>>We work with and we cover some of the old guard, older companies like Dell EMC, HPE, Oracle, IBM, Microsoft. And they're doing really good work pivoting and trying to be ready for this new wave. It's not just not a blockchain. It's just how the world works. Cloud, you know, IOT, but decentralized cannot be ignored. Are they ready? Do you think they're ready? Do you think they even understand what's coming and >>No, no, they're not ready. And it's not, to me. It's not even about just blockchain. I mean, blockchain technology they can adopt. The bigger issue is digital disruption and digital disruption is all about the data at the core of the organization and, and business models that are built around data. And if you think about the history of companies, it's human expertise and data is bolted on, and we've seen this time and time again. But if you look at the top five market cap companies, Facebook, Amazon, Google, et cetera, they're data companies. Data is at the center and they take human expertise and wrap it around there. So the future is going to be about innovation with data, with artificial intelligence and cloud economics, and the old guard doesn't have those things. Blockchain fits in there. To me, blockchain is about building out a new distributed web and on top of the old web and rewarding those who are building it. So it's a new form of open source where the builders get paid.

(ambient soft rock music) - First, GDPR is probably the best representation of really good, stringent, proper consumer privacy data controls that exist. So even if you're not compelled to abide by GDPR, it's a great road map and it's a great model to follow 'cause it's just good data discipline. We also have the good fortune at Informatica that some of the leading healthcare organizations in the country are our customers and they happen to have footprints in Europe, and so they do in fact have a GDPR challenge. Do I have a patient from the EU that's coming to my U.S. based facility? Do I have a U.S. based patient that's in a EU facility? Do I have an EU licensed provider? Right, the complexity of the GDPR challenge for some of our U.S. based healthcare customers is pretty involved and they're acutely aware of it. So I don't think there's been anything like GDPR in terms of data protection that's existed in healthcare. - GDPR by the way is a data problem. So GDPR is not necessarily a compliance security problem because you want to understand which data path to boundaries, who's accessing it, true data problem. So today, I mean in fact at Informatica you have customers like PayPal talking about their journey with us on GDPR. So you begin with the catalog and then we have three products that help in the GDPR journey, the catalog, Secure@Source, and the Data Governance Axon product. And again, each company's GDPR implications are slightly different and companies like I said like PayPal are using our products to run the GDPR activity right now. So we're seeing that going through the roof and in fact one of the big use cases for catalog has been in the context of governance and GDPR. - With the introduction of GDPR this year really brings a spotlight onto all the data privacy issues that we have to deal with around the world, but I think we have a fundamental problem with security which is it's still this baked on, add on, a thing that's applied to your applications and instead we actually need to look at programming languages in the apps that you write as being security-proof from the very beginning and that's gonna require a programming language to do that at the lowest level and an OS as well. - How is Ballerina handling that? They doing it up front, what's the-- - Our approach to it is that we assume all data is tainted and that the developer has to explicitly say this is safe data to avoid intrusion attacks on that. So the compiler will actually reject any code that is not explicitly given that task. - Very simply, what does GDPR promise, right? It's restoring the fundamental rights of data subjects in terms of their ownership of their data and the processing of their data and the ability to know how that data is used at any point in time. Now imagine if you're a data scientist and you could for a problem that you're trying to solve have the same kind of guarantees. You know all about the data, you know where it resides, you know exactly what it contains. They are very similar. They both are asking for the same type of information. So in a sense if you solve the GDPR problem well, you have to really understand your data assets very well and you have to have it governed really well which is exactly the same need for data scientists. So in a way, I see them as, you know, they're twins. Separated at some point, but.

- So our first prediction relates to how data governance is likely to change in a global basis. If we believe that we need to turn more data into work, businesses haven't generally adopted many of the principles associated with those practices. They haven't optimized to do that better. They haven't elevated those concepts within the business as broadly and successfully as they have, or as they should. We think that's gonna change, in part, by the emergence of GDPR, or the General Data Protection Regulation. It's gonna go in full effect in May 2018. A lot has been written about it. A lot has been talked about. But our core issues ultimately are, is that the dictates associated with GDPR are going to elevate the conversation on a global basis. And it mandates something that's now called the Data Protection Officer. We're gonna talk about that in a second, Dave Elonte. But it is going to have real teeth. So we were talking with one Chief Privacy Officer not too long ago who suggested that had the Equifax breach occurred under the rules of GDPR, that the actual fines that would have been levied would have been in excess of $160 billion dollars, which is a little bit more than the $0 dollars that has been fined thus far. Now we see new bills introduced in Congress, but ultimately our observation and our conversation with a lot of Chief Privacy Officers or Data Protection Officers is that in the B to B world, GDPR is going to strongly influence not just how businesses behave regarding data in Europe, but on a global basis. - A lot of the undertone is, "Cloud, cloud, cloud, governance, governance, governance," is the two, kind of the drivers I've been seeing as the forces this week is a lot of people trying to get their act together on those two fronts. And you can kind of see the scabs on the industry. Some people haven't been paying attention and they're weak in the area. Cloud is absolutely going to be driving the big data world, because data's horizontal, cloud's the power source to that. You guys have been on that. What's your thoughts? What other drivers and currents-- first of all do you agree with what I'm saying? And what else did I miss? I mean, security is obviously in there, but-- - Absolutely, so I think you're exactly right on. So, obviously governance security's a big deal. Largely being driven by the GDPR regulation that's happening in Europe. But I mean, every company today is global, so everybody's essentially affected by it. So I think data up til now has always been a kind of opportunistic thing, that there's a couple guys in the organization who are looking at it as, "Oh, let's do some experimentation, "let's do something interesting here." Now it's becoming government mandate. And so I think there's a lot of organizations who are, like to your point, getting their act together, and that's driving a lot of demand for data management products. So now people say, "Well, if I gotta get my act together, I don't want to have to hire armies of people to do it. Let me look for automated, machine-learning based ways of doing it," so that they can actually deliver on the audit reports that they need to deliver on, ensure the compliance that they need to ensure, but do it in a very scalable way. - Me as a customer come to an enterprise say, "I don't want any of my data stored." It's up to you to go delete that data completely, right? That's the term that's being used, and that goes into effect in May. How do you make sure that that data gets completely deleted by that time the customer has. How do you get that consent from the customer to go do all this? So there's a whole lot of challenges as data as multiplies. How do you deal with the data? How do you create insights to the data? How do you pay the consent on the data? How do you be compliant on the data? You know, how do you create the policies that's needed to generate that data? All those things needs to be, those are the challenges that enterprise is facing. - Digital transformation's accelerating, data protection's being disrupted, millions of jobs are coming in. You guys are playing a role. What is the role that Druva is playing in the digital transformation acceleration? - Absolutely. You think about the world, right, and you think of companies like Domino's or Tesla, they think they are softer companies, right, they deliver, the server they deliver a softer approach of the traditional business model. In the heart of this transformation of enterprise is becoming softer, digitalized, is the data at the core. And data today will outlive most systems. And the more and more fragmented your approach to data becomes, you store data on prem, in the cloud, everywhere in between, the data management has to become more and more centralized. So Druva is in the core of this transformation making a data transformation and making sure your data architextures the future of a better approach of manageablity and protection with a Druva platform. - You guys had a busy month this month. You got a couple big news we're gonna be talking about today. Funding and next generation platform. Walk us through that. - Absolutely, so we have two big news to announce today. The first one being $80 million dollars of capital raised, led by Revolt Capital, followed by most of their investors, including Sequoia. Excellent in iron capital. And then the number two being announcing a whole new Druva cloud platform, which holistically takes our entire product portfolio and puts it together in a nice, simplistic approach to manage your entire information workload in a single platform in the could. - The first question is mind is is everybody ready for GDPR? The answer is "no". Have they started into the journey to get, have they started getting on the racetrack, right? On the road? Yes. Yeah, it depends on the maturity of the organization. Some people have just started building a small strategy around GDPR. Some people have actually started doing assessment to understand how complex is this beast and regulation. And some people have just moved further in the journey of doing assessment, but they're now putting up changes in their infrastructure to handle remediation, right? Things like, for example, consent management. Things about, things like deletion. It could be very big deal to do, right? So they are making changes to the infrastructure that they have or the IT systems to manage it effectively. But I don't think there's any company which probably can claim that they have got it right fully end to end.

(bouncy, melodic music) - The world's kind of revolting against these mega-siloed platforms. - That's the risk of having such centralized control over technology. If you remember in the old days, when Microsoft dominance was rising, all you had to do was target Windows as a virus platform, and you were able to impact thousands of businesses even in the early Internet days, within hours. And it's the same thing happening right now, as a weaponization of these social media platforms, and Google's search engine technology and so forth, is the same side effect now. The centralization, that control, is the problem. One of the reasons I love the Blockstack technology, and Blockchain in general, is the ability to decentralize these things right now. And the most passionate thing I care about nowadays is being driven out of Europe, where they have a lot more maturity in terms of handling these nuisance-- - You mean the check being driven out of Europe. - Their loss, - The loss, okay. - being driven out of Europe and-- - Be specific, we'd like an example. - The major deadline that's coming up in May 25th of 2018 is GDPR, General Data Protection Regulation, where European citizens now, and any company, American or otherwise, catering to European citizens, has to respond to things like the Right To Be Forgotten request. You've got 24 hours as a global corporation with European operations, to respond to European citizens, EU citizens, Right To Be Forgotten request where all the personally identifiable information, the PII, has to be removed and auto-trailed, proving it's been removed, has to be gone from two, three hundred internal systems within 24 hours. And this has teeth by the way. It's not like the 2.7 billion dollar fine that Google just flipped away casually. This has up to 4% of your global profits per incident where you don't meet that requirement. - And so what we're seeing in the case of GDPR is that's an accelerant to adopt Cloud, because we actually isolate the data down into regions and the way we've architected our platform from day one is always been a true multi-tenant SaaS technology platform. And so there's not that worry about data resiliency and where it resides, and how you get access to it, because we've built all that up. And so, when we go through all of our own attestations, whether it's SOC Type One, Type Two, GDPR as an initiative, what we're doin' for HIPAA, what we're doin' for plethora of other things, usually the CSO says, "Oh, I get it, you're way more secure, now help me," because I don't want the folks in development or operations to go amuck, so to speak, I want to be an enabler, not Doctor No. - I'm a developer, I search for data, I'm just searching for data. - That's right. - What's the controls available for making sure that I don't go afoul of GDPR. - So absolutely. So we have phenomenal security capabilities that are built into our product, both from an identification point of view, giving rights and privileges, as well as protecting that data from any third party access. All of this information is going to be compliant with these regulations, beyond GDPR. There's enormous regulations around data that require us to keep our securities levels as high as we go. In fact, we would argue that AWS itself is now typically more secure, more secure, - [Mike] They've done the work. - than your classic data center. - [Mike] Yeah, they've done the work. - AI-ers, explicable machine learning. - Yeah, that's a hot focus, - Indeed. - or concern of enterprises everywhere, especially in a world where governance and tracking and lineage, - Precisely. - GDPR and so forth, so hot. - Yes, you have mentioned all the right things. Now, so given those two things, there's normal web data, NML is not easy, why the partnership between Hortonworks and IBM makes sense? Well, you're looking at the number one, industry leading big data platform, Hortonworks, Then you look at a DSX Local, which I'm proud to say I've been there since the first line of code, and I'm feeling very passionate about the product, is the merge between the two. Ability to integrate them tightly together, gives your data scientists secure access to data, ability to leverage the Spark that runs inside of Hortonworks Glassdoor, ability to actually work in a platform like DSX, that doesn't limit you to just one kind of technology but allows you to work within multiple technologies, Ability to actually work on your, not only Spark-- - You say technologies here, are you referring to frameworks like TensorFlow, and-- - [Piotr] Precisely. - Okay, okay. - Very good, now, that part I'm gonna get into very shortly. So please don't steal my thunder. - So GDPR you see as a big opportunity for Cloud providers, like Azure. Or they bring something to the table, right? - Yeah, they bring different things to the table. You have elements of data where you need the on-premise solution, you need to have control, and you need to have that restriction about where that data sits. And some of the talks here that are going on at the moment, is understanding, again, how critical and how risky is that data? What is it you're keepin' and how high does that come up in our business value it is? So if that's gonna be on your imperma-solution, there may be other data that can get push out into the Cloud, but, I would say, Azure, the AWS Suites and Google, they are really pushing down that security, what you can do, how you protect it, how you can protect that data, and you've got the capabilities of things like LSR or GSR, and having that global reach or that local repositories, for the object storage. So you can start to control by policies. You can write into this country, but you're not allowed to go to this country, and you're not allowed to go to that one, and Cloud does give you that to a certain element, but also then, you have to step back into, maybe the sorts of things that-- - So does that make Cloud Orchestrator more valuable, or has it still got more work to do? Because under what Adam was saying, is that the point and click, is a great way to provision, right?

(inspirational music) - So GDPR, the General Data Protection Regulation was passed by the EU in 2016, in May of 2016. It is, as Ronald was saying it's four base things. The right to privacy, the right to be forgotten, privacy built into systems by default, and the right to data transfer. - [Panelist] Takes effect next year. - It is already in effect. GDPR took effect in May of 2016. The enforcement penalties take place the 25th of May 2018. Now here's where there's two things on the penalty side that are important for everyone to know. Number one. GDPR is extra territorial. Which means that any EU citizen anywhere on the planet has GDPR goes with them. So say you are a pizza shop in Nebraska. An EU citizen walks in, orders a pizza, gives the credit card, stuff like that. If you for some reason destroy that data, GDPR now applies to you Mr. Pizza Shop, whether or not you do business in the EU, because an EU citizens data is with you. It's true, the penalties are much different than they ever have been. In the old days companies could simply write off penalties as saying that's cost of doing business. With GDPR the penalties are up to 4% of your annual revenue or 20 million euros, which ever is greater, and there may be criminal sanctions against, charges against key company executives. So there's a lot of questions about how this is going to be implemented. But one of the first impacts you will see from a marketing perspective is, all the advertising we do, targeting people by their age, by their personal identifiable information, by their demographics, between now and May 25th 2018 a good chunk of that may have to go away because we may not, there's no way for you to say well this person's an EU citizen this person's not. People give false information all the time online. So how do you differentiate every company regardless whether they are in the EU or not will have to adapt to it. Or deal with the penalties. - When you think about the principles that GDPR gives you, I look at that and think that's just, to me that's just good data management practices and principles. It happens to be around personal data for GDPR right now, but those principles are just valley for probably kind of any kind of data. So if you're on the digital transformation journey, with all the change and all the opportunity that brings, these practices and principles for GDPR, they should be helping drive things like your digital transformation. For a lot of our customers, change is the only constant they've got, especially managing all this whilst everything is changing around you. It's tough for a lot of them. - How are people thinking about the data layer, where it lives, on prem, in the cloud, think about GDPR compliance, you know all that sort of good stuff. How are you and Red Hat, how are you asking people to think about that? - So, you know, data management is a big question. We build storage tooling. We understand how to put the bytes on disk, and persist and maintain the storage. It's a different question what are the data services and what is the data governance or policy around placement. And, I think it's a really interesting part of the ecosystem today. We've been working with some research partners in the Massachusets open cloud at Boston University on a project called Cloud Dataverse. And it has a whole policy question around data. It's there, scientists want to share data sets, to control and understand who you're sharing your data sets with. So its definitely a space that we are interested in. Understand that there's a lot of work to be done there, and GDPR just kind of shines the light right on it. Says, policy and governance around where data is placed is actually fundamental and important. And I think it's an important part because you have seen some of the data issues recently in the news. And, we got to get a handle on where data goes, and ultimately I'd love to see a place where I'm in control of how my data is shared with the rest of the world. - GDPR provides for two types of things that a business must do. It must provide insight into the data that it's captured, about business or an individual, legal entity. And it must also then provide the processes for mediating or taking action against that data according to whatever the customers virtues are. Tell us a little bit about that. - So these are two important features because of GDPR. First thing GDPR has 99 articles and 173 articles and 99 like term technological ways. There are other ways, legal ways to do it, but technologically what they want. Like if Peter decides, that I need to know from this bank or from this social media company how much information you have about me, and what are you doing with it. They have to provide that information in 30 days. That is called right to access. And the second thing is you can come and say, well I'm not using these five things which you sold me earlier I don't want you to use that information, or even have information on that for me or my son or my kid. So you can tell them delete that information or mask that. - And that's call the right to? - Right to erasure, right to remove the data. And these two things are very important. This gives customer, they make customer the king. They make the individual the king. He can say tell me what you have on me, and delete what you have on me. - Now the laws have been in the books in, at least in the EU for GDPR for a while. But the fines start getting leveled in May. - May 5th. - Now we've heard that... - So GDPR is a big thing for us and our customers and prospects as well. So we are actively working on getting GDPR compliant. Today our platform is FIPS compliance, so that's already a big stepping stone to getting there. So we look at GDPR in one of, in two ways again, right? One is the solution that we provide to our customers, the data platform and the data protect as we call it. Being GDPR complaint. Meaning the data that lands on that system. The ability to delete the data, the ability to say who has access to the data, rules based taxes, things like that. The second aspect is, our support and the fact that we have access to a lot of customer information ourselves, right? The fact that we can look at their systems and make sure that, everything we do internally is also GDPR compliant, so that the customers and our support systems and our sales force database is all GDPR as well. So both those elements come into play and we are actively working on all of them. (inspirational music)

(bright music) - Actually going beyond the talking phase towards implementing a Master Data Model, those are the main, main challenges right now. And it's a movement that I believe now has political strength to actually migrate across the pond over here as well. There's a groundswell movement called Digital Sovereignty as a response to GDPR in Europe, where people are realizing that they have the right to be sovereign over their data, their digital exhaust, their digital footprint online. And that's a two-way street. You want and demand control over your data, but on the other hand, your identity, you know, which you control, has to be authentic as opposed to a fake identity and, you know, your reputation has to be out there as well. (bright music) - GDPR is a regulation that is going to impact any company that is holding data about a European Union citizen. And... it's an area that Veritas can really solve problems in, but we didn't know a lot of the legal and compliance buyers, which often are the ones making the purchase decisions in this case. We have been so thrilled to see that our existing advocates in the backup space have been bringing us into conversations. And in Europe, what we've done so successfully now, is actually bringing the two groups together in round tables and have our current customers bring us into conversations with legal and compliance. And it's creating for them stronger connections within the business and that makes them more relevant to their bosses and those other lines of business. And there's a lot of pro-active or positive feedback around that that I think is what marketers and sales should be thinking about. It's not about having to go around, it's about, "How do I bring you with me?" (bright music) - From a HPE perspective, you're not gonna solve GDPR with any specific point product, right? And so it's not really our message to the market that, "You implement this and you're gonna go satisfy those requirements." It's definitely part of a solution. But what we've been trying to do, as you see, we've got the Silicon Root of Trust on the server side, a number of security features, and we're talking about how we integrate that with the storage. We're starting to bring together a more vertically-oriented stack that includes all those pieces and that they work together. So instead of having a security or a commonality layer at the server layer, at the networking layer, at the storage layer, thinking about it as a service that's more vertically-oriented to the stack where you're able to take a look at all aspects of the networking, what's going on with the firmware and the operating system and all the way down to essentially ... (bright music) - GDPR is certainly creating a milestone, kind of a trigger for people to really think about their data assets. But it's certainly even larger than that, because when you even think about driving a digitization of a business, driving new business models, and connecting data and finding new use cases, it's all about finding the data you have, understanding what it is, where it came from, what's the lineage of it, who had access to it, what did they do to it? These were all governance kinds of things which are also now mandated by laws like GDPR. And so it's all really coming together in the context of the new modern data architecture era that we live in where a lot of data that we have access to, we didn't create, and so it was created outside the firewall by a device, by some application running with some customer. And so capturing and interpreting and governing that data is very different than taking derivative transactions from an ERP system which are already adjudicated and understood, and governing that kind of a data structure. And so this is a need that's driven from many different perspectives. It's driven from the new architecture, the way IoT devices are connecting and just creating a data bomb, that's one thing. It's driven by business use cases and saying, "Just what are the assets that I have access to, and how can I try to determine patterns between those assets where I didn't even create some of them? So how do I adjudicate..." (bright music) - Well, thanks for the question. GDPR, of course, is the hot topic across all European organizations. We're actually pretty well-prepared. We compiled all the processes and the necessary regulations, and, in fact, we are now selling this also as a service product to our customers. That's been an interesting side-effect, because we have lots of other insurance companies and we started to think about, "Why not offer this as a service to other insurance companies to help them prepare for GPDR?" - A professional service... That's smart! - This is actually proving to be one of the... exciting, interesting things that can happen about GDPR. (bright music)