(upbeat music) >> Narrator: Live from Las Vegas, it's theCUBE, covering Splunk .Conf19. Brought to you by Splunk. >> Welcome to theCUBE everybody, we're here in Las Vegas for Splunk's .Conf, I'm John Furrier, host of theCUBE, here with Lisa Martin for the next three days. Lisa will be here tomorrow and the next day. I'm going to be carrying it solo, this is our seventh year .Conf, Splunk's conference celebrating their 10th year. Our first guest is Melissa Zicopula, vice president of managed services of Herjavec Group. Robert's been on before, welcome to theCUBE. >> Thank you. >> I always get that, Herjavec? >> Herjavec Group. >> Herjavec Group. >> Happy to be here. >> Well known for the Shark Tank, but what's really interesting about Robert and your company is that we had multiple conversations and the Shark Tanks is what he's known for in the celebrity world. >> Melissa: Yes. >> But he's a nerd, he's a geek, he's one of us! (laughing) >> He's absolutely a cyber-security expert in the field, yes. >> So tell us what's going on this year at .Conf obviously security continues to be focus you guys have a booth here, what's the message you guys are sharing, what's the story from your standpoint? >> Yeah, so we do, Herjavec we're focusing on managed security services, where information security is all we do, focusing on 24/7 threat detection, security operations and also threat management. So, we want to be able to demo a lot of our capabilities, we're powered by Splunk, our HG analytics platform uses, heavily uses Splunk on the back end. So we want to be able to showcase for our customers, our clients, our prospects different types of use cases, different types of ways to detect malicious activity, while leveraging the tool itself. >> And data we're been covering since 2013, Splunk's .Conf, it's always been a data problem, but the data problem gets bigger and bigger, there's more volume than ever before which shifts the terms to the adversaries because ransomware is at an all time high. >> Melissa: Sure. >> Data is where the value is, but that's also where the attack vectors are coming from. This isn't going away. >> Absolutely, yeah, we want to focus on not just what type of data you're ingesting into your instance but to also understand what types of log sources you're feeding into your sim today. So we have experts actually focus on evaluating the type of log sources we're bringing in. Everything from IPS, to AV, to firewall you know, solutions into the sim so that way we can build use cases those, to be able to detect different types of activity. We leverage different types of methodologies, one of them is Mitre framework, CIS top 20. And being able to couple those two together it's able to give you a better detection mechanism in place. >> I want to some kind of, clarification questions because we talked to a lot of CSOs and CIOs and and CXOs in general. >> Melissa: Sure. >> The roles are changing, but the acronyms of the providers out in the market place are specializing, some have unique focuses, some have breadth, some have depth, you guys are an MSSPP. So, MSSPP, not to be confused with an MSP. Or ISV, there's different acronyms, what is the difference between an MSSPP versus an MSP? >> Melissa: Correct, so it's, we are a MSSP, which is a Managed Security Service Provider. And what we do is just, we're focused on we're very security-centric. So information, security is all we do everything from threat detection, we even have a consulting advisory role where we're actually doing penetration exams. We're PCI compliant, obviously SOC operations are the bread and butter of our service. Whereas, other MSPs, Managed Services Providers, they can do anything from architecture, network operations in that purview. So, we're focused on more of SIM solutions, endpoint, being able to manage any of your security technologies. And also, monitor them to take a fact into the SOC. >> So you guys are very focused? >> Melissa: Very focused on security. >> Then what's the key decision point for a customer to go with you guys, and what's the supplier relationship to the buyer because they're buying everything these days! >> Melissa: Sure. >> But they want to try and get it narrowed down so the right people are in the right place. >> Melissa: Yeah, so one of the great things about Herjavec Group is we are, you know, we're vendor agnostic, we have tons of experts in, you know, expertise resources that monitor, manage different types of technologies. Whether it's Splunk and other technologies out there, we have a team of people, that are very, very, you know, centric to actually monitor and manage them. >> How big is Splunk, in relative with your services? How involved are they with the scope? >> Melissa: Over 60% of our managed clients today, utilize Splunk, they're heavy Splunk users, they also utilize Splunk ES, Splunk Core, and from a management side, they're implementing them into their service. All of the CSOs and CROs or CIOs are leveraging and using it, not just for monitoring and security but they're also using it in development environments, as well as their network operations. >> So, one of the things I've been, I won't say preaching, because I do tend to preach a lot, but I've been saying and amplifying, is that tools that have come a long in the business and there's platforms and Splunk has always kind of been that, a platform provider, but also a good tool for folks. But, they've been enabling value, you guys have built an app on Splunk, the proprietary solutions. >> Absolutely. >> Could you tell me about that because this is really where the value starts to shift, where domain expertise focused practices and services, like you guys are doing, are building on someone else's platform with data, talk about your proprietary app. >> Absolutely, so we discovered, a few years ago, was that customers needed help getting to the data faster. So we were able to build in built-in queries, you know literally one click, say if you wanted to get to a statistical side of how many data sources are logging your SIM, is the data, you know, modeling complete, you know, is there anything missing in the environment or are there any gaps that we need to fill? You're able to do it by just clicking on a couple of different, you know, buttons within the tool itself. It gives you a holistic view of not just the alerts that are firing in your environment but all the data log sources that are coming into your SIM instance. It's a one stop shop. And also, what's great about it, is that it also powers Splunk ES, so Splunk ES also has similar tools and they are, literally, I mean that tool is so great you can go in, you can look at all the alerts, you can do an audit trail, you can actually do drill-down analysis, you can actually see the type of data like PCAP analysis, to get to the, you know, the type of activity you want to get to on a granular level. So, both tools do it really well. >> So you have hooks into ES, Splunk ES? >> Yes, we can actually see, depending on the instance that it's deployed on, 'cause our app is deployed on top of Splunk for every customer's instance. They're ale to leverage and correlate the two together. >> What are some of the trends in the marketplace that you're seeing with your customers? Obviously, again, volumes are increasing, the surface area of attacks is coming in it's more than log files now, it's, you got traces, you got other metrics >> Melissa: Sure. >> Other things to measure, it's almost It's almost too many alerts, what do you-- >> Yeah, a lot of KPI's. The most important thing that any company, any entity wants to measure is the MTTD, the Mean Time To Detection, and also mean time to resolve, right? You want to be able to ensure that your teams are have everything at their fingertips to get to the answer fast. And even if there's an attack or some type of breach in their environment, to at least detect it and understand where it is so they can quarantine it from spreading. >> What's the biggest surprise that you've seen in the past two years? I mean, 'cause I look back at our interviews with you guys in 2013, no 2015. I mean, the narrative really hasn't changed global security, I mean, all the core, top line stories are there, but it just seems to be bigger. What's the big surprise for you in terms of the marketplace? >> The big surprise for me is that companies are now focusing more on cyber-hygiene. Really ensuring that their infrastructure is you know, up to par, right? Because you can apply the best tools in-house but if you're not cleaning up you know, your backyard (laughing) it's going to get tough. So now we have a lot of entities really focusing and using tools like Splunk you know, to actually analyze what's happening in their environment, to clean up their back of house, I would say and to put those tools in place so they could be effective. >> You know, that's a classic story clean up your own house before you can go clean up others, right? >> Right. >> And what a trend we've been seeing in the marketplace on theCUBE and talking to a lot of practitioners is, and channel partners and suppliers is that, they tend to serve their customers, but they don't clean up their own house and data's moving around so now with the diversity of data, they've got the fabric search, they got all kind of new tools within Splunk's portfolio. >> It's a challenge, and it could be you know, lack of resources, it just means that we have you know, they don't have the right expertise in-house so they used managed security providers to help them get there. For example, if a network, if we identify the network being flat, we can identify you know, how to help them how to be able to kind of, look at the actual security landscape and what we need to do to have good visibility in their environment from places they didn't know existed. >> What's the one, one or two things that you see customers that need to do that, they aren't doing yet? You mentioned hygiene is a trend, what are some other things that that need to be addressed, that are almost, well that could be critical and bad, but are super important and valuable? >> I think now a lot of, actually to be quite honest a lot of our clients today or anyone who's building programs, security programs are getting you know, very mature. They're adopting methodologies, like Mitre Framework, CIS Top 20, and they're actually deploying and they're actually using specific use cases to identify the attacks happening in their environment. Not just from a security-centric standpoint but also from an operations side you know, you could identify misconfigurations in your environment, you can identify things that are you know, just cleaning up the environment as well. >> So, Splunk has this thing called SOAR, Security-- >> Automation. >> Orchestration Automation Recovery, resilience whatever R, I think R stands for that. How does that fit in to your market, your app and what you guys are doing? >> So it definitely fits in basically, being able to automate the redundant, mundane types of tasks that anyone can do, right? So if you think about it, if you have a security operations center with five or 10 analysts, it might take one analyst to do a task, it might take them two or three hours, where you can leverage a tool like Phantom, any type of SOAR platform to actually create a playbook to do that task within 30 seconds. So, not only are you minimizing the amount of you know, head count to do that, you're also you know, using your consistent tool to make that function make that function you know, more, I want to say enhanced. So you can build play books around it, you can basically use that on a daily basis whether it's for security monitoring or network operations, reporting, all that becomes more streamlined. >> And the impact to the organization is those mundane tasks can be demotivating. Or, there's a lot more problems to solve so for productivity, creativity, can you give some examples of where you've seen that shift into the personnel, HR side the human resource side of it? >> Yeah, absolutely so you know, you want to be able to have something consistent in your environment, right? So you don't want others to get kind of, get bored or you know, when you're looking at a platform day in and day out and you're doing the same task everyday, you might miss something. Whereas, if you build an automation tool that takes care of the low hanging fruit, so to speak, you're able to use a human component to put your muscles somewhere else, to find some you know, the human element to actually look for any types of malicious anomalies in the environment. >> How much has teamwork become a big part of how successful companies manage a security threat landscape? >> Very, very important. I mean, you're talking about leveraging different teams on the engineering side, on the operations side, even you know, coupling that with business stakeholders. You absolutely need to get the business involved so they have an understanding of what's critical to their environment, what's critical to their business, and making sure that we're taking security, obviously seriously, which a lot of companies know already, but not impeding on the operation. So doing it safely without having to minimize impact. >> Well let's just, I got to ask you this question around kind of, doing the cutting edge but not getting bled out, bleeding edge, bleeding out and failing. Companies are trying to balance you know, being cutting edge and balancing hardcore security Signal FX is a company that Splunk bought, we've been following them from the beginning. Strong tracing, great in that cloud native environment. So cloud native with micro services is super hot in areas you know, people see with Kubernetes and so on happening, kind of cutting edge though! >> Melissa: Right. >> You don't want to be bleeding edge 'cause there's some risks there too so, how do you guys advise your clients to think about cloud native with Splunk and some of the things that they're there but as the expression goes "there's a pony in there somewhere" but it's risky still, but certainly it's got a lot of promise. >> Yeah, you know, it's all about you know, everyone's different, every environment's different. It's really about explaining those options to them what they have available, whether they go on the cloud, whether they stay on-prem, explaining them from a cost perspective, how they can implement that solution, and what the risks are involved if they had and how long that will take for them to implement it in their environment. >> Do you see a lot of clients kicking the tires in cloud native? >> A lot of customers are migrating to cloud. One, because they don't have to keep it in a data warehouse, they don't have to have somebody manage it, they don't have to worry about hardware or licenses, renewals, all that. So, it's really easy to spin up a you know, a cloud instance where they can just keep a copy of it somewhere and then configure it and manage it and monitor it. >> Melissa, great insight, and love to have you on theCUBE, I got to ask you one final question >> Melissa: Sure. >> As a, on a personal note well, personal being you're in the industry you know, I hear a lot of patterns out there, see a lot of conversations on theCUBE. One consistent theme is the word scale. Cloud brings scale to the table, data scaling, so data at scale, cloud at scale, is becoming a reality for customers, and they got to deal with it. And this also impacts the security piece of it. What are some of the things that you guys and customers are doing to kind of one, take advantage of that wave but not get buried into it? >> Absolutely, so you just want to incorporate into the management life cycle, you know you don't want to just configure then it's one and done, it's over. You want to be able to continually monitor what's happening quarter over quarter you know, making sure that you're doing some asset inventory, you're managing your log sources, you have a full team that's monitoring, keeping up with the processes and procedures, and making sure that you know, you're also partnering with a company that can can follow you you know, year over year and build that road map to actually see what you're building your program, you know. >> So here's the personal question now, so, you're on this wave, security wave. >> Melissa: Sure. >> It's pretty exciting, can be intoxicating but at the same time, it's pretty dynamic. What are you excited about these days in the industry? What's really cool that you're getting jazzed about? What's exciting you in the industry these days? >> Automation, absolutely. Automation, being able to build as many playbooks and coupling that with different types of technologies, and you know, like Splunk, right? You can ingest and you can actually, automate your tier one and maybe even a half of a tier two, right, a level two. And that to me is exciting because a lot of what we're seeing in the industry now is automating as much as possible. >> And compare that to like, five years ago in terms of-- >> Oh absolutely, you know, SOAR wasn't a big thing five years ago, right? So, you had to literally sit there and train individuals to do a certain task, their certain function. And then you had to rely on them to be consistent across the board where now, automation is just taken that to the next level. >> Yeah it's super exciting, I agree with you. I think automation, I think machine learning and AI data feeds, machine learning. >> Michelle: Right. >> Machine learning is AI, AI is business value. >> Being able to get to the data faster, right? >> Awesome, speed, productivity, creativity, scale. This is the new formula inside the security practice I'm John Furrier with theCUBE. More live coverage here for the 10th anniversary of Splunk .Conf, our seventh year covering Splunk from a start-up, to going public, to now. One of the leaders in the industry. I'm John Furrier, we'll be right back. (techno music)

>> Announcer: Live from Washington, DC it's theCUBE. Covering .conf2017. Brought to you by Splunk. >> Welcome back here on theCUBE continuing our coverage of .conf2017 sponsored by Get Together in your nations capitol, we are live here at the Walter Washington Convention Center in Washington, DC. Along with Dave Vellante I'm John Walls Joined now by a couple CUBE alums, actually, you guys were here about a year ago. Yeah, Robert Herjavec, with the Herjavec Group of course you all know him from Shark Tank fame answer Atif Ghauri who is the VP of Customer Service Success at the Herjavec Group. I love that title, Atif we're going to get into that in just a little bit. Welcome. >> Thank you. >> Good to see you all. >> We're more like CUBE groupies We're more like CUBE groupies. >> Alums. >> Alums, okay, yeah. >> If we had a promo reel. >> Yeah, we love it here. We get free mugs with the beautiful Splunk. >> That doesn't happen all the time does it. >> Where did you get those? >> They're everywhere. >> Dave, I'll share. >> So again for folks who don't, what brings you here what, what's the focus here for the Herjavec Group in in terms of what you're seeing in the Splunk community and I assume it's very security driven. >> Yeah, well we've been part of the Splunk community for many years going on gosh, eight, nine years. We're Splunkers and we use Splunk as our core technology to provide our managed service and we manage a lot of customer environments with Splunk and we've been really forefront of Splunk as a SIM technology for a long time. >> Atif, excuse me, David, just the title, VP of Customer Service Success, what's under that umbrella? >> Yeah, it's actually pretty simple and straightforward given especially that Splunk's aligned the same way. Christmas success is King, right. If our customers aren't successful then how are we successful? So what we're trying to do there is putting the customer first and help in growing accounts and growing our services starting with our customers that we have today. >> It was actually Doug Maris, I have to give him full credit him and I were on a flight, and I said to him what's really critical to you growing revenue, efficiency, innovation and he said, number one for us is customer success. So we're very happy to steal other people's ideas if they're better. >> So security's changing so fast. You mentioned SIM, Splunk's narrative is that things are shifting from a traditional SIM world to one of an analytic driven remediation world. I wonder if you could talk about what you're seeing in the customer base, are people actually shifting their spending and how fast and where do you see it all going? >> Yeah, so the days of chasing IOC's is a dead end. Because that's just a nonstop effort. What's really happening now is technique detection. Defining, looking at how hackers are doing their trade craft and then parroting that. So Splunk has ideas and other vendors have ideas on how to go about trying to detect pattern recognition of attacker trade craft. And so what definitely was driving what's next when it comes to security automation, security detection, for our customers today. >> You know, we always tell people and it's just dead on but the challenge is people want to buy the, sexy, exciting thing and why I always try to say to customers is you're a dad and you have three kids, and you have a minivan. You don't really want to own a minivan, you want a really nice Ferrari or Corvette but at the end of the day, you have three kids and you got to get to the store. And in the security world it's a little bit like that. People talk about artificial intelligence and better threat metrics and analytics but the core, foundational basis still is logs. You have to manage your log infrastructure. And the beauty of Splunk is, it does it better than anyone and gives you an upstream in fact to be able to do the analytics and all those other things. But you still got to do the foundation. You still got to get three kids into the minivan and bring back groceries. >> So there's been a lot of focus, obviously security's become a Board level topic. You hear that all the time, you used to not hear it all the time, used to be IT problem. >> Absolutely, the only way I could get a meeting with the CEO or CIO was because I was on Shark Tank. But as a security guy, I would never meet any executives. Oh yeah I spend 80% of my time meeting with CEO, not just CIO's, but CEO's and Boards and that kind of stuff, absolutely. >> How should the CIO be communicating the Board about security, how often, what should be the narrative you know, transparency, I wonder if you could give us your thoughts. >> It's a great question. There's a new financial regulation that's coming out where CISO's and CIO's actually have to sign off on financial statements related to cyber security. And there's a clause in there that says if they knowingly are negligent, it carries criminal charges. So the regulations coming into cyber security are very similar to what we're seeing and Sarbanes Oxley like if a CEO signs an audit statement that he suspects might have some level of negligence to it I'm not talking about outright criminal fraud but just some level of negligence, it carries a criminal offense. If you look at the latest Equifax breach, a lot of the media around it was that there should be criminal charges around it. And so as soon as as you use words like criminal, compliance, audit, CEO's, executives really care. So the message from the CIO has to be we're doing everything in our power, based on industry standards, to be as secure as we can number one. And number two we have the systems in place that if we are breached, we can detect it as quickly as possible. >> So I was watching CNBC the other day and what you don't want to see as a Board member, every Board members picture from Equifax up there, with the term breach. >> Is that true? >> Yeah, yeah. >> See, but, isn't that different. Like you never, like if we think back on all the big breaches, Target and Sony they were all seminal in their own way. Target was seminal because the CEO got fired. And that was the first time it happened. I think we're going to remember Equifax, I didn't know that about the Board. >> For 50 seconds it was up there. I the sound off. >> You don't want to be a Board member. >> I mean, I hate to say it, but it's got to be great for your business, first of all it's another reason not to be a public company is one more hurdle. But if you are they need help. >> They absolutely need help. And on point I don't want to lose is that what we're seeing with CISO's, Chief Information Security Officers, Is that that role's transcending, that role is actually reporting directly to in to CEO's now. Directly into CFO's now, away from the CIO, because there's some organizational dynamics that keep the CISO from telling, what's really going on. >> Fox in henhouse. >> Exactly. >> You want to separate those roles. You're you're seeing that more often. What percent of the CISO's and CIO's are separate in your experience? >> Organizations that have a mature security program. That have evolved to where it's really a risk-based decision, and then the security function becomes more like risk management, right. Just what you they've been doing for decades. But now you have a choice security person leading that charge. >> So what we really always saying theCUBE, it's not a matter of if, it's when you're going to get infiltrated. Do you feel as though that the Boards and CIO's are transparent about that? Do Boards understand that that it's really the remediation and the response that's most important now, or there's still some education that has to go on there? >> You know, Robert speaks to Boards are the time he can comment on that, but they really want to know two things, how bad is it and how much money do you need. And those are the key questions that's driving from a Board perspective what's going to happen next. >> What's worse that Equifax got breached or that Equifax was breached for months and didn't know about it. I mean, as a Board member the latter is much worse. There's an acceptance like I have a beautiful house and I have big windows a lots of alarms and a dog, not a big dog, but still, I have a dog. >> A yipper. >> Yeah, I have a yipper. It's worse to me if somebody broke into my house, was there for a while and my wife came home at night and the person was still there. That to me is fundamentally worse than getting an alarm and saying, somebody broke the window, went in, stole a picture frame. You're going to get breached, it's how quickly you respond and what the assets are. >> And is it all shapes and sizes, too I mean, we talk about big companies here you've mentioned three but is it the mid-level guys and do smaller companies have the same concerns or same threats and risks right now? >> See these are the you heard about. What about all the breaches you don't know. >> That's the point, how big of a problem are we talking about? >> It's a wide scaling problem right and to the previous question, the value now in 2017, is what is the quality of your intelligence? Like what actions can I take, with the software that you're giving me, or with the service that you're giving me because you could detect all day but what are you going to do about it? And you're going to be held accountable for that. >> I'm watching the service now screen over here and I've seen them flash the stat 191 days to detect an infiltration. >> That sounds optimistic to me. I think most people would be happy with that if they could guarantee that. >> I would think the number's 250 to 300 so that now maybe they're claiming they can squeeze that down but, are you seeing any compression in that number? I mean it's early days I know. >> I think that the industry continues to be extremely complicated. There's a lot of vendors, there's a lot of products. The average Fortune 500 company has 72 security products. There's a stat that RSA this year that there's 1500 new security start ups every year. Every single year. How are they going to survive? And which ones do you have to buy because they're critical and provide valuable insights. And which ones are going to be around for a year or two and you're never going to hear about again. So it's a extremely challenging complex environment. >> From the bad guys are so much more sophisticated going from hacktivists to whatever State sponsored or criminal. >> That's the bottom line, I mean the bad guys are better, the bad guys are winning. The white hats fought their way out to the black hats, right. The white hats are trying, trying hard, we're trying to get organized, we're trying to win battles but the war is clearly won by the by the black hats. And that's something that as an industry we're getting better at working towards. >> Robert, as an investor what's your sentiment around valuations right now and do you feel as though. >> Not high enough. >> Oh boy. >> Managed security companies should be trading way higher value. >> Do you feel like they're somewhat insulated? >> Its a really good question, we're in that space you know we're we're about a $200 million private company. We're the largest privately held, managed security company in the world actually. And so I always think every time we're worth more I think wow, we couldn't be worth more, the market can't get bigger. Because your values always based for potential size. Nobody values you for what you're worth today. Because an investor doesn't buy history an investor doesn't buy present state, an investor buys future state. So if the valuations are increasing, it's a direct correlation because the macro factors are getting bigger. And so the answer to your question is values are going to go up because the market is just going to be fundamentally bigger. Is everybody going to survive? No, but I think you're going to see valuations continue to increase. >> Well in digital business everybody talks about digital business. We look at digital business as how well you leverage data. We think the value of data is going through the roof but I'm not sure customers understand the intrinsic value of the data or have a method to actually value their data. If they did, we feel like they would find it's way more valuable and they need to protect it better. What are you seeing in that regard with customers? >> There's an explosion of data in that with IoT, internet of things, and the amount of additional data that's come now. But, to your point, how do you sequence and label data? That's been a multi-decade old question more organizations struggle with. Many have gone to say that, it's all important so let's protect it all, right. And verses having layers of approach. So, it's a challenging problem, I don't think across all our customer base. That's something that each wrestling with to try to solve individually for their companies. >> Well, I think you also have the reality though of money. So, it's easy to say all the data is important, Structured unstructured, but you look at a lot of the software and tools that you need around this floor are sold to you on a per user or per ingestion model. So, even though all your data is critical. You can't protect all your data. It's like your house, you can't protect every single component of it, you try, and every year gets better maybe get a better alarm maybe I'll get rid the yappy dog and get a Doberman you know you're constantly upgrading. But you can't protect everything, because reality is you still live in an unstructured, unsafe world. >> So is that the complexity then, because the a simple question is why does it take so long to find out if there's something wrong with your house? >> I think it's highly complex because we're dealing with people who are manipulating what we know to their benefit in ways we've never done it. The Wannacry breach was done in a way that had not been done before. If it had done before we could have created some analytics around it, we could created some, you know, metrics around it but these are attacks that are happening in a way we've never seen before and so it's this element of risk and data and then you always have human nature. Gary Moore was that the Council this morning. The writer of Crossing the Chasm, legendary book, and he said something very interesting which was Why do people always get on a flight and say, good luck with the flight, hope you fly safe. But they don't think twice about hopping in their car and driving to the grocery store. Whereas statistically, your odds of dying in that car are fundamentally greater, and it's human nature, it's how we perceive risk. So it's the same with security and data in cyber security. >> As security experts I'm curious and we're here in DC, how much time you think about and what your thoughts might be in the geopolitical implications of security, cyber war, you know it's Stuxnet, fast forward, whatever, ten years. What are you thoughts as security practitioners in that regard? >> The longest and most heated battles in the next World War, will not be on Earth, they'll be in cyberspace. It's accepted as a given. That's the way this Country is moving. That's the way our financial systems are tied together and that's the way we're moving forward. >> It's interesting we had Robert Gates on last year and he was saying you know we have to be really careful because while we have the United States has the best security technologies, we also have the most to lose with our infrastructure and it's a whole new you know gamification or game theory balance we have to play. >> I would agree with him that we have some of the best security technology in the world but I would say that our barometer and our limiter is the freedom of our society. By nature what we love about our country and Canada is that we love freedom. And we love giving people access to information and data and free speech. By nature we have countries that may not have as good a security, but have the ability to limit access to outsiders, and I'm not saying that's good by any means but it does make security a little bit easier from that perspective. Whereas in our system, we're never going to go to that, we shouldn't go to that. So now we have to have better security just to stay even. >> To Dave's point talking about the geopolitical pressures, the regulatory environment being what it is, you know legislators, if they smell blood right, it in terms of compliance and what have you, what are you seeing in terms of that shift focus from the Hill. >> Great question. I did a speech to about two thousand CIO's, CISO's not long ago and I said, how many people in this room buy security to be more secure and how many people buy because you have to be compliant. 50/50, even the security ones admitted that how they got budget was leveraging the compliance guys. It was easier to walk into CEO's office and say look, we have to buy this to meet some kind of a political, compliance, Board issue. Than it was to say this will make us better. Better is a hard sell. So that, has to go to the head to pull the trigger to do some of that. >> You know, I think in this geopolitical environment it's look at the elections, look at all the rhetoric. It's just there is going to be more of that stuff. >> A lot's changed in crypto and its potential applications in security. More money poured into ICO's in the first half than venture backed crypto opportunities. >> There are practical applications of blockchain technology all across the board, right, but as you mentioned is fundamentally built on pathology. On core gut security work and making a community of people decide whether something's authentic or not. It's a game changer, as far what what we could do from a platform standpoint to secure our financial systems and short answer it's volatile. As you saw with the fluctuation of Bitcoin and then the currency of Bitcoin, how it's gone up and down. It's quite volatile right now because there's a lot of risk So I say what's the next Bitcoin in six months or eighteen months and what's going to happen to the old Bitcoin and then all the money that into there, where is that going to go? So that's a discuss the pivot point I think for the financial services industry and more and more their larger institutions are just trying to get involved with that whole network of blockchain. >> Crypto currencies really interesting. In some ways it's the fuel that's funding the cyber security ransomeware. I mean it's one of the easiest ways to send money and be completely anonymous. If you didn't have crypto currency, how would you pay for ransomware? You give them your checking account? You deposit into their checking account? So, I think that you're seeing a big surge of it but if you look at the history of money or even checks, checks were developed by company called Deluxe here in the United States 104 years ago. They're a customer of ours, that's why I know this, but the basis of it is that somebody, a real institution with bricks and mortar and people in suits is backing that check, or that currency. Who's backing crypto currency today? So you have, by nature, you have this element of volatility and I don't know if it's going to make it or it's not going to make it. But inevitably has to cross from a purely electronic crypto form to some element of a note or a tender that I can take from that world and get backing on it. >> That's kind of what Warren Buffet has said about it. I mean I would respond that it's the community, whatever that means, that's backing it. I mean, what backs the greenback, it's the US Government and the US military. It's an interesting. >> Right like, at the end of the day I would still rather take a US dollar than even a Canadian dollar or a UK dollar. >> Gentlemen thanks for being with us. >> Great to see you. >> Thank you for the coffee mug. >> This is incredible. >> There's actually stuff in it too so be careful. >> I drank it is that okay? >> Can I go to the hospital. >> Atif, thanks for the time and Robert good luck with that new dog. (all laughing) >> Don't tell my wife I got rid of her dog. >> In time. >> In time. All things a time, theCUBE continues live here Washington DC at .conf2017 right after this.

>> Live from the Walt Disney World Swan and Dolphin Resort in Orlando, Florida, it's theCUBE, covering Splunk .conf2016. Brought to you by Splunk. Now, here are your hosts John Furrier and John Walls. >> And welcome back here on theCUBE. The flagship broadcast of SiliconANGLE TV where we extract a signal from the noise. We're live at conf2016 here in Orlando, Florida on the show floor. A lot of activity, a lot of excitement, a lot of buzz and a really good segment coming up for you here. Along with John Furrier, I'm John Walls and we're joined by two gentlemen from the Herjavec Group, Robert Herjavec. Good to see you, sir. >> Greetings. Thank you for having us. >> The CEO, and Atif Ghauri is Senior VP at Herjavec. Good to see you, sir. >> Yes. >> First off, Robert, congratulations. Newly married, your defense was down for a change. Congratulations on that. (laughter) >> Oh thank you. It was wonderful. It was a great wedding, lots of fun but casual and just a big party. >> Yeah, it was. Looked like, pictures were great. (laughter) People obviously know you from Shark Tank. But the Herjavec Group has been, really, laser focused on cyber security for more than a decade now. Tell us a little bit about, if you would, maybe just paint the broad picture of the group, your focus, and why you drilled down on cyber. >> Yeah, I've been in the security business for about 30 years. I actually helped to bring a product called CheckPoint to Canada firewalls, URL filtering, and that kind of stuff. And we started this company 12 years ago, and our vision was to do managed services. That was our vision. No other customer's vision, but our vision. And we thought we'd do $5 million in sales in our first year and we did $400000. The market just wasn't there. SIEM technology, log aggregation isn't what it is today. I mean, I think at the time, it was enVision. What was it called? >> Yeah, enVision. >> enVision. And then RSA bought them. That was really the first go-to-market SIEM. Then you had ArcSight and Q1. So our initial business became around log aggregation, security, writing parsers. And then over time it grew. It took us five years to get to $6 million in sales, and we'll do about $170 million this year. We went from a Canadian company to really a global entity. We do a lot of business in the States, UK, Australia, everywhere. >> But you're certainly a celebrity. We love havin' you on theCUBE, our little Shark Tank in and of itself. But you're also an entrepreneur, right? And you know the business, you've been in software, you've been in the tech business, so you're a tech athlete, as we say. This world's changing right now. And I'm certain you get a lot of pitches as entertainment meets business. But the fact that the entrepreneurial activity, certainly in the bay area and San Francisco, the Silicon Valley, where I live, and all around the world, is really active. Whether you call the programmer or culture or just the fact that the cloud is allowing people to start companies, you're seeing a surge in entrepreneurship in the enterprise. (laughs) Which is like, was boring in the past, you know? You just mentioned CheckPoint in the old days, but now it's surging. Your thoughts on the entrepreneurial climate? >> I dunno if the enterprise entrepreneurship element is surging. By the way, I'm going to say intrepreneur, just the way I say it. Cuban always makes fun of me. (laughter) We don't say it like that in America! I'm like, screw off! (laughter) >> That's how you say it! >> I want to say it the way I want to say it. >> Well, internal entrepreneurs, right? Is that what you mean by intrepreneurship? >> Well, no. I'm just, it's just the way I say it. >> It's a Canadian thing. >> But business to business enterprise, we've always been in the enterprise business. So we're seeing a lot of growth in that area, a lot of VC money's going into that area, because it's more, you know, you can measure that level of return and you can go and get those customers. But on our show, we're a bubble. We don't do a lot of tech deals like we're talking because it's boring TV. Tech people love tech, consumers love the benefit of tech. You know, no consumer opens up their iPhone and says, oh my gosh, I love the technology behind my iPhone. They just love their iPhone. And our show is really a consumer platform that is-- >> It's on cable TV, so it's got a big audience. So you got to hit the wide swath-- >> We're one of the highest-rated shows on network television. Eight years, three Emmys. You know, it's a big show now. And what we've all learned is, because Mark Cuban and I are tech guys, we used to look for stuff we know. We don't invest in stuff we know any more. We invest in slippers, ugly Christmas sweaters, food products, because if you can tap into that consumer base, you're good to go. >> So bottom line, has it been fun for you? I mean, the show has been great. I mean, obviously the awards have been great. Has it been fun for you? What's it been like, what's the personal feeling on being on the Shark Tank. >> You know, filming is fun, and hanging out is fun, and it's fun to be a celebrity at first. Your head gets really big and you get really good tables at restaurants. There's no sporting venue-- >> People recognize you. >> Yeah. >> You get to be on theCUBE. (laughter) >> I get be on theCUBE. >> Doesn't happen every day. >> You get to go everywhere. But after a while it gets pretty dry. But it really helps our brand. We compete, typically, against IBM, Verizon, and you know, the CEO of IBM, you're not going to see him selling his security. >> Well I know they're doin' a lot, spending a lot of cash on Watson, trying to get that to work, but that's a whole 'nother story. But let's get down and dirty on Splunk. You're here because you're doin' a talk. Give a quick take on what you're talking about, why are you here at .conf for Splunk? >> Yeah, we're doing a talk on data transformation. The world today is about data. And the amount of data points and access points and the internet of things, it's just exponential growth. The stat I always love, and Atif's heard it 1000 times is, there's roughly three billion people on the internet today, and there's roughly six billion or seven billion IP addresses. By 2020, according to the IPV Committee, there'll five, six billion people connected. And hundreds of trillions of IP addresses. >> And the IoT is going to add more surface area to security attacks. I mean, it used to be, the old days, in CheckPoint, the moat, the firewall, backdoor, frontdoor. >> The idea of the perimeter is gone now. There is no such thing as a perimeter any more, because everything you can access. So a lot of work in that area. And all of that comes to data and log aggregation. And what we've seen for years is that the SIEM vendors wanted to provide more analytics. But if you really think about it, the ultimate analytics engine is Splunk. And Splunk now, with their ESM module, is moving more into the security world and really taking away market share. So we're very excited by, we have a great relationship with the Splunk guys, we see nothing but future growth. >> And you're using Splunk and working with it with your customers? >> We do, we've been using Splunk for a while. We have a private cloud. Tell us a little bit about that. >> Yeah, so we eat our own dog food. So not only do we sell Splunk, but we also use it in-house. We've been usin' it for over five years, and it powers our analytics platform, which is a fancy way to say, reduces the noise from all the different clutter from all the IoT, from all the different type of alerts that are comin' in. Companies need a way to filter through all that noise. We use Splunk to solve that problem for us internally, and then, of course, we sell it and we manage it for Global 2000 customers, Fortune 100 companies all over the world. >> Tell us what about the role of data, 'cause data transformation has been a big buzzword it's a holistic message around businesses digitizing and getting digital assets in front of their customers. We have a big research division that does all of this stuff. By the end of the day, you know, the digitization business means you're going to have to go digital all the way. And role of data is not the old data warehousing days, where it's fenced away, pull it in, now you need data moving around, you need organic sharing of data, data's driving policies and new pattern recognitions for security. How do you guys see that evolving? How do you talk to your customers, because in a way, the old stuff can work if you use the data differently. We're seeing a pattern, like, hey, that's an algorithm I used 10 years ago. But now, with new data, that might be workable. What are some of the things that you're seeing now that customers are doing that you talk to that are leveraging data, like Splunk, in a new way? >> Well, that's really where Splunk adds so much value, because a friend of mine is the dean of USC. And he has a great saying, more data is not necessarily more information. And so, the mistake that we see customers making a lot is they're collecting the data, but they're not doing the right things with it. And that's really where Splunk and that level of granularity can add tremendous value, not just from logging, but from analytics and going upstream with it. >> Yeah, and also, to that point, it's just automation. There's too much data >> That's a great point. >> And it's only going to get bigger, right, based on that stat Robert rattled off. Now, we need some machine learning analytics to move it further. And all points aside, machine learning isn't where it needs to be right now. Today in the market, it still has a long way to go. I would call it a work in progress. But however, it's the promise, because there's too much data, and to secure it, to automate behavior, is really what what we're looking for. >> The example I saw is the innovation strategy's comin' to take, and they're growin' with mobility, growin' with cloud, increase the surface area, IoT. But the supervised areas of the enterprise were the doors, right? Lock the doors. And perimeter is now dead. So now you have an unsupervised environment and the enterprise at risk. Once the hackers get in, they're havin' their way. >> The internet is, like, a kindergarten playground where there are no rules and the teacher went home at lunch. (laughter) That is the internet. And kids are throwin' crap. >> And high school. I think it would be high school. Kindergarten through high school! >> And you have different-aged kids in there. >> It's chaos, bedlam! >> Very well said. The internet is chaos, but by nature, that's what we want the internet to be. We don't want to control the chaos because we limit our ability to communicate, and that's really the promise of the internet. It's not the responsibility of the internet to police itself, it's the responsibility of each enterprise. >> So what new things are happening? We're seeing successes. Certainly, we're reporting on companies that are being successful are the ones that are doing reverse of what was once done, or said differently, new ways of doing things. Throwin' out kind of tryin' to do a hybrid legacy approach to security, and seeing the new ways, new things, new better cat and mouse games, better honeypots, intelligent fabrics. What do you guys recommend to your customers and what do you see, in your talk, this digital transformation's definitely a real trend, and security is the catastrophic time bomb that's ticking for all customers. So that's, it dwarfs compliance, risk management, current... >> Well, I dunno if that's necessarily true, that it's a time bomb. You know, the number one driver for security, still, is compliance. We sell stuff people don't really want to buy. Nobody wakes up and the morning and says, yeah, I want to go spend another $5 million on security. They do it, frankly, because they have to. If none of their competitors were spending money on security, I don't think most enterprises would. I mean, whenever you have to do something because it's good to do, you have a limited up cycle. When you do something because there's a compliance reason to do it, or bad things happen to you, you're really going to do it. >> So you think there's consumer pressure, then, to have to do this, otherwise-- >> Interesting stat, the Wall Street Journal did a study and asked 1000 people on a street corner in New York if, for a hamburger, they will give away their social insurance number, their home number, and their name. 72% of people gave out that information freely. >> Better be a good hamburger. (laughs) >> Back to your point, though, I want to get a-- >> So I think consumers have an expectation of security, and how they police that is they simply go to somebody else. So if you're my retailer and you get breached, you know what I'm going to do? I'm going to go next door. But I think that the average consumer's expectation is, security's your responsibility, not mine. >> Okay, so on the B to B side, let's get that. I wanted to push you on something I thought I kind of disagreed with. If compliance, I agree, compliance has been a big part of data governance and data management. >> Yeah, PCI has been the biggest driver in security in the last five years. >> No doubt. However, companies are now sharing data more with other companies. Financial institutions are sharing core data with other financial institutions, which kind of teases out the trend of, I'll give you some of my data to get, to fight the fraud detection market because it's a $1 trillion problem. So as you start to see points of growth where, okay, you start to see people go outside their comfort zone on compliance to share data. So we're tryin' to rationalize that. Your thoughts? I mean, is that an indicator? Do you see that as a trend, or, I mean, obviously locking down the data would be, you know. >> I think it's challenging. I mean, we were at the president's council on security last year at Stanford. And you know, President Obama got up there, made some passionate speech about sharing data. For the goodness of all of us, we need to share more data and be more secure. I got to tell you, you heard that speech and you're like, yeah baby, I'm going to share my data, we're all going to work together. Right after him, Tim Cook got up there (laughter) and said, I will never share my data with anybody in the government! And you heard him, and you're like, I am never sharing my data with anybody. >> Well there's the tension there, right? >> Well, this is a natural-- >> Natural tension between government and enterprise. >> Well, I think there's also a natural tension between enterprises. There's competitive issues, competitor pressures. >> Apple certainly is a great case. They hoard their data. Well, this is the dilemma, right? You want to have good policy, but innovation comes from experimentation. So it's a balancing act between what do you kind of do? How do you balance-- >> Yeah, it's a great time to be in our space. I mean, look at this floor. How many companies are here? Splunk is growing by 30%, the show itself, 30% per year. They're going to outgrow this venue next year and they're going to go, probably, Vegas or somebody. I think that's exciting. But these are all point products. The fastest-growing segment in the computer business is managed services, because the complexity in that world is overwhelming, and it's extremely fragmented. There's no interlinking. >> Talk about your business in there right now. What are you guys currently selling, how many employees do you have, what's the revenues like, what's the product mix? >> Yeah, so we are a global company. So we have 10 offices worldwide and close to 300 employees. We're one of the fastest-growing companies in North America. We sell, our focus is managed security services. We do consulting as well as incident response remediation, but the day-to-day, we want your logs, we want to do monitoring, we want to help with-- >> So you guys come in and do deployments and integration and then actually manage security for customers? >> We do the sexy of gettin' it in, and then we also do the unsexy of managing it day-to-day. >> Atif, nothing unsexy about our work. (laughter) >> It's all sexy, that's what theCUBE show's about. >> It's all sexy! >> That's why theCUBE's a household name. We have celebrities coming on now. Soon we'll be on cable. >> That's right! This will be a primetime show. (laughter) >> Before we know it! >> That's funny, I got approached by a network, I can't tell you who, big network with a big producer to do a cybersecurity show. And so, they approached me and they said, oh, we think it's going to be so hot. It's such a topical thing. So they spent a day with me and our team to watch what we do. There is no cybersecurity show! (laughter) They're like, do you guys do anything besides sit on the computer? >> You have a meeting and you look at the monitor. It's not much of a show. >> Does anybody have a gun?! (laughter) >> It's not great for network TV, I think. >> Build a wall. >> Someone has to die in the end. That has to be network TV. And yeah, but I mean, there's a problem. There's 1.4 million cyber jobs open right now. And that's not even including any data science statistics. So you know, so we're reporting that-- >> I'm sure it's the same thing in data science. >> Same problem. How do you take a high skill that there's not enough talent for, hopefully, computer science education, all that stuff happens, and automate it. So your point about automation. This is the number one problem. How do you guys advise clients what the hell do they do? >> You know, automation's tough. We just had this meeting before we got on here, because in our managed service, it's people-driven. We want to automate it. But there's only a certain amount of automation you can do. You still need that human element. I mean, if you can automate it, somebody can buy a product and they're secure. >> Machine learning isn't where it's supposed to be. Every vendor aside, machine learning's not where it needs to be, but we're getting there. Having succinct automation helps solve the cybersecurity labor shortage problem, because the skill level that you hire at can go lower. So you reduce the learning curve of who you need to hire, and what they do. >> That's a great point. I think the unsupervised machine learning algorithms are going to become so much smarter with the Splunk data, because they are, that's a tough nut to crack because you need to have some sort of knowledge around how to make that algorithm work. The data coming in from Splunk is so awesome, that turns that into an asset. So this is a moving train. This is the bigtime. Okay, go step back for a second, I want to change gears. Robert, I want to get your thoughts, because since you're here and you do a lot of, you know, picking the stocks, if you will, on Shark Tank, in the tech world, our boring tech world that we love, by the way. >> We love it too. >> How do you, as someone who's got a lot of experience in cycles of innovation, look at the changing digital transformation vendor landscape, Splunk, companies like Oracle tryin' to transform, Dell bought EMC, IBM's pivoting, Amazon is booming. How do you look at the new digital enterprise, and how do you look at that from, if you're a customer, an investor, where's the growth stocks, where's the growth companies, what's the growth parameters, what's your thoughts? >> One of the reasons a lot of our industry, why I got into tech was I had no money, my dad worked in a factory, my mom was a receptionist. And the old adage is, to make money, you need money. To get ahead, it's not what you know, it's who you know. I didn't know anybody. And the value of tech is tech transforms every three years. We follow these cycles where we eat our own young and we throw away stuff that doesn't add value. Tech is the great equalizer, 'cause if you don't add value, nobody cares. And you know, when I'm starting out as a guy with a small company, I love that! We're going to kick ass, we're going to add value. Now that we're a little bigger-- >> Well, when you're a young company you can eat someone's lunch, because if they're not paying attention, you can come in and-- >> For sure. It gets harder as you get bigger because now we're the big guys that somebody in their basement's tryin' to take out. But you know, we see tremendous innovation in security. If you look back three years, who were the leaders in the SIEM space? ArcSight, Q1, Nitro to a lesser degree, and enVision. Today, does RSA have a strategy around a SIEM? They have Netwitness, you know, security analytics, which is kind of a SIEM. Q1 is in the throes of the IBM machine, somewhere in their gut, nobody knows. ArcSight, who buys ArcSight anymore? It's so complicated. Who's the leader? Splunk! >> So back to the old classic team. Obviously, you have good people on the management team. Product matters now, in tech, doesn't it? More than ever. Obviously, balance sheet. Okay, let's get back to the data transformation. So you know, data is so critical now, and again, it's more from that data warehouse, which still is around, but to real-time data having value, moving it into different applications. Question is, how do you value data? I mean, you can't put it on the balance sheet. I mean, people value factories. GE said, we have all this investment in machines and assets. They worry about someone getting their data and doing a judo move on them. So data is truly an asset that's flying out of their network. How does companies value data? Can it ever be on the balance sheet? How do you look at that? >> I don't think data, in of itself, has any value. It's the effect of the data that has the value. And it's a very singular, it's what somebody does to it. Whatever the data is worth to you, from a business perspective, it's worth fundamentally more to an outside bad party because they can package that data and sell it to a competitor, a foreign government, all those kind of places. So it's the collection of raw data and applying it to something that has meaning to a third party. >> So it's like thermodynamics, really. Until it's in motion, it's really not worth anything. I mean, that's what you're saying. Data's data until it's put to work. >> Right, I don't think you're ever going to see it on a balance sheet as a hard, core value, because it has to have a transformative value. You have to do something with it. It's the something. >> So pretend you're in Shark Tank and you're a data guy, and you say, boss, I need more budget to do security, I need more budget to expand our presence. And the guy says sorry, I need to see some ROI on that data. Well, I just have a gut feeling that if we move the data around, it's going to be worth something. Oh, I pass. You can't justify the investment. So a lot of that, I mean, I'm oversimplifying it, but that's kind of like a dialogue that we hear in customers. How do you get that-- >> What I always tell CIOs and CCOs, it's challenging to get budget to do a good thing or the right thing. It's easier to get budget to do the necessary thing. And so, necessary is defined by the nature of your business. So if you make widgets and you want to get more budget to protect the widgets, no one cares. No one's sitting around, and like oh, are my widgets safe? They are, to certain degree, and they'll have limited budget for that. But if you go to them and say, you know what, we have a risk that if somebody can attack our widgets, we're going to be down for three days. And being down for three days or three hours has a dollar cost of $5 million. I need an extra $2.5 million to protect that from happening. As a business guy and a CEO, I understand that. >> That's great advice. >> And that's the biggest challenge, still, with security people is, we're technical people. We're not used to talking to business guys. >> It's like house insurance, in a way, or insurance. You invest this to recover that. >> It's a great analogy. You know, I used to race cars, and I had a life insurance premium for key man insurance. And my insurance agent comes along and says, you should buy a bigger policy. I'm like, I don't need a bigger policy. It's so much money, we're okay. And then he says to me, you know, if you die in a racecar, I'm not sure you're covered. (laughter) But if you pay me another $10000 a year in coverage, you're covered. Did I buy it? Absolutely. And it's the same analogy. >> That's very necessary. Personal question for you. So if you're, your dad had a factory, you mentioned. I saw that you mentioned that earlier. If he had a factory today in a modern era of IoT, and you were going to give him a digital transformation consulting project, how would you advise him? Because a lot of people are taking their analog business and kind of digitizing it. Some already have sensors in there. So you see it in manufacturing, and certainly, the industrial aspect of IoT has been a big deal. How would you advise your dad building a factory today? >> Yeah, so I think there's two aspects to it. One is just, you know, everything we've been talking about, data transformation, data analytics, making things better, none of those things are possible unless you're actually collecting the data. It's like, customers come to us and say, you know what, we don't want you to just manage our logs and tell us what's going on, we want higher-level value. And I'm like, no, I get that, but unless you're actually aggregating the logs, none of the upstream stuff matters. So first thing is, you have collect the data. Whether that's sensors, old devices, mechanical devices, and so on. The second part of it is, the minute you open up your factory and open up the mechanical devices and attach them to a PC or anything that's network-based, you're open for risk. And so, we're seeing that now in utilities, we're seeing that with gas companies, oil companies. You know, up until a few years ago, you couldn't physically change the flow of a pipeline, unless there was a physical connection, a mechanical on-off. It was very binary. Today, all those systems are connected to the internet. And it saves companies a lot of money 'cause they can test them and stuff. But they're also open to hackers. >> Bigtime. >> Well gentlemen, we appreciate the time. >> Thank you. >> And who says tech hasn't got a little pizazz, I mean-- (laughter) >> Come on, I was on Dancing with the Stars, that's a lot of pizazz! >> It's been great! >> You guys are exciting, but you are, no! >> Dancing with the Stars, of course! >> All right. >> Thank you very much. >> Well, thanks for bein' in theCUBE Tank, we appreciate that. >> Thank you. >> Don't call us, we'll call you. (laughter) Gentlemen, thank you very much. >> We're booked, maybe we can get you on next time. >> Okay, we're out. >> .conf2016, CUBE coverage continues live from Orlando. (electronic jingle)

>>Welcome back to the cubes coverage here in Washington D. C. For a W. S. Public sector summit. I'm john fraser host of the queues and in person event but of course we have remote guests. It's a hybrid event as well. Amazon is streaming amazon web services, streaming all the teams, some of the key notes of course all the cube interviews are free and streaming out there as well on the all the cube channels and all the social coordinates. Our next guest is Melissa Pavlik President and Ceo POV con joining me here to talk about predictive maintenance, bringing that to life for the U. S. Air Force melissa. Thanks for coming in remotely on our virtual cube here at the physical event. >>Excellent, thank you. Good morning >>Show. People have been been um face to face for the first time since 2019. A lot of people remote calling in checking things out kind of an interesting time, right? We're living in so uh what's your, what's your take on all this? >>Sure. I mean it's a new way of doing business, right? Um I will say, I guess for us as a company we always have been remote so it's not too much of a change but it is definitely challenging, especially trying to engage with such a large user community such as the United States Air Force who isn't always used to working as remotely. So it's definitely a unique challenge for sure. >>Well let's get into, I love this topic. You had a real success story. There is a case study with the U. S. Air Force, what's the relationship take us through what you guys are doing together? >>Sure. Absolutely. So we started working with the Air Force now about five years ago on this subject and predictive maintenance. Sometimes you might hear me catch myself and say CBM plus condition based maintenance. They're synonymous. They mean the exact same thing basically. But about five years ago the Air Force was contemplating how do we get into a space of getting ahead of unscheduled maintenance events? Um if the military they're big push always his readiness how do we improve readiness? So to do that it was a big ask of do we have the data to get ahead of failures? So we started on this journey about five years ago as I said and frankly we started under the radar we weren't sure if it was going to work. So we started with two platforms. And of course when I think a lot of people here predictive maintenance, they immediately think of sensor data and sensors are wonderful data but unfortunately especially in an entity such as the Air Force not all assets are censored. So it also opened up a whole other avenue of how do we use the data that they have today to be able to generate and get ahead of failures. So it did start a really great partnership working not only with the individual, I'll say Air Force entities that Air Force Lifecycle Management Center but we also worked across all the major commands, the individual units, supply control, logistics and everyone else. So it's been a really great team effort to bring together all of those but typically would be rather segregated operations together. >>Yeah, they're getting a lot of props lately on a lot of their projects across the board and this one particular, how did you guys specifically help them modernize and with their and get this particular maintenance thing off the ground? >>Absolutely. I think quite simply it was what really we put their existing data to work. We really wanted to get in there and think about they already had a ton of data. There wasn't a need to generate more. We're talking about petabytes of information. So how do we use that and put it into a focus of getting ahead of failure? We said we established basically three key performance parameters right from the beginning it was, we knew we wanted to increase availability which was going to directly improve readiness. We needed to make sure we were reducing mission aborts and we wanted to get ahead of any kind of maintenance costs. So for us it was really how do we leverage and embrace machine learning and ai paired with just big data analytics and how do we take frankly what is more of a World War Two era architecture and turn it into something that is in the information age. So our modernization really started with how do we take their existing data and turn it into something that is useful and then simultaneously how do we educate the workforce and helping them understand what truly machine learning and AI offer because I think sometimes there's everyone has their own opinions of what that means, but when you put it into action and you need to make sure that it's something that they can take action on, right, it's not just pushing a dot moving numbers around, it's really thinking about and considering how their operations are done and then infusing that with the data on the back end, >>it's awesome. You know the old workflows in the cloud, this is legit, I mean physical assets, all kinds of things and his legacy is also but you want the modernization, I was gonna ask you about the machine learning and ai component, you brought that up. What specifically are you leveraging their from the ai side of the machine learning side? >>Absolutely for us, most and foremost we're talking about responsible a i in this case because unfortunately a lot of the data in the Air Force is human entry, so it's manual, which basically means it's open and rife for a lot of error into that data. So we're really focused heavily on the data integrity, we're really focused on utilizing different types of machine learning because I think on the surface the general opinion is there's a lot of data here. So it would open itself naturally into a lot of potential machine learning techniques, but the reality situation is this data is not human understandable unless you are a prior maintainer, frankly, it's a lot of codes, there's not a whole lot of common taxonomy. So what we've done is we've looked at those supervised and unsupervised models, we've taken a whole different approach to infusing it with truly, what I would say arguably is the most important key element, domain expertise. You know, someone who actually understands what this data means. So that way we can in in End up with actionable output something that the air force can actually put into use, see the results coming out of it. And thus far it's been great. Air mobility command has come back and said we've been able to reduce their my caps, which are parts waiting for maintenance by 18%. That's huge in this space. >>Yeah, it's interesting about unsupervised and supervised machine learning. That's a big distinct because you mentioned there's a lot of human error going on. That's a big part. Can you explain a little bit more because that was that to solve the human error part or was it the mix and match because the different data sets, but why the why both machine learning modes. >>So really it was to address both items frankly. When we started down this path, we weren't sure we were going to find right, We went in with some hypotheses and some of those ended up being true and others were not. So it was a way for us to quickly adjust as we needed to again put the data into actionable use and make sure we were responsibly doing that. So for us a lot of it, because it's human understanding and human error that goes into this natural language processing is a really big area in this space. So for us, adjusting between and trying different techniques is really where we were able to discover and find out what was going to be the most effective and useful in this particular space as well as cost effective. Because for us there's also this resistance, you have to have resist the urge to want to monitor everything. In this case we're talking about really focusing on those top drivers and depending on the type of data that we had, depending on the users that we knew were going to get involved with it as well as I would say, the historical information, it really would help us dictate on supervised versus supervised and going the unsupervised route. In some cases there's just still not ready for that because the data is just so manual. Once we get to a point where there is more automation and more automated data collection, unsupervised will definitely no doubt become more valuable right now though, in order to get those actionable. That supervised modeling was really what we found to be the most valuable >>and that makes total sense. You've got a lot of head room to grow into with Unsupervised, which is actually harder as you as you know, everyone, everyone everyone knows that. But I mean that's really the reality. Congratulations. I gotta ask you on the AWS side what part do they play in all this? Obviously the cloud um their relationship with the Air Force as well, what's their what's their role in this particular maintenance solution? >>Sure, absolutely. And I'll just say, I mean we're really proud to be a partner network with them and so when we started this there was no cloud, so today a lot of opportunity or things we hear about in the Air Force where like cloud one platform one, those weren't in existence, you know, five years ago or so. So for us when we started down this path and we had to identify very quickly a format and a host location that would allow us not only handle large amounts of data but do all of the deep analysis we needed to AWS GovCloud is where that came in. Plus it also is awesome that they were already approved at I. L. Five to be able to host that we in collaboration with them host a nist 801 +71 environment. And so it's really allowed us to to grow and deliver this this impact out over 6000 users today on the Air Force side. So for us with a W. S. Has been a great partnership. They obviously have some really great native services that are inside their cloud as well as the pairing and easy collaboration among not only licensed products but also all that free and open source that's out there because again, arguably that's the best community to pull from because they're constantly evolving and working in the space. But a W has been a really great partner for us and of course we have some of our very favorite services I'm happy to talk about, but they've been really great to work with >>what's the top services. >>So for us, a lot of top services are like ec two's work spaces, of course S three and Glacier um are right up there, but you really enjoy working across glue Athena were really big on, we find a commercial service we're looking for that's not yet available in Govcloud. And we pull in our AWS partners and ask, hey, you know when it's going to get into the gulf cloud space and they move pretty quickly to get those in there. So recent months are definitely a theme in blue. Well, >>congratulations, great solution, I love this application because it highlights the power of the cloud, What's the future in store for the U. S. Air Force when it comes to predictive maintenance. >>Sure. I mean, I think at this point they are just going to continue adding additional top driver analyses you through our work for the past couple years. We've identified a lot of operational and functional opportunities for them. So there's gonna be some definitely foundational changing coming along, some enabling new technologies to get that data integrity more automated as well so that there isn't such a heavy lift on the downstream, we're talking about data cleansing, but I think as far as predictive maintenance goes, we're definitely going to see more and more improvements across the readiness level, getting rid of and eliminating that unscheduled event that drives a lot of the readiness concerns that are out there. And we're also hoping to see a lot more improvement and I'd say enhancement across the supply chain because we know that's also an area that really they could get ahead on your part of our other work as we developed a five year long range supply forecast and it's really been opening some eyes to see how they can better plan, not only on the maintenance side but also supporting maintenance from a logistics and supply, >>great stuff melissa. Great to have you on President Ceo Path Con, you're also the business owner. Um how's things going with the business? The pandemic looks like I'm gonna come out of it stronger. Got the tailwind with cloud technology. The modernization boom is here in, in Govcloud, 10 years celebrating Govcloud birthday here at this event. How's business house? How are you doing >>good. Everything has actually been, we were, I guess fortunate, as I mentioned the very beginning, we were remote companies. So fortunately for us the pandemic did not have that much of an operational hiccup and being that a lot of our clients are in the federal space, we were able to continue working and amazingly we actually grew during the pandemic. We added quite a bit of a personnel to the team and so we're looking forward to doing some more predictive maintenance across, not only explaining the Air Force but the other services as well. >>You know, the people who were Agile had some cloud action going on, we're productive and they came out stronger melissa. Great to have you on the cube. Thank you for coming in remotely and joining our face to face event from the interwebs. Thank you so much for coming on cuba >>All right, thank you, john have a great rest of your day. >>Okay. I'm john for here at the cube with a W. S. Public sector summit in person and remote bringing guest on. We've got the new capability of bringing remotes in. We do in person. I'll see you face to face hear the cube and it's like to be here at the public sector summit. Thanks for watching. Mhm. Mhm >>robert, Herjavec

>>text, you know, consumer opens up their iphone and says, oh my gosh, I love the technology behind my eyes. What's it been like being on the shark tank? You know, filming is fun, hang out, just fun and it's fun to be a celebrity at first your head gets really big and you get a good tables at restaurants who says texas has got a little possess more skin in the game today in charge of his destiny robert Hirschbeck, No stars. Here is CUBA alumni. Yeah, okay. >>Hi. I'm john Ferry, the co founder of silicon angle Media and co host of the cube. I've been in the tech business since I was 19 1st programming on many computers in a large enterprise and then worked at IBM and Hewlett Packard total of nine years in the enterprise brian's jobs from programming, Training, consulting and ultimately as an executive salesperson and then started my first company with 1997 and moved to Silicon Valley in 1999. I've been here ever since. I've always loved technology and I love covering you know, emerging technology as trained as a software developer and love business and I love the impact of software and technology to business to me creating technology that starts the company and creates value and jobs is probably the most rewarding things I've ever been involved in. And I bring that energy to the queue because the Cubans were all the ideas are and what the experts are, where the people are and I think what's most exciting about the cube is that we get to talk to people who are making things happen, entrepreneur ceo of companies, venture capitalists, people who are really on a day in and day out basis, building great companies and the technology business is just not a lot of real time live tv coverage and, and the cube is a non linear tv operation. We do everything that the T. V guys on cable don't do. We do longer interviews. We asked tougher questions, we ask sometimes some light questions. We talked about the person and what they feel about. It's not prompted and scripted. It's a conversation authentic And for shows that have the Cube coverage and makes the show buzz. That creates excitement. More importantly, it creates great content, great digital assets that can be shared instantaneously to the world. Over 31 million people have viewed the cube and that is the result. Great content, great conversations and I'm so proud to be part of you with great team. Hi, I'm john ferrier. Thanks for watching the cube. >>Hello and welcome to the cube. We are here live on the ground in the expo floor of a live event. The AWS public sector summit. I'm john for your host of the cube. We're here for the next two days. Wall to wall coverage. I'm here with Sandy carter to kick off the event. Vice president partner as partners on AWS public sector. Great to see you Sandy, >>so great to see you john live and in person, right? >>I'm excited. I'm jumping out of my chair because I did a, I did a twitter periscope yesterday and said a live event and all the comments are, oh my God, an expo floor a real events. Congratulations. >>True. Yeah. We're so excited yesterday. We had our partner day and we sold out the event. It was rock them and pack them and we had to turn people away. So what a great experience. Right, >>Well, I'm excited. People are actually happy. We tried, we tried covering mobile world congress in Barcelona. Still, people were there, people felt good here at same vibe. People are excited to be in person. You get all your partners here. You guys have had had an amazing year. Congratulations. We did a couple awards show with you guys. But I think the big story is the amazon services for the partners. Public sector has been a real game changer. I mean we talked about it before, but again, it continues to happen. What's the update? >>Yeah, well we had, so there's lots of announcements. So let me start out with some really cool growth things because I know you're a big growth guy. So we announced here at the conference yesterday that our government competency program for partners is now the number one industry in AWS for are the competency. That's a huge deal. Government is growing so fast. We saw that during the pandemic, everybody was moving to the cloud and it's just affirmation with the government competency now taking that number one position across AWS. So not across public sector across AWS and then one of our fastest growing areas as well as health care. So we now have an A. T. O. Authority to operate for HIPPA and Hi trust and that's now our fastest growing area with 85% growth. So I love that new news about the growth that we're seeing in public sector and all the energy that's going into the cloud and beyond. >>You know, one of the things that we talked about before and another Cuban of you. But I want to get your reaction now current state of the art now in the moment the pandemic has highlighted the antiquated outdated systems and highlighted help inadequate. They are cloud. You guys have done an amazing job to stand up value quickly now we're in a hybrid world. So you've got hybrid automation ai driving a complete change and it's happening pretty quick. What's the new things that you guys are seeing that's emerging? Obviously a steady state of more growth. But what's the big success programs that you're seeing right now? >>Well, there's a few new programs that we're seeing that have really taken off. So one is called proserve ready. We announced yesterday that it's now G. A. And the U. S. And a media and why that's so important is that our proserve team a lot of times when they're doing contracts, they run out of resources and so they need to tap on the shoulder some partners to come and help them. And the customers told us that they wanted them to be pro served ready so to have that badge of honor if you would that they're using the same template, the same best practices that we use as well. And so we're seeing that as a big value creator for our partners, but also for our customers because now those partners are being trained by us and really helping to be mentored on the job training as they go. Very powerful program. >>Well, one of the things that really impressed by and I've talked to some of your MSP partners on the floor here as they walk by, they see the cube, they're all doing well. They're all happy. They got a spring in their step. And the thing is that this public private partnerships is a real trend we've been talking about for a while. More people in the public sector saying, hey, I want I need a commercial relationship, not the old school, you know, we're public. We have all these rules. There's more collaboration. Can you share your thoughts on how you see that evolving? Because now the partners in the public sector are partnering closer than ever before. >>Yeah, it's really um, I think it's really fascinating because a lot of our new partners are actually commercial partners that are now choosing to add a public sector practice with them. And I think a lot of that is because of these public and private partnerships. So let me give you an example space. So we were at the space symposium our first time ever for a W. S at the space symposium and what we found was there were partners, they're like orbital insight who's bringing data from satellites, There are public sector partner, but that data is being used for insurance companies being used for agriculture being used to impact environment. So I think a lot of those public private partnerships are strengthening as we go through Covid or have like getting alec of it. And we do see a lot of push in that area. >>Talk about health care because health care is again changing radically. We talked to customers all the time. They're like, they have a lot of legacy systems but they can't just throw them away. So cloud native aligns well with health care. >>It does. And in fact, you know, if you think about health care, most health care, they don't build solutions themselves, they depend on partners to build them. So they do the customer doesn't buy and the partner does the build. So it's a great and exciting area for our partners. We just launched a new program called the mission accelerator program. It's in beta and that program is really fascinating because our healthcare partners, our government partners and more now can use these accelerators that maybe isolate a common area like um digital analytics for health care and they can reuse those. So it's pretty, I think it's really exciting today as we think about the potential health care and beyond. >>You know, one of the challenge that I always thought you had that you guys do a good job on, I'd love to get your reaction to now is there's more and more people who want to partner with you than ever before. And sometimes it hasn't always been easy in the old days like to get fed ramp certified or even deal with public sector. If you were a commercial vendor, you guys have done a lot with accelerating certifications. Where are you on that spectrum now, what's next? What's the next wave of partner onboarding or what's the partner trends around the opportunities in public sector? >>Well, one of the new things that we announced, we have tested out in the U. S. You know, that's the amazon way, right, Andy's way, you tested your experiment. If it works, you roll it out, we have a concierge program now to help a lot of those new partners get inundated into public sector. And so it's basically, I'm gonna hold your hand just like at a hotel. I would go up and say, hey, can you direct me to the right restaurant or to the right museum, we do the same thing, we hand hold people through that process. Um, if you don't want to do that, we also have a new program called navigate which is built for brand new partners. And what that enables our partners to do is to kind of be guided through that process. So you are right. We have so many partners now who want to come and grow with us that it's really essential that we provide a great partner, experienced a how to on board. >>Yeah. And the A. P. M. Was the amazon partner network also has a lot of crossover. You see a lot a lot of that going on because the cloud, it's you can do both. >>Absolutely. And I think it's really, you know, we leverage all of the ap in programs that exist today. So for example, there was just a new program that was put out for a growth rebate and that was driven by the A. P. N. And we're leveraging and using that in public sector too. So there's a lot of prosecutes going on to make it easier for our partners to do business with us. >>So I have to ask you on a personal note, I know we've talked about before, your very comfortable the virtual now hybrid space. How's your team doing? How's the structure looks like, what are your goals, what are you excited about? >>Well, I think I have the greatest team ever. So of course I'm excited about our team and we are working in this new hybrid world. So it is a change for everybody uh the other day we had some people in the office and some people calling in virtually so how to manage that, right was really quite interesting. Our goals that we align our whole team around and we talked a little bit about this yesterday are around mission which are the solution areas migration, so getting everything to the cloud and then in the cloud, we talk about modernization, are you gonna use Ai Ml or I O T? And we actually just announced a new program around that to to help out IOT partners to really build and understand that data that's coming in from I O T I D C says that that idea that IOT data has increased by four times uh in the, during the covid period. So there's so many more partners who need help. >>There's a huge shift going on and you know, we always try to explain on the cube. Dave and I talked about a lot and it's re platform with the cloud, which is not just lift and shift you kind of move and then re platform then re factoring your business and there's a nuance there between re platform in which is great. Take advantage of cloud scale. But the re factoring allows for this unique advantage of these high level services. >>That's right >>and this is where people are winning. What's your reaction to that? >>Oh, I completely agree. I think this whole area of modernizing your application, like we have a lot of folks who are doing mainframe migrations and to your point if they just lift what they had in COBOL and they move it to a W S, there's really not a lot of value there, but when they rewrite the code, when they re factor the code, that's where we're seeing tremendous breakthrough momentum with our partner community, you know, Deloitte is one of our top partners with our mainframe migration. They have both our technology and our consulting um, mainframe migration competency there to one of the other things I think you would be interested in is in our session yesterday we just completed some research with r C T O s and we talked about the next mega trends that are coming around Web three dato. And I'm sure you've been hearing a lot about web www dot right? Yeah, >>0.04.0, it's all moving too fast. I mean it's moving >>fast. And so some of the things we talked to our partners about yesterday are like the metaverse that's coming. So you talked about health care yesterday electronic caregiver announced an entire application for virtual caregivers in the metaverse. We talked about Blockchain, you know, and the rise of Blockchain yesterday, we had a whole set of meetings, everybody was talking about Blockchain because now you've got El Salvador Panama Ukraine who have all adopted Bitcoin which is built on the Blockchain. So there are some really exciting things going on in technology and public sector. >>It's a societal shift and I think the confluence of tech user experience data, new, decentralized ways of changing society. You're in the middle of it. >>We are and our partners are in the middle of it and data data, data data, that's what I would say. Everybody is using data. You and I even talked about how you guys are using data. Data is really a hot topic and we we're really trying to help our partners figure out just how to migrate the data to the cloud but also to use that analytics and machine learning on it too. Well, >>thanks for sharing the data here on our opening segment. The insights we will be getting out of the Great Sandy. Great to see you got a couple more interviews with you. Thanks for coming on. I appreciate you And thanks for all your support. You guys are doing great. Your partners are happy you're on a great wave. Congratulations. Thank you, john appreciate more coverage from the queue here. Neither is public sector summit. We'll be right back. Mhm Yeah. >>Mhm. Mhm robert Herjavec. People obviously know you from shark tank

>>no real filter and that kind of stuff. But you're also an entrepreneur, right? And you know the business, you've been in software, you detect business. I'm instructing you get a lot of pictures, this entertainment business on our show, we're a bubble. We don't do a lot of tech deals that were talking because it's boring tv tech people love tech consumers love the benefit of text. No consumer opens up their iphone and says, oh my gosh, I love the technology behind my, what's it been like being on the shark tank? You know, filming is fun and hang out just fun and it's fun to be a celebrity at first your head gets really big and you get a really good tables at restaurants and who says texas has got a little possessed more skin in the game today in charge of his destiny. Great robert Herjavec. No, these two stars cube alumni >>welcome back to the cubes coverage of A W. S. Public sector seven. I'm john for your host of the cube got a great segment here on healthcare startup accelerators of course. Sandy carter is co hosting media. This one Vice President Aws. She's awesome on the cuBA and jennifer Blumenthal co founder and C of one record entrepreneur, very successful. Thanks for coming on jennifer. Thank good to see you. Sandy thanks for joining me again. You >>are most welcome, >>jennifer. Before we get into the whole accelerated dynamic, just take a minute to explain what you guys do. One record. >>Sure. So one record is a digital health company that enables users to access aggregate and share their healthcare information. So what that means is we help you as a person get your data and then we also help companies who would like to have workflows were consumers in the loop to get their data. So whether they're sharing it with a provider, researcher payer. >>So, Sandy, we've talked about this amazon web services, healthcare accelerator cohort batches. What do you call cohort batches? Cohorts explain what's going on with the healthcare accelerator? >>Yeah. So, um, we decided that we would launch and partner an accelerator program and accelerator program just provides to a start up a little bit extra technical help. A little bit extra subject matter expertise and introductions to funders. And so we decided we were going to start one for health care. It's one of the biggest disruptive industries in public sector. Um, and so we weren't sure how it's gonna go. We partnered with Kids X. Kids X is part of the Los Angeles system for medical. And so we put out a call for startups and we had 427 startups, we were told on average and accelerating it's 50-100. So we were blown away 31 different countries. So it was really amazing. And then what we've been doing is down selecting and selecting that Top 10 for our first cohort. So we're going from 427 down to 10. And so obviously we looked at the founders themselves to see the quality of the leadership of the company, um the strength of their technology and the fit of the technology into the broader overall healthcare and healthcare ecosystem. And so we were thrilled that jennifer and one record was one of the top 10 start ups in this space that we chose to be in the, in the cohort. And so now we're going to take it to the six weeks intensive where we'll do training, helping them with AWS, provide them A W. S. Credits and then Kid X will also provide some of the health care uh subject matter >>expertise as well. Can I get some of those credits over here to maybe? >>Yes, you can actually, you can talk to me don you can't >>Talk to me, Jennifer, I gotta ask you. So you're an entrepreneur. So doing start doing cos it's like a roller coaster. So now to make the top 10 but also be in the area of his accelerator, it's a partnership, right? You're making a bet. What's your take on all this? >>Well, we've always been partners with a W. S. We started building on AWS in the very beginning. So when I was setting up the company a huge decision early on with infrastructure and when I saw the launch of the accelerator, I had to apply because we're at the point in the company that we're growing and part of growing is growing with the VW. So I was really excited to take advantage of that opportunity and now in the accelerator, it's more of thinking about things that we weren't thinking about the services that we can leverage to fill in the gaps within our platform so we can meet our customers where they are >>using award winning MSP cloud status city, your partners, great relationship with the ecosystem. So congratulations Sandi. What's the disruption for the healthcare? Because right now education and health care, the two top areas we're seeing and we're reporting on where cloud scale developed two point or whatever buzzword digital transformation you want to use is impacting heavily healthcare industry. There's some new realities. What's your, what's your vision, what's your view? >>Hey john before she does that, I have to give a plug to Claudius city because they just made premier partner as well, which is a huge deal. Uh and they're also serving public sector. So I just wanted to make sure that you knew that too. So you can congratulate. Go ahead, jennifer >>Well, so if I zoom in, I think about a P. I. S. Every day, that's what I think about and I think about microservices. So for me and for one record, what we think about is legislation. So 21st century Cures act says that you as a consumer have to be able to access your healthcare data from both your providers and from your players and not just your providers, but also the underlying technology vendors and H. I. E. S. H. I am and it's probably gonna extend to really anyone who plays within the healthcare ecosystem. So you're just going to see this explosion of A. P. I. S. And we're just your one of that. I mean for the payers that we went into effect on july 1st. So I mean when you think about the decentralization of healthcare where healthcare is being delivered plus an api economy, you're just going to have a whole new model developing and then throwing price transparency and you've got a whole new cake. >>I'm smiling because I love the peacocks. In fact, last night I shouldn't have tweeted this but there's a little tweet flames going on around A. P. Is being brittle and all this stuff and I said, hey developer experience about building great software apps are there for you. It's not a glue layer by itself. You got to build software around the so kind of a little preaching to the younger generation. But this health care thing is huge because think about like old school health care, it was anti ap I was also siloed. So what's your take on has the culture is changing health care because the user experience, I want my records, I want my privacy, I want to maintain everything confidential but access. That's hard. >>I think well health care to be used to just be paper was forget about a. P. I. Is it was just paper records. I think uh to me you think about uh patient journey, like a patient journey starts with booking an appointment and then everything after that is essentially an api call. So that's how I think about it is to all these micro transactions that are happening all the time and you want your data to go to your health care provider so they can give you the proper care, you want your data to go to your pair so they can pay for your care and then those two stakeholders want your data so that they can provide the right services at the right time to the right channel. And that is just a series of api calls that literally sits on a platform. >>What's interesting, I'd love to get your take on the where you think the progress bar is in the industry because Fintech has shown the way you got defy now behind a decentralized finance, health care seems to be moving on in a very accelerated rate towards that kind of concept of cloud, scale, decentralization, privacy. >>Yeah, I mean, that's a big question, what's interesting to me around that is how healthcare stakeholders are thinking about where they're providing care. So as they're buying up practices primary care specialty care and they're moving more and more outside of the brick and mortar of the health care system or partnering with your startups. That's really where I think you're going to see a larger ecosystem development, you could just look at CVS and walmart or the dollar store if they're going to be moving into health care, what does that look like? And then if you're seeking care in those settings, but then you're going to Mayo clinic or Kaiser permanente, there's so many new relationships that are part of your hair circle >>delivery is just what does that even mean now, delivery of health >>care. It's wherever you it's like the app economy you want to ride right now, you want a doctor right now, that's where we're heading its ease of use. >>This is this exciting startups, changing the game. Yes, I love it. I mean, this is what it's all about this health >>Care, this is what it's all about. And if you look at the funding right now from VCS, we're seeing so much funding pour into health care, we were just looking at some numbers and in the second quarter alone, the funding went up almost 700%. And the amount of funding that is pouring into companies like jennifer's company to really transform healthcare, 30% of it is going into telehealth. So when you talked about, you know, kind of ai at the edge, getting the right doctor the right expert at the right time, we're seeing that as a big trend in healthcare to >>well jennifer, I think the funding dynamics aside the opportunity for market total addressable market is massive when the application is being decomposed, you got front end, whether it's telemedicine, you got the different building blocks of healthcare being radically reconfigured. It's a re factoring of healthcare. Yeah, >>I think if you just think about where we're sitting today, you had to use an app to prove proof of vaccination. So this is not just national, this is a global thing to have that covid wallet. We at one record have a covid wallet. But just a couple years from now, I need more than just by covid vaccination. I need all my vaccinations. I need all my lab results. I need all my beds. It's opening the door for a new consumer behavior pattern, which is the first step to adoption for any technology. >>So somebody else covid wallet. So I need >>that was California. Did the, did a version of we just have a pen and it's pretty cool. Very handy. I should save it to my drive. But my phone, but I don't jennifer, what's the coolest thing you're working on right now because you're in the middle of all the action. >>I get very excited about the payer app is that we're working on. So I think by the end of the month we will be connected to almost to all the blues in the United States. So I'm very excited when a user comes into the one record and they're able to get their clinical data from the provider organization and then their clinical financial and formulary data from their payers because then you're getting a complete view, You're getting the records for someone who gave you care and you're getting the records from someone who paid for your care. And that's an interesting thing that's really moving towards a complete picture. So from a personal perspective that gets exciting. And then from a professional perspective, it's really working with our partners as they're using our API s to build out workflows and their applications. >>It's an api economy. I'd like to ask you to on the impact side to the patient. I hear a lot of people complaining that hey, I want to bring my records to the doctor and I want to have my own control of my own stuff. A lot of times, some doctors don't even know other historical data points about a patient that could open up a diagnosis and, or care >>or they can't even refer you to a doctor. Most doctors really only refer within a network of people that they know having a provider directory that allows doctors refer, having the data from different doctors outside of their, you know, I didn't really allows people to start thinking beyond just their little box. >>Cool. Well, great to have you on and congratulations on being in the top 10 saying this is a wonderful example of how the ecosystem where you got cloud city, your MSP. You mentioned the shout out to them jerry Miller and his team by working together the cloud gives you advantages. So I have to ask, we look at amazon cloud as an entrepreneur. It's kind of a loaded question, but I'm going to ask it. I love it. >>You always do it >>when you look at amazon, what do you see as opportunities as an entrepreneur? Because I'll see the easy ones. They have computing everything else. But like what's the, what does cloud do for you as an entrepreneur? What does it, what does it make you do? >>Yeah. So for been working with jerry since the beginning for me when I think about it, it's really the growth of our company. So when we start building, we really just thinking about it from a monolithic build and we move to microservices and amazon has been there every step of the way to support us as that. And now, you know, the things that I'm interested in are specifically health lake and anything that's NLP related that we could plug into our solution for when we get data from different sources that are coming in really unstructured formats and making it structured so that it's searchable for people and amazon does that for us with their services that we can add into the applications. >>Yeah, we announced that data health like and july it has a whole set of templates for analytics, focused on health care as well as hip hop compliance out of the box as well. >>The I think I think that's what's important is people used to think application first. Now it's creating essentially a data lake, then analytics and then what applications you build on top of that. And that's how our partners think about it and that's how we try and service them using amazon as our problem. So >>you're honing in on the value of the data and how that conflicts and then work within the whatever application requests might come >>in. Yes, >>it's interesting. You know, we had an event last month and jerry Chen from Greylock partners came on and gave a talk called castles in the cloud. He's gonna be cute before. He's a, he's a veces, they talk about moats and competitive manage so having a moat, The old school perimeter moz how cloud destroyed that. He's like, no, now the castles are in the cloud, he pointed snowflake basically data warehouse in the cloud red shifts there too. But they can be successful. And that's how the cloud, you could actually build value, sustainable value in the cloud. If you think that way of re factoring not just hosting a huge, huge, huge thing. >>I think the only thing he, this was customer service because health care is still very personal. So it's always about how you interact with the end user and how you can help me get to where they need to be going >>and what do you see that going? Because that's, that's a good point. >>I think that is a huge opportunity for any new company that wants to enter healthcare, customer service as a service in health care for all the different places that health care is going to be delivered. Maybe there's a company that I don't know about, but when they come out, I'd like to meet them. >>Yeah, I mean, I can't think of one cover that can think of right now. This is what I would say is great customer service for health care. >>And if there is one out there contacted me because I want to talk to you about AWS. >>Yeah. And you need the app from one record that make it all >>happen. That's where Omni channel customer service across all health care entities. Yeah, that's >>a great billion dollar idea for someone listening to our show right now. >>Right, alright. So saying they had to give you the opportunity to talk more because this is a great example of how the world's very agile. What's the next step for the AWS Healthcare accelerator? Are there more accelerators? Do you do it by vertical? >>What happens next? So, with the healthcare accelerator, this was our first go at the accelerator. So, this is our first set of cohorts, Of course, all 427 companies are going to get some help from a W. S. as well. We also you'll love this john We also did a space accelerator. Make sure you ask Clint about that. So we have startups that are synthesizing oxygen on mars to sending an outpost box to the moon. I mean, it's crazy what these startups are doing. Um, and then the third accelerator we started was around clean energy. So sustainability, we sold that one out to, we had folks from 66 different countries participate in that one. So these have been really successful for us. So it reinvent. When we talk again, we'll be announcing a couple of others. So right now we've got healthcare, space, clean energy and we'll be announcing a couple other accelerators moving forward. >>You know, it's interesting, jennifer the pandemic has changed even our ability to get stories. Just more stories out there now. So you're seeing kind of remote hybrid connections, ap ideas, whether it's software or remote interviews or remote connections. There's more stories being told out there with digital transformation. I mean there wasn't that many before pandemic has changed the landscape because let's face it, people were hiding some really bad projects behind metrics. But when you pull the pandemic back and you go, hey, everyone's kind of emperors got no clothes on. Those are bad projects. Those are good projects that cloud investment worked or I didn't have a cloud investment. They were pretty much screwed at that point. So this is now a new reality of like value, you can't show me value. >>It's crazy to me when I meet people who tell me like we want to move to the cloud of like, why are you not on the cloud? Like this really just blows my life. Like I don't understand why you have on prem or while you did start on the cloud, this is more for larger organizations, but younger organizations, you know, the first thing you have to do, it's set up that environment. >>Yeah. And then now with the migration plans and seeing here, uh whereas education or health care or other verticals, you've got, now you've got containers to give you that compatibility and then you've got kubernetes and you've got microservices, you've got land. Uh I mean, come on, that's the perfect storm innovation. There's no excuses in my opinion. So, you know, if you're out there and you're not leveraging it, then you're probably gonna be out of business. That's my philosophy. Thank you for coming up. Okay. Sandy, thank you. Thank you, john Okay. Any of his coverage here, summit here in D. C. I'm john ferrier. Thanks for watching. Mm >>mm mm mhm. I have been in the software and technology industry for over 12 years now, so I've had >>the opportunity

>> From the SiliconANGLE Media office in Boston, Massachusetts. It's theCUBE. (upbeat music) Now, here's your host Dave Vellante. >> Hi everybody, welcome to this Cube Conversation on data protection. You know, I've been reporting for the last several months that spending on storage is reverting back to pre-2018 levels, but at the same time, it's not falling off a cliff. Now, one area of storage that is still very, very strong is the data protection segment. In the past 18 months, we've seen about a half a billion dollars in venture funding come into the market. We've just seen a big multi-billion dollar exit. And backup specifically in data protection, data management generally is where all the action is right now. And one of the leaders in data protection is Dell EMC. The company has the largest share of the market and the new entrants, believe me, want a piece of their pie. But anyone who follows this company knows that the firm is not likely to give up it's turf very easily. So much is changing in the market today. And I want to understand how Dell EMC's data protection division is responding to both the competitive threats and the changing market dynamics. With me are two experts from Dell EMC to address these issues. Nelson Hsu is Director of Solutions, Product Marketing for the data protection division at Dell EMC, and Colm Keegan is Senior Consultant, Product Marketing at Dell EMC. Gents, welcome to theCUBE. Great to see you again. >> Thank you for having us. >> Thanks, Dave. >> So you heard my intro. You guys are the leader. You got the biggest market share. You got all the upstarts coming at ya. What's your response? >> Want me to take that? >> Sure. >> Yeah. It's interesting, so we were talking about this before we came on set, you know and often times they want to poke holes at us 'cause you know we're perceived as being the old timers, or the stodgy ones of the group out there. And play a little jiu jitsu, you move in say you know well time in market counts for something. You know we've been solving data protection challenges for customers for literally decades now. You know and so, water under the boat and knowing the experience that we've derived from that allows us to bring solutions that are mature, that are proven. What we're doing is we're taking those proven solutions and pairing them with modern capabilities. So that, you know we look at it and say, hey, look, Mr. Customer. You have significant data protection challenges today because, as you said, the world's changing. It's changing rapidly. We can help you address those while also sowing the seeds for the foundation for the future. So we think that's a compelling message and we think that while some of our competitors, in particular the upstarts, have had some interesting things to say, big picture-wise, they don't know what they don't know. 'Cause they just don't have the time in the market. Their solutions are also largely absent upmarket, you know, when you look at the enterprise. So we're comfortable. We think we're in a very good spot right now. >> So cloud obviously was the huge mega trend of the past decade. You guys said from the beginning, it's going to be a hybrid world. Some of that was we hope it's going to be a hybrid world. Well you were right, it's a hybrid world. So how is cloud, hybrid cloud affecting your customer decisions around data protection, and how are you responding? >> Well, you know, there's no doubt that the growth in cloud and the growth in hybrid cloud is real. And it's there today. As we look, and as Colm mentioned, we've been protecting data across the enterprise, across the edge and in the cloud, and that growth continues. So today, we have over 1,000 customers that we're protecting their data in the cloud. To the tone of over 2.7 exabytes of data protected in the cloud by Dell EMC data protection. So there is absolutely no doubt that that growth is there. We have a lot of innovation that we're driving on, both in various ares of cloud native, cyber security and deep integration. >> Okay, so that's good, 1,000 customers. That's a pretty good observation space. But when you think about hybrid, what I think when I talk to customers is they want that same exact cloud experience. They don't want to have to context switch. They don't want to have to buy different platforms. So how are you specifically addressing that customer requirement? >> So there's a couple ways we look at that, right? For our customers, simplicity is very key in ease of use. So that's one of our core tenants as we go across both the edge, the core and the cloud. And the other aspect of that is consistency. So giving them and allowing them to use the tools that they know today to be able to protect their data, wherever that data resides. So with the cloud, with cloud native, your data becomes very, very distributed. And you have to be able to see all that data, and control and manage that data. So the whole aspect around cloud data management has now risen to the top as a major concern. We do that in a great way in a sense that we both have a hybrid strategy and a lot of that is working with Dell Technologies cloud. And it's based upon VMware. And so we have a very good deep relationship with VMware to utilize their tools that our customers use today. Whether it be vSphere or vcontrol that they can manage their data protection from one console, from one environment itself. >> Yeah, Dave, I think when you look at the split today, the latest cut of research is that roughly 52% of VM's are in the cloud, and 48 percent are on-prems so it's already hybrid, and as Nelson said, it's largely predicated on VMware. So as organizations start consuming cloud they're going to go with the platform that they've been operating under for years now. So it'll be VMware. We've always had very tight integration with VMware. We have a very strong partnership with them. And that's both on the existing portfolio as well as the agile portfolio that we're building out today under PowerProtect. So as that hybrid world evolves for the customers obviously we want to make sure they're protected from a virtual machine standpoint. And make that, as Nelson said, very simple for them because the last thing customers need is complexity particularly as their environments are becoming inherently more complex. Because now you look at most enterprises today, they're going to have a mix of workloads. It's physical, it's virtual, containers are unaccounted for. It's cloud native apps, it's SaaS. You know we were talking earlier about multi-clouds. Oftentimes it just kind of came up organically and now you've got this huge distribution of workloads and oftentimes, customers have been just sort of reactive to that. In other words, let me find a way to protect that and I'll worry about the details later. We're looking at that and saying, we have the portfolio to help you protect all your workloads, and as importantly, we'll help consolidate the management in that environment. It's going to start with VMware, but then longer term we're planning for things like a SaaS control plane so that we can give you a complete view of that environment and allow you to assign the policies you need in terms of SLA's, in terms of compliance. You're basically hitting all the security, hitting all the key things that you need and so directionally we think starting with VMware and building from there is probably the most realistic way we can get customers protected from a hyper cloud. >> So the vision is a single point of control that is SaaS based that lives in the cloud or lives wherever you want it to live? >> Right, it can be either. >> So one of our core tendencies here, right, is that we want and deliver the ability to protect our customer's data wherever it resides. Whether it's edge, core or cloud. >> So sticking on cloud for a second, and then sort of segue into the VMware conversation that I want to have is VMware is the sort of linchpin of your multi-cloud strategy. That makes a lot of sense. VMware is going to be a leader, if not the leader in multi-cloud. We'll see how that all shakes out. It's kind of jump ball right now but VMware is in pretty good position with 500,000 customers. But your perspective on cloud is different than say, take an AWS cloud provider, it's a place. Put your data in my cloud. You guys are talking about the experience. And that's really what you're trying to drive with VMware, whether is Ron-prem, whether it's in Google, Azure, AWS, wherever. The cloud, you name it. Is that the right way to think about your strategy? Specifically as it relates to multi-cloud. >> Yeah, so I think on the area of multi-cloud, it is a multi-cloud world. Years ago I was in a SaaS startup and we had customers that were looking to deploy to the cloud. And then that was the question. Okay, do we hedge on multi-cloud or not? As a SaaS provider, we actually implemented on both AWS and Azure at the time. Which became relevant, because now our customers are asking us, yes, my primary is with this particular hyper scaler. But do you also support this second hyper scaler? So the reality started to evolve. And so for us, yes, VMware is a very strategic aspect and partner with us, especially with Dell Technologies cloud. But we also have a multi-cloud relationship with AWS, with Azure and with Google. >> Yes, so the compatibility matrix, if you will, applies now to the cloud. >> Absolutely, absolutely. So now it's having that feature and functionality across multiple clouds. >> One of the things we obviously paid attention to is Project Tanzu with inside of VMware. All around bringing kind of Kubernetes and VMware together. How does that affect data protection? >> Well, I think it affects data protection in the sense that addressing the entire aspect of still your data is distributed now. And it's going to grow that way. I think that we've seen numbers upwards of 70% of applications will be container based. Some of that will be going forward to 2022 where there'll be multiple production applications that will be container based. I think what Tanzu will bring to the table is a cohesive way to manage and control that environment itself. >> Okay, and so maybe we could sort of drill into that a little bit. Containers, it's becoming more obvious that people want to persist some of that data. It's largely stateless, but you've got to figure out how to recover. So do you have solutions in that space, is that sort of more road mapping? You can talk about that a little bit. >> No, absolutely. So definitely we have concrete solutions with our Dell EMC PowerProtect data manager for Kubernetes. It's actually one of the first that was in the market to support cloud native environments. >> It is the first. >> Yeah, the first offering out there to support Kubernetes. And so the aspect there is that as cloud native has moved from DevOps, and now into production in the mission critical applications, now becomes the aspect of originally the DNA of DevOps was my data doesn't have to be persistent. Now when you move into a mission critical environment, you're entire environment needs to be protected. And to be able to bring those workloads back up should anything happen and to be able to protect that data that is critical to those workloads. >> Okay, and so you're saying you're first, and you see this as a differentiator in the marketplace, or is everybody going to have this, or it's one of these confusing ice cream cone of solutions. So why you guys? What's your big differentiation? Let's stick to containers. I have the same questions sort of overall come back to that. >> So great question, and the matter of fact is that with our experience across the edge, core and cloud, Kubernetes and containers will be prevalent throughout. And it'll be the way that applications will be developed. It's meeting the demands of the business and being agile. And I think that with our ability internally that would move to that agile emotion. We have that ability to address the customer's needs especially in the cloud native Kubernetes space. >> I think going back to what you said too about VMware, certainly our partnership there is differentiated. We even heard some echos of that during Vmworld. Pat Gelsinger usually doesn't give call outs on the main stage very frequently. And he said that they were working with us as a best-in-class partner for data protection with Tanzu. And so there is a very tight partnership there, so if I'm a customer and I'm looking at containers, I'm probably going to want to do it within the framework of VMware to start with. But it's important to point out that we're also not dependent on VMware. So we can still deliver protection for Kubernetes containers outside of say the VMware management domain. But I would say from a differentiation standpoint there are some real tight partnering going on to make these capabilities mature. >> Well it helps that your CEO owns 80% of the company. (laughing) But it's an interesting point you're making because again, dial back 10 years ago, VMware had much more of a Switzerland strategy under Maritz, almost to, at the time, EMC's detriment. I think Michael Dell is very clearly, as is Jeff Clarke, said look, we're going to do more integration. And Pat Gelsinger has been, look, I love all my partners. It's true but we're entering sort of a new era. And that integration is key, you know, again, because of the ownership structure, and your long history there. It's got to confer some advantages in the marketplace. >> Yeah, and he's also got to remove some of the headwinds to adoption of VMware cloud. And data protection, as we discussed often times can be a headwind if customers are concerned that they're not going to be able to protect their data, chances are they're going to stand pat for a while. So I mean you need to find ways to take some of those objections off the table. >> Yeah, and not to take anything away from your competitors. Look, it's an open API world, and again, people are going to compete. But at the end of the day this stuff is still really complex and if you can do some core engineering together it's definitely an advantage. Let's talk a little bit about cyber. I often say it's become a board level topic. It's not a matter of if, it's a matter of when. SecOps teams are overtaxed. I think I put out a stat lately, I got it from Robert Herjavec actually. He said think about this. The worldwide economy is 86 trillion and we spend .014% on cyber, that's it. We're barely scratching the surface. And that's part of the problem. Okay, but with that limited resource we have to be as smart as possible. You've got this ransomware coming in. So what are your customers asking you for and how are you responding? >> So it's interesting, right, because it is top of mind, cyber and cyber attacks, and it takes many forms. The attacks can be malware, they could be encryption, they could be deletion. Which is ultimately the worst case scenario. And I think as you go forward and you look at it cyber is the number one concern for any CIO, CISO or anyone that's worried about their security infrastructure. >> Which is everybody >> Which is everybody, right, exactly. I think that we have delivered for the cloud data protection area a first and best offering with an air gap data protection solution. So inherently, we can insulate and protect our customer's data from cyber threats. So when a ransom event occurs you can recover your data without having to pay that ransom. Or not be concerned that in most severe cases your data gets deleted. I think most recently there was a healthcare provider who was threatened about their data being deleted. And that was the worst case. We were able to protect their data in the sense that with our cyber recovery offering they protected their data in an air gap vaulted solution. And they didn't have to pay for that ransom. >> So what I'm hearing from you guys is okay, cloud, very important. Hybrid cloud, multi-cloud, fundamental to our strategy. VMware, they say bet on sure things. VMware is pretty much a sure thing. Large customer base, leader in the space. And then cyber as a key concern of customers, you want to expand the notion of backup and data protection to really point it at cyber as well. >> Absolutely, in fact with this recent research, it's called the Global Data Protection Index Survey and we just refreshed it. And what customers identified as the most compelling reasons to adopt cloud is for better performance, better data protection, and better security. Not necessarily in that order but those were the top three. So we look at that and say, you know we've got plays there. Certainly we have capabilities protecting workloads in the cloud whether they be virtual machines, cloud native, containers. But the security aspect of it is huge. Because oftentimes customers, and Dave, you and I were talking about this, they make some broader assumptions about once data is in the clouds they can kind of wash their hands and walk away. Not so fast, because certainly there is a shared responsibility model that extends not only to data protection, but also to security. Look, don't get me wrong, the cloud service providers have fantastic security capabilities, have a great perimeter. But as you said, it's not a question of if, it's a question of when. And when something happens, are you ready for it? So these solutions extend not only to on-prem but into the cloud. So it's that ability wherever the workload lives that you can get the right protection and what we're really now referring to as safeguarding data. Because it's a combination of data protection and security that's embedded and doing it wherever the workload resides. >> I'm glad you brought that up Colm. I have a follow up on that, but Nelson, did you want to add something? >> Well, I just want to mention that one of the biggest concerns is making sure that that data you vaulted is actually clean and safe. So we have a cyber sense capability within our cyber recovery product, that when you vault that data it does about 100 analytics on that data to make sure that there's no malware. That it's not infected. And it does it automatically and even on incremental using machine learning. >> That's really important because mistakes happen really fast. (laughing) So if you're vaulting corrupted data, >> What do you do? >> Oops. >> Yeah, exactly. >> I want to come back, I think the shared responsibility model is not well understand and there's a lot of confusion in the industry. At a conference this year, AWS' CISO Stephen Schmidt was saying, look all this talk about security is broken it's not really productive. The state of security in the cloud is actually really good and to your point Colm, yeah, he's right about that. Then you hear Pat Gelsinger saying, he's told me many times in theCUBE security is a do-over. To my point, you know the 86 trillion. And so I kind of lean, when I talk to IT people what Pat is saying. So you say okay, where is the dissidence there? Well, the reality is is the cloud service providers and the shared security model, they'll secure the physical infrastructure. But it's up to the customer to be responsible for everything else. You know, the edicts of the organization are applied. We were talking to the CISO of a large insurance company and she said to us, oh no, shared responsibility means it's our responsibility. So you're not going to go after the cloud service provider, you're going to go after the insurance company, or the financial service institution. Their brand is the one that's going to get hurt. So that's misunderstood. My question, very long winded rant, but what role do you guys play in that shared responsibility model? >> Well, ultimately it comes down to the customer. And the shared responsibility model really is admissible, as you mentioned, right? And so at the end of the day, you as the customer own and are responsible to protect that data. So your data protection strategy, your cyber resilience strategy has to be sound. And it has to be secured by those that can actually do it across multiple distribution models and platforms, whether it's edge, core or cloud. Whether it's VM's, containers. It doesn't change. You're still ultimately responsible for it. >> I think maybe what you might be driving at the question, Dave, is empowering the customers to maintain control of their data. And having the tools in place so that they feel comfortable. And part of it too is moving more towards automation. Because as their applications grow, and as Nelson said, become more distributed, as the data grows exponentially, this just fundamentally isn't a task that humans can manage very much longer. >> I'm glad you brought that up, because you ask a CISO, what's your number one problem? And he or she will tell you the skill sets to keep up with all this complexity. And that's where automation comes in. >> Correct, it does. So that's where we're taking it. Is trying to make things more automated and take tasks away from humans that they just can't keep up with. >> All right guys, I'll give you the last word. We go back a decade or so ago and backup was a whole different situation. And we saw the rise of virtualization and now cloud and all these other things that we have been talking about. Edge, the cyber threats, et cetera. So bring us home, where do you see the future and how does Dell EMC data protection fit in? >> It's an exciting time, it really is. It's kind of like the coming of that second storm as you mentioned. Businesses have that demand of needing more services to load more quickly in an agile fashion. And as they pair that with the growth of their data which is distributed, they really have that challenge overall of how do I manage this environment? So you have to have the observability to understand where your data is and to be able to monitor it. You have to be able to orchestrate your workloads so that they're automated, and the data protection of those workloads are automated as well. And so the imperative that aspects like Tanzu are addressing with cloud native, that Kubernetes brings to the table to deliver containerized applications. That's really quite honestly is the biggest evolution I've seen in my last 20 to 30 years. This is definitely a different paradigm shift. >> Yeah, you know, six months ago I was with a competitor and was taking a look at EMC, sorry, I should say Dell EMC, and I was wondering, should I make a move over here? And really what convinced me was the fact that the company was willing to basically solve internally the innovator's dilemma. You're making so much money on your existing portfolio, now you're going to start investing in what appears to be almost internal competition to your portfolio. It's not, it's complimentary. So that's what drove the decision for me to come here, but I will also say it's great to be a part of an organization that has a long-term vision. You remember, I think the phrase that was being used, being held captive to the 90-day shot clock. You know, the earnings reports and stuff. And that drives behavior. Well, if your organization is looking at decade-long goals, that means that you can actually plan to do things that over time are going to actually bring real value to customers. So I think we're doing the right things. We're obviously innovating, we're on this agile software development cadence gives us the ability to solve the problems incrementally over time so customers can see that value instead of waiting for large batch releases. But is also gives us the ability to say, hey, when we've made mistakes or when we hadn't seen certain things come around the corner, we're agile enough to change with that. So I think the combination of having that vision and putting in the investments, and we've kind of likened ourselves to the biggest startup in the industry with the backing of a Fortune 50. And so from a customer standpoint you got to look at that and think, you know, that's interesting, because I need to solve my current problems today. I need to have a path forward for the future. And who am I betting on to deliver that? And the other thing I'll leave on is customers are trying to work with fewer suppliers, not more suppliers. Because they want to reduce the complexity. Well who has the ability to not only bring data protection to bear, but a whole portfolio of technology is really end to end. That can snap into those environments to again reduce complexity and drive more business value. >> That's a really interesting point you make about consolidations. Ever since I've been in this industry people want to deal with less suppliers and reduce the complexity. But you still see startups and VC's funding things. And what's happened is this consolidation, the big guys, you guys are the biggest consolidator. And I always say the rich get richer. There's always this tension between sort of, do I go out and buy the spoke, best of breed tools, or do I get them from somebody who can help me across the portfolio? That's really where your strength is. Guys, thank you so much. This is really a very important topic. Data protection is one of the most important areas that we've been covering. I've been reporting on it a lot. As I said, a lot of venture money has been flowing in. So I really appreciate you guys coming in, sharing your perspectives. And best of luck in the marketplace. >> Appreciate it, Dave. >> Thanks, this was great. >> You're welcome. All right, and thank you for watching, everybody. This is Dave Vellante for theCUBE. We'll see you next time. (upbeat music)

live from Barcelona Spain it's the cube covering Cisco live 2020 rot to you by Cisco and its ecosystem partners welcome back over 17,000 in attendance here for Cisco live 2020 in Barcelona ops 2 min and my co-host is Dave Volante and to help us to dig in to of course one of the most important topic of the day of course that security we're thrilled to have back a distinguished engineer Francisco one of our cube alumni TK kia nini TK thanks so much for joining us ideal man good good all right so TK it's 2020 it's a new decade we know the bad actors are still out there they're there the the question always is you know it used to be you know how do you keep ahead of them then I've here Dave say many times well you know it's not you know when it's it's not if it's when you know you probably already have been ok you know compromise before so it gives latest so you know what you're seeing out there what you're talking to customers about in this important space yeah it's it's kind of an innovation spiral you know we we innovate we make it harder for them and then they innovate they make it harder for us right and round and round we go that's been going on for for many years I think I think the most significant changes that have happened recently have to deal with not essentially their objectives but how they go about their objectives and Defenders topologies have changed greatly instead of just your standard Enterprise you now have you know hybrid multi cloud and all these new technologies so while while all that innovation happens you know they get a little clever and they find weaknesses and round and round we go so we talked a lot about the sort of changing profile of the the threat actors gone from hacktivists to criminals now is a huge business and nation-states even what's that profile looked like today and how has that changed over the last decade or so you know that's pretty much stayed the same you know bad guys are bad guys at some point in time you know just how how they go about their business their techniques they're having to like I said innovate around you know we make it harder for them they you know on Monday we're safe on Tuesday we're not you know and then on Wednesday it switches again so so it talked about kind of this multi-cloud environment when we talked to customers it's like well I want the developer to be able to build their application and not really have to think too much underneath it that that has to have some unique challenges we know security we knew long ago well I just go to the cloud it doesn't mean they take care of it some things are there some things they're gonna remind you now you need to make sure you set certain things otherwise you could be there but how do we make sure that Security's baked in everywhere and is up as a practice that everybody's doing well I mean again some of the practices hold true no matter what the environment I think the big thing was cognitive is in back in the day when when you looked at an old legacy data center you were apart sort of administrator in your part detective most people don't even know what's running on there that's not true in cloud native environments some some llamó file some some declaration it's it's just exactly what production should look like right and then the machines instantiate production so you're doing things that machine scale forces the human scale people to be explicit and and for me I mean that's that's a breath of fresh air because once you're explicit then you take the mystery out of what you're protecting how about in terms of how you detect threats right phishing for credentials has become a huge deal but not just you know kicking down the door or smashing a window yeah using your your own credentials to get inside of your network so how is that affected the way in which you detect yeah it's it's a big deal you know a lot of a lot of technology has a dual use and what I mean by that is network cryptology you know that that whole crypto on the network has made us safer for us to compute over unsecure networks and unfortunately it works just as well for the bad guys so you know all of their malicious activity is now private to so it you know for us we just have to invent new ways of detecting direct inspection for instance I think is a thing of the past I mean we just can't depend on it anymore we have to have tools of inference and not only that but it's it's gave rise in a lot of innovation on behavioral science and as you say you know it's it's not that the attacker is breaking into your network anymore they're logging in okay what do you do then right Alice Alice's account it's not gonna set off the triggers so you have to say you know when did Alice start to behave differently you know she's working in accounting why is she playing around with the source code repository that's that's a different thing right yeah automation is such a big trend you know how do we make sure that automation doesn't leave us more vulnerable that's rarity because we need to be able automate we've gone beyond human scale for most of these configurations that's exactly right and and how do how do we I always say just with security automation in particular just because you can automate something doesn't mean you should and and you really have to go back and have practices you know you could argue that that this thing is just a you know machine scale automation you could do math on a legal pad or you can use a computer to do it right what so apply that to production if you mechanized something like order entry or whatever you're you're you're automating part of your business use threat modeling you use the standard threat modeling like you would your code the network is code now right and storage is code and everything is code so you know just automate your testing do your threat modeling do all that stuff please do not automate for your attacker matrix is here I want to go back to the Alice problem because you're talking about before you have to use inference so Alice's is in the network and you're observing her moves every day and then okay something anomalous occurs maybe she's doing something that normally she wouldn't do so you've got to have her profile in her actions sort of observed documented stored the data has got to be there and at the same time you want to make sure it's always that balance of putting handcuffs on people and you know versus allowing them to you know do their job and be productive at the same time as well you don't want to let the bad guys know that you know that alice is doing something that she didn't be doing is actually not Alice so all that complexity how are you dealing with it and what's the data model look like doing it machines help let's say that machines can help us you know you and I we have only so many sense organs and the cognitive brain can only store so many so much state machines really help us extend that and so you know looking at not three dimensions of change but 7000 dimensions have changed right something in the machine is going to say there's an outlier here that's interesting and you can get another machine to say that's that's interesting maybe I should focus on that you build these analytical pipelines so that at the end of it you know they may argue with each other all the way to the end but at the end you have a very high fidelity indicator that might be at the protocol level it might be at the behavioral level it might be seven days back or thirty days back all these temporal and spatial dimensions it's really cheap to do it with a machine yeah and if we could stay on that for a second so it I've tried to understand I know that's a high level example but is it best practice to have the Machine take action or is it is it an augmentation and I know it depends on the use case but but how is that sort of playing out again you have to do all of this safely okay a lot of things that machines do don't return back to human scale stuff that returns back to human scale that humans understand that is as useful so for instance if machines you know find out all these types of in assertions even in medical you know right now if if you've got so much telemetry going into the medical field say the machine tells you you have three weeks to live I mean you better explain what the heck you know how you came about that assertion it's the same with security you know if I'm gonna say look we're gonna quarantine your machine or we're gonna reimage this machine it's not I'm not like picking movies for you or the next song you might listen to this is high stakes and so when you do things like that your analytics needs to have what it's called entailment you have to explain what it is how you got to that assertion that's become incredibly important in how we measure our effectiveness in in doing analytics that's interesting because because you're using a lot of machine intelligence to do this and a lot of AI is blackbox you're saying you cannot endure that blackbox problem in security yeah that black box is is is very dangerous you know I you know personally I feel that you know things that should be open sourced this type of technology it's so advanced that the developer needs to understand that the tester needs to understand that certainly the customer needs to understand it you need to publish papers and be very very transparent with this domain because if it is in fact you know black box and it's given the authority to automate something like you know shut down the power or do things like that that's when things really start to get dangerous so good TK what wonder you know give us the latest on stealthWatch there you know Cisco's positioning when it when it comes to everything we've been talking about here you know stealthWatch again is it's been in market for quite some time it's actually been in market since 2001 and when I when I look back and see how much has changed you know how we've had to keep up with the market and again it's not just the algorithms rewrite for detection it's the environments have changed right but when did when did multi-cloud happen so so operating again cusp it's not that stealthWatch wants to go their customers are going there and they want the stealthWatch function across their digital business and so you know we've had to make advancements on the changing topology we've had to make advancements because of things like dark data you know the the network's opaque now right we have to have a lot of inference so we've just you know kept up and stayed ahead of it you know we've been spending a lot of time talking to developer communities and there's a lot of open-source tooling out there that that's helping enable developers specifically in security space you were talking about open-source earlier how does what you've been doing the stealthWatch intersect with that yeah that's always interesting too because there's been sort of a shift in in let's call them the cool kids right the cool kids um they want everything is code right so it's not about what's on glass or you know a single pane of glass anymore it's it's what stealth watches code right what's your router as code look at definitely definite is basically Cisco as code and it's beautiful because that is infrastructure as code I mean that is the future and so all the products not just stealthWatch have beautiful api's and that's that's really exciting I've been saying for a while now it's do you I think you agree is that that is a big differentiator for Cisco I think you you're one of the few if not the only large established player and the enterprise that has figured out that sort of infrastructure is code play others have tried and are sort of getting there but start-stop you use a term that really cool is like living off the land you know bear bear grylls like the guy who lives off the land so and and and threat actors are doing that now they're using your own installed software and tooling to hack you and steal from you how were you dealing with that problem yeah it's a tough one and like I said you know much respect the the adversary is talented and they're patient they're well funded okay that's that's where it starts and so you know why why bring why bring an interpreter to a host when there's already one there right why right all this complicated software distribution when I can just use yours and so that's that's where the play the game starts and and the most advanced threats aren't leaving footprints because the footprints are already there you know they'll get on a machine and behaviorally they'll check the cache to see what's hot and what's hot in the cache means that behaviorally it's a path they can go they're not cutting a new trail most of the time right so living off the land is not only the tools that they're using the automation your automation they're using against you but it's also behavioral and so that that makes it you know it makes it harder it's it impossible no can we make it harder for them yes so yeah I'm having fun and I've been doing this for over twenty five years every week it's something new well it's a hard problem you're attacking and you know Robert Herjavec who came of the cube sort of opened my eyes and you think about what are we securing we're securing everything I mean a critical infrastructure were essentially assured securing the entire global economy and he said something that really struck me since there's an 86 trillion dollar economy we spend point zero one four percent on securing that economy and that's nothing now of course he's an entrepreneur and he's pimping for his his business but it's true we are barely scratching the surface of this problem yeah and it's changing I mean it's changing it could it be better yes it is changing his board awareness well you know 20 years ago they then write me to a dinner party they you know what does your husband do I'd say you know cyber security or something they'd roll their eyes and change the subject now they asked me the same question so oh you know my computer's running really slow right these are not this is everyone I'm worried about a life hack yeah how do I protect myself or what about these company us the bank I mean that's guys a dinner table company every party so now now you know I just make something up I don't do cybersecurity I just I you know a tort or a jipner's you've been in this business forever I can't remember have I ever asked you the superhero question what is that your favorite superhero that's a tough one there's all the security guys I know they like always dreamed about saving the world [Laughter] you're my superhero man I love what you do I think you're a great asset for Cisco and Cisco's customers really Thanks TK give us a final word if people want to you know find out more about about what Cisco's doing read more what you're working on what's some of the best resources I have to go to do you know just drop by the web pages I mean everything's published out that like I said even even for the super nerdy you know we publish all our our lars security analytics papers I think we're over 50 papers published in the last 12 years TK thank you so much always a pleasure to catch it all right yeah I think they've traveled thank you so much for de Villante um Stu Mittleman John Fourier is also in the house we will be back with lots more coverage here from Cisco live 20/20 in Barcelona thanks for watching the keys

[Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] you [Music] [Applause] [Music] live from Barcelona Spain it's the cube covering Cisco live 2020 rot to you by Cisco and its ecosystem partners come back this is the cubes coverage of Cisco live 2020 here in Barcelona doing about three and a half days of wall-to-wall coverage here I'm Stu minim and my co-host for this segment is Dave Volante John furs also here scouring the floor and really happy to welcome to the program to first-time guests I believe so Ron Daris is the product manager of product marketing for cloud computing with Cisco and sitting to his left is Matt Ferguson who's director of product development also with the Cisco cloud group Dave and I are from Boston Matt is also from the Boston area yes and Costas is coming over from London so thanks so much for joining us thanks IBPS all right so obviously cloud computing something we've been talking about many years we've really found fascinating the relationship Cisco's had with its customers as well as through the partner ecosystem had many good discussions about some of the announcements this week maybe start a little bit you know Cisco's software journey and you know positioning in this cloud space right now yes oh so it's a it's a really interesting dynamic when we start transitioning to multi cloud and we actually deal with cloud and compute coming together and we've had whether you're looking at the infrastructure ops organization or whether you're looking at the apps operations or whether you're looking at you know your dev environment your security operations each organization has to deal with their angle at which they view you know multi cloud or they view how they actually operate within those the cloud computing context and so whether you're on the infrastructure side you're looking at compute you're looking at storage you're looking at resources if you're an app operator you're looking at performance you're looking at visibility assurance if you are in the security operations you're looking at maybe governance you're looking at policy and then when you're a developer you really sort of thinking about CI CD you're talking about agility and there's very few organizations like Cisco that actually is looking at from a product perspective all those various angles of multi-cloud yeah definitely a lot of piece of cost us maybe up level it for us a little bit there's there's so many pieces you know we talked for so long you know you don't talk to any company that doesn't have a cloud strategy doesn't mean that it's not going to change over time and it means every company's got at home positioning but talk about the relationship cisco has with its customer and really the advisory position that you want to have with them it's actually a very relevant question to what to what Matt is talking about because we talk a lot about multi cloud as a trend and hybrid clouds and this kind of relationship between the traditional view of looking at computing data centers and then expanding to different clouds you know public cloud providers have now amazing platform capabilities and if you think about it the the it goes back to what Matt said about IT ops and the development kind of efforts why is this happening really you know there's there's the study that we did with with an analyst and there was an amazing a shocking stat around how within the next three years organizations will have to support 50% more applications than they do now and we have been trying to test this stat our events that made customer meetings etc that is a lot of a lot of change for organizations so if you think about why are they use why do they need to basically what go and expand to those clouds is because they want to service IT Ops teams want ER servers with capabilities their developers faster right and this is where you have within the IT ops kind of theme organization you have the security kind of frame the compute frame the networking where you know Cisco has a traditional footprint how do you blend all this how do you bring all this together in a linear way to support individual unique application modernization efforts I think that's what are we hearing from customers in terms of the feedback and this is what influences our strategy to converts the different business units and engineering engineering efforts right couple years ago I have to admit I was kind of a multi cloud skeptic I always said I thought it was more of a symptom than actually a strategy a symptom of you know shadow IT and different workloads and so forth but now I'm kind of buying in because I think IT in particular has been brought in to clean up the crime scene I often say so I think it is becoming a strategy so if you could help us understand what you're hearing from customers in terms of their strategy toward the multi cloud and how Cisco that was mapping into that yeah so so when we talk to customers it comes back to the angle at which they're approaching the problem in like you said the shadow IT has been probably around for longer than anybody won't cares to admit because the people want to move faster organizations want to get their product out to market sooner and and so what what really is we're having conversations now about you know how do I get the visibility how do I get you know the policies and the governance so that I can actually understand either how much I'm spending in the cloud or whether I'm getting the actual performance that I'm looking for that I need the connectivity so I get the bandwidth and so these are the kinds of conversations that we have with customers is is is going I realize that this is going on now I actually have to now put some you know governance and controls around that is their products is their solutions is their you know they're looking to Cisco to help them through this journey because it is a journey because as much as we talk about cloud and you know companies that were born in the cloud cloud native there is a tremendous number of IT organizations that are just starting that journey that are just entering into this phase where they have to solve these problems yeah I agree and it's just starting the journey with a deliberate strategy as opposed to okay we got this this thing but if you think about the competitive landscape its kind of interesting and I want to try to understand where Cisco fits because again you you initially had companies that didn't know in a public cloud sort of pushing multi cloud and you'd say oh well okay so they have to do that but now you see anthos come out with Google you see Microsoft leaning in we think eventually AWS is going to lean in and then you say I'm kind of interested in working with someone whose cloud agnostic not trying to force now now Cisco a few years ago you didn't really think about Cisco as a player now so this goes right in the middle I have said often that Cisco's in a great position John Fourier as well to connect businesses and from a source of networking strength making a strong argument that we have the most cost-effective most secure highest performance network to connect clouds that seems to be a pretty fundamental strength of yours and does that essentially summarize your strategy and and how does that map into the actions that you're taking in terms of products and services that you're bringing to market I would say that I can I can I can take that ya know it's a chewy question for hours yeah so I I was thinking about a satellite in you mentioned this before and you're like okay that's you know the world is turning around completely because we we seem to talk about satellite e is something bad happening and now suddenly we completely forgot about it like let let free free up the developers gonna let them do whatever they want and basically that is what I think is happening out there in the market so all the solutions you mentioned in the go to market approaches and the architectures that the public cloud providers at least are offering out there certainly the big three have differences have their strengths and I think those strengths are closer to the developer environment basically you know if you're looking into something like a IML there's one provider that you go with if you're looking for a mobile development framework you're gonna go somewhere else if you're looking for a dr you're gonna go somewhere else maybe not a big cloud but your service provider that you've been dealing with all these all these times and you know that they have their accreditation that you're looking for so where does Cisco come in you know we're not a public cloud provider we offer products as a service from our data centers and our partners data centers but at the - at the way that the industry sees a cloud provider a public cloud like AWS a sure Google Oracle IBM etc we're not that we don't do that our mission is to enable organizations with software hardware products SAS products to be able to facilitate their connectivity security visibility observability and in doing business and in leveraging the best benefits from those clouds so we we kind of we kind of moved to a point where we flip around the question and the first question is who is your cloud provider what how many tell us the clouds you work with and we can give you the modular pieces you can put we can put together for you so there's so that you can make the best out of your plan it's been being able to do that across clouds we're in an environment that is consistent with policies that are consistent that represent the edicts of your organization no matter where your data lives that's sort of the the vision in the way this is translated into products into Cisco's product you naturally think about Cisco as the connectivity provider networking that's that's really sort of our you know go to in what we're also when we have a significant computing portfolio as well so connectivity is not only the connectivity of the actual wire between geographies point A to point B in the natural routing and switching world there's connectivity between applications between cute and so this week you know the announcements were significant in that space when you talk about the compute and the cloud coming together on a single platform that gives you not only the ability to look at your applications from a experience journey map so you can actually know where the problems might occur in the application domain you can actually then go that next level down into the infrastructure level and you can say okay maybe I'm running out of some sort of resource whether it's compute resource whether it's memory whether it's on your private cloud that you have enabled on Prem or whether it's in the public cloud that you have that application residing and then why candidly you have the actual hardware itself so inter-site it has an ability to control that entire stack so you can have that visibility all the way down to the hardware layer I'm glad you brought up some of the applications wonderful we can you know stay there for a moment and talk about some of the changing patterns for customers a lot of talk in the industry about cloud native often it gets conflated with you know microservices containerization and lots of the individual pieces there but you know one of our favorite things that been talked about this week is the software that really sits at the application layer and how that connects down through some of the infrastructure pieces so help us understand what you're hearing from customers and and where how you're helping them through this transition to constants as you were saying absolutely there's going to be lots of new applications more applications and they still have the the old stuff that they need to continue to manage because we know an IT nothing ever goes away that's that's definitely true I was I was thinking you know there's there's a vacuum at the moment and and there's things that Cisco is doing from from technology leadership perspective to fill that gap between the application what do you see when it comes to monitoring making sure your services are observable and how does that fit within the infrastructure stack you know everything upwards network the network layer base again that is changing dramatically some of the things that Matt touched upon with regards to you know being able to connect the the networking the security in the infrastructure the computer infrastructure that the developers basically are deploying on top so there's a lot of there's a lot of things on containerization there's a lot of in fact it's you know one part of the of the self-injure side of the stack that you mentioned and one of the big announcements you know that there's a lot of discussion in the industry around ok how does that abstract further the conversation on networking for example because that now what we're seeing is that you have huge monoliths enterprise applications that are being carved down into micro services ok they you know there's a big misunderstanding around what is cloud native is it related to containers different kind of things right but containers are naturally the infrastructure de facto currency for developers to deploy because of many many benefits but then what happens you know between the kubernetes layer which seems to be the standard and the application who's gonna be managing services talking to each other that are multiplying you know things like service mesh network service mess how is the network evolving to be able to create this immutable infrastructure for developers to deploy applications so there's so many things happening at the same time where cisco has actually a lot of taking a lot of the front seat this is where it gets really interesting you know it's sort of hard to squint through because you mentioned kubernetes is the de facto standard but it's a de-facto standard that's open everybody's playing with but historically this industry has been defined by you know a leader who comes out with a de facto standard kubernetes not a company right it's an open standard and so but there's so many other components than containers and so history would suggest that there's going to be another de facto standard or multiple standards that emerge and your point earlier is you you got to have the full stack you can't just do networking you can't just do certain few so you guys are attacking that whole pie so how do you think this thing will evolve I mean you guys are obviously intend to put out as Casta as wide a net as possible capture not only your existing install base but attractive attract others and you're going aggressively at it as are as are others how do you see it shaking out deep do you see you know four or five pockets do you see you know one leader emerging I mean customers would love all you guys to get together come up with standards that's not going to happen so we're it's jump ball right now well yeah and you think about you know to your point regarding kubernetes is not a company right it is it is a community driven I mean it was open source by a large company but it's but it's community driven now and that's the pace at which open source is sort of evolving there is so much coming at IT organizations from a new paradigm a new software something that's you know the new the shiny object that sort of everybody sort of has to jump on to and sort of say that is the way we're going to function so IT organizations have to struggle with this influx of just every coming at them and every angle and I think what's starting to happen is the management and the you know that stack who controls that or who is helping IT organizations to manage it for them so really what we're trying to say is there's elements that you have to put together that have to function and kubernetes is just one example docker the operating system that associated with it that runs all that stuff then you have the application that goes rides IDEs on top of it so now what we have to have is things like what we just announced this week HX ap the application platform for HX so you have the compute cluster but then you have the on top of that that's managed by an organization that's looking at the security that's looking at the the actual making opinions about what should go in the stock and managing that for you so you don't have to deal with that because you can just focus on the application development yeah I mean Cisco's in a strong position to do there's no question about it and to me it comes down to execution if you guys execute and deliver on the the products and services that you say you know your nouns for instance this week and previously and you continue on a roadmap you're gonna get a fair share of this marketplace I think there's no question so last topic before we let you go is love your viewpoint on customers what's separating kind of leaders from you know the followers in this space you know there's so much data out there you know I'm a big fan of the state of DevOps report yeah focus you know separate you know some but not the not here's the technology or the piece but the organizational and you know dynamics that you should do so it sounds like Matt you you like that that report also love them what are you hearing from customers how do you help guide them towards becoming leaders in the cloud space yeah the state of DevOps report was fascinating and I mean they've been doing that for what a number of years yeah exactly and really what it's sort of highlighting is two main factors that I think that are in this revolution or this this this paradigm shift or journey we're going through there's the technology side for sure and so that's getting more complex you have micro services you have application explosion you have a lot of things that are occurring just in technology that you're trying to keep up but then it's really about the human aspect that human elements the people about it and that's really I think what separates you know the the elites that are really sort of you know just charging forward in the head because they've been able to sort of break down the silos because really what you're talking about in cloud native DevOps is how you take the journey of that experience of the service from end to end from the development all the way to production and how do you actually sort of not have organizations that look at their domain their data set their operations and then have to translate that or have to sort of you know have another conversation with another organization that it doesn't look at that that has no experience of that so that is what we're talking about that end-to-end view is that in addition to all the things we've been talking about I think Security's a linchpin here now you guys are executing on security you got a big portfolio and you've seen a lot of M&A and a lot of companies now trying to get in and it's gonna be interesting to see how that plays out but that's going to be a key because organizations are going to start there from a strategy standpoint and then build out yeah absolutely if you follow the DevOps methodology its security gets baked in along the way so that you're not having to sit on after do anything Custis give you the final word I was just as follow-up with regard what what Mark was saying there's so many there's what's happening out there is this just democracy around standards which is driven by communities and we will love that in fact cisco is involved in many open-source community projects but you asked about customers and and just right before you were asking about you know who's gonna be the winner there's so many use cases there's so much depth in terms of you know what customers want to do with on top of kubernetes you know take AI ml for example something that we have we have some some offering the services around there's the customer that wants to do AML there their containers that their infrastructure will be so much different to someone else's doing something just hosting yeah and there's always gonna be a SAS provider that is niche servicing some oil and gas company you know which means that the company of that industry will go and follow that instead of just going to a public law provider that is more organized if there's a does that make sense yeah yeah this there's relationships that exist the archer is gonna get blown away that add value today and they're not gonna just throw them out so exactly right well thank you so much for helping us understand the updates where your customers are driving super exciting space look forward to keeping an eye on it thank you thank you so much all right there's still lots more coming here from Cisco live 20/20 in Barcelona people are standing watching all the developer events lots of going on the floor and we still have more so thank you for watching the cute [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] you [Music] live from Barcelona Spain it's the cube covering Cisco live 2020 rot to you by Cisco and its ecosystem partners welcome back over 17,000 in attendance here for Cisco live 2020 in Barcelona ops to Minh and my co-host is Dave Volante and to help us to dig into of course one of the most important topic of the day of course that security we're thrilled to have back a distinguished engineer Francisco one of our cube alumni TK Kia Nene TK thanks so much for joining us ideal man good good all right so TK it's 2020 it's a new decade we know the bad actors are still out there they're there the the question always is you know it used to be you know how do you keep ahead of them then I've here Dave say many times well you know it's not you know when it's it's not if it's when you know you probably already have been okay you know compromised before so it gives latest so you know what you're seeing out there what you're talking to customers about in this important space yeah it's uh it's kind of an innovation spiral you know we we innovate we make it harder for them and then they innovate they make it harder for us right and round and round we go that's been going on for for many years I think I think the most significant changes that have happened recently have to deal with not essentially their objectives but how they go about their objectives and Defenders topologies have changed greatly instead of just your standard enterprise you now have you know hybrid multi cloud and all these new technologies so while while all that innovation happens you know they get a little clever and they find weaknesses and round and round we go so we talked a lot about the sort of changing profile of the the threat actors going from hacktivists took criminals now is a huge business and nation-states even what's that profile look like today and how has that changed over the last decade or so you know that's pretty much stayed the same bad guys are bad guys at some point in time you know just how how they go about their business their techniques they're having to like I said innovate around you know we make it harder for them they you know on Monday we're safe on Tuesday we're not you know and then on Wednesday it switches again so so it talked about kind of this multi-cloud environment when we talk to customers it's like well I want the developer to be able to build their application and not really have to think too much underneath it that that has to have some unique challenges we know security we knew long ago well I just go to the cloud it doesn't mean they take care of it some things are there some things they're gonna remind you now you need to make sure you set certain things otherwise you could be there but how do we make sure that Security's baked in everywhere and is up as a practice that everybody's doing well I mean again some of the practices hold true no matter what the environment I think the big thing was cognitive is in back in the day when when you looked at an old legacy data center you were part sort of administrator in your part detective and most people don't even know what's running on there that's not true in cloud native environments some some llamó file some some declaration it's it's just exactly what productions should look like right and then the machines instantiate production so you're doing things that machine scale forces the human scale people to be explicit and and for me I mean that's that's a breath of fresh air because once you're explicit then you take the mystery out of what you're protecting how about in terms of how you detect threats right phishing for credentials has become a huge deal but not just you know kicking down the door or smashing a window using your your own credentials to get inside of your network so how is that affected the way in which you detect yeah it's it's a big deal you know a lot of a lot of great technology has a dual use and what I mean by that is network cryptology you know that that whole crypto on the network has made us safer for us to compute over insecure networks and unfortunately it works just as well for the bad guys so you know all of their malicious activity is now private to so it you know for us we just have to invent new ways of detecting direct inspection for instance I think it's a thing of the past I mean we just can't depend on it anymore we have to have tools of inference and not only that but it's it's gave rise in a lot of innovation on behavioral science and as you say you know it's it's not that the attacker is breaking into your network anymore they're logging in ok what do you do then right Alice Alice's account it's not gonna set off the triggers so you have to say you know when did Alice start to behave differently you know she's working in accounting why is she playing around with the source code repository that's that's a different thing right yes automation is such a big trend you know how do we make sure that automation doesn't leave us more vulnerable that's rarity because we need to be able automate we've gone beyond human scale for most of these configurations that's exactly right and and how do how do we I always say just with security automation in particular just because you can automate something doesn't mean you should and you really have to go back and have practices you know you could argue that that this thing is just a you know machine scale automation you could do math on a legal pad or you can use a computer to do it right what so apply that to production if you mechanized something like order entry or whatever you're you're you're automating part of your business use threat modeling you use the standard threaten modeling like you would your code the network is code now right and the storage is code and everything is code so you know just automate your testing do your threat modeling do all that stuff please do not automate for your attacker matrix is here I want to go back to the Alice problem because you're talking about before you have to use inference so Alice's is in the network and you're observing her moves every day and then okay something anomalous occurs maybe she's doing something that normally she wouldn't do so you've got to have her profile in her actions sort of observed documented stored the data has got to be there and at the same time you want to make sure it's always that balance of putting handcuffs on people you know versus allowing them to do their job and be productive at the same time as well you don't want to let the bad guys know that you know that alice is doing something that she didn't be doing is actually not Alice so all that complexity how are you dealing with it and what's the data model look like doing it machines help let's say that machines can help us you know you and I we have only so many sense organs and the cognitive brain can only store so many so much state machines really help us extend that and so you know looking at not three dimensions of change but 7000 dimensions have changed right something in the machine is going to say there's an outlier here that's interesting and you can get another machine to say that's that's interesting maybe I should focus on that and you build these analytical pipelines so that at the end of it you know they may argue with each other all the way to the end but at the end you have a very high fidelity indicator that might be at the protocol level it might be at the behavioral level it might be seven days back or thirty days back all these temporal and spatial dimensions it's really cheap to do it with a machine yeah and if we could stay on that for a second so it try to understand I know that's a high-level example but is it best practice to have the Machine take action or is it is it an augmentation and I know it depends on the use case but but how is that sort of playing out again you have to do all of this safely okay a lot of things that machines do don't return back to human scale stuff that returns back to human scale that humans understand that is as useful so for instance if machines you know find out all these types of in assertions even in medical you know right now if if you've got so much telemetry going into the medical field see the machine tells you you have three weeks to live I mean you better explain what the heck you know how you came about that assertion it's the same with security you know if I'm gonna say look we're gonna quarantine your machine or we're gonna readjust machine it's not I'm not like picking movies for you or the next song you might listen to this is high stakes and so when you do things like that your analytics needs to have what is called entailment you have to explain what it is how you got to that assertion that's become incredibly important in how we measure our effectiveness in in doing analytics that's interesting because because you're using a lot of machine intelligence to do this and in a lot of AI is blackbox you're saying you cannot endure that blackbox problem in security yeah that black boxes is is very dangerous you know I you know personally I feel that you know things that should be open sourced this type of technology it's so advanced that the developer needs to understand that the tester needs to understand that certainly the customer needs to understand it you need to publish papers and be very very transparent with this domain because if it is in fact you know black box and it's given the authority to automate something like you know shut down the power or do things like that that's when things really start to get dangerous so good TK what wondered you know give us the latest on stealthWatch there you know Cisco's positioning when it when it comes to everything we've been talking about here you know stealthWatch again is it's been in market for quite some time it's actually been in market since 2001 and when I when I look back and see how much has changed you know how we've had to keep up with the market and again it's not just the algorithms rewrite for detection it's the environments have changed right but when did when did multi-cloud happen so so operating again cusp it's not that stealthWatch wants to go their customers are going there and they want the stealthWatch function across their digital business and so you know we've had to make advancements on the changing topology we've had to make advancements because of things like dark data you know the the network's opaque now right we have to have a lot of inference so we've just you know kept up and stayed ahead of it you know we've been spending a lot of time talking to developer communities and there's a lot of open-source tooling out there that that's helping enable developers specifically in security space you were talking about open-source earlier how does what you've been doing the self watch intersect with that yeah that's always interesting too because there's been sort of a shift in let's call them the cool kids right the cool kids they want everything is code right so it's not about what's on glass or you know a single pane of glass anymore it's it's what stealth watches code right what's your router as code look at dev net right yeah yeah I mean definite is basically Cisco as code and it's beautiful because that is infrastructure as code I mean that is the future and so all the products not just stealthWatch have beautiful api's and that's that's really exciting I've been saying for a while now it's do you I think you agree is that that is a big differentiator for Cisco I think you you're one of the few if not the only large established player and the enterprise that has figured out that sort of infrastructure is code play others have tried and are sort of getting there but you know start/stop you use a term that really cool is like living off the land you know bear bear grylls like the guy who lives down so bad so and and and threat actors are doing that now they're using your own installed software and tooling to hack you and and steal from you how were you dealing with that problem yeah it's a tough one and like I said you know much respect the the adversary is talented and they're patient they're well funded okay that's that's where it starts and so you know why why bring why bring an interpreter to a host when there's already one there right why right all this complicated software distribution when I can just use yours and so that's that's where the the play the game starts and and the most advanced threats aren't leaving footprints because the footprints are already there you know they'll get on a machine and behaviorally they'll check the cache to see what's hot and what's hot in the cache means that behaviorally it's a path they can go they're not cutting a new trail most of the time right so living off the land is not only the tools that they're using the automation your automation they're using against you but it's also behavioral and so that that makes it you know it makes it harder it's it impossible no can we make it harder for them yes so yeah no I'm having fun and I've been doing this for over twenty five years every week it's something new well it's a hard problem you're attacking and you know Robert Herjavec who came on the cube sort of opened my eyes and you think about what are we securing we're securing everything I mean a critical infrastructure were essentially exerted securing the entire global economy and he said something that really struck me it's an 86 trillion dollar economy we spend point zero one four percent on securing that economy and it's nothing now of course he's an entrepreneur and he's pimping for his is his business but it's true we are barely scratching the surface of this problem yeah I'm and it's changing I mean it's changing it could it be better yes it is changing his board awareness you know twenty years ago then right me to a dinner party they you know what does your husband do I'd say you know cyber security or something they'd roll their eyes and change the subject now they asked me the same question so oh you know my computer's running really slow right these are not this is everyone I'm worried about a life hack yeah how do I protect myself or what about these coming off the bank I mean that's those guys a dinner table cover every party so now now you know I just make something up I don't do cybersecurity I just you know a tort or a jipner's you've been to this business forever I can't remember have I ever asked you the superhero question what is that your favorite superhero that's a tough one there's all the security guys I know they like it's always dreamed about saving the world [Laughter] you're my superhero man I love what you do I think you've a great asset for Cisco and Cisco's customers really thanks TK give us a final word if people want to you know find out more about about what Cisco's doing read more of what you're working on but what's some of the best resource I have to go do you know just drop by the web pages I mean everything's published out that like I said even even for the super nerdy you know we published all our our laurs security analytics papers I think we're over 50 papers published in the last 12 years TK thank you so much always a pleasure to catch alright yeah and a travels thank you so much for de Villante I'm Stu Mittleman John furrier is also in the house we will be back with lots more coverage here from Cisco live 20/20 in Barcelona thanks for watching the keys [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] live from Barcelona Spain it's the cube covering Cisco live 2020s brought to you by Cisco and its ecosystem partners hello and welcome back to the cubes live coverage it's our fourth day of four days of coverage here in Barcelona Spain for Cisco live 2020 I'm John Faria my co-host to many men to great guests here in the dev net studio where the cube is sitting all week long been packed with action mindy Whaley senior director developer experiences but dev net and partner a senior director welcome back to this cube good to see you guys glad to be here so we've had a lot of history with you guys what from day one yes watching def net from an idea of hey we should develop earthing you also have definite create yes separate more developer focused definite is Cisco's developer environment we've been here from the beginning what a progression congratulations on the success thank you thank you so much it's great to be here in Barcelona with everybody here you know learning in the workshops and we just love these times to connect with our community at Cisco live and it definitely ate what you mentioned which is coming up in March so it's right around the corner def net zone which we're in it's been really robust spins it's been the top of the show every year and it gets bigger and the sessions are packed because people are learning developers new developers as well as Cisco engineers who were certified coming in getting new skills as the modern cloud hybrid environments are new skills is a technology shift yeah exactly and what we have in the definite zone are different ways that the engineers and developers can engage with that technology shift so we have demos around IOT and security and showing how you know to prevent threats from attacking the Industrial routers and things like that we have coding workshops from you know beginning intro to Python intro to get all the way up through advanced like kubernetes topics and things like that so people can really dive in with what they're looking for and this year we're really excited because we have the new definite certifications with those exams coming out right around the corner in February so a lot of people are here saying I'm ready to skill up for those exams I'm starting to dive into this topic well Susie we was on she's the chief of deaf net among other things and she said there's gonna be a definite 500 the first 500 certifications of deaf net are gonna be kind of like the Hall of Fame or you know the inaugural or founder certifications so can you explain what this it means it's not a definite certification badge it's a series of write different sir can you deeper in then yeah just like we have our you know existing network certifications which are so respected and loved around the world people get CCIE tattoos and things just like there's an associate and professional and expert level on the networking truck there's now a definite associate a definite professional and coming soon definite expert and then there's also specialist badges which help you add specific skills like data center automation IOT WebEx so it's a whole new set of certifications that are more focused on the software so there are about 80 80 % software skills 20 percent knowledge of networking and then how you really connect up and down the stock so these are new certifications not replacing anything all the same stuff they're new they're part of the same program they have the same rigor the same kind of tests they actually have ways to enter weave with the existing networking certifications because we want people to do both skill paths right to build this new IT team of the future and so it's a completely new set of exams the exams are gonna be available to take February 24th and you can start signing up now so with the definite 500 you know that's gonna be a special recognition for the first 500 people who get dead note certifications it'll be a lifetime achievement they'll always be in the definite 500 right and I've had people coming up and telling me you know I'm signed up for the first day I'm taking my exams on the first day I'm trying to get into them you and I only always want to be on the lift so I think we might be on them and what's really great is with the certifications we've heard from people in the zone that they've been coming and taking classes and learning these skills but they didn't have a specific way to map that to their career path to get rewarded at work you know to have that sort of progression and so with the certifications they really will have that and it's also really important for our partners and par is doing a lot of work with certifications and partners yeah definitely that would love to hear a little bit we've interviewed on the cube over the years some of the definite partners from a technology standpoint of course the the channels ecosystem hugely important to Cisco's business gives the update as to you know definite partnering as well as what will these certifications mean to both the technology and go to market partners yeah the wonderful thing about this is it really demonstrates Cisco's embracement of software and making sure that we're providing that common language for software developers and networkers to bring the two together and what we've found is that our partners are at different levels of maturity along that progression of program ability and this new definite specialization which is anchored in the individuals that are now certified at that partner allow them to demonstrate from a go-to-market standpoint from a recognition standpoint that as a practice they have these skills and look at the end of the day it's all about delivering what our customers need and our customers are asking us for significant help in automation digital transformation they're trying to drive new business outcomes and this this will provide that recognition on on who to partner with in the market it's so important I remember when Cisco helped a lot of the partner ecosystem build data center practices went from the silos and now embracing you've got the hardware the software we're talking multi cloud it's the practice that is needed today going forward to help customers with where they're going it really is and and another benefit that we're finding and talking to our partners is we're packaging this up and rolling it out is not only will it help them from a recognition standpoint from a practice standpoint and from a competitive differentiation standpoint but it'll also help them attract challenge I mean it's no secret there is a talent shortage right now if you talk to any CEO that's top of mind and how these partners are able to attract these new skills and attract smart people smart people like working on smart things right and so this has really been a big traction point for them as well it's also giving ways to really specifically train for new job roles so some of the ways that you can combine the new definite certifications with the network engineering certifications we've looked at it and said you know there's there's a role of Network automation developer that's a new role everyone we ask in one of our sessions who needs that person on their team so many customers partners raise their hands like we want the network Automation developer on our team and you can combine you know your CCNP Enterprise with a definite certification and build up the skills to be that Network automation developer certainly has been great buzz I got to get your guys thoughts because certainly it's for careers and you guys are betting on the the people and the people are betting on Cisco mm-hmm yes this is what's going on submit surety of Devin it almost it's like a pinch me moment for you guys because you continue to grow I got to ask you what are some of the cool things that you're showing here as you mature you still have the start here session which is intro to Python and other things pretty elementary and then there's more advanced things what are some of the new things that's going on yeah that you could share so some of the new things we've got going on and one of my favorites is the IOT insecurity demonstration there's a an industrial robot arm that's picking and placing things and you can see how it's connected to the network and then something goes wrong with that robot alarm and then you can actually show how you can use the software and security tools to see was there code trying to access you know something that that robot was it was using it's getting in the way of it working so you could detect threats and move forward on that we also have a whole automation journey that starts from modeling your network to testing to how you would deploy automation to a deep dive on telemetry and then ends with multi domain automation so really helping engineers like look at that whole progression that's been that's been really popular Park talked about the specialization which ones are more popular or entry-level which ones are people coming into getting certified first network engineering automation first or what's the yeah so we're so the program is going to roll out with three different levels one is a specialized level the second is an advanced level and then we'll look to that third level again they're anchored in the in the individual certs and so as we look for that entry level it's really all about automation right I mean some things you take for granted but you still need these new skills to be able to automate and scale and have repeatable scalable benefits from that this the second tier will be more cross-domain and that's where we're really thinking that an additional skill set is needed to deliver dashboard experience compliance experiences and then that next level again we'll anchor towards the expert level that's coming out but one thing I want to point out is in addition to just having the certified people on staff they also have to demonstrate that they have a practice around it so it's not just enough to say I've passed an exam as we work with them to roll out the practice and they earn the badge they're demonstrating that they have the full methodology in place so that it really there's a lot behind it that means we can't be in the 500 list then even if a 500 list I don't know that the cube would end up being specialized its advertising no seriously all fun it's all fun it's Cisco live in Europe is there a difference between European and USD seeing any differences in geographic talent you know in the first couple years we did it I think there was a bigger difference it felt like there were different topics that were very popular in the US slightly different in Europe last year and this year I feel like they have converged it's it's the same focus on DevOps automation security as a huge focus in both places and it also feels like the the interest and level of the people attending has also converged it's really similar congratulations been fun to watch the rise and success of Devon it continues to be strong how see in the hub here and the definite zone behind us pact sessions yes what's the biggest surprise for you guys in terms of things that you didn't expect or some of the success what's what's jumped out yeah I think you know one of the points that I want to make sure we also cover and it has been an added benefit we're hoping it would happen we just didn't realize it would happen this soon we're attracting new companies new partners so the specialization won't just be available for our traditional bars this is also available for our non resale and we are finding different companies accessing definite resources and learning these skills so that's been a really great benefit of Deb net overall definitely my favorite surprises are when I show up at the community events and I hear from someone I met last year what the what they went back and did and the change that they drove and they come in their company and I think we're seeing those across the board of people who start a grassroots movement take back some new ideas really create change and then they come back and we get to hear about that from them those are my favorite surprises and I tell you we've known for years how important the developer is but I think the timing on this has been perfect because it is no longer just oh the developer has some tools that they like in the corner the developer connected to the business and driving things forward exactly so perfect timing congratulations on this certification their thing that's been great is that our at Cisco itself we now have API is across the whole portfolio and up and down the stock so that's been a wonderful thing to see come together because it opens up possibilities for all these developers so Cisco's API first company we are building it guys everywhere we can and and that the community is is taking them and finding creative things to build it's been fun to watch you guys change Cisco but also impact customers has been great to watch far many thanks for coming up yeah games live coverage here in Barcelona for Cisco live 20/20 I'm John Ford Dave Dave Alon face to many men we right back with more after this short break [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] you live from Barcelona Spain it's the cube covering Cisco live 2020 brought to you by Cisco and its ecosystem partners hello and welcome back to the cubes live coverage here at Cisco live 20/20 and partial into Spain I'm John first evening men cube coverage we've got a lot of stuff going on with Cisco multi-cloud and cloud technologies of clarification of Cisco's happening in real time is happening right now cloud is here here to stay we got two great guests to unpack what's going on in cloud native and networking and applications as the modern infrastructure and software evolves we got eugene kim global product marketing and compute storage at cisco global part of marketing manager and fabio corey senior director cloud solutions marketing guys great comeback great thanks for coming back appreciate it thanks very much great to see a lot of guys so probably we've had multiple conversations and usually even out from the sales force given kind of the that the discussion and the motivation cloud is big it's here it's here to stay it's changing Cisco API first we hear and all the products it's changing everything what's the story now what's going on I would say you know the reason why we're so excited about the launch here in Barcelona it's because this time it's all about the application experience I mean the last two years we've been announcing some really exciting stuff in the cloud space right think about all the announcements with the AWS the Google's the Azure so the world but this time it really boils down to making sure that is incredibly hyper distributed world well there is an application explosion ultimately we will help for the right operations tools and infrastructure management tools to ensure that the right application experience will be guaranteed for the end customer and that's incredibly important because at the end what really really matters is that you will ensure the best possible digital experience to your customer otherwise ultimately nothing is gonna work and of course you're going to lose your brand and your customers one of the main stories that we're covering is the transformation of the industry also Cisco and one of the highlights to me was the opening keynote you had app dynamics first not networking normally it's like what's under the hood the routers and the gear no it was about the applications this is the story we're seeing it's kind of a quiet unveiling it's not yet a launch but it's evolving very quickly can you share what's going on behind this all this absolutely it's exactly along the lines of what I was saying a second ago in the end that the reason why we're driving the announcement if you want from the application experience side of the house is because without dynamics we already have a very very powerful application performance measurement tool which it's evolving extremely rapidly first of all after Amex can correlate not just the application performance to some technology kpi's but to true actual business KPIs so AB dynamics can give you for instance the real-time visibility of say a marketing funnel conversion rates transactions that you're having in your in your business operation now we're introducing an incredibly powerful new capability that takes the bar to a whole new level and that's the dynamics experience journey Maps what are those it's actually the ability of focusing not so much on front-ends and backends and databases performances but really focusing on what the user is seeing in front of his or her screen and so what really matters is capturing the journey that a given user of your application is is being and understanding whether the experience is the one that you want to deliver oh you have like a sudden drop of somewhere and you know why that is important because in the end we've been talking about is it a problem of the application performance user performance well it could be a badly designed page how do you know and so this is a very precious information is that were giving to application developers not just to the IT ops guys that is incredibly precious to get this in so you just brought up that journey so that's part of the news so just break down real quick one minute yeah what the news is yeah so we have three components the first one as you as you correctly pointed out is really introduction the application journey Maps right the experience journey Maps that's very very important the second is we are actually integrating after am it's with the inter-site action inter-site optimization manager the workload team is a workload promisor and so because there is a change of data between the two now you are in a position to immediately understand whether you have an application problem we have a workload problem or infrastructure problem which is ultimate what you really need to do as quickly as you can and thirdly we have introduced a new version of our hyper flex platform which is hyper-converged flat G flat for Cisco with a fully containerized version we tax free if you want as well there is a great platform for containerized application of parameter so you teen when I've been talking to customers last few years when they go through their transformational journey there's the modernization they need to do the patterns I've seen most successful is first you modernize the platform often HCI is you know and often for that it really simplifies the environment you know reduces the silos and has more of that operational model that looks closer to what the cloud experience is and then if I've got a good platform then I can modernize the applications on top of it but often those two have been a little bit disconnected it feels like the announcements now that they are coming together what are you seeing what are you hearing how is your solution set solving this issue yeah exactly I mean as we've been talking to our customers love them are going through different application modernisations and kubernetes and containers is extremely important to them and to build a container cloud on Prem is extremely one of their needs and so there's three distinctive requirements that they've kind of talked to us about a lot of it has to be able to it's got to be very simple very turnkey and a fully integrated ready to turn on the other one is something that's very agile right very DevOps friendly and the third being a very economic container cloud on Prem as far we mentioned high flex application platform takes our hyper-converged system and builds on top of it a integrated kubernetes platform to deliver a container as a service type capability and it provides a full stack fully supported element platform for our customers and the one of the best great aspects of is that's all managed from inside from the physical infrastructure to the hyper-converged layer to all the way to the container management so it's very exciting to have that full stack management and insight as well yeah it's great to you know John and I have been following this kubernetes wave you know since the early early days Fabio mentioned integrations with the Amazons and Google's the world because you know a few years ago you talked to customers and they're like oh well I'm just gonna build my own urbanity right back nobody ever said that is easy now just delivering at his service seems to be the way most people wanted so if I'm doing it on Amazon or Google they've got their manage service that I could do that or that they're through partners they're working with so explain what you're doing to make it simpler in the data center environment because I'm tram absolutely is a piece of that hybrid equation the customers need yes so essentially from the customer experience perspective as I mentioned it's very fairly turnkey right from the hyper flicks application platform we're taking our hyper grew software we're integrating a application virtualization layer on top of it Linux KVM based and then on top of that we're integrating the kubernetes stack on top as well and so in essence right it's a fully curated kubernetes stack right it has all the different elements from the networking from the storage elements and and providing that in a very turnkey way and as I mentioned the inner site management is really providing that simplicity that customers need for that management ok Fabio this the previous announcement you've made with the public clouds yeah this just ties into those hybrid environments that's exactly you know a few years ago people like oh is there gonna be a distribution that wins in kubernetes we don't think that's the answer but still I can't just move between kubernetes you know seamlessly yet but this is moving towards that direction so a lot of customers want to have a very simple implementation at the same time they want of course a multi cloud approach and I really care about you know marking the difference between you know multi-cloud hybrid cloud there's been a lot of confusion but if you think about it multi cloud is really rooted into the business need of harnessing innovation from whatever it comes from you know the different clouds PV different things and you know what they do today tomorrow it could even change so people want option maladie so they want a very simple implementation that's integrated with public cloud providers that simplifies their life in terms of networking security and application of workload management and we've been executing towards that goal to fundamentally simplify the operations of these pretty complex kind of hybrid environments I want you to nail that operations on ibrid that's where multi cloud comes in absolutely just a connection point absolutely you're not a shitty mice no isn't a shit so in order to fulfill your business like your I know business needs you then you have a hybrid problem and you want to really kind of have a consistent production rate environment between fins on Prem that you own and control versus things that you use and you want to control better now of course there are different school of thoughts but most of the customers who are speaking with really want to expand their governance and technology model right to the cloud as opposed to absorb in different ways of doing things from each and every clock I want to unpack a little bit of what you said earlier about the knowing where the problem is because a lot of times it's a point the finger at the other first and where's it's the application problem isn't a problem so I want to get into that but first I want to understand the hyper flex application platform Eugene if you could just share the main problem that you guys saw what did some of the pain points that customers had what problems does the AP solve yeah as I mentioned it's really the platform for our customers to modernize their applications on right and it addresses those things that they're looking for as far as the economics right really the ability to provide a full stack container experience without having to you know but you know bringing any third party hypervisor licenses as well as support cost so that's fully integrated there you have your integrated hyper-converged storage capability you have the cloud-based management and that's really developing you providing that developer DevOps simplicity from the data Julie that they're looking for internally as well as for their product production environments and then the other aspect is its simplicity to be able to manage all this right in the entire lifecycle management as well so it's the operational side of the whole yeah uncovers Papio on the application side where the problem is because this is where I'm a little bit skeptical you know normally rightfully so but I can see in a problem where it's like whose fault is it gasification is problem or the network I mean it runs into more serious workloads the banking app that's having trouble how do you know where it what the problem is and how do you solve that problem what what's going on for that specific issue absolutely and you know the name of the game here is breaking down this operational side right and I love what our app dynamics VP GM Danny winoker said you know it has this terminology beast DevOps which you know may sound like an interesting acrobatics but it's absolutely true the business has to be part of this operational kind of innovation because as you said you know developer edges you know drops their containers and their code to the IET ops team but you don't really know whether the problem a certain point is gonna be in the code or in how the application is actually deployed or maybe a server that doesn't have enough CPU so in the end it boils down to one very important thing you have to have visibility inside and take action and every layer of the stack I mean instrumentation absolutely there are players that only do it in their software overlay domain the problem is very often these kind of players assume that underneath links are fine and very often they're not so in the end this visibility inside inaction is the loop that everybody is going after these days to really get to the next if you want generational operation where you gotta have a constant feedback loop and making it more faster and faster because in the end you can only win in the marketplace right regardless of your IT ops if you're faster than your competitor well still still was questioning the GM of AppDynamics running observability and he's like no it's not to feature it's everywhere so he his comment was yeah but serve abilities don't really talk about it because it's big din do you agree with that absolutely it has to be at every layer of the stack and only if you have visibility inside an action through the entire stack from the software all the way to the infrastructure level that you can solve the problem otherwise the finger-pointing quote-unquote will continue and you will not be able to gain the speed that you need okay so the question on my mind I want to get both of you guys can weigh in on this is that you look at Cisco as a company you got a lot going on I mean a guy's huge customer base core routers - no applications there's a lot going on a lot of a lot of complexity you got IOT security Ramirez talked about that you got the WebEx rooms got totally popular it's kind of got a lot of glam to it having the WebEx kind of you know I guess what virtual presence was yeah telepresence kind of model and then you get cloud is there a mind share within the company around how cloud is baked into everything because you can't do IOT edge without having some sort of cloud operational things so there's stuff you're talking about is not just a division it's kind of gonna it's kind of threads everywhere across Cisco what's the what's the mind share right now within the Cisco teams and also customers around clarification well I would say it's it's a couple of dimension the first one is the cloud is one of the critical domains of this multi domain architecture that of course is the cornerstone of Cisco's technology strategy right if you think about it it's all about connecting users to applications wherever they are and not just the user the applications themselves like if you look at the latest stats from IDC 58% of workloads is heading to the public cloud and to the edge it's like the data center is literally exploding in many different directions so you have this highly distributed kind of fabric guess what sits in between all these applications and microservices is a secure network and that's exactly what we're executing upon now that's the first kind of consideration the second is if you look at the other silver line most of the Cisco technology innovation is also going a direction of absorbing cloud as a simplified way of managing all the components or the infrastructure you look at the IP flex ap is actually managed by inter site which is a SAS kind of component this journey started a long time ago with Cisco Meraki and then of course we have SAS properties like WebEx everything else is kind of absolutely migrants reporter we've been reporting eugen that from years ago we saw the movement where api's are starting to come in when you go back five years ago not a lot of the gear and stuff at Cisco had api's now you got api's building into all the new products that's right you see the software shift with you know you know intent-based networking to AppDynamics it's interesting it's you're seeing kind of this agile mindset this is some of you and I talk about all the time but agile now is the new model is it ready for customers I mean the normal Enterprise is still got the infrastructure and application it's separated okay how do I bring it together what are you guys seeing the customer base what's going on with with not that not the early adopters heavy-duty hardcore pioneers out there but you know the the general mainstream enterprise are they there yet have they had that moment of awakening yeah I mean I think they they are there because fundamentally it's all about that ensuring that application experience and you can only ensure that application experience right by having your application teams and your structure teams work together and that's what's exciting you mentioned the API is and what we've done there with AppDynamics integrating with inter-site workload optimizer as Fabio mentioned it's all about visibility inside action and what app dynamics is provides providing that business and end-user application performance experience visibility inner sites giving you know visibility on the underlining workload and the resources whether it's on Prem in your you know drive data center environment or in different type of cloud providers so you get that full stack visibility right from the application all the way down to the bottom and then inner side local optimizer is then also optimizing the resources to proactively ensure that application experience so before you know if we talk about someone at a checkout and they're about to have abandonment because the functions not working we're able to proactively prevent that and take a look at all that so you know in the end I think it's all about ensuring that application experience and what we're providing with app dynamics is for the application team is kind of that horizontal visibility of how that application is performing and at the same time if there's an issue the infrastructure team could see exactly within the workload topology where the issue is and insert' aeneas lee whether it be manual intervention or even automatically there's or a ops capability go ahead and provide that action so the action could be you know scaling out the VMS it's on-prem or looking at a new different type of ec2 template in the cloud that's what's very exciting about this it's really the application experience is now driving and optimizing infrastructure in real time and let me flip your question like do you even have a choice John when you think about in the next two years 50% more applications if you're a large enterprise you have 5 to 7,000 apps you have another to 3,000 applications just coming into into the the frame and then 50% of the existing ones that are gonna be refactor lifted and shifted or replace or retired by SAS application it's just like it's tsunami that's that's coming on you and oh by the way because of again the micro service is kind of affect the number of dependencies between all these applications is growing incredibly rapidly like last year we were eight average interdependencies for applications now we are 20 so imaging imaging what happens as as you are literally flooded with the way the scanner really you have to ensure that your application infrastructure fundamentally will get tied up as quickly as you can still and I have been toilet for at least five years now if not longer the networking has been the key kind of last changeover - clarification and I would agree with you guys I think I've asked the question because I wanted to get your perspective but think about it it's 13 years since the iPhone so mobile has shown people that a mobile app can change business but now if you look at the pressure the network's bringing the pressure on the network or the pressure for the network to be better than programmable is the rise of video and data I mean so you got mobile check now you've got video I mean more people doing video now than ever before videos of consumer oil as streaming you got data these two things absolutely forced yeah the customers to deal with it but what really tipped the the balance John is is actually the SAS effect is the cloud effect because as you know it's in IT sort of inflection points nothing is linear right so once you reach a certain critical mass of cloud apps and we're absolutely there already all of a sudden you're traffic pattern on your network changes dramatically so why in the world are you continuing kind of you know concentrating all of your traffic in your data center and then going to the internet you have to absolutely open the floodgates at the branch level as close to the users as possible and that implies a radical change I would even add to that and I think you guys are right on where you guys are going it may be hard to kind of tease out with all the complexity with Cisco but in the keynote the business model shifts come from SAS so you got all this technical stuff going on now you have this Asif ocation or cloud that's changes the business models so new entrants can come in and existing players can get better so I think that whole business model conversation yeah never was discussed at Cisco live before yeah in depth as well hey run your business connect your hubs campus move packets around that was applications in business model yeah but also the fact that there is increasing number of software capabilities and so fundamental you want to simplify the life of your customers through subscription models that help the customer by now using what they really need right at any given point in time all the way to having enterprise agreements I also think that's about delivering these application experiences for your business small different type experience that's really what's differentiating you from your different competitors right and so I think that's a different type of shift as well well you guys are good got some good angle on this cloud I love it I got to ask you the question what can we expect next from Cisco more progression along clarification what's next well I would say we've been incredibly consistent I believe in the last few years in executing on our cloud strategy which again is centered around helping customers really gluon this mix set of data centers and clouds to make it work as one write as much as possible and so what we really deliver is networking security and application of performance management and we're integrating there's more and more on the two sides of the equation right the the designer side and the powerful outside and more more integrating in between all of these layers again to fundamentally give you this operational capability to get faster and faster we'll continue doing so and you set up before we came on camera that you were talking to the sales teams what are they what's their vibe with the sales team they get excited by this what's that oh yeah feedback oh yeah absolutely from the inner side were claw optimizer and they have dynamics that's very exciting for them especially the conversations they're having with their customers really from that application experience and proactively insuring it and on the hyper flex application platform side this is extremely exciting with providing a container cloud to our customers and you know what's coming down is more and more capabilities for our customers to modernize their applications on hyper flex you guys are riding some pretty big waves here at Cisco I get a cloud way to get the IOT Security wave it's pretty exciting pretty big stuff thanks for coming in thanks for sharing the insights Fabio I appreciate it thank you for having us your coverage here in Barcelona I'm John Force dude Minutemen be back with more coverage fourth day of four days of cube coverage we right back after this short break [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] why Trump Barcelona Spain it's the cube covering Cisco live 2020 rot to you by Cisco and its ecosystem partners welcome back to Barcelona everybody we're here at Cisco live and you're watching the cube the leader in live tech coverage we got to the events and extract the signal from the noise this is day one really we started a zero yesterday Eric Hertzog is here he's the CMO and vice president of storage channels probably been on the cube more than [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] live from Barcelona Spain it's the cube covering Cisco live 2020 rot to you by Cisco and its ecosystem partners welcome back everyone's two cubes live coverage day four of four days of wall-to-wall action here in Barcelona Spain Francisco live 2020 I'm John Ferrier with mykos Dave Volante with a very special guest here to wrap up Cisco live the president of Europe Middle East Africa and Russia Francisco Wendy Mars cube alumni great to see you thanks for coming on to kind of put a bookend to the show here thanks for joining us right there it's absolutely great to be here thank you so what a transformation as Cisco's business model of continues to evolve we've been saying brick by brick we still think is a big move coming I think there's more action I can sense the walls talking to us like let's just go live in the US and more technical announcements in the next 24 months you can see you can see where it's going it's cloud its apps yeah its policy based program ability it's really a whole nother business model shift for you and your customers the technology shift and the business model shift so I want to get your perspective of this year opening key no you let it off talking about the philosophy of the business model but also the first presenter was not a networking guy it was an application person yeah app dynamics yep this is a shift what's going on with Cisco what's happening what's the story well you know if you look for all of the work that we're doing is but is really driven by what we see from requirements from our customers the change that's happening in the market and it is all around you know if you think digital transformation is the driver organizations now are incredibly interested in how do they capture that opportunity how do they use technology to help them but you know if you look at it really there's the three items that are so important it's the business model evolution it's actually the business operations for for organisations plus their people there are people in the communities within that those three things working together and if you look at it with you know it's so exciting with application dynamics there because if you look for us within Cisco that linkage of the application layer through into the infrastructure into the network and bringing that linkage together is the most powerful thing because that's the insight and the value our customers are looking for you know we've been talking about the in the innovation sandwich you know you got you know date in the middle and you got technology and applications underneath that's kind of what's going on here but you I'm glad you brought up the year the part about business model business operations and people in communities because during your keno you had a slide that laid out three kind of pillars yes people in communities business model and business operations there was no 800 series in there there was no product discussions this is fundamentally the big shift that business models are changing I tweeted provocatively the killer app and digital the business model because you think about it the applications are the business and what's running under the covers is the technology but it's all shifting and changing so every single vertical every single business is impacted by this it's not like a certain secular thing in the industry this is a real change can you describe how those three things are operating with that constitute think if you look from you know so thinking through those three areas if you look at the actual business model itself our business models as organizations are fundamentally changing and they're changing towards as consumers we are all much more specific about what we want we have incredible choice in the market we are more informed than ever before but also we are interested in the values of the organizations that were getting the capability from as well as the products and the services that naturally we're looking to gain so if you look in that business model itself this is about you know organizations making sure they stay ahead from a competitive standpoint about the innovation of portfolio that they're able to bring but also that they have a strong strong focus around the experience that their customer gains from an application a touch standpoint that all comes through those different channels which is at the end of the day the application then if you look as to how do you deliver that capability through the systems the tools and the processes as we all evolve our businesses you have to change the dynamic within your organization to cope with that and then of course in driving any transformation the critical success factor is your people and your culture you need your teams with you the way teams operate now is incredibly different it's no longer command and control its agile capability coming together you need that to deliver on any transformation never never mind let it be smooth you know in the execution there so it's all three together what I like about that model and I have to say we this is you know ten years to do in the cube you you see that marketing in the vendor community often leads what actually happens not surprising as we entered the last decade it was a lot of talk about cloud well it kind of was a good predictor we heard a lot about digital transformations a lot of people roll their eyes and think it's a buzzword but we really are I feel like an exiting this cloud era into the digital era it feels real and there are companies that you know get it and are leaning in there are others that maybe you're complacent I'm wondering what you're seeing in in Europe just in terms of everybody talks digital yeah be CEO wants to get it right but there is complacency there when it's a services say well I'm doing pretty well not on my watch others say hey we want to be the disruptors and not get disrupted what are you seeing in the region in terms of that sentiment I would say across the region you know there will always be verticals and industries that are slightly more advanced than others but I would say that then the bulk of conversations that I'm engaged in independence of the industry or the country in which we're having that conversation in there is a acceptance of transfer digital transformation is here it is affecting my business i if I don't disrupt I myself will be disrupted and be challenged help me so I you know I'm not disputing the end state I need guidance and support to drive the transition and a risk mythic mitigated manner and they're looking for help in that and there's actually pressure in the boardroom now around a what are we doing within within organizations within that enterprise the service right of the public said to any type of style of company there's that pressure point in the boardroom of come on we need to move it speed now the other thing about your model is technology plays a role in contribute it's not the be-all end-all but plays a role in each of those the business model of business operations and developing and nurturing communities can you add more specifics what role do you see technology in terms of advancing those three spheres so I think you know if you look at it technology is fundamental to all of those spheres in regard to the innovation the differentiation technology can bring then the key challenges one of being able to reply us in a manner where you can really see differentiation of value within the business so in then the customers organization otherwise it's just technology for the sake of technology so we see very much a movement now to this conversation of talk about the use case the use cases the way by which that innovation can be used to deliver the value to the organization and also different ways by which a company will work look at the collaboration capability that we announced earlier this week of helping to bring to life that agility look at the app D discussion of helping to link the layer of the application into the infrastructure the network's to get to root cause identification quickly and to understand where you may have a problem before you thought it actually arises and causes downtime many many ways I think the agility message has always been a technical conversation a gel methodology technology software development no problem check that's ten years ago but business agility mmm it's moving from a buzzword to reality exactly that's what you're kind of getting in here and teams how teams operate how they work you know and being able to be quick efficient stand up stand down and operate in that way you know we were kind of thinking out loud on the cube and just riffing with Fabio gory on your team on Cisco's team about clarification with Eugene Kim around just just kind of real-time what was interesting is we're like okay it's been 13 years since the iPhone and so 13 years of mobile in your territory in Europe Middle East Africa mobilities been around before the iPhone so with in more advanced data privacy much more advanced in your region so you got you out you have a region that's pretty much I think the tell signs for what's going on in North America and around the world and so you think about that you say okay how is value created how the economics changing this is really the conversation about the business model is okay if the value activities are shifting and be more agile and the economics are changing with sass if someone's not on this bandwagon it's not an in-state discussion where it's done deal yeah it's but I think also there were some other conversation which which are very prevalent here is in in the region so around trust around privacy law understanding compliance you look at data where data resides portability of that data GDP are came from Europe you know and as ban is pushed out and those conversations will continue as we go over time and if I also look at you know the dialogue that you saw so you know within World Economic Forum around sustainability that is becoming a key discussion now within government here in Spain you know from a climate standpoint and many other areas as well Dave and I've been riffing around this whole where the innovation is coming from it's coming from Europe region not so much the u.s. I mean us discuss some crazy innovations but look at blockchain us is like don't touch it pretty progressive outside United States little bit dangerous to but that's where innovation is coming from and this is really the key that we're focused on I want to get your thoughts on how do you see it going next level the next level next-gen business model what's your what's your vision so I think there'll be lots of things if we look at things like with the introduction of artificial intelligence robotics capability 5g of course you know on the horizon we have Mobile World Congress here in Barcelona in a few weeks time and if you talked about with the iPhone the smartphone of course when 4G was introduced no one knew what the use case would that would be it was the smartphone which wasn't around at that time so with 5g in the capability there that will bring again yet more change to the business model for different organizations and the capability and what we can bring to market when we think about AI privacy data ownership becomes more important some of the things you were talking about before it's interesting what you're saying John and when the the GDP are set the standard and and you see in the u.s. there are stovepipes for that standard California is going to do one every state is going to have a different center that's going to slow things down that's going to slow down progress do you see sort of an extension of a GDP are like framework of being adopted across the region and that potentially you know accelerating some of these you know sticky issues and public policy issues that can actually move the market forward I think I think the will because I think there'll be more and more you know if you look at there's this terminology of data is the new oil what do you do with data how do you actually get value from that data and make intelligent business decisions around that so you know that's critical but yet if you look for all of ours we are extremely passionate about you know where is our data used again back to trust and privacy you need compliance you need regulation you know I think this is just the beginning of how we will see that evolve you know when do I get your thoughts does Dave and I have been riffing for 10 years around the death of storage long live storage and but data needs to be stored somewhere networking is the same kind of conversation just doesn't go away in fact there's more pressure now forget the smartphone that was 13 years ago before that mobility data and video now super important driver that's putting more pressure on you guys and so hey we're networking so it's kind of like Moore's law it's like more networking more networking so video and data are now big your thoughts on video and data video but if you look at the Internet of the future you know what so if you look for all of us now we are also demanding as individuals around capability and access to that and inter vetted the future the next phase we want even more so there'll be more and more - you know requirement for speed availability that reliability of service the way by which we engage and we communicate there's some fundamentals there so continuing to to grow which is which is so so exciting for us so you talk about digital transformation that's obviously in the mind of c-level executives I got to believe security is up there as a topic what other what's the conversation like in the corner office when you go visit your customers so I think that there's a huge excitement around the opportunity realizing the value of the of the opportunity you know if you look at top of mind conversations are around security around making sure that you can make tank maintain that fantastic customer experience because if you don't the custom will go elsewhere how do you do that how do you enrich at all times and also looking at markets adjacencies you know as you go in and you talk at senior levels within within organizations independent of the industry in which they're in there are a huge amount of commonalities that we see across those of consistent problems by which organizations are trying to solve and actually one of the big questions is what's the pace of change that I should operate at and when is it too fast and when is what am I too slow and trying to balance that is exciting but also a challenge for companies so you feel like sentiment is still strong even though we're 10 years into this this bull market you know you got Briggs it you get you know China tensions with the US u.s. elections but but generally you see Tennessee sentiment still pretty strong and demand so I would say that the the excitement around technology the opportunity that is there around technology in its broadest sense is greater than ever before and I think it's on all of us to be able to help organizations to understand how they can consume I see value from us but it's you know it's fantastic science it tastes trying to get some economic indicators but really the real thing I'm trying to get you is Minh set of the CEO the corner office right now is it is it we're gonna we're gonna grow short-term by cutting or do we do are we gonna be aggressive and go after this incremental opportunity and it's probably both you're seeing a lot of automation yeah and I think if you look fundamentally for organizations it's it's that the three things helped me to make money how me to save money keep me out of trouble you know so those are the pivots they all operate with and you know depending on where an organization is in its journey whether a start-up there you know in in the in the mid or the more mature and some of the different dynamics and the markets in which they operate in as well there's all different variables you know so it's it's it's mix Wendy thanks so much for spending the time to come on the cube really appreciate great keynote folks watching if you haven't seen the keynote opening sections that's a good section the business model I think it's really right on I think that's going to be a conversation it's going to continue thanks for sharing that before we look before we leave I want to just ask you a question around what you what's going on for you here at Barcelona as the show winds down you had all your activities take us in the day of the life of what you do customer meetings what were some of those conversations take us inside inside what what goes on for you here well I'd say it's been an amazing it's been an amazing few days so it's a combination of customer conversations around some of the themes we just talked about conversations with partners and there's investor companies that we invest in a Cisco that I've been spending some time with and also you know spending time with the teams as well the DEF net zone you know is amazing we have this afternoon the closing session where we've got a fantastic external guest who's coming in it's going to be really exciting as well and then of course the party tonight and we'll be announcing the next location which I'm not gonna reveal now later on today we kind of figured it out already because that's our job and there's the break news but we're not gonna break it for you you can have that hey thank you so much for coming on really appreciate Wendy Martin expecting the Europe Middle East Africa and Russia for Cisco she's got our hand on the pulse and the future is the business model that's what's going on fundamental radical change across the board in all areas this the cue bringing you all the action here in Barcelona thanks for watching [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music]

>> From the SiliconANGLE Media office in Boston, Massachusetts, it's theCUBE. Now, here's your host, Dave Vellante. >> Hello, everyone, and welcome to this week's Cube Insights, powered by ETR. Today is November 8, 2019 and I'd like to address one of the most important topics in the minds of a lot of executives. I'm talking about CEOs, CIOs, Chief Information Security Officers, Boards of Directors, governments and virtually every business around the world. And that's the topic of cyber security. The state of cyber security has changed really dramatically over the last 10 years. I mean, as a cyber security observer I've always been obsessed with Stuxnet, which the broader community discovered the same year that theCUBE started in 2010. It was that milestone that opened my eyes. Think about this. It's estimated that Stuxnet cost a million dollars to create. That's it. Compare that to an F-35 fighter jet. It costs about $85-$100 million to build one. And that's on top of many billions of dollars in R&D. So Stuxnet, I mean, it hit me like a ton of bricks. That the future of war was all about cyber, not about tanks. And the barriers to entry were very, very low. Here's my point. We've gone from an era where thwarting hacktivists was our biggest cyber challenge to one where we're now fighting nation states and highly skilled organized criminals. And of course, cyber crime and monetary theft is the number one objective behind most of these security breaches that we see in the press everyday. It's estimated that by 2021 cyber crime is going to cost society $6 trillion in theft, lost productivity, recovery costs. I mean, that's just a staggeringly large number. It's even hard to fathom. Now, the other C-change is how organizations have had to respond to the bad guys. It used to be pretty simple. I got a castle and the queen is inside. We need to protect her, so what do we do? We built a mote, put it around the perimeter. Now, think of the queen as data. Well, what's happened? The queen has cloned herself a zillion times. She's left the castle. She's gone up to the sky with the clouds. She's gone to the edge of the kingdom and beyond. She's also making visits to machines and the factories and hanging out with the commoners. She's totally exposed. Listen, by 2020, there's going to be hundreds of billions of IP addresses. These are going to be endpoints and phones, TVs, cameras, tablets, automobiles, factory machines, and all these represent opportunities for the bad guys to infiltrate. This explosion of endpoints that I'm talking about is created massive exposures, and we're seeing it manifest itself in the form of phishing, malware, and of course the weaponization of social media. You know, if you think that 2016 was nuts, wait 'til you see how the 2020 presidential election plays out. And of course, there's always the threat of ransomware. It's on everybody's minds these days. So I want to try to put some of this in context and share with you some insights that we've learned from the experts on theCUBE. And then let's drill into some of the ETR data and assess the state of security, the spending patterns. We're going to try to identify some of those companies with momentum and maybe some of those that are a little bit exposed. Let me start with the macro and the challenged faced by organization and that's complexity. Here's Robert Herjavec on theCUBE. Now, you know him from the Shark Tank, but he's also a security industry executive. Herjavec told me in 2017 at the Splunk.com Conference that he thought the industry was overly complex. Let's take a look and listen. >> I think that the industry continues to be extremely complicated. There's a lot of vendors. There's a lot of products. The average Fortune 500 company has 72 security products. There's a stat that RSA this year, that there's 1500 new security start-ups every year. Every single year. How are they going to survive? And which ones do you have to buy because they're critical and provide valuable insights? And which ones are going to be around for a year or two and you're never going to hear about again? So it's a extremely challenging complex environment. >> So it's that complexity that had led people like Pat Gelsinger to say security is a do-over, and that cyber security is broken. He told me this years ago on theCUBE. And this past VM World we talked to Pat Gelsinger and remember, VMware bought Carbon Black, which is an endpoint security specialist, for $2.1 billion. And he said that he's basically creating a cloud security division to be run by Patrick Morley, who is the Carbon Black CEO. Now, many have sort of questioned and been skeptical about VMware's entrance into the space. But here's a clip that Pat Gelsinger shared with us on theCUBE this past VM World. Let's listen and we'll come back and talk about it. >> And this move in security, I am just passionate about this, and as I've said to my team, if this is the last I do in my career is I want to change security. We just not are satisfying our customers. They shouldn't put more stuff on our platforms. >> National defense issues, huge problems. >> It's just terrible. And I said, if it kills me, right, I'm going to get this done. And they says, "It might kill you, Pat." >> So this brings forth an interesting dynamic in the industry today. Specifically, Steven Smith, the CISO of AWS, at this year's Reinforce, which is their security conference, Amazon's big cloud security conference, said that this narrative that security is broken, it's just not true, he said. It's destructive and it's counterproductive. His and AWS's perspective is that the state of cloud security is actually strong. Kind of reminded me of a heavily messaged State of the Union address by the President of the United States. At the same time, in many ways, AWS is doing security over. It's coming at it from the standpoint of a clean slate called cloud and infrastructure as a surface. Here's my take. The state of security in this union is not good. Every year we spend more, we lose more, and we feel less safe. So why does AWS, the security czar, see if differently? Well, Amazon uses this notion of a shared responsibility security model. In other words, they secure the S3 buckets, maybe the EC2 infrastructure, not maybe, the EC2 infrastructure. But it's up to the customer to make sure that she is enforcing the policies and configuring systems that adhere to the EDIX of the corporation. So I think the shared security model is a bit misunderstood by a lot of people. What do I mean by that? I think sometimes people feel like well, my data's in the cloud, and AWS has better security than I do. Here I go, I'm good. Well, AWS probably does have better security than you do. Here's the problem with that. You still have all these endpoints and databases and file servers that you're managing, and that you have to make sure comply with your security policies. Even if you're all on the cloud, ultimately, you are responsible for securing your data. Let's take a listen to Katie Jenkins, the CISO of Liberty Mutual, on this topic and we'll come back. >> Yeah, so the shared responsibility model is, I think that's an important speaking point to this whole ecosystem. At the end of the day, Liberty Mutual, our duty is to protect policyholder data. It doesn't matter if it's in the cloud, if it's in our data centers, we have that duty to protect. >> It's on you. >> All right, so there you have it from a leading security practitioner. The cloud is not a silver bullet. Bad user behavior is going to trump good security every time. So unfortunately the battle goes on. And here's where it gets tricky. Security practitioners are drowning in a sea of incidents. They have to prioritize and respond to, and as you heard Robert Herjavec say, the average large company has 75 security products installed. Now, we recently talked to another CISO, Brian Lozada, and asked him what's the number one challenge for security pros. Here's what he said. >> Lack of talent. I mean, we're starving for talent. Cyber security's the only field in the world with negative unemployment. We just don't have the actual bodies to actually fill the gaps that we have. And in that lack of talent CISOs are starving. We're looking for the right things or tools to actually patch these holes and we just don't have it. Again, we have to force the industry to patch all of those resource gaps with innovation and automation. I think CISOs really need to start asking for more automation and innovation within their programs. >> So bottom line is we can't keep throwing humans at the problem. Can't keep throwing tools at the problem. Automation is the only way in which we're going to be able to keep up. All right, so let's pivot and dig in to some of the ETR data. First, I want to share with you what ETR is saying overall, what their narrative looks like around spending. So in the overall security space, it's pretty interesting what ETR says, and it dovetails into some of the macro trends that I've just shared with you. Let's talk about CIOs and CISOs. ETR is right on when they tell me that these executives no longer have a blank check to spend on security. They realize they can't keep throwing tools and people at the problem. They don't have the bodies, and as we heard from Brian Lozada. And so what you're seeing is a slowdown in the growth, somewhat of a slowdown, in security spending. It's still a priority. But there's less redundancy. In other words, less experimentation with new vendors and less running systems in parallel with legacy products. So there's a slowdown adoption of new tools and more replacement of legacy stuff is what we're seeing. As a result, ETR has identified this bifurcation between those vendors that are very well positioned and those that are losing wallet share. Let me just mention a few that have the momentum, and we're going to dig into this data in more detail. Palo Alto Networks, CrowdStrike, Okta, which does identity management, Cisco, who's coming at the problem from its networking strength. Microsoft, which recently announced Sentinel for Azure. These are the players, and some of them that are best positioned, I'll mention some others, from the standpoint spending momentum in the ETR dataset. Now, here's a few of those that are losing momentum. Checkpoint, SonicWall, ArcSight, Dell EMC, which is RSA, is kind of mixed. We'll talk about that a little bit. IBM, Symantec, even FireEye is seeing somewhat higher citations of decreased spending in the ETR surveys and dataset. So there's a little bit of a cause for concern. Now, let's remember the methodology here. Every quarter ETR asks are you green, meaning adopting this vendor as new or spending more? Are you neutral, which is gray, are you spending the same? Or are you red, meaning that you're spending less or retiring? You subtract the red from the green and you get what's called a net score. The higher the net score, the better. So here's a chart that shows a ranking of security players and their net scores. The bars show survey data from October '18, July '19, and October '19. In here, you see strength from CrowdStrike, Okta, Twistlock, which was acquired by Palo Alto Networks. You see Elastic, Microsoft, Illumio, the core, Palo Alto Classic, Splunk looking strong, Cisco, Fortinet, Zscaler is starting to show somewhat slowing net score momentum. Look at Carbon Black. Carbon Black is showing a meaningful drop in net score. So VMware has some work to do. But generally, the companies to the left are showing spending momentum in the ETR dataset. And I'll show another view on net score in a moment. But I want to show a chart here that shows replacement spending and decreased spending citations. Notice the yellow. That's the ETR October '19 survey of spending intentions. And the bigger the yellow bar, the more negative. So Sagar, the director of research at ETR, pointed this out to me, that, look at this. There are about a dozen companies where 20%, a fifth of the customer base is decreasing spend or ripping them out heading into the year end. So you can see SonicWall, CA, ArcSight, Symantec, Carbon Black, again, a big negative jump. IBM, same thing. Dell EMC, which is RSA, slight uptick. That's a bit of a concern. So you can see this bifurcation that ETR has been talking about for awhile. Now, here's a really interesting kind of net score. What I'm showing here is the ETR data sorted by net score, again, higher is better, and shared N, which is the number of shared accounts in the survey, essentially the number of mentions in that October survey with 1,336 IT buyers responded. So how many of that 1,300 identified these companies? So essentially it's a proxy for the size of the install base. So showing up on both charts is really good. So look, CrowdStrike has a 62% net score with a 133 shared account. So a fairly sizable install base and a very high net score. Okta, similar. Palo Alto Networks and Splunk, both large, continue to show strength. They got net scores of 44% and 313 shared N. Fortinet shows up in both. Proofpoint. Look at Microsoft and Cisco. With 521 and 385 respectively on the right hand side. So big install bases with very solid net scores. Now look at the flip side. Go down to the bottom right to IBM. 132 shared accounts with a 14.4% net score. That's very low. Check Point similarly. Same with Symantec. Again, bifurcation that ETR has been citing. Really stark in this chart. All right, so I want to wrap. In some respects from a practitioner perspective, the sky erectus is falling. You got increased attack surface. You've got exploding number of IP addresses. You got data distributed all over the place, tool creep. You got sloppy user behavior, overwork security op staff, and a scarcity of skills. And oh, by the way, we're all turning into a digital business, which is all about data. So it's a very, very dangerous time for companies. And it's somewhat chaotic. Now, chaos, of course, can mean cash for cyber security companies and investors. This is still a very vibrant space. So just by the way of comparison and looking at some of the ETR data, check this out. What I'm showing is companies in two sectors, security and storage, which I've said in previous episodes of breaking analysis, storage, and especially traditional storage disk arrays are on the back burner spending wise for many, many shops. This chart shows the number of companies in the ETR dataset with a net score greater than a specific target. So look, security has seven companies with a 49% net score or higher. Storage has one. Security has 18 above 39%. Storage has five. Security has 31 companies in the ETR dataset with a net score higher than 30%. Storage only has nine. And I like to think of 30% as kind of that the point at which you want to be above that 30%. So as you can see, relatively speaking, security is an extremely vibrant space. But in many ways it is broken. Pat Gelsinger called it a do-over and is affecting a strategy to fix it. Personally, I don't think one company can solve this problem. Certainly not VMware, or even AWS, or even Microsoft. It's too complicated, it's moving too fast. It's so lucrative for the bad guys with very low barriers to entry, as I mentioned, and as the saying goes, the good guys have to win every single day. The bad guys, they only have to win once. And those are just impossible odds. So in my view, Brian Lozada, the CISO that we interviewed, nailed it. The focus really has to be on automation. You know, we can't just keep using brute force and throwing tools at the problem. Machine intelligence and analytics are definitely going to be part of the answer. But the reality is AI is still really complicated too. How do you operationalize AI? Talk to companies trying to do that. It's very, very tricky. Talk about lack of skills, that's one area that is a real challenge. So I predict the more things change the more you're going to see this industry remain a game of perpetual whack a mole. There's certainly going to be continued consolidation, and unquestionably M&A is going to be robust in this space. So I would expect to see continued storage in the trade press of breaches. And you're going to hear scare tactics by the vendor community that want to take advantage of the train wrecks. Now, I wish I had better news for practitioners. But frankly, this is great news for investors if they can follow the trends and find the right opportunities. This is Dave Vellante for Cube Insights powered by ETR. Connect with me at David.Vellante@siliconangle.com, or @dvellante on Twitter, or please comment on what you're seeing in the marketplace in my LinkedIn post. Thanks for watching. Thank you for watching this breaking analysis. We'll see you next time. (energetic music)

>> It's been great. >> Robert Herjavec. >> I mean, you guys are excited where you are, no? >> Dancing with the Stars, of course. >> His CUBE alumni. (techno music) Live from Seattle, Washington, it's theCUBE covering KubeCon and CloudNativeCon North America 2018 brought to you by Red Hat, the Cloud Native Computing Foundation, and its ecosystem partners. (crowd talking) >> And welcome back to our live coverage here in Seattle for KubeCon and CloudNativeCon 2018. I'm John Furrier, Stu Miniman, here for three days of wall to wall coverage, 8,000 people up from 4,000 last year. Growing Kubernetes and the Cloud Native ecosystem around KubeCon. Next two guests, John Morello, CTO of Twistlock, hot start-up to the news. And Nanda Kumar, who's a Fellow Systems engineer at Verizon's Global Technology Service. Guys, welcome to theCUBE. >> Thank you. Thanks for having us. >> Congratulations on your news and Kelsey wearing your shirt on theCUBE earlier. (they laugh) >> Thanks for having us. >> So take a minute to explain what you guys do, your story, you guys got to lot of hot things happening. Take a minute to talk about the company's value-- >> Yeah, sure, so we've been around for about four years now or going on four years. We're kind of the first company in this space that's really focused on cloud native cybersecurity. So, the idea is not just to take the existing capabilities that you've had on traditional systems and kind of retrofit them onto this new platform. But really to leverage the way that the cloud native space works, to be able to do security in a different and hopefully a more effective way. Cloud native has this notion of immutability and being able to take the same artifact from development to staging to production. And that enables us to do things in a security fashion that you really haven't been able to do in the past. Like actually be able to enforce security controls at the very beginning of the life cycle of the app. To be able to ensure consistency in your compliance posture all the way through production. And then as we learn things at runtime, to be able to signal that knowledge back to the developer, so they can actually improve the security application in the beginning. We basically have a platform that gives you those capabilities, vulnerability management, compliance, runtime defense, and firewalling across VMs, containers, and serverless across any clouds you have. We're not specific to any one cloud provider-- >> Is like telemetry coming back to the developer in real time? >> Yeah, basically as an example, when you have an application that's deployed, in the old world you as the developer would give the app to an operator, they would deploy it, and maybe weeks later, somebody would scan it, and they'd say you've got these vulnerabilities and then they have to go back and tell somebody to go and fix them. There's a lot of time where you're exposed, there's a lot of cost with that operation. The way that we're able to do it for the vulnerability case is as the developer builds the application, every build they do, Twistlock can scan that and see the vulnerabilities and actually enforce that as a quality gate and say if you've got critical vulnerabilities, you have to fix 'em before you progress. And then as you take that application and move that into test and staging and production, we create this dynamic runtime model that describes basically an implicit allow list of what's normal behaviors. So you don't have to tell us that my web server normally runs in Gen X and listens on port 80, we learn that automatically. We create this reference model where you can understand what's normal and then we automatically prevent anomalies. So unlike that traditional world of security where you had to have a whole bunch of manual rules that try to blacklist every thing that was bad, (John Furrier laughs) we just say, we learn what's good and only allow that. >> It's predictive and prescriptive in one. >> Yeah, exactly. >> What's the role here with Kubernetes, how do you fit into the Kubernetes standardization, momentum? >> For us, we've kind of pre-dated the rise of Kubernetes in some ways, and really supported Kubernetes from the very beginning when the project became popular. Our platform is designed to work as a native cloud native app itself, so when you deploy Twistlock, you run the Twistlock console, our management service and API controller. All that's run just as a cloud native app. You deploy as a replication controller. When you deploy Twistlock defender, our agent effective error, containerized agents to all the nodes where you're writing compute jobs, you run that as a Damon set. So for us, not only do we protect the platform, but we just are a part of the platform. There's nothing abnormal that you have to do. You deploy it and manage it like you would any other Kubernetes application. >> All right, Nanda, let's pull you into the conversation here. >> Sure. Verizon, obviously most people know, explain what your group does, how cloud native fits into what you're doing. >> I'm part of the Global Technology Services organization. Verizon, as you probably know, is a mixed bag of different types of businesses brought together, wireless being the most prominent one that most of you know about it. But we also have other solutions, like our file solutions. And recently with our acquisition of Yahoo, which is gold, and so forth. Verizon is actually on a major transformation journey. Our transformation journey spans around a five year program. We are in year number three of this transformation and cloud native and cloud technology is a very foundational aspect for us as part of this transformation. I was just chatting with John earlier. Opportunity like this doesn't come that often because we are in a perfect intersection of where automation and Verizon is doing a cloud migration and then you have these cloud native technologies that have been made available. Where it's Kubernetes, container, and so forth. So that mesh of the opportunity to migrate. And as you migrate, you're taking advantage of these technologies, and modernizing your application stack is a big win. >> Okay, can you connect for us the intersection of what you were just talking about and 5G, which is you know, really going to be a huge impact on everything happening in telecommunications. >> Yeah, the whole idea about 5G for us is it's not just the next generation of technology. It's all about the human element ability of it. Basically it means we want to make sure that the technology is used to solve real human problems and the technology is capable of doing that. Be it whether it's a life science or be it in transportation and so forth. We really want to make sure that the technology is being used to solve real human problems and to enable the consumption of this technology. We won't take advantage of cloud native services to support it. >> Help boil it down for us because, just in general, you say even domestically, I think it's like 40% of the U.S. population doesn't have access to broadband. Those of us at the conference here understand that wireless isn't always reliable. 5G silver bullet, everybody's going to have infinite bandwidth everywhere, right? >> Absolutely. (Stu laughs) And that's the valued proposition of the technology that it brings to the table. I know the spread of the technology is going to vary depending upon the commercialization of the product, the solution, and so forth. But the reality is in the new world that we live in, it is not just one piece of technology that's going to make it. It's going to be a mesh of the new technologies like 5G with a combination of WiFi and so forth. All of this coming together. It all comes down to fundamentally what are the use cases or what type of solutions are you going to go after and how it's going to make sense. >> How has cloud native in this transformation changed how you guys make investments? Obviously, the security equation's paramount. Central to the that, lot of data. How is the investments and how you guys are building out changed? Obviously you're looking at re-imagining operations, security, et cetera et cetera. How's that going to shape for you guys-- >> One of the things that Nanda and I were talking about earlier that not because of cloud native but it's enabled by cloud native. I think you look at almost all organizations today, and to reuse that phrase that Andreessen quoted about softwaring the world. It really is a true thing. Unlike in the past where IT had been this cost center that most organizations sought to strangle out and reduce as much as possible, I think most, at least modern companies that will be successful in the future, realize that that's part of their competitive advantage. It's not just about providing an app because your competitor has an app, it's about providing a better experience so that you're driving more revenue, having a better relationship, a longer term deeper relationship with that customer. Like we were talking about, in his case, if they build kind of a minimal application or minimal experience for their customers, their customers may choose to go to AT&T or whomever else if they can feel like hey, it's easier for me to work with them. I get better data, I can use my systems more easily. If you have that inflection point where people are having to really invest in building better software, better industry specific software, you need those tools of mass innovation to do that. And that's what cloud native really is. It's about being able to take and innovate and iterate on those innovations much more rapidly than you've been able to do in the past. And so it's really this confluence of those two trends that make this space as big as it is. That's why we have so many people here at KubeCon. >> Oh, you go faster too. The investment in apps, your applications, faster. And your talking about your security solution replaces the old way of hey, is there a problem, we'll patch it. >> It also has to get away from that approach where people took in the past where security was always this friction. It was this impediment, you know, you wanted to deploy something and you had to go through the security review and create all this rules and it was a hassle and slowed things down. If that's your approach to security, you're going to be at a fundamental conflict to this new approach. >> I think you'll be out of business personally, I think that ship has sailed, that's dead. We see the breaches every day, you see on all the dark webs who've been harvesting all that. IoT though is a different kind of animal. How are you guys looking at the IoT equation because that's a good use case for cloud? You can push now compute to the edge, you don't have to move data around. Certainly you guys are in the telecom business, you know what that means, so latency matters. How are you looking at the edge, IoT, and where does security fit into that? >> In terms of IoT, I think as you mentioned, there are going to be use cases where IoT's going to be very critical. There are two paradigms to the concept of the mobile edge compute. One is for the IoT use cases, the other could be even for like AR/VR is a good example. You want the compute to be so fast where you want responses immediately based on the location you are and so forth. So that's a very important foundation that we're working on and making that a reality for our organization to come use it. And of course any solution that we provide, security needs to be baked into it, because that's going to be foundation for how to-- >> Back to your 5G point, that's great back haul too for those devices. That one at least. If they want to send data back or interface with the edge, and power and compute, you need power and connectivity. >> Yep, exactly, very true. >> What's next, I guess? If you look forward, where's this journey going? How does this partnership help solve things? >> I think the key to any successful transformation is you got to take into consideration your current landscape. You certainly can have a broad vision of where the future is and so forth, but if you can't build the bridge between where we are and where we need to go, that's going to be a very challenging space so when you look at the cloud native technologies, we look at making it operational efficiency for us. In terms of how do we do our operations, like the earlier question we talked about, what is changing for us? Our operation's getting better. Our security portion is getting better because we're now shifting more of this to left. Which means as the workloads are being built and so forth. We're taking into consideration how it's going to run, where it's going to run and so forth. So that's going to create the savings and operational efficiency, which then allows us to take that and transform it into how do we focus on more modern technologies and modern solutions and so forth. >> Customer satisfaction. >> And customer satisfaction. >> Those are the top line business for every new model. >> So I got to ask, how is it going with Twistlock? Where's their role in your transformation? It's on the security side? >> Mm-hmm. >> Where do they play into your mix? >> So when we rolled out our solution for our Kubernetes platform, we certainly want to make sure that, to John's earlier point, where we can shift left and really look at security wholistically. And the only way you could do that is you need to capture the essence or integrate security as the project's being built. Because today we do have a security portion, but it's kind of where you have it during the development phase or during operations or doing it on time. You're not able to stitch it together. But with container and Kubernetes, you now have the advantage of really knowing what is end to end. And that is where our partnership with Twistlock has to be able to oversee that and provide that insight on what is running, where it's running, what levels exist, and how do we fix it. >> It kind of makes sense too. We've talked for years, the perimeter is dead. You guys are addressing security upfront at the application level where it's coding. This is working out for you guys well? >> Yep, and that's been a big shift in fact for why they've been successful with this transformation. Because we know have inside steward and everybody in the organization has a line off-site to what's going on, where things are running and so forth. It's been a great partnership. >> John, talk about this dynamic 'cause this is really kind of compelling because we've heard, "Oh, yeah, we're throwing everything "against the wall in security." And everyone always says, "Hey, the perimeter is dead "and you got to start with security in mind from day one." Well, I mean, what is day one? The minute you start coding, right? >> I get your overall point about the perimeter being dead. I would actually rephrase it a bit and say, "The perimeter being dissolved." And I think that's really a more probably accurate way to look at it. What used to be this very tightly defined like, we deploy things in this network or even VPC and it's got this control around it. Whereas a lot of customers today we see choosing an intentional multi-cloud strategy. They want to preserve the ability to have some leverage, not just with Amazon, but with Azure, or with Google, or whomever it may be on-premises. And when you have that model where you've got infrastructure and multiple regions, multiple different providers, you no longer have that very clean separation between what's yours and what's kind of out on the outside. And so one of the things that we really think is important is to be able to bring the perimeter to the application. So the way that we look at protecting the application is around the app itself, regardless of what the underlying compute platform is, the cloud, the region, it's really about protecting the app. You learn how those different microservices normally communicate with each other. You only allow that normal good communication unless you can really constrain a blast radius if you do have some kind of compromise in the future. And the minute you really try to mitigate that compromise is to again find those vulnerabilities as you develop the app, and prevent them in development before they ever get out to production. >> And that's a super smart approach, I love that. I think it's a winner, congratulations. Final question, what's the prediction for multi-cloud in 2019? Since you brought it up, multi-cloud seems to be the hot thing. What's your prediction 2019? It becomes a conversation? It becomes practice? >> I would say at this point, it already is practice in most organizations. And I would say that in 2019, you'll see that become something that's accepted not just as an option but as really the preferred, the better operational model. So you're able to choose technology platforms and operational approaches that are designed to work in a model in which you have multiple providers. Because you have a dependency layer that you can take now with Kubernetes and containers that's universal across those. Theoretically, you could have always taken a VM you put in ager and moved it to AWS, but it was really difficult and painful and hard to do that. If you do that well with Kubernetes, it's really pretty straightforward to deploy an application across multiple providers or multiple regions of the same provider even. And I think you'll see that become a more real thing in 2019 because it gives you as a company, or you as a customer, more leverage to be able to choose the services and negotiate the rates that you want with your provider. >> And if you move security to the app level like you guys are doing, you take away all that extra work around how to send policy and make it dynamic. >> Exactly. Our customers may have one Twistlock environment that manages things in Azure and AWS and GCP and on-premises and that's fine because we care about protecting the app not the interlying infrastructure. >> You agree? >> Absolutely, I think that's going to be the case even from our perspective. You're always going to look for where is the best place around these workloads and in a cost-effective way and secure manner. And as long as you're a single-controlled plane that you can manage it, I think the multi-cloud is going to be the ideal-- >> Make it easier to operate, standard language for developers, lock in security at the front end. >> That's right. >> Good stuff. Guys thanks for coming out. >> Sure. >> Appreciate the insight. Smart commentary here on security, cloud native, Kubernetes, I'll break it down here on theCUBE. I'm John Furrier, Stu Miniman, stay with us. More day one coverage of three days of live coverage here in Seattle for KubeCon and CloudNativeCon. We'll be right back. (upbeat music)

>> Narrator: Live, from Las Vegas, it's The Cube, covering IBM Think 2018. Brought to you by IBM. >> Hello, everyone and welcome back to our day two of coverage here in Las Vegas, where IBM Think 2018's The Cube's three days of wall-to-wall coverage day two. Yesterday, we had kick-off, kind of partner day. Today's really the kick-off of the event. CEO of IBM up on stage for the keynote. I'm John Furrier with Dave Vellante. Dave, we're doing seven years or so plus all these six shows coming down to one for IBM Think. It's a packed house; you can't even get through the hallways. Looks like they need to go to Sands Convention Center. >> Dave: (laughs) or Moscone. >> Or Moscone, or somewhere bigger, they need a bigger boat, but the keynote kicked off, Ginni Rometty was up there. Interesting, putting smart to work, quantam, blockchain, AI data and she kind of laid out the cloud strategy, you know, using data in public cloud and private. It's clear where they're going with the cloud. Your analysis of the keynote, what's your thoughts? >> Well, first of all, John, as viewers know, I mean, I'm a big fan if Ginni Rometty. I think she's been overly criticized, but I think she's a great presenter. When I compare Ginni's presentation skills with some of the other CEOs in the industry, I think she's far superior. She connects with the audience, she looks great, she's really cogent, she's well prepared, so, I really like her as a presenter and as an executive, and, you know, another women in tech, you know we love that. Yes, you're right, putting smarter to work was her theme. She's talkin' about 30 to 40,000 people at the event. There's too many people to count I guess. You can't really figure that out, and, so, it's big, it's packed. She also did a theater in the round which was different. I noticed last year ServiceNow did that. I really like that style, so that was kind of an interesting thing. Ginni talked about three exponential growth areas. So, I'll lay 'em out and then, we can talk about it. She said they come every 25 years. The first was Moore's law, and we all know what that is, and the second was Metcalfe's law, the value of the network increases exponentially if the nodes in network increase, and then, the third, which is upon us now, is data plus AI. Her supposition was that is going to usher in a next era of incremental growth, because you're going to out-learn the competition, and she used this term of incumbent disruptors, and I heard that and went okay, hold on, (Dave laughs) 'cause I don't see it that way. >> Yeah. >> I don't see the incumbents as the disruptors. So, that was my first reaction, and then, she brought up three customers, Verizon, and I'm like, "Verizon? "A big telco is a disruptor, come on! "They're gettin' a disruptor by over the top.", but the CEO came on, Lowell McAdam, talkin' about 5G, so we'll talk about that, and then, Maersk, IBM has a joint venture with Maersk, so, Michael White came up, he's the CEO of that. Now, Maersk is using blockchain, and Maersk we all know is the container company and they're attacking inefficiencies with blockchain, so I thought that was actually a really good example, and then, Royal Bank of Canada, RBC, came up. You know, banking, to me, is an industry that has not been disrupted yet, and, so, I, again, was initially negative toward this idea of incumbent disruptors, 'cause I don't think the incumbents are disruptors, and we'll talk about why I think that, but I thought IBM did a pretty good job of showing how incumbents can actually take AI and blockchain and, at least, defend against the disruptors. >> I mean, it's clear to me that she's obviously playing to the crowd with the digital debt transformation. I mean, we talk about these traditional companies, they need to transform, and she brings up Moore's law and Metcalfe's law kind of to take a view of the past, but to look forward, she's kind of saying, "Lookit, Moore's law make things smaller, faster, "cheaper, doubling every six months." That's just on the, I mean, this applies to IoT, quantum makes everything else. Metcalfe's law I think is very relevant, 'cause if you look at blockchains about decentralized internet, you're talkin' about decentralized applications, that's where blockchain will play the major enablement there, that's about network effects, so you bring network effects in with Metcalfe's law, Moore's law on the equipments on the hardware side, I like that, so, that worked for me. The disruptors, I think it's more of overplaying her hand on that, because I just haven't seen any evidence of any incumbents truly disrupting themselves. So, maybe you can talk with Microsoft, IBM's trying to transform, but at the end of the day, they got to look back and learn from the internet era. If you don't jump on these next waves, you could be driftwood, right? So, you got to surf the new waves, and I think that's what I heard her say is IBM is putting data at the center of the value proposition using AI as a front end for that, make it smarter, and then, using blockchain as an infrastructure and protocol level opportunity to take the IBM software and data plane and wrap 'em together. So, if you look at it, you got data at the center, blockchain on one side, and AI on the other, it's the innovation sandwich. That, for me, works for me, now, let's unpack that. How real is it, and that's going to be what we're going to talk about, and I think that's a good strategy. All the elements are in play. >> Well, I think the other piece of that sandwich, maybe it's the dressing on top, is the cloud, 'cause you have to have scale and network effects in order to achieve that innovation. I just want to mention, she talked about three other things that you are going to do as a customer. You're going to, one, leverage digital platforms, you're going to, two, embed learning in, virtually, every process that you do, and, three, you're going to empower humans. So, she put forth this idea of augmented intelligence, and, as I predicted yesterday, she, unlike Larry Olsen, she doesn't come right out and slam her competition, she does it in a classy way. She said, quote, "IBM is not "in conflict with your business." In other words, we're not taking your data and then, remonetizing it at the back end. That's a big deal, IBM makes a lot of noise about that. So, it's really augmenting humans, not in conflict with your business, and bringing advanced security to things like blockchain, >> Yeah. >> and cloud, and AI. >> I like her term security to the core, I like that, but that kind of gives the impression that's core to all things, but if you look at the megatrends that are impacting the incumbents and the people trying to do digital transformation, as well as the new startups, Dave, that are trying to get a new position in the landscape is clear. You got blockchain, you got decentralized apps, you got AI, but the data's critical, and she mentioned some cool things I like with the cloud which was she's saying, "Lookit, we'll make "the data a really big thing for you. "If you want it in public cloud, "you can have it in private cloud." So, she's looking at cloud as much more of a hybrid approach on private, kind of hinting at the GDPR problem that we know's out there. So, if you want to move your data around, that's a critical asset. Also, if you look at what's going on in the news today, these days, is Facebook is getting slammed because how they were hacked with the election, and other weaponization of data, this is a big deal for companies, and I think if IBM can play that card to leverage the data and have the confidence of the companies that they serve to say, "Lookit, data's got to be owned by you, "but has to be managed in a way that's dynamic, "whether it's a GDPR or some other regulatory issue.", and, believe me, blockchain's going to have some. So, you know, they could come out and get in the front of this new wave, and I think that's a good play. So, it wasn't just a recycled cloud show, it wasn't just AI Watson, I like how she put it together. >> So, just touching on a thing, you mentioned Facebook. So she talked about Moore's law ushering in this era of back office productivity. She didn't mention Wintel; I think it's still, probably, too painful for IBM to think about that. Metcalfe's law, she said ushered in, sort of, the Facebook era. I think that's fair, the network effect of Facebook, and then, she said, "Hopefully, you know, "they'll call this Watson's law." I don't know if that's going to happen, but that notion of, >> Wishful thinking. >> hey, hey, you got to be power of positive thinking, but that notion of exponential learning. I want to talk about cloud for a minute. You and I had some interesting debates yesterday in our open about cloud. Oracle announced its earnings yesterday, cloud growth 30%. I see Oracle and IBM as very similar in their cloud strategies; both companies would vehemently disagree with that, >> Yeah. >> but I think they are very similar in that sense. The street didn't like it, because Oracle cloud only grew at 30%, stock's down, okay, great, but, to me, IBM and Oracle are similar in that they're basically cloudifying their business. They're allowing their clients to onboard customers to the cloud, putting their applications portfolios, their SAS products, their middleware into the cloud, IBM putting mainframe class stuff in the cloud, they're putting power into the cloud, storage into the cloud, pretty much everything into the cloud if you want it. Now, that's not easy to do >> Yeah. >> if you've got, you know, legacy businesses, obviously, AWS has a blank sheet of paper, that was kind of your point yesterday, >> Yeah, yeah. >> but I like the differentiation that I see from the companies like IBM and Oracle, and there really aren't many others like that. >> Yeah. I mean, my point yesterday was the definition of cloud has been totally mangled, right? Like, it's different, if you're Amazon, they have a slew of services, they have more services than anyone else on the planet, and they have more people using those services, so, by that standard, Amazon is clearly kicking everyone's butt, but that's just their perspective. If you look at IBM, their services are applications, same with Oracle. So, if you look at what IBM's doing is they're taking the same approach. Services and applications are going to be IBM's view of the cloud, but IBM's taking a multicloud approach, and I think that's different, and, when you put the data as the central component of the architecture, you're basically saying, "I'm going to look "at the cloud as more of a commodity layer. "I'll let the customers decide which cloud to use.", and that's a better strategy, now, it's hard to do multicloud, so maybe they're buying some time, but I think that's a good, solid strategy to take if they're not going to be trying to push their own cloud as 100%, because not all customers will sole source cloud unless there's functionality that that cloud does. For instance, Amazon is winning the public sector business like it's nobody's business, because they have the only cloud that has the ability to do classified and non-classified cloud. Nobody else has it, so, from a log speck standpoint, they're winning everything and from the DOD, CIA, and government. What IBM has to do is go into customer requirement saying, "We're the only company that can provide this." That's a unique opportunity for IBM. I think that's a winning approach rather than going on a frontal arms race of services with Amazon, and that's what all the big guys are doing. Microsoft, Oracle, IBM are not taking on Amazon directly, because they're going to have to match feature for feature, and then, Amazon wins that game every time. >> So, I want to go back to something Sam Palmisano said when he was CEO of IBM in 2012 on his way out. HP was the hot company, Hurd was running the company, and he was asked, "Do you worry about HP?" He said, "I don't worry about HP, "'cause they don't invest in R&D. "I worry about Oracle, 'cause they invest in R&D.", and, again, what I like about Oracle and IBM, they both invest in R&D, IBM even, you know, core stuff around blockchain, certainly quantum computing and the like. So, I think that is a very positive dynamic for both of those companies. >> Well, I mean, IBM's R&D is a secret weapon, I think, for them; they don't overplay that much. They do talk about it, but we look at what blockchain potentially could be, and I think, you know, IBM's certainly doing the messaging on blockchain. It still has a bunch of ads on T.V., and they're trying to make that a kind of a global brand, but blockchain speaks to a new infrastructure, right? It's not just distributed computing, it's decentralized computing, and we were saying on the Cube and we've been reporting there is a new wave of software developers coming on the market that are going to be writing decentralized applications for token economics. The notion of tokens isn't about ICOs and those scams, although there's a lot of those going on. The notion of token economics fit with a mobile cloud decentralized architecture whether it's IoT, or end users, or applications, token economics is going to change the impact in efficiencies up and down the stat. So, to me, the developer community that's rushing into the market on the decentralized applications will be a major opportunity, but you got to nail the blockchain and that tech is just a moving train from a protocol standpoint to an infrastructure. So, to me, I like what IBM's doing with blockchain. I think that's going to be an opportunity to move the ball down the field. >> So, the exponential innovation formula, in my view of the next ten years, is going to, and you nailed it, going to combine data with artificial intelligence, or machine intelligence, and cloud economics, and there is a set of digital services emerging. >> Well, cloud and token economics, both, it's two. >> But, so, yes, but, so, and that's part of it, but there's a set of digital services emerging in this fabric, and they're not bespoke services, they're part of this integrated fabric. The extent to which people leverage those services, those digital services, to create new business models is going to determine success or failure. Data, at the core, is critical. >> Yeah, yeah. >> I think you're right on on that, but what I like is that IBM is trying to solve some hard problems with AI. >> I mean, lookit, I was tweeting yesterday all day on some highlights from my Puerto Rico trip on the cryptocurrency events we've been covering, and one thing that we reported was the killer app for blockchain and cryptocurrency and decentralized apps is money. Money is the killer app, and we see that with the hype cycle with the ICOs, but, if you look at what IBM's doing with the supply chain side of their business, perfect storm for supply chain innovation. Blockchain is about money, marketplaces, and nailing inefficient incumbents. So, if the incumbents want to be disruptive, they're going to have to disrupt themselves by removing inefficiencies out of the system. >> Well, and the Maersk example was a good one where there's inefficiencies, you know, 20% of the cost of moving containers is admin stuff. Sometimes the admin costs exceed the shipping costs. So, that was a good example, but, again, I see blockchain as one component in this fabric, in this puzzle. >> Day two, Cube here, kicking off wall-to-wall coverage. Three days of live broadcast talking to the thought leaders. Extracting the signal from the noise, the Cube, the number one leader in live tech coverage. Go to cube.net to check out all the footage and siliconangle.com to check out all of our articles. We're reporting and the team reporting all week, and that analysis of Ginni's keynote, well done, Dave. More coverage after this short break. (techno beat) >> Narrator: Robert Herjavec.

(bubbly electronic music) >> Narrator: Live from Nassau in the Bahamas, it's theCUBE, covering Polycon 18. Brought to you by Polymath. >> Okay, welcome back everyone. We're live here in the Bahamas. This is theCUBE's exclusive coverage of the token economics world cryptocurrency blockchain, the new innovation that's changing the world. And of course, word on the ground floor, day two of coverage our next guest Amir Kaltak, CEO and founder of L-exit, L-exit, Lexit, called legalized exit, legit exit. He's automating the M&A process in a decentralized way. This is exactly the kind of value we see with cloud computing, and when you see automation and efficiencies, that's disruptive. Amir, congratulations on your awesome venture. Love your model. Let's get into details, because I think-- >> Thank you. >> You're demonstrating, in my opinion, where value is being created and then ultimately captured faster, more efficiently, because you're automating the M&A process. For people to get exit in a highly volatile, value creation, value capture world. Take a minute to explain your company. This is fantastic. Thank you for this kind intro. Hello, world. Lexit, in a nutshell, is M&A on blockchain, and I hope you guys will love it. What we do is we give you access to the world of M&A, which is currently a big boys club, and we want you guys to be all participating in it, from the small entrepreneur who just started out, who crashed his startup but created a great tac. He can sell it on it. The whole world's going to see it. Or to the seasoned entrepreneur, to the big entity, to the big enterprise, you can sell it on there too. You will be seen by all acquirers in the world, and at a penny of the cost, at multitudes of speed, you will be able to liquidize and asset your business. >> So we, Dave and I, predict that there's going to be a lot of liquidity going on at many levels, obviously. Token economics drives that, but in the startup world, you either make it or you sell it, or you put it out of business. In this world, as people start developing technology, the difference between a company and a feature might not be the same. So I might build the best app for social entrepreneurship, for solving world hunger or tracking the water supply through blockchain. And someone says, "Damn, I love that. I'm going to buy that." Now I got to go to a banker, I got to get legal fees. My choices are-- >> Yes, limited. >> Limited, hassle, costs cash. >> As a guy who just crashed a startup, let's take this example, because the majority does fail: over 90%, as matter of fact 96%. Now, you just failed, but you have this great technology you created, right? What are you going to do? You check your address book. Who might buy it? But it's limited too, because you just started out. You don't know nobody, so what you do is you go to a consultancy: M&A consultancy, the lawyers who are connected to this sphere. >> John: The gatekeepers. >> Yes, the gatekeepers. Big boys. >> John: And they take a big cut of it. >> They will tell you, it's an amazing technology. We'll help you sell it, but you make a down payment of $10,000 right now, and we'll look into it. But you don't have $10,000 right now, for instance. So what are you going to do? And even if you pay them, the likeability of them getting back to you is not that high, so what you do is on Lexit is, you get to Lexit, you open up your account, get KYC'd. We're very strict on that. It's fully legit platform, and you list it. You get assessed by our professional M&A network, given a value to it. It's not the value it will be sold for, but it's a value the professional assessor thinks you're worth, and why. He's going to say these reasons. Now, the buyers are going to see it, make the bids, and there you are. Access. >> So you guys automate that entire end-to-end process. >> Absolutely. So, Lexit is, from the listing, down to the final due diligence and drafting of agreements. Everything is in it. The final signature and the transfer of ownership. It's a full solution. >> Yes. The future of work, obviously, is about automation. I mentioned cloud computing, because we look at that market heavily. On the tech side, automation drives it, but managing processes, automating processes away is threatening to a lot of people. You're basically putting people out of business, potentially. >> Yes, I keep doing that. >> If you're successful, a cadre of ecosystem partners, service providers, traditionally go out of business, so I like that. >> Potentially. >> Well, they're going to have to adapt or change. I see this in global service integrators, like Accenture. These guys are getting eaten up by machine learning automated coding, because they can do it faster and better. >> You know my business better than I do! (both laugh) >> What we do at theCUBE, we know our stuff. So, this is disruptive, and at the end of the day, the other thing I want to get your reaction to is open-source. A lot of people in the ethos of the mission based open-source world is, I wrote coding as an open-source. If my company fails, and my VC's make it proprietary, it's like an owned asset in bankruptcy, or whatever, dying, you can't put it back, but with open-source code, there's always going to be value there, to some level. It might not be great. So, I might say "Hey, you had a failed venture, I'll buy your code." >> Exactly. >> Transfer your GitHub over. Done. >> That's how it works. >> So this is kind of like the dynamic that... Do you see that? >> This is the direction that we're heading to. We want to connect the dots, because we started Lexit out of a community approach. We figured out two years ago, when we started it... So we're two years into that right now, that this is direly needed. We don't have access, but if I got this problem right now as a startupper, so do many. And out of this thinking, we claim ourselves to be the startups for startups and empower the community. I believe that in terms of leadership, for instance, you're only a good leader if you empower everyone around you to become a good leader, based on respect and mutual purpose. >> So I got to ask you a question. >> Please. >> Cause everyone's going to ask this question of all startups. You got to know where you are. Are you a startup? Are you a growing company? Where's the product? How far along are you? When is it going to be released? Talk about the momentum of the offering that you have. Is it available in Beta? What's the status of the product itself? Because I'm sure it'll be used a lot. >> As I said, we started two years ago. The first year we didn't even write a single line of code. It was just like how do you put this huge M&A process into a usable yet powerful but simple to use platform. How do you do that? Just scalable from the small, small asset you want to sell, a line of code, an algorithm up to a large enterprise. The first year was finding out a process. What is necessary? How do we cover all aspects on different jurisdictions, and all this stuff, right? How to make it work on the legal side too. And we figured it out, and then we started doing it. And right now I can tell you guys we are scheduling the launch of Lexit, this year, in June. So we'll not just-- >> The product will be ready for production, shipping product. >> Absolutely. Available worldwide, completely worldwide ready to operate. Ready to make your deals, to put your listings, to make your bids, to get the best technology out there, but not just technology. Letters M&A, it means any kind of of business from a pizza chain, to a high tech company, to a biotech company, to food, supplies you can sell. >> Usually when I do legal documents, you see an exhibits in there, and say oh, exhibit A is all the IP, or whatever the seller's selling and the buyer's buying. When you deal with decentralized asset creation and capture, use that blockchain involved, how much is the tech involved in your process? Obviously, the legal stuff, I can really see automating away. That's like check one. But when you start dealing with assets that are either code or something durable, like property, that's maybe stored in blockchain, how do you guys look at that? Is that part of the automation? Is that a factor? Where does that impact? Is that an exhibit? Do I just say "Here's my key"? How do you deal with that? >> Alright, let's put it this way. We do want to connect existing M&A space to Lexit. The exits, they're huge structures. We do want to disrupt them, that's true, but to do that you can't just create entirely everything new. You have to kind of find a way for the big boys old club, the big banks, and all those folks around there to participate, right? To give them a familiar way to work. What we did is the token model economics in a way that people get rewarded, people pay for stuff inside of it, and such, right? Everything is triggered with smart contracts, obviously, to know did you do the down payment, did the signature happen. The smart contracts are automating the whole thing down to the final transaction. When the final transaction happens we get our commissions paid out from the Astro we have. The Lexit Crypto Astro. Everything is transferred and secure. Everybody involved into a deal knows exactly what's happening. >> John: And they have a shared incentive too. >> Absolutely >> They're tokenizing the process so there's a reward element. Right? >> Yes. >> Am I getting this right? >> Yes, the access. There are three parties in Lexit. Buyer, seller, obviously and the assessors. Professional M&A guys. They get rewarded in tokens, and that greatly. Pretty much in the magnitude of what they do in billables at the Big Four, PWC and so on. There's a high incentive there to do this in this assessment, and they get rewarded from the community pool which gets feed with all those listing fees, unlocking futures and everything that's happening within Lexit itself. The kicker is that we at Lexit believe that much in token that the commission you have to pay us is between 8 and 2%. 2% of about 35 million dollars in volume, and it gets a bit higher down to the lower ones. We take this commission only in our own token. I don't want dollars, not even Bitcoin. >> So you have your own token? >> Yes. >> Utility token or security token? >> It's a utility token strictly, and it's called LXT. >> LXT. Great. And is it available now, or are you going to launch it in June? >> Right now we are in the private pre-sale. I'll put through, and it looks like we'll keep it in the presale. It looks like the page was selling out LXT right now to the private backers. It's that high that we think in two weeks from now on, speaking mid-March, it's sold out >> What's the numbers? Hard cap, soft cap? Do you have the numbers? >> I told my team "Listen, everybody tells me: 'you're doing M&A on blockchain, you can raise hundreds of millions,'" and everybody will say "That's okay." I said "We don't need that money." I just want to raise what we do need to finalize the last mile of the dev and launch it this year. The hard cap is 10,000 ETH. 10K ETH only, roughly $9 million right now, and that's it. >> And you're going to reserve the other tokens for the community to do the work and be part of this new future of work equation? >> 50% of the total supply, which is 18 million, it's zero, goes to sale, to the market. Just 10% to us founders. You don't need more. >> So you're not greedy? >> No. >> You guys are playing it right to create-- >> I want the community to be empowered, this whole-- >> You need the community. You need the community. >> I need the community. >> So that is a different dynamic... Well, not different. That is the dynamic that everyone is agreeing on in the community in the ecosystem here, is that if you have bogarting or hoarding coins, or people taking down allocations, you miss the dynamic of the human capital, which is what the future of work is doing. You are an example-- >> Free promotion, you know what I mean? >> You're engaging. The future of work requires human capital. So if one institutional buyer buys the token out, there's no people. >> I interrupted you. You said "We are an example for what"? >> The future of work. >> I love that. >> You are executing, potentially, disruptive M&A, but you're not going after the banks directly. They can play, too. >> Right. >> So you guys are a service. You're like an Amazon.com website cloud service for... >> You could say that. >> M&A. Well, not like, but automated. Automating away things is the way to go. Do you see other examples that are like you guys, that are emerging in use cases? Obviously you're taking a known process, M&A, automating it away, making it tokenized. What other things do you see out there that's ripe for disruption? >> I do think that if somebody out there... Lexit, what we do, let's put it aside for a moment. I think supply, the supply chains of the world are ripe for disruption. I think they're inefficient. I think even food production, down to the basic needs of a human being, this is ripe for disruption. >> When I got my MBA back in the 90s, after I got my Computer Science degree in the 80s, I remember the word that always stick in my head from the books that they teach you is the "Value Chain." >> Value Chain. >> The Value Chain is a concept of anything, of value creation. This notion of chaining, blockchain, you see it... Anything that has value creation process. >> Let's take food production for a moment. Rice, okay? Rice. So now there is this farmer, somewhere in Asia, or in elsewhere, and he's producing, and he's selling it to somebody, who's picking it up, and he sells to the next distributor. He sells to an international distributor. He sold it for probably... I don't know, maybe 20 cents a pound tops? Probably just five. I don't know the prices. What happens if we could chain that supply chain, that we have a decentralized nature of how all these people can directly feed into the system and just jump those middlemen entirely. So this is what I'm speaking about. It's going to disrupt everything. Somebody's going to figure out that one. >> So you guys have a good formula, just to recap. You're automating the M&A process, you're creating a huge supply of tokens available to the community, that will help you change the game on M&A, which is also part of the process of your value chain, now tokenized, and you're taking a small cut that's a tiered commission, if you will, on the M&A transaction. >> It's like six times cheaper. >> Higher for the lower numbers and as you go higher, which you want more deals, you take a smaller cut, so it's not greedy, you're not taking a grotesque-- >> Nope. We go even beyond. Around Lexit we created a partner program. This partner program is fueling directly deals onto Lexit, and we give them 50% off the commission. People tell me "You're crazy." No I'm not. You need to incentify. So if you get thousands of these partners one day... Think of that. 50% is still a lot. I believe in sharing everything except my girlfriend. Everything is fine, so we share. You can have my beer, that's fine. (both laugh) Speaking of that, I believe in this-- >> Well, the Network Effect, too. Sharing is an ethos of distribution, so distribution is sharing. Sharing is also a social thing, but social gamification really is about distribution. You're essentially creating a network effect, and this is the fundamental pattern in token economics, is the networks. >> Totally true. >> You see that? >> That's how it happens. >> What's your situation now? You've got a deal going on. Are you with Polymath? >> That's amazing, I-- >> Talk about that. You're announcing it on stage in about an hour. >> It's true, yeah. The stage is about to come. Trevor and his team do a great job. Boarding startups with the tokens to become a security token. I believe there is a huge business for them in the future. And now we want to work with them together, so we partner up, and what we do is... One of the models is that we will help their clients to liquidize these tokens, then, over Lexit. So this is one of the thoughts we have. We're just figuring out a few things, but we're very excited. >> John: And it's all API-based, I'm assuming, right? >> All API-based. It's been highly automated, of course. Automation. It's all about automation. You have to lower the cost to make it efficient, to make it cheap for everybody involved, so you have to automate everything you can, and smart contracts are, per se, an automation tool. >> Well, Amir, good luck with your venture, Lexit. I love the idea, I love what you're doing. I think this is what we look for in theCUBE, this kind of innovation. We think it's awesome. Good luck on your team. Product's almost pre-launch. >> And the pre-sale is almost through, so if you guys want in before ETH (mumbles), let me just drop that one in two weeks. It's closing and we distro in between four to six weeks, we're going to distro the token. So it's everything happening right now, and soon after that the exchanges are waiting, and you'll be surprised. They're going to be the good ones. >> This is innovations theCUBE are covering: the blockchain, the cryptocurrency. We're at Polycon 18. Polymath is the folks putting on the event with Grit Capital, a Canadian contingency, but they know their cryptography. If you know Canada, you know what the deal is there. It's theCUBE covering it live. We'll be back with more live coverage after this short break. >> Thank you. (reverb-heavy electronic music) (moody ambient electronic) (moody ambient electronic) >> Hi, I'm John Furrier, the co-founder of SiliconANGLE Media and co-host of theCUBE. I've been in the tech business since I was 19, first programming on minicomputers in a large enterprise, and then worked at IBM and Hewlett Packard, a total of nine years in the enterprise. Various jobs from programming, training, consulting and, ultimately as an executive salesperson, and then started my first company, it was in 1997, and moved to Silicon Valley in 1999. I've been here ever since. I've always loved technology, and I love covering emerging technology. I was trained as a software developer, and loved business. I loved the impact of software technology to business. To me, creating technology that starts a company and creates value and jobs is probably one of the most rewarding things I've ever been involved in. And I bring that energy to theCUBE because theCUBE is where all the ideas are and where the experts are, where the people are and I think what's most exciting about theCUBE is that we get to talk to people who are making things happen. Entrepreneurs, CEO of companies, Venture Capitalists. People who are really, on a day in and day out basis, building great companies. In the technology business, there's just not a lot of real-time live TV coverage, and theCUBE is a non-linear TV operation. We do everything that the TV guys on cable don't do. We do longer interviews. We ask tougher questions. We ask sometimes some light questions. We talk about the person and what they feel about. It's not prompted and scripted. It's a conversation. It's authentic. And for shows that have theCUBE coverage, it makes the show buzz, it creates excitement, and more importantly, it creates great content, great digital assets that can be shared instantaneously to the world. Over 31 million people have viewed theCUBE and that is the result of great content, great conversations, and I'm so proud to be part of theCUBE, a great team. Hi, I'm John Furrier. Thanks for watching theCUBE. (emotive electronic music) >> Narrator: Robert Herjavec!

>> Narrator: Live from Washington, D.C., it's the Cube covering .conf 2017 brought to you by Splunk. (electronic music) >> Welcome back to our nation's capitol. Here in Washington, D.C., the Cube which is Silicon Angle TV's flagship broadcast, broadcasting live today and tomorrow from D.C. here at .conf 2017, Splunk's annual get-together. Along with Dave Vellante, I'm John Walls. Now, we're joined by Chidi Alams who is the Head of IT and Security for Heartland Jiffy Lube. We all know Jiffy Lube for sure. Chidi, thanks for being with us. Good to see you. >> Of course, thanks for having me. >> Before I jump in, I was looking at your, kind of the portfolio of responsibilities earlier. Information security, application development, database development, reporting services, enterprise PM, blah, on and on and on. When do you sleep, Chidi? >> I don't. (laughing) That's the easy answer. The reality is I also have two young children at home, so between work and the family life, I'm up all the time. >> John: I imagine so. >> But I would have it no other way. >> Dave: How old are your kids? >> Three and two. >> Oh, you won't sleep for a decade. >> Right. >> I know. >> Wait til they start driving. >> That's what they tell me. >> Then it gets even better or worse, depends on how you look at it. >> That's how you learn how to sleep on airplanes. (laughing) >> Well, let's look at the big picture of security at Jiffy Lube. Your primary concerns these days, I assume, are very much laser-focused on security and what you're seeing. What are the kinds of things that keep you up at night? Other than kids these days? >> So, we're a very large retailer and brand recognition is something that we're very proud of, however, with that comes a considerable amount of risk. So the bad guys are also aware of Jiffy Lube. They understand that as a retailer, we have credit cards, we have very sensitive data. When I started with Jiffy Lube about two and a half years ago, I started a program to focus not only on keeping the bad guys out, right, that's essentially table stakes in any security program, but also implementing a discipline approach around insider threat. Frankly, that's where Splunk has proved to be a significant value for our organization because now we have visibility with respect to both of those risks. Additionally, we've spent a lot of time just taking more of a risk-based approach to security. Quite often what happens, technologists tend to focus on implementing technology and kind of filling gaps that way. The first thing that we did was assess organizational risk based on our most critical assets. Once we were able to determine asset X, in most cases a data asset, was really critical to the organization, credit card data, we were able to build a unified solution and program to ensure that we protect not only our brand, but our customers' data all the time. >> So, first of all I'll say, I love Jiffy Lube. I'm a customer. I go there all the time. It's so convenient, great service. Generally, very customer service oriented, but I see your challenge with all this distributed infrastructure and retail shops around. I would imagine there's somewhat of a transient, some turnover in employee base. >> Chidi: Yeah. >> The bad guys can target folks and say, "Hey, here's a few bucks. "Let me in." So how do you use data and analytics? I'm sure you have all kinds of screening and all kinds of corporate policies around that that's sort of one layer, but it's multi-dimensional. So how do you use technology and data to thwart that risk internally? >> Sure. So I think the key there is having a holistic program. That's a term that's thrown around a lot, so for me, that means a clear focus on people-processed technology. As I mentioned earlier, the tendency is to start with your comfort zone, so with us as technologists, it's technology, but the people aspect, I have found in my career, is always the largest variable that you have to account for. So disgruntled employees. In retail, regardless of how robust and how strong a culture you create, you're always going to have higher turnover than any industry, particularly in the field. Having very tight alignment with HR, Operations, other stakeholders to ensure that, look, when someone leaves, we track that effectively. That's all data-driven, by the way, so that we're able to track the lifecycle of an employee not only on the positive side when they enter the organization, but when they exit. If the exit is immediate, we have triggers and data-driven events that alert us to that so we can respond immediately. Then, I mentioned insider threat. It's not just employees out in the field. Globally, insider threat is probably the biggest blind spots for organizations. Again, the focus is on the outside, so when we look at things like data exfiltration which is a risk in any large organization where there's a lot of change and transformation, you have to have a good baseline of activity that's going on and understand what activity is truly normal versus activity that could be anomalous and an indicator of a bad actor within the enterprise. We have all that visibility and more now with Splunk. >> What is the role that Splunk plays? How has that journey evolved? I don't know if you've been there long enough, but pre-Splunk, post-Splunk, maybe you could describe that. >> Yeah, so pre-Splunk we were very, very reactive. Let me answer that by providing a little more context about how we're leveraging Splunk. So Splunk Enterprise Security is our centralized hub. Data across the enterprise comes to Splunk Enterprise Security. We have a team of SOC analysts that work around the clock to monitor events that, again, could be indicators of something bad happening. So with that infrastructure in place, we've gone from a very reactive situation where we had analysts and engineers going to disparate systems and having to manually triangulate and figure out, hey, is this an event? Is this something worthy of escalation? How do we handle this? Now, we have a platform not only in Splunk, but with some other solutions that gives us data, one, that's actionable. It's not hard to aggregate data, but to make that data meaningful and expose only what's legitimate from a triage and troubleshooting perspective. So those are some of the things we've done that Splunk has played a role in that. >> Okay. Talk about the regime for cybersecurity within your organization. It used to be, oh, it's an IT problem. In your organization, is it still an IT problem? Is the balance of the organization taking more responsibility? Is there a top-down initiative? I wonder if you could talk about how you guys approach that? >> That's a great question because it speaks to governance. One of the things that I did almost immediately when I started with Jiffy Lube was worked very closely with the senior leadership team to define what proper governance looks like because with governance, you've got accountability. So what happens all too often is security is just this thing that's kind of under-the-table. It's understood we've got some technology and some processes and policies in place, however, the question of accountability doesn't arise until there is a problem, especially in the case of a breach and most certainly when that breach leads to front-page exposure which was something I was very concerned about, again, Jiffy Lube being a very large retailer. Worked very closely with the senior leadership team to first of all, identify the priorities. We can't boil the ocean, there are a lot of gaps. There were a lot of gaps, but working as a team, we said, "Look, these are the priorities." Obviously, customer data, that's everything. That's our brand. We want to protect our customers, right. It's not just about keeping their vehicles running as long as possible. We want to be good stewards of their data. So with that, we implemented a very robust data-management strategy. We had regular meetings with business stakeholders and education also played a critical role. So taking technology and security out of the dark room of IT and bringing it to the senior leadership team and then, of course, being a member of that senior leadership team and speaking to these things in a way that my colleagues in Operations or Finance or Supply Chain could readily connect with. Then, translating that to risk that they can understand. >> So it's a shared responsibility? >> Absolutely. >> A big part of security. You talked before about keeping the bad guys out. That's table stakes. Big part of security, at least this day and age, seems to be response, how effectively the organization responds and, as you well know, it's got to be a team sport. It's kind of a bro mod, but the response mechanism, is it rehearsed? It is trained? Can you describe that? >> Both. I agree, response is critical, so you have to plan for everything. You have to be ready. Some of the things that we've done: one, we created a crisis management team, an incident response team. We have a very deliberate focus and a disciplined approach to disaster recovery and business continuity which is often left out of security conversations. Which is fascinating because the classic security triad is confidentiality, integrity, and availability. So the three have to be viewed in light of each other. With that, we not only created the appropriate incident response teams and processes within IT, but then created very clear links between other parts of the business. So if we have a security event or an availability event, how do we communicate that internally? Who is in charge? Who manages the incident? Who decides that we communicate with legal, HR? What is that ecosystem look like? All of that is actually clearly defined in our security policy and we rehearse it at least twice a year. >> You know, we just had Robert Herjavec on from the Herjavec Group just a few minutes ago. He brought up a point I thought pretty interesting. He says, "Security, obviously, is a huge concern." Obviously, it's his focus, but he said, "A problem is that the bad guys, the bad actors, "are extremely inventive and innovative "and keep coming up with new entry points, "new intrusion points." That's the big headache is they invent these really newfangled ways to thwart our systems that were unpredicted. So how does that sit with you? You say you've got all of these policies in place, you've got every protocol aligned, and all-of-a-sudden the door opens a different way that you didn't expect. >> Yeah, one of my favorite topics that really speaks to the future and where I believe the industry is going. So traditionally, security has been very signature-based. In other words, we alert against known patterns of behavior that are understood to be malicious or bad. A growing trend is machine learning, artificial intelligence. In fact, at Jiffy Lube, we are experimenting with a concept that I refer to now as the security immune system. So leveraging machine data to proactively asses potential threats versus waiting for those threats to materialize and then kind of building that into our response going forward. I think a lot of that is still in the early phases, but I imagine that in the very near future that'll be a mandatory part of every security plan. We've got to go beyond two-dimensional signature-based to true AI, machine learning. Taking action, not just providing visibility via response and alerts, but taking action based on that data proactively in a way that might not include a human actor, at least initially. >> What's the organizational structure at your shop? Are you the de-facto CISO? >> Chidi: I am. >> And the CIO? >> Chidi: I am. I wear both hats. >> Yeah, so that's interesting. You know where I'm going with this. There's always the discussion about should you separate those roles. I can make a case for either way, that if you want the best security in IT, have the security experts managing that. The same time, people say, "Well, it's like the fox "watching the hen house and there's lack of transparency." I think I know where you fall on this, but how do you address the guys that say that function should be split? What's the advantage of keeping them together in your view? >> Yeah, so I think you have to marry best practice with the realities of a particular organization. That's the mistake that I think many make when they set about actually defining the appropriate org structure. There's no such thing as a copy and paste org structure. I actually believe, and I have no problem going on record with this, that the best practice does represent in reality a division between IT and security, particularly in larger organizations. Now, for us, that is more of a journey. What you do initially and your end-state are two different things, but the way you get there is incrementally. You don't go big bang out of the gate. Right now, they both roll up to me. Foreseeably, they will roll up to me, but that works best for the Jiffy Lube organization because of some interesting dynamics. The board of directors by the way, given the visibility of security, does have a say on that. Now that we're in transformation mode, they do want one person kind of overseeing the entire transformation of IT and security. Now, in the future, if we decide to split that up and I think we have to be at the right place as an organization to ensure that that transition is successful. >> I'm glad you brought up the board, Chidi, because to me, it's all about transparency. If the CIO can go to the board and say, "Hey, here's the deal. "We're going to get hacked, we have been hacked, "and here's what we're doing about it. "Here's our response routine," and in a transparent way has an open conversation with the board, that's different than historically. A lot of times CIOs would say, "Alright, we've got this covered," because failure meant fired. That's a mistake that a lot of boards made. Now, eventually, over time the board may decide, look, the job's too big to have one person which is kind of what you're ... But how do you feel about that? What's your sentiment on that transparency piece? How often do you meet with the board and what are the discussions like? >> Yeah, great topic. So, a few things. One, and you've hinted to this, it's very important for the CIO or the CISO to have board-level visibility, board-level access. I have that at Jiffy Lube. I've had to present to the board regarding the IT strategy. I think it's also important to be an effective communicator of risk. So when you're talking to the board, what I've done is I've highlighted two things and I believe this very strongly. As a security leader, you have to practice due care and due diligence. So due care represents doing your job within the scope of whatever your role is. Due diligence involves maintaining that over a period of time, including product evaluations. If you have due care and due diligence and you're able to demonstrate that, even if your environment is compromised, you have to have the enterprise including the board realize that as long as those two things are in place, then a security officer is doing his job. Now, what's fascinating is many breaches can be mapped back to a lack of due care and due diligence. That's why the security officer gets fired to be very blunt, but as long as you have those things and you articulate very clearly what that represents to the board and the senior leadership team, then I think you just focus on doing your job and continuing to communicate. >> John wanted to know if you had any Jiffy Lube coupons before we go. >> Yeah, 'cause in my car on the way home I thought I'd just jump in there. >> I'm all out, but I'll (laughs). >> You got one right down the street from the house. They probably know me all too well because I take the kids' cars there too. >> That's right. We'll hook you up, don't worry about it. >> We appreciate the time. >> Thank you. >> Thank you. A newly-converted Dallas Cowboys fan, by the way. >> That's right. Very proud. >> Perhaps here in Washington, we can work on that. >> We'll see about that. >> Alright, we'll see. Chidi, thanks for being with us. >> Thank you, appreciate it. >> Thank you very much. Chidi Alams from Heartland Jiffy Lube. Back with more here on the Cube in Washington, D.C. at .conf 2017 right after this. (electronic music)

>> Voiceover: Live from Washington, D.C., it's The Cube covering .NEXT Conference. Brought to you by Nutanix. >> Welcome back to Nutanix .NEXT Con, this is The Cube, the leader in live tech coverage, and we're here just outside of Washington, D.C. John Walton is here, he's the CIO of San Mateo County, Cube alum, good to see you again, thanks for coming back on. >> Great to be here, thanks for having me. You're very welcome, so it was good show. You been to .NEXT Con before, or-- >> This is my second one. >> Second one, okay. It's good little meet-ups, still kind of intimate, but they're growing, good buzz, what's your sense so far? >> I think it's good, I like to see the partners here. I've been wandering around, talking to some of my fellow CIOs on the floor here. It seems like people are really starting to understand better where Nutanix is going. I think there's a little bit of, you know, concern in the CIO community when they went public what that would mean, would they going to get bought out? And I think people are just happy to see status quo, heading in the right direction, being stable. You know, we all feel like our money's well invested and they are going to be around for the long run. >> I wonder if we could talk, sort of about the CIO role specifically at the county. And, you know, CIO, a lot of jokes, career is over, and keeping the lights on, that's all you do, and kind of thankless jobs, etc. But times are changing, everybody's talking about digital disruption, everybody's talking about being data driven. The whole big data thing is actually starting to feel real. And a lot of CIOs tell us that, in fact the last guest was saying we were sort of able to shift our attention from doing just nitty gritty infrastructure management to doing fun stuff. Is that what you're seeing in your environment? What are some of the drivers, and what's the environment like for you? >> Yeah, it is that way in San Mateo County. I mean, San Mateo County is interesting 'cause we are kind of the forgotten county between San Jose and San Francisco, right? Everybody commutes through San Mateo to one place or the other. But it's an exciting county to work in because you have so many of the thought leaders who actually live in the county. They run the companies and things. So, you have a community that's a very embracing of technology, and as the CIO for the county, I have the opportunity to play a multiple number of roles. I think what you alluded to, sort of the traditional view of the CIO role was keep the lights on, make sure everybody's got a new PC, don't let anything go down. And in our county certainly there was an aspect of that when I first joined them. And that's how we met Nutanix, was really refreshing our infrastructure, getting our uptime up, getting compute up. But that's all invisible now. That is a thing that technologies like Nutanix have afforded a CIO like myself is after you go through that initial big lift of getting up into the 21st century, and getting your infrastructure modernized in government, then you're able to be that chief innovation officer, chief disruption person, and really say, "What can I do for the community?", "What can I do on a regional scale?", "What can I do through partnerships?", so... You know, I really feel like infrastructure really has to become invisible. Nobody cares what switch is transmitting their data, nobody care what WAP they're connecting to. I mean, the end users don't really care what hyper-convert solution we use to provide the solution. I care, 'cause I'm a geek, and I care about the budget, and I care that my staff are happy, but really at the end of the day, the people who I'm most worried about are, you know, that departments that provide services to the public I'm trying to show relevance to, the elected officials who want to see us heading in the right direction and really adding value as government to the public that pays a lot of taxes, frankly. They want to see benefits. So, I'm really excited about the coming, we just got out of our budget cycle, and sort of really setting that vision for what do we want to do in the coming years. Nutanix powers that, but I don't have to worry about it anymore. >> John, what are some of those drivers that are helping you to innovate or provide more services, what are some of the big things you can share? >> Well I think you have to look at it from a, when you have infrastructure that's robust and it's up and it's cost-affordable, then you don't spend 80% of your time worrying about that. That's not what's keeping you awake at night. I get asked that a lot, "What's keeping you awake at night?" It's no longer that hard work on a crash or fail, or become the thing that delays all of my projects. So now the value-adds we look for is connectivity. You know, we talk about SMC Connect, San Mateo County Connect. It's now that we've created the infrastructure, put all of the services online, how do we get people better to connect to those? Do we need to market them more, or do we need to help understand the value they add to the community more? Do we need more wireless connectivity, do we need fiber connectivity? It's more connecting the public to the backend solution, whether they live in my data center or the cloud, what I care about are, are the applications and data relevant to the public, are they making their lives better, and do they have the tools to connect to those? 'Cause, kind of like San Mateo, it's very diverse. You know, you have sort of a high-tech corridor down the 101 corridor, where you have a lot of high tech area, and then you have a very rural area out towards the coast, and very different population you have to serve. >> Sounds like you're a service provider. >> Yes >> Yeah, yeah. >> Talk about this notion of invisibility. How has it changed the way in which your team works? >> Well, I think, you know, everyone wants to feel valued. I think if you're a network engineer or a server engineer, you want to feel like you add value. The one thing I think we do well in San Mateo County is, you know, we have performance metrics that we publish, that we're trying to achieve. Whether it's uptime or customer satisfaction, those trickle down to every group. So, invisibility means you don't have to worry about it anymore. But we do try to keep some visibility on how every staff person contributes to the ultimate outcome we're trying to achieve. So if people can see how6 they're individual efforts add value to the end result, I think they feel valued and they feel important. Invisibility's important because when I go to board meeting now, I'm not talking about, "Oh I need millions of dollars for this server," "Oh, we need to do this big network refresh." That's too visible. That's making the infrastructure the cornerstone of all your conversations, and it takes about two seconds before the board member's or elected official's eyes glaze over. They don't want to hear it. They want to hear about what are the visible aspects, how are we helping youth and community centers better connect to educational opportunities or job or internships. So, I think there'll always going to be a spend on technology to make things better. But I think as CIOs, when we get trapped in talking about specific technologies or how important infrastructure is, that makes it too visible. That makes it seem like that's all we care about. And I think the biggest compliment I ever got, in a budget meeting, was somebody saying, "What I appreciate is we spent 30 minutes talking about IT, and you never used one technical term." You know, and I think that's the invisibility piece of it is. I think as a CIO, you know you've done your job when you never have to to talk about the technology, right? The people that we serve in the community and the elected officials, they need to assume we're making a good technical decision to make those solutions happen. So I think, in a sense, the technology should be invisible, it should be affordable it should be simple. It should enable the end results, but the nuances of the technology we use, should probably in large be invisible to the public 'cause that's not really their concern. >> So you've suppressed a lot of the mundane, complex infrastructure, kind of low value add discussion, it sounds like, with the board. I imagine one area that you still talk about a lot is security. Is that a topic that is a regular topic at board meetings? >> Absolutely, and I think all the ransomware and virus attacks and hacker attacks, you've seen recently. And, I tweet about those a lot, and we talk about those a lot because we've have real impacts on our organization about things like that, phishing attacks. And this again is back to the value add, I think the message I try to bring to the board is our weakest point in security isn't always necessarily the technology, it's the complexity of the technology, right? So, the more complex we make our systems, the more complex and difficult to manage our infrastructure is, the more opportunities for weakness there are. So, we've gone from taking about security in an ivory tower aspect to, I think the two areas where we can focus on is more simplifying our infrastructure so it's easier to manage and easier to secure from our staff's standpoint, and that really adds value. So, we're really able to rapidly react to and address security issues as they come up because we have simplified our infrastructure. The board doesn't really need to worry about how we've done that, but the staff feel more confident that they're able to react to and manage those things, and then we can do value add things like train the users to be more aware of how phishing attacks happen when there's threats. Communicate better. We spent most of our time in the back room hashing servers, now with the Nutanix infrastructure, it's the easy button upgrade to patch servers and to get things addressed, and we can spend more of our time communicating with the end users about threats that are out there, how they should react, how they should respond to it. >> So John, you're kind of an early adopter of this whole concept of convergence. When we first met at VM Worlds a couple years ago, I think we were talking about traditional converged infrastructure, if I can use that term. Are you still using that type of infrastructure, how does is compare with so-called hyper-converged infrastructure, do you see differences? Is HCI a buzzword, or is it substantive in your view? >> I think it's substantive, you know I was doubtful at first too. You know, I came from, like you said, a few years ago, I think every CIO faces this. Especially in the public sector. It's what I call project ware. You know, you do a project, you do an RFP, you got three or four racks of equipment in of the lowest bidder, and that becomes a little island. And then you do the next RFP and you kind of grow your data center like that. We had tried early on when some of the new, sort of converged infrastructures were coming out, and I spend a lot of time going to EBCs, and talking about reference architectures, and one throat to choke when it came to when there's a problem, is it a compute problem or is it a storage problem? I think the industry has recognized for a while now since we first had these conversations about, again, simplifying and collapsing the complexity of those infrastructures is important. You know, I was doubtful when we first did the pilot with Nutanix. We first did the pilot around just VDI. We just saw Nutanix three years ago as a point solution, sort of the project where this was going to be our VDI platform. We would still maintain these other infrastructures for really important projects that needed the more traditional architectures. And, you know, it's really credited to my staff and engineers, it only took about six months before we had failing infrastructure, they would say, "Hey, we can use Nutanix. Let's hyper-converge, and chime in for other things, for compute. And now we're 100% virtualized. You know, we have over 1,200 servers now, all running on the Nutanix. There hasn't been a time in two years where my staff came to me and said, "The hyper-converged infrastructure we've selected isn't going to work for this, we have to buy something else." And so, to me that's when it goes from the theoretical, it might work, it might just be a... to a reality. If I'm going to go all in, and my staff are going to go all in on something, they have to be pretty confident that that's going to work for 'em. >> Are you Acropolis Hypervisor? >> We are in some things, you know, we don't use it for everything. But I think, you know, it goes back. We still have a very good relationship with VMware, we still think in some cases that VMware tools are still slightly more mature than the Acropolis tools. We think Acropolis has been catching up, we've actually been pushing really hard on Nutanix, to make it mature. And that's one of the reasons we've went with this platform, is we like to see that competition. We'd like to think that the Acropolis product will continue to mature, and challenge Vmware to either continue to evolve ahead of it, or bring their prices down to compete with it. >> You know, John, what's still on your to do list for Nutanix and it's ecosystem in your mind? >> You know, we're really looking at, really now around our disaster-recovery strategy, we're doing local replication between two data centers that are about six miles apart, which from a local building failure standpoint's useful. But my county's on the San Andreas fault, so the likelihood that a large earthquake is going to take both local data center is pretty high. So, we're really looking with Commvault and Nutanix and Amazon Web Services now, sort of about, you know, we have over 200 applications we support, for both public safety, healthcare, really mission-critical things that we can have zero downtime on, and in a disaster situation, healthcare and public safety applications are probably going to be the most needed applications out there. So, we're really pushing to try to see what that future looks like in the next 12 months around the Nutanix infrastructure. I don't say we have everything solved locally, but we're very confident in what we've implemented locally for our local compute, but really that next thing, what is the right balance between cloud compute and local compute? And how does that fit into the DR conversation's important. And back to your question about security, we still have real concerns about how secure is the public cloud. You know, it's not is it going to get hacked, but can the public cloud infrastructure be compromised to the point where in a disaster, if that's not available, how are we still going to get the data and applications up and running we need? So, we really see that there needs to be a balance between the two things. >> It's a response issue for you, and in that case-- >> It is, and we don't believe it's less secure, but we believe there's a RTO we need to meet in a disaster, and having lived through the Japan earthquake when I was in Tokyo when they had the 9.0, response time was critical. You can't say, "Well, we'll have the internet connection back up by then," and be reliant on your partners to do that, you need access to that data right now. So you've got a synchronous connection today, between your two data center, is that right? >> We have two data centers, but not to an out-of-area data center yet. That's what we need to accomplish next. >> Okay, yeah, good. Alright, listen. John, thanks very much for coming to The Cube. >> It's my pleasure. >> Let me give you the last word here on Nutanix, your future with them, or other things that you'd want to share? >> Well, we're excited about it and I'd recommend to any CIO who's watching this or thinking about it, really consider it, and see how it fits into your ecosystem. >> Great, always good having you on. Thanks very much for coming. >> It's my pleasure, thank you gentlemen. >> You're welcome. Alright, keep right there, buddy. Stew and I back with our next guest. This is The Cube, we're live from Nutanix .NEXT Conf. Be right back. >> Voiceover: Robert Herjavec