(radio calls) >> Announcer: From around the globe, its theCUBE covering Space & Cybersecurity Symposium 2020, hosted by Cal poly. Hello, welcome back to theCUBE virtual coverage with Cal Poly for the Space and Cybersecurity Symposium, a day four and the wrap up session, keynote session with the Lieutenant Governor of California, Eleni Kounalakis. She's here to deliver her keynote speech on the topic of California's role in supporting America's Cybersecurity future. Eleni, take it away. >> Thank you, John, for the introduction. I am Lieutenant Governor Eleni Kounalakis. It is an honor to be part of Cal Poly Space and Cybersecurity Symposium. As I speak kind of Pierre with the governor's office of business and economic development is available on the chat, too ready to answer any questions you might have. California and indeed the world are facing significant challenges right now. Every day we are faced with the ongoing COVID-19 pandemic and the economic downturn that is ensued. We have flattened the curve in California and are moving in the right direction but it is clear that we're not out of the woods yet. It is also impossible right now to escape the reality of climate change from the fire sparked by exceptionally rare, dry lightening events to extreme heat waves threatening public health and putting a strain on our electricity grid. We see that climate change is here now. And of course we've been recently confronted with a series of brutal examples of institutionalized racism that have created an awakening among people of all walks of life and compelled us into the streets to march and protest. In the context of all this, we cannot forget that we continue to be faced with other less visible but still very serious challenges. Cybersecurity threats are one of these. We have seen cities, companies and individuals paralyzed by attacks costing time and money and creating an atmosphere of uncertainty and insecurity. Our state agencies, local governments, police departments, utilities, news outlets and private companies from all industries are target. The threats around cybersecurity are serious but not unlike all the challenges we face in California. We have the tools and fortitude to address them. That is why this symposium is so important. Thank you, Cal Poly and all the participants for being here and for the important contributions you bring to this conference. I'd like to also say a few words about California's role in America's future in space. California has been at the forefront of the aerospace industry for more than a century through all the major innovations in aerospace from wooden aircraft, to World War II Bombers, to rockets and Mars rovers. California has played a pivotal role. Today, California is the number one state in total defense spending, defense contract spending and total number of personnel. It is estimated the Aerospace and Defense Industry, provides $168 billion in economic impact to our state. And America's best trained and most experienced aerospace and technology workforce lives here in California. The fact that the aerospace and defense sector, has had a strong history in California is no accident. California has always had strong innovation ecosystem and robust infrastructure that puts many sectors in a position to thrive. Of course, a big part of that infrastructure is a skilled workforce. And at the foundation of a skilled workforce is education. California has the strongest system of public higher education in the world. We're home to 10 university of California campuses, 23 California State university campuses and 116 California Community Colleges. All told nearly 3 million students are enrolled in public higher education. We also have world renowned private universities including the California Institute of Technology and Stanford University numbers one and three in the country for aerospace engineering. California also has four national laboratories and several NASA facilities. California possesses a strong spirit of innovation, risk taking and entrepreneurship. Half of all venture capital funding in the United States, goes to companies here in California. Lastly, but certainly no less critical to our success, California is a diverse state. 27% of all Californians are foreign born, 27% more than one in four of our population of 40 million people are immigrants from another country, Europe central and South America, India, Asia, everywhere. Our rich cultural diversity is our strength and helps drive our economy. As I look to the future of industries like cybersecurity and the growing commercial space industry, I know our state will need to work with those industries to make sure we continue to train our workforce for the demands of an evolving industry. The office of the lieutenant governor has a unique perspective on higher education and workforce development. I'm on the UC Board of Regents, the CSU Board of Trustees. And as of about two weeks ago, the Community Colleges Board of Governors. The office of the lieutenant governor is now the only office that is a member of every governing board, overseeing our public higher education system. Earlier in the symposium, we heard a rich discussion with Undersecretary Stewart Knox from the California Labor and Workforce Development Agency about what the state is doing to meet the needs of space and cybersecurity industries. As he mentioned, there are over 37,000 job vacancies in cybersecurity in our state. We need to address that gap. To do so, I see an important role for public private partnerships. We need input from industry and curriculum development. Some companies like Lockheed Martin, have very productive partnerships with universities and community colleges that train students with skills they need to enter aerospace and cyber industries. That type of collaboration will be key. We also need help from the industry to make sure students know that fields like cybersecurity even exist. People's early career interests are so often shaped by the jobs that members of their family have or what they see in popular culture. With such a young and evolving field like cybersecurity, many students are unaware of the job opportunities. I know for my visits to university campuses that students are hungry for STEM career paths where they see opportunities for good paying jobs. When I spoke with students at UC Merced, many of them were first generation college students who went through community college system before enrolling in a UC and they gravitated to STEM majors. With so many job opportunities available to STEM students, cybersecurity ought to be one that they are aware of and consider. Since this symposium is being hosted by Cal Poly, I wanted to highlight the tremendous work they're doing as leaders in the space and cybersecurity industry. Cal Poly California Cybersecurity Institute, does incredible work bringing together academia, industry and government training the next generation of cyber experts and researching emerging cybersecurity issues. As we heard from the President of Cal Poly, Jeff Armstrong the university is in the perfect location to contribute to a thriving space industry. It's close to Vandenberg Air Force Base and UC Santa Barbara and could be home to the future permanent headquarters of US Space Command. The state is also committed to supporting this space industry in the Central Coast. In July, the State of California, Cal poly US-based force and the others signed a memorandum of understanding to develop a commercial space port at Vandenberg Air Force Base and to develop a master plan to grow the commercial space industry in the region. Governor Newsom has made a commitment to lift up all regions of the state. And this strategy will position the Central Coast to be a global leader in the future of the space industry. I'd like to leave you with a few final thoughts, with everything we're facing. Fires, climate change, pandemic. It is easy to feel overwhelmed but I remain optimistic because I know that the people of the State of California are resilient, persistent, and determined to address our challenges and show a path toward a better future for ourselves and our families. The growth of the space industry and the economic development potential of projects like the Spaceport at Vandenberg Air Force Base, our great example of what we can look forward to. The potential for the commercial space industry to become a $3 trillion industry by mid century, as many experts predict is another. There are so many opportunities, new companies are going to emerge doing things we never could have dreamed of today. As Lieutenant General John Thompson said in the first session, the next few years of space and cyber innovation are not going to be a pony ride at the state fair, they're going to be a rodeo. We should all saddle up. Thank you. >> Okay, thank you very much, Eleni. I really appreciate it. Thank you for your participation and all your support to you and your staff. You guys doing a lot of work, a lot going on in California but cybersecurity and space as it comes together, California's playing a pivotal role in leading the world and the community. Thank you very much for your time. >> Okay, this session is going to continue with Bill Britton. Who's the vice president of technology and CIO at Cal Poly but more importantly, he's the director of the cyber institute located at Cal Poly. It's a global organization looking at the intersection of space and cybersecurity. Bill, let's wrap this up. Eleni had a great talk, talking about the future of cybersecurity in America and its future. The role California is playing, Cal Poly is right in the Central Coast. You're in the epicenter of it. We've had a great lineup here. Thanks for coming on. Let's put a capstone on this event. >> Thank you, John. But most importantly, thanks for being a great partner helping us get this to move forward and really changing the dynamic of this conversation. What an amazing time we're at, we had quite an unusual group but it's really kind of the focus and we've moved a lot of space around ourselves. And we've gone from Lieutenant General Thompson and the discussion of the opposition and space force and what things are going on in the future, the importance of cyber in space. And then we went on and moved on to the operations. And we had a private company who builds, we had the DOD, Department Of Defense and their context and NASA and theirs. And then we talked about public private partnerships from President Armstrong, Mr. Bhangu Mahad from the DOD and Mr. Steve Jacques from the National Security Space Association. It's been an amazing conference for one thing, I've heard repeatedly over and over and over, the reference to digital, the reference to cloud, the reference to the need for cybersecurity to be involved and really how important that is to start earlier than just at the employment level. To really go down into the system, the K through 12 and start there. And what an amazing time to be able to start there because we're returning to space in a larger capacity and it's now all around us. And the lieutenant governor really highlighted for us that California is intimately involved and we have to find a way to get our students involved at that same level. >> I want to ask you about this inflection point that was a big theme of this conference and symposium. It was throughout the interviews and throughout the conversations, both on the chat and also kind of on Twitter as well in the social web. Is that this new generation, it wasn't just space and government DOD, all the normal stuff you see, you saw JPL, the Hewlett Foundation, the Defense Innovation Unit, Amazon Web Services, NASA. Then you saw entrepreneurs come in, who were doing some stuff. And so you had this confluence of community. Of course, Cal Poly had participated in space. You guys does some great job, but it's not just the physical face-to-face show up, gets to hear some academic papers. This was a virtual event. We had over 300 organizations attend, different organizations around the world. Being a virtual event you had more range to get more people. This isn't digital. This symposium isn't about Central California anymore. It's global. >> No, it really has gone. >> What really happened to that? >> It's really kind of interesting because at first all of this was word of mouth for this symposium to take place. And it just started growing and growing and the more that we talk to organizations for support, the more we found how interconnected they were on an international scale. So much so that we've decided to take our cyber competition next year and take it globally as well. So if in fact as Major General Shaw said, this is about a multinational support force. Maybe it's time our students started interacting on that level to start with and not have to grow into it as they get older, but do it now and around space and around cybersecurity and around that digital environment and really kind of reduce the digital dividing space. >> Yeah, General Thompson mentioned this, 80 countries with programs. This is like the Olympics for space and we want to have these competitions. So I got great vision and I love that vision, but I know you have the number... Not number, the scores and from the competition this year that happened earlier in the week. Could you share the results of that challenge? >> Yeah, absolutely. We had 83 teams participate this year in the California Cyber Innovation Challenge. And again, it was based around a spacecraft scenario where a spacecraft, a commercial spacecraft was hacked and returned to earth. And the students had to do the forensics on the payload. And then they had to do downstream network analysis, using things like Wireshark and autopsy and other systems. It was a really tough competition. The students had to work hard and we had middle school and high school students participate. We had an intermediate league, new schools who had never done it before or even some who didn't even have STEM programs but were just signing up to really get involved in the experience. And we had our ultimate division which was those who had competed in several times before. And the winner of that competition was North Hollywood. They've been the winning team for four years in a row. Now it's a phenomenal program, they have their hats off to them for competing and winning again. Now what's really cool is not only did they have to show their technical prowess in the game but they also have to then brief and out-brief what they've learned to a panel of judges. And these are not pushovers. These are experts in the field of cybersecurity in space. We even had a couple of goons participating from DefCon and the teams present their findings. So not only are we talking technical, we're talking about presentation skills. The ability to speak and understand. And let me tell you, after reading all of their texts to each other over the weekend adds a whole new language they're using to interact with each other. It's amazing. And they are so more advanced and ready to understand space problems and virtual problems than we are. We have to challenge them even more. >> Well, it sounds like North Hollywood got the franchise. It's likethe Patriots, the Lakers, they've got a dynasty developing down there in North Hollywood. >> Well, what happens when there's a dynasty you have to look for other talent. So next year we're going global and we're going to have multiple states involved in the challenge and we're going to go international. So if North Hollywood pulls it off again next year, it's going to be because they've met the best in the world than defeated >> Okay, the gauntlet has been thrown down, got to take down North Hollywood from winning again next year. We'll be following that. Bill, great to get those results on the cyber challenge we'll keep track and we'll put a plug for it on our site. So we got to get some press on that. My question to you is now as we're going digital, other theme was that they want to hire digital natives into the space force. Okay, the DOD is looking at new skills. This was a big theme throughout the conference not just the commercial partnerships with government which I believe they had kind of put more research and personally, that's my personal opinion. They should be putting in way more research into academic and these environments to get more creative. But the skill sets was a big theme. What's your thoughts on how you saw some of the highlight moments there around skill sets? >> John, it's really interesting 'cause what we've noticed is in the past, everybody thinks skill sets for the engineering students. And it's way beyond that. It's all the students, it's all of them understanding what we call cyber cognizance. Understanding how cybersecurity works whatever career field they choose to be in. Space, there is no facet of supporting space that doesn't need that cyber cognizance. If you're in the back room doing the operations, you're doing the billing, you're doing the contracting. Those are still avenues by which cybersecurity attacks can be successful and disrupt your space mission. The fact that it's international, the connectivities, all of those things means that everyone in that system digitally has to be aware of what's going on around them. That's a whole new thought process. It's a whole new way of addressing a problem and dealing with space. And again it's virtual to everyone. >> That's awesome. Bill, great to have you on. Thank you for including theCUBE virtual, our CUBE event software platform that we're rolling out. We've been using it for the event and thank you for your partnership in this co-creation opening up your community, your symposium to the world, and we're so glad to be part of it. I want to thank you and Dustin and the team and the President of Cal Poly for including us. Thank you very much. >> Thank you, John. It's been an amazing partnership. We look forward to it in the future. >> Okay, that's it. That concludes the Space and Cybersecurity Symposium 2020. I'm John Furrier with theCUBE, your host with Cal Poly, who put on an amazing virtual presentation, brought all the guests together. And again, shout out to Bill Britton and Dustin DeBrum who did a great job as well as the President of Cal poly who endorsed and let them do it all. Great event. See you soon. (flash light sound)

>> live from Boston, Massachusetts. It's the Cube covering A W s reinforce 2019. Brought to you by Amazon Web service is and its ecosystem partners. >> Well, welcome back. Everyone's Cube Live coverage here in Boston, Massachusetts, for AWS. Reinforce Amazon Web sources. First inaugural conference around security. It's not Osama. It's a branded event. Big time ecosystem developing. We have returning here. Cube Alumni Bill Jeff for VP of strategy and the partnerships that Iron Net Cyber Security Company. Welcome back. Thanks. General Keith Alexander, who was on a week and 1/2 ago. And it was public sector summit. Good to see you. Good >> to see you. Thanks for >> having my back, but I want to get into some of the Iran cyber communities. We had General Qi 1000. He was the original commander of the division. So important discussions that have around that. But don't get your take on the event. You guys, you're building a business. The minute cyber involved in public sector. This is commercial private partnership. Public relations coming together. Yeah. Your models are sharing so bringing public and private together important. >> Now that's exactly right. And it's really great to be here with eight of us were really close partner of AWS is we'll work with them our entire back in today. Runs on AWS really need opportunity. Get into the ecosystem, meet some of the folks that are working that we might work with my partner but to deliver a great product, right? And you're seeing a lot of people move to cloud, right? And so you know some of the big announcement that are happening here today. We're willing. We're looking to partner up with eight of us and be a first time provider for some key new Proactiv elves. AWS is launching in their own platform here today. So that's a really neat thing for us to be partnered up with this thing. Awesome organization. I'm doing some of >> the focus areas around reinforcing your party with Amazon shares for specifics. >> Yes. So I don't know whether they announced this capability where they're doing the announcement yesterday or today. So I forget which one so I'll leave that leave that leave that once pursued peace out. But the main thing is, they're announcing couple of new technology plays way our launch party with them on the civility place. So we're gonna be able to do what we were only wanted to do on Prem. We're gonna be able to do in the cloud with AWS in the cloud formation so that we'll deliver the same kind of guy that would deliver on prime customers inside their own cloud environments and their hybrid environment. So it's a it's a it's a sea change for us. The company, a sea change for a is delivering that new capability to their customers and really be able to defend a cloud network the way you would nonpregnant game changer >> described that value, if you would. >> Well, so you know, one of the key things about about a non pregnant where you could do you could look at all the flows coming past you. You look at all the data, look at in real time and develop behavior. Lana looks over. That's what we're doing our own prime customers today in the cloud with his world who looked a lox, right? And now, with the weight of your capability, we're gonna be able to integrate that and do a lot Maur the way we would in a in a in a normal sort of on Prem environment. So you really did love that. Really? Capability of scale >> Wagon is always killed. The predictive analytics, our visibility and what you could do. And too late. Exactly. Right. You guys solve that with this. What are some of the challenges that you see in cloud security that are different than on premise? Because that's the sea, So conversation we've been hearing. Sure, I know on premise. I didn't do it on premises for awhile. What's the difference between the challenge sets, the challenges and the opportunities they provide? >> Well, the opportunities air really neat, right? Because you've got that even they have a shared responsibility model, which is a little different than you officially have it. When it's on Prem, it's all yours essential. You own that responsibility and it is what it is in the cloud. Its share responsible to cloud provider the data holder. Right? But what's really cool about the cloud is you could deliver some really interesting Is that scale you do patch updates simultaneously, all your all your back end all your clients systems, even if depending how your provisioning cloud service is, you could deliver that update in real time. You have to worry about. I got to go to individual systems and update them, and some are updated. Summer passed. Some aren't right. Your servers are packed simultaneously. You take him down, you're bringing back up and they're ready to go, right? That's a really capability that for a sigh. So you're delivering this thing at scale. It's awesome now, So the challenge is right. It's a new environment so that you haven't dealt with before. A lot of times you feel the hybrid environment governed both an on Prem in sanitation and class sensation. Those have to talkto one another, right? And you might think about Well, how do I secure those those connections right now? And I think about spending money over here when I got all seduced to spend up here in the cloud. And that's gonna be a hard thing precisely to figure out, too. And so there are some challenges, but the great thing is, you got a whole ecosystem. Providers were one of them here in the AWS ecosystem. There are a lot here today, and you've got eight of us as a part of self who wants to make sure that they're super secure, but so are yours. Because if you have a problem in their cloud, that's a challenge. Them to market this other people. You talk about >> your story because your way interviews A couple weeks ago, you made a comment. I'm a recovering lawyer, kind of. You know, we all laughed, but you really start out in law, right? >> How did you end up here? Yeah, well, the truth is, I grew up sort of a technology or myself. My first computer is a trash 80 a trs 80 color computer. RadioShack four k of RAM on board, right. We only >> a true TRS 80. Only when I know what you're saying. That >> it was a beautiful system, right? Way stored with sword programs on cassette tapes. Right? And when we operated from four Keita 16 k way were the talk of the Rainbow Computer Club in Santa Monica, California Game changer. It was a game here for 16. Warning in with 60 give onboard. Ram. I mean, this is this is what you gonna do. And so you know, I went from that and I in >> trouble or something, you got to go to law school like you're right >> I mean, you know, look, I mean, you know it. So my dad, that was a chemist, right? So he loved computers, love science. But he also had an unrequited political boners body. He grew up in East Africa, Tanzania. It was always thought that he might be a minister in government. The Socialist came to power. They they had to leave you at the end of the day. And he came to the states and doing chemistry, which is course studies. But he still loved politics. So he raised at NPR. So when I went to college, I studied political science. But I paid my way through college doing computer support, life sciences department at the last moment. And I ran 10 based. He came on climate through ceilings and pulled network cable do punch down blocks, a little bit of fibrous placing. So, you know, I was still a murderer >> writing software in the scythe. >> One major, major air. And that was when when the web first came out and we had links. Don't you remember? That was a text based browser, right? And I remember looking to see him like this is terrible. Who would use http slash I'm going back to go for gophers. Awesome. Well, turns out I was totally wrong about Mosaic and Netscape. After that, it was It was it was all hands on >> deck. You got a great career. Been involved a lot in the confluence of policy politics and tech, which is actually perfect skill set for the challenge we're dealing. So I gotta ask you, what are some of the most important conversations that should be on the table right now? Because there's been a lot of conversations going on around from this technology. I has been around for many decades. This has been a policy problem. It's been a societal problem. But now this really focus on acute focus on a lot of key things. What are some of the most important things that you think should be on the table for techies? For policymakers, for business people, for lawmakers? >> One. I think we've got to figure out how to get really technology knowledge into the hands of policymakers. Right. You see, you watch the Facebook hearings on Capitol Hill. I mean, it was a joke. It was concerning right? I mean, anybody with a technology background to be concerned about what they saw there, and it's not the lawmakers fault. I mean, you know, we've got to empower them with that. And so we got to take technologist, threw it out, how to get them to talk policy and get them up on the hill and in the administration talking to folks, right? And one of the big outcomes, I think, has to come out of that conversation. What do we do about national level cybersecurity, Right, because we assume today that it's the rule. The private sector provides cyber security for their own companies, but in no other circumstance to expect that when it's a nation state attacker, wait. We don't expect Target or Wal Mart or any other company. J. P. Morgan have surface to air missiles on the roofs of their warehouses or their buildings to Vegas Russian bear bombers. Why, that's the job of the government. But when it comes to cyberspace, we expect Private Cummings defending us everything from a script kiddie in his basement to the criminal hacker in Eastern Europe to the nation state, whether Russia, China, Iran or North Korea and these nation states have virtually a limited resource. Your armies did >> sophisticated RND technology, and it's powerful exactly like a nuclear weaponry kind of impact for digital. >> Exactly. And how can we expect prices comes to defend themselves? It's not. It's not a fair fight. And so the government has to have some role. The questions? What role? How did that consist with our values, our principles, right? And how do we ensure that the Internet remains free and open, while still is sure that the president is not is not hampered in doing its job out there. And I love this top way talk about >> a lot, sometimes the future of warfare. Yeah, and that's really what we're talking about. You go back to Stuxnet, which opened Pandora's box 2016 election hack where you had, you know, the Russians trying to control the mean control, the narrative. As you pointed out, that that one video we did control the belief system you control population without firing a shot. 20 twenties gonna be really interesting. And now you see the U. S. Retaliate to Iran in cyberspace, right? Allegedly. And I was saying that we had a conversation with Robert Gates a couple years ago and I asked him. I said, Should we be Maur taking more of an offensive posture? And he said, Well, we have more to lose than the other guys Glasshouse problem? Yeah, What are your thoughts on? >> Look, certainly we rely intimately, inherently on the cyber infrastructure that that sort of is at the core of our economy at the core of the world economy. Increasingly, today, that being said, because it's so important to us all the more reason why we can't let attacks go Unresponded to write. And so if you're being attacked in cyberspace, you have to respond at some level because if you don't, you'll just keep getting punched. It's like the kid on the playground, right? If the bully keeps punching him and nobody does anything, not not the not the school administration, not the kid himself. Well, then the boy's gonna keep doing what he's doing. And so it's not surprising that were being tested by Iran by North Korea, by Russia by China, and they're getting more more aggressive because when we don't punch back, that's gonna happen. Now we don't have to punch back in cyberspace, right? A common sort of fetish about Cyrus is a >> response to the issue is gonna respond to the bully in this case, your eggs. Exactly. Playground Exactly. We'll talk about the Iran. >> So So if I If I if I can't Yeah, the response could be Hey, we could do this. Let them know you could Yes. And it's a your move >> ate well, And this is the key is that it's not just responding, right. So Bob Gates or told you we can't we talk about what we're doing. And even in the latest series of alleged responses to Iran, the reason we keep saying alleged is the U. S has not publicly acknowledged it, but the word has gotten out. Well, of course, it's not a particularly effective deterrence if you do something, but nobody knows you did it right. You gotta let it out that you did it. And frankly, you gotta own it and say, Hey, look, that guy punch me, I punch it back in the teeth. So you better not come after me, right? We don't do that in part because these cables grew up in the intelligence community at N S. A and the like, and we're very sensitive about that But the truth is, you have to know about your highest and capabilities. You could talk about your abilities. You could say, Here are my red lines. If you cross him, I'm gonna punch you back. If you do that, then by the way, you've gotta punch back. They'll let red lines be crossed and then not respond. And then you're gonna talk about some level of capabilities. It can't all be secret. Can't all be classified. Where >> are we in this debate? Me first. Well, you're referring to the Thursday online attack against the intelligence Iranian intelligence community for the tanker and the drone strike that they got together. Drone take down for an arm in our surveillance drones. >> But where are we >> in this debate of having this conversation where the government should protect and serve its people? And that's the role. Because if a army rolled in fiscal army dropped on the shores of Manhattan, I don't think Citibank would be sending their people out the fight. Right? Right. So, like, this is really happening. >> Where are we >> on this? Like, is it just sitting there on the >> table? What's happening? What's amazing about it? Hi. This was getting it going well, that that's a Q. What's been amazing? It's been happening since 2012 2011 right? We know about the Las Vegas Sands attack right by Iran. We know about North Korea's. We know about all these. They're going on here in the United States against private sector companies, not against the government. And there's largely been no response. Now we've seen Congress get more active. Congress just last year passed to pass legislation that gave Cyber command the authority on the president's surgery defenses orders to take action against Russia, Iran, North Korea and China. If certain cyber has happened, that's a good thing, right to give it. I'll be giving the clear authority right, and it appears the president willing to make some steps in that direction, So that's a positive step. Now, on the back end, though, you talk about what we do to harden ourselves, if that's gonna happen, right, and the government isn't ready today to defend the nation, even though the Constitution is about providing for the common defense, and we know that the part of defense for long. For a long time since Secretary Panetta has said that it is our mission to defend the nation, right? But we know they're not fully doing that. How do they empower private sector defense and one of keys That has got to be Look, if you're the intelligence community or the U. S. Government, you're Clinton. Tremendous sense of Dad about what you're seeing in foreign space about what the enemy is doing, what they're preparing for. You have got to share that in real time at machine speed with industry. And if you're not doing that and you're still count on industry to be the first line defense, well, then you're not empowered. That defense. And if you're on a pair of the defense, how do you spend them to defend themselves against the nation? State threats? That's a real cry. So >> much tighter public private relationship. >> Absolutely, absolutely. And it doesn't have to be the government stand in the front lines of the U. S. Internet is, though, is that you could even determine the boundaries of the U. S. Internet. Right? Nobody wants an essay or something out there doing that, but you do want is if you're gonna put the private sector in the in the line of first defense. We gotta empower that defense if you're not doing that than the government isn't doing its job. And so we gonna talk about this for a long time. I worked on that first piece of information sharing legislation with the House chairman, intelligence Chairman Mike Rogers and Dutch Ruppersberger from Maryland, right congressman from both sides of the aisle, working together to get a fresh your decision done that got done in 2015. But that's just a first step. The government's got to be willing to share classified information, scaled speed. We're still not seeing that. Yeah, How >> do people get involved? I mean, like, I'm not a political person. I'm a moderate in the middle. But >> how do I How do people get involved? How does the technology industry not not the >> policy budgets and the top that goes on the top tech companies, how to tech workers or people who love Tad and our patriots and or want freedom get involved? What's the best approach? >> Well, that's a great question. I think part of is learning how to talk policy. How do we get in front policymakers? Right. And we're I run. I run a think tank on the side at the National Institute at George Mason University's Anton Scalia Law School Way have a program funded by the Hewlett Foundation who were bringing in technologists about 25 of them. Actually. Our next our second event. This Siri's is gonna be in Chicago this weekend. We're trained these technologies, these air data scientists, engineers and, like talk Paul's right. These are people who said We want to be involved. We just don't know how to get involved And so we're training him up. That's a small program. There's a great program called Tech Congress, also funded by the U. A. Foundation that places technologists in policy positions in Congress. That's really cool. There's a lot of work going on, but those are small things, right. We need to do this, its scale. And so you know, what I would say is that their technology out there want to get involved, reach out to us, let us know well with our partners to help you get your information and dad about what's going on. Get your voice heard there. A lot of organizations to that wanna get technologies involved. That's another opportunity to get in. Get in the building is a >> story that we want to help tell on be involved in David. I feel passion about this. Is a date a problem? So there's some real tech goodness in there. Absolutely. People like to solve hard problems, right? I mean, we got a couple days of them. You've got a big heart problems. It's also for all the people out there who are Dev Ops Cloud people who like to work on solving heart problems. >> We got a lot >> of them. Let's do it. So what's going on? Iron? Give us the update Could plug for the company. Keith Alexander found a great guy great guests having on the Cube. That would give the quick thanks >> so much. So, you know, way have done two rounds of funding about 110,000,000. All in so excited. We have partners like Kleiner Perkins Forge point C five all supporting us. And now it's all about We just got a new co CEO in Bill Welshman. See Scaler and duo. So he grew Z scaler. $1,000,000,000 valuation he came in to do Oh, you know, they always had a great great exit. Also, we got him. We got Sean Foster in from from From Industry also. So Bill and Sean came together. We're now making this business move more rapidly. We're moving to the mid market. We're moving to a cloud platform or aggressively and so exciting times and iron it. We're coming toe big and small companies near you. We've got the capability. We're bringing advanced, persistent defense to bear on his heart problems that were threat analytics. I collected defence. That's the key to our operation. We're excited >> to doing it. I call N S A is a service, but that's not politically correct. But this is the Cube, so >> Well, look, if you're not, if you want to defensive scale, right, you want to do that. You know, ECE knows how to do that key down here at the forefront of that when he was in >> the government. Well, you guys are certainly on the cutting edge, riding that wave of common societal change technology impact for good, for defence, for just betterment, not make making a quick buck. Well, you know, look, it's a good business model by the way to be in that business. >> I mean, It's on our business cards. And John Xander means it. Our business. I'd say the Michigan T knows that he really means that, right? Rather private sector. We're looking to help companies to do the right thing and protect the nation, right? You know, I protect themselves >> better. Well, our missions to turn the lights on. Get those voices out there. Thanks for coming on. Sharing the lights. Keep covers here. Day one of two days of coverage. Eight of us reinforce here in Boston. Stay with us for more Day one after this short break.

>> Narrator: Live, from Washington DC, it's theCUBE. Covering AWS Public Sector Summit. Brought to you by Amazon Web Services. >> Welcome back everyone to theCUBE's live coverage of the AWS Public Sector Summit here in our nation's capital. I'm your host, Rebecca Knight. Co-hosting along side John Furrier. We are joined by Jamil Jaffer, he is the VP Strategy and Partnerships at IronNet. Thanks so much for coming on theCUBE. >> Thanks for having me Rebecca. >> Rebecca: I know you've been watching us for a long time so here you are, soon to be a CUBE alumn. >> I've always wanted to be in theCUBE, it's like being in the octagon but for computer journalists. (laughing) I'm pumped about it. >> I love it. Okay, why don't you start by telling our viewers a little bit about IronNet and about what you do there. >> Sure, so IronNet was started about 4 1/2 years ago, 5 years ago, by General Kieth Alexander, the former director of the NSA and founding commander of US Cyber command. And essentially what we do is, we do network traffic analytics and collective defense. Now I think a lot of people know what network traffic analytics are, you're looking for behavioral anomalies and network traffic, trying to identify the bad from the good. Getting past all the false positives, all the big data. What's really cool about what we do is collective defense. It's this idea that one company standing alone can't defend itself, it's got to work with multiple companies, it's got to work across industry sectors. Potentially even with the governments, and potentially across allied governments, really defending one another. And the way that works, the way we think about that, is we share all the anomalies we see across multiple companies to identify threat trends and correlations amongst that data, so you can find things before they happen to you. And so the really cool idea here is, that something may not happen to you, but it may happen to your colleague, you find about it, you're defended against it. And it takes a real commitment by our partners, our companies that we work with, to do this, but increasingly they're realizing the threat is so large, they have no choice but to work together, and we provide that platform that allows that to happen. >> And the premise is that sharing the data gives more observational space to have insights into that offense, correct? >> That's exactly right. It's as though, it's almost like you think about an air traffic control picture, or a radar picture, right? The idea being that if you want to know what's happening in the air space, you got to see all of it in real time at machine speed, and that allows you to get ahead of the threats rather than being reactive and talking about instant response, we're talking about getting ahead of the problems before they happen so you can stop them and prevent the damage ahead of time. >> So you're an expert, they're lucky to have you. Talk about what you've been doing before this. Obviously a lot of experience in security. Talk about some about some of the things you've done in the past. >> So I have to admit to being a recovering lawyer, but you have to forgive me because I did grow up with computers. I had a Tandy TRS-80 Color computer when I first started. 4K of all more RAM, we upgraded to 16K, it was the talk of the rainbow computer club, what are you doing, 16K of RAM? (laughing) I mean, it was-- >> Basic programming language, >> That's right. (laughing) Stored on cassette tapes. I remember when you used to have to punch a hole in the other side of a 5 1/4 floppy disc to make it double sided. >> Right, right. >> John: Glory days. >> Yeah, yeah. I paid my way through college running a network cable, but I'm a recovering lawyer, and so my job in the government, I worked at the House Intelligence Committee, the Senate Foreign Relations Committee and then the Bush administration on the Comprehensive National Cybersecurity Initiative, both the Justice Department and the White House. >> You've seen the arc, you've seen the trajectory, the progress we're making now seems to me slower than it should be, obviously a lot of inertia as Amy Chasity said today about these public sector government agencies, what not. But a real focus has been on it, we've been seeing activity. Where are we with the state of the union around the modernization of cyber and awareness to what's happening? How critical are people taking this threat seriously? >> Well I think I variety of things to say on that front. First, the government itself needs modernize its systems, right? We've seen that talked about in the Obama administration, we've seen President Trump put out an executive order on modernization of federal infrastructure. The need to move to the cloud, the need to move to shared services, make them more defensible, more resilient long-term. That's the right move. We've seen efforts at the Department of Defense and elsewhere. They aren't going as fast as the need to, more needs to happen on that front. IT modernization can really be accelerated by shifting to the cloud, and that's part of why that one of the things that IronNet's done really aggressively is make a move into the cloud space, putting all of our back end in the cloud and AWS. And also, ability, capability to do surveillance and monitoring. When I say surveillance I mean network threat detection not surveillance of the old kind. But network threat detection in the cloud, and in cloud-enabled instances too. So both are important, right? Classic data centers, but also in modern cloud infrastructure. >> Yeah, one of the things people want to know about is what your enemy looks like, and now with the democratization with open source, and democratization of tools, the enemies could be hiding through obscure groups. The states, the bad actors and the state actors can actually run covert activities through other groups, so this is kind of a dynamic that creates confusion. >> No, in fact, it's their actual mode of operating, right? It's exactly what they do, they use proxies, right? So you'll see the Russians operating, looking like a criminal hacker group operating out of the eastern Europe. In part because a lot of those Russian criminal rings, in actuality. You see a lot of patriotic hackers, right? I would tell most people, if you see a patriotic hacker there's probably a government behind that whole operation. And so the question becomes, how do you confront that threat, right? A lot of people say deterrence doesn't work in cyberspace. I don't believe that. I think deterrence can and does work in cyberspace, we just don't practice it. We don't talk about our capabilities, we don't talk our red lines, we don't talk about what'll happen if you cross our red lines, and when we do establish red lines and they're crossed, we don't really enforce them. So it's no surprise that our enemies, or advisories, are hitting us in cyberspace, are testing our boundaries. It's cause we haven't really give them a sense of where those lines are and what we're going to do if they cross them. >> Are we making an progress on doing anything here? What's the state of the market there? >> Well the government appears to have gotten more aggressive, right? We've seen efforts in congress to give the Department of Defense and the US Intelligence Committee more authorities. You can see the stand up of US Cyber Command. And we've seen more of a public discussion of these issues, right? So that's happening. Now, is it working? That's a harder question to know. But the real hard question is, what do you do on private sector defense? Because our tradition has been, in this country, that if it's a nation-state threat, the government defends you against it. We don't expect Target or Walmart or Amazon to have service to air missiles on the roof of your buildings to defend against Russian Bear bombers. We expect the government to do that. But in cyberspace, the idea's flipped on its head. We expect Amazon and every company in America, from a mom and pop shop, all the way up to the big players, to defend themselves against script kiddies, criminal hacker gangs, and nation-states. >> John: And randomware's been taking down cities, Baltimore, recent example, >> Exactly. >> John: multiple times. Hit that well many times. >> That's right, that's right. >> Talk about where the US compares. I mean, here as you said, the US, we are starting to have these conversations, there's more of an awareness of these cyber threats. But modernization has been slow, it does not quite have the momentum. How do we rate with other countries? >> Well I think in a lot of ways we have the best capabilities when it comes to identifying threats, identifying the adversary, the enemy, and taking action to respond, right? If we're not the top one, we're in the top two or three, right? And the question, though, becomes one of, how do you work with industry to help industry become that good? Now our industry is at the top of that game also, but when you're talking about a nation-state, which has virtually unlimited resources, virtually unlimited man-power to throw at a problem, it's not realistic to expect a single company to defend itself, and at the same time, we as a nation are prepared to say, "Oh, the Department of Defense should be sitting on "the boundaries of the US internet." As if you could identify them even, right? And we don't want that. So the question becomes, how does the government empower the private sector to do better defense for itself? What can the government do working with industry, and how can industry work with one another, to defend each other? We really got to do collective defense, not because it makes sense, which it does, but because there is no other option if you're going to confront nation-state or nation-state enabled actors. And that's another threat, we've seen the leakage of nation-state capabilities out to a lot broader of an audience now. That's a problem, even though that may be 2013 called and wants it's hack back, those things still work, right? What we saw in Baltimore was stuff that has been known for a long time. Microsoft has released patches long ago for that, and yet, still vulnerable. >> And the evolution of just cyber essential command, and Cyber Command, seems to be going slow, at least from my frame. Maybe I'm not in the know, but what is the imperative? I mean, there's a lot of problems to solve. How does the public sector, how does the government, solve these problems? Is cloud the answer? What are some of the things that people of this, the top minds, discussing? >> Well and I think cloud is clearly one part of the solution, right? There's no question that when you move to a cloud infrastructure, you have sort of a more bounded perimeter, right? And that provides that ability to also rapidly update, you could update systems in real time, and in mass. There's not going around and bringing your floppy disc and loading software, and it sounds like that's sort of a joke about an older era, but you look at what happened with NotPetya and you read this great Wired article about what happened with NotPetya, and you look at Maersk. And the way that Maersk brought its systems back up, was they had domain controller in Africa that had gone down due to a power surge, where they were able to recover the physical hard drive and re-image all their world-wide domain controls off of that one hard drive. You think about a major company that runs a huge percentage of the world's ports, right? And this is how they recovered, right? So we really are in that, take your disc and go to computers. In a cloud infrastructure you think about how you can do that in real time, or rapidly refresh, rapidly install patches, so there's a lot of that, that's like a huge part of it. It's not a complete solution, but it's an important part. >> Yeah, one of the things we talk about, a lot of tech guys, is that this debate's around complexity, versus simplicity. So if you store your data in one spot, it's easy to audit and better for governing compliance, but yet easier for hackers to penetrate. From an IQ standpoint, the more complex it is, distributed, harder. >> Yeah I think that's right. >> John: But what's the trade off there? How are people thinking about that kind of direction? >> No that's a great question, right? There's a lot of benefits to diversity of systems, there's a lot of benefit to spreading out your crown jewels, the heart of your enterprise. At the same time, there's real resilience in putting it in one place, having it well defended. Particularly when it's a shared responsibility and you have partial responsibility for the defense, but the provider to, I mean, Amazon, and all the other cloud providers, Microsoft and Google, all have it in their own self interest to really defend their cloud really well. Because whether or not you call it shared responsibility, it's your stock price that matters if you get hit, right? And so, instead of you, Amazon, and all the other cloud players have an incentive to do the right thing and do it really well. And so this shared responsibility can work to both side's benefits. That being said, there's an ongoing debate. A lot of folks want to do there stuff on-prem in a lot of ways. You know, a lot of us are old school, right? When you touch it, you feel it, you know it's there. And we're working through that conversation with folks, and I think that at the end of the day, the real efficiency gains and the power of having super computing power at your fingertips for analytics, for consumer purposes and the like. I really think there's no way to avoid moving to a cloud infrastructure in the long run. >> I know you said you were a recovering lawyer, but you are the founding director of the National Security Institute at the Antonin Scalia School of Law. How are you thinking about educating the next generation of lawyers who could indeed become policy makers or at least work on these committees, to think about these threats that we don't even know about yet? >> That's a great question. So one of the things we're doing, is we're working through the process with the state commission on establishing a new LLM and cyber intelligence national security law. That'll be a great opportunity for lawyers to actually get an advanced degree in these issues. But we're also training non-lawyers. One of the interesting things is, you know, One of the challenges DC has, is we make a lot of tech policy, a lot of it not great, because it's not informed by technologists, so we've got a great partnership with the Hewlett Foundation where we're bringing technologists from around the country, mid-career folks, anywhere from the age of 24 to 38. We're bringing them to DC and we're educating them on how to talk to policy makers. These are technologists, these are coders, data scientists, all the like, and it's a real opportunity for them to be able to be influential in the process of making laws, and know how to involve themselves and talk that speak. Cause, DC speak is a certain thing, right? (laughing) And it's not typically consistent with tech speak, so we're trying to bridge that gap and the Hewlett Foundation's been a great partner in that effort. >> On that point about this collaboration, Silicon Valley's been taking a lot of heat lately, obviously Zuckerberg and Facebook in the news again today, more issues around irresponsibility, but they were growing a rocket ship, I mean, company's only 15 years old roughly. So the impact's been significant, but tech has moved so fast. Tech companies usually hire policy folks in DC to speak the language, educate, a little bit different playbook. But now it's a forcing function between two worlds colliding. You got Washington DC, the Silicon Valley cultures have to blend now. What are some of the top minds thinking about this? What are some of the discussions happening? What's the topic of conversations? >> Well look, I mean, you've see it in the press, it's no surprise you're hearing this talk about breaking up big tech companies. I mean, it's astounding. We used to live in world in which being successful was the American way, right? And now, it seems like at least, without any evidence of anti-trust concerns, that we're talking about breaking up companies that have otherwise hugely successful, wildly innovative. It's sort of interesting to hear that conversation, it's not just one party, you're hearing this in a bipartisan fashion. And so it's a concern, and I think what it reveals to tech companies is, man, we haven't be paying a lot of attention to these guys in DC and they can cause real trouble. We need to get over there and starting talking to these folks and educating them on what we do. >> And the imperative for them is to do the right thing, because, I mean, the United States interest, breaking up, say, Facebook, and Google, and Apple, and Amazon, might look good on paper but China's not breaking up Alibaba anytime soon. >> To the contrary. They're giving them low-interest loans and helping them all to excel. It's crazy. >> Yeah, and they have no R&D by the way, so that's been- >> Jamil: Right, because they stole all of our IP. >> So the US invests in R&D that is easily moving out through theft, that's one issue. You have digital troops on our shores from foreign nations, some will argue, I would say yes. >> Jamil: Inside the border. >> Inside the border, inside the interior, with access to the power grids, our critical infrastructure, this is happening now. So is the government now aware of the bigger picture around what we have as capabilities and criticalities that were needed now for digital military? What is that conversation like? >> Well I think they're having this conversation, right? I think the government knows it's a problem, they know that actually in a lot of ways a partnership with tech is better than an adversary relationship. That doesn't change the fact that, for some reason, in the last three, four years, we really have seen what some people are calling a "techlash", right? A backlash against technology. It kind of strikes me as odd, because of course, the modern economy that we've so benefited from is literally built on the back of the innovations coming out of the Silicon Valley, out of the west coast, and out of the DC metro area, where a lot these tech companies are developing some of the most innovative new ideas. Now they're, frankly, helping government innovate. So Amazon's a key part of that effort, right? Here in the public sector. And so I'm hoping that education will help, I know that the arrival of tech companies here to really have that conversation in an open and sensible way, I hope will sort of waft back some of this. But I worry that for too long the tech and the policies have ignored on another. And now they're starting to intersect as you say, and it has the possibility of going wrong fast, and I'm hoping that doesn't happen. >> You know, one of the things that Rebecca and I were talking about was this talent gap between public sector and private sector. These agencies aren't going to go public anytime soon, so maybe they should get equity deals and get a financial incentive. (laughing) You know what I mean? Shrink down the cost, increase the value. But as you get the collaboration between the two parties, the cloud is attracting smart people, because it gives you an accelerant of value. So people can see some entry points to land, some value out of the gate, verus giving up and abandoning it through red tape, or in other processes. So you starting to see smart people get attracted to cloud as a tool for making change. How is that working? And how is that going to work? Cause this could be coming to the partnership side of it. People might not want to work for the government, but could work with the government. This is a dynamic that we see as real. What's your thoughts? >> I think that's exactly right. Having these cloud infrastructures gives the ability to one, leverage huge amounts of computing power, but also to leverage insights and knowledge from the private sector in ways that you never could have imagined. So I really do think the cloud is an opportunity to bring real benefits from private sector innovation into the public sector very rapidly, right? So, broad-clouded option. And that's part of why John Alexander, my boss, and I have been talking a lot about the need for broad-clouded option. It's not just innovative in technology, it's benefits to the war fighter, Right? I mean, these are real, tangible benefits pushing data in real time, the war fighter, You know John Alexander had one of the biggest innovations in modern war fighting, where he's able to take civil intelligence down from weeks and months, down to minutes and seconds, that the naval and our war fighters in Iraq and Afghanistan to really take the fight to the enemy. The cloud brings that power scaled up to a huge degree, right? By orders of magnitude. And so the government recognizes this and yet today we don't see them yet moving rapidly in that direction. So I think the EO was a good move, a good first step in that direction, now we got to see it implemented by the various agencies down below. >> Well we'll kep in touch, great to have you on. I know we're wrapping up the day here, they're breaking down, we're going to pull the plug literally. (laughing) We'll keep in touch and we'll keep progress on you. >> Thank you so much, I appreciate it. >> Rebecca: Jamil, you are now a CUBE alumn, >> I love it, thank you. >> Rebecca: So congrats, you've joined the club. >> I love it. >> I'm Rebecca Knight for John Furrier you have been watching theCUBE's live coverage of the AWS Public Sector Summit. (electronic music)