from the Hard Rock Hotel in Las Vegas it's the cube recovering no joke on 2018 brought to you by Osho okay welcome back everyone we're here live here at hosts show con in Las Vegas the first security conference for blockchain its inaugural event and we're here with Gabriel Shepherd VP of strategy at Global Strike for host show they're the hosts of the event although it's an industry conference for the entire community all coming together Gabriel thanks for coming on and spend the time yeah thanks for having me thanks for you know supporting the event and we appreciate your team coming out and covering what we're trying to build here well we think it's super important now so you guys are doing a great service for the industry and stepping up and put in the event together and so props to you guys thank you this is not a hosts show sales like conference you guys aren't selling anything you're doing the service for the community so props to you guys in the team great stuff and we know this is a kernel of all the smartest people and its really an industry event so it shows in the session so appreciate that yes we think it's important because you know we see a lot of trends the queue has a unique advantage in how we cover hundreds of events and yeah so we get to go we see a horizontal observation space from the industry and when you have formation like this with the community this is important you guys have up leveled the conversation focused the conversation around blockchain where security is the top-level conversation that's it no I feel pitches right so for the folks watch and this is really one of those events where it's not a huge number of people here like the thousands and thousands of other blockchain shows that make money off events this is about community and around getting the conversations and having substantive conversations so great job so for the folks watching the content agenda is super awesome host show con-com you go browse it but give us some color commentary on some of the types of speakers here the diversity yeah I think I think the first thing that we wanted to accomplish was with Hojo Khan was we we wanted to put front and center the conversations that were not taking place at other events there are plenty of platforms and opportunities for companies early-stage companies to go pitch there are other great conference organizers that do events and have their own wheelhouse but what we wanted to do was put together a conference that was focused around a type of conference that we ourselves would want to attend as a cybersecurity firm and you know after traveling the world I mean you know you you and artesia spoke many times and hosho has sponsored quite a few events around the world after attending by the end of 2018 will attended something like a hundred plus events in some capacity and so it was clear to us early on that companies weren't our conferences weren't going to focus on security or at least put them on the main stage where I believed that they should be at least with all the hacks happening so what we wanted to do was bring together thought leadership with respect to security technical leadership with respect to developers and security engineers and we wanted to bridge those two what I mean by that is we wanted thought leadership that could get executives to start the non-technical people so start thinking about security in the larger format and how it's applicable to their company but what we also wanted to do is we wanted to connect these non-technical people with the technical people in an intimate setting where they could learn think about the brain power that we have in this hotel for hosho Khan you've got the minds of Andre Assante innopolis Diego's LDR of RSK Michael berkland of shape-shift josub Kuan of hosho we've got Ron stone from c4 you've got an on Prakash a world-class white hat bug bounty hunter consider what he's top-5 bug bounty hunter for our top top bug bounty hunter for Facebook five years in a row the the level of the calibre of technical talent in this building has the potential to solve problems that Enterprise has been trying to solve individually for years but those conversations don't take place in earnest with the non-technical people and so the idea behind hoshikawa was to bridge those to provide education that's what we're doing things like workshops sure we have keynotes and panels but we also have the ability to teach non-technical people how to enable two-factor authentication how to set up PGP for your email how to set up your hardware wallet these things aren't these conversations are not the bridge is a clearly established we interview people from on the compliance side all the way down to custodial services which again the diversity is not a group think events just giving them more props here because I think you guys did a great job worthy of promotion because you not only bridge the communities together you're bringing people in cross functionally colonizing and the asset test for me is simple the groupthink event is when everyone's kind of rah rah each other I know this conditions we got Andre is saying hey if you put database substitute database for blockchain and it reads well it's not a real revolutionary thing and oh all you custodian services you're screwed I mean so you have perspectives on both side that's right and there's contentious conversation that's right and that to me proves it and as well as the sessions are highly attended or we don't want it we don't want a panel of everybody in agreeance because we know that's not reality i mean that you you bring up the issue of curse of custody a prime example is we had a great talk a four-person panel led by Joe Kelly who's the CEO of Unchained Capital he had a panel with traditional equities custodian Paul pooi from edge wallet Joseph Kwon is the CEO of hosho and there was clear differences of opinion with respect to custody and it got a little contentious but isn't that the point yeah it's to have these conversations in earnest and let's put them out in the public on what's right and what's wrong for the community and let the community to decide the best way forward that's the best is exactly what you want to do I gotta ask you what are the big surprises for you what have you learned what's the big reveal for you that you've super surprised you or are things you expected what were some of the things that went on here yeah I think the biggest surprise to me was the positive feedback that we received you know I understand that we know people maybe looked at how shock on year one and said hosho like they're a cybersecurity firm what are they doing running a conference right but my background is a you know I've produced conferences I have a former employee of South by Southwest I believe a big an experience and so when we started to put this together we thought we knew we would make mistakes and we certainly made mistakes with respect to programming and schedule and just things that we had didn't think about attention to detail but we had plans far in that the mistakes were mitigated that they weren't exposed to the public right there behind the scenes fires that kind like a wedding or a party but no one actually really notices sure we put them out behind the scenes nobody that the our guests don't notice and that was my biggest concern I'm pleasantly surprised at the positive feedback we've yet to get any negative feedback publicly on Twitter telegram anecdotally individually people now they made just being nice to my face but I feel good about what the response that we've got it's been good vibes here so I gotta ask you well sure the DJ's were great last night good experience yeah experience and knowledge and and networking has been a theme to correct I lost him the networking dynamics I saw a lot of people I had I had ran to some people I met for the first time we've had great outreach that with the queue was integrated in people very friendly talked about the networking and that's been going on here yeah I mean this panels are great I'd love to hear from from panels and solo presentations but a lot of work gets done in the hallways and we have a saying in the conference business hallway hustlers right the ones that are hustling in the hallways are those early stage entrepreneurs or trying to close deals trying to figure out how to get in front of the right person serendipitously are at the bar at the same time as somebody they want to meet that is to me conference 101 that is the stuff I grew up on and so we wanted to make sure that we were encouraging those interactions through traffic flow so you'll notice that they're strategically the content rooms are strategically placed so that when you're changing rooms people are forced to cross interact with each other because they're forced to bump into each other and if you look at the programming we purposefully to our demise to be honest year one put a lot of programming that was conflicted with each other we made people make a decision about what talk they wanted to go to because there were two really compelling people at the same time or 10 minutes off yeah and so you had to make a decision vote with your feet you got to vote with your feet and and and from a conference perspective we call that FOMO right we want our guests to FOMO not because we want them to miss a particular talk but because we want them to be so overwhelmed with content and opportunity with networking that they when they walk away they've had a good experience they're fulfilled but they they think I got to go back here too because that thing I missed I'm not gonna miss this yeah we will point out to you guys made a good call on film all the session everything so everything's gonna be online we'll help guys do that yep so the video is gonna be available for everyone to look on demand you also had some good broadcast here we had a couple shows the cubes been here your mobile mention the DJs yeah yeah so good stuff so okay hallway conversations our lobby con as we call it when people hang up a lot on it's always good hallway con so what Gabriel in your mind as you walked around what was some of the hallway culture that you overheard and and that you thought were interesting and what hall would cartridges were you personally involved in the personal conversations I was involved with is why isn't somebody not this station why someone not Gardens but I will tell you i from what I heard from from conference attendees the conversations that I heard taking place were and I hope Jonathan doesn't mind but Jonathan Nelson from hack fund spoke on our main stage and I hope he doesn't mind me speaking out of turn but he came to me said this is one of the best run blockchain conferences I've ever been to and to have somebody like Jonathan say that who has done hundreds of talks and thousands was really meaningful but but what was more important is to talk to him and him feel comfortable enough to sit down with me and just talk generally that's the vibe we want for every attendant we want you to feel comfortable meeting with people in the hallway who you've never met and be vulnerable from a security perspective you know Michael Turpin for example sitting down and talking proactively about being the AT&T hack great these are opportunities for people to really talk about what's happened and be vulnerable and have the opportunity to educate us all how to get better as an industry you know the other thing I want to get your thoughts on is obviously the program's been phenomenal in the content side thank you but community is really important to us we're of a community model to q you guys care about the community aspect of this and as a real event you want to have an ongoing year after year and hopefully it'll get bigger I think it will basically our results we're seeing talk about the community impact because what you're really talking about there is community that's right well I mean Vegas we talk about there's multiple communities right regionally post-show is a Vegas based company we're born here we close I think forty some employees all based here in Las Vegas which is our home so the first thing that we did with respect to community as we created a local local price if you're a Nevada resident we didn't want you to have to invest a significant amount of money to come to something in your own town the second thing we did is we've invited the local Vegas Bitcoin meet up in aetherium meet ups to come and partake and not only participate but contribute to the content and opening day in fact there was so much influx of people from those meetups it wasn't official it wasn't like a program where we had actually a VTEC set up I thought I was gonna be like a meet-up there were so many people that attended we had to on the fly provide AV because we were overwhelmed with the amount of people that showed up so that's a regional community but with respect to the community from blockchain community what we wanted to do is make sure we brought people of all ethnicities all countries we have 26 countries represented in the first blockchain security conference and you had some big-name celebrities here yeah Neil Kittleson Max Keiser you go mama Anan Prakash Yakov Prensky a layer from your side pop popcorn kochenko has some big names yeah I'll see andreas yes here keynoting yeah I'm Michel parkland andreas Diego Zaldivar I mean these lena katina Viren OVA I mean these are big names yeah these big names okay what so so what's your takeaway of you as you know my takeaway is that there's a there's a yearning for this type of event my takeaway is that we're doing something right we have the luxury as hosho and that we're not an events company people think that might be a disadvantage to run a confident you're not a cotton vent company I think it's an advantage yeah because it holds my feet to the fire yeah much closer than an event organiser who doesn't have a company reputation and brand to protect hosho as you know has a good brand in the cybersecurity world with respect to blockchain we don't have the luxury of throwing a poor event giving you a bad experience because that would tarnish house of but also your in the community so you're gonna have direct feedback that's right the other thing too I will say I'm gonna go to a lot of events and there are people who are in the business of doing events and they have a profit motive that's right so they'll know lanyards are all monetize everything is monetized yeah and that sometimes takes away from the community aspect correct and I think you guys did a good job of you know not being profligate on the events you want to yeah a little bit of cash but you didn't / yeah / focus on money-making finding people right for the cash you really needed about the content yeah and the experience for and with the community and I think that's a formula that people want yeah I would like to see the model I would like to see the model changed over time if I'm being honest a majority of crypto conferences today are paid to play so a lot of the content you're getting this sponsored so I'm okay with that but I think it should be delineated between con disclose your disclosure you don't want water down the country but but the conference circuit and crypto is not ready for that it hasn't rest in my opinion hasn't reached that level of maturation yet like I told you I I'm a former South by Southwest guy that like my belief is you create the content and the sponsors will come I don't I don't begrudge conference organizers for for for sponsoring out events because they're really really expensive a cost per attend to manage demand to this hype out there yeah hundreds of dollars per attendee I get it I understand why they do it but what I would like to see is the model change over time whereas as we get more sophisticated as a technology space we should also grow as a vent and conference circuit as well what I mean by that is let's change the model that eventually someday it's free for all attendees to come and those conferences and the costs associated with them are subsidized by companies that want access to the people that are tending them it sounds like an upstream open source project sure how open source became so popular you don't screw with the upstream yep but you have downstream opportunities so if you create a nice upstream model yep that's the cube philosophy as well we totally agree with you and I think you guys are onto something pioneering with the event I think you're motivated to do it the community needs it yeah I think that's ultimately the self governing aspect of it I think you're off to something really good co-creation yeah I'll see we believe in that and the results speak for themselves congratulations thank you so much I appreciate you guys coming here and investing your time and I hope that all our staff has been accommodated and the hard rock is treated you well you guys been great very friendly but I think again you know outside of you guys is a great company and great brand and you guys and speaks for itself and the results this is an important event I agreed because of the timing because of this focus its crypto its crypto revolution its cybersecurity and FinTech all kind of coming together through huge global demand I mean we haven't gotten into IOT and supply chain yeah all the hacks going on with China and these things being reported this is serious business is a lot on the line a lot and you guys having a clear focus on that is really a service business Thank You staff doing it alright our cube coverage here in Las Vegas for host Joe Kahn this is the first conference of its kind where security is front and center it is the conference for security and blockchain bringing the worlds together building the bridges and building the community bridges as well we love that that's our belief as well as the cube coverage here in Vegas tigress more after this short break

from the Hard Rock Hotel in Las Vegas it's the queue recovering the Hojo Kahn 2018 to you by Osho hello everyone welcome back to the cubes exclusive coverage here live in Las Vegas for the first ever security conference around blockchains called Osho con it's put on by host show and industry participants small but intimate and the smartest people in in the industry kind of coming together trying to solve and understand the future for security as it relates to blockchain I'm John furrow your host of the cube next guys anneal keelson who's the CEO of encrypt formerly the NSA's variety experience with security across the board from early days many waves of technology innovation had a panel here talking about you know securing the blockchain and the nuclear codes some basically implying that do you know if you had to secure it the nuclear it's welcome to the cube well thanks thanks John it's great to talk to you um that's exactly it right so the blockchain is is meant to really provide high assurance for a lot of really big transactions right so the internet evolved over time to to hold information to to share information who has ever meant to conduct transactions now we do a lot of e-commerce commerce on it but it wasn't meant to be unchanging right but the blockchain is it said that so the idea is is if we lose control of that if we don't secure it in a way that we can protect our most important digital assets and it's not good enough for anything and so that's why I compared it to you know what would it take to secure something like the nuclear launch codes on it clearly we wouldn't you know there's no reason to but some mindset it's my shift shared focus on okay think that level of impact absolutely money right these people are putting you know it doesn't matter whether you're you're 16 and you're putting your only 500 dollars in crypto or whether you're an institutional investor with five hundred million dollars in it right that that's catastrophic if you lose it right and yet we don't always treat it that way we haven't made the systems easy enough to use for the general user right yeah so we talked about adoption right I mean let's let's talk so if you don't mind let's talk about adoption Yeah right that's why we're here is we're trying to figure out what's it gonna take to get to the next billion users and crypto well it has to be easy and we don't make it easy today in a secure enough way it has to be baked in from the beginning can't be like okay I built an app I built some architecture do some blockchain well by the way security is really hard because we have to make it so complex right for users because it's complex in general right if we build the app first and we get it deployed to say even 50,000 people and then we go back and say you know what we need to build this tree it's more expensive right it's harder to do it's a lays deployment and it confuses users because now they're changing the way that they're interactive let's talk about the adoption in context to architecture it's one of the things that we've been covering certainly the cube folks know in our audience cloud computing has changed the architecture of how people deploy IT and technologies get DevOps horizontally scalable you've had a lot experience over the years and generations of computing evolving through the trend lines here the architecture is interesting so if you think about the architecture of security and blotching in general the security paradigm has to be compatible with a new architecture so it's kind of a moving train at multiple levels so what is the preferred architecture what are some of the blockchain architects and or if you're gonna have token economics you have to have certain business model and our workflows that ties into the technology enablement how should people think about an architectural view to make the adoption or user interface or user experience or where the expectation is kind of new has it all come together so I'm challenging people to think about it differently right so so the blockchain in itself is really pretty secure right it creates an immutable ledger a mutable record where we're going to get in trouble and where we do get in trouble is when you start to transact with it right where you start to actually use a device right whether it's your own phone or it's a computer right you're transacting with it and people don't have the security mechanisms built in there you know and it goes back to what we've talked about for the last 20 years whether it was with the trust computing group the global platform right they've designed the standards so you've got probably in this PC you've got the waltz I guess it's a MacBook Cermak yes yes and your phone right in most computers you've got the security primitives that you need to use hardware to secure those transactions but we're not using them yeah we've been waiting for that kind of killer app to use hardware to secure transactions and blockchain might just be that it's talked about the hard work is doesn't that conversation of kids coming up a lot here in the hallways I was the custodial services today these are two kind of the the business conversation that converts them to technology which is okay hardware is actually a good time to actually implement this Google's doing a lot of stuff with their two-factor authentication with a hardware component you hear Stephan spray get rivets talking about a solution he has it is it the time it's like the perfect storm for just a simple hardware solution I think it is and it and you're right it has to be simple right hardware solutions can get complex we can make them too difficult to use but they don't have to be we like I said we have the firm that was built into most these devices I mean in the billions of devices yeah if you thought to Steven you've heard him talking about the number of devices that are there carrying the primitives he needs needs to use for his his hardware um but if we don't make it simple enough then users won't adopt if they won't use it you know have you used a hardware wallet I'm sure you probably have it yet right it's it's not a simple process today because it requires external pieces external components it's it's it's not a workflow that we understand it's not something we can train to and grown up with it's interesting when I was also talking to Steve off-camera because he had the interviews over but we're talking about the supply chain compromise honestly Bloomberg kind of had the story they had the facts wrong but we kind of understand that that's this hack has been out there for a while around modifying and or a rootkit on the boards you have an brach cat Adam demo live demo on stage and 2015 where they actually showed malware that could not be removed from from memory so I mean it's not this is not new right so but the supply chain has always been and you've been the government you got to know where all the components are right so the old days oh hey outsourced manufacture in China build it the cheapest way possible commodity and D Ram was went down this rip path years and years ago and Japan dominated that and it was low commodity low margin or high Kimani low margin and then Pentium comes out so you're starting to see that hardware supply chain changing what's different now what do people got to do to make sure that the hardware is better what's your opinion on that I don't know if it needs to be better but wouldn't what we need to know is is where the hard work came from we need to know that the hardware is what we expected it to be right that's a really unique question you know we all buy Hardware all the time and you just expect it if it came from vendor that it's what you expected and and and let's talk about something even simpler it's not talking about maliciousness most computers you buy are built to order today right you order you order all the different components yet when you get that at home you don't check to make sure you got the actual RAM that you asked for you have no idea none of us do that right and and likely the vendor doesn't really have a great record to know that absolutely they put in there what you specifically wanted now they intend to write but there's no there's a lot of room in that for changes to be made that aren't expected I guess that for good or bad from malicious or non malicious intent so what that means is that we really need to get used to saying you know what I got this new piece of hardware I got to conduct transactions with that are really critical to my financial survival my my personal privacy and we can't trust them until we know we should be able to trust them so that's where hard work comes into play what sort of trans you're seeing in the hallway conversations you had here and your talk I see people grab you after and talk to you two hallways what are some of the hallway conversations that you've been having here at Osho con I you know the most common question has been how do you convince people that security is important I mean that which is a really really basic way and you know right now life just point them to to news after news article you know to say you know you've got the hardware were reported tax yeah you've got the privacy attacks with with a lot of social media and and and internet companies um if summary this today doesn't believe that security is important I don't know you'll have to convince them so then it becomes a question of how do you get them to adopt it and you know getting getting your your family members to adopt two-factor authentication when it's not as as easy as not adopting it yeah it's sometimes a hard place yeah one things I worry about just kind of just because I'm paranoid sometimes is that yeah what is going on in my with my kids I got four kids 16 to 23 you know I got a Wi-Fi in my house they've got a password on it I'm sure it's been hacked but they're downloading music what the movies I don't know what they're doing at gaming mean there's a service area in my house is pretty much who knows what's going on right I don't even know what's going on in my network this is kind of this in my mind will paranoid but that's what average people think about these days it's like okay I got my own home network at these things going on I'm out in the wild is it a device centric security model that we're moving to do you see it where you know hey my phone you know I don't I know when I leave my phone at home and it takes me three seconds to realize I got to turn the car right so yeah and I leave my wallet at the restaurant when I'm done my meal so these are kind of device centric philosophy is that a better direction you think so I don't know that you can yes and no right for the personal devices but now you know if you go to most networks right with IOT you may have 40 or 50 devices on your network yeah things that don't move you know you may have a light bulb that's got a key to it right it's really about making sure that you own it and then you own the keys I mean that's what it okay that's what security all comes down to you right is key ownership so when you take a look at how you do that we need the systems in place that help us understand where those keys are what they're doing and how we how we cut them off if we need to that's awesome well I was I want to get into what your company's doing but I also wanna I talked about trip I had Middle East general Keith Alexander was with us on at with Amazon almost new region I know you worked with him at the NSA and you know one of the things he's doing at his new startup is a crowdsourcing we're hearing some of that in here as well where people are using crowdsourcing as a way of the security mechanism is that something that you think is viable do you think that this crowd sourcing idea is gonna be helpful or it's just a small piece of the puzzle I think it's I think it's a small piece of the puzzle I think it's the opposite end of the spectrum then a device centric hardware component I think it takes both pieces right it's a matter of making sure you you you know what you have and they use only what you trust and that you're able to connect to the network in a way that you're comfortable and then that crowdsource piece comes in to make sure that you're monitoring kind of all those transactions so so you're a big believer I'm assuming based on the conversation that hardware and software combination is gonna be the preferred user interface I think work it has to be I think we've proven that over the last 20 years I mean cell phones are a good example of that yeah right although we do get some spoofing today and that's been a big talker this cost it's not as prevalent as it was in 1994 yeah yeah I mean I like the idea too of we mean hey if we have we want to know what's in my computer I'd love to go look at a blockchain ledger and say here's what's in my Mac right now wouldn't you that's a good use case of blockchain but but what if you didn't even have to go look at it right what if every time you booted it up it checked it against a a record that was on the blockchain that said you know this is what your Mac should look like and it said you know what you can go ahead and connect to the internet go ahead and conduct that transaction that's the great Act go ahead and that's a great use case all right so what encrypt your company what do you guys doing what's the main focus of your opportunity that you're pursuing so we formed it in May of this year to focus on blockchain security when I left the agency I realized there was this really big gap in the conversation people are having around it I think it's a transformational technology as a skills gap technology gap all the above what are you saying it's both right you've got computer science graduates that come out without a good understanding of hardware security you know it's not being taught in most curriculums it's a it's a it's a general understanding of how to apply the hardware against it it's a general under Sun derp standing of what you can trust right yeah we've got generate a generation now that have grown up with with iPhones in their hands they just assume it's it's okay to use it's just thing you mentioned the computer science programs but I would agree interview started in the 80s so we had to learn computer architectures EE class actually right and you know as gates and all that you know the hard core component stuff as well as coding systems a systems kind of programming model now it's a little bit different more diverse it'll ease a lot of you know new opportunities within computer science so it's broad and certainly in a skill gap that's what comes up a lot we hear obviously more cyber security jobs are open and ever before automation is a term that's been coming known in the cloud business where you starting to see that now a security host shows got this automation component that they're adding in for tooling is the tooling and for developers who actually building stuff out there's it early innings how would you put the progress of some of the tooling that that's reliable I mean this is you know you still got people trying to build products and companies I need help what's the status in your mind the ecosystem around platforms and tooling and open source so over the last ten years there's been a great push to to create better tools I'm a lot of it was done in the open source a lot of those done around Linux because it work Windows honestly Microsoft has done a great job in getting secure boot implemented on every on every PC they supply you know Apple does a great job with their boot security but it they're not making available and mobile is probably the worst example right that the TE the trusted execution environment which is the secure space in a mobile phone isn't open for most developers to access right so you know that hardware component isn't there it's not available so yeah I know I always get this updates when I go to China Hey Apple has an update for you it's like the download mmm is this really Apple right I mean no turn off my iPhone right I mean but this is kind of the the interception of you know the the the fraudulent some of the some of malicious things are going on and that that still is concern but I think generally speaking you got entrepreneurs here not noticed at this conference and some of the earlier investor conferences we've been to there's a ton of alpha entrepreneur activity real smart people trying to build durable technology and solutions this is the main focus so it's kind of like and the capital Mars as we know is pretty much in the toilet right now but you know it's still growth and so we're trying to unpack that what's your opinion on entrepreneurship because it every trough is always an OP tick and we'll probably see some growth and those company that survive and thrive will probably be the leaders right what are you seeing what's your opinion of the landscape event ventures out there so so the crypto markets been really interesting it's all been focused on consumer and crypto there's there and even on the floor today there's a big push into the enterprise market for blockchain and deployments you know Simba is a company that's got a great toolset here today you had to help see how big enterprises understand how to deploy smart contracts into a blockchain in the enterprise you know to me the exciting part is the use case is outside of cryptocurrency and tokens the blockchain brings two to the marketplace I think that's where we'll see the next wave entrepreneurship I'm coming to fundraise that on stage at a comments like hey you know when one of the Q&A sessions substance you think your best proposal and substitute database with blockchain if it means the same is probably not Neri absolutely I'm teasing out essentially that the you know the old guard being replaced with the new guard same same models two new faces you know taking over the industries that not only mean changing them so to speak and security kind of hence to the same way where if you're going to have a distributed and decentralized architecture with IOT with all these things connected with digital assets and digital devices this crews gonna be thought differently what's what's your current take on how to tackle that that world I mean is there a certain approach you found so so so there's I'm not sure going to answer your actual question but but there's there's this really interesting debate like you said aundrea said you know if you can replace database with with blockchain is probably not the right fit and a lot of early crypto adopters have made that argument jimmy song says that publicly all the time right there's no place for blockchain in the enterprise essentially right and and you know you can you can swing both ways but the blockchain offers something to to an enterprise that doesn't require the distribution it offers the ability to create immutability right now the inability to change that record which we don't have in most cases today yeah you know and it's fairly simple and easy to deploy and are not for smart contracts so if we go back to the the use case we talked about where every time a machine boots up and it creates a record of that machine and writes it we've never had that capability we've tried we you know when I was at the agency we built a system that sort of did that but it didn't have the same sort of underlying strength of mechanism yeah it would allow us to trust it forensic way almost you know I interviewed Jimmy song and to have consensus event and you know I don't necessarily agree with him on that point it's like I think there's use cases in the enterprise that actually make blockchain very viable and it's almost like the cloud world you have public and private hybrid coming I mean so that's kind of my take on it and because it's interesting me iBM has been advertising heavily and others are looking at supply chain is low-hanging fruit opportunities right let me talk about the computer and supply chain so supply chain is a chain it's with valued change right than value chains now are changing so you can track it in a way that's efficient that's why wouldn't that be a use case so that's kind of mind dude do you agree with that absolutely I mean I think the distributed nature for a crypto makes a lot of sense but the blockchain in a non distributed manner right in a permission to blockchain makes a lot of sense for a lot of different use cases in big organizations I I agree I've talked to different different people that have just tried to replace databases with blockchain because it sounded cool yeah raising money or want to get some attention get some momentum I want to ask you a question on your new venture and Cripps because you talk to a lot of folks out there you certainly you're historic and pedigree is amazing and security and you've seen a lot of things I'm sure what have you learn what's your observation what's the the learnings that you can take away and share from your conversations is there any patterns that you're seeing emerging that's that's that could help people either navigate understand orientate towards something that they might want to use with the what have you learned so I think the biggest thing I've learned is that this community is the most diverse community I've ever worked with in in technology right you've got people from all walks of life and it's absolutely amazing I mean just walking around the show here walking around consensus I mean it just drives diversity like you've never seen before in tech conferences and that diversity is his driven a thirst for knowledge so the people are completely open to to discussions about security that they've never had before in other realms right so when I talked to him about Harbor based security they get excited and want to learn more and and honestly in the PC community over the last 15 years I got a little pushback on that right there's a while we've heard about that we don't want to right it works the way it is people here realize they're building something brand-new yeah and it's time to build it right and that they really want this to succeed for their own reasons right whether it's a corporate enterprise or whether it's a almost a crypto anarchist right they've all got the same sorts of goals and it's and if there's a cultural thing to I think the Bitcoin money aspect of it pretty much anyone on the age of three that I kind of take a straw poll on it's like they all this is gonna change the world like rabbit knows but it's great right oh I actually heard that in the hallway earlier yes and then the phone just traveling somebody that never heard of Bitcoin how does get a revolution coming on I want to ask you a final question five years where are we in your mind shoot the arrow forward what's happening in five years how does this these dots connect in next couple years or so so I think that if we were able to lay in the groundwork today to make user accessibility to the blockchain easy enough and secure enough I think you'll see that it grows in ways that we that we really can't imagine right you know I can't predict the crypto markets but I think you'll see people starting to use tokens in different ways and I think there's some incredible use cases for tokenization for rewards programs things like that I think enterprises in the next five years are gonna start to figure out what use cases make sense I think they're gonna see great efficiency I think they'll see you know much greater scalability and ease of use the use cases really are gonna be driving all this absolutely well I want to final question since just popped in my head I want to get this out there one trend I'm hearing here at this conference and seeing it kind of boil in into this community is the conversation not just about cryptography and and security cyber security on a global scales now come in because of the hacks gives the nation-states because of the geopolitical landscape you know cyber security is a big conversation now but always probably in the wheelhouse a lot of these guys but a lot of these guys are also kind of adjacent involved with cybersecurity your view of the impact the cybersecurity pressure is gonna have on the industry this industry so I think that that you're hearing the conversation because suddenly security became really really important to people personally right in the past if if you lost money with your bank account it was refunded to you now if somebody steals your private key you're out whatever money was attached to that private key recourse right so it's very personal so people have started to think about all the different things that they need to do to really protect those keys I mean it's it's it's almost an organic conversation that we've been trying to drive for you know 40 years in the space yeah and one of things I worry about is the whole regulatory dry aspect is because it can be a driver or an enabler and a driver or it could be dampening innovation and that's always something to watch out for I think there's a Senate discussion today about it I think there's some great work going on in that space both its senior levels in the Congress as well as the regulatory commissions but it's going to take a lot of Education there's a lot of fear around this space well thanks for come on looking forward to having more conversation with you great to have you on the cube and sharing your insight give a quick plug for n Crypt what do you guys doing what's the update status of the company how do people get ahold of you why do they why should they call you what's what's the update well so like I said we formed in May we've we've grown faster than we would have expected to because there's a thirst for the sorts of things that we're doing them we're we're always happy to talk to talk to any enterprise or a consumer about the use cases around the products that they have how did it fit into the blockchain environment and how to do it securely properly so encrypt calm and kr ypt die here in Maryland we're in Maryland DC area so cool great absolutely basic appreciated live from Toshio con us two cubes coverage of the first security conference John for you watching the Q stay with us for more coverage after this short break

live from Las Vegas it's the cube covering IBM think 2018 brought to you by IBM hello everyone welcome back to the cube coverage here at IBM think 2018 in Las Vegas Nevada the Mandalay Bay it's a cubes exclusive covers three days of wall-to-wall interviews thought leaders experts entrepreneurs people making an impact and our next guest artists ani who's the co-founder of hosh io h OS h o de Ojo kayo advisor at the pink sky capital he's a cube alumni a walk in off the streets cuz he lives in Las Vegas but very instrumentals are connected to this community because of his pioneering work in in crypto blockchain and the future of money architects great to see you thanks for coming by thank you for having me it's good to be back on the cube great second time and second time yeah only couple we just saw each other the Bahamas the first security token conference yeah I bike on I I be on IBM's really big on supply chain this is their visitor old school you know generations of providing software for businesses b2b and now blockchains their big thing but blockchains yeah pretty straightforward yeah you know you get efficiencies but they're not talking about token economics because they talk about something execs here they're like well that implies the general public in their world thinks cryptocurrency they think Bitcoin so I want to connect the networks together our network IBM's network your network because the melting pot of this trend is really about blockchain cryptocurrency in the sense of the value around tokens and how tokens can be harnessed to capture the values I want to get your perspective as these worlds collide so I think that IBM is doing a great job by spearheading a blockchain movement and they're very they're focusing on the fortune 500 and the key with Fortune 500 companies right now is that they have rooms full of Java developers Java engineers and aetherium is the protocol right now that is most commonly found the majority of icos and token generation events that have occurred to date have all been on etherium x' network and etherium is the most and they found in blockchain however the etherium blockchain the language to build and launch token generation events on aetherium you have to write in a language called solidity and solidity is a new language and iBM has made a smart move by doing everything in Java and JavaScript similar to a lot of the new block chains that are aiming to compete with aetherium and the key distinction just to kind of put it out there when I get your reaction to and get some commentary around is IBM is not competing with public block chains they're looking at a in a different way they're saying hey you know you can have I guess private blockchains I mean it's not a really a dirty word they because they have a different use case correct I think it's very important especially when it comes to things like healthcare you look at the health care industry healthcare records will not be going on public block chains and so the hyper ledger fabric framework may make sense for things that need to be HIPAA compliant for example so reliability is key so what's their jannat like say hashed crafts got a lot of traction in their performance and their speed they got time stamps that's not a native blockchain yet that's kind of getting some traction IBM's got something similar for those markets that require the reliability the performance and the security so help the audience understand IBM's moves here because IBM's conservative so they don't really want to throw the word cryptocurrency out there because it might be misunderstood but this is gonna end up in token economics how are you explaining what the moves ibm's making to the average person that might not know the inside nuances in baseball for say the crypto market I think what's interesting is that iBM has a more mature focus on this space and you know they have direct ties historically to the fortune 500 companies the way others do not and so they've taken a much more sophisticated and a much much more conservative approach you don't see IBM throwing around the word cryptocurrency and that's a smart move because it's about the cryptography that secures block chains in a decentralized ecosystem and it's that the discussion of just tokens and token sales and leveraging tokens as a currency it's a premature time in this entire industry to be having that discussion so although it's going on it's a distraction for IBM you saying yeah because we but it's more interesting for smart contracts to be written that our functional smart contracts that for the first time ever white collared middlemen are being cut out of the picture in a new trustless decentralized ecosystem so talk about where IBM could take this with token economists obviously do you think that it's all leads to some sort of tokenization is that gonna be where the value capture is gonna be how does IBM get there in your mind I think they get there by having fortune 500 companies launch legitimate decentralized applications on their blockchain and that's just what Java JavaScript it's because most fortune 500 companies already have a plethora of Engineers globally that they can simply have start working on IBM's blockchain whereas you don't see that as a risk for IBM no that's that's IBM's advantage because today if the fortune 500 companies aren't building on aetherium whose blockchain mainly because of the learning curve it takes for a current full stack engineer to become a solidity engineer what's the etherium future now obviously they have they're working on lightning seeing some things going on that area the Lightning is Bitcoin is plasma yeah plasma sorry I got them confused so they got to go through the work this and some real work that's got to get done the theory of childs a big developer community the biggest the biggest so do those merge with the IBM communities downstream at some point or is it okay to be separate and does it matter I think they'll remain separate and in this case I I highly doubt that a theory IBM hyper ledger will go down the route that route stock has gone root stock essentially is the etherium virtual machine sidechain to the Bitcoin blockchain enabling smart contracts on the Bitcoin blockchain for the first time and rootstock is a very interesting project however IBM is its own ecosystem and the way in which they're catering to the fortune 500 is extremely intriguing and from Hojo's perspective we want to be auditing smart contracts that are functional that are written by more sophisticated players in the industry centralized ecosystem our main focus is just security auditing and there's gonna be a lot more smart contracts written by more sophisticated players on IBM's blockchain then possibly the other ones right now we have we have not seen a plethora of Fortune 500 companies by any means launching smart contracts on the theorems blockchain and blue chips banks or whatever as they try to disrupt themselves need to get us to partner governments okay so how about for a minute I just take a second to talk about your business I know we covered this at polycon and the Bahamas but for the sake of the context to IBM yeah talk about what you guys are doing we're specifically in the marketplace of partners would you sit if you were parting with IBM and and your role that you could possibly take with IBM so to take a step back quick host show the word itself hosho and means security in japanese and we started this company eight months ago my co-founder yo Kwon and I and our laser focus is blockchain security and being the global leader within the blockchain security space so as far as we see there's new blockchains being made new protocol tokens being launched as well as new tokens being launched as well as do smart contracts being written that are functional for the entire business and no matter what blockchain a smart contract is written on that smart contract is code that has been written and that code has to be audited by a professional third party and we are that professional third party that there's a line-by-line code review of the smart contract and finds all security vulnerabilities and we've been building proprietary tooling to find vulnerabilities faster and faster and faster we do a gas analysis to make sure that that blockchain is not being clogged we conduct the static analysis to find any hidden functionality within the framework of the smart contract and the last part which is very crucial is that yeah very uniquely qualified full stack engineer with a unique QA mindset and a security background who knows the language in which this is coded which currently most projects that were auditing our aetherium ERC 20 tokens written in solidity someone has to marry the source of truth which in the case of an ICO is a white paper and marry the white paper to the smart contract and make sure is the smart contract doing what the white paper says codify the white paper basically this process of auditing is gonna be ever more crucial within the the business that IBM does with Fortune 500 businesses because when a publicly traded company launches a smart contract for a decentralized application security is the highest priority and abilities is where the hackers could come in just be on a time to market getting those smart contract codes written it was fully baked it's irreversible once the smart contract is launched and millions of dollars are gonna go through this smart contract it's been regular practice in the cybersecurity world to type up code and to have it reviewed by a third party auditor we're simply applying the exact same logic to the blockchain space and it's exciting to see more blockchains by sophisticated players like IBM come to fruition and we're looking forward to actual projects from big players around the world launch on IBM's blockchain and hosho is looking to be a preferred partner of IBM's to do all their security work whether it's smart contract auditing or penetration testing and real quick on penetration testing that's our other core service that we provide and penetration testing is both for websites and for crypto currency exchanges in which we're making sure there's no security vulnerabilities within your website and finding every way possible to penetrate your website or your exchange and every time code is changed you open up the doors to more vulnerabilities and so in the crypto currency exchange space right now we're seeing that new exchanges are being made but sophisticated investors don't know if this is a safe place to trade hundreds of millions of dollars or not yeah and so when you got commerce being John I mean IBM as folk as you mentioned is legit and they're doing a great job by the way props to IBM for doing what they're doing they've been in for multiple years now and they're supporting the Apache project they're putting their their weight behind it but these are real-world examples granted supply chain might be boring to some audiences but not to others I mean you're moving real product around this is commerce with digital fingerprints and code and potentially tokens that's a highly gonna accelerate the payment process I mean the notion of clearing goes away it's instant yes this is a highly accelerated money transfer value capture value Tran for environment you can't take me chances yes and security is primal concern and we're excited that companies like IBM value security and this space is one that the dust has yet to settle and what's gonna help the dust settle within the blockchain ecosystem is more priority on security so what's your take if you are gonna give a talk here we're doing talking here in the cube so it's awesome it's gonna be alive and on-demand as well your advice to people saying you know we got a tokenizer our business I need to start with blockchain I can see some areas to create some efficiencies around some inefficient processes and create new business models I got to get started your thoughts my thoughts are take a step back and first evaluate do you have a business what problem are you solving once your business is actually generating some revenue and you've evaluated why the concept of a blockchain could be interesting for your business then pick a blockchain and stick to it and then when you start building on that block chain you've figured out that a token could actually be leveraged within this decentralized application that you're building then you can start figuring out what the token economics of it would actually be I think what people are doing nowadays is rushing to create a token because of their excitement about the fundraising mechanism that an ICO is and an ICO is democratizing to some extent at least global capital raising and I think that fundraising mechanism is not going anywhere that that fundraising mechanism is here to stay however the majority of ICO projects that we're seeing occurring today I don't think these companies will be around in the next couple of years which shows how immature to some extent the industry actually is whereas maybe the projects that are built and launched on IBM's block chains that they develop maybe they're more sophisticated and will be companies that have gone through a more rigorous process of making sure security was a primary concern and they wrote quality code for quality businesses that are actually leveraging decentralization in the appropriate way not the other way around of we want to raise capital so let's invent a reason to have a token or you have a big case right now in Silicon Valley at least is you have companies that are very serious a and B and decided let's do an icy overseer you see and that that's tricky it's not always the right solution when you're saying is don't confuse the ico crazy fundraising arbitrage and new new model to applying supply chain tokens and blockchain to a durable business agreed and on the same token we have people in the space whether they're investors they're lawyers PR firms exchanges they all need to mitigate their risk by keeping security as a concern for them both in-house and for the companies that they're working with yeah lawyers don't want to be doing lawyer work for a company that will turn out to be a scam coin and someone has to do a security audit of that token the same goes for a PR firm a marketer and in exchange exchanges should not be listing tokens that have not gone through a smart contract audit well it's good to know we got a cube alumni here in the cube to help us with our security audit yeah well the answers the life were in a cube interview so do we got one right here I want to just get into in topic you and I were talking of dinner the other night when we had we saw each other a few nights ago about the problem of picks and shovels and tools and maturity in this new emerging area can you um can you just take a minute to explain what that we were talking about there and I thought you had a good point I mean maturity of the space is not mature it's growing it's embryonic but moving fast and there's need for tools let's unpack that just share your thoughts vision so I think that a lot of people have been more excited to join in an IC o---- a token generation event and do more quick money grabs but to me what's more exciting is the infrastructure that's needed for this industry to actually grow and mature an infrastructure is infamously known as picks and shovels because when the gold rush happened the people who made the real money or the people selling the shovels to the gold diggers and what's included in that is businesses like our own hosho which is selling security audits of smart contracts doing penetration testing bringing maturity and making making things less risky for for everybody in this space so we start we see ourselves as selling picks and shovels on the other hand I'll give you an example Goldman Sachs has a trading desk today it's not 24/7 stock market Oh at 9:00 closes at 5:00 what happens tomorrow when a 24/7 crypto currency trading desk is turned on at Goldman Sachs do the traders that are now 24/7 have the appropriate tools and the governance built into software to manage a team of 24/7 traders at Goldman Sachs today when you have traders trading in the stock market they have a plethora of tools that make them snipers and you have certified market technicians telling hedge funds that this isn't gonna go up two points here in three points they're reading candlesticks in the cryptocurrency space it's like poking a stick you go from being a sniper to having a stick find by Wars like a blind man so companies there's a dozen companies that can be made building the infrastructure for just what I just said the governance with four trading floors this is a really good point and I wanted to bring it up because in these emerging markets these white spaces for tools and technology to help the overall trend grow faster has always been a successful man however you mentioned something about the goldman sachs trading this and that is it literally could be turned down overnight right so that's the problem you can accelerate things too fast and not be prepared that seems Oldman honest I'd know Goldman's done a great job at being very much forward-thinking they've been at every money 20/20 since the beginning of that FinTech conference and they're definitely in this pickle this exercise the analogy is a company can turn on a new model fairly quickly faster than the old days which we're taking months and then now you can do it really on a much shorter timeframe that means they potentially could be exposed if they go too fast yeah this is where the ecosystem has to help yeah I think the bulge bracket banks are treading the water very carefully JPMorgan is doing things they're involved with aetherium Z cash - JPMorgan has a lot going on on this front but these are publicly traded monster banks they're not going to take any risks these are they have a they have stockholders to to answer to they have the US government we have over 150 regulatory arms just regulating the finance industry in the United States and so I think it the American citizen citizen is quick to point fingers to bulge bracket banks and those banks are answering to too many regulatory arms this is one of the downsides of the United States right now in general is the increasingly coercive environment of the government ybm certainly got the blue chip company got the the fortune 500 but they also have a marketplace and that's where they could really kind of change the game feeling in those white spaces yeah IBM's marketplace sounds very exciting and my mind just goes to who's handling the security for everything to do with IBM blockchain we're hoping at Osho arch edge thanks for joining us thanks for sharing your your insight here in the queue with an IBM think conference breaking down all the top news that's really around blockchain at AI would date at the sin of the value proposition all being disrupted by new decentralized technologies blockchain being the beginning and a lot more is happening and certainly we're in and bring it to you on the cube no matter where it is will be there I'm John furrow here and Las Vegas for IBM think coverage we'll be back with more coverage after this short break [Music]