive element you know with other sas products other providers and other issues that we have experienced that was one that was a a key decision for us from a um a power store perspective one of the other you know i i to go back to the conversation slightly with in terms of performance you know we are getting getting now you know there's a 400 percent speed of improvement of publishing uh we've got 80 percent faster code coverage and our firmware built 1 300 quicker than they were previously and the time savings of the storage engineer and you know as a director of it i often ask for certain reports from from the storage array when we're working out for um storage forecasts performance forecasts and you know when we're coming close to product releases and code drops um that we're trying to manage the the reporting on the power store is is impressive whereas previously my storage engineer would not be the uh the most happiest of people when i would be trying to pull you know month-end quarterly reports etc uh whereas now it's it's ease and we have live dashboards running we can easily extract that information i love that uh because you know so often we talk about the 40 reduction in it labor uh which okay that that's cool but then your cfo's gonna say yeah but it's not like we're getting rid of people we you know we're still spending that money and okay they're getting you're now into soft dollars but when you talk about 400 percent 18 1300 percent you're talking about business impact and that's telephone numbers to a cfo so i i love those metrics thank you for sharing yeah but when they obviously some of our dashboards when they're visualized that they are very hard-hitting you know the impact you know you're quite right to see if it does chase down you know the availability and the resource profile however we're on a huge upward trajectory so having the right resilience and infrastructure in places is exactly what we need and as i mentioned before those engineers are all reallocated to much more interesting work and you know the areas that will actually drive our business forward speaking of resilience are you doing any replication uh not currently however there uh we've actually got a meeting regarding this today with some of the dell's enterprise and some of their storage specialists in a couple of hours time actually because that is very high on the agenda for us to be able to replicate and have a high availability um cluster and another uh potentially power stone made because so i was going to ask you kind of where you want to take this thing i'm hearing you you're looking at cloud iq really try to exploit that so you got some headroom here in terms of the value that you can get out of this platform uh to to do replication faster recovery etc maybe protect against you know events guys thanks so much for your time really appreciate your insights and thank you for watching this cube conversation this is dave vellante and we'll see you next time you

(happy techno music) >> Welcome everybody to this cube conversation. My name is Dave Vellante and we're joined today by Richard Goodwin. Who's the group director of IT at Ultra Leap and Avishek Kumar who manages Dell's power store product line and directs that product line along with several other lines for the company, gentlemen, welcome to the cube. >> Hi Dave >> Hi >> So Richard ultra leap, very cool company tracks, hand movements, and so forth. Tell us about the company and the technology, I'm really interested in how it's used. >> Yeah, we've had many product lines, obviously. We're at very innovative, um and the organization was spun up from PhD, a number of PhD students who were the co-founders for ultra leap. um And initially with mid-air haptics, um as you, as many people may have seen, but also hand tracking, mid-air had such a sense and feel. So, yeah, it's, it's, it's quite impressive what we have produced and the number of sectors and markets that we're in. Um And obviously to push us to, to where we are, we have relied upon lots of the Dell technology, both software and hardware. >> And what's your role at the company. >> Uh, I'm the group IT director, uh, I'm responsible for the it and business platforms or infrastructure network hardware software, and also the transparency of those platforms to ensure that we're scalable. And we are able to develop our software and hardware as rapidly as possible. >> Awesome. Yeah, a lot of data behind that too. I bet. Um okay Avishek, you direct a number of products at Dell across the portfolio, unity, extreme IO, the SC series, and of course, power vault. It's, it's quite the portfolio that you look after. So let's get into the case study. If we can, a bit, Richard, maybe you could paint a picture of, of your environment, some of the key applications that you're supporting and maybe what your infrastructure looks like. Give us a high level view. >> Sure. So pretty power store. We had quite a disparate architecture, so a fairly significant split and siding on the side of cloud, not as hybrid as we would like, and not, not as much as our on-prem as we would have liked and Hey, that, that has changed quite significantly. So we now have a number of servers and storage and storage arrays that we have on, on premise. And then we host ourselves. So we are moving quite rapidly, you know, as a, as a startup and then moving to a scale-up we needed that, that scalability and that versatility, and also the whole OPEX versus CapEx and, um, and also not being driven by lots of SaaS products and architecture and infrastructure where we needed to be in control because of our development cycles and our products, product development. >> So wait, oh okay. So, so too much cloud, you wanted to run a little bit of a dose of on-prem explain that a little bit more the cloud wasn't doing it for you in terms of your development cycle, your control, can you double click on that? >> Yeah. Some of the, some of the control and, you know, there's always a balance because there are certain elements of our development cycles and our engineering software engineering, where we need a very high parallelism for some of the work that we're doing, which then, you know, the CapEx investment makes things very, very challenging, not commercially that the right thing to do. However, there are some of our information, some of IP, some of the secure things that we do, we also do not want upgrades as an example, or any outages or certain types of server and spec that we need to be quite bespoke and unique, and that needs to be within our control. >> Got it, okay. Thank you for that. Avishek, we're going to talk about power store today. So set it up, please tell us about power store, what it is, you know, why it's important to this conversation. >> Sure, so power store store is a product that we launched may of 2020, roughly a little bit more than a year now. And it's a brand new architecture that Dell technologies released. And at the end of the day, I'll talk about a few unique aspects of the product, but at the end of the day, the, where we start with it's a storage platform, right? So where we see similar to what Richard is saying here, in terms of being able to consolidate the customer's environment, whether it is blog file, weevils, physical virtual environments, and, and it's, as I said, it's a brand new architecture where we leveraged pieces of existing products, where it makes sense and it's, we are using all the latest and greatest technologies delivering the best performance based data reduction and, and where we see a lot of traction is the options that it brings to the table for our customers in terms of flexibility, whether they want to add capacity compute, whether in fact, we have apps on the current model where customers can consolidate their compute as well on the static storage platform if needed. So a lot of innovation from a platform perspective itself, and it's not just about the platform itself, but what comes along with it, right? So we refer to it as an ecosystem, part of it, where we work with Ansible playbooks, CSI plugin, you name it, right. And it's, the storage platform by itself. Doesn't that, doesn't stand by itself in a customer's environment there are other aspects of the infrastructure that it needs to integrate with as well. Right? So if they're using Ansible playbooks, we want to make sure the integration is there. >> Got it. >> And last but not the least is the intelligence built into the platform, right? So as we are building these capabilities into the product, there is intelligence built into the product, as well as outside the product where things like cloud IQ, things like uh, um, technologies built into power suit itself makes it that much easier for the customers to manage the infrastructure and go from there. >> Thank you for that, so, Richard, what was the workload? So it actually, you started with sort of a Greenfield on prem. If I understand it correctly, what was the workload that you were sort of building around or workloads? >> Sorry, we had a, a number of different applications. Some of which we cannot really talk about too much, but we had, we had a VxRail, we had a, a smaller Dell array, and we have lots of what we classes, runners, cubeanetics cluster that we that we run and quite a few different VMs that run on our, on-prem server infrastructure and storage rates and the issues that we began to hit because of the high IO, from some of our, um, workloads that we were hitting very high latency, which rapidly stopped, began to cause us issues, especially with some of our software engineering teams. And that is when we embarked upon a competitive RFP for uh, Dell power store. Dell were already engaged from an end-user compute where they'd been selected as the end-user compute provider from a previous competitive RFP. And then we engaged them regarding the storage issue that we had, and we engaged the, our account leading count exec, and a number of solution architects were working with us to ensure that we have the optimal solution. Dell were selected over the competitors because of many reasons, you know, the, the, the new technology, the DG plication, the compression, that data overall data reduction, and the guarantee that also came, uh, came with that, with the four to one data reduction guarantee, which was significant to us because of the amount of data that we hold. Um, And we have, you know, as I mentioned, we're pulling further, further data of ours back into our hosted environments, which will end up on the power store, especially with the duplication that we're now getting. We've actually hit nine to one, which is significant. We were expecting four to one, maybe five to one with some of the data types. And what was excellent Dale were that confident that they did not even review our data types prior. And they were willing to stand by that guarantee of four to one and we've excelled that we've got different data types on, on that array, and we've hit nine to one and that's gradually grown over the last nine months. You know, we were kind of six them we moved to seven and now we're hitting nine to one ratios. >> That's great. So you get a little free storage. That's interesting what you're saying, Richard, cause I just assumed that a company that's guaranteed four to one is going to say, okay, let us, let us inspect your workload first and then we'll do the deal. So Avishek, what's the tech behind that data reduction that you're able to with such confidence, not have to pre inspect the workload in this case anyway. >> Yeah. So, so it goes back to the technologies that goes behind the product, right? So, so we, we stand behind the technology and we want to make it simpler for our customers as well. Where again, we don't want to spend weeks looking at all the data, scanning all the data before giving the guarantee. So we stand behind the technology where we understand that as the data is coming in, we are always going to be duplicated. We are always going to compress it. There is technology within the product where we are offloading some of that to the outside the CPU. So it is not impacting the performance that the applications are going to see. So a data reduction by itself is not going to get enough performance by itself is not good enough. Both of them have to be together. Right. So, and that's what powers to brings to the table. >> Yeah. Thank you. So Richard, I'm interested. I mean, I remember the power store announcement, sort of saw it leading up to it. And one of the big thrusts from Dell was the way I phrase it is essentially trying to create a cloud-like experience on-prem. So really focused on simplicity. So my question to you is, let's start with just the deployment. You know, how complicated was it to install? What was that process like? How many clicks, I mean, not that you have to tell me how many clicks, but you know, what I'm asking is, is how difficult was it to get from zero to, you know, up and running? >> Well, we actually sat down with a very difficult challenge. We were in quite a difficult situation where we'd pretty much got off of a cliff in terms of IOPS performance. So the RFP was quite rapid. And then we needed to get which, whoever, which vendor was successful, we need to get that deployed rather rapidly and on the floor in our data center and server rooms, which we did. And it was very, very simplistic within three weeks of placing the order. We had that array in our server rack and we'd begun the migration that it was very simple to set up. And the management of that array has been, we we've seen say 40% reduction in terms of effort it took to be able to manage our storage because it is very self-contained, you know, even from a reporting perspective, the deployment, the migration was all very, very, very simplistic. And, you know, we we've done some work recently where we had to also do some work on the array and some other migrations that we were doing and the resilience came, came to, came to the forefront of where the whole architecture and no single point of failure enabled us to do some things that we needed to do quite rapidly because of the, the jole notes and the resilience within, within the unit and within the power store itself was considerable where we, we kept performance up. People also prioritize any discreet rebuilds, keeps the incoming ingest rates high and prioritizes that, you know, the workloads, which is really impressive, especially when we are moving so quickly with our technology. We don't really have much time to, you know, micromanage the estate. >> Can you, can you just repeat what you said on the percent reduction? I think I heard you cut out there a little bit, a percent reduction on, on, on management, on, on, on the labor side. >> So our lead storage engineer is estimated around 40% less management. >> Wow. Okay. So that's, that's good. So actually, I, I love this conversation because, you know, in the early the days of automation, people are like, ah, that's my job provisioning, LUNs. I'm really good at it. But I think people are realizing that it's actually not something that you want to be really good at. It's something that you want to eliminate. So it now maybe it's a, that, storage engineer got his or her nights and weekends back, uh, but, but what do they do now when they get that extra time, what do you, what do you put them on? You know, no more strategic initiatives or, you know, other, other tech things in the to-do list, what's that like? >> You know, any of my team, whether it's the storage leads or some of the infrastructure team that are also involved in engaged, cause you know, the organization, we have to be quite versatile as a team in our skillsets. We don't want to be doing those BAU mundane tasks. Even the storage engineer does not want to be, you know, allocating Luns and allocating storage to physical servers, VMs, et cetera. We want all of that to be automated. And the, you know, those engineers, are they working on some of the cutting edge things that we're trying to do with machine learning as a, as an example, which is much more interesting, it's what they want to be doing. Um, you know, that aides, the obvious things like retention interest and personal development, we don't want to be, you know, that base IT infrastructure management is, is, is not, not where any of the engineers wants to be. >> In terms of the decision to go with Dell power store. I, I, I'm definitely hearing there was a relationship. There was an existing relationship with Dell. I'm sure that played into it. And you, you mentioned a couple of times that RFP, so, so you kind of lined up various various vendors. What can you tell us about that in, in addition to the relationship, what was it that led you to power store? >> Uh, there were many things saying, you know, the relationship wasn't really part of this, even though I've mentioned the end user compute in any sets or anything that we're procuring, we want best of breed and best of set, but, and there were four vendors that were engaged in the RFP and it was down selected to, two, and that was done on the cost is definitely a driver. The technology, you know, is a big trust to us. We're a tech company. New technology to us is also fascinating, not only our own but also the, the storage guarantee, the simplicity, the resilience within, within the unit. Also the, the ability which was key to us because of what we're trying to do with our hybrid model and bring, bring back and repatreize some of the data as it were um, from the client, we needed that ability to, with ease, to be able to scale up and scale out, and the power store gave us that. >> When you say cost of, I want to dig into that price or, you know, the, the, the, the price tag or the, the cost. I mean, when you do the business case, and I wonder if we could add a little color to that. >> Yeah, the, the, there there's two elements to this, so there's not even the cost of the price tag, but then also cost of ownership and the comparisons that we were running against the other vendors, but also the comparisons that we were running from a CapEx investment against OPEX and what we have in the cloud, and also the performance and performance that we get from the cloud and our cloud storage and a resilience within that, and then also the initial price tag, and then comparing the CapEx investments to the OPEX were all elements that were, were key to us making our decision. And you know that there has to be some credit taken by the Dell account team and their relationship towards the final phrase of that RFP, you know, were key, initially, not at all, we were just looking for the best possible storage solution for ultra-leap. >> And to, to determine that on your end, was that like a feature, because it's sometimes fuzzy what the business impact is going to be like that 40% you mentioned, or the data reduction at nine to one, when there's a promise of four to one, did you, what did you do? Did you kind of do a feature function analysis and sort of line that up and, and say, okay, I'm going to map that to our business, our processes, our IT processes, and try to predict what the impact would be. Is that how you did it, or did you take a different approach? >> We did. So we did that, obviously between vendors as you'd expected in RFP, but then also mapping to how that would impact the business. And that that is not an easy process to go through. We've seen more gains, even comparing one vendor to another, some of that because of the technology, the terminology is very, very different and sometimes you have to bring that up a level and also gain a much more detailed understanding, which at times can be challenging, but we did a very like-for-like comparison and, and also lots of research, but you're quite right. The, the, the business analysis to what we needed. We had quite a good forecast and from my supplier stock and information data, and also our engineering and business and strategic roadmap, we were able to map those two together, not the easiest of experiences, not one that I want to repeat, but we got through it. >> Yeah, a little bit of art and science involved. Avishek, maybe you could talk about power store, what, you know, give us the commercial. What makes it different from other products in the market? Things like cloud IQ, maybe you could talk about that a little bit. >> Sure, so, so again, from a, a it's music to my ears, when Richard talks about the ease of deployment and the management, because there is a lot of focus on that. But even as I said earlier, from a manned technology perspective, a lot of goodness built in, in terms of being able to consolidate a customer's environment into, onto the platform. So that's more from a storage point of view that will give the best performance, give the best data reduction, storage efficiencies. Um, the second part, of course, the flexibility, the options that power store it gives to the customers in terms of sort of desegregating the storage and the compute aspects of it. So if, as a customer, I want to start with different points in terms of what our customer requirements are today, but going forward as requirements changed from a compute capacity perspective, you can use a scale up and scale out capabilities, and then the intelligence built in, right? So as you scale out your cluster, being able to move storage around right, as needed being able to do that non-disruptively. So instead of saying that Mr. Customer you're, you're storage is going to, you're at 90% capacity, being able to say that based on your historical trending, we expect you run out of capacity in six months, some small things like that. Right. And of course, if the, the dial home, the support assist capabilities that are enabled, cloud IQ brings a lot of intelligence to the table as well. In addition to that, as they mentioned earlier, there is apps on capability that gives another level of flexibility to the customers to integrate your storage infrastructure into a virtual environment. If the customer chooses to do that. And last but not the least, it's not just about the product right? So it's about the programs that we have put around it. Any anytime I'll create is a big differentiator for us, where it's an investment protection program for customers, where if they want to have the peace of mind, in terms of three months, nine months, three years down the line, if we come out with new technologies, being able to be upgrade to that non-disruptively is a big part of it as well. It's a peace of mind for the customers that, yes, I'm getting into the power store architecture today, but going forward, I am I'm protected from that point. So anytime I upgrade, it's a new business program that we put around leveraging the architectural benefits of power stool, whether your compute requirements, your storage requirements change you're, you're, you're covered from that point of view. So again, very quick a overview of, of what power store is, why it is different, and again, that's where that comes from. >> Thank you for that. Richard, are you, are you actively using cloud IQ? Do you get, what kind of value do you get from it? >> Not currently. However, we have, we have had plans to do that. The uptake and BCR, our internal workload has not allowed us to do that, but one of the other key reasons for selecting power source was the, the non-disruptive element, you know, with other SaaS products, other providers, and other issues that we have experienced. That was one, that was a, a key decision for us from a, a power store perspective. One of the other, you know, I would like to go back to the conversation slightly, in terms of performance, we are getting, getting now, you know, there's a 400% speed of improvement of publishing. We've got an 80% faster code coverage. So our firmware builds a 1300% quicker than they were previously and, and the time savings of the storage engineer and, you know, as a, as director of IT, I often asked for certain reports from, from the storage array, when we're working out for, um, storage forecast, performance forecast. And, you know, when we're coming close to product releases, code drops that we're trying to manage, the reporting or the power stories is impressive. Whereas previously my storage engineer would not be the, the most happiest of people when I would be trying to pull, you know, monthly and quarterly reports, et cetera. Whereas now it's, it's easy and we have live dashboards running, and we can easily extract that information. >> I love that, because, you know, so often we talk about the 40% reduction in IT, labor, uh, which, which, okay, that's cool. But then your CFO's going to say, yeah, but it's not like we're getting rid of people. We, you know, we're still spending that money and you, okay. They're getting you're now into soft dollars, but when you talk about 400%, 18%, 1300% of what you're talking about, business impact and that's telephone numbers to a CFO. So I love those metrics. Thank you for sharing. >> Yeah. But what would, they, obviously, in some of our dashboards when they visualize that they are very hard hitting, you know, the impact that you're quite right that the CFO does chase down, you know, the availability and the resource profile, however, we're on a huge upward trajectory. So having the right resilience and infrastructure in places is exactly what we need. And as I mentioned before, those engineers are all reallocated to much more interesting work. And, you know, the, the areas that will actually drive our business forward. >> Speaking of resilience, are you doing any replication? >> Not currently. However, there, uh, we've actually got a meeting regarding this today with some of that was a surprise that some of their storage specialists in a couple of hours time, actually, because that is a very high on the agenda for us to be able to replicate and have a high availability cluster and another potentially power store name. >> So I was going to ask you kind of where you want to take this thing. I'm hearing you, you're looking at cloud IQ, really try to exploit that. So you've got some headroom here in terms of the value that you can get out of this platform to, to do replication, faster recovery, et cetera, maybe protect against, you know, events. Any other things that you would identify as things you would either want from Dell or things that you'd like to see this platform direction you'd like to see it take in the future? >> Uh, yeah. We, we actually had some discussions recently and we are actively involved in some of the power store roadmap, which is, which is really good for us because we get visibility. And we also get to feed back to Dell on some of the features that we would like to see. So one of the things that we're discussing is a virtual kind of power store is what we would like to see. So some of that resilience would be really useful for us to be able to fail over quite rapidly and have live access to you are sick of data rather than potentially having hole sites. And we're looking at some of the Dell service offerings, which are quite impressive and is currently ticking. You know, we're very early in the, in the stages of the discovery, but there's quite a few boxes being ticked. Currently. >> Guys, we got to leave it there. I love this example of where you've got infrastructure, really connecting directly to a fast growth company, helping it scale, guys, thanks so much for your time. Really appreciate your insights. >> Thank you >> And thank you And thank you for watching this cube conversation. This is Dave Volante, and we'll see you next time. (upbeat music)

>> Announcer: Live from Chicago, Illinois; it's theCUBE. Covering VeeamON 2018. Brought to you by Veeam. >> Welcome back to the Windy City, everybody. You're watching theCUBE, the leader in live tech coverage, where we go out to the events, we extract the signal from the noise. This is our second day at VeeamON 2018, our second year. I'm Dave Vellante with Stu Miniman, my co-host. Phil Goodwin is here, he's a research director at IDC's storage systems and software group. Phil, thanks very much for coming on theCUBE. >> Pleasure to be here today. >> So you've been to more VeeamONs than we have, so you've seen even a greater evolution, although we've been to a lot of VeeamUGs. We saw a lot of green. This company has painted Chicago in green. What's your take on the progression and ascendancy of Veeam beyond just being a virtualization specialist? >> Sure, obviously the most interesting thing about Veeam is how they really have become the high growth leader of this industry, and in many ways, kind of the darling of the industry because they've got a lot of the momentum, a lot of the attention that's going on in the data protection and recovery software space. I think what has really struck me over the years of these VeeamON conferences, and really from the very first one that I attended three years ago, is the degree to which there is an ecosystem that's been built up around the products that they have for things like disaster recovery as a service, backup as a service and so forth. Where people take the Veeam software, build it into their own products and go to market with that, and I think that's totally unique in the way they've done that compared to many of their competitors. >> Let's see, we're talking about 800 plus million dollars in bookings, mid-30% growth rates. I presume the data protection market's not growing that fast. >> No, although it's surprisingly strong. Last year it grew at about 7% rate. We don't expect it to keep going that fast but if you compare that to other stores' software, which is 1% to 2% or in some cases even negative, it's actually an area that's quite bright. >> Yeah it's grown much, much faster than the overall IT business, right? >> Oh yeah, absolutely. >> And so, why? Why is it growing faster? >> Well part of it's driven by capacity. A lot of the vendor models are associated with the capacity and so they charge upgrades every year and as data is growing at about 40% per year on a compound annual growth rate, that does cause customers to upgrade their licenses. But we're also seeing an acceleration in the deployment of applications so we expect IT organizations, according to our research, to add an additional 200 applications over the next 36 months. That's not a lot of new applications. What we find in many cases is what we would call the traditional incumbent vendors, who have their footprint within the enterprise, maintain that footprint in many cases, but those new applications have the opportunity to bring in new products and that's really where the opportunity for Veeam is. >> So part of the growth is somewhat artificial if I understand it in that it's pricing driven, and so that would suggest, given that data protection is largely insurance, that the CFOs are going to look at that line out and say, "Oh, this isn't sustainable." Unless, and I want to run this by you, research indicates that Fortune 1000 companies leave, over a three to four year period, billions of dollars each on the table because of not the most end-to-end or well-thought-out architected data protection solutions. Maybe that expands the TAM a little bit, but is that kind of growth sustainable? You've already sort of indicated it's not, but maybe talk about that a little bit. >> Right. The nature of threats has really changed a lot over the years too, so if you look back on computing, it used to be system failure, human error, and to some degree natural disaster were your biggest threats. Nowadays it's actually ransomware, malware, and other things that are much bigger threats than the traditional types of threats that organizations have dealt with. As the evolution of data protection has come about, what we've found is very much a willingness among IT organizations to not simply try and go with a single product, but to rather buy a best-in-class product for specific platforms. In the case of Veeam, I think they really did a very successful job of riding the virtual infrastructure wave when most of their competitors were architected specifically for second platform types of applications. >> Phil, one of the interesting things to watch in Veeam is their expansion beyond that virtualization. What insight can you give us about data protection and SAS and public cloud and service providers? A lot of those environments you would think that the platform or the provider might have a choice, so how does Veeam get in there? How much do customers really have choice there? >> That's really a great point because what is happening is we're moving data protection from the system level. We've moved it up to the virtualization layer and now it's really moving to the application layer, where it is the application developer whose building that data protection directly into their application. So what we're seeing is those application developers, which as you mentioned many are SAS applications on the web, building the data protection into their specific environment. But the other thing that's happening is IT organizations are suddenly realizing that much of that data that is in the web or with those SAS applications is not being protected according to the SLAs of the organization. They're using third party tools and applications like Veeam to bring that data back on site and to protect it according to what the requirements and government's requirements are. >> Okay, so let's unpack some of this. If I understood it correctly, going back to the developers, as architecting in the data protection approach, is that a result of the DeVops trend, infrastructure as code, or is it something else driving it? >> I think it's more being driven by the fact that these are discrete applications outside the data center. So if I'm inside the data center and I'm trying to protect 100 different applications, I may try and apply the same techniques to all of them, the same policies. But these are applications like Salesforce.com, or Payday, or other applications that are really, for lack of a better term, a single application. That environment really doesn't have to consider the other systems within a data center. >> So it's the SAS guy saying "one size fits all." >> Phil: For them, yes. >> Which, by the way, is an age-old problem inside the data center. Either you were not protected enough or you were paying too much. Do companies like Veeam solve that problem by providing more granularity and maybe aligning better with that? >> Yeah. They go attack the problem in a couple of different ways. First of all, they certainly have their traditional business within the data center, but they're also partnering with many of the cloud-based organizations like Azure and Amazon and others to be able to help organizations protect data they have in the cloud. Plus they're working with specific applications to be able to provide that kind of protection for a SAS app. >> I want to come back to something you were talking about with Stu about best of breeds. We do a lot of these shows. You talk to a lot of customers and a lot of technology companies. You get two ends of the spectrum. You get the best of breed guys like Veeam say, "Hey, we're best of breed, "why would you buy that old, clunky, "outdated backup capability?" And then, without naming names, you get the integrated full stack companies going, "Why would anybody buy from some tiny little company? "Oh yeah, okay they're 800 million, "but they can't do digital transformation and big data "and SAS and blah blah blah! "So why would anybody, who cares about backup?" So you have two completely counterpoised positions. How can you help us parse through that? >> I think a lot of it comes down to who is the actual consumer and buyer of the solution and that's indeed changing. What we're seeing much more is it is the application developer, the application provider, or even the line of business making the decision as to what applications are being deployed, as opposed to the central IT organization. So whereas the central IT organizations say "This is part of digital transformation," the business unit may be buying other applications. >> We talked a little earlier about money being left on the table. I don't know what your research shows but clearly there's opportunities there that's not being harvested today. From a cost-benefit analysis standpoint, I know it's one area that you focus on and spend some time there, is it a reasonable expectation that CFOs will actually look at that lost opportunity, that soft revenue that they're losing, which really is not that soft, and say, "Hey, we actually need "to increase our spending in this area?" >> Some of them, yes. What you really find is a maturity curve, of course, where you have some organizations that really have a very traditional view and have not tried to move forward. But our research is showing that about 60% of organizations have embarked on some kind of digital transformation, and that about 70% have a cloud-first perspective. Those organizations really are looking at those kinds of opportunities, both in terms of cost, opportunity cost or absolute cost, and saying, "How can we optimize this environment entirely?" >> If I were the CFO, and let's say I had the cash so I wasn't capital constrained, I would still say, "Look, this is insurance, "so figure out a way to get more value out of this data. "You got all of this data in the backup repository, "what can we do with that? "What analysis can we do? "Can we maybe be more efficient "with regard to how we do security?" It's like the US government. "Can we have this agency talk to that agency "and figure out a way we can get more leverage?" and really be putting pressure on them to do that. Is that an unreasonable expectation for CFOs? >> No, and in fact what our research has shown is that about 40% of organizations use their backup data sets for analytics. They also, about 30% of them, 33% use it for other purposes such as development and test, staging, others. So organizations really are trying to leverage that vast amount of information that they have for other purposes. One of the challenges that come out though is GDPR, the European regulation to the right to be forgotten and the way organizations have to be able to manage that data. Going into those data repositories, including backup data sets, to say "Okay, this is data "that we have to expunge by regulation." >> Phil, I wonder, we've been talking about the threats of GDPR and you might get sued or everything. The last few years, we've really been talking about how we get insights and data. Insights can transform businesses around data. Is GDPR a threat to this whole wave of getting value out of data? >> I don't think it's a threat to getting the value out of the data, I think it's a threat to how you manage that data. And the threat is much more widespread than many organizations realize. If you're doing business with anyone who is European or has traveled to Europe, and really any kind of footprint in that regard can potentially put your organization at risk if you're capturing any of that data. >> But that stat you just threw out was pretty interesting. The 40% percent of organizations that you surveyed are actually doing some types of analytics with their backup data. I would think that governance and compliance and GDPR related stuff, they're going to take, those 40% are going to take a similar approach to GDPR. Say, "Okay, guys, we got to do this. "Find some more value out of it, "or else get you in a headlock." Right? That's a huge number! >> Right, and one of the ways you do that is, and that Veeam has done is to open up APIs, application programming interfaces, to allow third party organizations to leverage that data repository and do that kind of analytics. Veaam, themselves, or any other backup vendor can't really leverage, or can't really do that, but by opening that up to third parties it increases that ecosystem and increases the value that IT organizations can get from their data and their investment. >> Some of your research. Maybe you can highlight some of the stuff you're proud of, fun stuff you've been working on, things that are current, recent, that you want to highlight to the audience. >> I think some of the interesting things, the trends in the industry really are that the kinds of things like backup and recovery and high availability and disaster recovery, we see really going into a continuum of availability. Where, if I can move data across geographies, and I can recover my application seamlessly regardless of where the data is, why do I ever need to have disaster recovery again? And in fact, that's where we believe availability is going, and in fact the theme for Veeam at this show is hyper-availability. One of the ways you do that is by placing the data in the right locations for that kind of recovery. Watching from the days of backing up once a day onto tape to continuous availability is actually a pretty interesting development. >> So who's doing a good job in this place? Sounds like Veeam is getting it done obviously, and the numbers speak for themselves. You got the startups, Cohesity, Rubrik, Zerto obviously plays in there. You have Veritas is supposedly retooling. You had Bill Coleman in there, former BEA guy who's supposedly put a lot of R and D into that. You got the leader in Dell EMC. Obviously they have a lot of resource, spend a lot of money, they're going through a retooling process. IBM has software defined everything. It seems like it's jump ball right now instead of wide open. >> It really is. You look at, you mentioned Dell EMC, they're focusing on IOT. Well IOT generates a phenomenal amount of data. What data needs to be captured, how does it need to be captured, protected, managed, is going to be a huge issue for organizations so that's a very interesting target. Veritas has been looking at their 360 data management and really taking a holistic view of data management and they're doing some very interesting things there. Commvault has done actually a pretty nice job of getting into some cloud-related kinds of things. And then finally as you mentioned, Rubrik and Cohesity, I would put them along with Veeam as probably the three companies that right now are disrupting this industry the most. There are probably certainly some other ones that are up and coming, but in terms of those that are really providing some disruption, I would probably go with those three. >> Alright, they're breaking down VeeamON 2017. Phil, thanks for coming on theCUBE. Great stuff, really good analysis. Appreciate you having on. >> Pleasure, guys, take care. >> The trains are backing up. We're trying to jam everything in before they shut down our studio, so we'll be right back right after this short break. (upbeat music)

>> Welcome back everybody, Jeff Frick here with theCUBE. We're in downtown San Francisco at LinkedIn's brand new headquarters up here, at Data Privacy Day 2018. We were here last year, the conference is growing, a lot more people here, a lot more activity. We're excited to have a sponsor, Craig Goodwin, he's the Chief Security Officer of CDK Global. Great to see ya. >> Great to be here. >> Absolutely. So for people who aren't familiar, give us a quick kind of overview of what is CDK Global. >> Sure, so CDK Global runs automotive technology. So we enable technology for automotive dealerships, original equipment manufacturers, and we run a lot of the technology across the U.S. and the rest of the world. So, I think last estimate's about $500 billion worth of automotive transactions, whether buying a car, servicing a car, all went through CDK's systems. >> Okay, so it's the systems, it's the business systems for those autmotive companies. It's not like we were just at an autonomous vehicle company the other day, it's not those type of systems. >> Yeah, correct, I mean we're helping with that, right? So a lot of our technology is connecting, with IoT and connected vehicles helping to take in data from those vehicles, to help automotive dealerships, to service the vehicles, or to sell the vehicles. So we ingest that data, and we ingest that technology, but essentially we're talking about the data in the dealerships. >> Okay. So how have you seen things evolve over the last couple years? >> Well definitely with the extra regulation, right? With people and the way that their privacy dynamic is changing, consumers are becoming much more aware of where their data's going, and who's using their data. So we've heard an awful lot today, about the privacy of people's data, and how the industry needs to change. And I think consumers generally are getting much more educated on that, and therefore they're asking companies like ourselves, who deal with their data, to be much more robust in their practices. And we've also seen that in a regulation point of view, right? So governments, the industry, are pushing businesses to be more aware of how they're using consumer's data, which has got to be a positive move in the right direction. >> Jeff: Right, but it's kind of funny, 'cause on the flip side of that coin is people who are willing to give up their privacy to get more services, so you've got kind of the older folks, who've been around for a while, who think of privacy, and then you've got younger folks, who maybe haven't thought about it as much, are used to downloading the app, clicking on the EULA in their phone-- >> Absolutely. >> Follows them everywhere they go. So, is it really more the regulation that's driving the change? Or is just kind of an ongoing maturation process? >> Well I think-- >> Stewardship is I guess what I was saying. >> Yeah, it's a combination of both I would say. And you make a great point there, so if you look at car buying, right? Say 10 years ago, pick a number randomly, but 10 years ago, people wouldn't have been comfortable buying a car online, necessarily. Or definitely not all online. They'd have to touch it somewhere else, feel it physically, right? That's changing, and we're starting to enable that automotive commerce, so that it starts from the online and ends up at a dealership still. So they actually sign the paperwork, but essentially they start that process online. And that's making people more aware, as you say. I think some of the regulation, you look at GDPR in Europe, spoke of that a lot today, naturally. And some of that regulation is helping to drive companies to be more aware. But where I see the biggest problem is with small to medium sized businesses. So I think if you talk to larger business, you were speaking to Michel from Cisco, some of those larger businesses, this privacy thing's been built in from the beginning. Companies like CDK, where we were aware we were dealing with a lot of data, and therefore the GDPR regulations is more of an incremental change. It just ramps up that focus on privacy that was already there from the outset. The biggest problem, and where we see the biggest kind of change here, is in the smaller to medium sized businesses, and that's talking about dealerships, smaller dealership groups, where perhaps they haven't been so aware of privacy, they've been focused on the sales and not necessarily the data and technology, and GDPR for them is a significant step change. And it's down to industry, and larger vendors like ourselves, to reach out to those smaller dealerships, those smaller, medium sized businesses, and help them to work with GDPR to do better. >> But can they fulfill most of their obligations by working with companies such as yours, who have it baked into the product? I would imagine-- >> Yeah! >> I mean, that's the solution, right? >> Absolutely. >> If you're a little person, you don't have a lot of resources-- >> Yep. And I would say it's about sharing in the industry, right? So it's about reaching out. We talked to Cisco today, about how they're building it into their technologies. A lot of the smaller businesses use companies like CDK to enable their technology. So there's an awful lot we can do to help them, but it's not everything, right? So there are areas where we need to educate consumers a lot better, where they need to work with the data and work with where the data goes, in order to understand that full end to end data flow within their systems. We work a lot of the dealerships who perhaps don't understand the data they're collecting, don't understand the gravity of the information that they're collecting, and what that truly means to the consumer themselves. So we need to educate better, we need to reach out as bigger organizations, and teach smaller businesses about what they're doing with the data. >> And was there specific kind of holes in process, or in data management that the GDPR addresses that made a sea change? Or is it really just kind of ramping up the penalties, so you need to really ramp up your compliance? >> Well it really is incremental, right? So if you look at things that we've had in Europe for a long time, the Data Protection Act that was around since 1999, for example, or 1998, apologies. It's a ramp up of that, so it's just increasing the effectiveness. If you look at the 12 points that exist within GDPR, about what you need to know, or a consumer should know about their data, rather than just who's collecting it, it now includes things like when you change that data, when it moves, who it goes to from a third-party perspective, so really it's just about ramping up that awareness. Now, what that means for a business, is that they need to know that they can gather that data quickly. So they need to be clear and understand where their data is going, and CDK's a great example of that. They need to know what data they're sharing with CDK, on what systems it exists, and in fact how they would remove that data if a consumer was asked for that to happen. >> Jeff: (laughs) Who knows, we know in the cloud there is no deleting, right? >> Absolutely. >> It's in the cloud, it's there for everyone. >> That's rough (laughs). >> I mean, it really drives home kind of an AS application agent service provider services, because there's just, I could just see the auto dealership, right? Some guy's got his personal spreadsheet, that he keeps track of his favorite customers, clearly I don't think that's probably falling in compliance. >> Absolutely, yeah, and it can, right? You can work really hard, so it is a process problem. You identified that before, right? There is a lot of process here, technology isn't a golden bullet, it's not going to solve everything, right? And a lot of it is process and mentality driven. So we need to work with people to educate them, and then there's a big emphasis on the consumer as well. I think we focused on business here, but there's a big emphasis on the consumer, for them to begin to understand and be better educated. We heard from some government representatives today, about educating consumers, right? And you mentioned millennials, and the various other groups that exist, and it's important for them to understand where their data is going, and where it's being shared. 'Cause quite honestly we had a couple of really good stories today about privacy and security professionals really not having a genuine understanding of where their data is going. So a regular consumer, someone that goes to buy a car, how can we expect them, without education, to really understand about their data? >> Just to jump on it, obviously you're from the U.K., and we hear all the time that there's more closed circuit cameras in London (laughter) than probably any city else-- >> Yep. >> So, don't answer if you don't want to, but, (laughter) from a government point of view, and let's just take public red light cameras, there's so much data. >> Absolutely. >> Is the government in a position? Do they have the same requirements as a commercial institution in how they keep, manage and stay on top of this data? >> Yeah, absolutely. So I think, having come from a government background initially, I think the rules and regulations there are much more constrained, constrictive? then perhaps commercial side is. And I think what you find is a lot of the government regulations are now filtering through into the commercial world. But actually what we're seeing is a bit of a step change. So previously, maybe 15, 20 years ago, the leader in the industry was the government, right? So the government did the regulations, and it would filter through commercial. Actually, what we've seen in the industry now is that it flipped on its head. So a lot of the stuff is originating in the corporate world. We're close to Silicon Valley here, the Facebooks of the world, you know a lot of that stuff is now originating in the commercial side? And we heard from some government people today, you know. The government are having to run pretty fast to try and keep up with that changing world. And a lot of the legislation and regulation now, actually, is a bit historic, right? It's set in the old days, we talk today about data, and watching you move around, and geolocation data, a lot of that legislation dealing with that is probably 10, 15 years old now. And exists in a time before you could track your phone all over the world, right? And so, governments have to do some more work, I think ultimately, look at GDPR, I think ultimately the way to change the industry is from a basis of regulation, but then as we move through it's got to be up to the companies and the commercial businesses to take heed of that and do the right thing, ultimately. >> Jeff: It's just so interesting to watch, I mean my favorite is the car insurance ads where they want to give you the little USB gizmo to plug in, to watch you, and it's like, "Well, you already have "a phone in your pocket"-- >> Yep. >> You know? >> They don't really see it. >> You don't really need to plug it in, and all your providers know what's going on, so, exciting times, nothing but opportunity for you. >> Yeah, absolutely, absolutely, I hope so (laughs). >> Well Craig Goodwin, thanks for taking a few minutes-- >> No, thank you. >> And sharing your insights, appreciate it. >> Appreciate it, thank you. >> Alright, he's Craig, I'm Jeff, you're watching theCUBE, We're at Data Privacy Day 2018, I can't believe it's 2018. Thanks for watching, we'll catch you next time. (bright electronic music)

(upbeat orchestra music) >> Hello there and welcome to this CUBEConversations. I'm John Furrier here in our Palo Alto studios. This is theCUBE, Cube Signal program. Here with Grant Fondo, partner at Goodwin, CUBE alumni, been on before, thanks for coming back in. >> Good to be back. >> Partner at Goodwin, one of the best law firms around ICOs and just corporate government. He's a security guru, regulatory guru. We've talked in the past there's a YouTube video out there. Check it out. Search for Grant Fondo, you'll find our previous interview laying out the ICO playbook. Update. Let's get the update to the playbook. So, ICO's kind of in a winter state now, but still ICO's going on. Signal announced massive traction with their ICO. They're going to do an insider kind of private sale, looks like and then open it up. They got millions of people. So that's interesting. But then ICO stabilized. You got Siemens at 20 million range. What's the current update from the ICO front? >> So I think in the US, the current update is sort of post Munchee. So there was a SEC enforcement action and then Commissioner Clayton made certain statements about ICOs and then the net on that is I think it has provided greater clarity about issuing utility tokens in the US. Clayton's statement essentially was that they haven't really, the SEC really hasn't seen any utility tokens that are really utility tokens. The Munchee decision emphasized that in some regard. So with the Munchee decision, some of the things that they focused on was the marketing of the token. Even though they essentially, the SEC assumed that the token was a utility, had tremendous utility essentially on the platform, but what the SEC did was looked past that and said okay, what's the practical reality of that? And so what they focused on, they focused was the marketing. So how is that company marketing the token? Are they selling to people just to use it on a platform? Or are they selling it much more broadly to investor, kind of crypto-investors, VCs, that type of thing? Also there were some certain marketing statements where the company was actually trying to drive up their, emphasize that the price of the token would go up in value. They also focused on the fact that it was going to be on an exchange. And so what they, what they said was listen, this token is not a pure utility token. What it is is a token for people to buy with the idea, hope and expectation that it will go up in profit. >> So they basically, Munchee decision was targeting guys who were throwing everything at the wall? They seem to be. >> Yeah so it's funny. I think that's a little bit of a misinterpretation. So there's, clearly there were statements in there that you sort of shake your head a little bit. But I think that misses the picture of the Munchee decision if you focus on oh well we won't make those sort of statements. You need to look at, and focus on also, what were the other underpinnings of that, that enforcement action and what was the message, combined message with that, with the July 25th guidance that they issued and then Clayton's statements. And I think the message is that utility tokens are going to be a tough road in the US going forward. They certainly have not identified what a valid utility token would look like. So I think it's, it's a little bit of a, they've created greater clarity, but also a lot of uncertainty as well. >> I was having a conversation with some friends. And we were talking about ICOs. As you know we're bullish on ICOs. But the conversation turned towards two bipolar positions. Man this is a crypto, so awesome, blockchain, innovation, take down the incumbent, decentralize the apps, this is the future. And then the other side, from very smart people, is man that's fraud, don't associate yourself with ICOs. So there's a little bit of a Wolf of Wall Street wolf of ICO kind of mentality going on where they see the pink sheets, the old over the counter market that they made the movie Wolf of Wall Street around. People are nervous about that. I'm not saying that's happening, but there's a vibe there. What's your reaction to that? And I'm sure you might have conversations about the same kind of reaction. >> Yeah my reaction is this is a seat change. And it's going to happen and it's happening. And I equate it to the internet in many ways. And so I think you have to go in eyes wide open. I think you have to understand the regulatory risks if you're a company doing it. You know, there's not a certain path to do it in the US. And you have to evaluate that. There's, you can go offshore and there's certain paths that way. But as someone who's potentially going to purchase tokens or digital currency, and I sort of separate them between like the Bitcoin and Ethereum, which is more digital currency, and then tokens which are some of the ones we've been talking about. >> Close to 1,400 now out there. >> I would assume there's even more at this point. So they're literally popping up every day. And I think you have to, like the internet, I think there will be winners and losers. There'll probably end up being more losers than winners. I think the regulatory environment will get more certain. And then there's going to be, and that's fine. You have to go eyes wide open and you may lose your money in it, and then there's the category of pure fraud. And so that, there's always, whenever there's an opportunity, the criminals come jumping in. Or people take advantage of a situation where maybe they would not have otherwise. And that's going to be a portion of it too. But I think you can get a pretty good read on some of these whether this sounds like pretty sketchy or not and you just have to be realistic about it. >> And you guys are doing a good job. The Goodwin practitioner community is really working hard. I mean I always say, my feeling on this, we've talked about this before, is that the internet bubble was a bubble, but everything played out. You can buy pet food online. You can have stuff delivered to your home. So I think the same thing's happening with ICO. I think the things that are coming out that's innovative will end up happening. The question is the compressed nature of how fast forward this bubble is. I mean look at the NASDAQ growth during the dot-com bubble stage. And look at the crypto market total market cap. It's so fast forward. It's happening faster than even the dot-com bubble. How do you keep up? I mean, what's your day like? Do you go through research notes? I mean, you're talking to clients. It's a fire hose. >> Yeah it is, but it's a great time to be a lawyer in this space too. So a lot of it's dealing with clients and trying to figure out how do we deal with the regulatory situation. Advising them, connecting with foreign council as well. Dealing, there's been some enforcement activity both on the state and federal level. So I'm dealing with that as well. Advising them through that process. So, I mean, it's a fun time to be a crypto lawyer, an ICO lawyer. And I think too that what is also part of it you're seeing here that's fun and interesting is that regardless of how you feel about ICOs, one of the great benefits of it is you have all these different companies that otherwise would have never thought about using the blockchain or hadn't focused on it. And they're suddenly using the blockchain and this technology. So you've mentioned about how fast forward it's going. How quickly things. I think these have accelerated this change and this disruption by five to 10 years. And I think that's an enormous impact that is a positive impact. And so no matter what happens with the coins that you buy or may not buy, that's going to be a change that's going to be with us going forward. >> Talk about the regulatory update. There's obviously concerns in whether you're investing in crypto or investing as an individual or a fund or as an entrepreneur trying to build a business. What are the regulatory things that people should be aware of now? That's different than before or that's maybe more prominent. How would you talk about the regulatory? >> So I think there's a couple of buckets. So one is if you're the company doing the ICO you've got to address whether that token is a security. I think the SEC has said most of them or all of them are securities. You have to deal with that reality. If you're trying to create a cryptocurrency you have to look at are we going to be registered by FinCEN? And so I think you need to assess those. I think if you are part of the ecosystem helping these sales, so let's say that you're doing the marketing for one of these token sales. Or you're an advisor who's trying to bring in other investors or things of that nature. You have to look at what's called participant liability under the SEC rules. And so you have to be aware of what you're doing whether does that create exposure to you or your company if that token ends up being an unlicensed security. Likewise, if you're an exchange, moving these tokens or facilitating the sale of these transactions. You now have to think about am I, should I be registered with FinCEN, should I be registered with the SEC? So those are really kind of issues, core issues that you have to deal with. And then as an investor, I think generally investors would be viewed as the victim by these regulatory agencies so I don't know that there's real exposure from a liability or litigation perspective, but I do think it's more, again, like doing the due diligence and eyes wide open and understanding that if it fails, you may not, may not have any recourse. >> So everyone wants their tokens to go up. That seems to be the trend. Let's parse through the concept of utility and security we did, but now I have a token out there. An ICO, and I plan to take and ICO, or I'm ICO. What's the role of exchanges in all this? Because good tokens should have liquidity. People should be exchanging tokens. Some people hold the tokens or hoard them. But the role of an exchange. Do I plug with an exchange? Do I do my own exchange? What's some of the law around that? Because you know if I'm an ICO candidate I'm like hey I'm going to launch my token. It's going to be a secondary token, but I'm going to run my own exchange. And of course, list my token on the big exchange so people can trade it and the price will go up. >> Yeah so that's-- >> So that's natural reaction. >> So that to the SEC is going to sound like a security. So one of the things you have to address is if you're going to do this in the US or bring in US money is, I think it's a real risk to put the tokens up on an exchange. >> Is there hybrid models? Cause I can see a utility vehicle and saying hey we're a utility like the arcade example we used before. But what good is a token if the price doesn't go up right? So say that utility doesn't go fast enough in all this arbitrage, can I do a hybrid utility and security? >> I think it's hard, I mean it depends on how it's structured. One way to do, potentially to do a hybrid. And this has not been tested as far as with a utility token. But the SEC has, sanctions is not the right word, but it said what's called passive bulletin boards, are not securities exchanges. So that's in the context, imagine, you essentially say here's the platform for people, buyers and sellers of our token to exchange it between each other. We're not in the middle, we're not taking any transaction fees. And so there's a path to that and that may not be attractive to certain ICO companies but that is a potential path where you can provide liquidity. >> So like a Craigslist, or like a bulletin board. >> Craigslist. >> The old school, you know, bulletin board days. >> Yes, people still use them. >> John: They still use the word bulletin board? >> Yeah. >> Good news, okay. >> Grant: Exactly. And so that.. >> Social network? >> Yeah, that's a path to do it. You can also, if you do create a system where the token does not leave the exchange, excuse me leave your platform, so it's a closed loop token. That's a potential path that you can do. Again, may, it may-- >> So there's solutions for people who need to have some sort of interaction between token holders. >> Grant: Yes. >> Without going pure exchange in the sense of trading and having a market cap and all that stuff. >> Yes, I think it's many clients would say that it's less attractive from a marketing perspective. But there are, there are potential paths. There's also the path that we're seeing more and more which is securities tokens. I think when you and I met last time we had just started touching on that, but I think that-- >> Explain. What's the big change? >> So the concept is the securities token is you're basically going to treat it like you are going to treat it as security. You're going to own it and you're going to go to the SEC and get it registered through like a Reg A+, which is essentially is a 50 million or less raise. That's sort of a common one we're seeing. And so in that context, you are saying it's a token, but it's a security. You don't have to give up equity. There's other ways to do it so you can give up a percentage of the revenue. Sort of treat it like a divided. And in that way it's a regulated entity and you're not taking that risk about are a utility token or not. >> That's a good path and it makes sense. Depending on the ICO. Okay let's talk about bounties. As you know we love bounties, love the concept of bounties. Media business would call promotions spiff, channel partner, whatever, people use promotional incentives. Bounties are popular, you've seen bug bounty in open source being used. Tried to get Kelsey to, Kelsey kind of addressed it a little bit, but it's more of a legal thing now. What's the status of bounties? You mentioned before we came on that gets the SEC's attention. >> So the bounty is designed to sell the token. So you're in your fundraise round for example. And you put out a bounty so that people will go sell the tokens. I think it creates issues with the SEC. Part of it is it's very hard to control that bounty. So you're going to have people who are trying to make money selling your token. And they are potentially going to make statements that are going to indicate or make statements the SEC is not going to like. So it's something-- >> Or promises. Said basically to sell the deal. Broker dealer almost, right? >> Correct. So there's a couple of issues. Not only from the company perspective that you've got somebody out there who's probably marketing your token in a way that the SEC's not going to like and so that creates potential exposure but also from the bounty person, the person doing the bounty, there's potential exposure. But are they essentially doing a broker or are they acting as a broker dealer or other type of seller of unregistered securities as a participant for example. And so it's not something we generally recommend to our clients. That said, if you are going like more of a true utility tout, there's nothing wrong with like a reseller agreement. So you could structure something most of these bounties tend to be like hey if you bring us x amount of token sales, we'll just give you something. There's no real strong contractual arrangement. But if you are a company that has traditional resellers, and the purpose of the sell of these tokens is for that customer to use it on your platform, I think you can structure things so you have reseller agreements. >> So it's really case dependent. If you're using bounties >> Very case dependent. >> as an arbitrage to sell the deal versus actually part of your business model, that's kind of the way you look at it. >> Yes, I think that's a distinction and I think that's a distinction, no guarantees, but I think the SEC would understand. I mean, it's all part of it. They're looking at the picture. Are you trying to just make this token go up in value or is this token really supposed to be used on your platform? >> Alright so question for you. Since we last talked, I think it might have been two months ago, may have been 60 days or so, I can't remember the actual when you came in last, it seemed like yesterday. What's changed, what have you learned, what's new? What's surprised you? What's interesting that's happened over the past few months? >> So I don't think any of the regulatory action has surprised me. I think we sort of knew that was probably coming. I think what's surprised me though is that every time there's been guidance issued by or an enforcement action issued by the SEC, we now also have state actors, Massachusetts has become pretty active. Texas has also been active. You would think that it would dampen or slow down the market and it really hasn't. So I've been surprised that it almost has led to more phone calls. Not just about, oh are we in trouble, but more in the context of okay, we really recognize we need lawyers. We need to try and do this right. But it hasn't, the enthusiasm is still really there. >> So it's validation in the fact that they're issuing guidance, in my opinion. But I think it brings the question of man, I need help on this thing. People are then they got to call in the pros. Alright the other thing that's interesting about these guidances, if I can get your reaction to is has it really set the rules of the road yet? What I'm trying to look for is what are the rules of the road? I drive on the right side of the road here in the US, I stop at the stop sign, I can get through things. But the rules, what's changing, what's stable? Obviously securities tokens is solid, right? That's a good rule. >> Yep. >> John: What rules of the road are developing? >> So I think, using your analogy, I would say that what the SEC has said if you go over 20 miles an hour, probably more like 10 miles an hour, you're speeding and that's a security. But we're not going to tell you if the floor is 10 miles an hour. So it may be that if you go two, three, five miles an hour, we're also going to give you a ticket. And that's sort of the environment we're in. We know where there's the danger zone where you've crossed that line. What we don't know is where is the safety zone. And so that, that I think in some ways is where that guidance has come. I think where that is pushing people though, is is more offshore and I think that's always a risk. I was involved in digital currency several years ago with certain regulators and that's when I think the government was more interested in stamping it out. And there was a huge offshore movement. You're seeing that with token sales now too. The companies that want to be in the US are moving offshore. So hopefully, my goal and hope is that the regulators avoid that problem. I do think that it's, the regulators still are not looking to crush this industry, they're trying to regulate it. And I do think that's a big change. I'm not saying that there aren't going to be people hurt. >> It's better. >> It's better. >> Not great. >> Not great. >> They're not moving fast enough basically is the issue right? Or... >> Yeah, I also think that companies... For a company that's going through that process, it's sort of still extraordinarily painful. So I'm not saying in any way that the regulators are having a light touch, but I do think there's also recognition here that we don't want to destroy this industry. And I think Congress is the same way. >> And you do a great job, you guys are pioneering a whole new class of law. Documents, agreements are all being kind of re-casted and re-imagined with crypto. >> Grant: Daily. >> It's daily. Well I've got to ask you the final question. As things progress, things are happening, you've got a lot more deals under your belt now. You guys are doing great over there at Goodwin, you're the top set of law firms doing crypto deals. So I got to ask you. What are you advising clients now? I mean obviously you're trying to zig and zag at the right time based on guidance. Make sure everyone's covered and the risk reduction. But at the same time, you guys have also been, I don't want to say super aggressive, but you've balanced aggressiveness of opportunity recognition capture with risk management. What's your current advice now? >> I think if, generally it is really take a hard look at the securities token. I think that that, it's not the perfect path for everybody, there's costs, expense, et cetera. But I think if you really want to do a token in the US, you want to be safe, I think you've really got to look hard at going down the securities token route. The other one is to go purely off shore. And do, pick a venue that is relatively crypto friendly. And do everything offshore which means no US money. Not even at the soft stage early on. And also have the token go on and if you're going to put it on an exchange, don't put it on an exchange that has US people buying and selling tokens. That is sort of the two paradigms that we're seeing. I think anything in the middle, then we're advising, alright, let's talk about pure utility token here. Where, I mentioned it before, where the token stays, doesn't go outside the platform. Or where you've set a fixed price on the token. Or if you do create some type of token do a passive bulletin board. Those are models still to be explored. I don't think many companies are doing them. But those are sort of the paths. I think that the utility token that we've been seeing in the last six months now is a pretty difficult path to go. >> And the offshore thing, Kelsey Lemster, who was on Tact Partner at your firm, was just talking with me about, it might not be the best thing with the tax reform in the US. >> Grant: Yeah. >> So what's your state now on that? Do you still advising offshore? Or does it kind of depends now based upon decision making on whether you're a security or not? >> Yeah, so with Kelsey, he's talking about tax issues. And historically with these tokens, the tax issues were very significant and there was a push to go offshore for those reasons. And there was also always a push about whether you go offshore for the regulatory reasons. We're not going to touch the US. I think those are both things that companies have to figure out and intersect. So we had companies that ultimately decided not to go offshore because the tax advantages were not that significant. Maybe they'd lost a lot of money during the course of their three or four years and so they decided we can offset those gains. Also there's aggravation with going offshore. And so you have to build that in, getting money back from the Cayman Islands or elsewhere there's a process versus just going to a B of A down the street. So I think it's all these things that you have to counterbalance and like we mentioned, it's just everything's changing very rapidly and so it literally is like a day by day assessment of what's the next path. >> It's like the big set of waves coming in, it's really awesome. Final comment I'd like to get. I'm looking at a hedge fund, fund of funds deck from a crypto currency bond of funds, so now you're seeing funds of funds and bonds, and hedgefunds. So a couple of bullet points I want to get your reaction to. New investible asset class. Un-corelated with others. value creation as massive scale. Nascient markets with liquidity unlike VC. Inefficiency provides opportunity. Those are kind of the main bullets on the first page. (laughing) >> I think my reaction-- >> No regulation, regulatory concern, we got tax. It sounds great, I should jump right in. >> So, the advantage to the cryptocurrency is skyrocketing. I mean we've had kind of a pull back a little bit over the last week or so, but some of them are back up today. So I think it is, there is a lot of opportunity and I think some of the opportunity they're talking about, so we represent a number of hedge funds and others who create kind of financial products with this. Some of the opportunities, you look at the stock market. The stock market now is really hard to basically game the market in the sense of not cheating, but like doing arbitrage where if you go to one exchange and buy the stock from there and sell it in another, that type of thing, very hard to make money. There's a lot of sophisticated players, a lot of technology. You're talking literally, what was that movie about where they were able to do a trade like a millisecond faster and it gave them an advantage. That's what you're talking about. Here in the crypto space, you don't have that sophistication yet, so there are companies who are figuring out ways to buy and sell currency in the same currency and make money in that transaction. Maybe they buy from one exchange at a dollar and it's selling at a dollar 20 at the other exchange so they sell it. So I think there is a lot of opportunity. Ultimately these are being regulated. Even the cryptocurrencies are regulated. Some are regulated by FinCEN. The exchanges are regulated by FinCEN. So there's regulation, but there's a lot of opportunity. >> A lot of arbitrage certainly. >> Grant: Yep. >> Big time. >> Yep, so it's a really fascinating market. Very sophisticated market. Again, eyes wide open if you go in and invest in it. >> And this really talks about the make up and the personality of the people involved if you can handle the wave, you should get out there. Hence the reaction to some people look at it as a little bit nervous, they're the risk averse folks. You've got to be, you have to have a stomach for this. You know. >> You do. You also have to be smart. Like you shouldn't put all your money in it. You shouldn't pull out your 401k money to start investing in any asset class. You have to invest enough that if you lose it, it's not going to be life changing. >> Well a lot of smart people that I know, and I know that a lot of people who were really into this and see great opportunity, certainly there's the bad actors in there, but I love this opportunity, I think it's a once in a generation movement. I think it's the biggest wave that's hit since many generations so really awesome. Congratulations on the work you're doing. Any new update on Goodwin front? >> No, it's just been a fascinating time for us. And it has, we've got a ton of people doing a lot of interesting stuff. And literally every day we hear a new project. We're like wow that's a really interesting application of this technology. Or a different use case. And our clients are coming to us. I mean that's the beauty of Silicon Valley and that model is we learn things from our clients so we love having those meetings. I think you're just going to see tremendous change. Literally week to week. >> How's your VC client base? They're probably engaged heavily at this point. I'm hearing a lot of folks on the VC side. Not feeling like they're being left out, but they're seeing this as a new way. They certainly have been called out here in the hedge fund. Unlike VC. I mean classic venture capital's been out for a while. >> It's a new paradigm for them. I think they're grasping with it. I think that in some ways it's attractive to them because it does provide for their LPs. It provides much greater liquidity than a typical VC investment which is a five to 10 year wait. But they're also, people are saying they're being replaced and they're having issues where companies no longer want to go to VC, they say why should I give that equity and control when I can get the money through different means. So I think it's disrupting their world. I think they're slowly, not slowly they move pretty quick, they're adapting to it. I think that there's tremendous value to having VCs involved in the ecosystem. >> I mean they should do it, I mean they should take a little bit of their fund because just the opportunity to get appreciation and again, liquidity in an unregulated market is an opportunity. >> It is an opportunity. And they're in it, they're exploring it and stuff. >> Grant Fondo, partner at Goodwin, check out Goodwin. Great firm on the ICO front. They're the top in Silicon Valley and around they world. They've got great tax law, Grant, good friend of theCUBE. Thanks forc coming on again, appreciate your commentary. An update on the ICO playbook. I'm John Furrier, this is CUBEConversation. Thanks for watching (upbeat music)

(upbeat orchestral music) >> Hello, welcome to this CUBE Conversation. I'm John Furrier here at our Palo Alto studios. I'm joined with Kelsey Lemaster who's Tax Partner at Goodwin. This is theCUBE signal. Kelsey, thanks for coming in. >> Yeah, thanks for having me. Glad to be here. >> So, tax partner. Obviously, lot of things going on. Apple's bringing back cash with the United States. Big news, $380 billion. Tax reform under President Trump seems to be spurring. NASDAQ hit an all time high. Business is booming. Kind of good, good tail wind for business. But really the hot topic that I want to drill down with you in this segment is have a conversation about the ICOs. >> Yeah. >> Cryptocurrency, it's insane. It's super exciting. If you're under the age of 30 and if you're not actually so excited to get into this unregulated, uncontrolled, well some say controlled market. It's just people are going crazy. A lot of opportunities, a lot of fraud, a lot of action around building businesses around it. So, you're in the middle of it. What's going on? Give us a take on then ICO. How many ICOs you guys doing, all right. What's Goodwin's number up to now? How many ICOs you got? >> Yeah, so the number we talk about within the firm is about 40 active ICOs. That's probably not precise but it's more or less that number. You know, every day we talk with existing clients or new clients that want to go through an ICO process, and we advise them the best that we can. There's securities laws issues which people are aware of. That's not really my expertise but in the tax world -- >> Well, Grant Fonda, he's coming in next. But we've had a conversation with him. >> Right, right. >> The securities issues and this, but there's huge tax consequences. >> Yeah, so there are a lot of tax consequences. They're unusual and things that people don't expect when they're raising money, what they view as raising money through an ICO process. Cause typically when you raise money from a venture capitalist or from investors, people who will buy securities in your company for cash or property, that's usually tax free to the company. And I mean, that's been traditional law for many, many years. Problem is in an ICO, what you're selling usually is a digital asset of some sort, a token which often is a right to obtain some service on a platform that may or may not exist yet. And the tax characterization of raising capital for that kind of asset or property or service probably does not qualify for the exception. It normally qualifies when you sell stock or securities. So, it's basically taxable revenue to companies. >> So, let's drill into this, have that conversation about tax. Cause a lot of people I talk to, entrepreneurs or newbies, either new entrepreneurs or seasoned entrepreneurs, even the seasoned entrepreneurs look at the tax consequences and go, "Wow, this is crazy! I don't understand it." And it seems like the tax providers, you guys are one of them there's a bunch of other firms out there that can help with different price points all across the board. Their learning, their training wheels are on too. So, people are learning, running, tripping, falling. It seems to be that from my perspective. And it's a real, real rapid accelerated pace. It's almost like the dot com bubble but fast forward it feels like with an entire new infrastructure of corporate governance. >> Yeah. >> I mean, this is pretty crazy. So, tax is a big one. And the dollar signs could add up big time if you're a company and you need tax advice cause there's so many scenarios. What is the current state of that market? With tax providers, the tax consequences, is it as thorny and hairy? And how are you guys unpacking it? >> I think you're exactly right that a lot of us are learning together about the technology, about the business terms, the deals. Those are evolving. The tax law is what it is. It has really not caught up to any of this. The IRS issued a notice in 2014 that tells you how cryptocurrencies like Bitcoin and Ether and Dash and some of those others are taxed to individual investors but that's it. That's all we've heard from the IRS. So, a lot of us as practitioners are trying to figure out how to apply traditional tax law principles to this brand new, technological sort of device or way of raising capital. And in some instances, the answers are clear. And in others, they're not. There are a lot of square peg round hole problems that a lot of us are trying to work through. And as you said, we're doing it at a very rapid pace, real time, clients are not really waiting for us to figure out every nuance of tax law and how it's going to apply. They're just doing their ICOs. And so, there are a lot of situations where companies will do an ICO and raise, maybe this hasn't happened lately as much but at least last summer, companies would raise hundreds of millions of dollars in an ICO without really getting any significant tax advice. And the basic rules in this area, as I had mentioned, If you raise capital by issuing tokens, it's probably taxable revenue. So, if you start up as a normal corporation where you're going to build a platform, you're going to spend some money to build it, and all of a sudden you raise $200 million. Well, if you can't spend all of that money in a year, you're going to pay tax. And last year, the corporate tax rate was 35% federally. Now, that's been reduced on under the tax reform. But say you raised $200 million dollars last year and you effectively couldn't spend much more than a couple million dollars. You could have a tax bill at the end of the year of $70, $80 million dollars which nobody was expecting. You know, companies are trying to structure around and avoid -- >> It's hard to spend $200 million in one year. >> Kelsey: Yeah, exactly. >> You really got to go crazy, go on boondoggle. No but this is an important point. So, let's get down to that. So, the cash proceeds coming in, obviously the utility token, that's taxed right out of the gate. >> Yeah, there are some areas of uncertainty there. And there are positions. I mean, there are alternative ways of viewing that. Probably the right way of viewing money coming in, we say money but usually it's Ether or Bitcoin, right? So, we take the fair value of what comes in. And if it's $200 million, in a utility token context, that's probably going to be viewed as revenue for future services. Because, by having the tokens, the individual holders will be allowed to participate in your platform and get your services. So, the services income that's taxable. Now, you may be able to defer some of it for up to one or maybe two years. It depends. You're going to have to recognize all of it for tax purposes within two to three years max. And you know, people have talked about, "Well, can I just wait and see what happens and not pay any tax on this income?" And there are some sort of doctrines that you might look to one's called the open transaction doctrine where you don't really know what's going to happen. In a lot of these cases, the ICO proceeds have to be given back if the platform never gets built. So, people have talked about, "Well, can I use what's called open transaction, and wait and see? And if I build the platform, then I'll take the income in in that year in the future but not now." Personally, I think that's a losing argument. And my view is the IRS, when they start looking into this, they're going to really view this as all just services income. And you might have one or two years to spread it out, but you're going to have to pay tax on it. >> It sounds like there's a mix and a confluence between accounting and finance and tax law. Because you've got timing issues, that's revenue recognition. You mentioned services with tax practional view. What is the line? Where is the absolute, out of bounds in ICO tax policy? If you could lay it out. I know there's a gray area that your people are working through and might have a position and lean towards a certain direction based upon what they're doing. So, I can get that. But where should someone look in saying that might not be in the know in the taxing. Don't do this. What are the things that they shouldn't be doing? Obviously, fraud. We know that's ... >> You don't want to do tax fraud, for sure. I would say, in general, it's going to be risky to take a position that, if you raise a bunch of money in a utility token ICO, if you take the position that that's not revenue and you somehow view it under the open transaction doctrine, for example, I think that's a risky position. >> John: Why? >> Just because I think that it's inconsistent with the law and the open transaction doctrine space. Normally, when you receive money and it's basically yours, you have a claim of right over it, that's taxable income to you. Even if you might have to somehow give it back in the future. So, I think that would be a risky position to take. Another thing that we've heard about a lot of companies doing is, you know, for awhile everybody wanted to set up a foundation in Switzerland. I'll set up a foundation in Switzerland, they'll issue the tokens, it's all tax free because it's a foundation. I think there's ... I'm trying to remember. There's an ICO company that recently got in trouble for this because they were trying to take the funds out of Switzerland and use them for personal use. But any time I hear someone talk about setting up a foreign foundation, my antenna go up. I think that -- >> You think that's a red flag. >> I think that's a major red flag. Most of these companies that are doing ICOs, probably don't really have the kind of purpose or business that really fits with a foundation. I mean, foundations are tax exempt, charitable type entities. Like The Ethereum Foundation. That to me sounds like a foundation, right? It's not there to profit in any particular business. >> John: It's not a business hiding as a foundation. >> Kelsey: Exactly. That's a great way to put it. I think there for awhile, people thought that I could hide my business in a Swiss foundation and never pay tax. And I think that's a major red flag. >> Okay, let's talk about the Cayman Islands, Switzerland, there's places to domicile or locate your business for tax reasons. And some people, there's play books out there on what to do. And it evolves. It's a moving train for sure. But what problem are we solving with the tax? Can you just elaborate on what is the core problem to be worked on with respect to taxing, the tax consequences in the ICO crypto market? >> Kelsey: Right. So, from the company's perspective, the core problem is what I was mentioning where, when you raise all this money through an ICO, the most likely treatment of that if your raise it into a U.S. corporation is that it's just taxable income. And maybe some of it's taxable this year and the rest is taxable next year, but it's going to be taxable to that corporation pretty quickly. And corporations don't want to pay tax. I mean, that's an age old problem. So, what people are doing and are still doing is there are structures where you can set up a subsidiary in a foreign jurisdiction like Switzerland, Cayman Islands. This is not a foundation, this is a normal subsidiary. And if you get the intellectual property moved into that subsidiary in an appropriate way, and there are rule around that, and then you have substance in that subsidiary where you have employees in that jurisdiction who are helping to develop the IP. Then if you do everything right, and then you sell the future services out of that subsidiary and you sell the ICO tokens out of that subsidiary, you may get some ability to defer U.S. tax until you actually take money out of the subsidiary and repatriate it to the U.S. So, that's what -- >> It's a lot of work to set up a subsidiary. >> It's a lot of work to set up a subsidiary. >> And it's costly. >> Kelsey: Yep. >> Is it worth it? >> Yeah, so prior to the tax reform bill at the end of last year, if you could do it all right, and there are a lot of issues with getting it right and complications and complexity, But if you could do all of that, and there are a lot of companies that did, then yeah, I think there are good positions for deferring tax. Which, you know, on a $200 million ICO, that's deferring $80 million dollars in tax until some indefinite period in the future. >> There's not many $200 million ICOs. >> Not many ... Right. >> Most of them are in the five to 20, 20 to 60 range. Million. >> Yep. So, I think now that we're in -- >> Still a good chunk of change. >> Kelsey: Yeah, a good chunk of change. And so, post tax reform, the tax rates last year were 35% corporate federal income tax rate. Now, they're 21%. So, there's been a huge reduction in corporate income tax rate in the U.S. So, that I think coupled with the smaller size of the ICOs is going to drive fewer companies to want to set up these offshore structures because, one, it's a smaller amount of tax liability that they're dealing with. And two, because you're raising less money it's not too difficult to spend $5 million -- >> So, pretend I'm doing an ICO. So, I say, "Oh, I'm going to do an ICO." Well, I know that I could maybe fetch $20 million might be the range. Or say I get lucky, say I do 30. I say to myself, "Okay, can I spend $30 million in two years?" Probably, yeah. But it's not so much spending money. I want to get your reaction to this. It's not just spending the money to get the tax law set. It's can I get to revenue. So, can I hit the fly wheel for critical mass in a revenue model. Which, now, a new dynamic is 2018 seems to be the year of we were looking for real deals not vapor deals. White paper and raise money. How does that work? So, if I say, "Hey, I know with $20 million in two years I can get to cash flow positive break even." What's the tax consequence on that? Is that a good deal to do? >> Yeah. So, once you turn net profitable for tax purposes you'll start paying taxes in the U.S. And so, if the idea is I'm going to raise $20 million on an ICO in January 2018, and I'm going to spend $20 million between now and the end of 2019, you can probably, you have to model this out with your accountants, but you can probably match up the $20 million you received this year with the $20 million of expense you spend between now and the end of 2019. And once that zeroes out then you probably won't pay too much tax on the $20 million you receive now. Then once you flip to net positive, right? So, you've spent the 20, took the 20, now you're at zero and you start earning income -- >> But that's a real business. >> That's a real business. And that's going to be taxed like any other business. And now you're in a much lower U.S. tax rate environment of 21%. That's probably a fair deal. >> This is the business model question that everyone's asking. Can I get, use the cash to build a business this is now the conversation in the venture community. It's the conversation in the entrepreneurial circles. >> Kelsey: Yep. >> How to do it. Not just go to the trough and take as much down as you can. Which pretty much everyone's trying to do. That's up though. Not many people doing that. >> Kelsey: Yep. >> I mean, Signal's got a big ICO coming. They were in the billions. But are you advising clients to stay in the U.S. If they don't have to go to Cayman's? What's the current state of your research note or tax note to clients? >> Kelsey: Yeah. I think this you might have different views from different practitioners. My personal view is that if it's a relatively small amount that you're raising and you expect to be able to spend it down within that one to two year period, I tend to advice clients to keep it simple, stay in the U.S. Because there are a lot of ways that you can screw up a Cayman structure or Swiss structure. And usually these companies are working incredibly hard to build their platform. >> It's also distracting. >> That's my point. Exactly. The benefit is uncertain. And it may not be much of a benefit at all. And it's probably much more important that you succeed with your business than for you to save what may or may not be a small or large amount of tax. >> So, you guys are learning on the fly, which is great. And this is a market ... It's a huge wave. Everyone's getting their surf boards and getting out there on this big wave. And it's super exciting. What are the practitioners circles, your peers, as you guys huddle on this in the industry, what is the general rule of thumb that you guys are applying? I know Goodwin's a great firm. You guys have done some great work. You're conservative but yet aggressive which is a good balance here. I think some firms won't even touch an ICO. Maybe too risky for them. But you guys take a good line there. You're pushing the envelope. What's the rule of thumb in the practitioners circles? Where's the standards evolving? What's your reaction that? >> This is probably not a super helpful answer. I don't think there are standards. I mean, this is a space that barely existed eight months ago, and now we're doing 40 ICOs at a time. So, it's a very fast-paced evolving space. We just had tax reform literally two weeks ago. I'm on an advisory group with the Ethereum Network Foundation, and it's a bunch of tax lawyers in New York and out here, and we talk every couple of weeks. Just to kind of figure out what we're doing. And there are a lot of things we talk about but I wouldn't say there are really any standards that have come up. There are other ways that people are implementing ICOs that didn't really exist six or eight months ago. >> John: Like what? >> Which you'll probably talk about with Grant to some extent. But you could just go out and have your tokens ready and sell them as a token sale ICO. We have a lot of clients that want to raise the money before they have their tokens built. They just have the white papers so they will sell SAFTs, which are a Simple Agreement for Future Tokens. But you basically agree you'll give me your Ether now and I promise I will give you tokens in the future. And that's a SAFT. Now, there are versions on that where we see investors kind of hedging their bets like, "Well, I don't really know if you're going to be successful with the platform, so what I really want to do is I'll give you money now and I want an instrument that kind of gives me flexibility to either take tokens or equity. So, you see these instruments, like one's called a SAFE, a Simple Agreement for Future Equity. Which you see in normal financings But with a dash "t" on the end of it. >> John: We're going to have pipes. We're going to have SAFE. We're going to have all this stuff going on. >> So, there are all these acronyms coming up. And there are different versions but some of those versions might give you better positions on bringing in the money now and waiting to figure out if it's going to be taxable. >> John: What have you learned? You've got ICOs under your belt. You guys are doing good work over there. Relatively new. What's the big learnings that you've walked away with, so far? And what's still in front of you? >> Yeah, I think what I've learned is just, for me personally, it's very interesting to see how these traditional tax concepts which are simple in the abstract really apply in very unexpected ways to an ICO. And the things we've been talking about on the company side is a big area there. I've also focused a lot on if you're an investor and you're participating in an ICO, odds are you're not paying cash. You're probably paying in Ether or Bitcoin. And if you've held those other cryptos for a long time, and let's say you bought Ether at $10 and you're trading it in now at $1,000 in an ICO. Well, you probably also have gain cause you've just exchanged your Ether. So, now you have $990 in gain for every Ether that you send in. And you know, there are ways to try to manage that for the investors. But that's one area that's been a surprise for investors something we've been aware of but it's something I've kind of thought about and learned that in a lot of these situations there are tax consequences not only for the company but on the investor side. So, on both sides of the table there are tax consequences. And people are often surprised by that and everybody's catching up. >> Kelsey, great to have you on. Take a minute to end the segment. Just share a little bit of the work that Goodwin's doing. You guys have a tax practice. You're head of it over there. What's some of the work you've done? Do the plug in. >> Kelsey: Yeah. So, in this space we do our work with a lot of clients on ICOs. We're working with a lot of traditional venture funds that are dipping their toe in and are reviewing ICOs that they may invest in. So, we look at it with our investor hat and with our company hat. We've also helped clients that are thinking about doing tokenized funds where they will raise capital into a venture fund but they'll do it by issuing their own tokens. So, those are very interesting structures in and of themselves. We've really kind of embraced this space and worked really in just about every way that you see these companies taking shape. We've helped them and helped the investors. >> And of course, you got funds of funds going on now. I saw a couple of decks been circulating around. Funds of funds, you've got token funds, funds of funds. This is like a new asset class. >> It's a whole new world. >> I mean, unregulated, uncontrolled, controlled probably by a few people. I mean, pretty wild. >> Yeah, yeah. >> John: Having fun? >> It is, it's been a blast. >> Kelsey, thanks for coming on theCUBE. Kelsey Lemaster, partner at Goodwin on the tax side. A lot of work. I'm sure he's busy. It's complicated. And they're learning and people are being successful in ICOs. And again, one of the big things is the tax consequences. Check out Goodwin. They've got a great firm over there. Kelsey, thanks for spending the time coming on theCUBE. I'm John Furrier. This is CUBE Conversations in Palo Alto. Thanks for watching. (upbeat orchestral music)

(upbeat dramatic music) >> Hello, everyone, welcome to the Cube Conversation, here in Palo Alto Studios, for The Cube. I'm John Furrier, the cohost of The Cube, co-founder of Silicon Angle Media. We are here for Thought Leader Thursday, with Mitzi Chang. She's a securities attorney and partner at Goodwin. Formerly Goodwin Proctor, Goodwin Proctor's the name. Again, great to have you on. Thanks for coming in and talking about some of the securities around Blockchain ICO's. You guys doing a lot of work, thanks for coming in. >> Thanks for having me. >> So, obviously, Blockchain is the hottest thing we're seeing. AI, obviously, is hot as well, IOT, all of this about a new, decentralized internet. And it's the wild west. And we know because we're looking at doing our Blockchain and tokens for The Cube and all that good stuff. So we're totally love the new environment. Everyone, all the light tier one entrepreneurs are licking their chops and going, ah, man, good action. And a lot of the thought leaders are saying this is a fundamental shift. So it's cool, we get that. But now, okay, is the technology ahead of the law? And, just today, the news is breaking that the SEC is now putting a clampdown on a new thing, celebrity endorsements, into ICO's initial coin offering. So, yeah, you're a securities attorney. You have to sit back there and, like, wire these deals together. >> Right. >> What's going on, I mean, is the law behind the tech? How are you guys managing it, what's the flow look like for you? >> Yeah, I mean, I think that the law is almost always behind the technology, right. That's just how it works. I mean, from our perspective, you know, we represent tons of companies on normal securities law, or securities issuances. And this can be similar, depending on how the token is structured. So, you know, the SEC said in its July guidance that tokens can be securities, depending on the facts. A part of what we do, as lawyers, is review the facts of the token, right. What does the token do, how do you treat the token, how are you issuing the token, how are you marketing the token? Are there securities-like features of the token? So, for example. Does it have profit sharing features? Does it have voting features? Those are pretty obviously more security-like features. But, also, you know, in the token ecosystem, are you treating it like you would equity? So, for example, you know, are you putting vesting conditions on there? Are you marketing it to VC's who may never use your network? Those are some factors that make it look like more security. Versus a utility. >> You guys also, I mean, I've been in Silicon Valley now 18 years, and been an entrepreneur for longer, and entrepreneurs are always three feet in a cloud of dust, breaking things in the bowl in the China shop, as they say, and have to get the lawyers to kind of clean things up or set things straight. Securities is a known practice, but now there's some kind of bumps in the road but still people are moving forward. So I got to ask you, what's the test? I mean, we hear things like the Howey Test. >> Mm hmm. >> What are some of the things that entrepreneurs should know around where to pay attention? Kind of where to put their head down and drive because there are known practices, on the security site you mentioned, a few of them, but where's the test? What's the one thing, is it the Howey Test? What is this Howey Test concept? And what other things should entrepreneurs know about? >> Right, so I think, you know, the Howey Test is a test that was in CaseLab that basically explains what is an investment contract. And an investment contract is what is considered a security. So, basically, the payment of money, you know, based on the efforts of others, where you kind of have the reasonable expectation of obtaining profits, right, from those efforts of others, versus yourself. So that's the general gist of it. So I think, from a securities law perspective, that's really important. Because there has been so much focus from the SEC. But there's also other regulatory agencies who are focused on this. Some of those are, you know, money transmitter laws. You know, there's potential commodities law issues. So there's definitely other regulatory regimes that could implicate the token. Or the token could be implicated in that regime. But I think the securities law one is one that I focus on. >> Yeah. >> And it's important to look at. >> Alright, so the first test is, okay, obviously, new internet infrastructure, different conversation, but the real law test is, is this token going to be an investment making money. >> Right. >> Or is it going to be a utility. One that provides values to the participants. Did I get that right? >> Yes, I would say, generally speaking, right. Is the token, you know, is it a use case? Or is it an investment? Am I expecting profits from that token? Or am I using it like an access fee or a membership? Or to obtain services. >> An arcade game, as Grant Fonda would say. >> Exactly. An arcade game is probably your best example. >> Yeah. Okay, so then the next test is I've heard of some things I'd like to get you to explain. What anti-money laundering or AML is. And KYC, Know Your Customer. And, obviously, Bitcoin has been kind of, you know, we've heard Silk Road stories, underbelly, a lot of bad things are happening, but anonymous is good. But here, financially, Know Your Customer is a specific thing that means something and then AML, anti-money laundering, how does that factor into this whole thing? >> Yeah, so I think for, you know, when you open a bank account, for example, right, your bank wants to know who you are. They'll obtain certain information from you. Whether it's your drivers license or passport. Where you obtained your funds. I mean, that's part of the Know Your Customer, anti-money laundering activity, right. >> And identity behind the, before you sign the thing. >> Right. So part of it is because cryptocurrency can be very anonymous, right. There are anonymous wallets that you're sending cryptocurrency to and from, you don't know who these people are. So part of it is making sure that you understand who your purchasers are. You don't want to run afoul of, you know, an anti-terrorist type, you know, regulations. The US government has several lists that they have online that you can search for names of folks that you don't need to be doing business with. So there's a lot of structures already in place. And part of that is just understanding who your purchasers are. >> And these are requirements on certain things, and the anti-money laundering exposes just audit trailing and certain things that you got to have as compliance things. >> Correct, correct. And so I think, in America, we don't normally, I would say if you were kind of outside of the US, this is probably a little bit more normal, right. People are used to doing it. I think, in America, maybe we're not as used to it. But these are not kind of new guidelines. This has always existed. >> Alright, so sometimes entrepreneurs are fast and loose with their, ah, screw the anti-money laundering thing. Or they get, I don't understand, that's too much work, I don't understand it. >> Yeah. >> So they blow it off. When do they have to not blow it off? When do you have to worry about, like, all these anti-money laundering things? Cause you have to, obviously, do more work. >> Right. >> Got to make sure you're checking the boxes, complying. That probably has overhead, costs money, or maybe write some new software. So we've been recommending that all of our clients who are in the token space and kind of obtaining, you know, digital currency, go through KYC and AML. Some of the digital currency exchanges, right. So in order, when you're receiving your digital currency and you need an account, >> Mm hmm. >> in order to exchange the digital currency into US dollars, for example, it's essentially like opening a bank account. So they're going to ask for all of the information with respect to how did you receive your digital currency. So part of that is you need to have that in place prior to actually launching your token sale so that you can kind of follow the flow of funds. >> So I was trying to find this image I would put up but I can't find it cause I'm on this computer, but I saw a thing on a conference, might have been Block Con, that you guys were at. I think you guys sponsored that event. Where the cost of doing an ICO can range from, they said, on the cheap end, they use the word cheap, not inexpensive, cheap, probably implying not get a good lawyer, a hundred K up to 750 thousand dollars. So, range of cost between hundred thousand and 750 thousand. From cheap to done right. >> Right. Right. >> Or expensive. Is that right or is that, what's the cost ranges? >> Yeah, I mean, I think there's a lot of players in the ecosystem, right. So there's the lawyers. And typically lawyers bill by the hour, so that's kind of how much time, you know, we're kind of looking at documents and things and helping you structure. There's the tax accountants. So part of that is also, you know, how much time they're spending. But some of it can be very complicated from a tax structuring perspective. Then there's the technical people, right. Unless you have that in house. To actually build your Blockchain network. Kind of help you with all of that, you know, the technical aspects of it. So software engineers, for example. Then there's the ICO consultants. Someone to kind of help you manage, quarterback the process, maybe help you with marketing the tokens to certain different websites, or help you with that. So, all of those together, I mean, yes, it can be very expensive, it kind of depends on how much of that you want to outsource. And how much of that you can do yourself. Obviously, you can't really do all that stuff yourself. >> So it's in the ranges. It could be in the ranges. >> Yeah. I mean, tax alone could kill you if you're looking at all kinds of complicated schemes or licensing agreements. >> Right. >> I mean. >> So all that, you want to make sure you're structuring the entity appropriately before you start it. >> Okay, so where do you get involved? So let's just say that, let's just walk through the day and day operations of, say, Goodwin. Okay, I've got to client. >> Yep. >> And, okay, you come in for the securities component. What does that mean? You just make sure they're incorporated properly? All the laws on the stock and then the tokens treatment? What specific things do you do? >> Sure, so, you know, once we kind of have brought the client in, after our conflicts procedures, and we've agreed to the engagement, part of depends on where they are. If they don't have a company, we'll help you form the company, right. And make sure that all of those startup documents have been appropriately done. Sometimes people have already, they're, you know, an actual company, right. We don't need to form them, they're already in existence. So then we look at pass the formation items and we look at the token issuance. So we'll look at your white paper. The white paper typically describes how the token works in the ecosystem and kind of what the company. >> You get involved in that, just to kind of check if it sounds. >> From a structuring perspective, right. Do we think this is a security? Or do we think it is leaning towards utility? And the SEC obviously has not said, what is a utility and what is a security. >> So that's the gray area? >> Yes. >> So the gray area is watch the language, be careful what you say. >> But also what you do, right. It's not just what you say, it's also what you do. So part of it is talking to the clients about what are you thinking, how are you envisioning this? Where can we help you kind of restructure or decrease your risks? >> And you guys become a safety net and help defend that too, obviously, as attorneys. But the clients still own, >> Correct. I mean, part of it is we give you advice. And the clients can take or not take our advice. But that's what we're here for. >> Do you guys offer a legal opinions behind these? I'm sure you don't. (laughs) >> We don't offer legal opinions. You know, we do do research memos on kind of where we think your token lies. But we don't do legal opinions. >> So have you guys talked to the SEC at Goodwin? I mean, do you guys have conversations? I don't know what goes on behind the curtain of the big law firms but I'm assuming that you guys are up to speed on all the notes and everything, but do you guys actually talk to people at the SEC? Is that how it works? Cause this is a cutting edge area, I'm sure you guys have to be on the cutting edge. >> Yeah, I mean we haven't had any clients, knock on wood, that have had to go through any of the SEC investigations on this. So, you know, we have not had, on behalf of our clients, had to talk to them about it. >> So that's good news, you guys doing good. >> Yeah. >> I know you guys doing over close to 30 plus ICO's, so congratulations. Is there a pattern that you've seen, from a legal standpoint, that you've seen emerging? Obviously, it's pretty clear, out in the market place, certainly the celebrity endorsement, Paris Hilton to the boxer dude and all kinds of stuff was going on where people were endorsing >> Right. >> things, so. Kind of, I don't want to say pump and dump, but that's a word that's been used in the dot com bubble, but people are saying a lot of these things are scams. And the majority of them aren't going to work out. So we've said, editorially here on The Cube and Silicon Angle, that failure doesn't mean scams. We had some failures, but certainly there are some scams. So has that caused people to pull back a little bit? And say, whoa, we're not going to go forward fast enough? Or is nothing stopping this, what's the pattern? >> Yeah, I would say, compared to a year ago, where there was no SEC guidance, right, there was no guidance from other regulator agencies, people were definitely going very quickly. I think now what we're seeing are more sophisticated clients. Clients who really want to make sure that they're following all of the legal requirements to the best that they can, given the grayness in the securities laws and other regimes. And a lot more of a thoughtfulness about, well, let's make sure that this works, right, we're not going to get into trouble. >> Have you seen any co-mingling between some of the traditional VC, venture capital investors or hedge funds, they're emerging, who want to come in and participate on the pure equity side, or the preferred stock or, more common, mostly prefer we see them. But, also, play in the tokens. Is there co-existence between participation? Or is it mostly they line up on the preferred and then let the tokens go here? Is there a pattern there that you see around how those securities are playing out? >> Yeah, I think a lot of people see value in the token ecosystem and they want to participate in that. And a lot of our venture capital clients, or our token clients who have VC investors, they want to participate. So we are definitely seeing people are very excited about it and want to kind of be a part of it. >> What about the presale concept? We're seeing a lot of people jump on the presale bandwagon because it allows them to, you know. It's not an inexpensive process. You guys, obviously, don't work for free. You guys have deals where, obviously, startups can come in. And you guys have a great startup program, I could testify that. You guys do have a good community participation there. But, at the end of the day, this is a legitimate process now. >> Mm Hmm. >> It costs money. You guys have to get paid. And service provides, like the tax attorneys got to get paid. So there's a lot, we see a lot of entrepreneurs doing that's presale. Where they try to offer this kind of discount. How is that working out and has that been going well? >> Yeah, I mean I think, you know, while the SEC has not commented on this, the practitioners and kind of the ecosystem, most people, I think, are considering that presale agreement prior to a network actually being live as a security. And, so, people are going out to accredited investors, sometimes that's VC, sometimes that's high net worth individuals. That's usually done through a SAFT, which is, it stands for Simple Agreement for Future Tokens, or a presale contribution agreement. So part of that is it's like a, you can liken it to a preferred stock financing. >> It's a known process. >> But it's not preferred stock. >> But it's a known vehicle for financing. >> Correct. >> It's not like it's tied to the ICO in a new vehicle. It's just like, okay, we're going to do something down the road, there's risks associated, all that stuff. >> Right, it's an investment contract. I'm giving you a million dollars to invest, to build up the platform. At the end of, when the platform launches, and, hopefully, when the network has utility and your token has utility, then you'll receive tokens. >> And this is good for innovation, because it gets everyone rolling a little bit. Is that, that kind of seems to be the pattern that I'm seeing. It's like, you know. >> It's basically like a seed round, alright. That's probably a really good example, is it's a seed round to get something started. That thing is not your company, it is your network. >> And it also sets the community. I've noticed on the Blockchain, these ICO communities are a very bit part of it. Goodwin's got a great reputation, certainly here in Silicon Valley, and around the world, as a law firm. This is a big part of it. So the presale's also kind of a gesture of credibility for the opportunity and I think, I mean, you know, people I talk to are like, hey, I look at what's going on in the presale, kind of as an indicator of who's involved, judged by the company that you keep kind of thing. So that's interesting. Have you seen that presale dominating more than just going right to the ICO, given the market conditions of all the ICO's? >> Yeah, I mean I think it depends, right. Some of our clients have existing businesses, right. Where this is very complimentary. The Blockchain network is complimentary to their existing business and, so, they may not need to have this big presale, right. Part of the presale could be two weeks before your general crowd sale. You have folks who kind of get in early. To me, that is not necessarily, I mean, it really depends, obviously, fact-specific, but that's a little big different that doing a, quote, presale agreement. Like a year before or six months before your token launch. That's a little bit different. >> Yeah, so also you brought up a good point. Existing businesses versus kind of like people who just need the cash to get going. >> Right. >> We're seeing a lot of companies that either have a successful business, like Kik and then Kik Kin Token was once example, we talk about all the time. The other one is pivots. We're seeing a lot of entrepreneurs take companies that were pivots, AKA, going out of business, where the token timing of a token in decentralized Blockchain actually is great for their business model. And they have to, essentially, go recap or do some securities, you know, resetting. That's your world, right? You got to get involved in those areas. >> Yeah, I mean, I think anything that has to do with kind of changing your capital structure, right, you should have your securities lawyer or your corporate lawyer involved. Because that'll obviously impact your securities law. You know, exemptions that you're taking, you know, typically from a private placement exemption, for most of our private company clients. >> Is there any new trends that are popping out of that kind of pivot or, wow, this is really, you know, I was out there, I got some funding from Y Combinator, or some sort of venture, and we're kind of just barely staying alive. This Blockchain could really accelerate, there's now momentum. Is there any trends that you see, from your work standpoint, where you have, that are happen, that are obvious new things that are coming out of this? Or is it a standard recap to cap table, normal corporate work? >> I think there is a tension, right, between doing a normal stock finance, preferred stock, or common stock financing that, you know, whatever you would typically do. Whether that's a convertible security or a convertible note. And then raising funds through a token sale. And so, from my perspective, it's obviously cleaner to do it the traditional way. Because you're not dealing with unclear SEC rules, right. It's very clear how you do a preferred stock financing. We do that every day. So to the extent that companies are in that position where they can choose, it's certainly cleaner to do it the traditional way. >> If you pull off an ICO, god bless you. It's certainly equity-free, tokens. There's no equity to token, if you're a utility token. >> Right. >> Okay, so I was reading about the Delaware, Delaware was allowing companies to use Blockchain. >> Mm hmm. >> This is right up your alley. So, they're not doing ICO's. So can you clarity the Delaware situation relative to Blockchain, cause they're using a Blockchain from a ledger standpoint, but it's not an ICO haven yet. So talk about the Delaware situation. >> Correct, so the Delaware amendments, which I believe are now approved, as of a couple of months ago, over the summer, essentially allow the cap table ledger to be on the Blockchain. So they're kind of ahead of everything, right. Because, you know. So, for like, for example, a few years ago, no one had uncertificated stock certificates. Everybody wanted the physical stock certificates. And now most companies, that we represent, >> They want digital. >> Exactly, digital, uncertificated stock certificates. But there is a ledger and there is a record of it. You just don't have the fancy paper with the pretty legend on it. So I think technology is moving and the law needs to as well. So part of that is Delaware kind of getting onboard. >> Delaware's got a great opportunity, they can nail the ICO's. Well, Mitzi, thanks for coming, I really appreciate it. Any other observations that you'd like, that you see in the market that you'd like to share? Take a minute to talk about what you're doing at Goodwin, as well. What's going on, what's happening? >> Yeah, I mean I think it's a really exciting time, we're really excited to be a part of it. It's cutting edge work. I think that there's a lot of, I guess, what I would call kind of your more traditional clients that we have, that we take calls from every day. Whether that's investment banks, or VC funds, private equity funds, or just our venture backed companies that are curious as to what is this all about. >> Yeah. >> So I think it's really exciting and I'm glad to be a part of it. I don't think that it is going to stop. I think that certainly there's likely to be more regulation about how you do one of these ICO's, one of these token generation events, you know, within the confines of the law. But I don't see it stopping. >> You don't see it stopping at all? >> No, I mean I think once there's more regulation, there'll be more clarity about how to do it. And how to do it within the confines of the law, which we try to do, obviously, you know, given that there's not a ton of clear guidance. But I think that, I think the ship has sailed. >> Yeah, well this is a great conversation here with Goodwin, formerly Goodwin Proctor, Mitzi Chang, partner, she's a securities attorney. We should call this show Billable Hours. Because we're getting some free legal opinions and conversations, thanks for coming on, appreciate it. >> Thanks for having me. >> Blockchain is hot, entrepreneurs are using it. All the top tier one entrepreneurs are looking at this. Great opportunity, similar with the Web One dato, the TC IP era of the internet, Blockchain. It's fundamental infrastructure for the future of decentralization, so. Great opportunities, causing lots of innovation. Check with your attorneys, obviously Goodwin, and a few others all doing great ICO's. Great potential fundraising, but also great business opportunities. Thanks again, appreciate it. >> Thank you. >> So Cube Conversations here, in Palo Alto, I'm John Furrier, thanks for watching. (electronic music)

>> The past 2 1/2 years have seen a dramatic change in the security posture of virtually all organizations. By accelerating the digital business mandate, the isolation economy catalyzed a move toward cloud computing to support remote workers. This we know. This had several ripple effects on CSO and CIO strategies that were highly visible at the Board of Directors' level. Now, the first major change was to recognize that the perimeter had suddenly been vaporized. Protection, as a result, moved away from things like perimeter-based firewalls toward more distributed endpoints, cloud security, and modern identity management. The second major change was a heightened awareness of the realities of ransomware. Ransomware as a service, for example, emerged as a major threat where virtually anyone with access to critical data and criminal intentions could monetize corporate security exposures. The third major change was a much more acute understanding of how data protection needed to become a fundamental component of cybersecurity strategies, and more specifically, CIOs quickly realized that their business resilience strategies were too narrowly DR-focused, that their DR approach was not cost efficient and needed to be modernized, and that new approaches to operational resilience were needed to reflect the architectural and business realities of this new environment. Hello, and welcome to "Why Ransomware isn't Your Only Problem," a service of theCUBE made possible by Druva, and in collaboration with IDC. I'm your host, Dave Vellante, and today, we're presenting a three-part program. We'll start with the data. IDC recently conducted a global survey of 500 business technology practitioners across 20 industries to understand the degree to which organizations are aware of and prepared for the threats they face in today's new world. IDC Research Vice President Phil Goodwin is here to share the highlights of the study and to summarize the findings from a recent research report on the topic. After that, we're going to hear from Curtis Preston, who's the Chief Technical Evangelist at Druva. I've known Curtis for decades. He's one of the world's foremost experts on backup and recovery, specifically, and data protection, generally. Curtis will help us understand how the survey data presented by IDC aligns with the real world findings from the field from his point of view. And he'll discuss why so many organizations have failed to successfully recover from an attack without major pains and big costs, and how to avoid such operational disruptions and disasters. And then finally, we'll hear from the technical experts at Druva, Stephen Manley and Anjan Srinivas. Stephen is a 10-time CUBE alum and Chief Technology Officer at Druva, and Anjan is Vice President and General Manager of Product Management at the company. And these individuals will specifically address how Druva is closing the gaps presented in the IDC survey through their product innovation. But right now I'm going to toss it to Lisa Martin, another one of the hosts for today's program. Lisa, over to you. (upbeat music) >> Bill Goodwin joins me next, the VP of Research at IDC. We're going to be breaking down what's going on in the threat landscape. Phil, welcome to the program. It's great to have you back on theCUBE. >> Hey, Lisa, it's great to be here with you. >> So talk to me about the state of the global IT landscape as we see cyberattacks massively increasing, the threat landscape changing so much. What is IDC seeing? >> You know, you really hit the top topic that we find from IT organizations as well as business organizations. And really, it's that digital resilience, that ransomware that has everybody's attention, and it has the attention, not just of the IT people, but of the business people alike, because it really does have profound effects across the organization. The other thing that we're seeing, Lisa, is really a move towards cloud. And I think part of that is driven by the economics of cloud, which fundamentally changed the way that we can approach disaster recovery, but also has accelerated during the pandemic for all the reasons that people have talked about in terms of work from home and so on. And then really the third thing is the economic uncertainty, and this is relatively new for 2022, but within IDC we've been doing a lot of research around what are those impacts going to be? And what we find people doing is they want greater flexibility, they want more cost certainty, and they really want to be able to leverage those cloud economics to have the scale up or scale down on demand nature of cloud. So those are, in a nutshell, kind of the three things that people are looking at. >> You mentioned ransomware. It's a topic we've been talking about a lot. It's a household word these days. It's now, Phil, no longer if we're going to get attacked, it's when, it's how often, it's the severity. Talk about ransomware as a priority all the way up the stack to the C-suite, and what are they trying to do to become resilient against it? >> Well, what some of the research that we did is we found that about 77% of organizations have digital resilience as a top priority within their organization. And so what you're seeing is organizations trying to leverage things to become more resilient, more digitally resilient, and to be able to really hone in on those kinds of issues that are keeping them awake at night, quite honestly. If you think about digital resilience, it really is foundational to the organization, whether it's through digital transformation or whether it's simply data availability, whatever it might happen to be. Digital resilience is really a large umbrella term that we use to describe that function that is aimed at avoiding data loss, assuring data availability, and helping the organization to extract value from their data. >> And digital resilience, data resilience, as every company these days has to be a data company to be competitive. Digital resilience, data resilience, are you using those terms interchangeably or is data resilience defined as something a little bit different? >> Well, sometimes yeah, we do get caught using them when one is the other. But data resilience is really a part of digital resilience, if you think about the data itself in the context of IT computing. So it really is a subset of that, but it is foundational to IT resilience. You can't have IT resilience without data resilience. So that's where we're coming from on it. >> Inextricably linked, and it's becoming a corporate initiative, but there's some factors that can complicate digital resilience, data resilience for organizations. What are some of those complications that organizations need to be aware of? >> Well, one of the biggest is what you mentioned at the top of the segment, and that is the area of ransomware. The research that we found is about 46% of organizations have been hit within the last three years. You know, it's kind of interesting how it's changed over the years. Originally, being hit by ransomware had a real stigma attached to it. Organizations didn't want to admit it, and they really avoided confronting that. Nowadays, so many people have been hit by it that that stigma has gone. And so really it is becoming more of a community kind of effort as people try to defend against these ransomers. The other thing about it is it's really a lot like Whac-A-Mole, you know. They attack us in one area and we defend against it so they attack us in another area, and we defend against it. And in fact, I had an individual come up to me at a show not long ago and said, "You know, one of these days we're going to get pretty well defended against ransomware and it's going to go away." And I responded I don't think so because we're constantly introducing new systems, new software, and introducing new vulnerabilities. And the fact is ransomware is so profitable, the bad guys aren't going to just fade into the night without giving it a a lot of fight. So I really think that ransomware is one of those things that is here for the long term and something that we have to address and have to get proactive about. >> You mentioned some stats there, and recently IDC and Druva did a white paper together that really revealed some quite shocking results. Talk to me about some of the things. Let's talk a little bit about the demographics of the survey and then talk about what was the biggest finding there, especially where it's concerning ransomware? >> Yeah, this was a worldwide study. It was sponsored by Druva and conducted by IDC as an independent study. And what we did, we surveyed 500, it was a little over 500 different individuals across the globe in North America, select countries in Western Europe, as well as several in Asia Pacific. And we did it across industries there were 20 different industries represented, they're all evenly represented. We had surveys that included IT practitioners, primarily CIOs, CTOs, VP of infrastructure, you know, managers of data centers, things like that. And the biggest finding that we had in this, Lisa, was really finding that there is a huge disconnect, I believe, between how people think they are ready and what the actual results are when they get attacked. Some of the statistics that we learned from this, Lisa, include 83% of organizations believe, or told us that they have a playbook that they have for ransomware. I think 93% said that they have a high degree, or a high or very high degree of confidence in their recovery tools and are fully automated. And yet, when you look at the actual results, you know, I told you a moment ago, 46% have been attacked successfully. I can also tell you that in separate research, fewer than 1/3 of organizations were able to fully recover their data without paying the ransom, and some 2/3 actually had to pay the ransom. And even when they did, they didn't necessarily achieve their full recovery. You know, the bad guys aren't necessarily to be trusted, and so the software that they provide sometimes is fully recovered, sometimes it's not. So you look at that and you go, wow. On the one hand, people think they're really, really prepared, and on the other hand, the results are absolutely horrible. You know, 2/3 of people having to pay the ransom. So you start to ask yourself, well, what's going on there? And I believe that a lot of it comes down to, kind of reminds me of the old quote from Mike Tyson. "Everybody has a plan until they get punched in the mouth." And I think that's kind of what happens with ransomware. You think you know what you're doing. You think you're ready, based on the information you have. And these people are smart people, and they're professionals, but oftentimes, you don't know what you don't know. And like I said, the bad guys are always dreaming up new ways to attack us. And so, I think, for that reason, a lot of these have been successful. So that was kind of the key finding to me and kind of the aha moment really in this whole thing, Lisa. >> That's a massive disconnect with the vast majority saying, "We have a cyber recovery playbook," yet nearly 1/2 being the victims of ransomware in the last three years, and then 1/2 of them experiencing data loss. What is it then that organizations in this situation across any industry can do to truly enable cyber resilience, data resilience? As we said, this is a matter of this is going to happen, just a matter of when and how often. >> It is a matter, yeah, as you said, it's not if, when, or how often, it's really how badly. So I think what organizations are really doing now is starting to turn more to cloud-based services, you know, finding professionals who know what they're doing, who have that breadth of experience and who have seen the kinds of necessary steps that it takes to do a recovery. And the fact of the matter is a disaster recovery and a cyber recovery are really not the same thing. And so organizations need to be able to plan the kinds of recovery associated with cyber recovery in terms of forensics, in terms of scanning, in terms of analysis, and so forth. So they're turning to professionals in the cloud much more, in order to get that breadth of experience, and to take advantage of cloud-based services that are out there. >> Talk to me about some of the key advantages of cloud-based services for data resilience versus traditional legacy on-prem equipment. What are some of the advantages? Why is IDC seeing this big shift to cloud where data resilience is concerned? >> Well, the first and foremost is the economics of it. You know, you can have on-demand resources. In the old days, when we had disaster recoveries where we had two different data centers and a failover and so forth, you know, you had double the infrastructure. If you're financial services, it might even be triple the infrastructure. It was very complicated, very difficult. By going to the cloud, organizations can subscribe to disaster recovery as a service. And increasingly what we see is a new market of cyber recovery as a service. So being able to leverage those resources, to be able to have the forensic analysis available to them, to be able to have the other resources available that are on demand, and to have that plan in place to have those resources in place. I think what happens in a number of situations, Lisa, is that organizations think they're ready, but then all of a sudden they get hit, and all of a sudden they have to engage with outside consultants, or they have to bring in other experts, and that extends the time to recover that they have and it also complicates it. So if they have those resources in place, then they can simply turn them on, engage them, and get that recovery going as quickly as possible. >> So what do you think the big issue here is? Is it that these IPT practitioners, over 500 that you surveyed across 20 industries, this a global survey, do they they not know what they don't know? What's the overlying issue here? >> Yeah, I think that's right. You don't know what you don't know, and until you get into a specific attack, you know, there are so many different ways that organizations can be attacked. And, in fact, from this research that we found is that, in many cases, data exfiltration exceeds data corruption by about 50%. But when you think about that, the issue is, once I have your data, what are you going to do? I mean, there's no amount of recovery that is going to help. So organizations are either faced with paying the ransom to keep the data from perhaps being used on the dark web, or whatever, or simply saying no, and taking their chances. So best practice things like encryption, immutability, things like that that organizations can put into place. Certainly air gaps, having a solid backup foundation to where data is, you have a high recovery, high probability of recovery, things like that. Those are the kinds of things that organizations have to put into place, really as a baseline to assure that they can recover as fast as possible and not lose data in the event of a ransomware attack. >> Given some of the disconnect that you articulated, the stats that show so many think we are prepared, we've got a playbook, yet so many are being attacked, the vulnerabilities as the landscape, threat landscape, just gets more and more amorphous. What do you recommend organizations do? You talked to the IT practitioners, but does this go all the way up to the board level in terms of, hey guys, across every industry, we are vulnerable, this is going to happen. We've got to make sure that we are truly resilient and proactive? >> Yes, and in fact, what we found from this research is in more than 1/2 of cases, the CEO is directly involved in the recovery. So this is very much a C-suite issue. And if you look at the consequences of ransomware, it's not just the ransom, it's the lost productivity, it's the loss of revenue. It's the loss of customer faith and goodwill, and organizations that have been attacked have suffered those consequences, and many of them are permanent. So people at the board level, whether it's the CEO, the CFO, the CIO, the CSO, you know, whoever it is, they're extremely concerned about these. And I can tell you, they are fully engaged in addressing those issues within their organization. >> So all the way at the top, and critically important, business critical for any industry. I imagine some industries may be a little bit more vulnerable than others, financial services, healthcare, education. We've just seen a big attack in Los Angeles County. But in terms of establishing data resilience, you mentioned ransomware isn't going anywhere, it's a big business, it's very profitable. But what is IDC's prediction where ransomware is concerned? Do you think that organizations, if they truly adopt cloud and SaaS-based technologies, can they get to a place where the C-suite doesn't have to be involved to the point where they really actually have a functioning playbook? >> I don't know if we'll ever get to the point where the C-suite is not involved. It's probably very important to have that level of executive sponsorship. But what we are seeing is, in fact, we predict that by 2025, 55% of organizations will have shifted to a cloud-centric strategy for their data resilience. And the reason we say that is, you know, workloads on premises aren't going away. So that's the core. We have an increasing number of workloads in the cloud and at the edge, and that's really where the growth is. So being able to take that cloud-centric model and take advantage of cloud resources like immutable storage, being able to move data from region to region inexpensively and easily, and to be able to take that cloud-centric perspective and apply it on premises as well as in the cloud and at the edge is really where we believe that organizations are shifting their focus. >> Got it, we're just cracking the surface here, Phil. I wish we had more time, but I had a chance to read the Druva-sponsored IDC white paper. Fascinating finds. I encourage all of you to download that, take a read. You're going to learn some very interesting statistics and recommendations for how you can really truly deploy data resilience in your organization. Phil, it's been a pleasure to have you on the program. Thank you for joining me. >> No problem. Thank you, Lisa. >> In a moment, John Furrier will be here with his next guest. For right now, I'm Lisa Martin, and you are watching theCUBE, the leader in live tech coverage. >> We live in a world of infinite data. Sprawling, dispersed, valuable, but also vulnerable. So how do organizations achieve data resiliency when faced with ever expanding workloads, increasing security threats, and intensified regulations? Unfortunately, the answer often boils down to what flavor of complexity do you like best? The common patchwork approaches are expensive, convoluted, and difficult to manage. There's multiple software and hardware vendors to worry about, different deployments for workloads running on-premises or in the cloud. And an inconsistent security framework resulting in enterprises maintaining four to five copies of the same data, increasing costs and risk, building to an incoherent mess of complications. Now, imagine a world free from these complexities. Welcome to the the Druva Data Resiliency Cloud, where full data protection and beautiful simplicity converge. No hardware, no upgrades, no management, just total data resilience. With just a few clicks, you can get started integrating all of your data resiliency workflows in minutes. Through a true cloud experience built on Amazon Web Services, the Druva platform automates and manages critical daily tasks, giving you time to focus on your business. In other words, get simplicity, scalability, and security instantly. With the Druva Data Resiliency Cloud, your data isn't just backed up, it's ready to be used 24/7 to meet compliance needs and to extract critical insights. You can archive data for long-term retention, be protected against device failure and natural disasters, and recover from ransomware lightning fast. Druva is trusted with billions of backups annually by thousands of enterprises, including more than 60 of the Fortune 500, costing up to 50% less than the convoluted hardware, software, and appliance solutions. As data grows and becomes more critical to your business advantage, a data resiliency plan is vital, but it shouldn't be complicated. Druva makes it simple. (upbeat music) (mouse clicks) >> Welcome back, everyone, to theCUBE and the Druva special presentation of "Why Ransomware isn't Your Only Problem." I'm John Furrier, host of theCUBE. We're here with W Curtis Preston, Curtis Preston, as he's known in the industry, Chief Technical Evangelist at Druva. Curtis, great to see you. We're here at "Why Ransomware isn't Your Only Problem." Great to see you, thanks for coming on. >> Happy to be here. >> So we always see each other at events now events are back. So it's great to have you here for this special presentation. The white paper from IDC really talks about this in detail. I'd like to get your thoughts, and I'd like you to reflect on the analysis that we've been covering here in this survey data, how it lines up with the real world that you're seeing out there. >> Yeah, I think it's, the survey results really, I'd like to say, I'd like to say that they surprised me, but unfortunately, they didn't. The data protection world has been this way for a while where there's this difference in belief, or difference between the belief and the reality. And what we see is that there are a number of organizations that have been hit, successfully hit by ransomware, paid the ransom and/or lost data, and yet the same people that were surveyed, they had high degrees of confidence in their backup system. And, you know, I could probably go on for an hour as to the various reasons why that would be the case, but I think that this long running problem that as long as I've been associated with backups, which, you know, has been a while, it's that problem of, you know, nobody wants to be the backup person. And people often just, they don't want to have anything to do with the backup system, and so it sort of exists in this vacuum. And so then management is like, "Oh, the backup system's great," because the backup person often, you know, might say that it's great because maybe it's their job to say so. But the reality has always been very, very different. >> It's funny, you know. "We're good, boss, we got this covered." >> Yeah, it's all good, it's all good. >> And the fingers crossed, right? So again, this is the reality, and as it becomes backup and recovery, which we've talked about many times on theCUBE, certainly we have with you before, but now with ransomware, also, the other thing is people get ransomware hit multiple times. So it's not only like they get hit once, so, you know, this is a constant chasing the tail on some ends, but there are some tools out there, You guys have a solution, and so let's get into that. You know, you have had hands-on backup experience. What are the points that surprise you the most about what's going on in this world and the realities of how people should be going forward? What's your take? >> Well, I would say that the one part in the survey that surprised me the most was people that had a huge, you know, there was a huge percentage of people that said that they had, you know, a ransomware response, you know, and readiness program. And you look at that, and how could you be, you know, that high a percentage of people be comfortable with their ransomware readiness program, which includes a number of things, right? There's the cyberattack aspect of responding to a ransomware attack, and then there's the recovery aspect. And so you believe that your company was ready for that, and then you go, and I think it was 67% of the people in the survey paid the ransom, which as a person who, you know, has spent my entire career trying to help people successfully recover their data, that number, I think, just hurt me the most is that because, you talked about re-infections. The surest way to guarantee that you get re-attacked and reinfected is to pay the ransom. This goes back all the way to ransom since the beginning of time, right? Everyone knows if you pay the blackmail, all you're telling people is that you pay blackmail. >> You're in business, you're a good customer >> Yeah, yeah, exactly. >> for ransomware. >> Yeah, so the fact that, you know, 60, what, 2/3 of the people that were attacked by ransomware paid the ransom. That one statistic just hurt my heart. >> Yeah, and I think this is the reality. I mean, we go back, and even the psychology of the practitioners was, you know, it's super important to get backup and recovery, and that's been around for a long time, but now that's an attack vector, okay? And there's dollars involved, like I said, I'm joking, but there's recurring revenue for the bad guys if they know you're paying up and if you're stupid enough not to change your tooling. So again, it works both ways. So I got to ask you, why do you think so many owners are unable to successfully respond after an attack? Is it because, they know it's coming, I mean, they're not that dumb. I mean, they have to know it's coming. Why aren't they responding successfully to this? >> I think it's a litany of things, starting with that aspect that I mentioned before, that nobody wants to have anything to do with the backup system, right? So nobody wants to be the one to raise their hand because if you're the one that raises their hand, "You know, that's a good idea, Curtis, why don't you look into that?" Nobody wants to be- >> Where's that guy now? He doesn't work here anymore. Yeah, I hear where you coming from. >> Exactly. >> It's psychology (indistinct) >> Yeah, so there's that. But then the second is that because of that, no one's looking at the fact that backups are the attack vector. They become the attack vector. And so because they're the attack vector, they have to be protected as much, if not more than the rest of the environment. The rest of the environment can live off of Active Directory and, you know, and things like Okta, so that you can have SSO and things like that. The backup environment has to be segregated in a very special way. Backups have to be stored completely separate from your environment. The login and authentication and authorization system needs to be completely separate from your typical environment. Why? Because if that production environment is compromised, now knowing that the attacks or that the backup systems are a significant portion of the attack vector, then if the production system is compromised, then the backup system is compromised. So you've got to segregate all of that. And I just don't think that people are thinking about that. You know, and they're using the same backup techniques that they've used for many, many years. >> So what you're saying is that the attack vectors and the attackers are getting smarter. They're saying, "Hey, we'll just take out the backup first so they can't backup. So we got the ransomware." It makes sense. >> Yeah, exactly. The largest ransomware group out there, the Conti ransomware group, they are specifically targeting specific backup vendors. They know how to recognize the backup servers. They know how to recognize where the backups are stored, and they are exfiltrating the backups first, and then deleting them, and then letting you know you have ransom. >> Okay, so you guys have a lot of customers. They all kind of have the same problem. What's the patterns that you're seeing? How are they evolving? What are some of the things that they're implementing? What is the best practice? >> Well, again, you've got to fully segregate that data, and everything about how that data is stored and everything about how that data's created and accessed, there are ways to do that with other, you know, with other commercial products. You can take a standard product and put a number of layers of defense on top of it, or you can switch to the way Druva does things, which is a SaaS offering that stores your data completely in the cloud in our account, right? So your account could be completely compromised. That has nothing to do with our account. It's a completely different authentication and authorization system. You've got multiple layers of defense between your computing environment and where we store your backups. So basically, what you get by default with the way Druva stores your backups is the best you can get after doing many, many layers of defense on the other side and having to do all that work. With us, you just log in and you get all of that. >> I guess, how do you break the laws of physics? I guess that's the question here. >> Well, because that's the other thing is that by storing the data in the cloud, and I've said this a few times, you get to break the laws of physics, and the only way to do that is time travel. (both laughing) So yes, so Druva has time travel. And this is a Curtisism, by the way, I don't think this is our official position, but the idea is that the only way to restore data as fast as possible is to restore it before you actually need it, and that's kind of what I mean by time travel, in that you, basically, you configure your DR, your disaster recovery environment in Druva one time, and then we are pre-restoring your data as often as you tell us to do, to bring your DR environment up to the, you know, the current environment as quickly as we can so that in a disaster recovery scenario, which is part of your ransomware response, right? Again, there are many different parts, but when you get to actually restoring the data, you should be able to just push a button and go. The data should already be restored. And that's the way that you break the laws of physics is you break the laws of time. >> (laughs) Well, all right, everyone wants to know the next question, and this is a real big question is, are you from the future? >> (laughs) Yeah. Very much the future. >> What's it like in the future, backup, recovery? How does it restore? Is it air gapping everything? >> Yeah, well, it's a world where people don't have to worry about their backups. I like to use the phrase get out of the backup business, just get into the restore business. You know, I'm a grandfather now, and I love having a granddaughter, and I often make the joke that if I'd have known how great grandkids were, I would've skipped straight to them, right? Not possible. Just like this. Recoveries are great. Backups are really hard. So in the future, if you use a SaaS data protection system and data resiliency system, you can just do recoveries and not have to worry about backups. >> Yeah, and what's great about your background is you've got a lot of historical perspective. You've seen that, the waves of innovation. Now it really is about the recovery and real time. So a lot of good stuff going on. And got to think automated, things got to be rocking and rolling. >> Absolutely. Yeah. I do remember, again, having worked so hard with many clients over the years, back then, we worked so hard just to get the backup done. There was very little time to work on the recovery. And I really, I kid you not, that our customers don't have to do all of those things that all of our competitors have to do to, you know, to break, to try to break the laws of physics, I've been fighting the laws of physics my entire career, to get the backup done in the first place, then to secure all the data, and to air gap it and make sure that a ransomware attack isn't going to attack it. Our customers get to get straight to a fully automated disaster recovery environment that they get to test as often as possible and they get to do a full test by simply pressing a single button. And you know, I wish everybody had that ability. >> Yeah, I mean, security's a big part of it. Data's in the middle of it all. This is now mainstream, front lines, great stuff. Curtis, great to have you on, bring that perspective, and thanks for the insight. Really appreciate it. >> Always happy to talk about my favorite subject. >> All right, we'll be back in a moment. We'll have Stephen Manley, the CTO, and Anjan Srinivas, the GM and VP of Product Management will join me. You're watching theCUBE, the leader in high tech enterprise coverage. >> Ransomware is top of mind for everyone. Attacks are becoming more frequent and more sophisticated. It's a problem you can't solve alone anymore. Ransomware is built to exploit weaknesses in your backup solution, destroying data, and your last line of defense. With many vendors, it can take a lot of effort and configuration to ensure your backup environment is secure. Criminals also know that it's easy to fall behind on best practices like vulnerability scans, patches, and updates. In fact, 42% of vulnerabilities are exploited after a patch has been released. After an attack, recovery can be a long and manual process that still may not restore clean or complete data. The good news is that you can keep your data safe and recover faster with the Druva Data Resiliency Cloud on your side. The Druva platform functions completely in the cloud with no hardware, software, operating system, or complex configurations, which means there are none of the weaknesses that ransomware commonly uses to attack backups. Our software as a service model delivers 24/7/365 fully managed security operations for your backup environment. We handle all the vulnerability scans, patches, and upgrades for you. Druva also makes zero trust security easy with built-in multifactor authentication, single sign-on, and role-based access controls. In the event of an attack, Druva helps you stop the spread of ransomware and quickly understand what went wrong with built-in access insights and anomaly detection. Then you can use industry first tools and services to automate the recovery of clean, unencrypted data from the entire timeframe of the attack. Cyberattacks are a major threat, but you can make protection and recovery easy with Druva. (electronic music) (upbeat music) (mouse clicks) >> Welcome back, everyone, to theCUBE's special presentation with Druva on "Why Ransomware isn't Your Only Problem." I'm John Furrier, host of theCUBE. Our next guests are Stephen Manley, Chief Technology Officer of Druva, and Anjan Srinivas, who is the General Manager and Vice President of Product Management at Druva. Gentlemen, you got the keys to the kingdom, the technology, ransomware, data resilience. This is the topic. The IDC white paper that you guys put together with IDC really kind of nails it out. I want to get into it right away. Welcome to this segment. I really appreciate it. Thanks for coming on. >> Great to be here, John. >> So what's your thoughts on the survey's conclusion? Obviously, the resilience is huge. Ransomware continues to thunder away at businesses and causes a lot of problems, disruption. I mean, it's endless ransomware problems. What's your thoughts on the conclusion? >> So I'll say the thing that pops out to me is, on the one hand, everybody who sees the survey and reads it is going to say, "Well, that's obvious." Of course, ransomware continues to be a problem. Cyber resilience is an issue that's plaguing everybody. But I think when you dig deeper and there's a lot of subtleties to look into, but one of the things that I hear on a daily basis from the customers is, it's because the problem keeps evolving. It's not as if the threat was a static thing to just be solved and you're done. Because the threat keeps evolving, it remains top of mind for everybody because it's so hard to keep up with what's happening in terms of the attacks. >> And I think the other important thing to note, John, is that people are grappling with this ransomware attack all of a sudden where they were still grappling with a lot of legacy in their own environment. So they were not prepared for the advanced techniques that these ransomware attackers were bringing to market. It's almost like these ransomware attackers had a huge leg up in terms of technology that they had in their favor while keeping the lights on was keeping IT away from all the tooling that they needed to do. A lot of people are even still wondering, when that happens next time, what do I even do? So clearly not very surprising. Clearly, I think it's here to stay, and I think as long as people don't retool for a modern era of data management, this is going to to stay this way. >> Yeah, I hear this all the time in our CUBE conversations with practitioners. It's kind of like the security pro, give me more tools, I'll buy anything that comes in the market, I'm desperate. There's definitely attention, but it doesn't seem like people are satisfied with the tooling that they have. Can you guys share kind of your insights into what's going on in the product side? Because, you know, people claim that they have tools at crime points of recovery opportunities, but they can't get there. So it seems to be that there's a confidence problem here in the market. How do you guys see that? 'cause I think this is where the rubber meets the road with ransomware 'cause it is a moving train, it's always changing, but it doesn't seem there's confidence. Can you guys talk about that? What's your reaction? >> Yeah, let me jump in first, and Stephen can add to it. What happens is, I think this is a panic buying and they have accumulated this tooling now just because somebody said they could solve your problem, but they haven't had a chance to take a real look from a ground up perspective to see where are the bottlenecks? Where are the vulnerabilities? And which tooling set needs to lie where? Where does the logic need to reside? And what, in Druva, we are watching people do and people do it successfully, is that as they have adopted Druva technology, which is ground up built for the cloud, and really built in a way which is, you know, driven at a data insight level where we have people even monitoring our service for anomalies and activities that are suspicious. We know where we need to play a role in really kind of mitigating this ransomware, and then there's a whole plethora of ecosystem players that kind of combine to really finish the story, so to say, right? So I think this has been a panic buying situation. This is like, "Get me any help you can give me." And I think as this settles down and people really understand that longer term as they really build out a true defense mechanism, they need to think really ground up. They will start to really see the value of technologies like Druva, and try to identify the right set of ecosystem to really bring together to solve it meaningfully. >> Yes, Stephen? >> I was going to say, I mean, one of the the really interesting things in the survey for me, and for a moment, a little more than a moment, it made me think was that the large number of respondents who said, "I've got a really efficient, well-run back environment," who, then, on basically the next question said, "And I have no confidence that I can recover from a ransomware attack." And you scratch your head and you think, "Well, if your backup environment is so good, why do you have such low confidence?" And I think that's the moment when we dug deeper and we realized, if you've got a traditional architecture, and let's face it, the disk-based architecture's been around for almost two decades now, in terms of disk-based backup, you can have that tuned to the hilt. That can be running as efficiently as you want it, but it was built before the ransomware attacks, before all these cyber issues, you know, really start hitting companies. And so I have this really well-run traditional backup environment that is not at all built for these modern threat vectors. And so that's really why customers are saying, "I'm doing the best I can," but as Anjan pointed out, the architecture, the tooling isn't there to support what problems I need to solve today. >> Yeah, great point. >> And so, yeah. >> Well, that's a great point. Before we get into the customer side I want to get to in second, you know, I interviewed Jaspreet, the founder and CEO many years ago, even before the pandemic, and you mentioned modern. You guys have always had the cloud with Druva. This is huge. Now that you're past the pandemic, what is that modern cloud edge that you guys have? 'Cause that's a great point. A lot of stuff was built kind of backup and recovery bolted on, not really kind of designed into the current state of the infrastructure and the cloud native application modern environment we're seeing right now. It's a huge issue. >> I think, to me there's three things that come up over and over and over again as we talk to people in terms of, you know, being built in cloud, being cloud native, why is it an advantage? The first one is security and ransomware. And we can go deeper, but the most obvious one that always comes up is every single backup you do with Druva is air gapped, offsite, managed under a separate administrative domain so that you're not retrofitting any sort of air gap network and buying another appliance or setting up your own cloud environment to manage this. Every backup is ransomware protected, guaranteed. The second advantage is the scalability. And you know, this certainly plays into account as your business grows, or, in some cases, as you shrink or repurpose workloads, you're only paying for what you use. But it also plays a big role, again, when you start thinking of ransomware recoveries because we can scale your recovery in cloud, on premises as much or as little as you want. And then I think the third one is we're seeing, basically, things evolving, new workloads, data sprawl, new threat vectors. And one of the nice parts of being a SaaS service in the cloud is we're able to roll out new functionality every two weeks and there's no upgrade cycle, there's no waiting. The customer doesn't have to say, "Wow, I needed six months in the lab before I upgrade it and it's an 18-month, 24-month cycle before the functionality releases. You're getting it every two weeks, and it's backed by Druva to make sure it works. >> Anjan, you know, you got the product side, you know, it's a challenging job 'cause you have so many customers asking for things, probably on the roadmap, you probably can go an hour for that one, but I want to get your thoughts on what you're hearing and seeing from customers. We just reviewed the IDC with Phil. How are you guys responding to your customer's needs? Because it seems that it's highly accelerated, probably on the feature requests, but also structurally as ransomware continues to evolve. What are you hearing? What's the key customer need? How are you guys responding? >> Yeah, actually, I have two things that I hear very clearly when I talk to customers. One, I think, after listening to their security problems and their vulnerability challenges, because we see customers and help customers who are getting challenged by ransomware on a weekly basis. And what I find that this problem is not just a technology problem, it's an operating model problem. So in order to really secure themselves, they need a security operating model and a lot of them haven't figured out that security operating model in totality. Now where we come in, as Druva, is that we are providing them the cloud operating model and a data protection operating model, combined with a data insights operating model which all fit into their overall security operating model that they are really owning and they need to manage and operate, because this is not just about a piece of technology. On top of that, I think our customers are getting challenged by all the same challenges of not just spending time on keeping the lights on, but innovating faster with less. And that has been this age old problem, do more with less. But in this whole, they're like trying to innovate in the middle of the war, so to say. The war is happening, they're getting attacked, but there's also net new shadow IT challenges that's forcing them to make sure that they can manage all the new applications that are getting developed in the cloud. There is thousands of SaaS applications that they're consuming, not knowing which data is critical to their success and which ones to protect and govern and secure. So all of these things are coming at them at 100 miles per hour, while they're just trying to live one day at a time. And unless they really develop this overall security operating model, helped by cloud native technologies like Druva that really providing them a true cloud native model of really giving like a touchless and an invisible protection infrastructure. Not just beyond backups, beyond just the data protection that we all know of into this mindset of kind of being able to look at where each of those functionalities need to lie. That's where I think they're grappling with. Now Druva is clearly helping them with keep up to pace with the public cloud innovations that they need to do and how to protect data. We just launched our EC2 offering to protect EC2 virtual machines back in AWS, and we are going to be continuing to evolve that to further the many services that public cloud software 'cause our customers are really kind of consuming them at breakneck speed. >> So new workloads, new security capabilities. Love that. Good call out there. Stephen, there's still the issue of the disruption side of it. You guys have a guarantee. There's a cost of ownership as you get more tools. Can you talk about that angle of it? You got new workloads, you got the new security needs, what's the disruption impact? 'Cause you want to avoid that. How much is it going to cost you? And you guys have this guarantee, can you explain that? >> Yeah, absolutely. So Druva launched our $10 million data resiliency guarantee. And for us, there were really two key parts to this. The first obviously is $10 million means that, you know, again, we're willing to put our money where our mouth is, and that's a big deal, right? That we're willing to back this with the guarantee. But then the second part, and this is the part that I think reflects that sort of model that Anjan was talking about. We sort of look at this and we say the goal of Druva is to do the job of protecting and securing your data for you so that you, as a customer, don't have to do it anymore. And so the guarantee actually protects you against multiple types of risks, all with SLAs. So everything from your data's going to be recoverable in the case of a ransomware attack. Okay, that's good. Of course, for it to be recoverable, we're also guaranteeing your backup success rate. We're also guaranteeing the availability of the service. We're guaranteeing that the data that we're storing for you can't be compromised or leaked externally, and we're guaranteeing the long-term durability of the data so that if you backup with us today and you need to recover 30 years from now, that data's going to be recovered. So we wanted to really attack the end-to-end risks that affect our customers. Cybersecurity is a big deal, but it is not the only problem out there, and the only way for this to work is to have a service that can provide you SLAs across all of the risks, because that means, as a SaaS vendor, we're doing the job for you so you're buying results as opposed to technology. >> That's great. Great point. Ransomware isn't the only problem. That's the title of this presentation, but it's a big one. (laughs) People are concerned about it, so great stuff. In the last five minutes, guys, if you don't mind, I'd love to have you share what's on the horizon for Druva? You mentioned the new workloads, Anjan. You mentioned this new security. You're going to shift left. DevOps is now the developer model. They're running IT. Get data and security teams now stepping in and trying to be as high velocity as possible for the developers and enterprises. What's on the horizon for Druva? What trends is the company watching, and how are you guys putting that together to stay ahead in the marketplace and the competition? >> Yeah, I think, listening to our customers, what we realize is they need help with the public cloud, number one. I think that's a big wave of consumption. People are consolidating their data centers, moving to the public cloud. They need help in expanding data protection, which becomes the basis of a lot of the security operating model that I talked about. They need that first, from Druva, before they can start to get into much more advanced level of insights and analytics around that data to protect themselves and secure themselves and do interesting things with that data. So we are expanding our coverage on multiple fronts there. The second key thing is to really bring together a very insightful presentation layer, which, I think, is very unique to Druva because only we can look at multiple tenants, multiple customers because we are a SaaS vendor, and look at insights and give them best practices and guidances and analytics that nobody else can give. There's no silo anymore because we are able to take a good big vision view and now help our customers with insights that otherwise that information map is completely missing. So we are able to guide them down a path where they can optimize which workloads need what kind of protection, and then how to secure them. So that is the second level of insights and analytics that we are building. And there's a whole plethora of security offerings that we are going to build, all the way from a feature level where we have things like (audio distorts) that's already available to our customers today to prevent any anomalous behavior and attacks that would delete their backups and then they still have a way to recover from it, but also things to curate and get back to that point in time where it is safe to recover and help them with a sandbox which they can recover confidently knowing it's not going to jeopardize them again and reinfect the whole environment again. So there's a whole bunch of things coming, but the key themes are public cloud, data insights, and security, and that's where my focus is, to go and get those features delivered, and Stephen can add a few more things around services that Stephen is looking to build and launch. >> Sure, so, yeah, so John, I think one of the other areas that we see just an enormous groundswell of interest. So public cloud is important, but there are more and more organizations that are running hundreds, if not thousands of SaaS applications, and a lot of those SaaS applications have data. So there's the obvious things, like Microsoft 365, Google Workspace, but we're also seeing a lot of interest in protecting Salesforce because, if you think about it, if someone you know deletes some really important records in Salesforce, that's actually kind of the record of your business. And so, we're looking at more and more SaaS application protection, and really getting deep in that application awareness. It's not just about backup and recovery when you look at something like a Salesforce, or something like Microsoft 365. You do want to look into sandboxing, you want to look into long-term archival, because this is the new record of the business. What used to be in your on-premises databases, that all lives in cloud and SaaS applications now. So that's a really big area of investment for us. The second one, just to echo what Anjan said is, one of the great things of being a SaaS provider is I have metadata that spans across thousands of customers and tens of billions of backups a year. I'm tracking all sorts of interesting information that is going to enable us to do things like make backups more autonomous so that customers, again, I want to do the job for them. We'll do all the tuning, we'll do all the management for them to be able to better detect ransomware attacks, better respond to ransomware attacks, because we're seeing across the globe. And then, of course, being able to give them more insight into what's happening in their data environment so they can get a better security posture before any attack happens. Because, let's face it, if you can set your data up more cleanly, you're going to be a lot less worried and a lot less exposed when that attack happens. So we want to be able to, again, cover those SaaS applications in addition to the public cloud, and then we want to be able to use our metadata and use our analytics and use this massive pipeline we've got to deliver value to our customers. Not just charts and graphs, but actual services that enable them to focus their attention on other parts of the business. >> That's great stuff. >> And remember, John, I think all this while keeping things really easy to consume, consumer grade UI, APIs, and then really the power of SaaS as a service, simplicity to kind of continue on, amongst kind of keeping these complex technologies together. >> Anjan, that's a great callout. I was going to mention ease of use and self-service. Big part of the developer and IT experience. Expected. It's the table stakes. Love the analytic angle, I think that brings the scale to the table, and faster time to value to get to learn best practices. But at the end of the day, automation, cross-cloud protection and security to protect and recover. This is huge, and this is a big part of not only just protecting against ransomware and other things, but really being fast and being agile. So really appreciate the insights. Thanks for sharing on this segment, really under the hood and really kind of the value of the product. Thanks for coming on, appreciate it. >> Thank you very much. >> Okay, there it is. You have the experts talk about under the hood, the product, the value, the future of what's going on with Druva, and the future of cloud native protecting and recovering. This is what it's all about. It's not just ransomware they have to worry about. In a moment, Dave Vellante will give you some closing thoughts on the subject here. You're watching theCUBE, the leader in high tech enterprise coverage. >> As organizations migrate their business processes to multi-cloud environments, they still face numerous threats and risks of data loss. With a growing number of cloud platforms and fragmented applications, it leads to an increase in data silos, sprawl, and management complexity. As workloads become more diverse, it's challenging to effectively manage data growth, infrastructure, and resource costs across multiple cloud deployments. Using numerous backup vendor solutions for multiple cloud platforms can lead to management complexity. More importantly, the lack of centralized visibility and control can leave you exposed to security vulnerabilities, including ransomware that can cripple your business. The Druva Data Resiliency Cloud is the only 100% SaaS data resiliency platform that provides centralized, secure, air gapped, and immutable backup and recovery. With Druva, your data is safe with multiple layers of protection and is ready for fast recovery from cyberattacks, data corruption, or accidental data loss. Through a simple, easy to manage platform, you can seamlessly protect fragmented, diverse data at scale, across public clouds, and your business critical SaaS applications. Druva is the only 100% SaaS vendor that can manage, govern, and protect data across multiple clouds and business critical SaaS applications. It supports not just backup and recovery, but also data resiliency across high value use cases, such as e-discovery, sensitive data governance, ransomware, and security. No other vendor can match Druva for customer experience, infinite scale, storage optimization, data immutability, and ransomware protection. The Druva Data Resiliency Cloud, your data, always safe, always ready. Visit druva.com today to schedule a free demo. (upbeat music) >> One of the big takeaways from today's program is that in the scramble to keep business flowing over the past 2+ years, a lot of good technology practices have been put into place, but there's much more work to be done, specifically, because the frequency of attacks is on the rise and the severity of lost, stolen, or inaccessible data is so much higher today, business resilience must be designed into architectures and solutions from the start. It cannot be an afterthought. Well, actually it can be, but you won't be happy with the results. Now, part of the answer is finding the right partners, of course, but it also means taking a system's view of your business, understanding the vulnerabilities and deploying solutions that can balance cost efficiency with appropriately high levels of protection, flexibility, and speed slash accuracy of recovery. Here we hope you found today's program useful and informative. Remember, this session is available on demand in both its full format and the individual guest segments. All you got to do is go to thecube.net, and you'll see all the content, or you can go to druva.com. There are tons of resources available, including analyst reports, customer stories. There's this cool TCO calculator. You can find out what pricing looks like and lots more. Thanks for watching "Why Ransomware isn't Your Only Problem," made possible by Druva, in collaboration with IDC and presented by theCUBE, your leader in enterprise and emerging tech coverage. (upbeat music)

>>The past two and a half years have seen a dramatic change in the security posture of virtually all organizations. By accelerating the digital business mandate, the isolation economy catalyzed a move toward cloud computing to support remote workers. This, we know this had several ripple effects on CISO and CIO strategies that were highly visible at the board of directors level. Now, the first major change was to recognize that the perimeter had suddenly been vaporized protection. As a result moved away from things like perimeter based firewalls toward more distributed endpoints, cloud security, and modern identity management. The second major change was a heightened awareness of the realities of ransomware. Ransomware as a service, for example, emerges a major threat where virtually anyone with access to critical data and criminal intentions could monetize corporate security exposures. The third major change was a much more acute understanding of how data protection needed to become a fundamental component of cybersecurity strategies. >>And more specifically, CIOs quickly realized that their business resilient strategies were too narrowly DR focused that their DR approach was not cost efficient and needed to be modernized. And that new approaches to operational resilience were needed to reflect the architectural and business realities of this new environment. Hello, and welcome to Why Ransomware isn't your Only Problem, a service of the Cube made possible by dva. And in collaboration with idc. I'm your host, Dave Ante, and today we're present a three part program. We'll start with the data. IDC recently conducted a global survey of 500 business technology practitioners across 20 industries to understand the degree to which organizations are aware of and prepared for the threats they face. In today's new world, IDC Research Vice President Phil Goodwin is here to share the highlights of the study and summarize the findings from a recent research report on the topic. >>After that, we're gonna hear from Curtis Preston, who's the Chief Technical Evangelist at Druva. I've known Curtis for decades. He's one of the world's foremost experts on backup and recovery, specifically in data protection. Generally. Curtis will help us understand how the survey data presented by IDC aligns with the real world findings from the field, from his point of view. And he'll discuss why so many organizations have failed to successfully recover from an attack without major pains and big costs, and how to avoid such operational disruptions and disasters. And then finally, we'll hear from the technical experts at dva, Steven Manly and Anja Serenas. Steven is a 10 time cubo and Chief technology officer at dva. And Anjan is vice president and general manager of product management at the company. And these individuals will specifically address how DVA is closing the gaps presented in the IDC survey through their product innovation. Or right now I'm gonna toss it to Lisa Martin, another one of the hosts for today's program. Lisa, over to you. >>Bill Goodwin joins me next, the VP of research at idc. We're gonna be breaking down what's going on in the threat landscape. Phil, welcome to the program. It's great to have you back on the cube. >>Hey, Lisa, it's great to be here with you. >>So talk to me about the state of the global IT landscape as we see cyber attacks massively increasing, the threat landscape changing so much, what is IDC seeing? >>You know, you, you really hit the, the top topic that we find from IT organizations as well as business organizations. And really it's that digital resilience that that ransomware that has everybody's attention, and it has the attention not just of the IT people, but of the business people alike, because it really does have profound effects across the organization. The other thing that we're seeing, Lisa, is really a move towards cloud. And I think part of that is driven by the economics of cloud, which fundamentally changed the way that we can approach disaster recovery, but also is accelerated during the pandemic for all the reasons that people have talked about in terms of work from home and so on. And then really the third thing is the economic uncertainty. And this is relatively new for 2022, but within idc we've been doing a lot of research around what are those impacts going to be. And what we find people doing is they want greater flexibility, they want more cost certainty, and they really want to be able to leverage those cloud economics to be, have the scale, upper scale, down on demand nature of cloud. So those are in a nutshell, kind of the three things that people are looking at. >>You mentioned ransomware, it's a topic we've been talking about a lot. It's a household word these days. It's now Phil, no longer if we're gonna get attacked. It's when it's how often it's the severity. Talk about ransomware as a priority all the way up the stack to the C-suite. And what are they trying to do to become resilient against it? >>Well, what, what some of the research that we did is we found that about 77% of organizations have digital resilience as a, as a top priority within their organization. And so what you're seeing is organizations trying to leverage things to become more, more resilient, more digitally resilient, and to be able to really hone in on those kinds of issues that are keeping keeping them awake at night. Quite honestly, if you think about digital resilience, it really is foundational to the organization, whether it's through digital transformation or whether it's simply data availability, whatever it might happen to be. Digital resilience is really a, a large umbrella term that we use to describe that function that is aimed at avoiding data loss, assuring data availability, and helping the organization to extract value from their data >>And digital resilience, data resilience as every company these days has to be a data company to be competitive, digital resilience, data resilience. Are you using those terms interchangeably or data resilience to find as something a little bit different? >>Well, sometimes yeah, that we do get caught using them when, when one is the other. But data resilience is really a part of digital resilience, if you think about the data itself and the context of of IT computing. So it really is a subset of that, but it is foundational to IT resilience. You, you really, you can't have it resilience about data resilience. So that, that's where we're coming from on it >>Inextricably linked and it's becoming a corporate initiative, but there's some factors that can complicate digital resilience, data resilience for organizations. What are some of those complications that organizations need to be aware of? >>Well, one of the biggest is what, what you mentioned at the, at the top of the segment. And, and that is the, the area of ransomware, the research that we found is about 46% of organizations have been hit within the last three years. You know, it's kind of interesting how it's changed over the years. Originally being hit by ransomware had a real stigma attached to it. Organizations didn't want to admit it, and they really avoided confronting that. Nowadays, so many people have been hit by it, that that stigma has gone. And so really it is becoming more of a community kind of effort as people try to, to defend against these ransoms. The other thing about it is it's really a lot like whackamole. You know, they attack us in one area and and, and we defend against it. They, so they attack us in another area and we defend against it. >>And in fact, I had a, an individual come up to me at a show not long ago and said, You know, one of these days we're gonna get pretty well defended against ransomware and it's gonna go away. And I responded, I don't think so because we're constantly introducing new systems, new software, and introducing new vulnerabilities. And the fact is ransomware is so profitable, the bad guys aren't gonna just fade into the night without giving it a a lot of fight. So I really think that ransomware is one of those things that here is here for the long term and something that we, we have to address and have to get proactive about. >>You mentioned some stats there and, and recently IDC and DVA did a white paper together that really revealed some quite shocking results. Talk to me about some of the things. Let, let's talk a little bit about the demographics of the survey and then talk about what was the biggest finding there, especially where it's concern concerning ransomware. >>Yeah, this, this was a worldwide study. It was sponsored by DVA and conducted by IDC as an independent study. And what we did, we surveyed 500 is a little over 500 different individuals across the globe in North America select countries in in western Europe, as well as several in, in Asia Pacific. And we did it across industries with our 20 different industries represented. They're all evenly represented. We had surveys that included IT practitioners, primarily CIOs, CTOs, VP of of infrastructure, you know, managers of data centers, things like that. And the, and the biggest finding that we had in this, Lisa, was really finding that there is a huge disconnect, I believe, between how people think they are ready and what the actual results are when they, when they get attacked. Some of the, some of the statistics that we learned from this, Lisa, include 83% of organizations believe or tell, told us that they have a, a playbook that, that they have for ransomware. >>I think 93% said that they have a high degree or a high or very high degree of confidence in their recovery tools and, and are fully automated. And yet when you look at the actual results, you know, I told you a moment ago, 46% have been attacked successfully. I can also tell you that in separate research, fewer than a third of organizations were able to fully recover their data without paying the ransom. And some two thirds actually had to pay the ransom. And even when they did, they didn't necessarily achieve their full recovery. You know, the bad guys aren't, aren't necessarily to be trusted. And, and so the software that they provide sometimes is, is fully recovered. Sometimes it's not. So you look at that and you go, Wow. On, on the one hand, people think they're really, really prepared, and on the other hand, the results are, are absolutely horrible. >>You know, two thirds of people having, having to pay their ransom. So you start to ask yourself, well, well, what is, what's going on there? And I believe that a lot of it comes down to, kind of reminds me of the old quote from Mike Tyson. Everybody has a plan until they get punched in the mouth. And I think that's kind of what happens with ransomware. You, you think you know what you're, you're doing, you think you're ready based on the information you have. And these people are smart people and, and they're professionals, but oftentimes you don't know what you don't know. And like I say, the bad guys are always dreaming up new ways to attack us. And so I think for that reason, a lot of these have been successful. So that was kind of the key finding to me in kind of the aha moment really in this whole thing. Lisa, >>That's a massive disconnect with the vast majority saying we have a cyber recovery playbook, yet nearly half being the victims of ransomware in the last three years, and then half of them experiencing data loss. What is it then that organizations in this situation across any industry can do to truly enable cyber resilience data resilience as it's, as we said, this is a matter of this is gonna happen just a matter of when and how often >>It it is a matter, Yeah, as you said, it's not if when or, or how often. It's really how badly. So I think what organizations are really do doing now is starting to turn more to cloud-based services. You know, finding professionals who know what they're doing, who have that breadth of experience and who have seen the kinds of, of necessary steps that it takes to do a recovery. And the fact of the matter is a disaster recovery and a cyber recovery are really not the same thing. And so organizations need to be able to, to plan the kinds of recovery associated with cyber recovery in terms of forensics, in terms of, of scanning, in terms of analysis and so forth. So they're, they're turning to professionals in the cloud much more in order to get that breadth of experience and, and to take advantage of cloud based services that are out there. >>Talk to me about some of the key advantages of cloud-based services for data resilience versus traditional legacy on-prem equipment. What are some of the advantages? Why are is IDC seeing this big shift to cloud where, where data resilience is concerned? >>Well, the first and foremost is the economics of it. You know, you can, you can have on demand resources. And in the old days when we had disaster recoveries where there we had two different data centers and a failover and so forth, you know, you had double the infrastructure. If your financial services, it might even be triple, the infrastructure is very complicated, very difficult by going to the cloud. Organizations can subscribe to disaster recovery as a service. It increasingly what we see is a new market of cyber recovery as a service. So being able to leverage those resources to be able to have the forensic analysis available to them, to be able to have the other resources available that are on demand, and to have that plan in place to have those resources in place. I think what happens in a number of situations, Lisa, is that that organizations think they're ready, but then all of a sudden they get hit and all of a sudden they have to engage with outside consultants or they have to bring in other experts and that, and that extends the time to recover that they have and it also complicates it. >>So if they have those resources in place, then they can simply turn them on, engage them, and get that recover going as quickly as possible. >>So what do you think the big issue here is, is it that these, these I p T practitioners over 500 that you surveyed across 20 industries is a global survey? Do they not know what they don't know? What's the the overlying issue here? >>Yeah, I think that's right. It's, you don't know what you don't know and until you get into a specific attack, you know, there, there are so many different ways that, that organizations can be attacked. And in fact, from this research that we found is that in many cases, data exfiltration exceeds data corruption by about 50%. And when you think about that, the, the issue is, once I have your data, what are you gonna do? I mean, there's no amount of recovery that is gonna help. So organizations are either faced with paying the ransom to keep the data from perhaps being used on the dark web or whatever, or simply saying no and, and taking their chances. So best practice things like encryption, immutability, you know, things like that that organizations can put into place. Certainly air gaps. Having a, a solid backup foundation to, to where data is you have a high recovery, high probability of recovery, things like that. Those are the kinds of things that organizations have to put into place really is a baseline to assure that they can recover as fast as possible and not lose data in the event of a ransomware attack. >>Given some of the, the, the disconnect that you articulated, the, the stats that show so many think we are prepared, we've got a playbook, yet so many are being, are being attacked. The vulnerabilities and the, and the, as the, the landscape threat landscape just gets more and more amorphous. Why, what do you recommend organizations? Do you talk to the IT practitioners, but does this go all the way up to the board level in terms of, hey guys, across every industry, we are vulnerable, this is gonna happen, we've gotta make sure that we are truly resilient and proactive? >>Yes, and in fact, what we found from this research is in more than half of cases, the CEO is directly involved in the recovery. So this is very much a C-suite issue. And if you look at the, the, the consequences of ransom where it's not just the ransom, it's the loss productivity, it's, it's the loss of, of revenue. It's, it's the loss of, of customer faith and, and, and goodwill and organizations that have been attacked have, have suffered those consequences. And, and many of them are permanent. So people at the board level where it's, whether it's the ceo, the cfo, the cio, the c cso, you know, whoever it is, they're extremely concerned about these. And I can tell you they are fully engaged in addressing these issues within their organization. >>So all the way at the top critically important, business critical for any industry. I imagine some industries may be a little bit more vulnerable than others, financial services, healthcare, education, we've just seen big attack in Los Angeles County. But in terms of establishing data resilience, you mentioned ransomware isn't going anywhere, It's a big business business, it's very profitable. But what is IDCs prediction where ransomware is concerned? Do you think that organizations, if they truly adopt cloud and status based technologies, can they get to a place where the C-suite doesn't have to be involved to the point where they're, they really actually have i i functioning playbook? >>I i, I don't know if we'll ever get to the point where the CCC C suite is not involved. It's probably very important to have that, that level of executive sponsorship. But, but what we are seeing is, in fact, we predicted by 20 25, 50 5% of organizations we'll have shifted to a cloud centric strategy for their data resilience. And the reason we say that is, you know, workloads on premises aren't going away. So that's the core. We have an increasing number of workloads in the cloud and, and at the edge, and that's really where the growth is. So being able to take that cloud centric model and take advantage of, of cloud resources like immutable storage, being able to move data from region to region inexpensively and easily and, and to be able to take that cloud centric perspective and apply it on premises as well as in the cloud and at the edge is really where we believe that organizations are shifting their focus. >>Got it. We're just cracking the surface here. Phil, I wish we had more time, but I had a chance to read the Juba sponsored IDC White paper. Fascinating finds. I encourage all of you to download that, Take a read, you're gonna learn some very interesting statistics and recommendations for how you can really truly deploy data resilience in your organization. Phil, it's been a pleasure to have you on the program. Thank you for joining >>Me. No problem. Thank you, Lisa. >>In a moment, John Furrier will be here with his next guest. For right now, I'm Lisa Martin and you are watching the Cube, the leader in live tech coverage. >>We live in a world of infinite data, sprawling, dispersed valuable, but also vulnerable. So how do organizations achieve data resiliency when faced with ever expanding workloads, increasing security threats and intensified regulations? Unfortunately, the answer often boils down to what flavor of complexity do you like best? The common patchwork approaches are expensive, convoluted, and difficult to manage. There's multiple software and hardware vendors to worry about different deployments for workloads running on premises or in the cloud. And an inconsistent security framework resulting in enterprises maintaining four of five copies of the same data, increasing costs and risk building to an incoherent mess of complications. Now imagine a world free from these complexities. Welcome to the dr. A data resiliency cloud where full data protection and beautiful simplicity converge. No hardware, no upgrades, no management, just total data resili. With just a few clicks, you can get started integrating all of your data resiliency workflows in minutes. >>Through a true cloud experience built on Amazon web services, the DR A platform automates and manages critical daily tasks giving you time to focus on your business. In other words, get simplicity, scalability, and security instantly with the dr A data resiliency cloud, your data isn't just backed up, it's ready to be used 24 7 to meet compliance needs and to extract critical insights. You can archive data for long term retention, be protected against device failure and natural disasters, and recover from ransomware lightning fast. DVA is trusted with billions of backups annually by thousands of enterprises, including more than 60 of the Fortune 500 costing up to 50% less in the convoluted hardware, software, and appliance solutions. As data grows and becomes more critical to your business advantage, a data resiliency plan is vital, but it shouldn't be complicated. Dr. A makes it simple. >>Welcome back everyone to the cube and the drew of a special presentation of why ransomware isn't your only problem. I'm John Furrier, host of the Cube. We're here with w Curtis Preston. Curtis Preston, he known in the industry Chief Technical Evangelist at Druva. Curtis, great to see you. We're here at why ransomware isn't your only problem. Great to see you. Thanks for coming on. >>Happy to be here. >>So we always see each other events now events are back. So it's great to have you here for this special presentation. The white paper from IDC really talks about this in detail. I to get your thoughts and I'd like you to reflect on the analysis that we've been covering here and the survey data, how it lines up with the real world that you're seeing out there. >>Yeah, I think it's the, the survey results really, I'd like to say, I'd like to say that they surprised me, but unfortunately they didn't. The, the, the, the data protection world has been this way for a while where there's this, this difference in belief or difference between the belief and the reality. And what we see is that there are a number of organizations that have been hit successfully, hit by ransomware, paid the ransom and, and, and or lost data. And yet the same people that were surveyed, they had to high degrees of confidence in their backup system. And I, you know, I, I could, I could probably go on for an hour as to the various reasons why that would be the case, but I, I think that this long running problem that as long as I've been associated with backups, which you know, has been a while, it's that problem of, you know, nobody wants to be the backup person. And, and people often just, they, they, they don't wanna have anything to do with the backup system. And so it sort of exists in this vacuum. And so then management is like, oh, the backup system's great, because the backup person often, you know, might say that it's great because maybe it's their job to say so. But the reality has always been very, very different. >>It's funny, you know, we're good boss, we got this covered. Good, >>It's all good, it's all good, >>You know, and the fingers crossed, right? So again, this is the reality and, and, and as it becomes backup and recovery, which we've talked about many times on the cube, certainly we have with you before, but now with ransomware also, the other thing is people get ransomware hit multiple times. So it's not, not only like they get hit once, so, you know, this is a constant chasing the tail on some ends, but there are some tools out there, You guys have a solution. And so let's get into that. You know, you have had hands on backup experience. What are the points that surprised you the most about what's going on in this world and the realities of how people should be going forward? What's your take? >>Well, I would say that the, the, the one part in the survey that surprised me the most was people that had a huge, you know, that there, there was a huge percentage of people that said that they had a, a, a, you know, a a a ransomware response, you know, in readiness program. And you look at that and you, how could you be, you know, that high percentage of people be comfortable with their ransomware readiness program and a, you know, which includes a number of things, right? There's the cyber attack aspect of responding to a ransomware attack, and then there's the recovery aspect. And so your, you believe that your company was ready for that, and then you go, and I, I think it was 67% of the people in the survey paid the ransom, which as, as a person who, you know, has spent my entire career trying to help people successfully recover their data, that number I think just hurt me the most is that because you, you talked about re infections, the surest way to guarantee that you get rein attacked and reinfected is to pay the ransom. This goes back all the way ransom since the beginning of time, right? Everyone knows if you pay the blackmail, all you're telling people is that you pay blackmail and >>You're in business, you're a good customer arr for ransomware. >>Yeah. So the, the fact that, you know, 60 what two thirds of the people that were attacked by ransomware paid the ransom. That one statistic just, just hurt my heart. >>Yeah. And I think this is the reality. I mean, we go back and even the psychology of the practitioners was, you know, it's super important to get back in recovery and that's been around for a long time, but now that's an attack vector, okay? And there's dollars involved, like I said, the arr joking, but there's recurring revenue for the, for the bad guys if they know you're paying up and if you're stupid enough not to change, you're tooling, right? So, so again, it works both ways. So I gotta ask you, why do you think so many are unable to successfully respond after an attack? Is it because they know it's coming? I mean, I mean, they're not that dumb. I mean, they have to know it's coming. Why aren't they responding and successfully to this? >>I I think it's a, it's a litany of thing starting with the, that aspect that I mentioned before, that nobody wants to have anything to do with the backup system, right? So nobody wants to be the one to raise their hand because if, if you're the one that raises their hand, you know what, that's a good idea, Curtis, why don't you look into that? Right. Nobody, nobody wants to be, Where's >>That guy now? He doesn't work here anymore. Yeah, but I I I hear where you come from exactly. Psychology. >>Yeah. So there, there's that. But then the second is that because of that, no one's looking at the fact that backups are the attack vector. They, they, they become the attack vector. And so because they're the attack vector, they have to be protected as much, if not more than the rest of the environment. The rest of the environment can live off of active directory and, you know, and things like Okta, so that you can have SSO and things like that. The backup environment has to be segregated in a very special way. Backups have to be stored completely separate for from your environment. The login and authentication and authorization system needs to be completely separate from your typical environment. Why? Because if you, if that production environment is compromised now knowing that the attacks or that the backup systems are a significant portion of the attack vector, then you've, if, if the production system is compromised, then the backup system is compromised. So you've got to segregate all of that. And I, and I just don't think that people are thinking about that. Yeah. You know, and they're using the same backup techniques that they've used for many, many years. >>So what you're saying is that the attack vectors and the attackers are getting smarter. They're saying, Hey, we'll just take out the backup first so they can backup. So we got the ransomware it >>Makes Yeah, exactly. The the largest ransomware group out there, the KTI ransomware group, they are specifically targeting specific backup vendors. They know how to recognize the backup servers. They know how to recognize where the backups are stored, and they are exfiltrating the backups first and then deleting them and then letting you know you have ransom. >>Okay, so you guys have a lot of customers, they all kind of have the same this problem. What's the patterns that you're seeing? How are they evolving? What are some of the things that they're implementing? What is the best practice? >>Well, again, you, you've got to fully segregate that data. There are, and, and everything about how that data is stored and everything about how that data's created and accessed. There are ways to do that with other, you know, with other commercial products, you can take a, a, a standard product and put a number of layers of defense on top of it, or you can switch to the, the way Druva does things, which is a SAS offering that stores your data completely in the cloud in our account, right? So your account could be completely compromised. That has nothing to do with our account. And the, the, it's a completely different authentication and authorization system. You've got multiple layers of defense between your computing environment and where we store your backups. So basically what you get by default with the, the way juva stores your backups is the best you can get after doing many, many layers of defense on the other side and having to do all that work with us. You just log in and you get all of that. >>I guess how do, how do you break the laws of physics? I guess that's the question here. >>Well, when, because that's the other thing is that by storing the data in the cloud, we, we do, and I've said this a few times, that you get to break the laws of physics and the, the only way to do that is to, is time travel and what, that's what it, so yeah, so Druva has time travel. What, and this is a criticism by the way. I don't think this is our official position, but Yeah. But the, the idea is that the only way to restore data as fast as possible is to restore it before you actually need it. And that's what kind of what I mean by time travel in that you basically, you configure your dr your disaster recovery environment in, in DVA one time. And then we are pre restoring your data as often as you tell us to do, to bring your DR environment up to the, you know, the, the current environment as quickly as we can so that in a disaster recovery scenario, which is part of your ransomware response, right? Again, there are many different parts, but when you get to actually restoring the data, you should be able to just push a button and go the, the data should already be restored. And that's the, i that's the way that you break the laws of physics is you break the laws of time. >>Well, I, everyone wants to know the next question, and this is the real big question, is, are you from the future? >>Yeah. Very much the future. >>What's it like in the future? Backup recovery as a restore, Is it air gaping? Everything? >>Yeah. It, it, it, Well it's a world where people don't have to worry about their backups. I I like to use the phrase, get outta the backup business. Just get into the ReSTOR business. I I, you know, I'm, I'm a grandfather now and I, and I love having a granddaughter and I often make the joke that if I don't, if I'd have known how great grandkids were, I would've skipped straight to them, right? Not possible. Just like this. Recoveries are great. Backups are really hard. So in the future, if you use a SAS data protection system and data resiliency system, you can just do recoveries and not have to worry about >>Backups. Yeah. And what's great about your background is you've got a lot of historical perspective. You've seen that been in the ways of innovation now it's really is about the recovery and real time. So a lot of good stuff going on. And God think automated thingss gotta be rocking and rolling. >>Absolutely. Yeah. I do remember, again, having worked so hard with many clients over the years, back then, we worked so hard just to get the backup done. There was very little time to work on the recovery. And I really, I kid you not that our customers don't have to do all of those things that all of our competitors have to do to, you know, to, to break, to try to break the laws of physics. I've been fighting the laws of physics my entire career to get the backup done in the first place. Then to secure all the data, right to air gap it and make sure that a ransomware attack isn't going to attack it. Our customers get to get straight to a fully automated disaster recovery environment that they get to test as often as possible and they get to do a full test by simply pressing a single button. And you know, I, I wish that, I wish everybody had that ability. >>Yeah, I mean, security's a big part of it. Data's in the middle of it all. This is now mainstream front lines. Great stuff Chris, great to have you on, bring that perspective and thanks for the insight. Really >>Appreciate it. Always happy to talk about my favorite subject. >>All right, we'll be back in a moment. We'll have Steven Manley, the cto and on John Shva, the GM and VP of Product Manage will join me. You're watching the cube, the leader in high tech enterprise coverage. >>Ransomware is top of mind for everyone. Attacks are becoming more frequent and more sophisticated. It's a problem you can't solve alone anymore. Ransomware is built to exploit weaknesses in your backup solution, destroying data and your last line of defense. With many vendors, it can take a lot of effort and configuration to ensure your backup environment is secure. Criminals also know that it's easy to fall behind on best practices like vulnerability, scans, patches and updates. In fact, 42% of vulnerabilities are exploited after a patch has been released after an attack. Recovery can be a long and manual process that still may not restore clean or complete data. The good news is that you can keep your data safe and recover faster with the DR A data resiliency cloud on your side. The DR A platform functions completely in the cloud with no hardware, software, operating system, or complex configurations, which means there are none of the weaknesses that ransomware commonly uses to attack backups. >>Our software as a service model delivers 24 7 365 fully managed security operations for your backup environment. We handle all the vulnerability scans, patches and upgrades for you. DVA also makes zero trust security easy with builtin multifactor authentication, single sign-on and role-based access controls in the event of an attack. Druva helps you stop the spread of ransomware and quickly understand what went wrong. With builtin access insights and anomaly detection, then you can use industry first tools and services to automate the recovery of clean unencrypted data from the entire timeframe of the attack. Cyber attacks are a major threat, but you can make protection and recovery easy with dva. >>Welcome back everyone to the Cubes special presentation with DVA on why ransomware isn't your only problem. I'm John er, host of the Cube. Our next guest are Steven Manley, Chief Technology Officer of dva and I, John Trini VAs, who is the general manager and vice president of product management and Druva. Gentleman, you got the keys to the kingdom, the technology, ransomware, data resilience. This is the topic, the IDC white paper that you guys put together with IDC really kind of nails it out. I want to get into it right away. Welcome to this segment. I really appreciate it. Thanks for coming on. >>Great to be here John. >>So what's your thoughts on the survey's conclusion? I've obviously the resilience is huge. Ransomware is continues to thunder away at businesses and causes a lot of problems. Disruption, I mean just it's endless ransomware problems. What's your thoughts on the con conclusion? >>So I'll say the, the thing that pops out to me is, is on the one hand, everybody who sees the survey, who reads, it's gonna say, well that's obvious. Of course ransomware continues to be a problem. Cyber resilience is an issue that's plaguing everybody. But, but I think when you dig deeper and there and there's a lot of subtleties to look into, but, but one of the things that, that I hear on a daily basis from the customers is it's because the problem keeps evolving. It, it's not as if the threat was a static thing to just be solved and you're done because the threat keeps evolving. It remains top of mind for everybody because it's so hard to keep up with with what's happening in terms of the attacks. >>And I think the other important thing to note, John, is that people are grappling with this ransomware attack all of a sudden where they were still grappling with a lot of legacy in their own environment. So they were not prepared for the advanced techniques that these ransomware attackers were bringing to market. It's almost like these ransomware attackers had a huge leg up in terms of technology that they had in their favor while keeping the lights on was keeping it away from all the tooling that needed to do. A lot of people are even still wondering when that happens next time, what do I even do? So clearly not very surprising. Clearly I think it's here to stay and I think as long as people don't retool for a modern era of data management, this is going to stay this >>Way. Yeah, I mean I hear this whole time and our cube conversations with practitioners, you know there, it's kind of like the security pro give me more tools, I'll buy anything that comes in the market. I'm desperate. There's definitely attention but it doesn't seem like people are satisfied with the tooling that they have. Can you guys share kind of your insights into what's going on in the product side? Because you know, people claim that they have tools at fine points of, of recovery opportunities but they can't get there. So it seems to be that there's a confidence problem here in the market. What, how do you guys see that? Cuz I think this is where the rubber meets the road with ransomware cuz it's, it is a moving train, it's always changing but it doesn't seem as confidence. Can you guys talk about that? What's your reaction? >>Yeah, let me jump in first and Steven can add to it. What happens is I think this is a panic buying and they have accumulated this tooling now just because somebody said could solve your problem, but they haven't had a chance to take a re-look from a ground up perspective to see where are the bottlenecks, where are the vulnerabilities and which tooling set needs to lie? Where, where does the logic need to recite and what in Drew we are watching people do and people do it successfully, is that as they have adopted through our technology, which is ground up built for the cloud and really built in a way which is, you know, driven at a data insight level where we have people even monitoring our service for anomalies and activities that are suspicious. We know where we need to play a role in really kind of mitigating this ransomware. >>And then there's a whole plethora of ecosystem players that kind of combine to really really finish the story so to say, right? So I think this has been a panic buying situation. This is like, get me any help you can give me. And I think as this settles down and people really understand that longer term as they really build out a true defense mechanism, they need to think really ground up. They will start to really see the value of technologies like Druva and tried to identify the right set of ecosystem to really bring together to solve it meaningfully. >>Steven, >>I was gonna say, I mean one, one of the, one of the really interesting things in the survey for me and, and, and for a moment, little more than a moment, it made me think was that the large number of respondents who said I've got a really efficient well run backup environment, who then on basically the next question said, and I have no confidence that I can recover from a ransomware attack. And you scratch your head and you think, well if your backup environment is so good, why do you have such low confidence? And, and, and I think that's the moment when we, we dug deeper and we realized, you know, if you've got a traditional architecture and let's face the dis base architecture's been around for almost two decades now in terms of dis based backup, you can have that tune to the help that can be running as efficiently, efficiently as you want it, but it was built before the ransomware attacks before, before all these cyber issues, you know, really start hitting companies. And so I have this really well run traditional backup environment that is not at all built for these modern threat vectors. And so that's really why customers are saying I'm doing the best I can, but as Angen pointed out, the architecture, the tooling isn't there to support what, what problems I need to solve today. Yeah, >>Great point. And so yeah, well that's a great point. Before we get into the customer side, I wanna get to in second, you know, I interviewed Jare, the the founder CEO many years ago, even before the pandemic. You mentioned modern, you guys have always had the cloud, which r this is huge. Now that you're past the pandemic, what is that modern cloud edge you guys have? Cuz that's a great point. A lot of stuff was built kind of Beckham recovery bolted on, not really kind of designed into the, the current state of the infrastructure and the cloud native application modern environment we're seeing. Right? Now's a huge issue >>I think. I think it's, it's to me there's, there's three things that come up over and over and over again as, as we talk to people in terms of, you know, being built in cloud, being cloud native, why is an advantage? The first one is, is security and ransomware. And, and, and we can go deeper, but the most obvious one that always comes up is every single backup you do with DVA is air gap offsite managed under a separate administrative domain so that you're not retrofitting any sort of air gap network and buying another appliance or setting up your own cloud environment to manage this. Every backup is ransomware protected, guaranteed. I think the second advantage is the scalability. And you know this, this certainly plays into account as your, your business grows or in some cases as you shrink or repurpose workloads, you're only paying for what you use. >>But it also plays a a big role again when you start thinking of ransomware recoveries because we can scale your recovery in cloud on premises as much or as little as you want. And then I think the third one is we're seeing a basically things evolving new workloads, data sprawl, new threat vectors. And one of the nice parts of being a SA service in the cloud is you're able to roll out new functionality every two weeks and there's no upgrade cycle, there's no waiting, you know, the customer doesn't have to say, Wow, I need it six months in the lab before I upgrade it and it's an 18 month, 24 month cycle before the functionality releases. You're getting it every two weeks and it's backed by Druva to make sure it works. >>That says on John, you know, you got the, the product side, you know, it's challenging job cuz you have so many customers asking for things probably on the roadmap you probably go hour for that one. But I wanna get your thoughts on what you're hearing and seeing from customers. You know, we just reviewed the IDC with Phil. How are you guys responding to your customer's needs? Because it seems that it's highly accelerated on the, probably on the feature request, but also structurally as as ransomware continues to evolve. What are you hearing, what's the key customer need? How are you guys responding? >>Yeah, actually I have two things that I hear very clearly when I talk to customers. One, I think after listening to their security problems and their vulnerability challenges because we see customers and help customers who are getting challenge by ransomware on a weekly basis. And what I find that this problem is not just a technology problem, it's an operating model problem. So in order to really secure themselves, they need a security operating model and a lot of them haven't figured out that security operating model in totality. Now where we come in as rua is that we are providing them the cloud operating model and a data protection operating model combined with a data insights operating model which all fit into their overall security operating model that they are really owning and they need to manage and operate because this is just not about a piece of technology. >>On top of that, I think our customers are getting challenged by all the same challenges of not just spending time on keeping the lights on but innovating faster with faster, with less. And that has been this age old problem, do more with less. But in this, in this whole, they're like trying to innovate in the middle of the war so to say, right, the war is happening, they're getting attacked, but there's also net new shadow IT challenges that's forcing them to make sure that they can manage all the new applications that are getting developed in the cloud. There is thousands of SaaS applications that they're consuming not knowing which data is critical to their success and which ones to protect and govern and secure. So all of these things are coming at them at a hundred miles per hour while they're just, you know, trying to live one day at a time. >>And unless they really develop this overall security operating model helped by cloud native technologies like Druva that really providing them a true cloud native model of really giving like a touchless and an invisible protection infrastructure. Not just beyond backups, beyond just the data protection that we all know of into this kind of this mindset of kind of being able to look at where each of those functionalities need to lie. That's where I think they're grappling with now. Drew is clearly helping them with keep up to pace with the public cloud innovations that they need to do and how to protect data. We just launched our EC two offering to protect EC two virtual machines back in aws and we are gonna be continuing to evolve that to further many services that public cloud software cuz our customers are really kind of consuming them at breakneck speed. >>So the new workloads, the new security capabilities. Love that. Good, good call out there. Steven, this still the issue of the disruption side of it, you guys have a guarantee there's a cost of ownership as you get more tools. Can you talk about that angle of it? Because this is, you got new workloads, you got the new security needs, what's the disruption impact? Cause you know, you won't avoid that. How much is it gonna cost you? And you guys have this guarantee, can you explain that? >>Yeah, absolutely. So, so Dr launched our 10 million data resiliency guarantee. And, and for us, you know, there were, there were really two key parts to this. The first obviously is 10 million means that, you know, again we're, we're we're willing to put our money where our mouth is and, and that's a big deal, right? That that, that we're willing to back this with the guarantee. But then the second part, and, and, and this is the part that I think reflects that, that sort of model that Angen was talking about, we, we sort of look at this and we say the goal of DVA is to do the job of protecting and securing your data for you so that you as a customer don't have to do it anymore. And so the guarantee actually protects you against multiple types of risks all with SLAs. So everything from, you know, your data's gonna be recoverable in the case of a ransomware attack. >>Okay, that's good. Of course for it to be recoverable, we're also guaranteeing, you know, your backup, your backup success rate. We're also guaranteeing the availability of the service. You know, we're, we're guaranteeing that the data that we're storing for you can't be compromised or leaked externally and you know, we're guaranteeing the long term durability of the data so that if you back up with us today and you need to recover 30 years from now, that data's gonna be recovered. So we wanted to really attack the end to end, you know, risks that, that, that affect our customers. Cybersecurity is a big deal, but it is not the only problem out there and the only way for this to work is to have a service that can provide you SLAs across all of the risks because that means, again, as a SAS vendor, we're doing the job for you so you're buying results as opposed to technology. >>That's great. Great point. Ransomware isn't the only problem that's the title of this presentation, but is a big one. People concerned about it. So great stuff. In the last five minutes guys, if you don't mind, I'd love to have you share what's on the horizon for dva. You mentioned the new workloads on John, you mentioned this new security hearing shift left DevOps is now the developer model, they're running it get data and security teams now stepping in and trying to be as vo high velocity as possible for the developers and enterprises. What's on the horizon, Ava? What trends is the company watching and how are you guys putting that together to stay ahead in the marketplace and the competition? >>Yeah, I think listening to our customers, what we realize is they need help with the public cloud. Number one. I think that's a big wave of consumption. People are consolidating their data centers, moving to the public cloud. They need help in expanding data protection, which becomes the basis of a lot of the security operating model that I talked about. They need that first from before they can start to get into much more advanced level of insights and analytics on that data to protect themselves and secure themselves and do interesting things with that data. So we are expanding our coverage on multiple fronts there. The second key thing is to really bring together a very insightful presentation layer, which I think is very unique to thwa because only we can look at multiple tenants, multiple customers because we are a SAS vendor and look at insights and give them best practices and guidances and analytics that nobody else can give. >>There's no silo anymore because we are able to take a good big vision view and now help our customers with insights that otherwise that information map is completely missing. So we are able to guide them down a path where they can optimize which workloads need, what kind of protection, and then how to secure them. So that is the second level of insights and analytics that we are building. And there's a whole plethora of security offerings that we are gonna build all the way from a feature level where we have things like recycle bin that's already available to our customers today to prevent any anomalous behavior and attacks that would delete their backups and then they still have a way to recover from it, but also things to curate and get back to that point in time where it is safe to recover and help them with a sandbox which they can recover confidently knowing it's not going to jeopardize them again and reinfect the whole environment again. So there's a whole bunch of things coming, but the key themes are public cloud, data insights and security and that's where my focus is to go and get those features delivered and Steven can add a few more things around services that Steven is looking to build in launch. >>Sure. So, so yeah, so, so John, I think one of the other areas that we see just an enormous groundswell of interest. So, so public cloud is important, but there are more and more organizations that are running hundreds if not thousands of SaaS applications and a lot of those SaaS applications have data. So there's the obvious things like Microsoft 365 Google workspace, but we're also seeing a lot of interest in protecting Salesforce because if you think about it, you know, if you, if if someone you know deletes some really important records in Salesforce, that's, that's actually actually kind of the record of your business. And so, you know, we're looking at more and more SaaS application protection and, and really getting deep in that application awareness. It's not just about backup and recovery. When you look at something like, like a sales force or something like Microsoft 365, you do wanna look into sandboxing, you wanna, you wanna look into long term archival because again, this is the new record of the business, what used to be in your on premises databases that all lives in cloud and SaaS applications now. >>So that's a really big area of investment for us. The second one, just to echo what, what engine said is, you know, one of the great things of being a SaaS provider is I have metadata that spans across thousands of customers and tens of billions of backups a year. And I'm tracking all sorts of interesting information that is going to enable us to do things like make backups more autonomous so that customers, again, I want to do the job for them, will do all the tuning, we'll do all the management for them to be able to better detect ransomware attacks, better respond to ransomware attacks because we're seeing across the globe. And then of course being able to give them more insight into what's happening in their data environment so they can get a better security posture before any attack happens. Because let's face it, if you can set your, your data up more cleanly, you're gonna be a lot less worried and a lot less exposed from that attack happens. So we want to be able to again, cover those SaaS applications in addition to the public cloud. And then we want to be able to use our metadata and use our analytics and use this massive pipeline. We've got to deliver value to our customers, not just charts and graphs, but actual services that enable them to focus their attention on other parts of the business. >>That's great stuff. Run John. >>And remember John, I think all this while keeping things really easy to consume consumer grade UI APIs and the, the really, the power of SaaS as a service simplicity to kind of continue on amongst kind of keeping these complex technologies together. >>Aj, that's a great call out. I was gonna mention ease of use is and self-service, big part of the developer and IT experience expected, it's the table stakes, love the analytic angle. I think that brings the scale to the table and faster time to value to get to learn best practices. But the end of the day automation, cross cloud protection and security to protect and recover. This is huge and this is big part of not only just protecting against ransomware and other things, but really being fast and being agile. So really appreciate the insights. Thanks for sharing on this segment, really under the hood and really kind of the value of of the product. Thanks for coming on. Appreciate it. >>Thank you very much. >>Okay, there it is. You got the experts talking about under the hood, the product, the value, the future of what's going on with Druva and the future of cloud native protecting and recovering. This is what it's all about. It's not just ransomware they have to worry about. In a moment, Dave Ante will give you some closing thoughts on the subject here you're watching the cube, the leader in high tech enterprise coverage. >>As organizations migrate their business processes to multi-cloud environments, they still face numerous threats and risks of data loss. With a growing number of cloud platforms and fragmented applications, it leads to an increase in data silos, sprawl, and management complexity. As workloads become more diverse, it's challenging to effectively manage data growth infrastructure, and resource costs across multiple cloud deployments. Using numerous backup vendor solutions for multiple cloud platforms can lead to management complexity. More importantly, the lack of centralized visibility and control can leave you exposed to security vulnerabilities, including ransomware that can cripple your business. The dr. A Data Resiliency Cloud is the only 100% SAS data resiliency platform that provides centralized, secure air gapped and immutable backup and recovery. With dva, your data is safe with multiple layers of protection and is ready for fast recovery from cyber attack, data corruption, or accidental data loss. Through a simple, easy to manage platform, you can seamlessly protect fragmented, diverse data at scale, across public clouds and your business critical SaaS applications. Druva is the only 100% SAS fender that can manage, govern, and protect data across multiple clouds and business critical SAS applications. It supports not just backup and recovery, but also data resiliency across high value use cases such as e-discovery, sensitive data governance, ransomware, and security. No other vendor can match Druva for customer experience, infinite scale storage optimization, data immutability and ransomware protection. The DVA data resiliency cloud your data always safe, always ready. Visit druva.com today to schedule a free demo. >>One of the big takeaways from today's program is that in the scramble to keep business flowing over the past two plus years, a lot of good technology practices have been put into place, but there's much more work to be done specifically because the frequency of attacks is on the rise and the severity of lost, stolen, or inaccessible data is so much higher. Today, business resilience must be designed into architectures and solutions from the start. It cannot be an afterthought. Well, actually it can be, but you won't be happy with the results. Now, part of the answer is finding the right partners, of course, but it also means taking a systems' view of your business, understanding the vulnerabilities and deploying solutions that can balance cost efficiency with appropriately high levels of protection, flexibility, and speed slash accuracy of recovery. You know, we hope you found today's program useful and informative. Remember, this session is available on demand in both its full format and the individual guest segments. All you gotta do is go to the cube.net and you'll see all the content, or you can go to druva.com. There are tons of resources available, including analyst reports, customer stories. There's this cool TCO calculator. You can find out what pricing looks like and lots more. Thanks for watching why Ransomware isn't your only problem Made possible by dva, a collaboration with IDC and presented by the Cube, your leader in enterprise and emerging tech coverage.

>> Welcome everybody to this cube conversation. My name is Dave Vellante and we're joined today by Richard Goodwin, who's the group director of IT at Ultraleap and Avishek Kumar, who manages Dell's Power Store, product line, he directs that product line along with several other lines for the company. Gentlemen, welcome to the cube. >> (Avishek) Hi Dave. >> (Richard) Hi >> (Dave) So Richard, Ultraleap, very cool company tracks hand movements, and so forth. Tell us about the company and the technology I'm really interested in how it's used. >> Yeah, we've had many product lines, obviously. We're very innovative, and the organization was spun up from a PhD, a number of PhD students who were the co-founders for Ultraleap, and initially with mid-air haptics, as you, as many people may have seen, but also hand tracking, mid-air touch, sense and feel. So, yeah, it's, it's, it's quite impressive what we have produced and the number of sectors and markets that we were in. And obviously to, to push us to where we are, we have relied upon lots of the Dao technology, both software and hardware. >> (Dave) And what's your role at the company? >> I'm the group IT director, I'm responsible for the IT and business platforms, all infrastructure, network, hardware, software, and also the transition of those platforms to ensure that we're scalable. And we are able to develop our software and hardware as rapidly as possible. >> (Dave) Awesome. Yeah, a lot of data behind that too I bet. Okay Avishek, you direct a number of products at Dell across the portfolio, Unity, Extreme IO, the SC series, and of course power vault. It's quite the portfolio that you look after. So let's get into the case study, if we can, a bit, Richard, maybe you could paint a picture of, of your environment, some of the key applications that you're supporting and maybe what your infrastructure looks like. Give us a high level view. >> Sure. So, pre Power Store, we had quite a disparate architecture, so a fairly significant split and siding on the side of the cloud, not as hybrid as we would like, and not, not as much as on-prem, as we would have liked, and hey, but that's changed quite significantly. So we now have a number of servers and storage and storage arrays that we have on, on-premise, and then we host ourselves. So we are moving quite rapidly, you know as a startup and then moving to a scale-up, we needed that, that scalability and that versatility, and also the whole OPEX versus CAPEX, and also not being driven by lots of SaaS products and architecture and infrastructure, where we needed to be in control because of our development cycles and our products, product development. >> (Dave) So wait, Okay, So, so, too much cloud. I'm hearing you wanted a little bit a dose of on-prem, explain that a little bit more, the cloud wasn't doing it for you in terms of your development cycle, your control. Can you double click on that? >> Yeah. Some of the, some of the control and you know, there's always a balance because there's certain elements of our development cycles and our engineering, software engineering, where we need a very high parallelism for some of the work that we're doing, which then, you know, the CAPEX investment makes things very, very challenging, not commercially the right thing to do. However, there are some of our information, some of IP, some of the secure things that we do, we also do not want upgrades as an example, or any advantages or certain types of server and spec that we need to be quite and unique and that needs to be within our control. >> (Dave) Got it, Okay. Thank you for that. Avishek, we're going to talk about Power Store today. So set it up, please, tell us about Power Store, what it is, you know, why it's important to this conversation. >> Sure. So Power Store is a product that we launched may of 2020, roughly a little bit more than a year now. And it's a brand new architecture that Dell technologies released. And at the end of the day, I'll talk about a few unique aspects of the product, but at the end of the day, where we start with, it's a storage platform, right? So where we see similar to what Richard is saying here, in terms of being able to consolidate the customer's environment, whether it is blog, file, WeVaults, physical, virtual environments, and, and it's, as I said, it's a brand new architecture where we leveraged pieces of existing products, where it made sense, we are using all the latest and greatest technologies delivering the best performance based data reduction. And where we see a lot of traction is the options that it brings to the table for our customers in terms of flexibility, whether they want to add capacity, compute, whether in fact, we have apps on the deployment model where customers can consolidate their compute as well on the static storage platform with needed. So a lot of innovation from a platform perspective itself, and it's not just about the platform itself, but what comes along with it, right? So we refer to it as an ecosystem, part of it, where we work with Ansible playbooks, CSI plugin, you name it, right. And it's the storage platform by itself, doesn't stand by itself in a customer's environment, there are other aspects of the infrastructure that it needs to integrate with as well. Right? So if they are using Ansible playbooks, we want to make sure the integration is there. >> (Dave) Got it. >> And last, but perhaps not the least is the intelligence built into the platform, right? So as we are building these capabilities into the product, there is intelligence built into the product, as well as outside the product where things like Cloud IQ, things like technologies built into power suit itself makes it that much easier for the customers to manage the infrastructure and go from there. >> (Dave) Thank you for that, So, Richard, what was the workload? So it actually, you started with the sort of a Greenfield on-prem. If I understand it correctly, what was the workload that you were sort of building around or workloads? >> So, we had a, a number of different applications. Some of which we cannot really talk about too much, but we had, we had a VxRail, we had a a smaller doubt array and we have lots of what we class as runners, Kubernetes cluster that we run and quite a few different VMs that run on our, on-prem server infrastructure and storage arrays and the issues that we began to hit because of the high IO, from some of our workloads, that we were hitting very high latency, which rapidly stopped, began to cause us issues, especially with some of our software engineering teams. And that is when we embarked upon a competitive RFP for Dell Power Store, Dell were already engaged from an end-user compute where they'd been selected as the end-user compute provider from a previous competitive RFP. And then we engaged them regarding the storage issue that we had and we engaged the, our account lead and count exec, and a number of solution architects were working with us to ensure that we have the optimal solution. Dell were selected over the competitors because of many reasons, you know, the new technology, the de-duplication, the compression, the data, overall data reduction, and the guarantee that also came, came with that, the four-to-one data reduction guarantee, which was significant to us because of their amounts of data that we hold. And we have, you know, as I've mentioned, we're pulling further, further data of ours back into our hosted environments, which will end up on the Power Store, especially with the de-duplication that we're now getting. We've actually hit nine-to-one, which is significant. We were expecting four-to-one, maybe five-to-one with some of the data types. And what was excellent that we were that confident that they did not even review our data types prior, and they were willing to stand by that guarantee of four-to-one. And we've excelled that, we've got significant different data types on, on that array, and we've hit nine-to-one and that's gradually grown over the last nine months, you know, we were kind of at the six then we moved to seven and now we're hitting nine-to-one ratio. >> (Dave) That's great. So you get a little free storage. That's interesting what you're saying, Richard, cause I just assumed that a company that guaranteed four-to-one is going to say okay, let us, let us inspect your workload first and then we'll do the deal. So Avishek, what's the tech behind that data reduction that you're able to, with such confidence, not have to pre inspect the workload in this case anyway. >> Yeah. So, it goes back to the technologies that goes behind the product, right? So, so we, we stand behind the technology and we want to make it simpler for our customers as well where, again we don't want to spend weeks looking at all the data, scanning all the data before giving the guarantee. So we stand behind the technology where we understand that as the data is coming in, we are always going to be de-duplicate it. We are always going to compress it. There is technology within the product where we are offloading some of that to the outside the CPU, so it is not impacting the performance that the applications are going to see. So a data reduction by itself is not good enough, performance by itself is not good enough. Both of them have to be together, right? So, and that's what Power Store brings to the table. >> (Dave) Thank you. So Richard, I'm interested. I mean, I remember the Power Store announcement of, sort of, saw it leading up to it. And one of the big thrusts from Dell was the way I phrase it is essentially trying to create a cloud like experience on-prem. So really focused on simplicity. So my question to you is, let's start with just the deployment. You know, how complicated was it to install? What was that process like? How many clicks, I mean, not that you have to tell me how many clicks, but you know, what I'm asking is, is how difficult was it to get from zero to, you know, up and running? >> Well, we actually stepped our very difficult challenge. We were in quite a difficult situation where we'd pretty much gone off the cliff in terms of our IOPS performance. So the RFP was quite rapid, and then we needed to get whoever which vendor was successful, we needed to get that deployed rather rapidly and on the floor in our data center and server rooms, which we did. And it was very very simplistic, within three weeks of placing the order, we had that array in our server rack and we'd begun the migration, it was very simple to set up. And the management of that array has been, we've seen say 40% reduction in terms of effort to be able to manage our storage because it is very self-contained, you know, even from a reporting perspective, the deployment, the migration was all very, very, very simplistic, and you know, we we've done some work recently where we had to also do some work on the array and some other migrations that we were doing and the resilience came, came to, came to the forefront of where the Juul architecture and no single point of failure enabled us to do some things that we needed to do quite rapidly because of the, the Juul norms and the resilience within, within the unit and within the Power Store itself was considerable where we, we kept performance up, it also prioritize any discreet rebuilds, keeps the incoming ingest rates high, and prioritizes the, you know, the workloads, which is really impressive, especially when we are moving so quickly with our technology. We don't really have much time to, you know, micromanage the estate. >> (Dave) Can you, can you just repeat what you said on the percent reduction? I think I heard you cut out there a little bit, a percent reduction on, on, on management, on, on, on the labor side. >> So our lead storage engineer is estimated around 40% less management. >> (Dave) Wow. Okay. So that's, that's good. So actually, I love this conversation because, you know, in the early days of automation, people like, ah, that's my job, provisioning LUNs. I'm really good at it, but I think people are realizing that it's actually not something that you want to be really good at. It's something that you want to eliminate. So, it now maybe it's that storage engineer got his or her nights and weekends back, but, but what do they do now when they get that extra time, what do you, what do you put them on? You know, no more strategic initiatives or, you know, other, other tech things on the to-do list. What's that like?. >> The last thing that, you know, any of my team, whether it's the storage leads or some of the infrastructure team that were also involved in engaged, cause you know, the organization, we have to be quite versatile as a team in our skillsets. We don't want to be doing those BAU mundane tasks. Even the storage engineer does not want to be allocating LUNs and allocating storage to physical servers, Vms, etc. We want all of that to be automated. And, you know, those engineers, they're working on some of the cutting edge things that we're trying to do with machine learning as an example, which is much more interesting. It's what they want to be doing. You know, that aides, the obvious things like retention, interest and personal development, we don't want to be, you know, that base IT infrastructure management, is not where any of the engineers wants to be. >> (Dave) In terms of the decision to go with Dell Power Store. I'm definitely hearing there was a relationship. There was an existing relationship with Dell. I'm sure that played into it. >> There were many things. So the relationship wasn't really part of this, even though I've mentioned the end-user compute in any sets or anything that we're procuring, we want best of breed, you know, best of sets. And that was done on, the cost is definitely a driver. The technology, you know, is a big trust to us, We're a tech company, new technology to us is also fascinating, not only our own, but also the storage guarantee, the simplicity, the resilience within, within the unit. Also the ability, which was key to us because of what we're trying to do with our hybrid model and bring, bring back repatriate some of the data as it were from the client. We needed that ability to, with ease, to be able to scale up and scale high, and the Power Store gave us that. >> (Dave) When you say cost, I want to dig into that price or you know, the price tag or the, the cost, I mean, when you do the business case. And I wonder if we could add a little color to that. >> (Richard) There's two elements to this, so they're not only the cost of the price tag, but then also cost of ownership and the comparisons that we were running against the other vendors, but also the comparisons that we were running from a CAPEX investment against OPEX and what we have in the cloud, and also the performance, performance that we get from the cloud and our cloud storage and the resilience within that. And then also the initial price tag, and then comparing the CapEx investments to the OPEX where all elements that were key to us making our decision. And I know that there has to be some credit taken by the Dell account team and that their relationship towards the final phrase of that RFP, you know, were key initially, not all, we were just looking for the best possible storage solution for Ultraleap. >> (Dave) And to determine that on your end, was that like a feature, because it's sometimes fuzzy what the business impact is going to be like that 40% you mentioned, or the data reduction at nine to one, when there's a promise of four to one, did you, what did you do? Did you kind of do a feature function analysis and sort of line that up and, and say, okay, I'm going to map that to our business processes our IT processes and try to predict what the impact would be. Is that how you did it? or did you take a different approach? >> (Richard) We did. So we did that, obviously between vendors usually expected an RFP, but then also mapping to how that would impact the business. And that is not an easy process to go through. And we've seen more gains even comparing one vendor to another, some of that because of the technology, the terminology is very very different and sometimes you have to bring that upper level and also gain a much more detailed understanding, which at times can be challenging, but we did a very like-for-like comparison and, and also lots of research, but you're quite right. The business analysis to what we needed. We had quite a good forecast and from summarized stock information data, and also our engineering and business and strategic roadmap, we were able to map those two together, not the easiest of experiences, not one that I want to repeat, but we, we got it. (Dave laughing) >> (Dave)Yeah, a little bit of art and science involved. Avishek, maybe you could talk about Power Store, what, you know, give us the commercial. What makes it different from other products in the market of things like cloud IQ? Maybe you could talk about that a little bit. >> Sure. So, so again, from a, it's music to my ears, when Richard talks about the ease of deployment and the management, because there is a lot of focus on that. But even as I said earlier, from a man technology perspective, a lot of goodness built-in, in terms of being able to consolidate a customer's environment, onto the platform. So that's more from a storage point of view that give the best performance, give the best data reduction, storage efficiencies. The second part, of course, the flexibility, the options that Power Store gives to the customers in terms of sort of desegregating the storage and the compute aspects of it. So if, as a customer, I want to start with different points in terms of what our customer requirements are today, but going forward as the requirements change from a compute capacity perspective, you can use a scale up and scale out capabilities, and then the intelligence built in, right? So, as you scale out your cluster, being able to move storage around right, as needed being able to do that non-disruptively. So instead of saying that Mr. Customer, your, your storage is going to you're at 90% capacity, being able to say that based on your historical trending, we expect you run out of capacity in six months, some small things like that, right? And of course, if the, the dial home, the support assist capabilities that enabled, cloud IQ brings a lot of intelligence to the table as well. In addition to that, as they mentioned earlier, there is apps on capability that gives another level of flexibility to the customers to integrate your storage infrastructure into a virtual environment, if the customer chooses to do that. And last but not the least, it's not just about the product, right? So it's about the programs that we have put around it, anytime upgrade is a big differentiator for us, where it's an investment protection program for customers, where if they want to have the peace of mind, in terms of three months, nine months, three years down the line, if we come out with new technologies, being able to be upgrade to that non-disruptively is a big part of it as well. It's a peace of mind for the customers that, yes I'm getting into the Power Store architecture today, but going forward, I'm protected from that point of view. So anytime upgrade, it's a new business program that we put around leveraging the architectural benefits of Power Store, whether your compute requirement, your storage requirements change, you're covered from that point of view. So again, a very quick overview of, of what Power Store is, why it is different. And again, that's where that comes from. >> (Dave) Thank you for that. Richard, are you actively using cloud IQ? Do you get the, what kind of value do you get from it? >> Not currently. However, we have, we have had plans to do that. The uptake and BCR, our internal Workload is not allowed us, to do that. But one of the other key reasons for selecting Power Store was the non-disruptive element, you know, with other SaaS products, other providers, and other issues that we have experienced. That was one, that was a key decision for us from a Power Store perspective. One of the other, you know, to go back to the conversation slightly, in terms of performance, we are getting, getting there. You know, there's a 400% speed of improvement of publishing. We've got an 80% faster code coverage. Our firmware builds a 1300% quicker than they were previously. and the time savings of the storage engineer and, you know, as a director of IT, I often asked for certain reports from, from the storage array, we're working at, for storage forecast, performance forecast, you know, when we're coming close to product releases, code drops that we're trying to manage, the reporting or the Power Store is impressive. Whereas previously my storage engineer would not be the, the most happiest of people when I would be trying to pull, you know, monthly and quarterly reports, et cetera. Whereas now it's, it's ease and we have live dashboards running and we can easily extract that information. >> (Dave) I love that because, you know, so often we talk about the 40% reduction in IT labor, which okay, that's cool. But then your CFO's going to say, yeah, but it's not like we're getting rid of people. We, you know, we're still spending that money and you're like, okay. You're now into soft dollars, but when you talk about 400%, 80%, 1300% of what you're talking about business impact and that's telephone numbers to a CFO. So I love those metrics. Thank you for sharing. >> Yeah. But what would, they obviously, it's sort of like dashboards when they visualize that they are very hard hitting, you know, the impact. You're quite right the CFO does chase down you know, the availability and the resource profile, however, we're on a huge upward trajectory. So having the right resilience and infrastructure in places is exactly what we need. And as I mentioned before, those engineers are all reallocated to much more interesting work and, you know, the areas that will actually drive our business forward. >> (Dave) Speaking of resilience, are you doing any replication? >> Not currently. However, we've actually got a meeting regarding this today with some of the enterprise and some of their storage specialists, in a couple of hours time, actually, because that is a very high on the agenda for us to be able to replicate and have a high availability cluster and another potentially Power Store need. >> (Dave) Okay. So I was going to ask you where you want to take this thing. I'm hearing, you're looking at cloud IQ, really try to exploit that. So you got some headroom here in terms of the value that you can get out of this platform to do replication, faster recovery, et cetera, maybe protect against, you know, events. Guys, Thanks so much for your time. Really appreciate your insights. >> (Richard) No problem. >> (Avishek) Thank you. >> And thank you for watching this cube conversation. This is Dave Vellante and we'll see you next time.

>> From the SiliconANGLE Media office in Boston, Massachusetts, it's theCUBE. Now, here's your host, Dave Vellante. >> Hi everybody. This is Dave Vellante and welcome to this CUBE conversation. I've been following trends in backup and recovery and data protection for decades and I'll tell you right now is one of the most exciting eras that I've ever seen and with me here to talk about some of the trends and some hard news is Beth Phalen. She's the president and general manager of Dell EMCs data protection division. Beth it's great to see you again. Thanks for coming on. >> It's great to be here Dave. It's always good to talk to you. >> So, there's been a subtle change in IT. Even when you go to sort of the downturn in 2008 where IT was largely a support function. It's really now becoming a fundamental enabler. Are you seeing that with your customers? >> Absolutely. The vision of IT being some back office that is segregated from the rest of the company is no longer true. What we find is customers want their application owners to be able to drive data protection and then have that compared with the central oversight so they can still have that global overview. >> The other change is, for years data has been this problem that we have to manage. I got so much data. I got to back it up or protect it, move it. It's now become a source of value. Everybody talks about digital transformation. It's all about how you get value from data. >> Yeah. And it's so interesting because it was there all the time. Right? And suddenly people have realized, yes, this is an asset that has a huge impact on our business on our customers and again makes it even more important that they can rely on getting access to that data because they're building their business on it. >> So as the head of the data protection division, it's interesting. Even the palance has changed. It used to be, when it was just tape it was backup and now it's data protection. So the mindset is shifting. >> It is and it's continuing to shift with new threats like cyber recovery and other challenges that are out there, protecting data becomes the core of what we are offering our customers. >> So let's talk a little bit more about the catalysts for that change. You got tons of data, you are able to apply now machine intelligence like you never have before and you got cloud which brings scale. So this is changing the needs of customers in the way in which they protect data. >> As customers data becomes more and more distributed across multiple cloud providers, multiple locations, it's even more important that they can answer the question, where is my data and is it protected? And that they can recover it as quickly as possible. >> And you're seeing things like DevOps, data protection strategies and data management strategies, and so supporting DevOps and analytics applications. You also have new threats like ransomware. So it's a more fundamental component of cyber. >> Yeah and you will hear us talking a little bit about cyber recovery, the new product that we introduced last year. We can't just think about data protection as backup. We have to think about it as the comprehensive way that customers can get access to their data even if they're attacked. >> So much has changed. Everything has changed. >> The level of innovation that we've been doing has been keeping up with that change. And that's one of the things that I'm most excited about as the president of this division. We've been investing in enhancing the customer experience, and cyber recovery as I mentioned and expanding into new markets into driving a new level of reliability and resiliency, building on the duration that we have. And of course expanding into the cloud. So one of the things that hasn't changed is the fundamentals of I need to get my data back, I need to be trusted. Why is it, you guys make a big deal out of being number one. You're number one in all the Gartner Magic Quadrants and so forth. Why is leadership so important to customers and what are those fundamentals that haven't changed? >> So two questions there. First, leadership is so important because we have more experience protecting data around the globe than anybody else. And that means all environments right from the multi-petabyte, major corporations to the shops have maybe a terabyte. So 24 terabytes. We're involved in it all. So that experience is important. And then those fundamentals you talked about, lowest cost to protect, fastest performance, fastest backups and resiliency, those fundamentals have to be part of any data protection product. >> The way you guys are organized, you are in chare of R&D as well, you talked about innovation before. I wonder if you could talk a little bit more about how your R&D investments are translating into customer value in terms of price performance. So resiliency, speed, cost. What's going on there? >> The biggest thing that I wanna talk about and highlight here is how much our investment in cloud is enabling our customers to continue to have confidence that they can get the same level of digital trust that they've had with us on prem but now as they expand into the cloud for cloud disaster recovery, long-term retention, data protection in the cloud that that confidence comes with them. And we're doing it in a way that allows them to seamlessly expand into the cloud without having to introduce additional gateways, additional hardware. It becomes an extension of their data protection infrastructure. >> So the cloud operating model is very important here. What are you guys doing for instance, admins, application owners, in terms of enabling self-service for example. >> We have the broadest application support of any company. And what we're doing is we're integrating directly with those applications. Whether it be Oracle, SAP. You can go down the list. And then of course directly integrating with VMware for the VM admins. That's not enough though because if we just did that you wouldn't be able to have one view of how your data protection policies are working. And so we pair that with centralized governance to make sure that the person in charge of the data protection for that company still could have confidence that all the right things are happening. >> So what does the data protection portfolio look like? How should we think about that? >> Three simple things, Data Domain, our new integrated appliances and data protection suite. >> Okay. Follow up question on that is, how do you, for customers, obstruct the complexity? How are you simplifying their world especially in this cloud operating module. >> Simplifying comes in multiple stages. You have to simplify the first box to backup experience. We've cut that down to an hour and a half, two hours in max. From there, you have to make sure the day-to-day tasks are simple. So things like two clicks to do cloud failover, three clicks to failback. Things like a single step to restore a file in a VMware environment and then live movement of that VM to another primary storage array. That kind of targeted customer use case simple process is core to what we've been doing to enhance the customer experience. >> Now, you guys aren't really a public cloud provider so you gotta support multiple clouds. What are you doing there in terms of both cloud support and what are you seeing in multi-cloud. >> Most customers have more than one cloud provider that they're working with. So what we do is we allow the customers specific example right from within the data domain interface to select which cloud they wanna tier to and then they can also select other cloud providers through the same interface. So, it's not a separate experience. They can focus on the Data Domain but then interact with multiple clouds. >> Awesome. Beth, thanks for taking some time here to set this up. We're gonna hear about some hard news that you guys have today. We've got some perspectives from IDC on this but right now lets take a look at what the customer says. Keep it right there. (chilled piano music) >> Phoenix Children's is a healthcare organization for kids. Everything that we do is about the kids. So we wanna make sure that all our critical data that a doctor or a nurse needs on the floors to be able to take care of a sick kid, we need to make sure it's available at any time. The data protection software that we're using from Dell EMC with Data Domain give us that protection. Our critical data are well kept and we can easily recover them. Before we moved to Data Domain we were using Veritas NetBackup and some older technology. Our backup windows were taking upwards of 20 to 24 hours. Moving to Data Domain with de-duplication we can finish our full backups in less than seven hours. The user deployment for data protection software and Data Domain was very easy for us. Our engineers, they have never worked with data protection software or Data Domain before. They were able to do some research, walk a little bit with some Dell engineers and we were able to implement the technology within a month, a month and a half. ECS for Phoenix Children's Hospital is a great technology. Simple to use, easy to manage. The benefits from a user perspective are tremendous. From an IT perspective, I can extract terabytes of data in less than an hour. When we get into a critical situation, we can rely 100% on ECS that we will get the information that the doctor or the nurse needs to take care of the kid. The data protection software and the Data Domain benefits for Phoenix Children's Hospital are great. There is a solution that works seamlessly together. I have no worries that my backups will not run. I have no worries I will not be able to recover critical applications. (chilled piano music) >> We're back with Ruya Barrett who's the vice president of marketing for Dell EMC's Data Protection division. We got some hard news to get into. Ruya, let's get right into it. What are you guys announcing today? >> We are announcing a basically tremendous push with our data protection family both in Data Domain and Integrated Data Protection appliances and the software that basically makes those two rock. >> So, you've got a few capabilities that you're announcing. Cloud performance. Take us through sort of at a high level. What are the three areas that you're focused on this announcement? >> Exactly. You nailed it Dave. So three areas of announcement, exciting cloud capabilities and cloud expansion. We've been investing in cloud over the last three years and this announcement is just a furthering of those capabilities. Tremendous push around performance for an additional use cases and services that customers want. The last one but not least is basically expanded coverage and push into the mid-market space with our Data Domain 3300 and IDPA 4400. >> And this comes in the form of software that I can install on my existing appliances? >> It's all software value that really enables our appliances to do what they do best, to drive efficiency, performance but it's really the software layer that makes it sane. >> And if I'm a customer I get that software, no additional charges? >> If you have the capabilities, today you'll be able to get the expanding capabilities. No charge. >> Okay. So one of the important areas is cloud. Let's get into some of the cloud use cases. You're focused on a few of those. What are they? >> Cloud has become a really prevalent destination. So when we look at cloud and what customers wanna do with regards to data protection in the cloud, it's really a lot of use cases. The three we're gonna touch on today is really cloud tiering. Our capabilities are in cloud tiering with long time archival. So they're really trying to leverage cloud as a long time archival. The second one is really around cloud disaster recovery. To and from the cloud. So that's really important use case. That's becoming really important to our customers. And not, God forbid, for a disaster but just being able to test our disaster recovery capabilities and resiliency. And the last one is really in-cloud data protection. So those are the three use cases and we have enhancements across all three. >> Let's go deeper into those. So cloud tiering. We think of tiering. Often times you remember the big days of tiering, inbox tiering, hot data, cold data. What are you doing in cloud tiering? >> Well, cloud tiering is our way of really supporting object storage both on premises and in the cloud. And we introduced it about two years ago. And what we're really doing now is expanding that coverage, making it more efficient, giving customers the tools to be able to understand what the costs are gonna be. So one of the announcements is actually a free space estimator tool for our customers that really enables them to understand the impact of taking an application and using long-term retention using cloud tier both for their on-premise data protection capacity as well as what they need in the cloud and the cost associated. So that's a big question before customers wanna move data. Second is really broadest coverage. I mean, right now in addition to the usual suspects of AWS, Azure, Dell EMC Elastic Cloud Storage, we now support Ceph, we support Alibaba, we support Google Cloud. So really, how do you build out that multi-cloud deployment that we see our customers wanting to do with regards to their long-term archival needs? So really expanding that reach. So we now have the broadest coverage with regards to archiving in the cloud and using cloud for long-term retention. >> Great. Okay. Let's talk about disaster recovery. I'm really interested in this topic because the customers that we talk to they wanna incorporate disaster recovery and backup as part of a holistic strategy. You also mentioned testing. Not enough customers are able to test their DR. It's too risky, it's too hard, it's too complicated. What are you guys doing in the DR space. >> So one of the things that's I think huge and very differentiated with regards to how we approach, whether it's archive or whether it's DR or in-cloud is the fact that from an appliance standpoint you need no additional hardware or gateway to be able to leverage the capabilities. One of the things that we introduced, again cloud DR over a year ago, and we introduced it across our Data Domain appliances as well as our first entry to the mid-sized companies with IDPA DP 4400. And now what we're doing is making it available across all our models, all our appliances. And all of our appliances now have the ability to do fully orchestrated disaster recovery either for test use cases or actual disasters, God forbid, but what they are able to do. The three click failovers and the two click failbacks from the cloud. So both for failback from the cloud or in the cloud. So it's really big and important use cases for our customers right now. Again, with that, we're expanding use case coverage to now, we used to support AWS only, now we also support Azure. >> Great. Okay. The third use case you talked about was in-cloud data protection. What do you mean by that and what are you doing there? >> So one of, again, the really interesting things about our portfolio is our ability to run it as an integrated hardware-software platform or in the form of a software only deployment. So our data domain virtual addition is exactly that. You can run our Data Domain software in virtual machines. And what that allows our customers to do is whether they're running a software defined data center on prem or whether they want in-cloud capabilities and all that goodness they have been getting from Data Domain in the cloud, they now can do that very easily. And what we've done in that space with this announcement is expanded our capacity coverage. So now Data Domain Virtual Edition can cover 96 terabytes of in-cloud capability and capacity. And we've also, again, with that use case, expanded our coverage to include Google Cloud, AWS, Azure. So really expanded our coverage. >> Great. I'm interested in performance as well because everybody wants more performance but are we talking about backup performance, restore performance? What are you doing in that area? >> Perfect. And one of the things, when we talk about performance, one of the big use cases we're seeing that's driving performance is that customers wanna make their backup copies do more. They wanna use it for application test and development, they wanna use it for instant access to their VMs, instant access and restores for their VMs. So performance is being fueled by some additional services that customers wanna see on their backup copies. So basically one of the things that we've done with this announcement is improved our performance across all of these use cases. So for application test of test of development, you can have access to instant VMs. Up to 32 instant access and restore capabilities with VMs. We have improved our cash utilization. So now you can basically support a lot more IOPS, leveraging our cash, enhanced cash, four times as many IOPS as we were doing before. So up to 40,000 IOPS with almost no latency. So tremendous, again, improvement in use cases. Restores. Customers are always wanting to do restores faster and faster. So file restores is no exception to that. So with multi-streaming capability, we now have the opportunity and the capabilities to do file restores two times faster on premise and four times faster from cloud. So again, cloud is a big, everything we do, there's a cloud component to it. And that performance is no exception to that. >> The last thing I wanna touch on is mid-market. So you guys made an announcement this past summer. And so it sounds like you're doubling down on that space. Give us the update. >> Sure. So we introduced the Data Domain 3300 and our customers have been asking for a new capacity point. So one of the things we're introducing with this release is an eight terabyte version of Data Domain 3300 that goes and scales up to 32 terabytes. In addition to that, we're supporting faster networking with 10 gig E support as well as virtual tape libraries over Fiber Channels. So virtual tape libraries are also back and we're supporting with Data Domain 3300. So again, tremendous improvements and capabilities that we've introduced for mid-market in the form of Data Domain 3300 as well as the DP4400 which is our integrated appliance. So, again, how do we bring all that enterprise goodness to a much broader segment of the market in the right form factor and right capacity points. >> Love it. You guys are on a nice cadence. Last summer, we had this announcement, we got Dell Technologies World coming up in May, actually end of April, now May. So looking forward to seeing you there. Thanks so much for taking us through these announcements. >> Yeah, thank you. Thanks for having us. >> You're very welcome. Now, let's go Phil Goodwin. Phil Goodwin was an analyst at IDC. And IDC has done a ton of research on the economic impact of moving to sort of modern data protection environment, they've interviewed about a thousand customers and they had deep dive interviews with about a dozen. So let's hear from Phil Goodwin in IDC and we'll be right back. (chilled music) >> IDC research shows that 60% of organizations will be executing on a digital transformaion strategy by 2020, barely a year away. The purpose of digital transformation is to make the organization more competitive with faster, more accurate information and timely information driving driving business decisions. If any digital transformation effort is to be successful, data availability must be a foundational part in the effort. Our research also shows that 48.5% or nearly half of all digital transformation projects involve improvements to the organizations data protection efforts. Purpose-built backup appliances or PBBAs have been the cornerstone for many data protection efforts. PBBAs provide faster, more reliable backup with fewer job failures than traditional tape infrastructure. More importantly, they support faster data restoration in the event of loss. Because they have very high data de-duplication rates, sometimes 40 to one or more, organizations can retain data onsite longer at a lower overall cost thereby improving data availability and TCO. PBBAs may be configured as a target device or disk-based appliance that can be used by any backup software as a backup target or as integrated appliances that include all hardware and software needed for fast efficient backups. The main customer advantages are rapid deployment, simple management and flexible growth options. The Dell EMC line of PBBAs is a broad portfolio that includes Data Domain appliances and the recently introduced Integrated Data Protection Appliances. Dell EMC Data Domain appliances have been in the PBBA market for more than 15 years. According to IDC market tracker data as of December 20th, 2018, Dell EMC with Data Domain and IDPA currently holds a 57.5% market share of PBBA appliances for both target and integrated devices. Dell EMC PBBAs have support for cloud data protection including cloud long term retention, cloud disaster recovery and protection for workloads running in the cloud. Recently IDC conducted a business value study among Dell EMC data protection customers. Our business value studies seek to identify and quantify real world customer experiences and financial impact of specific products. This study surveyed more than 1000 medium-sized organizations worldwide as well as provided in-depth interviews with a number of them. We found several highlights in the study including a 225% five-year ROI. In numerical terms, this translated to $218,928 of ROI per 100 terabytes of data per year. We also found a 50% lower cost of operating a data protection environment, a 71% faster data recovery window, 33% more frequent backups and 45% more efficient data protection staff. To learn more about IDC's business value study of Dell EMC data protection and measurable customer impact, we invite you to download the IDC white paper titled, The Business Value of Data Protection in IT Transformation sponsored by Dell EMC. (bouncy techno music) >> We're back with Beth Phalen. Beth, thanks again for helping us with this session and taking us through the news. We've heard about, from a customer, their perspective, some of the problems and challenges that they face, we heard about the hard news from Ruya. Phil Goodwin at IDC gave us a great overview of the customer research that they've done. So, lets bring it home. What are the key takeaways of today? >> First and foremost, this market is hot. It is important and it is changing rapidly. So that's number one. Data protection is a very dynamic and exciting market. Number two is, at Dell EMC, we've been modernizing our portfolio over the past three years and now we're at this exciting point where customers can take advantage of all of our strenth put in multi-cloud environment, in a commercial environment, for cyber recovery. So we've expanded where people can take the value from our portfolio. And I would just want people to know that if they haven't taken a look at the Dell EMC data protection portfolio recently, it's time to take another look. We appreciate all of our customers and what they do for us. We have such a great relationship with our customer base. We wanna make sure that they know what's coming, what's here today and how we're gonna work with them in the future. >> Alright. Well, great. Congratulations on the announcement. You guys have been hard at work. It is a hot space. A lot of action going on. Where can people find more information? >> Go back to dellemc.com, it's all there. >> Great. Well, thank you very much Beth. >> Thank you Dave. >> And thank you for watching. We'll see you next time. This is Dave Vellante from theCUBE. (chilled music)

(Upbeat music) >> From the Hard Rock hotel in Las Vegas, its theCUBE! Covering the Hosho Con 2018, brought to you by Hosho. >> Okay, welcome back every one, this is theCUBE's exclusive coverage here live in Las Vegas for Hosho Con, the first inaugural event where security and block chain conferences is happening, it's the first of its kind where practitioners and experts get together to talk about the future, and solve some of the problems in massive growth coming they got a lot of them. Its good new and bad news but I guess the most important thing is security again, the first time ever security conference has been dedicated to all the top shelf conversations that need to be had and the news here are covering. Our next guest Greg Pinn who's the head of strategy and products for iComply Investor Services. Great to have you thanks for joining us. >> Very nice to be here >> So, we were just talking before we came on camera about you know all the kind of new things that are emerging with compliance and all these kind of in between your toes details and nuances and trip wires that have been solved in the traditional commercial world, that have gotten quite boring if you will, boring's good, boring means it works. It's a system. But the new model with Block Chain and Token Economics is, whole new models. >> Yeah I think what's so exciting about this is that in the Fiat world, from the traditional financial market, everyone is so entrenched in what they've been doing for 20, 30, 40 years. And the costs are enormous. And Block Chain, Crypto coming in now is like we don't have to do it that way. We have to do compliance. Compliance matters, it's important and it's your legal obligation. But you don't have to do it in the same sort of very expensive, very human way that people have been doing it in the past. >> And Cloud Computing, DevOps model of software proved that automations a wonderful thing >> Right >> So now you have automation and you have potentially AI opportunities to automate things. >> And what we've seen is huge increases in technology, in around machine learning and clustering of data, to eliminate a lot of the human process of doing AML, KYC verification, and that's driving down costs significantly. We can take advantage of that in the Crypto Space because we don't have thousands of people and millions of millions of dollars of infrastructure that we've built up, we're starting fresh, we can learn from the past and throw away all the stuff that doesn't work, or isn't needed anymore. >> Alright let's talk about the emerging state of regulation in the Block Chain community and industry. Where are we? What's the current state of the union? If you had to describe the progress bar you know with zero meaning negative to ten being it's working, where are we? What is the state of >> I think if you'd asked me a year ago I think negative would've been the answer. A year ago there was still a big fight in Crypto about do we even want to be part of Compliance, we don't want to have any involvement in that. Because it was still that sort of, Crypto goes beyond global borders, it goes beyond any of that. What's happened now is people have realized, it doesn't matter if you're dealing in Crypto Currency or traditional currency, or donkeys or mules or computers or whatever, if you're trading goods for value, that falls under Regulatory Landscape and that's what we're hearing from the SCC, from FinCEN, from all the regulators. It's not the form it's the function. So if you've got a security token, that's a security, whether you want it to be or not. You can call it whatever you want, but you're still going to be regulated just like a security. >> And I think most entrepreneurs welcome clarity. People want clarity, they don't want to have to be zigging when they should be zagging. And this is where we see domicile problem. Today it's Malta, tomorrow it's Bermuda. Where is it? I mean no one knows it's a moving train, the big countries have to get this right. >> A hundred percent. And beyond that what we're seeing, what's very, very frustrating for a market as global as this is it's not just country-level jurisdiction, the US you've got State-level jurisdiction as well. Makes it very, very hard when you're running a global business if you're an exchange, if you're any sort of global, with a global client reach. Managing that regulation is very, very difficult. >> You know I interviewed Grant Fondo who's with Goodwin Law Firm, Goodwin Proctor they call it Goodwin now, he's a regulatory guy, and they've been very on the right side of this whole SCC thing in the US. But it points to the issue at hand which is there's a set of people in the communities, that are there to be service providers. Law Firms, Tax, Accounting, Compliance. Then you got technology regulation. Not just financial you have GDPR, it's a nightmare! So okay, do we even need GDPR with Block Chain? So again you have this framework of this growth of internet society, now overlaid to a technical shift. That's going to impact not only technology standards and regulations but the business side of it where you have these needed service providers. Which is automated? Which isn't automated? What's your take on all of this? >> I agree with you a hundred percent, and I think what's helpful is to take a step back and realize while compliance is expensive and a pain and a distraction for a lot of businesses. The end of the day it saves people's lives. And this is what, just like if someone was shooting a gun as you were running down the street, in your house, you're going to call the police, that is what financial institutions are doing to save these industries and individuals that are impacted by this. A lot of it from a Crypto Currency perspective, we have a responsibility because so much of what the average person perception is, is Ross Ulbricht and Silk Road. And we have to dig our way out of that sort of mentality of Crypto being used for negative things. And so that makes it even more important that we are ultra, ultra compliant and what's great about this is there's a lot great opportunities for new vendors to come into the space and harness what existed whether that's harnessing data, different data channels, different IDDent verification channels and creating integrated solutions that enable businesses to just pull this in as a service. It shouldn't be your business, if you're in exchange, compliance is something you have to do. It should not become your business. >> Yeah I totally agree, and it becomes table stakes not a differentiator. >> Exactly >> That's the big thing I learned this week it's people saying security's a differentiator, compliance is a, nah, nah, I have standards. Alright so I got to ask you about the, you know I always had been on the biased side of entrepreneurship which is when you hear regulations and you go whoa, that's going to really stunt the growth of organic innovation. >> Right. But in this case the regulatory peace has been a driver for innovation. Can you share some opinions and commentary on that because I think there's a big disconnect. And I used to be the one saying regulation sucks, let the entrepreneurs do their thing. But now more than ever there's a dynamic, can you just share your thoughts on this? >> Yeah, I mean regulators are not here to drive innovation. That's not what their job is. What's been so interesting about this is that because of regulations coming to Crypto along with these other things, it's allowing businesses to solve the problem of compliance in very exciting, interesting ways. And it's driving a lot of technologies around machine learning, what people like IBM Watson are doing around machine learning is becoming very, very powerful in compliance to reduce that cost. The cost is enormous. An average financial institution is spending 15 percent. Upwards of 15 percent of their revenue per year on compliance. So anything they can do to reduce that is huge. >> Huge numbers >> And we don't want Crypto to get to that point. >> Yeah and I would also love to get the percentage of how much fraud is being eaten into the equation too. I'm sure there's a big number there. Okay so on the compliance side, what are the hard problems that the industry is solving, trying to solve? Could you stack rank the >> I think number one: complexity. Complexity is the biggest. Because you're talking about verifying against sanctions, verifying against politically exposed persons, law enforcement lists, different geographical distributions, doing address verification, Block Chain forensics. The list just stacks and stacks and stacks on the complexity >> It's a huge list. >> It's a huge list >> And it's not easy either. These are hard problems. >> Right, these are very, very difficult problems and there's no one expert for all of these things. And so it's a matter of bringing those things together, and figuring out how can you combine the different levels of expertise into a single platform? And that's where we're going. We're going to that point where it's a single shop, you want to release an ICO? You're an exchange and you need to do compliance? All of that should be able to be handled as a single interface where it takes it off of your hands. The liability is still with the issuer. It's still with the exchange, they can't step away from their regulatory liability, but there's a lot that they can do to ease that burden. And to also just ignore and down-risk people that just don't matter. So many people are in Crypto, not the people here, but there's so many people in Crypto, you buy one tenth of a Bitcoin, you buy a couple of Ether, and you're like okay that was fine. Do we really need to focus our time on those people? Probably not. And a lot of the >> There's a lot big money moving from big players acting in concert. >> And that's where we need to be focused. Is the big money, we need to be focused on where terrorists are acting within Block Chain. That's not to say that Block Chain and Crypto is a terrorist vehicle. But we can't ignore the reality. >> And I think the other thing too is also the adversary side of it is interesting because if you look at what's happening with all these hacks, you're talking about billions of dollars in the hands now of these groups that are highly funded, highly coordinated, funded basically underbelly companies. They get their hands on a quantum computer, I was just talking to another guy earlier today he's like if you don't have a sixteen character password, you're toast. And now it's twenty four so, at what point do they have the resources as the fly wheel of profit rolls in on the hacks. >> You know, one of the interesting things we talk about a lot is we have to rely on the larger community. We can't, I can't, you can't solve all of the problems. Quantum computing's a great example. That's where we look for things like two-factor authentication and other technologies that are coming out to solve those problems. And we need to, as a community, acknowledge That these are real problems and we've identified potential solutions. Whether that's in academia, whether it's in something like a foundation like the Ethereum Foundation, or in the private sector. And it's a combination of those things that are really driving a lot of it's innovation. >> Alright so what's the agenda for the industry if you had to have a list this long, how do you see this playing out tactically over the next twelve months or so as people start to get clarity. Certainly SCC is really being proactive not trying to step on everybody at the same time put some guard rails down and bumpers to let people kind of bounce around within some frame work. >> I think the SCC has taken a very cautious approach. We've seen cease and desist letters, we've seen notifications we haven't seen enormous finds like we see in Fiat. Look at HSBC, look at Deutsche Bank, billions of dollars in fines from the SCC. We're not seeing that I think the SCC understands that we're all sort of moving together. At the same time their responsibility is to protect the investor. And to make sure that people aren't being >> Duped. >> Duped. I was trying to find an appropriate term. >> Suckered >> Suckered, duped. And we've seen that a lot in ICOs but we're not seeing it, the headlines are so often wrong. You see this is an ICO scam. Often it's not a scam, it's just the project failed. Like lots of businesses fail. That doesn't mean it's a scam, it means it was a business fail. >> Well if institutional investors have the maturity to handle they can deal with failures, but not the average individual investor. >> Right, which is why in the US we have the credit investor, where you have to be wealthy enough to be able to sustain the loss. They don't have that anywhere else. So globally the SCC care and the other financial intelligence units globally are monitoring this so we make that we're protecting the investor. To get back to your question, where do I see this going? I think we're going to need to fast track our way towards a more compliant regime. And this I see as being a step-wise approach. Starting with sanctions making sure everyone is screened against the sanction list. Then we're going to start getting more into politically exposed persons, more adverse media, more enhanced due diligence. Where we really have that suite of products and identify the risk based on the type of business and the type of relationship. And that's where we need to get fast. And I don't think the SCC is going to say yeah be there by 2024, it's going to be be there by next year. I was talking to Hartej, he was one of the co founders of Hosho and we were talking on TheCUBE about self-regulation and some self-policing. I think this was self-governed, certainly in the short term. And we were talking about the hallway conversations and this is one of the things that he's been hearing. So the question for you Greg is: What hallway conversations have you overheard, that you kind of wanted to jump into or you found interesting. And what hallway conversations that you've been involved in here. >> I think the most interesting, I mentioned this on a panel and got into a great conversation afterwards, about the importance of the Crypto community reaching out to the traditional financial services community. Because it's almost like looking across the aisle, and saying look we're trying to solve real business problems, we're trying to create great innovative things, you don't have to be scared. And I was speaking at a traditional financial conference last week and there it was all people like this Crypto is scary and it's I don't understand it. >> You see Warren Buffett and Bill Gates poopooing it and freak out. >> But we have an obligation then, we can't wait for them to realize what needs to be done. We need to go to them and say, look we're not scary, look let's sit down. If you can get a seat at a table with a head of compliance at a top tier bank, sit down with them and say let me explain what my Crypto ATM is doing and why it's not a vehicle for money laundering, and how it can be used safely. Those sorts of things are so critical and as a community for us to reach across the aisle, and bring those people over. >> Yeah bridge the cultures. >> Exactly. Because it's night and day cultures but I think there's a lot more in common. >> And both need each other. >> Exactly. >> Alright so great job, thanks for coming on and sharing your insights. >> Thank you so much. >> If you have a quick plug on what you're working on, give the plug for the company. >> Sure, so iComply Investor Services is here to help people who want to issue ICOs, do that in a very compliant way. Because you shouldn't have to worry about all of your compliance and KYC and Block Chain Forensics and all that, you should be worried about raising money for your company and building a product. >> Alright final question since I got you here 'cause this is on my mind. Security token, has got traction, people like it 'cause no problem being security. What are they putting against that these days, what trend are you seeing in the security token? Are they doing equity? I'm hearing from hedge funds and other investors they'll want a little bit of equity preferred and or common, plus the token. Or should the token be equity conversion? What is some of the strings you're seeing? >> You know I think it' really just a matter of do you want paper or do you want a token? Just like a stock certificate is worth nothing without the legal framework behind it. A security token is the same way. So we're seeing where some people are wanting to do equity, where some of their investors want the traditional certificate. And some are fine with the token. We're seeing people do hybrid tokens where it morphs from security to utility or back. Where they're doing very creative things. It's what's so great about the Ethereum Network and the Smart Contracts, is there are all of these great options. The hard part then is, how do you fit those options into regular framework. >> And defending that against being a security, and this is interesting because if it converts to a utility, isn't that what security is? >> So that's the question. >> Then an IPO is an, again this is new territory. >> Right, and very exciting territory. It's an exciting time to be involved in this industry. >> In fact I just had an AE3B Election on tokens, first time ever. >> Yeah it's an amazing state that we're in. Where serious investors are saying yeah token's great for me. Give me the RC20 I'll stick it in my MetaMask Wallet, it's unbelievable where we are. And only more exciting things to come. >> Greg Pinn, thanks for coming on and sharing your insights. TheCUBE covers live here in Las Vegas, Hoshocon, the first security conference in the industry of its kind where everyone's getting together talking about security. Not a big ICO thing, in fact it's all technical, all business all people shaping the industry, it's a community it's TheCUBE coverage here in Las Vegas. Stay with us for more after this short break. (Upbeat music)