(upbeat music) >> Welcome back, everyone, to our Cube special programming on "Securing Compute, Engineered for the Hybrid World." We got Cole Humphreys who's with HPE, global server security product manager, and Mike Ferron-Jones with Intel. He's the product manager for data security technology. Gentlemen, thank you for coming on this special presentation. >> All right, thanks for having us. >> So, securing compute, I mean, compute, everyone wants more compute. You can't have enough compute as far as we're concerned. You know, more bits are flying around the internet. Hardware's mattering more than ever. Performance markets hot right now for next-gen solutions. When you're talking about security, it's at the center of every single conversation. And Gen11 for the HPE has been big-time focus here. So let's get into the story. What's the market for Gen11, Cole, on the security piece? What's going on? How do you see this impacting the marketplace? >> Hey, you know, thanks. I think this is, again, just a moment in time where we're all working towards solving a problem that doesn't stop. You know, because we are looking at data protection. You know, in compute, you're looking out there, there's international impacts, there's federal impacts, there's state-level impacts, and even regulation to protect the data. So, you know, how do we do this stuff in an environment that keeps changing? >> And on the Intel side, you guys are a Tier 1 combination partner, Better Together. HPE has a deep bench on security, Intel, We know what your history is. You guys have a real root of trust with your code, down to the silicon level, continuing to be, and you're on the 4th Gen Xeon here. Mike, take us through the Intel's relationship with HPE. Super important. You guys have been working together for many, many years. Data security, chips, HPE, Gen11. Take us through the relationship. What's the update? >> Yeah, thanks and I mean, HPE and Intel have been partners in delivering technology and delivering security for decades. And when a customer invests in an HPE server, like at one of the new Gen11s, they're getting the benefit of the combined investment that these two great companies are putting into product security. On the Intel side, for example, we invest heavily in the way that we develop our products for security from the ground up, and also continue to support them once they're in the market. You know, launching a product isn't the end of our security investment. You know, our Intel Red Teams continue to hammer on Intel products looking for any kind of security vulnerability for a platform that's in the field. As well as we invest heavily in the external research community through our bug bounty programs to harness the entire creativity of the security community to find those vulnerabilities, because that allows us to patch them and make sure our customers are staying safe throughout that platform's deployed lifecycle. You know, in 2021, between Intel's internal red teams and our investments in external research, we found 93% of our own vulnerabilities. Only a small percentage were found by unaffiliated external entities. >> Cole, HPE has a great track record and long history serving customers around security, actually, with the solutions you guys had. With Gen11, it's more important than ever. Can you share your thoughts on the talent gap out there? People want to move faster, breaches are happening at a higher velocity. They need more protection now than ever before. Can you share your thoughts on why these breaches are happening, and what you guys are doing, and how you guys see this happening from a customer standpoint? What you guys fill in with Gen11 with solution? >> You bet, you know, because when you hear about the relentless pursuit of innovation from our partners, and we in our engineering organizations in India, and Taiwan, and the Americas all collaborating together years in advance, are about delivering solutions that help protect our customer's environments. But what you hear Mike talking about is it's also about keeping 'em safe. Because you look to the market, right? What you see in, at least from our data from 2021, we have that breaches are still happening, and lot of it has to do with the fact that there is just a lack of adequate security staff with the necessary skills to protect the customer's application and ultimately the workloads. And then that's how these breaches are happening. Because ultimately you need to see some sort of control and visibility of what's going on out there. And what we were talking about earlier is you see time. Time to seeing some incident happen, the blast radius can be tremendous in today's technical, advanced world. And so you have to identify it and then correct it quickly, and that's why this continued innovation and partnership is so important, to help work together to keep up. >> You guys have had a great track record with Intel-based platforms with HPE. Gen11's a really big part of the story. Where do you see that impacting customers? Can you explain the benefits of what's going on with Gen11? What's the key story? What's the most important thing we should be paying attention to here? >> I think there's probably three areas as we look into this generation. And again, this is a point in time, we will continue to evolve. But at this particular point it's about, you know, a fundamental approach to our security enablement, right? Partnering as a Tier 1 OEM with one of the best in the industry, right? We can deliver systems that help protect some of the most critical infrastructure on earth, right? I know of some things that are required to have a non-disclosure because it is some of the most important jobs that you would see out there. And working together with Intel to protect those specific compute workloads, that's a serious deal that protects not only state, and local, and federal interests, but, really, a global one. >> This is a really- >> And then there's another one- Oh sorry. >> No, go ahead. Finish your thought. >> And then there's another one that I would call our uncompromising focus. We work in the industry, we lead and partner with those in the, I would say, in the good side. And we want to focus on enablement through a specific capability set, let's call it our global operations, and that ability to protect our supply chain and deliver infrastructure that can be trusted and into an operating environment. You put all those together and you see very significant and meaningful solutions together. >> The operating benefits are significant. I just want to go back to something you just said before about the joint NDAs and kind of the relationship you kind of unpacked, that to me, you know, I heard you guys say from sand to server, I love that phrase, because, you know, silicone into the server. But this is a combination you guys have with HPE and Intel supply-chain security. I mean, it's not just like you're getting chips and sticking them into a machine. This is, like, there's an in-depth relationship on the supply chain that has a very intricate piece to it. Can you guys just double down on that and share that, how that works and why it's important? >> Sure, so why don't I go ahead and start on that one. So, you know, as you mentioned the, you know, the supply chain that ultimately results in an end user pulling, you know, a new Gen11 HPE server out of the box, you know, started, you know, way, way back in it. And we've been, you know, Intel, from our part are, you know, invest heavily in making sure that all of our entire supply chain to deliver all of the Intel components that are inside that HPE platform have been protected and monitored ever since, you know, their inception at one of any of our 14,000, you know, Intel vendors that we monitor as part of our supply-chain assurance program. I mean we, you know, Intel, you know, invests heavily in compliance with guidelines from places like NIST and ISO, as well as, you know, doing best practices under things like the Transported Asset Protection Alliance, TAPA. You know, we have been intensely invested in making sure that when a customer gets an Intel processor, or any other Intel silicone product, that it has not been tampered with or altered during its trip through the supply chain. HPE then is able to pick up that, those components that we deliver, and add onto that their own supply-chain assurance when it comes down to delivering, you know, the final product to the customer. >> Cole, do you want to- >> That's exactly right. Yeah, I feel like that integration point is a really good segue into why we're talking today, right? Because that then comes into a global operations network that is pulling together these servers and able to deploy 'em all over the world. And as part of the Gen11 launch, we have security services that allow 'em to be hardened from our factories to that next stage into that trusted partner ecosystem for system integration, or directly to customers, right? So that ability to have that chain of trust. And it's not only about attestation and knowing what, you know, came from whom, because, obviously, you want to trust and make sure you're get getting the parts from Intel to build your technical solutions. But it's also about some of the provisioning we're doing in our global operations where we're putting cryptographic identities and manifests of the server and its components and moving it through that supply chain. So you talked about this common challenge we have of assuring no tampering of that device through the supply chain, and that's why this partnering is so important. We deliver secure solutions, we move them, you're able to see and control that information to verify they've not been tampered with, and you move on to your next stage of this very complicated and necessary chain of trust to build, you know, what some people are calling zero-trust type ecosystems. >> Yeah, it's interesting. You know, a lot goes on under the covers. That's good though, right? You want to have greater security and platform integrity, if you can abstract the way the complexity, that's key. Now one of the things I like about this conversation is that you mentioned this idea of a hardware-root-of-trust set of technologies. Can you guys just quickly touch on that, because that's one of the major benefits we see from this combination of the partnership, is that it's not just one, each party doing something, it's the combination. But this notion of hardware-root-of-trust technologies, what is that? >> Yeah, well let me, why don't I go ahead and start on that, and then, you know, Cole can take it from there. Because we provide some of the foundational technologies that underlie a root of trust. Now the idea behind a root of trust, of course, is that you want your platform to, you know, from the moment that first electron hits it from the power supply, that it has a chain of trust that all of the software, firmware, BIOS is loading, to bring that platform up into an operational state is trusted. If you have a breach in one of those lower-level code bases, like in the BIOS or in the system firmware, that can be a huge problem. It can undermine every other software-based security protection that you may have implemented up the stack. So, you know, Intel and HPE work together to coordinate our trusted boot and root-of-trust technologies to make sure that when a customer, you know, boots that platform up, it boots up into a known good state so that it is ready for the customer's workload. So on the Intel side, we've got technologies like our trusted execution technology, or Intel Boot Guard, that then feed into the HPE iLO system to help, you know, create that chain of trust that's rooted in silicon to be able to deliver that known good state to the customer so it's ready for workloads. >> All right, Cole, I got to ask you, with Gen11 HPE platforms that has 4th Gen Intel Xeon, what are the customers really getting? >> So, you know, what a great setup. I'm smiling because it's, like, it has a good answer, because one, this, you know, to be clear, this isn't the first time we've worked on this root-of-trust problem. You know, we have a construct that we call the HPE Silicon Root of Trust. You know, there are, it's an industry standard construct, it's not a proprietary solution to HPE, but it does follow some differentiated steps that we like to say make a little difference in how it's best implemented. And where you see that is that tight, you know, Intel Trusted Execution exchange. The Intel Trusted Execution exchange is a very important step to assuring that route of trust in that HPE Silicon Root of Trust construct, right? So they're not different things, right? We just have an umbrella that we pull under our ProLiant, because there's ILO, our BIOS team, CPLDs, firmware, but I'll tell you this, Gen11, you know, while all that, keeping that moving forward would be good enough, we are not holding to that. We are moving forward. Our uncompromising focus, we want to drive more visibility into that Gen11 server, specifically into the PCIE lanes. And now you're going to be able to see, and measure, and make policies to have control and visibility of the PCI devices, like storage controllers, NICs, direct connect, NVME drives, et cetera. You know, if you follow the trends of where the industry would like to go, all the components in a server would be able to be seen and attested for full infrastructure integrity, right? So, but this is a meaningful step forward between not only the greatness we do together, but, I would say, a little uncompromising focus on this problem and doing a little bit more to make Gen11 Intel's server just a little better for the challenges of the future. >> Yeah, the Tier 1 partnership is really kind of highlighted there. Great, great point. I got to ask you, Mike, on the 4th Gen Xeon Scalable capabilities, what does it do for the customer with Gen11 now that they have these breaches? Does it eliminate stuff? What's in it for the customer? What are some of the new things coming out with the Xeon? You're at Gen4, Gen11 for HP, but you guys have new stuff. What does it do for the customer? Does it help eliminate breaches? Are there things that are inherent in the product that HP is jointly working with you on or you were contributing in to the relationship that we should know about? What's new? >> Yeah, well there's so much great new stuff in our new 4th Gen Xeon Scalable processor. This is the one that was codenamed Sapphire Rapids. I mean, you know, more cores, more performance, AI acceleration, crypto acceleration, it's all in there. But one of my favorite security features, and it is one that's called Intel Control-Flow Enforcement Technology, or Intel CET. And why I like CET is because I find the attack that it is designed to mitigate is just evil genius. This type of attack, which is called a return, a jump, or a call-oriented programming attack, is designed to not bring a whole bunch of new identifiable malware into the system, you know, which could be picked up by security software. What it is designed to do is to look for little bits of existing, little bits of existing code already on the server. So if you're running, say, a web server, it's looking for little bits of that web-server code that it can then execute in a particular order to achieve a malicious outcome, something like open a command prompt, or escalate its privileges. Now in order to get those little code bits to execute in an order, it has a control mechanism. And there are different, each of the different types of attacks uses a different control mechanism. But what CET does is it gets in there and it disrupts those control mechanisms, uses hardware to prevent those particular techniques from being able to dig in and take effect. So CET can, you know, disrupt it and make sure that software behaves safely and as the programmer intended, rather than picking off these little arbitrary bits in one of these return, or jump, or call-oriented programming attacks. Now it is a technology that is included in every single one of the new 4th Gen Xeon Scalable processors. And so it's going to be an inherent characteristic the customers can benefit from when they buy a new Gen11 HPE server. >> Cole, more goodness from Intel there impacting Gen11 on the HPE side. What's your reaction to that? >> I mean, I feel like this is exactly why you do business with the big Tier 1 partners, because you can put, you know, trust in from where it comes from, through the global operations, literally, having it hardened from the factory it's finished in, moving into your operating environment, and then now protecting against attacks in your web hosting services, right? I mean, this is great. I mean, you'll always have an attack on data, you know, as you're seeing in the data. But the more contained, the more information, and the more control and trust we can give to our customers, it's going to make their job a little easier in protecting whatever job they're trying to do. >> Yeah, and enterprise customers, as you know, they're always trying to keep up to date on the skills and battle the threats. Having that built in under the covers is a real good way to kind of help them free up their time, and also protect them is really killer. This is a big, big part of the Gen11 story here. Securing the data, securing compute, that's the topic here for this special cube conversation, engineering for a hybrid world. Cole, I'll give you the final word. What should people pay attention to, Gen11 from HPE, bottom line, what's the story? >> You know, it's, you know, it's not the first time, it's not the last time, but it's our fundamental security approach to just helping customers through their digital transformation defend in an uncompromising focus to help protect our infrastructure in these technical solutions. >> Cole Humphreys is the global server security product manager at HPE. He's got his finger on the pulse and keeping everyone secure in the platform integrity there. Mike Ferron-Jones is the Intel product manager for data security technology. Gentlemen, thank you for this great conversation, getting into the weeds a little bit with Gen11, which is great. Love the hardware route-of-trust technologies, Better Together. Congratulations on Gen11 and your 4th Gen Xeon Scalable. Thanks for coming on. >> All right, thanks, John. >> Thank you very much, guys, appreciate it. Okay, you're watching "theCube's" special presentation, "Securing Compute, Engineered for the Hybrid World." I'm John Furrier, your host. Thanks for watching. (upbeat music)

(upbeat music) >> We're back talking about the path to sustainable IT and now we're going to get the perspective from Mattia Ballerio who is with Elmec Informatica, an IT services firm in the beautiful Lombardi region, of Italy, north of Milano. Mattia, welcome to theCUBE. Thanks so much for coming on. >> Thank you very much, Dave. Thank you. >> All right, before we jump in, tell us a little bit more about Elmec Informatica. What's your focus? Talk about your unique value add to customers. >> Yeah! So basically Elmec Informatica is middle company from the north part of Italy. And is managed service provider in the IT area. Okay, so the, the main focus area of Elmec is, rich digital transformation, and innovation to our clients with the focus on infrastructure services, workplace services, and also cybersecurity services, okay. And we try to follow the path of our clients to the digital transformation and innovation through technology and sustainability. >> Yeah, obviously very hot topics right now. Sustainability, environmental impact, they're growing areas of focus among leaders across all industries, particularly acute right now in, in Europe, with the, you know, the energy challenges. You've talked about things like sustainable business. What does that mean? What does that term, you know, speak to, and, and what can others learn from it? >> Yeah, at Elmec, our approach to sustainability is grounded in science and, and values. And also in a customer territory, but also employee centered. I mean, we conduct regular assessments to understand the most significant environment and social issues for our business with, with the goal of prioritizing what we do for a sustainability future. Our service delivery methodology, employee care, relationship with the local supplier, and local area and institution are a major factor for us to, to build a such a responsibility strategy. Specifically during the past year, we have been particularly focused on define sustainability governance in the company based on stakeholder engagement, defining material issues, establishing quantitative indicators, to monitor and setting medium to long term goals. >> Okay, so you have a lot of data. You can go into a customer, you can do an assessment, you can set a baseline, and then you have other data by which you can compare that and, and understand what's achievable. So what's your vision for sustainable business? You know, that strategy, you know, how has it affected your business in terms of the evolution? 'Cause this was, hasn't always been as hot a topic as it is today, and, and is it a competitive advantage for you? >> Yeah, yeah. For, for all intense and proposed sustainability is a competitive advantage for Elmec. I mean, it's so, because at the time of profound transformation in the work, in the world of work, CSR issues make a company more attractive when searching for new talent to enter in the workforce of our company. In addition, efforts to ensure people's proper work life balance are a strong retention factor. And, regarding our business proposition, Elmec's attempts is to meet high standard of sustainability and reliability. Our green data center, you said is a prime example of this approach, as at the same time, is there a conditioning activity that is done to give a second life to technology devices that come from, back from rental? I mean, our customer inquiries with respect to Elmec sustainability are increasingly frequent, and in depth. And which is why we monitor our performance, and invest in certification, such as, EcoVadis or ISO 14,001. Okay? >> Got it! So in a previous life, I actually did some work with, with power companies, and there were two big factors in IT, that affected the power consumption. Obviously virtualization was a big one, if you could consolidate servers, you know, that was huge. But the other was the advent of flash storage, and that was all we used to actually go in with the, the engineers and the power company put in alligator clips to measure of, of of an all flash array versus, you know, the spinning disk and it was a big impact. So, you want to talk about, your, your experience with Pure Storage. You use Flash Array, and the Evergreen architecture. Can you talk about your experience there? Why did you make that decision to select Pure Storage? How does that help you meet sustainability and operational requirements? Do those benefits scale as your customers grow? What's your experience been? >> Yeah! It was basically, an easy, an easy answer to our, to our business needs. Okay, because you said before that, in Elmec, we manage a lot of data, okay. And in the past we, we, we see, we see that, the constraints of managing so many, many data was very, very difficult to manage in terms of power consumption or simply for the, the space of storing the data. And, when, when Pure came to us and share our, their products, their vision, to the data management journey for Elmec Informatica, it was very easy to choose Pure, why? With values and the numbers, we, we create a business case and, we said, we see that our power consumption usage was much less, more than 90% of previous technology that we used in the past. Okay? And so of course you have to manage a gradual deploy of flash technology storage, but it was a good target. So we have tried to monitoring the adoption of flash technology, and monitor, monitoring also the power consumption, and the efficiency that the pure technology bring to our, to our IT systems, and of course the IT systems of our clients. And so this is one, the first part, the first good part of our trip with, with Pure. And after that, we approach also the sustainability in long term of choosing Pure technology storage. You mentioned the evergreen models of Pure, and of course this was, a game challenge for us because it allows, it allow us to extend the life cycle management of our data centers, but also the, it allows us to improve the facility, of the facilities of using technology from our technical side, okay. So we are much more efficient than in the past with the choose of Pure Storage Technologies, okay. Of course, this easy users, easy usage mode, let me say, it allow us to bring this value to our, to all our clients that put their data in our data centers. >> So, you talked about how you've seen, 90% improvement relative to previous technologies. I always, I haven't put you on the spot. Because I, I, I was on Pure's website, and I saw in their ESG report some com, you know, it was a comparison with a generic competitor. I'm presuming that competitor was not, you know 2010 spinning disk system. But, but, so I'm curious, as to the results that you're seeing with Pure, in terms of footprint and power usage. You, you're referencing some of that. We heard some metrics from Nicole and Ajay earlier in the program. Do you think, again I'm going to put you in the spot, do you think that Pure's architecture, and the way they've applied, whether it's machine intelligence or the Evergreen model, et cetera, is more competitive than other platforms, that you've seen? >> Yeah, of course. Is more competitor, more competitive. Because basically it allows to service provider to do much more efficient value proposition and offer services that are more that brings more values to, to the customers. Okay, so the customer is always at the center of a proposition of service provider. And the trying to adopt the methodology and also the, the value that Pure as inside, by design in the technology is, is for us very, very important and very, very strategic. Because, because, with like a glass, we can ourself transfer, try to transfer the values of Pure, Pure technologies to our service provider client. >> Okay Mattia, let's wrap and talk about sort of near term 2023 and then longer term. It looks like sustainability is a topic that's here to stay. Unlike when we were putting alligator clips on storage arrays, trying to help customers get rebates, that just didn't have legs. It was too complicated. Now it's a, a topic that everybody's measuring. What's next for Elmec, in its sustainability journey? What advice would you might have for sustainability leaders that want to make a meaningful impact on the environment but also on the bottom line? >> Okay. So, sustainability is fortunately a widely spread concept. And our role in, in this great game is to define a strategy, align with the common and fundamentals goals for the future of planet, and capable of expressing our inclination, and the particularities. Elmec sustainability goals in the near future, I can say that are will be basically free. One define sustainability plan, okay. It's fundamentals to define a sustainability plan. Then it's very important to monitor the, its emissions and we will calculate our carbon footprint, okay. And list, button list, produce a certifiable and comprehensive sustainability report, with respect to the demands of customers, suppliers, and also partners. Okay, so I can say that, this three target will be our direction in the, in the future. Okay? >> Yeah, so I mean, pretty straightforward. Make a plan. You got to monitor and measure. You can't improve what you can't measure. So you going to set a baseline, you're going to report on that. You're going to analyze the data and you're going to make continuous improvement. >> Yep. >> Mattia, thanks so much for joining us today and sharing your perspectives from the, the northern part of Italy. Really appreciate it. >> Yep. Thank you for having me on board. Thank you very much. >> It was really our pleasure. Okay, in a moment, I'm going to be back to wrap up the program, and share some resources , that could be valuable in your sustainability journey. Keep it right there. (upbeat music)

>>In the early part of this century, we're talking about the 2005 to 2007 timeframe. There was a lot of talk about so-called green it. And at that time there was some organizational friction. Like for example, the line was that the CIO never saw the power bill, so he or she didn't care, or that the facilities folks, they rarely talked to the IT department. So it was kind of that split brain. And, and then the oh 7 0 8 financial crisis really created an inflection point in a couple of ways. First, it caused organizations to kind of pump the brakes on it spending, and then they took their eye off the sustainability ball. And the second big trend, of course, was the cloud model, you know, kind of became a benchmark for it. Simplicity and automation and efficiency, the ability to dial down and dial up capacity as needed. >>And the third was by the end of the first decade of the, the two thousands, the technology of virtualization was really hitting its best stride. And then you had innovations like flash storage, which largely eliminated the need for these massive farms of spinning mechanical devices that sucked up a lot of power. And so really these technologies began their march to mainstream adoption. And as we progressed through the 2020s, the effect of climate change really come into focus as a critical component of esg. Environmental, social, and governance. Shareholders have come to demand metrics around sustainability. Employees are often choosing employers based on their ESG posture. And most importantly, companies are finding that savings on power cooling and footprint, it has a bottom line impact on the income statement. Now you add to that the energy challenges around the world, particularly facing Europe right now, the effects of global inflation and even more advanced technologies like machine intelligence. >>And you've got a perfect storm where technology can really provide some relief to organizations. Hello and welcome to the Path to Sustainable It Made Possible by Pure Storage and Collaboration with the Cube. My name is Dave Valante and I'm one of the host of the program, along with my colleague Lisa Martin. Now, today we're gonna hear from three leaders on the sustainability topic. First up, Lisa will talk to Nicole Johnson. She's the head of Social Impact and Sustainability at Pure Storage. Nicole will talk about the results from a study of around a thousand sustainability leaders worldwide, and she'll share some metrics from that study. And then next, Lisa will speak to AJ Singh. He's the Chief Product Officer at Pure Storage. We've had had him on the cube before, and not only will he share some useful stats in the market, I'll also talk about some of the technology innovations that customers can tap to address their energy consumption, not the least of which is ai, which is is entering every aspect of our lives, including how we deal with energy consumption. And then we'll bring it back to our Boston studio and go north of Italy with Mattia Ballero of Elec Informatica, a services provider with deep expertise on the topic of sustainability. We hope you enjoyed the program today. Thanks for watching. Let's get started >>At Pure Storage, the opportunity for change and our commitment to a sustainable future are a direct reflection of the way we've always operated and the values we live by every day. We are making significant and immediate impact worldwide through our environmental sustainability efforts. The milestones of change can be seen everywhere in everything we do. Pure's Evergreen Storage architecture delivers two key environmental benefits to customers, the reduction of wasted energy and the reduction of e-waste. Additionally, Pure's implemented a series of product packaging redesigns, promoting recycled and reuse in order to reduce waste that will not only benefit our customers, but also the environment. Pure is committed to doing what is right and leading the way with innovation. That has always been the pure difference, making a difference by enabling our customers to drive out energy usage and their data storage systems by up to 80%. Today, more than 97% of pure arrays purchased six years ago are still in service. And tomorrow our goal for the future is to reduce Scope three. Emissions Pure is committing to further reducing our sold products emissions by 66% per petabyte by 2030. All of this means what we said at the beginning, change that is simple and that is what it has always been about. Pure has a vision for the future today, tomorrow, forever. >>Hi everyone, welcome to this special event, pure Storage, the Path to Sustainable it. I'm your host, Lisa Martin. Very pleased to be joined by Nicole Johnson, the head of Social Impact and Sustainability at Pure Storage. Nicole, welcome to the Cube. Thanks >>For having me, Lisa. >>Sustainability is such an important topic to talk about and I understand that Pure just announced a report today about sustainability. What can you tell me what nuggets are in this report? >>Well, actually quite a few really interesting nuggets, at least for us. And I, I think probably for you and your viewers as well. So we actually commissioned about a thousand sustainability leaders across the globe to understand, you know, what are their sustainability goals, what are they working on, and what are the impacts of buying decisions, particularly around infrastructure when it comes to sustainable goals. I think one of the things that was really interesting for us was the fact that around the world we did not see a significant variation in terms of sustainability being a top priority. You've, I'm sure you've heard about the energy crisis that's happening across Europe. And so, you know, there was some thought that perhaps that might play into AMEA being a larger, you know, having sustainability goals that were more significant. But we actually did not find that we found sustainability to be really important no matter where the respondents were located. >>So very interesting at Pure sustainability is really at the heart of what we do and has been since our founding. It's interesting because we set out to make storage really simple, but it turns out really simple is also really sustainable. And the products and services that we bring to our customers have really powerful outcomes when it comes to decreasing their, their own carbon footprints. And so, you know, we often hear from customers that we've actually really helped them to significantly improve their storage performance, but also allow them to save on space power and cooling costs and, and their footprint. So really significant findings. One example of that is a company called Cengage, which is a global education technology company. They recently shared with us that they have actually been able to reduce their overall storage footprint by 80% while doubling to tripling the performance of their storage systems. So it's really critical for, for companies who are thinking about their sustainability goals, to consider the dynamic between their sustainability program and their IT teams who are making these buying decisions, >>Right? Those two teams need to be really inextricably linked these days. You talked about the fact that there was really consistency across the regions in terms of sustainability being of high priority for organizations. You had a great customer story that you shared that showed significant impact can be made there by bringing the sustainability both together with it. But I'm wondering why are we seeing that so much of the vendor selection process still isn't revolving around sustainability or it's overlooked? What are some of the things that you received despite so many people saying sustainability, huge priority? >>Well, in this survey, the most commonly cited challenge was really around the fact that there was a lack of management buy-in. 40% of respondents told us this was the top roadblock. So getting, I think getting that out of the way. And then we also just heard that sustainability teams were not brought into tech purchasing processes until after it's already rolling, right? So they're not even looped in. And that being said, you know, we know that it has been identified as one of the key departments to supporting a company sustainability goals. So we, we really want to ensure that these two teams are talking more to each other. When we look even closer at the data from the respondents, we see some really positive correlations. We see that 65% of respondents reported that they're on track to meet their sustainability goals. And the IT of those 65%, it is significantly engaged with reporting data for those sustainability initiatives. We saw that, that for those who did report, the sustainability is a top priority for vendor selection. They were twice as likely to be on track with their goals and their sustainability directors said that they were getting involved at the beginning of the tech purchasing program. Our process, I'm sorry, rather than towards the end. And so, you know, we know that to curb the impact of climate crisis, we really need to embrace sustainability from a cross-functional viewpoint. >>Definitely has to be cross-functional. So, so strong correlations there in the report that organizations that had closer alignment between the sustainability folks and the IT folks were farther along in their sustainability program development, execution, et cetera, those co was correlations, were they a surprise? >>Not entirely. You know, when we look at some of the statistics that come from the, you know, places like the World Economic Forum, they say that digitization generated 4% of greenhouse gas emissions in 2020. So, and that, you know, that's now almost three years ago, digital data only accelerates, and by 2025, we expect that number could be almost double. And so we know that that communication and that correlation is gonna be really important because data centers are taking up such a huge footprint of when companies are looking at their emissions. And it's, I mean, quite frankly, a really interesting opportunity for it to be a trailblazer in the sustainability journey. And, you know, perhaps people that are in IT haven't thought about how they can make an impact in this area, but there really is some incredible ways to help us work on cutting carbon emissions, both from your company's perspective and from the world's perspective, right? >>Like we are, we're all doing this because it's something that we know we have to do to drive down climate change. So I think when you, when you think about how to be a trailblazer, how to do things differently, how to differentiate your own department, it's a really interesting connection that IT and sustainability work together. I would also say, you know, I'll just note that of the respondents to the survey we were discussing, we do over half of those respondents expect to see closer alignment between the organization's IT and sustainability teams as they move forward. >>And that's really a, a tip a hat to those organizations embracing cultural change. That's always hard to do, but for those two, for sustainability in IT to come together as part of really the overall ethos of an organization, that's huge. And it's great to see the data demonstrating that, that those, that alignment, that close alignment is really on its way to helping organizations across industries make a big impact. I wanna dig in a little bit to here's ESG goals. What can you share with us about >>That? Absolutely. So as I mentioned peers kind of at the beginning of our formal ESG journey, but really has been working on the, on the sustainability front for a long time. I would, it's funny as we're, as we're doing a lot of this work and, and kind of building our own profile around this, we're coming back to some of the things that we have done in the past that consumers weren't necessarily interested in then but are now because the world has changed, becoming more and more invested in. So that's exciting. So we did a baseline scope one, two, and three analysis and discovered, interestingly enough that 70% of our emissions comes from use of sold products. So our customers work running our products in their data centers. So we know that we, we've made some ambitious goals around our Scope one and two emissions, which is our own office, our utilities, you know, those, they only account for 6% of our emissions. So we know that to really address the issue of climate change, we need to work on the use of sold products. So we've also made a, a really ambitious commitment to decrease our carbon emissions by 66% per bed per petabyte by 2030 in our product. So decreasing our own carbon footprint, but also affecting our customers as well. And we've also committed to a science-based target initiative and our road mapping how to achieve the ambitious goals set out in the Paris agreement. >>That's fantastic. It sounds like you really dialed in on where is the biggest opportunity for us as Pure Storage to make the biggest impact across our organization, across our customers organizations. There lofty goals that pure set, but knowing what I know about Pure, you guys are probably well on track to, to accomplish those goals in record time, >>I hope So. >>Talk a little bit about advice that you would give to viewers who might be at the very beginning of their sustainability journey and really wondering what are the core elements besides it, sustainability, team alignment that I need to bring into this program to make it actually successful? >>Yeah, so I think, you know, understanding that you don't have to pick between really powerful technology and sustainable technology. There are opportunities to get both and not just in storage right in, in your entire IT portfolio. We know that, you know, we're in a place in the world where we have to look at things from the bigger picture. We have to solve new challenges and we have to approach business a little bit differently. So adopting solutions and services that are environmentally efficient can actually help to scale and deliver more effective and efficient IT solutions over time. So I think that that's something that we need to, to really remind ourselves, right? We have to go about business a little bit differently and that's okay. We also know that data centers utilize an incredible amount of, of energy and, and carbon. And so everything that we can do to drive that down is going to address the sustainability goals for us individually as well as, again, drive down that climate change. So we, we need to get out of the mindset that data centers are, are about reliability or cost, et cetera, and really think about efficiency and carbon footprint when you're making those business decisions. I'll also say that, you know, the earlier that we can get sustainability teams into the conversation, the more impactful your business decisions are going to be and helping you to guide sustainable decision making. >>So shifting sustainability and IT left almost together really shows that the correlation between those folks getting together in the beginning with intention, the report shows and the successes that peers had demonstrate that that's very impactful for organizations to actually be able to implement even the cultural change that's needed for sustainability programs to be successful. My last question for you goes back to that report. You mentioned in there that the data show a lot of organizations are hampered by management buy-in, where sustainability is concerned. How can pure help its customers navigate around those barriers so that they get that management buy-in and they understand that the value in it for >>Them? Yeah, so I mean, I think that for me, my advice is always to speak to hearts and minds, right? And help the management to understand, first of all, the impact right on climate change. So I think that's the kind of hearts piece on the mind piece. I think it's addressing the sustainability goals that these companies have set for themselves and helping management understand how to, you know, how their IT buying decisions can actually really help them to reach these goals. We also, you know, we always run kind of TCOs for customers to understand what is the actual cost of, of the equipment. And so, you know, especially if you're in a, in a location in which energy costs are rising, I mean, I think we're seeing that around the world right now with inflation. Better understanding your energy costs can really help your management to understand the, again, the bigger picture and what that total cost is gonna be. Often we see, you know, that maybe the I the person who's buying the IT equipment isn't the same person who's purchasing, who's paying the, the electricity bills, right? And so sometimes even those two teams aren't talking. And there's a great opportunity there, I think, to just to just, you know, look at it from a more high level lens to better understand what total cost of ownership is. >>That's a great point. Great advice. Nicole, thank you so much for joining me on the program today, talking about the new report that on sustainability that Pure put out some really compelling nuggets in there, but really also some great successes that you've already achieved internally on your own ESG goals and what you're helping customers to achieve in terms of driving down their carbon footprint and emissions. We so appreciate your insights and your thoughts. >>Thank you, Lisa. It's been great speaking with you. >>AJ Singh joins me, the Chief Product Officer at Peer Storage. Aj, it's great to have you back on the program. >>Great to be back on, Lisa, good morning. >>Good morning. And sustainability is such an important topic to talk about. So we're gonna really unpack what PEER is doing, we're gonna get your viewpoints on what you're seeing and you're gonna leave the audience with some recommendations on how they can get started on their ESG journey. First question, we've been hearing a lot from pure AJ about the role that technology plays in organizations achieving sustainability goals. What's been the biggest environmental impact associated with, with customers achieving that given the massive volumes of data that keep being generated? >>Absolutely, Lisa, you can imagine that the data is only growing and exploding and, and, and, and there's a good reason for it. You know, data is the new currency. Some people call it the new oil. And the opportunity to go process this data gain insights is really helping customers drive an edge in the digital transformation. It's gonna make a difference between them being on the leaderboard a decade from now when the digital transformation kind of pans out versus, you know, being kind of somebody that, you know, quite missed the boat. So data is super critical and and obviously as part of that we see all these big benefits, but it has to be stored and, and, and that means it's gonna consume a lot of resources and, and the, and therefore data center usage has only accelerated, right? You can imagine the amount of data being generated, you know, recent study pointed to roughly by twenty twenty five, a hundred and seventy five zetabytes, which where each zettabyte is a billion terabytes. So just think of that size and scale of data. That's huge. And, and they also say that, you know, pretty soon, today, in fact in the developed world, every person is having an interaction with the data center literally every 18 seconds. So whether it's on Facebook or Twitter or you know, your email, people are constantly interacting with data. So you can imagine this data is only exploding. It has to be stored and it consumes a lot of energy. In fact, >>It, oh, go ahead. Sorry. >>No, I was saying in fact, you know, there's some studies have shown that data center usage literally consumes one to 2% of global energy consumption. So if there's one place we could really help climate change and, and all those aspects, if you can kind of really, you know, tamp down the data center, energy consumption, sorry, you were saying, >>I was just gonna say, it's, it's an incredibly important topic and the, the, the stats on data that you provided and also I, I like how you talked about, you know, every 18 seconds we're interacting with a data center, whether we know it or not, we think about the long term implications, the fact that data is growing massively. As you shared with the stats that you mentioned. If we think about though the responsibility that companies have, every company in today's world needs to be a data company, right? And we consumers expect it. We expect that you are gonna deliver these relevant, personalized experiences whether we're doing a transaction in our personal lives or in business. But what is the, what requirements do technology companies have to really start billing down their carbon footprints? >>No, absolutely. If you can think about it, just to kind of finish up the data story a little bit, the explosion is to the point where, in fact, if you just recently was in the news that Ireland went up and said, sorry, we can't have any more data centers here. We just don't have the power to supply them. That was big in the news and you know, all the hyperscale that was crashing the head. I know they've come around that and figured out a way around it, but it's getting there. Some, some organizations and and areas jurisdictions are saying pretty much no data center the law, you know, we're, we just can't do it. And so as you said, so companies like Pure, I mean, our view is that it has an opportunity here to really do our bit for climate change and be able to, you know, drive a sustainable environment. >>And, and at Pure we believe that, you know, today's data success really ultimately hinges on energy efficiency, you know, so to to really be energy efficient means you are gonna be successful long term with data. Because if you think of classic data infrastructures, the legacy infrastructures, you know, we've got disk infrastructures, hybrid infrastructures, flash infrastructures, low end systems, medium end systems, high end systems. So a lot of silos, you know, a lot of inefficiency across the silos. Cause the data doesn't get used across that. In fact, you know, today a lot of data centers are not really built with kind of the efficiency and environmental mindset. So there's a big opportunity there. >>So aj, talk to me about some of the steps that Pure is implementing as its chief product officer. Would love to get your your thoughts, what steps is it implementing to help Pures customers become more sustainable? >>No, absolutely. So essentially we are all inherently motivated, like pure and, and, and, and everybody else to solve problems for customers and really forward the status quo, right? You know, innovation, you know, that's what we are all about. And while we are doing that, the challenge is to how do you make technology and the data we feed into it faster, smarter, scalable obviously, but more importantly sustainable. And you can do all of that, but if you miss the sustainability bit, you're kind of missing the boat. And I also feel from an ethical perspective, that's really important for us. Not only you do all the other things, but also kind of make it sustainable. In fact, today 80% of the companies, the companies are realizing this, 80% today are in fact report out on sustainability, which is great. In fact, 80% of leadership at companies, you know, CEOs and senior executives say they've been impacted by some climate change event, you know, where it's a fire in the place they had to evacuate or floods or storms or hurricanes, you, you name it, right? >>So mitigating the carbon impact can in fact today be a competitive advantage for companies because that's where the puck is going and everybody's, you know, it's skating, wanting to skate towards the, and it's good, it's good business too to be sustainable and, and, and meet these, you know, customer requirements. In fact, the the recent survey that we released today is saying that more and more organizations are kickstarting, their sustainability initiatives and many take are aiming to make a significant progress against that over the next decade. So that's, that's really, you know, part of the big, the really, so our view is that that IT infrastructure, you know, can really make a big push towards greener it and not just kind of greenwash it, but actually, you know, you know, make things more greener and, and, and really take the, the lead in, in esg. And so it's important that organizations can reach alignment with their IT teams and challenge their IT teams to continue to lead, you know, for the organization, the sustainability aspects. >>I'm curious, aj, when you're in customer conversations, are you seeing that it's really the C-suite plus it coming together and, and how does peer help facilitate that? To your point, it needs to be able to deliver this, but it's, it's a board level objective these days. >>Absolutely. We're seeing increasingly, especially in Europe with the, you know, the war in Ukraine and the energy crisis that, you know, that's, that's, you know, unleashed. We definitely see it's becoming a bigger and bigger board level objective for, for a lot of companies. And we definitely see customers in starting to do that. So, so in particular, I do want to touch briefly on what steps we are taking as a company, you know, to to to make it sustainable. And obviously customers are doing all the things we talked about and, and we're also helping them become smarter with data. But the key difference is, you know, we have a big focus on efficiency, which is really optimizing performance per wat with unmatched storage density. So you can reduce the footprint and dramatically lower the power required. And and how efficient is that? You know, compared to other old flash systems, we tend to be one fifth, we tend to take one fifth the power compared to other flash systems and substantially lower compared to spinning this. >>So you can imagine, you know, cutting your, if data center consumption is a 2% of global consumption, roughly 40% of that tends to be storage cause of all the spinning disc. So you add about, you know, 0.8% to global consumption and if you can cut that by four fifths, you know, you can already start to make an impact. So, so we feel we can do that. And also we're quite a bit more denser, 10 times more denser. So imagine one fifth the power, one 10th the density, but then we take it a step further because okay, you've got the storage system in the data center, but what about the end of life aspect? What about the waste and reclamation? So we also have something called non-disruptive upgrades. We, using our AI technology in pure one, we can start to sense when a particular part is going to fail and just before it goes to failure, we actually replace it in a non-disruptive fashion. So customer's data is not impacted and then we recycle that so you get a full end to end life cycle, you know, from all the way from the time you deploy much lower power, much lower density, but then also at the back end, you know, reduction in e-waste and those kind of things. >>That's a great point you, that you bring up in terms of the reclamation process. It sounds like Pure does that on its own, the customer doesn't have to be involved in that. >>That's right. And we do that, it's a part of our evergreen, you know, service that we offer. A lot of customers sign up for that service and in fact they don't even, we tell them, Hey, you know, that part's about to go, we're gonna come in, we're gonna swap it out and, and then we actually recycle that part, >>The power of ai. Love that. What are some of the, the things that companies can do if they're, if they're early in this journey on sustainability, what are some of the specific steps companies can take to get started and maybe accelerate that journey as it's becoming climate change and things are becoming just more and more of a, of a daily topic on the news? >>No, absolutely. There's a lot of things companies can do. In fact, the four four item that we're gonna highlight, the first one is, you know, they can just start by doing a materiality assessment and a materiality assessment essentially engages all the stakeholders to find out which specific issues are important for the business, right? So you identify your key priorities that intersect with what the stakeholders want, you know, your different groups from sales, customers, partners, you know, different departments in the organization. And for example, for us, when we conducted our materiality assessment, for us, our product we felt was the biggest area of focus that could contribute a lot towards, you know, making an impact in, in, in from a sustainability standpoint. That's number one. I think number two companies can also think about taking an Azure service approach. The beauty of the Azure service approach is that you are buying a, your customer, they're buying outcomes with SLAs and, and when you are starting to buy outcomes with SLAs, you can start small and then grow as you consume more. >>So that way you don't have systems sitting idle waiting for you to consume more, right? And that's the beauty of the as service approach. And so for example, for us, you know, we have something called Evergreen one, which is our as service offer, where essentially customers are able to only use and have systems turned onto as much as they're consuming. So, so that reduces the waste associated with underutilized systems, right? That's number two. Number three is also you can optimize your supply chains end to end, right? Basically by making sure you're moving, recycling, packaging and eliminating waste in that thing so you can recycle it back to your suppliers. And you can also choose a sustainable supplier network that following sort of good practices, you know, you know, across the globe and such supply chains that are responsive and diverse can really help you. Also, the big business benefit benefited. >>You can also handle surges and demand, for example, for us during the pandemic with this global supply chain shortages, you know, whereas most of our competitors, you know, lead times went to 40, 50 weeks, our lead times went from three to six weeks cuz you know, we had this sustainable, you know, supply chain. And so all of these things, you know, the three things important, but the fourth thing I say more cultural and, and the cultural thing is how do you actually begin to have sustainability become a core part of your ethos at the company, you know, across all the departments, you know, and we've at Pure, definitely it's big for us, you know, you know, around sustainability starting with a product design, but all of the areas as well, if you follow those four items, they'll do the great place to start. >>That's great advice, great recommendations. You talk about the, the, the supply chain, sustainable supply chain optimization. We've been having a lot of conversations with businesses and vendors alike about that and how important it is. You bring up a great point too on supplier diversity, if we could have a whole conversation on that. Yes. But I'm also glad that you brought up culture that's huge to, for organizations to adopt an ESG strategy and really drive sustainability in their business. It has to become, to your point, part of their ethos. Yes. It's challenging. Cultural change management is challenging. Although I think with climate change and the things that are so public, it's, it's more on, on the top mindset folks. But it's a great point that the organization really as a whole needs to embrace the sustainability mindset so that it as a, as an organization lives and breathes that. Yes. And last question for you is advice. So you, you outlined the Four Steps organizations can take. I look how you made that quite simple. What advice would you give organizations who are on that journey to adopting those, those actions, as you said, as they look to really build and deploy and execute an ESG strategy? >>No, absolutely. And so obviously, you know, the advice is gonna come from, you know, a company like Pure, you know, our background kind of being a supplier of products. And so, you know, our advice is for companies that have products, usually they tend to be the biggest generator, the products that you sell to your, your customers, especially if they've got hardware components in it. But, you know, the biggest generator of e-waste and, and and, and, and, and kind of from a sustainability standpoint. So it's really important to have an intentional design approach towards your products with sustainability in mind. So it's not something that's, that you can handle at the very back end. You design it front in the product and so that sustainable design becomes very intentional. So for us, for example, doing these non-disruptive upgrades had to be designed up front so that, you know, a, you know, one of our repair person could go into a customer shop and be able to pull out a card and put in a new card without any change in the customer system. >>That non-receptive approach, it has to be designed into the hardware software systems to be able to pull that on. And that intentional design enables you to recover pieces just when they're about to fail and then putting them through a recovery, you know, waste recovery process. So that, that's kind of the one thing I would say that philosophy, again, it comes down to if that is, you know, seeping into the culture, into your core ethos, you will start to do, you know, you know, that type of work. So, so I mean it's important thing, you know, look, this year, you know, with the spike in energy prices, you know, you know, gas prices going up, it's super important that all of us, you know, do our bit in there and start to drive products that are fundamentally sustainable, not just at the initial, you know, install point, but from an end to end full life cycle standpoint. >>Absolutely. And I love that you brought up intention that is everything that peers doing is with, with such thought and intention and really for organizations and any industry to become more sustainable, to develop an ESG strategy. To your point, it all needs to start with intention. And of course that that cultural adoption, aj, it's been so great to have you on the program talking about what PEER is doing to help organizations really navigate that path to sustainable it. We appreciate your insights on your time. >>Thank you, Lisa. Pleasure being on board >>At Pure Storage. The opportunity for change and our commitment to a sustainable future are a direct reflection of the way we've always operated and the values we live by every day. We are making significant and immediate impact worldwide through our environmental sustainability efforts. The milestones of change can be seen everywhere in everything we do. Pures Evergreen storage architecture delivers two key environmental benefits to customers, the reduction of wasted energy and the reduction of e-waste. Additionally, pures implemented a series of product packaging redesigns, promoting recycle and reuse in order to reduce waste that will not only benefit our customers, but also the environment. Pure is committed to doing what is right and leading the way with innovation. That has always been the pure difference, making a difference by enabling our customers to drive out energy usage and their data storage systems by up to 80% today, more than 97% of Pure Array purchased six years ago are still in service. And tomorrow our goal for the future is to reduce Scope three emissions Pure is committing to further reducing our sold products emissions by 66% per petabyte by 2030. All of this means what we said at the beginning, change that is simple and that is what it has always been about. Pure has a vision for the future today, tomorrow, forever. >>We're back talking about the path to sustainable it and now we're gonna get the perspective from Mattia Valerio, who is with Elec Informatica and IT services firm and the beautiful Lombardi region of Italy north of Milano. Mattia, welcome to the Cube. Thanks so much for coming on. >>Thank you very much, Dave. Thank you. >>All right, before we jump in, tell us a little bit more about Elec Informatica. What's your focus, talk about your unique value add to customers. >>Yeah, so basically Alma Informatica is middle company from the north part of Italy and is managed service provider in the IT area. Okay. So the, the main focus area of Al Meca is reach digital transformation innovation to our clients with focus on infrastructure services, workplace services, and also cybersecurity services. Okay. And we try to follow the path of our clients to the digital transformation and the innovation through technology and sustainability. >>Yeah. Obviously very hot topics right now. Sustainability, environmental impact, they're growing areas of focus among leaders across all industries. A particularly acute right now in, in Europe with the, you know, the energy challenges you've talked about things like sustainable business. What does that mean? What does that term Yeah. You know, speak to and, and what can others learn from it? >>Yeah. At at, at our approach to sustainability is grounded in science and, and values and also in customer territory, but also employee centered. I mean, we conduct regular assessments to understand the most significant environment and social issues for our business with, with the goal of prioritizing what we do for a sustainability future. Our service delivery methodology, employee care relationship with the local supplier and local area and institution are a major factor for us to, to build a such a responsibility strategy. Specifically during the past year, we have been particularly focused on define sustainability governance in the company based on stakeholder engagement, defining material issues, establishing quantitative indicators to monitor and setting medium to long-term goals. >>Okay, so you have a lot of data. You can go into a customer, you can do an assessment, you can set a baseline, and then you have other data by which you can compare that and, and understand what's achievable. So what's your vision for sustainable business? You know, that strategy, you know, how has it affected your business in terms of the evolution? Cuz this wasn't, hasn't always been as hot a topic as it is today. And and is it a competitive advantage for you? >>Yeah, yeah. For, for, for all intense and proposed sustainability is a competitive advantage for elec. I mean, it's so, because at the time of profound transformation in the work, in the world of work, CSR issues make a company more attractive when searching for new talent to enter in the workforce of our company. In addition, efforts to ensure people's proper work life balance are a strong retention factor. And regarding our business proposition, ELEX attempts is to meet high standard of sustainability and reliability. Our green data center, you said is a prime example of this approach as at the same time, is there a conditioning activity that is done to give a second life to technology devices that come from back from rental? I mean, our customer inquiries with respect to sustainability are increasingly frequent and in depth and which is why we monitor our performance and invest in certification such as EcoVadis or ISO 14,001. Okay, >>Got it. So in a previous life I actually did some work with, with, with power companies and there were two big factors in it that affected the power consumption. Obviously virtualization was a big one, if you could consolidate servers, you know, that was huge. But the other was the advent of flash storage and that was, we used to actually go in with the, the engineers and the power company put in alligator clips to measure of, of, of an all flash array versus, you know, the spinning disc and it was a big impact. So you, I wanna talk about your, your experience with Pure Storage. You use Flash Array and the Evergreen architecture. Can you talk about what your experience there, why did you make that decision to select Pure Storage? How does that help you meet sustainability and operational requirements? Do those benefits scale as your customers grow? What's your experience been? >>Yeah, it was basically an easy and easy answer to our, to our business needs. Okay. Because you said before that in Elec we, we manage a lot of data, okay? And in the past we, we, we see it, we see that the constraints of managing so many, many data was very, very difficult to manage in terms of power consumption or simply for the, the space of storing the data. And when, when Pure came to us and share our products, their vision to the data management journey for Element Informatica, it was very easy to choose pure why with values and numbers. We, we create a business case and we said that we, we see that our power consumption usage was much less, more than 90% of previous technology that we used in the past. Okay. And so of course you have to manage a grade oil deploy of flash technology storage, but it was a good target. >>So we have tried to monitoring the adoption of flash technology and monitor monitoring also the power consumption and the efficiency that the pure technology bring to our, to our IT systems and of course the IT systems of our clients. And so this is one, the first part, the first good part of our trip with, with Pure. And after that we approach also the sustainability in long term of choosing pure technology storage. You mentioned the Evergreen models of Pure, and of course this was, again, challenge for us because it allows, it allow us to extend the life cycle management of our data centers, but also the, IT allows us to improve the facility of the facilities of using technology from our technical side. Okay. So we are much more efficient than in the past with the choose of Pure storage technologies. Okay. Of course, this easy users, easy usage mode, let me say it, allow us to bring this value to our, to all our clients that put their data in our data centers. >>So you talked about how you've seen a 90% improvement relative to previous technologies. I always, I haven't put you in the spot. Yeah, because I, I, I was on Pure's website and I saw in their ESG report some com, you know, it was a comparison with a generic competitor presuming that competitor was not, you know, a 2010 spinning disc system. But, but, so I'm curious as to the results that you're seeing with Pure in terms of footprint and power usage. You, you're referencing some of that. We heard some metrics from Nicole and AJ earlier in the program. Do you think, again, I'm gonna put you in the spot, do you think that Pure's architecture and the way they've applied, whether it's machine intelligence or the Evergreen model, et cetera, is more competitive than other platforms that you've seen? >>Yeah, of course. Is more competitor improve competitive because basically it allows to service provider to do much more efficient value proposition and offer services that are more, that brings more values to, to the customers. Okay. So the customer is always at the center of a proposition of a service provider and trying to adopt the methodology and also the, the value that pure as inside by design in the technology is, is for us very, very, very important and very, very strategic because, because with like a glass, we can, our self transfer try to transfer the values of pure, pure technologies to our service provider client. >>Okay. Matta, let's wrap and talk about sort of near term 2023 and then longer term it looks like sustainability is a topic that's here to stay. Unlike when we were putting alligator clips on storage arrays, trying to help customers get rebates that just didn't have legs. It was too complicated. Now it's a, a topic that everybody's measuring. What's next for elec in its sustainability journey? What advice would you might have? Sustainability leaders that wanna make a meaningful impact on the environment, but also on the bottom line. >>Okay, so sustainability is fortunately a widely spread concept. And our role in, in this great game is to define a strategy, align with the common and fundamentals goals for the future of planet and capable of expressing our inclination and the, and the particularities and accessibility goals in the near future. I, I say, I can say that are will be basically free one define sustainability plan. Okay? It's fundamentals to define a sustainability plan. Then it's very important to monitor the its emissions and we will calculate our carbon footprint. Okay? And least button list produces certifiable and comprehensive sustainability report with respect to the demands of customers, suppliers, and also partners. Okay. So I can say that this three target will be our direction in the, in the future. Okay. >>Yeah. So I mean, pretty straightforward. Make a plan. You gotta monitor and measure, you can't improve what you can't measure. So you gonna set a baseline, you're gonna report on that. Yep. You're gonna analyze the data and you're gonna make continuous improvement. >>Yep. >>Matea, thanks so much for joining us today in sharing your perspectives from the, the northern part of Italy. Really appreciate it. >>Yeah, thank you for having aboard. Thank you very >>Much. It was really our pleasure. Okay, in a moment, I'm gonna be back to wrap up the program and share some resources that could be valuable in your sustainability journey. Keep it right there. >>Sustainability is becoming increasingly important and is hitting more RFPs than ever before as a critical decision point for customers. Environmental benefits are not the only impetus. Rather bottom line cost savings are proving that sustainability actually means better business. You can make a strong business case around sustainability and you should, many more organizations are setting mid and long-term goals for sustainability and putting forth published metrics for shareholders and customers. Whereas early green IT initiatives at the beginning of this century, were met with skepticism and somewhat disappointing results. Today, vendor r and d is driving innovation in system design, semiconductor advancements, automation in machine intelligence that's really beginning to show tangible results. Thankfully. Now remember, all these videos are available on demand@thecube.net. So check them out at your convenience and don't forget to go to silicon angle.com for all the enterprise tech news of the day. You also want to check out pure storage.com. >>There are a ton of resources there. As an aside, pure is the only company I can recall to allow you to access resources like a Gartner Magic Quadrant without forcing you to fill out a lead gen form. So thank you for that. Pure storage, I love that. There's no squeeze page on that. No friction. It's kind of on brand there for pure well done. But to the topic today, sustainability, there's some really good information on the site around esg, Pure's Environmental, social and Governance mission. So there's more in there than just sustainability. You'll see some transparent statistics on things like gender and ethnic diversity, and of course you'll see that Pure has some work to do there. But kudos for publishing those stats transparently and setting goals so we can track your progress. And there's plenty on the sustainability topic as well, including some competitive benchmarks, which are interesting to look at and may give you some other things to think about. We hope you've enjoyed the path to Sustainable it made possible by Pure Storage produced with the Cube, your leader in enterprise and emerging tech, tech coverage.

>>Hi, we're back day two of Falcon, 2022. We're live from the area in Las Vegas, Silicon angles, the queue. My name is Dave Lanta and Rob Picard is here. He's the security lead for Vanta a company that CrowdStrike just made an investment in. Rob. Thanks for coming to the cube. >>Thank you very much. Happy to be here. So >>That's big news. You know, you got a, a big name, like CrowdStrike strategic investment. Tell us about that. >>Yeah, it's very exciting because CrowdStrike obviously is, you know, a major name in the security space and Vanta is a really leading the way in a lot of the compliance automation, but being able to sort of dip into that, that security space more and more having crowd strike behind us is huge. >>What is compliant? Compliance automation. Tell us more about what Vanta does. Yeah. >>So Vanta ultimately is a tool that gives you an automatic way to prepare for your SOC two audit or your ISO 27 0 1 audit or, you know, insert long list of dozens of standards we're working on here. But in the olden days you would provide a thousand screenshots to an auditor that proves that for the past year, past six months, you've been doing what you say you're doing, Banta just plugs directly into your systems and proves that evidence to them without the need for all of >>That. Okay. So software's a service and you yeah. Software charge monthly or okay. >>Yeah, something like that. >>Educate me if I'm cloud first or cloud only can't I just pull a SOC report off of AWS and send that to the auditors and say, here you go, >>That'll help. Right? Like if you, if you do that, if you're in AWS and you pull their, you know, I think their security hub, you can pull some of these controls in. Right. But the question is, what do you do then about your endpoints, right? What do you do about, Hey, did we off board everybody from all of the systems we have enabled, right? All of the SAS systems we use. And so what van does is we integrate with AWS, but we also integrate with every other system you're using, including your HR system and your identity provider, to make sure that, Hey, you know, all of these things are, are working in sync to ensure your compliance. So >>You're relatively new parent, but you ever, you know, the book, if you give a mouse, a cookie, you will, you will, the whole thing is you give a mouse, a cookie, and then 8 million things happen, all these other dependencies. And it goes around and around and around. Yes. He's gonna want some milk. Okay. I feel like it's the same thing in your world, right? I mean, there is, is, is there an end, when do you know you're done? >>Yeah. I mean, ultimately, you know, you're done when the O auditor hands you, your sock to report, you know, you have your at stage, you say, Hey, I'm sock too compliant. Or, you know, your ISO cert, but even then it's gonna keep going. Right. I think the tricky part is there are some key systems that you, you want to have, you know, your eyes on and you wanna be monitoring and making sure that Hey, in a year from now, when that audit happens, I'm not gonna be surprised at what they find. Right. And those are gonna be your cloud provider. Right. Those are gonna be your HR system telling you when people joined, when people left, and those are gonna be your identity provider and your endpoints, right. >>Are you guys obviously compliance experts? Is, is it really a matter of sort of codifying that expertise? Or is there a machine intelligence component involved, you know, discovery? How does it work? >>That's a great question, actually. And I think part of it is, you know, encoding that expertise in the product and making sure that, you know, there's not necessarily, you know, if you ask any given sock to auditor for like, Hey, what controls should I be using that you're gonna audit me against? And it's your job to come up with the control. So they'll provide you some, you know, their set, but it's gonna be different between them, right? The standard itself is not a list of controls, but what we can do is we can provide you that list of controls and say like, Hey, we've actually worked with a ton of auditors and they've worked with us and we can say, this is what you need to do to get started here. And then if you have custom controls to add later, you want you, you can do that. >>But so there's part of that's encoding the expertise, but then part of it is just understanding the world of, of the auditors enough that we can help guide you through it. Because, you know, like you said, you can go to AWS, you can get download a report, right. That says, look, I have, you know, these, so two controls past right now, but the question is, you know, you still have to then go hand that to an auditor, have conversations with them, get through all of their questions back to you. And that can get really, really in the weeds. So we have like teams of experts who sit on calls with auditors and customers and help them through this stuff when needed. Right. And hopefully it's not needed as much when you're, you know, automating most of it. So >>That's a, a component of your offering is, is a services capability. Is that part of the offering? Is that a for pay service? >>Yeah. So, you know, you have to talk to the sales team to understand how they bundle it all, but, you know, essentially we have these professional services teams and these partners that jump in, I think a lot of times it really is just, Hey, like the auditor asks this question. We don't know how to answer it. We'll send somebody to jump on, >>Let's jump on a call. Exactly. But if you need more intense, you >>Know, work services, then maybe that's available. Yeah. >>Okay. And, and is there a privacy aspect of your software? >>Yeah. So Vanta software does actually also support GDPR and CCPA to kind of help you. You know, it's hard to get your head around that stuff. You wanna talk about like encoding expertise, you know, having people inside Vanta who can talk through the product and say like, Hey, this is what we need to test for in a customer's environment. And this is what we need to point to that maybe, you know, you can't automatically test for, but we can give them some template policies or, or procedures for them to have in their company. And we can provide all of that to try to, to help you feel good about, Hey, we're, we're compliant with GDPR or we're compliant with CCPA and we're not gonna have problems here. And, >>And da is data, data sovereignty I presume is, is part of that. Like, >>You know, data sovereignty, man. I'm not the expert on data sovereignty. I'll tell you that. But I know that is definitely a part of that. I don't know, you know, how deep it goes when it comes to, you know, the requirements of any given company. >>Well, it's tricky because a lot of it hasn't been tested in the, in courts of law. That's just sort of guidelines there. Yeah. And then a lot of times you don't, how do you really know where the data is? Right. I mean, you kind of can infer it, but, >>And you can get real clever. You can start encrypting data that sits somewhere here, but you have the keys over here and say, no, no, no, the keys are in the right country. You know, that counts, >>Right. It gets real tricky. It's not really been tested that the logic of that, what are the hard parts of what you guys do and, and, and what makes you different from everybody else out there? >>Yeah. I mean, I think I'd say a couple things are, are really hard about what we do, right. One is maintaining good reputations with auditors because the goal is ultimately that an auditor sees Vanta and they say, okay, Vanta says that checkbox is checked. I don't have to worry about it. And that's where we are with so many auditors today. Right. But that wasn't like that in the beginning, in the beginning, it was, you know, Hey, we're showing you the code that actually looks and checks that box. Right. But the other hard part is just integrating with the long tail of systems that every customer needs, right? Like if you use a certain HR system and we don't support it, then that's gonna really dampen your value that you get outta the product. So the engineering challenges, maintaining a reliable set of both high quality tests and high quality integrations with these surfaces, >>What are the synergies with, with CrowdStrike kind of, you know, it's, maybe it seems obvious, but explain where you pick up and where they leave off. >>Yeah. I think that's a, that's a great point. So, you know, we have a very, like a very, a very simple agent that will run. If you need something on your laptop that says, Hey, look, this laptop, the disc is encrypted, right? The screen lock is set appropriately for my controls, right? So we have some, some basic capabilities it's based on OS query for, for those interested, but it's not a full fledged endpoint protection platform. Right. And that's where something like CrowdStrike can come in where we can integrate with them and say, okay, Hey, if you're ready to move on to something, that's, that's a little bit more full-fledged and a little bit more of a, you know, gonna protect you against malware and that sort of thing. Then you can move onto CrowdStrike and we can integrate directly with them and we can pull all the information we need and we can check all those boxes for you that say, Hey, you have appropriate malware protection, you have discs encrypted, you have whatever it may be. Right. We can pull that information from them. And we can also help you make sure that the people have access to CrowdStrike itself in your company are the right set of people. >>Who do you sell to, do you sell to the audit function within a company? Or do you sell directly to big auditors? Both. >>So it's, we're mainly selling to the whoever's responsible for getting that. So to getting that ISO, getting GDPR, you know, all these sorts of things at a company, right? So for a small business, right, a startup that's like two people could >>Be the developer >>Team. Exactly. We're selling either to the founders or developers or something like that. And we're saying, Hey, you don't wanna think about this at all. We can get you like 80% of the way there without having to send a single screenshot. And then there's like 20% of like, all right, we'll help you, you know, partner you with the right auditor. That's good for your company and, and get you over the line. But then as we go and we sell to a mid-market company, or, you know, even potentially an enterprise, we're talking to people who have very specific expertise in either security or compliance, who also don't wanna have to do all this manual work. >>And it's a pure SAS model. It runs in the cloud. How does it work? I just pointed at whatever software I want to, to, to, to get, you know, certified >>That's exactly right. It's, it's pure SAS. You go to, you know, the app do vanda.com. You log in and then you go to the integrations page, right. You're, you're starting fresh. And you say, okay, well, AWS, here's how you integrate AWS. Right? We use there assume role functionality and stuff like that to pull in, you know, read only data from AWS. And then you can also go to your Okta and you can say, okay, well, I can connect here through Okta, through, you know, an Okta app or I can connect to my Google through an oof that has the right permissions. So we try to just limit the amount of permissions we have or the scope of our, our, you know, roles. But really it's just, you know, it's all API based integrations that we then just pull the data. We need to prove that you're doing what you say you're doing all >>Well, Rob, congratulations on the funding and the activity here at, at CrowdStrike. Good show. So, you know, good luck to you in the future. >>Thank you very much. All right. >>You're very welcome. All right. Keep it right there, Dave. Valante for the cube. We'll be right back, but right after this strip break from Falcon 22, live from the area in Las Vegas,

>> It's no surprise that 73% of organizations indicate analytics spend will outpace other software investments in the next 12 to 18 months. After all, as we know, data is changing the world, and the world is changing with it. But is everyone's spending resulting in the same ROI? This is Lisa Martin. Welcome to the Cube's presentation of "Democratizing Analytics Across the Enterprise," made possible by Alteryx. An Alteryx-commissioned IDC InfoBrief entitled, Four Ways to Unlock Transformative Business Outcomes From Analytics Investments, found that 93% of organizations are not utilizing the analytics skills of their employees, which is creating a widening analytics gap. On this special Cube presentation, Jason Klein, Product Marketing Director of Alteryx, will join me to share key findings from the new Alteryx-commissioned IDC Brief, and uncover how enterprises can derive more value from their data. In our second segment, we'll hear from Alan Jacobson, Chief Data and Analytics Officer at Alteryx. He's going to discuss how organizations across all industries can accelerate their analytic maturity to drive transformational business outcomes. And then, in our final segment, Paula Hansen, who is the President and Chief Revenue Officer of Alteryx, and Jacqui Van der Leij-Greyling, who is the Global Head of Tax Technology at eBay, they'll join me. They're going to share how Alteryx is helping the global eCommerce company innovate with analytics. Let's get the show started. (upbeat music) Jason Klein joins me next, Product Marketing Director at Alteryx. Jason, welcome to the program. >> Hello, nice to be here. >> Excited to talk with you. What can you tell me about the new Alteryx IDC research which spoke with about 1500 leaders? What nuggets were in there? >> Well, as the business landscape changes over the next 12 to 18 months, we're going to see that analytics is going to be a key component to navigating this change. 73% of the orgs indicated that analytics spend will outpace other software investments. But just putting more money towards technology, it isn't going to solve everything. And this is why everyone's spending is resulting in different ROIs. And one of the reasons for this gap is because 93% of organizations, they're still not fully using the analytics skills of their employees. And this widening analytics gap, it's threatening operational progress by wasting workers' time, harming business productivity, and introducing costly errors. So in this research, we developed a framework of enterprise analytics proficiency that helps organizations reap greater benefits from their investments. And we based this framework on the behaviors of organizations that saw big improvements across financial, customer, and employee metrics. And we're able to focus on the behaviors driving higher ROI. >> So the InfoBrief also revealed that nearly all organizations are planning to increase their analytics spend. And it looks like from the InfoBrief that nearly three quarters plan on spending more on analytics than any other software. And can you unpack what's driving this demand, this need for analytics across organizations? >> Sure, well, first, there's more data than ever before. The data's changing the world, and the world is changing data. Enterprises across the world, they're accelerating digital transformation to capitalize on new opportunities, to grow revenue, to increase margins, and to improve customer experiences. And analytics, along with automation and AI, is what's making digital transformation possible. They're providing the fuel to new digitally enabled lines of business. >> One of the things that the study also showed was that not all analytics spending is resulting in the same ROI. What are some of the discrepancies that the InfoBrief uncovered with respect to the the changes in ROI that organizations are achieving? >> Our research with IDC revealed significant roadblocks across people, processes, and technologies. They're preventing companies from reaping greater benefits from their investments. So for example, on the people side, only one out of five organizations reported a commensurate investment in upskilling for analytics and data literacy, as compared to the technology itself. And next, while data is everywhere, most organizations, 63%, from our survey, are still not using the full breadth of data types available. Yet, data's never been this prolific. It's going to continue to grow, and orgs should be using it to their advantage. And lastly, organizations, they need to provide the right analytics tools to help everyone unlock the power of data. They instead rely on outdated spreadsheet technology. In our survey, 9 out of 10 respondents said less than half of their knowledge workers are active users of analytics software beyond spreadsheets. But true analytic transformation can't happen for an organization in a few select pockets or silos. We believe everyone, regardless of skill level, should be able to participate in the data and analytics process and be driving value. >> Should we retake that, since I started talking over Jason accidentally? >> Yep, absolutely, you can do so. Yep, we'll go back to Lisa's question. Let's retake the question and the answer. >> That'll be not all analog spending results in the same ROI. What are some of the discrepancies? >> Yes, Lisa, so we'll go from your ISO, just so we can get that clean question and answer. >> Okay. >> Thank you for that. on your ISO, we're still speeding, Lisa. So give it a beat in your head, and then on you. >> Yet not all analytics spending is resulting in the same ROI. So, what are some of the discrepancies that the InfoBrief uncovered with respect to ROI? >> Well, our research with IDC revealed significant roadblocks across people, processes and technologies, all preventing companies from reaping greater benefits from their investments. So on the people side, for example, only one out of five organizations reported a commensurate investment in upskilling for analytics and data literacy as compared to the technology itself. And next, while data is everywhere, most organizations, 63% in our survey, are still not using the full breadth of data types available. Data has never been this prolific. It's going to continue to grow, and orgs should be using it to their advantage. And lastly, organizations, they need to provide the right analytic tools to help everyone unlock the power of data, yet instead, they're relying on outdated spreadsheet technology. Nine out of 10 survey respondents said that less than half of their knowledge workers are active users of analytics software. True analytics transformation can't happen for an organization in a few select pockets or silos. We believe everyone, regardless of skill level, should be able to participate in the data and analytics process and drive value. >> So if I look at this holistically then, what would you say organizations need to do to make sure that they're really deriving value from their investments in analytics? >> Yeah, sure. So overall, the enterprises that derive more value from their data and analytics and achieved more ROI, they invested more aggressively in the four dimensions of enterprise analytics proficiency. So they've invested in the comprehensiveness of analytics, across all data sources and data types, meaning they're applying analytics to everything. They've invested in the flexibility of analytics across deployment scenarios and departments, meaning they're putting analytics everywhere. They've invested in the ubiquity of analytics and insights for every skill level, meaning they're making analytics for everyone. And they've invested in the usability of analytics software, meaning they're prioritizing easy technology to accelerate analytics democratization. >> So very strategic investments. Did the survey uncover any specific areas where most companies are falling short, like any black holes that organizations need to be aware of at the outset? >> It did. It did. So organizations, they need to build a data-centric culture. And this begins with people. But what the survey told us is that the people aspect of analytics is the most heavily skewed towards low proficiency. In order to maximize ROI, organizations need to make sure everyone in the organization has access to the data and analytics technology they need. And then the organizations also have to align their investments with upskilling in data literacy to enjoy that higher ROI. Companies who did so experience higher ROI than companies who underinvested in analytics literacy. So among the high ROI achievers, 78% have a good or great alignment between analytics investment and workforce upskilling compared to only 64% among those without positive ROI. And as more orgs adopt cloud data warehouses or cloud data lakes, in order to manage the massively increasing workloads. Can I start that one over? Can I redo this one? >> Sure. >> Yeah >> Of course. Stand by. >> Tongue tied. >> Yep. No worries. >> One second. >> If we could get, if we could do the same, Lisa, just have a clean break. We'll go to your question. Yep. >> Yeah. >> On you Lisa. Just give that a count and whenever you're ready, here, I'm going to give us a little break. On you Lisa. >> So are there any specific areas that the survey uncovered where most companies are falling short? Like any black holes organizations need to be aware of from the outset? >> It did. You need to build a data-centric culture, and this begins with people. But we found that the people aspect of analytics is most heavily skewed towards low proficiency. In order to maximize ROI, organizations need to make sure everyone has access to the data and analytics technology they need. Organizations that align their analytics investments with upskilling enjoy higher ROI than orgs that are less aligned. For example, among the high ROI achievers in our survey, 78% had good or great alignment between analytics investments and workforce upskilling, compared to only 64% among those without positive ROI. And as more enterprises adopt cloud data warehouses or cloud data lakes to manage increasingly massive data sets, analytics needs to exist everywhere, especially for those cloud environments. And what we found is organizations that use more data types and more data sources generate higher ROI from their analytics investments. Among those with improved customer metrics, 90% were good or great at utilizing all data sources compared to only 67% among the ROI laggards. >> So interesting that you mentioned people. I'm glad that you mentioned people. Data scientists, everybody talks about data scientists. They're in high demand. We know that, but there aren't enough to meet the needs of all enterprises. So given that discrepancy, how can organizations fill the gap and really maximize the investments that they're making in analytics? >> Right. So analytics democratization, it's no longer optional, but it doesn't have to be complex. So we at Alteryx, we're democratizing analytics by empowering every organization to upskill every worker into a data worker. And the data from this survey shows this is the optimal approach. Organizations with a higher percentage of knowledge workers who are actively using analytics software enjoy higher returns from their analytics investment than orgs still stuck on spreadsheets. Among those with improved financial metrics, AKA the high ROI achievers, nearly 70% say that at least a quarter of their knowledge workers are using analytics software other than spreadsheets compared to only 56% in the low ROI group. Also, among the high ROI performers, 63% said data and analytic workers collaborate well or extremely well, compared to only 51% in the low ROI group. The data from the survey shows that supporting more business domains with analytics and providing cross-functional analytics correlates with higher ROI. So to maximize ROI, orgs should be transitioning workers from spreadsheets to analytics software. They should be letting them collaborate effectively, and letting them do so cross-functionally >> Yeah, that cross-functional collaboration is essential for anyone in any organization and in any discipline. Another key thing that jumped out from the survey was around shadow IT. The business side is using more data science tools than the IT side, and is expected to spend more on analytics than other IT. What risks does this present to the overall organization? If IT and the lines of business guys and gals aren't really aligned? >> Well, there needs to be better collaboration and alignment between IT and the line of business. The data from the survey, however, shows that business managers, they're expected to spend more on analytics and use more analytics tools than IT is aware of. And this is because the lines of business have recognized the value of analytics and plan to invest accordingly. But a lack of alignment between IT and business, this will negatively impact governance, which ultimately impedes democratization and hence, ROI. >> So Jason, where can organizations that are maybe at the outset of their analytics journey, or maybe they're in environments where there's multiple analytics tools across shadow IT, where can they go to Alteryx to learn more about how they can really simplify, streamline, and dial up the value on their investment? >> Well, they can learn more, you know, on our website. I also encourage them to explore the Alteryx community, which has lots of best practices, not just in terms of how you do the analytics, but how you stand up an Alteryx environment. But also to take a look at your analytics stack, and prioritize technologies that can snap to and enhance your organization's governance posture. It doesn't have to change it, but it should be able to align to and enhance it. >> And of course, as you mentioned, it's about people, process and technologies. Jason, thank you so much for joining me today, unpacking the IDC InfoBrief and the great nuggets in there. Lots that organizations can learn, and really become empowered to maximize their analytics investments. We appreciate your time. >> Thank you. It's been a pleasure. >> In a moment, Alan Jacobson, who's the Chief Data and Analytics Officer at Alteryx, is going to join me. He's going to be here to talk about how organizations across all industries can accelerate their analytic maturity to drive transformational business outcomes. You're watching the Cube, the leader in tech enterprise coverage. (gentle music)

>> It's no surprise that 73% of organizations indicate analytics spend will outpace other software investments in the next 12 to 18 months. After all as we know, data is changing the world and the world is changing with it. But is everyone's spending resulting in the same ROI? This is Lisa Martin. Welcome to "theCUBE"'s presentation of democratizing analytics across the enterprise, made possible by Alteryx. An Alteryx commissioned IDC info brief entitled, "Four Ways to Unlock Transformative Business Outcomes from Analytics Investments" found that 93% of organizations are not utilizing the analytics skills of their employees, which is creating a widening analytics gap. On this special "CUBE" presentation, Jason Klein, product marketing director of Alteryx, will join me to share key findings from the new Alteryx commissioned IDC brief and uncover how enterprises can derive more value from their data. In our second segment, we'll hear from Alan Jacobson, chief data and analytics officer at Alteryx. He's going to discuss how organizations across all industries can accelerate their analytic maturity to drive transformational business outcomes. And then in our final segment, Paula Hansen, who is the president and chief revenue officer of Alteryx, and Jacqui Van der Leij Greyling, who is the global head of tax technology at eBay, they'll join me. They're going to share how Alteryx is helping the global eCommerce company innovate with analytics. Let's get the show started. (upbeat music) Jason Klein joins me next, product marketing director at Alteryx. Jason, welcome to the program. >> Hello, nice to be here. >> Excited to talk with you. What can you tell me about the new Alteryx IDC research, which spoke with about 1500 leaders, what nuggets were in there? >> Well, as the business landscape changes over the next 12 to 18 months, we're going to see that analytics is going to be a key component to navigating this change. 73% of the orgs indicated that analytics spend will outpace other software investments. But just putting more money towards technology, it isn't going to solve everything. And this is why everyone's spending is resulting in different ROIs. And one of the reasons for this gap is because 93% of organizations, they're still not fully using the analytics skills of their employees, and this widening analytics gap, it's threatening operational progress by wasting workers' time, harming business productivity and introducing costly errors. So in this research, we developed a framework of enterprise analytics proficiency that helps organizations reap greater benefits from their investments. And we based this framework on the behaviors of organizations that saw big improvements across financial, customer, and employee metrics, and we're able to focus on the behaviors driving higher ROI. >> So the info brief also revealed that nearly all organizations are planning to increase their analytics spend. And it looks like from the info brief that nearly three quarters plan on spending more on analytics than any other software. And can you unpack, what's driving this demand, this need for analytics across organizations? >> Sure, well first there's more data than ever before, the data's changing the world, and the world is changing data. Enterprises across the world, they're accelerating digital transformation to capitalize on new opportunities, to grow revenue, to increase margins and to improve customer experiences. And analytics along with automation and AI is what's making digital transformation possible. They're providing the fuel to new digitally enabled lines of business. >> One of the things that the study also showed was that not all analytics spending is resulting in the same ROI. What are some of the discrepancies that the info brief uncovered with respect to the changes in ROI that organizations are achieving? >> Our research with IDC revealed significant roadblocks across people, processes, and technologies. They're preventing companies from reaping greater benefits from their investments. So for example, on the people side, only one out of five organizations reported a commensurate investment in upskilling for analytics and data literacy as compared to the technology itself. And next, while data is everywhere, most organizations, 63% from our survey, are still not using the full breadth of data types available. Yet data's never been this prolific, it's going to continue to grow, and orgs should be using it to their advantage. And lastly organizations, they need to provide the right analytics tools to help everyone unlock the power of data. >> So they- >> They instead rely on outdated spreadsheet technology. In our survey, nine out of 10 respondents said less than half of their knowledge workers are active users of analytics software beyond spreadsheets. But true analytic transformation can't happen for an organization in a few select pockets or silos. We believe everyone regardless of skill level should be able to participate in the data and analytics process and be driving value. >> Should we retake that, since I started talking over Jason accidentally? >> Yep, absolutely we can do so. We'll just go, yep, we'll go back to Lisa's question. Let's just, let's do the, retake the question and the answer, that'll be able to. >> It'll be not all analytics spending results in the same ROI, what are some of the discrepancies? >> Yes, Lisa, so we'll go from your ISO, just so we get that clean question and answer. >> Okay. >> Thank you for that. On your ISO, we're still speeding, Lisa, so give it a beat in your head and then on you. >> Yet not all analytics spending is resulting in the same ROI. So what are some of the discrepancies that the info brief uncovered with respect to ROI? >> Well, our research with IDC revealed significant roadblocks across people, processes, and technologies, all preventing companies from reaping greater benefits from their investments. So on the people side, for example, only one out of five organizations reported a commensurate investment in upskilling for analytics and data literacy as compared to the technology itself. And next, while data is everywhere, most organizations, 63% in our survey, are still not using the full breadth of data types available. Data has never been this prolific. It's going to continue to grow and orgs should be using it to their advantage. And lastly, organizations, they need to provide the right analytic tools to help everyone unlock the power of data, yet instead they're relying on outdated spreadsheet technology. Nine of 10 survey respondents said that less than half of their knowledge workers are active users of analytics software. True analytics transformation can't happen for an organization in a few select pockets or silos. We believe everyone regardless of skill level should be able to participate in the data and analytics process and drive value. >> So if I look at this holistically, then what would you say organizations need to do to make sure that they're really deriving value from their investments in analytics? >> Yeah, sure. So overall, the enterprises that derive more value from their data and analytics and achieve more ROI, they invested more aggressively in the four dimensions of enterprise analytics proficiency. So they've invested in the comprehensiveness of analytics across all data sources and data types, meaning they're applying analytics to everything. They've invested in the flexibility of analytics across deployment scenarios and departments, meaning they're putting analytics everywhere. They've invested in the ubiquity of analytics and insights for every skill level, meaning they're making analytics for everyone. And they've invested in the usability of analytics software, meaning they're prioritizing easy technology to accelerate analytics democratization. >> So very strategic investments. Did the survey uncover any specific areas where most companies are falling short, like any black holes that organizations need to be aware of at the outset? >> It did, it did. So organizations, they need to build a data-centric culture. And this begins with people. But what the survey told us is that the people aspect of analytics is the most heavily skewed towards low proficiency. In order to maximize ROI, organizations need to make sure everyone in the organization has access to the data and analytics technology they need. And then the organizations also have to align their investments with upskilling in data literacy to enjoy that higher ROI. Companies who did so experience higher ROI than companies who underinvested in analytics literacy. So among the high ROI achievers, 78% have a good or great alignment between analytics investment and workforce upskilling compared to only 64% among those without positive ROI. And as more orgs adopt cloud data warehouses or cloud data lakes, in order to manage the massively increasing workloads- Can I start that one over. >> Sure. >> Can I redo this one? >> Yeah. >> Of course, stand by. >> Tongue tied. >> Yep, no worries. >> One second. >> If we could do the same, Lisa, just have a clean break, we'll go your question. >> Yep, yeah. >> On you Lisa. Just give that a count and whenever you're ready. Here, I'm going to give us a little break. On you Lisa. >> So are there any specific areas that the survey uncovered where most companies are falling short? Like any black holes organizations need to be aware of from the outset? >> It did. You need to build a data-centric culture and this begins with people, but we found that the people aspect of analytics is most heavily skewed towards low proficiency. In order to maximize ROI organizations need to make sure everyone has access to the data and analytics technology they need. Organizations that align their analytics investments with upskilling enjoy higher ROI than orgs that are less aligned. For example, among the high ROI achievers in our survey, 78% had good or great alignment between analytics investments and workforce upskilling, compared to only 64% among those without positive ROI. And as more enterprises adopt cloud data warehouses or cloud data lakes to manage increasingly massive data sets, analytics needs to exist everywhere, especially for those cloud environments. And what we found is organizations that use more data types and more data sources generate higher ROI from their analytics investments. Among those with improved customer metrics, 90% were good or great at utilizing all data sources, compared to only 67% among the ROI laggards. >> So interesting that you mentioned people, I'm glad that you mentioned people. Data scientists, everybody talks about data scientists. They're in high demand, we know that, but there aren't enough to meet the needs of all enterprises. So given that discrepancy, how can organizations fill the gap and really maximize the investments that they're making in analytics? >> Right, so analytics democratization, it's no longer optional, but it doesn't have to be complex. So we at Alteryx, we're democratizing analytics by empowering every organization to upskill every worker into a data worker. And the data from this survey shows this is the optimal approach. Organizations with a higher percentage of knowledge workers who are actively using analytics software enjoy higher returns from their analytics investment than orgs still stuck on spreadsheets. Among those with improved financial metrics, AKA the high ROI achievers, nearly 70% say that at least a quarter of their knowledge workers are using analytics software other than spreadsheets compared to only 56% in the low ROI group. Also among the high ROI performers, 63% said data and analytic workers collaborate well or extremely well compared to only 51% in the low ROI group. The data from the survey shows that supporting more business domains with analytics and providing cross-functional analytics correlates with higher ROI. So to maximize ROI, orgs should be transitioning workers from spreadsheets to analytics software. They should be letting them collaborate effectively and letting them do so cross-functionally. >> Yeah, that cross-functional collaboration is essential for anyone in any organization and in any discipline. Another key thing that jumped out from the survey was around shadow IT. The business side is using more data science tools than the IT side. And it's expected to spend more on analytics than other IT. What risks does this present to the overall organization, if IT and the lines of business guys and gals aren't really aligned? >> Well, there needs to be better collaboration and alignment between IT and the line of business. The data from the survey, however, shows that business managers, they're expected to spend more on analytics and use more analytics tools than IT is aware of. And this isn't because the lines of business have recognized the value of analytics and plan to invest accordingly, but a lack of alignment between IT and business. This will negatively impact governance, which ultimately impedes democratization and hence ROI. >> So Jason, where can organizations that are maybe at the outset of their analytics journey, or maybe they're in environments where there's multiple analytics tools across shadow IT, where can they go to Alteryx to learn more about how they can really simplify, streamline, and dial up the value on their investment? >> Well, they can learn more on our website. I also encourage them to explore the Alteryx community, which has lots of best practices, not just in terms of how you do the analytics, but how you stand up in Alteryx environment, but also to take a look at your analytics stack and prioritize technologies that can snap to and enhance your organization's governance posture. It doesn't have to change it, but it should be able to align to and enhance it. >> And of course, as you mentioned, it's about people, process, and technologies. Jason, thank you so much for joining me today, unpacking the IDC info brief and the great nuggets in there. Lots that organizations can learn and really become empowered to maximize their analytics investments. We appreciate your time. >> Thank you, it's been a pleasure. >> In a moment, Alan Jacobson, who's the chief data and analytics officer at Alteryx is going to join me. He's going to be here to talk about how organizations across all industries can accelerate their analytic maturity to drive transformational business outcomes. You're watching "theCUBE", the leader in tech enterprise coverage. >> Somehow many have come to believe that data analytics is for the few, for the scientists, the PhDs, the MBAs. Well, it is for them, but that's not all. You don't have to have an advanced degree to do amazing things with data. You don't even have to be a numbers person. You can be just about anything. A titan of industry or a future titan of industry. You could be working to change the world, your neighborhood, or the course of your business. You can be saving lives or just looking to save a little time. The power of data analytics shouldn't be limited to certain job titles or industries or organizations because when more people are doing more things with data, more incredible things happen. Analytics makes us smarter and faster and better at what we do. It's practically a superpower. That's why we believe analytics is for everyone, and everything, and should be everywhere. That's why we believe in analytics for all. (upbeat music) >> Hey, everyone. Welcome back to "Accelerating Analytics Maturity". I'm your host, Lisa Martin. Alan Jacobson joins me next. The chief of data and analytics officer at Alteryx. Alan, it's great to have you on the program. >> Thanks, Lisa. >> So Alan, as we know, everyone knows that being data driven is very important. It's a household term these days, but 93% of organizations are not utilizing the analytics skills of their employees, which is creating a widening analytics gap. What's your advice, your recommendations for organizations who are just starting out with analytics? >> You're spot on, many organizations really aren't leveraging the full capability of their knowledge workers. And really the first step is probably assessing where you are on the journey, whether that's you personally, or your organization as a whole. We just launched an assessment tool on our website that we built with the International Institute of Analytics, that in a very short period of time, in about 15 minutes, you can go on and answer some questions and understand where you sit versus your peer set versus competitors and kind of where you are on the journey. >> So when people talk about data analytics, they often think, ah, this is for data science experts like people like you. So why should people in the lines of business like the finance folks, the marketing folks, why should they learn analytics? >> So domain experts are really in the best position. They know where the gold is buried in their companies. They know where the inefficiencies are. And it is so much easier and faster to teach a domain expert a bit about how to automate a process or how to use analytics than it is to take a data scientist and try to teach them to have the knowledge of a 20 year accounting professional or a logistics expert of your company. Much harder to do that. And really, if you think about it, the world has changed dramatically in a very short period of time. If you were a marketing professional 30 years ago, you likely didn't need to know anything about the internet, but today, do you know what you would call that marketing professional if they didn't know anything about the internet, probably unemployed or retired. And so knowledge workers are having to learn more and more skills to really keep up with their professions. And analytics is really no exception. Pretty much in every profession, people are needing to learn analytics to stay current and be capable for their companies. And companies need people who can do that. >> Absolutely, it seems like it's table stakes these days. Let's look at different industries now. Are there differences in how you see analytics in automation being employed in different industries? I know Alteryx is being used across a lot of different types of organizations from government to retail. I also see you're now with some of the leading sports teams. Any differences in industries? >> Yeah, there's an incredible actually commonality between the domains industry to industry. So if you look at what an HR professional is doing, maybe attrition analysis, it's probably quite similar, whether they're in oil and gas or in a high tech software company. And so really the similarities are much larger than you might think. And even on the sports front, we see many of the analytics that sports teams perform are very similar. So McLaren is one of the great partners that we work with and they use Alteryx across many areas of their business from finance to production, extreme sports, logistics, wind tunnel engineering, the marketing team analyzes social media data, all using Alteryx, and if I take as an example, the finance team, the finance team is trying to optimize the budget to make sure that they can hit the very stringent targets that F1 Sports has, and I don't see a ton of difference between the optimization that they're doing to hit their budget numbers and what I see Fortune 500 finance departments doing to optimize their budget, and so really the commonality is very high, even across industries. >> I bet every Fortune 500 or even every company would love to be compared to the same department within McLaren F1. Just to know that wow, what they're doing is so incredibly important as is what we're doing. >> So talk- >> Absolutely. >> About lessons learned, what lessons can business leaders take from those organizations like McLaren, who are the most analytically mature? >> Probably first and foremost, is that the ROI with analytics and automation is incredibly high. Companies are having a ton of success. It's becoming an existential threat to some degree, if your company isn't going on this journey and your competition is, it can be a huge problem. IDC just did a recent study about how companies are unlocking the ROI using analytics. And the data was really clear, organizations that have a higher percentage of their workforce using analytics are enjoying a much higher return from their analytic investment, and so it's not about hiring two double PhD statisticians from Oxford. It really is how widely you can bring your workforce on this journey, can they all get 10% more capable? And that's having incredible results at businesses all over the world. An another key finding that they had is that the majority of them said that when they had many folks using analytics, they were going on the journey faster than companies that didn't. And so picking technologies that'll help everyone do this and do this fast and do it easily. Having an approachable piece of software that everyone can use is really a key. >> So faster, able to move faster, higher ROI. I also imagine analytics across the organization is a big competitive advantage for organizations in any industry. >> Absolutely the IDC, or not the IDC, the International Institute of Analytics showed huge correlation between companies that were more analytically mature versus ones that were not. They showed correlation to growth of the company, they showed correlation to revenue and they showed correlation to shareholder values. So across really all of the key measures of business, the more analytically mature companies simply outperformed their competition. >> And that's key these days, is to be able to outperform your competition. You know, one of the things that we hear so often, Alan, is people talking about democratizing data and analytics. You talked about the line of business workers, but I got to ask you, is it really that easy for the line of business workers who aren't trained in data science to be able to jump in, look at data, uncover and extract business insights to make decisions? >> So in many ways, it really is that easy. I have a 14 and 16 year old kid. Both of them have learned Alteryx, they're Alteryx certified and it was quite easy. It took 'em about 20 hours and they were off to the races, but there can be some hard parts. The hard parts have more to do with change management. I mean, if you're an accountant that's been doing the best accounting work in your company for the last 20 years, and all you happen to know is a spreadsheet for those 20 years, are you ready to learn some new skills? And I would suggest you probably need to, if you want to keep up with your profession. The big four accounting firms have trained over a hundred thousand people in Alteryx. Just one firm has trained over a hundred thousand. You can't be an accountant or an auditor at some of these places without knowing Alteryx. And so the hard part, really in the end, isn't the technology and learning analytics and data science, the harder part is this change management, change is hard. I should probably eat better and exercise more, but it's hard to always do that. And so companies are finding that that's the hard part. They need to help people go on the journey, help people with the change management to help them become the digitally enabled accountant of the future, the logistics professional that is E enabled, that's the challenge. >> That's a huge challenge. Cultural shift is a challenge, as you said, change management. How do you advise customers if you might be talking with someone who might be early in their analytics journey, but really need to get up to speed and mature to be competitive, how do you guide them or give them recommendations on being able to facilitate that change management? >> Yeah, that's a great question. So people entering into the workforce today, many of them are starting to have these skills. Alteryx is used in over 800 universities around the globe to teach finance and to teach marketing and to teach logistics. And so some of this is happening naturally as new workers are entering the workforce, but for all of those who are already in the workforce, have already started their careers, learning in place becomes really important. And so we work with companies to put on programmatic approaches to help their workers do this. And so it's, again, not simply putting a box of tools in the corner and saying free, take one. We put on hackathons and analytic days, and it can be great fun. We have a great time with many of the customers that we work with, helping them do this, helping them go on the journey, and the ROI, as I said, is fantastic. And not only does it sometimes affect the bottom line, it can really make societal changes. We've seen companies have breakthroughs that have really made great impact to society as a whole. >> Isn't that so fantastic, to see the difference that that can make. It sounds like you guys are doing a great job of democratizing access to Alteryx to everybody. We talked about the line of business folks and the incredible importance of enabling them and the ROI, the speed, the competitive advantage. Can you share some specific examples that you think of Alteryx customers that really show data breakthroughs by the lines of business using the technology? >> Yeah, absolutely, so many to choose from. I'll give you two examples quickly. One is Armor Express. They manufacture life saving equipment, defensive equipments, like armor plated vests, and they were needing to optimize their supply chain, like many companies through the pandemic. We see how important the supply chain is. And so adjusting supply to match demand is really vital. And so they've used Alteryx to model some of their supply and demand signals and built a predictive model to optimize the supply chain. And it certainly helped out from a dollar standpoint. They cut over a half a million dollars of inventory in the first year, but more importantly, by matching that demand and supply signal, you're able to better meet customer demand. And so when people have orders and are looking to pick up a vest, they don't want to wait. And it becomes really important to get that right. Another great example is British Telecom. They're a company that services the public sector. They have very strict reporting regulations that they have to meet and they had, and this is crazy to think about, over 140 legacy spreadsheet models that they had to run to comply with these regulatory processes and report, and obviously running 140 legacy models that had to be done in a certain order and length, incredibly challenging. It took them over four weeks each time that they had to go through that process. And so to save time and have more efficiency in doing that, they trained 50 employees over just a two week period to start using Alteryx and learn Alteryx. And they implemented an all new reporting process that saw a 75% reduction in the number of man hours it took to run in a 60% run time performance. And so, again, a huge improvement. I can imagine it probably had better quality as well, because now that it was automated, you don't have people copying and pasting data into a spreadsheet. And that was just one project that this group of folks were able to accomplish that had huge ROI, but now those people are moving on and automating other processes and performing analytics in other areas. So you can imagine the impact by the end of the year that they will have on their business, potentially millions upon millions of dollars. And this is what we see again and again, company after company, government agency after government agency, is how analytics are really transforming the way work is being done. >> That was the word that came to mind when you were describing the all three customer examples, transformation, this is transformative. The ability to leverage Alteryx, to truly democratize data and analytics, give access to the lines of business is transformative for every organization. And also the business outcome you mentioned, those are substantial metrics based business outcomes. So the ROI in leveraging a technology like Alteryx seems to be right there, sitting in front of you. >> That's right, and to be honest, it's not only important for these businesses. It's important for the knowledge workers themselves. I mean, we hear it from people that they discover Alteryx, they automate a process, they finally get to get home for dinner with their families, which is fantastic, but it leads to new career paths. And so knowledge workers that have these added skills have so much larger opportunity. And I think it's great when the needs of businesses to become more analytic and automate processes actually matches the needs of the employees, and they too want to learn these skills and become more advanced in their capabilities. >> Huge value there for the business, for the employees themselves to expand their skillset, to really open up so many opportunities for not only the business to meet the demands of the demanding customer, but the employees to be able to really have that breadth and depth in their field of service. Great opportunities there, Alan. Is there anywhere that you want to point the audience to go to learn more about how they can get started? >> Yeah, so one of the things that we're really excited about is how fast and easy it is to learn these tools. So any of the listeners who want to experience Alteryx, they can go to the website, there's a free download on the website. You can take our analytic maturity assessment, as we talked about at the beginning, and see where you are on the journey and just reach out. We'd love to work with you and your organization to see how we can help you accelerate your journey on analytics and automation. >> Alan, it was a pleasure talking to you about democratizing data and analytics, the power in it for organizations across every industry. We appreciate your insights and your time. >> Thank you so much. >> In a moment, Paula Hansen, who is the president and chief revenue officer of Alteryx, and Jacqui Van der Leij Greyling, who's the global head of tax technology at eBay, will join me. You're watching "theCUBE", the leader in high tech enterprise coverage. >> 1200 hours of wind tunnel testing, 30 million race simulations, 2.4 second pit stops. >> Make that 2.3. >> Sector times out the wazoo. >> Way too much of this. >> Velocities, pressures, temperatures, 80,000 components generating 11.8 billion data points and one analytics platform to make sense of it all. When McLaren needs to turn complex data into winning insights, they turn to Alteryx. Alteryx, analytics automation. (upbeat music) >> Hey, everyone, welcome back to the program. Lisa Martin here, I've got two guests joining me. Please welcome back to "theCUBE" Paula Hansen, the chief revenue officer and president at Alteryx, and Jacqui Van der Leij Greyling joins us as well, the global head of tax technology at eBay. They're going to share with you how Alteryx is helping eBay innovate with analytics. Ladies, welcome, it's great to have you both on the program. >> Thank you, Lisa, it's great to be here. >> Yeah, Paula, we're going to start with you. In this program, we've heard from Jason Klein, we've heard from Alan Jacobson. They talked about the need to democratize analytics across any organization to really drive innovation. With analytics, as they talked about, at the forefront of software investments, how's Alteryx helping its customers to develop roadmaps for success with analytics? >> Well, thank you, Lisa. It absolutely is about our customers' success. And we partner really closely with our customers to develop a holistic approach to their analytics success. And it starts of course with our innovative technology and platform, but ultimately we help our customers to create a culture of data literacy and analytics from the top of the organization, starting with the C-suite. And we partner with our customers to build their roadmaps for scaling that culture of analytics, through things like enablement programs, skills assessments, hackathons, setting up centers of excellence to help their organization scale and drive governance of this analytics capability across the enterprise. So at the end of the day, it's really about helping our customers to move up their analytics maturity curve with proven technologies and best practices, so they can make better business decisions and compete in their respective industries. >> Excellent, sounds like a very strategic program, we're going to unpack that. Jacqui, let's bring you into the conversation. Speaking of analytics maturity, one of the things that we talked about in this event is the IDC report that showed that 93% of organizations are not utilizing the analytics skills of their employees, but then there's eBay. How Jacqui did eBay become one of the 7% of organizations who's really maturing and how are you using analytics across the organization at eBay? >> So I think the main thing for us is when we started out was is that, our, especially in finance, they became spreadsheet professionals instead of the things that we really want our employees to add value to. And we realized we had to address that. And we also knew we couldn't wait for all our data to be centralized until we actually start using the data or start automating and being more effective. So ultimately we really started very, very actively embedding analytics in our people and our data and our processes. >> Starting with people is really critical. Jacqui, continuing with you, what were some of the roadblocks to analytics adoption that you faced and how did you overcome them? >> So I think eBay is a very data driven company. We have a lot of data. I think we are 27 years around this year, so we have the data, but it is everywhere. And how do you use that data? How do you use it efficiently? How do you get to the data? And I believe that that is definitely one of our biggest roadblocks when we started out and just finding those data sources and finding ways to connect to them to move forward. The other thing is that people were experiencing a lot of frustration. I mentioned before about the spreadsheet professionals. And there was no, we were not independent. You couldn't move forward, you would've put it on somebody else's roadmap to get the data and to get the information if you want it. So really finding something that everybody could access analytics or access data. And finally we have to realize is that this is uncharted territory. This is not exactly something that everybody is used to working with every day. So how do you find something that is easy, and that is not so daunting on somebody who's brand new to the field? And I would call those out as your major roadblocks, because you always have, not always, but most of the times you have support from the top, and in our case we have, but at the end of the day, it's our people that need to actually really embrace it, and making that accessible for them, I would say is definitely not per se, a roadblock, but basically a block you want to be able to move. >> It's really all about putting people first. Question for both of you, and Paula we'll start with you, and then Jacqui we'll go to you. I think the message in this program that the audience is watching with us is very clear. Analytics is for everyone, should be for everyone. Let's talk now about how both of your organizations are empowering people, those in the organization that may not have technical expertise to be able to leverage data, so that they can actually be data driven. Paula. >> Yes, well, we leverage our platform across all of our business functions here at Alteryx. And just like Jacqui explained, at eBay finance is probably one of the best examples of how we leverage our own platform to improve our business performance. So just like Jacqui mentioned, we have this huge amount of data flowing through our enterprise and the opportunity to leverage that into insights and analytics is really endless. So our CFO Kevin Rubin has been a key sponsor for using our own technology. We use Alteryx for forecasting all of our key performance metrics, for business planning, across our audit function, to help with compliance and regulatory requirements, tax, and even to close our books at the end of each quarter. So it's really going to remain across our business. And at the end of the day, it comes to how do you train users? How do you engage users to lean into this analytic opportunity to discover use cases? And so one of the other things that we've seen many companies do is to gamify that process, to build a game that brings users into the experience for training and to work with each other, to problem solve and along the way, maybe earn badges depending on the capabilities and trainings that they take. And just have a little healthy competition as an employee base around who can become more sophisticated in their analytic capability. So I think there's a lot of different ways to do it. And as Jacqui mentioned, it's really about ensuring that people feel comfortable, that they feel supported, that they have access to the training that they need, and ultimately that they are given both the skills and the confidence to be able to be a part of this great opportunity of analytics. >> That confidence is key. Jacqui, talk about some of the ways that you're empowering folks without that technical expertise to really be data driven. >> Yeah, I think it means to what Paula has said in terms of getting people excited about it, but it's also understanding that this is a journey and everybody is at a different place in their journey. You have folks that's already really advanced who has done this every day. And then you have really some folks that this is brand new or maybe somewhere in between. And it's about how you get everybody in their different phases to get to the initial destination. I say initial, because I believe a journey is never really complete. What we have done is that we decided to invest, and built a proof of concept, and we got our CFO to sponsor a hackathon. We opened it up to everybody in finance in the middle of the pandemic. So everybody was on Zoom and we told people, listen, we're going to teach you this tool, it's super easy, and let's just see what you can do. We ended up having 70 entries. We had only three weeks. So and these are people that do not have a background. They are not engineers, they're not data scientists. And we ended up with a 25,000 hour savings at the end of that hackathon from the 70 entries with people that have never, ever done anything like this before. And there you have the result. And then it just went from there. People had a proof of concept. They knew that it worked and they overcame the initial barrier of change. And that's where we are seeing things really, really picking up now. >> That's fantastic. And the business outcome that you mentioned there, the business impact is massive, helping folks get that confidence to be able to overcome sometimes the cultural barriers is key here. I think another thing that this program has really highlighted is there is a clear demand for data literacy in the job market, regardless of organization. Can each of you share more about how you're empowering the next generation of data workers? Paula, we'll start with you. >> Absolutely, and Jacqui says it so well, which is that it really is a journey that organizations are on and we as people in society are on in terms of upskilling our capabilities. So one of the things that we're doing here at Alteryx to help address this skillset gap on a global level is through a program that we call SparkED, which is essentially a no-cost analytics education program that we take to universities and colleges globally to help build the next generation of data workers. When we talk to our customers like eBay and many others, they say that it's difficult to find the skills that they want when they're hiring people into the job market. And so this program's really developed just to do just that, to close that gap and to work hand in hand with students and educators to improve data literacy for the next generation. So we're just getting started with SparkED. We started last May, but we currently have over 850 educational institutions globally engaged across 47 countries, and we're going to continue to invest here because there's so much opportunity for people, for society and for enterprises, when we close the gap and empower more people with the necessary analytics skills to solve all the problems that data can help solve. >> So SparkED has made a really big impact in such a short time period. It's going to be fun to watch the progress of that. Jacqui, let's go over to you now. Talk about some of the things that eBay is doing to empower the next generation of data workers. >> So we basically wanted to make sure that we kept that momentum from the hackathon, that we don't lose that excitement. So we just launched the program called eBay Masterminds. And what it basically is, is it's an inclusive innovation in each other, where we firmly believe that innovation is for upskilling for all analytics roles. So it doesn't matter your background, doesn't matter which function you are in, come and participate in in this where we really focus on innovation, introducing new technologies and upskilling our people. We are, apart from that, we also said, well, we shouldn't just keep it to inside eBay. We have to share this innovation with the community. So we are actually working on developing an analytics high school program, which we hope to pilot by the end of this year, where we will actually have high schoolers come in and teach them data essentials, the soft skills around analytics, but also how to use Alteryx. And we're working with, actually, we're working with SparkED and they're helping us develop that program. And we really hope that at, say, by the end of the year, we have a pilot and then also next year, we want to roll it out in multiple locations in multiple countries and really, really focus on that whole concept of analytics for all. >> Analytics for all, sounds like Alteryx and eBay have a great synergistic relationship there that is jointly aimed at especially going down the stuff and getting people when they're younger interested, and understanding how they can be empowered with data across any industry. Paula, let's go back to you, you were recently on "theCUBE"'s Supercloud event just a couple of weeks ago. And you talked about the challenges the companies are facing as they're navigating what is by default a multi-cloud world. How does the Alteryx Analytics Cloud platform enable CIOs to democratize analytics across their organization? >> Yes, business leaders and CIOs across all industries are realizing that there just aren't enough data scientists in the world to be able to make sense of the massive amounts of data that are flowing through organizations. Last I checked, there was 2 million data scientists in the world, so that's woefully underrepresented in terms of the opportunity for people to be a part of the analytics solution. So what we're seeing now with CIOs, with business leaders is that they're integrating data analysis and the skillset of data analysis into virtually every job function, and that is what we think of when we think of analytics for all. And so our mission with Alteryx Analytics Cloud is to empower all of those people in every job function, regardless of their skillset, as Jacqui pointed out from people that are just getting started all the way to the most sophisticated of technical users. Every worker across that spectrum can have a meaningful role in the opportunity to unlock the potential of the data for their company and their organizations. So that's our goal with Alteryx Analytics Cloud, and it operates in a multi cloud world and really helps across all sizes of data sets to blend, cleanse, shape, analyze, and report out so that we can break down data silos across the enterprise and help drive real business outcomes as a result of unlocking the potential of data. >> As well as really lessening that skill gap. As you were saying, there's only 2 million data scientists. You don't need to be a data scientist, that's the beauty of what Alteryx is enabling and eBay is a great example of that. Jacqui, let's go ahead and wrap things with you. You talked a great deal about the analytics maturity that you have fostered at eBay. It obviously has the right culture to adapt to that. Can you talk a little bit and take us out here in terms of where Alteryx fits in as that analytics maturity journey continues and what are some of the things that you are most excited about as analytics truly gets democratized across eBay? >> When we're starting up and getting excited about things when it comes to analytics, I can go on all day, but I'll keep it short and sweet for you. I do think we are on the top of the pool of data scientists. And I really feel that that is your next step, for us anyways, is that how do we get folks to not see data scientists as this big thing, like a rocket scientist, it's something completely different. And it's something that is in everybody in a certain extent. So again, partnering with Alteryx who just released the AI ML solution, allowing folks to not have a data scientist program, but actually build models and be able to solve problems that way. So we have engaged with Alteryx and we purchased the licenses, quite a few. And right now through our Masterminds program, we're actually running a four month program for all skill levels, teaching them AI ML and machine learning and how they can build their own models. We are really excited about that. We have over 50 participants without a background from all over the organization. We have members from our customer services. We have even some of our engineers are actually participating in the program. We just kicked it off. And I really believe that that is our next step. I want to give you a quick example of the beauty of this is where we actually just allow people to go out and think about ideas and come up with things. And one of the people in our team who doesn't have a data scientist background at all, was able to develop a solution where there is a checkout feedback functionality on the eBay side where sellers or buyers can verbatim add information. And she built a model to be able to determine what relates to tax specific, what is the type of problem, and even predict how that problem can be solved before we as a human even step in, and now instead of us or somebody going to verbatim and try to figure out what's going on there, we can focus on fixing the error versus actually just reading through things and not adding any value, and it's a beautiful tool and I was very impressed when I saw the demo and definitely developing that sort of thing. >> That sounds fantastic. And I think just the one word that keeps coming to mind, and we've said this a number of times in the program today is empowerment. What you're actually really doing to truly empower people across the organization with varying degrees of skill level, going down to the high school level, really exciting. We'll have to stay tuned to see what some of the great things are that come from this continued partnership. Ladies, I want to thank you so much for joining me on the program today and talking about how Alteryx and eBay are really partnering together to democratize analytics and to facilitate its maturity. It's been great talking to you. >> Thank you, Lisa. >> Thank you so much. (cheerful electronic music) >> As you heard over the course of our program, organizations where more people are using analytics who have deeper capabilities in each of the four Es, that's everyone, everything, everywhere, and easy analytics, those organizations achieve more ROI from their respective investments in analytics and automation than those who don't. We also heard a great story from eBay, great example of an enterprise that is truly democratizing analytics across its organization. It's enabling and empowering line of business users to use analytics, not only focused on key aspects of their job, but develop new skills rather than doing the same repetitive tasks. We want to thank you so much for watching the program today. Remember you can find all of the content on thecube.net. You can find all of the news from today on siliconangle.com and of course alteryx.com. We also want to thank Alteryx for making this program possible and for sponsoring "theCUBE". For all of my guests, I'm Lisa Martin. We want to thank you for watching and bye for now. (upbeat music)

(upbeat music) >> Hey, everyone. Welcome to this CUBE Conversation that's part of the AWS startup showcase Season Two, Episode Four. I'm your host Lisa Martin. Chase Doelling joins me, the principles strategist at JumpCloud. Chase, welcome to theCUBE. It's great to have you. >> Chase: Perfect. Well, thank you so much, Lisa. I really appreciate the opportunity to come and hang out. >> Let's talk about JumpCloud. First of all, love the name. This is an open directory platform. Talk to the audience about what the platform is, obviously, the evolution of the domain controller. But give us that backstory? >> Yeah, absolutely. And so, company was started, and I think, from serial entrepreneurs, and after kind of last exit, taking a look around and saying, "Why is this piece of hardware still the dominant force when you're thinking about identities, especially when the world is moving to cloud, and all the different pieces that have been around it?" And so, over the years, we've evolved JumpCloud into an open directory platform. And what that is, is we're managing your identities, the devices that are associated to that, all the access points that employees need just to get their job done. And the best part is, is we're able to do that no matter where they are within the world. >> It seems like kind of a reinvention of how modern IT teams are getting worked done, especially in these days of remote work. Talk to me a little bit about the last couple of years particularly as remote work exploded, and here we are still probably, permanently, in that situation? >> Yeah, absolutely. And I think it's probably going to be one of those situations where we stick with it for quite a while. We had a very abrupt force in making sure that essentially every IT and security team could grapple with the fact of their users are no longer coming into the office. You know, how do we VPN into all of our different resources? Those are very common and unfortunate pain points that we've had over the last couple years. And so, now, people have starting to kind of get into the motion of it, working from home, having background and setups and other pieces. But one of the main areas of concern, especially as you're thinking about that, is how does it relate to my security infrastructure, or kind of my approach to my organization. And making sure that too, on the tail end, that a user's access and making sure that they can get into everything that they need to do in order to get work done, is still happening? And so, what we've done, is we've really taken, evolving and really kind of ripping apart this notion of what a directory was. 'Cause originally, it was just like, great, almost like a phone directory. It's where people lived they're going into all those different pieces. But it wasn't set up for the modern world, and kind of how we're approaching it, and how organizations now are started with a credit card and have all of their infrastructure. And essentially, all of their IP, is now hosted somewhere else. And so, we wanted to take a different approach where we're thinking about, not only managing that identity, but taking an open approach. So, matter where the identity's coming from, we can integrate that into the platform but then we're also managing and securing those devices, which is often the most important piece that we have sitting right in front of us in order to get into that. But then, also that final question, of when you're accessing networks applications, can you create the conditions for trust, right? And so, if you're looking at zero trust, or kind of going after different levels of compliance, ISO, SOC2, whatever that might be, making sure that you have all that put in place no matter where your employees are. So, in that way, as we kind of moved into this remote, now hybrid world, it wasn't the office as the gating point anymore, right? So, key cards, as much as we love 'em, final part, whereas the new perimeter, the kind of the new barrier for organizations especially how they're thinking about security, is the people's identities behind that. And so, that's the approach that we really wanted to take as we continue to evolve and really open up what a directory platform can do. >> Yeah. Zero trust security, remote work. Two things that have exploded in the last couple of years. But as employees, we expected to be able to still have the access that we needed to apps, to the network, to WiFi, et cetera. And, of course, on the security side, we saw massive changes in the threat landscape that really, obviously, security elevates to a board level conversation. So, I imagine zero trust security, remote work, probably compliance, you mentioned SOC2, are some of the the key use cases that you're helping organizations with? >> Those are a lot of the drivers. And what we do, is we're able to combine a lot of different aspects that you need for each one of those. And so, now you're thinking about essentially, the use case of someone joins an organization, they need access to all these different things. But behind the scenes, it's a combination of identity access management, device management, applications, networks, everything else, and creating those conditions for them to do their roles. But the other piece of that, is you also don't want to be overly cumbersome. I think a lot of us think about security as like great biometrics, so I'm going to add in these keys, I'm going to do everything else to kind of get into these secured resources. But the reality of it now, is those secure resources might be AWS infrastructure. It might be other Salesforce reporting tools. It might be other pieces, or kind of IP within the organization. And those are now your crown jewel. And so, if you're not thinking about the identities behind them and the security that you have in order to facilitate that transaction, it becomes a board level conversation very quickly. But you want to do it in a way that people can move forward with their lives, and they're not spending a ton of time battling the systems and procedures you put in place to protect it, but that it's working together seamlessly. And so, that's where, kind of this notion for us of bringing all these different technologies into one platform. You're able to consolidate a lot of those and remove a lot of the friction while maintaining the visibility, and answering the question, of who has access to what? And when did they do that? Those are the most critical pieces that IT and security teams are asking themselves when something happens. And hopefully, on the preventative side and not so much on the redacted side. >> Have you seen the escalation up the C-Suite change of the board in terms of really focusing on how do we do identity management? How do we do single sign on? How do we do device management and network access? Is that all the way up to the C-Suite board level as well? >> It certainly can be. And we've seen it in a lot of different conversations, because now you are thinking about all different portions of the organization. And then, two, as we're thinking about times we're currently in, there's also a cost associated to that. And so, when you start to consolidate all of those technologies into one area, now it becomes much more of total cost optimization types of story while you're still maintaining a lot of the security and basic blocking and tackling that you need for most organizations. So, everything you just mentioned, those are now table stakes for a lot of small, medium, startups to be at the table. So, how do you have access to enterprise level, essentially technology, without the cost that's associated to it. And that's a lot of the trade offs that organizations are facing and having those types of conversations as it relates to business preparedness and how we're making sure that we are putting our best foot forward, and we're able to be resilient in no matter what type, of either economic or security threat that the organization might be looking at. >> So, let's talk about the go-to market, the strategy from a sales and marketing perspective. Where are the customer conversations happening? Are they at the IT level? Are they higher up the stack? >> It's really at, I'd say the IT level. And so, by that, I mean the builders, the implementers, everyone that's responsible for putting devices in people's hands, and making sure that they can do their job effectively. And so, those are their, I'd say the IT admins the world as well as the managed service providers who support those organizations, making sure that we can enable them to making sure that their organizations or their client organizations have all the tools that their disposable to make sure that they have the security or the policies, and the technology behind them to enable all those different practices. >> Let's unpack the benefits from an IT perspective? Obviously, they're getting one console that they can manage at all. One user identity for email, and devices, and apps, and things. You mentioned regardless of location, but this is also regardless of operating system, correct? >> That's correct. And so, part of taking an open approach, is also the devices that you're running on. And so, we take a cross OS approach. So, Mac, Windows, Linux, iPhone, whatever it might be, we can make sure that, that device is secure. And so, it does a couple different things. So, one, is the employees have device choice, right? So, I'm a Mac person coming in. If forced into a Windows, it'd be an interesting experience. But then, also too, from the back end, now you have essentially one platform to manage your entire fleet. And also give visibility and data behind what's happening behind those. And then, from the end user perspective as well, everything's tied together. And so, instead of having, what we'll call user ID schizophrenia, it might be one employee, but hundreds of different identities and logins just to get their work done. We can now centralize that into one person, making sure you have one password to get into your advice, get into the network, to get into your single sign on. We also have push MFA associated with that. So, you can actually create the conditions for your most secured access, or you understand, say, "Hey, I'm actually in the office. I'm going to be a hybrid employee. Maybe I can actually relax some of those security concerns I might have for people outside of the network." And all we do, is making sure that we give all that optionality to our IT admins, manage service providers of the world to enable that type of work for their employees to happen. >> So, they have the ability to toggle that, is critically important in this day and age of the hybrid work model, that's probably here to stay? >> It is, yeah. And it's something that organizations change, right? Our own organizations, they grow, they change different. New threats might emerge, or same old existing threats continue to come back. And we need to just have better processes and automations put within that. And it's when you start to consolidate all of those technologies, not only are you thinking about the visibility behind that, but then you're automating a lot of those different pieces that are already tightly coupled together. And that actually is truly powerful for a lot of the IT admins of the world, because that's where they spend a lot of time, and they're able to spend more time helping users tackling big projects instead of run rate security, and blocking, and tackling. That should be enabled from the organization from the get go. >> You mentioned automation. And I think that there's got to be a TCO reduction aspect here with respect to security and IT practices. Can you talk about that a little bit? >> Yeah, absolutely. Let's think about the opposite of that. Let's say we have a laundry list of technology that we need to go out and source. One is, great, where the identity is, so we have an identity provider. Now, we need to make sure that we have application access that might look like single sign on. Now, we need to make sure, you are who you are no matter where you are in the world. Well, now we need multifactor authentication and that might involve either a push button, or biometrics. And then, well, great the device's in front of us, that's a huge component, making sure that I can understand, not only who's on the device, but that the device is secure, that there's certificates there, that there's policies that ensure the proper use of that wherever it might be. Especially, if I'm an employee, either, it used to be on the the jet center going between flying anywhere you need. Now, it's kind of cross country, cross domain, all those different areas. And when you start to have that, it really unlocks, essentially IT sprawl. You have a lot of different pieces, a lot of different contracts, trying to figure out one technology works, but the other might not. And you're now you're creating workarounds for all these different pieces. So, the opposite of that, is essentially, let's take all those technologies and consolidate that into one platform. So, not only is it cheaper essentially, looking after that and understanding all the different technologies, but now it's all the other soft costs around it that many people don't think about. It's all the other automations. It's all the workarounds that you didn't have to do in the first place. It's all the other pieces that you'd spend a lot of time trying to wire it together. Into the hopes of that, it creates some security model. But then again, you lose a lot of the visibility. So, you might have an incident happen over here, or a trigger, or alert, but it's not tied to the rest of the stack. And so, now you're spending a lot of time, especially, either trying to understand. And worse timing, is if you have an incident and you're trying to understand what's happening? Unraveling all of that as it happens, becomes impossible, especially if it's not consolidated with one platform. So, there's not only the hard cost aspect of bringing all that together, but also the soft costs of thinking about how your business can perform, or at least optimize for a lot of those different standard processes, including onboarding, offboarding, and everything else in between. >> Yeah. On the soft cost side, I can imagine. I can see huge benefits for HR onboarding, offboarding. I can see benefits for the employee experience period, which directly relates to the customer experience. So, in terms of the business impact that JumpCloud can make, it seems to be pretty horizontal across any type of organization? >> It is, and especially as you mentioned HR. Because when you think about, where does the origin of someone's identity start? Well, typically, it starts with a resume and that might be in applicant tracking software. Now, we're going to get hired, so we're going to move into HR, because, well, everyone likes payroll, and we need that in our lives, right? But now you get into the second phase, of great, now I've joined the organization. Now, I need access to all of these different pieces. But when you look at it, essentially horizontally, from HR, all the way into the employee experience, and their whole life cycle within the organization, now you're touching multiple different teams And that's one of the other, I'd say benefits of that, is now you're actually bringing in HR, and IT, and security, and everyone else that might be related within these kind of larger use cases of making work happen all coming under. And when they're tightly integrated, it's also a lot more secure, right? So, you're not passing notes along. You're not having a checklist of other stuff, especially when it relates to something as important as someone's identity, which is more often than not, the most common attack vector for people to go after. Because they know it's the keys to the kingdom. There's going to be a lot of different attempts, maybe malware and other pieces, but a lot of it comes back into, can I impersonate, or become the person that I want within the organization, because it's the identity allows you to access all those different pieces. And so, if it's coming from a disjointed process or something that's not as tightly as it could be, that's where it really opens up a lot of different vectors that organizations don't think about. >> Right, and those vectors are only growing and multiplying as we know, and here to stay. When you're in customer conversations what do you describe as maybe the top three differentiators of JumpCloud compared to the competition? >> Well, I think a lot of it is we take an open approach. And so, by that, I mean, it's one we're not locking into, I'd say different vendors or other areas. We're really looking into making sure that we can work within your environment as it stands today, or where you want to migrate in the future. And so, this could be a combination of on-prem resources, cloud resources, or nothing if you're starting a company from today. And the second, is again, coming back into how we're looking at devices. So, we take a cross OS approach that way, no matter what you're operating on, it all comes back from the same dashboard. But then, finally, we leverage a ton of different protocols to make sure it works with everything within your current technology stack, as well as it continues to elevate and evolve over time. So, it could be LD app and Radius, and Sam, and skim, and open ID Connect, and open APIs. And whatever that might be, we are able to tie in all those different pieces. So, now, all of a sudden, it's not just one platform, but you have your whole business tied into as that gives you some flexibility too, to evolve. Because even during the pandemic and the shift for remote, there's a lot of technology choices that shifted. A lot of people are like, "Okay, now's the time to go to the cloud." There might be other events that organizations change. There's other things that might happen. So, creating that flexibility for organizations to move and make those calls, is essentially how we're differentiating ourselves. And we're not locking you into this, walled garden of technology that's just our own. We really want to make sure that we can operate, and be that glue, so that way, no matter what you're trying to do and making sure that your work is being done, we can help facilitate that. >> Nice. No matter what happens. Because boy, at this day, anything's possible. One more question for you about your AWS partnership. Talk to me a little bit about that? >> Yeah, absolutely. So, we are preferred ADP identity provider and SSO provider for AWS. And so, now rebranded under their identity center. But it's crucial for a lot of our organizations and joint customers because again, when we think about a lot of organization IP and how they operate as a business, is tied into AWS. And so, really understanding, who has the right level of access? Who should be in there or not? And when too, you should challenge in making sure that actually there's something fishy there. Like let's make sure that they're not just traveling to Europe on a sabbatical, and it's really who they are instead of a threat actor. Those are some of the pieces when we're thinking about creating that authentication, but then also, the right authorization into those AWS resources. And so, that's actually something that we've been very close to, especially, I'd say that the origins of a company. Because a lot of startups, that's where they go. That's where they begin their journey. And so, we meet them where they are, and making sure that we're protecting not only everything else within their organization, but also what they're trying to get into, which is typically AWS >> Meeting customers where they are. It's all about that. Chase, thank you so much for joining me on the program talking about JumpCloud, it's open directory platform. The benefits, the capabilities, what's in it for IT, HR, security, et cetera. We appreciate all of your insights and time. Where do you want to point folks to go to learn more? >> Well, absolutely. Well, thank you so much for having us. And I'd say, if you're curious about any and all these different technologies, the best part is everything I talked about is free up to 10 users, 10 devices. So, just go to jumpcloud.com. You can create an organization, and it's great for startups, people at home. Any size company that you're at, we can help support all of those different facets in bringing in those different types of technologies all into one roof. >> Awesome. Chase, thank you so much. This is awesome, go to jumpcloud.com. For Chase Doelling, I'm Lisa Martin. We want to thank you so much for giving us some of your time and watching this CUBE Conversation. (upbeat music)

(upbeat music) >> Okay, we're here talking about how you can better understand and manage the risks associated with the digital supply chain. How in this day and age where software comes from so many different places and sources throughout the ecosystem, how can organizations manage the risks associated with our dependence on software? And with me now are two great guests, Andrea Hall, who is a specialist solution architect and project manager for security and compliance at Red Hat. She's going to focus on public sector. And Andrew Block who's a distinguished architect at Red Hat Consulting, folks welcome. >> Welcome >> Thank you. Thanks for having us. >> You're very welcome. Andrea, let's start with you. Let's talk about regulations. What exists today that we should be aware of that organizations should be paying attention to? >> Oh sure, so the thing that comes to mind first being in the US is the presidential executive order on cybersecurity that came out a few months ago. Organizations are really paying attention to that. And in the US, it's having a ripple effect with policy, but we're also seeing policy considerations pop up in other countries, Australia and England. The supply chain is a big focus right now, of course, but we see these changes coming down the road as more and more government organizations are trying to secure their critical infrastructure. >> Is there kind of a leadership, or probably in other words, is somebody saying seeing what the UK does and say, okay, we're going to follow that template? Or is it just a variety and a mish mash with no sort of consolidation? How is that sort of playing out? >> I see a lot of organizations kind of basing their requirements on (indistinct) However, each organization has its own nuances. Each agency has its own nuances to how it wants them implemented. >> Andrew, maybe you could chime in here. What are you seeing when you talk to customers that are tuned into this issue? >> You know, as Andrea had just mentioned having that north star in terms of regulations is so fundamentally great for them because many of them especially in regulate industries, look to these regulations on how they apply their own policies. So at least it has some guidance on how to move forward because as we all know the secure software supply chain is getting news every day and how they react to it is something that I know all their leaders are asking themselves, especially those IT leaders. >> Andrea, when I talk to practitioners, sometimes they're frustrated. They understand they have to comply. They know new regulations are coming out, but sometimes it's hard for them to keep up. It would be helpful if you're sitting across the table from somebody who's frustrated and they ask you, what are your expectations? What are the trends in regulations? How do you see the current regulations evolving to specifically accommodate the digital supply chain and the security exposures and corollary requirements there? >> We see a lot of organizations struggling in the sense of trying to understand what the policy actually wants. Definitions are still a little bit vague, but implementation is also difficult because sometimes organizations will add more tools to their toolkit, adding a layer of complexity there. Really automation has to be pulled in. That's key to implementing this instead of adding more workload and more burden to your folks. It's really important for these organizations to pull stakeholders in the organization together. So the IT leaders bring together the developers, the security operations sit at the same table, talk about whether or not what needs to be implemented or what's proposed to be implemented, will affect the mission or in any way or disrupt operations. It's important for everybody to be on the same page so it doesn't slow anything down as you're trying to roll it out. >> And one of the things here is that we're seeing a lot of change with these new regulations and with a lot of organizations, any type of change is scary. And that is one area that they're looking for guidance not only in the tooling, but also how they apply it in the organization. >> I'll add on. >> Please. >> I'll add onto that and say, organizations really need to take into account the people side of things too. People need to understand what the impact is to the organization, so that they don't try to find the loopholes, they're buying into what needs to be done. They understand the why behind it. You for example, if you walk into your house, you normally close the door behind you. Security needs to be seen as that, as well, that's the culture and it's the habit. And it's ingrained in the fabric of the organization to live this way, not just implement the tools to do it. >> Right, and the number of doors you have in your infrastructure are a lot more than just a couple. Andrew mentioned sort of guidance and governments are obviously taking a more active role. I mean, sometimes I'm a cynic. I mean, the president Biden signs an executive order, but swipe of a pen doesn't really give us enough to go on. Do you think Andrea, that we're going to see new guidance from governments in the very near future? What are you expecting? >> I expect to see more conversations happening. I know that agencies who developed the policies are pulling together stakeholders and getting input. But I do see in the not too distant future, that mandates will be rolling out, yes. >> Well, so Andrew of course, Andrea, if you have a thought on this as well, but how do you see organizations dealing with adopting these new policies. >> Slowly, don't boil the ocean is one thing I tell a lot to every one of them, because a lot of these tooling, a lot of these concepts are foreign to them, brand new. How they adopt those and how they implement them, needs to be done in a very agile fashion, very slow and prescriptive. Go ahead and try to find one area of improvement and go ahead and work upon it and build upon it. Because not only does that normally make your organization more successful and secure, but also helps your organization just from a more out standpoint. One thing that you need to emphasize is that don't blame anyone. 'Cause a lot of times when you're going through this, you're reassessing your own supply chain. You might find where you could see improvements that need to be done. Don't blame things that may have occurred in the past. See how you can benefit from these lessons learned in the future. >> It's interesting you say that the blame game, I mean it used to be that failure meant you get fired and that's obviously has changed. As many have said, you know you're going to have incidents. It's how you respond to those incidents. What you learn from them. Do you have Andrew, any insights from specifically working with customers on securing their software supply chain? What can you tell us about what leading practitioners are doing today? >> They're going in and not only assessing what their software components consist of. Using tools like an SBOM, a software bill of materials, understand where all the components of their ecosystem and their lineage comes from. We're hearing almost every single day, new vulnerabilities that are being introduced in various software packages. By having that understanding of what is in your ecosystem, you can then better understand how to mitigate those concerns moving forward. >> Andrea, Andrew was just saying, one of the things is you don't just dive in. You've got to be careful. There's going to be ripple effects is what I'm inferring, but at the same time, there's a mandate to move quickly. Are there things that could accelerate the adoption of regulation or even the creation of regulations and that guidance in your view? What could accelerate this? >> As far as accelerating it goes, I think it's having those conversations proactively with the stakeholders in your organization and understanding the environment like Andrew said. Go ahead and get that baseline. And just know that whatever changes you make are maybe going to be audited down the road, because as we were moving towards this kind of third-party verification, that you're actually implementing things in order to do business with another organization. The importance of that, if organizations see that gravity to this, I think they will try to speed things up. I think that if organizations and the people in those organizations understand that why, that I talked about earlier and they understand how things like solar winds or things like the oil disruption that happened earlier this year. The personal effect to cyber events will help your organization move forward. Again, everybody's bought into the concept, everybody's working towards the same goals and they understand that why behind it. >> In addition to that, having tooling available, that makes it easy for them. You have a lot of individuals who this is all foreign, providing that base level tooling that aligns to a lot of the regulations that might be applicable within their real realm and their domain, makes it easier for them to start to complying and taking less burden off of them to be able to be successful. >> So it's a hard problem because Andrew, how do you deal with sort of the comment more tools, okay. But I look at that the Optiv map, if you've seen that. It makes your eyes cross. You've got so many tools, so much fragmentation, you're introducing new tools. Can automation help that? Is there hope for consolidation of that tools portfolio? >> Right now, this space is very emerging. It's very emerging, it's very fluid to be honest, 'cause there is actually mandates only a year or two old. But as they come over the course of time, however, I do see these types of tooling starting to consolidate where right now it seems like every vendor has a tool that tries to address this. It's being able to have the people work together, have more regulations that will come out that will allow us to start to redefine and solidify on certain tools like ISO standards. There are certain ones that I mentioned on as balance previously, there's now a ISO standard on SBOM there wasn't previously. So as more and more of these regulations come out, it makes it easier to provide that recommended set of tooling that organizations can start leveraging instead of vendor A, vendor B. >> Andrea, I said this before I was a cynic, but will give you the last word, give us some hope. I mean, obviously public policy is very important. A partnership between governments and industry, both the practitioners, the organizations that are buying these tools, as well as the technology industry got to work together in an ecosystem. Give us some hope. >> The hope I think will come from realizing that as you're doing this, as you are implementing these changes, you're in a sense trying to prevent those future incidents from happening. There's some assurance that you're doing everything that you can do here. It's a situation, it can be daunting, I'll put it that way. It can be really daunting for organizations, but just know that organizations like Red Hat are doing what we can to help you down the road. >> And really it's just continuing this whole shifting left mentality. The top of supply chain is just one component, but the introducing dev sec ops security at the beginning, that really will make the organizations become successful because this is not just a technology problem, It's a people issue as well. And being able to kind of package them all up together will help organizations as a whole. >> Yeah, so that's a really important point. You hear that term shift left. For years, people say, hey, you can't just bolt security on, as an afterthought, that's problematic. And that's the answer to that problem, right? Is shifting left meaning designing it in at the point of code, infrastructure as code, dev sec ops. That's where it starts, right? >> Exactly, being able to have security at the forefront and then have everything afterwards. Propagate from your security mindset. >> Excellent, okay, Andrea, Andrew, thanks so much for coming to the program today. >> Thank you for having us. >> Very welcome, thanks for watching. This is Dave Vellante for The Cube. Your a global leader in enterprise tech coverage. (soft music)

(upbeat music) >> Okay, we're here talking about how you can better understand and manage the risks associated with the digital supply chain. How in this day and age where software comes from so many different places and sources throughout the ecosystem, how can organizations manage the risks associated with our dependence on software? And with me now are two great guests, Andrea Hall, who is a specialist solution architect and project manager for security and compliance at Red Hat. She's going to focus on public sector. And Andrew Block who's a distinguished architect at Red Hat Consulting, folks welcome. >> Welcome >> Thank you. Thanks for having us. >> You're very welcome. Andrea, let's start with you. Let's talk about regulations. What exists today that we should be aware of that organizations should be paying attention to? >> Oh sure, so the thing that comes to mind first being in the US is the presidential executive order on cybersecurity that came out a few months ago. Organizations are really paying attention to that. And in the US, it's having a ripple effect with policy, but we're also seeing policy considerations pop up in other countries, Australia and England. The supply chain is a big focus right now, of course, but we see these changes coming down the road as more and more government organizations are trying to secure their critical infrastructure. >> Is there kind of a leadership, or probably in other words, is somebody saying seeing what the UK does and say, okay, we're going to follow that template? Or is it just a variety and a mish mash with no sort of consolidation? How is that sort of playing out? >> I see a lot of organizations kind of basing their requirements on (indistinct) However, each organization has its own nuances. Each agency has its own nuances to how it wants them implemented. >> Andrew, maybe you could chime in here. What are you seeing when you talk to customers that are tuned into this issue? >> No as Andrea had just mentioned having that north star in terms of regulations is so fundamentally great for them because many of them especially in regulate industries, look to these regulations on how they apply their own policies. So at least it has some guidance on how to move forward because as we all know the secure software supply chain is getting news every day and how they react to it is something that I know all their leaders are asking themselves, especially those IT leaders. >> Andrea, when I talk to practitioners, sometimes they're frustrated. They understand they have to comply. They know new regulations are coming out, but sometimes it's hard for them to keep up. It would be helpful if you're sitting across the table from somebody who's frustrated and they ask you, what are your expectations? What are the trends in regulations? How do you see the current regulations evolving to specifically accommodate the digital supply chain and the security exposures and corollary requirements there? >> We see a lot of organizations struggling in the sense of trying to understand what the policy actually wants. Definitions are still a little bit vague, but implementation is also difficult because sometimes organizations will add more tools to their toolkit, adding a layer of complexity there. Really automation has to be pulled in. That's key to implementing this instead of adding more workload and more burden to your folks. It's really important for these organizations to pull stakeholders in the organization together. So the IT leaders bring together the developers, the security operations sit at the same table, talk about whether or not what needs to be implemented or what's proposed to be implemented, will affect the mission or in any way or disrupt operations. It's important for everybody to be on the same page so it doesn't slow anything down as you're trying to roll it out. >> And one of the things here is that we're seeing a lot of change with these new regulations and with a lot of organizations, any type of change is scary. And that is one area that they're looking for guidance not only in the tooling, but also how they apply it in the organization. >> I'll add on. >> Please. >> I'll add onto that and say, organizations really need to take into account the people side of things too. People need to understand what the impact is to the organization, so that they don't try to find the loopholes, they're buying into what needs to be done. They understand the why behind it. You for example, if you walk into your house, you normally close the door behind you. Security needs to be seen as that, as well, that's the culture and it's the habit. And it's ingrained in the fabric of the organization to live this way, not just implement the tools to do it. >> Right, and the number of doors you have in your infrastructure are a lot more than just a couple. Andrew mentioned sort of guidance and governments are obviously taking a more active role. I mean, sometimes I'm a cynic. I mean, the president Biden signs an executive order, but swipe of a pen doesn't really give us enough to go on. Do you think Andrea, that we're going to see new guidance from governments in the very near future? What are you expecting? >> I expect to see more conversations happening. I know that agencies who developed the policies are pulling together stakeholders and getting input. But I do see in the not too distant future, that mandates will be rolling out, yes. >> Well, so Andrew of course, Andrea, if you have a thought on this as well, but how do you see organizations dealing with adopting these new policies. >> Slowly, don't boil the ocean is one thing I tell a lot to every one of them, because a lot of these tooling, a lot of these concepts are foreign to them, brand new. How they adopt those and how they implement them, needs to be done in a very agile fashion, very slow and prescriptive. Go ahead and try to find one area of improvement and go ahead and work upon it and build upon it. Because not only does that normally make your organization more successful and secure, but also helps your organization just from a more out standpoint. One thing that you need to emphasize is that don't blame anyone. 'Cause a lot of times when you're going through this, you're reassessing your own supply chain. You might find where you could see improvements that need to be done. Don't blame things that may have occurred in the past. See how you can benefit from these lessons learned in the future. >> It's interesting you say that the blame game, I mean it used to be that failure meant you get fired and that's obviously has changed. As many have said, you know you're going to have incidents. It's how you respond to those incidents. What you learn from them. Do you have Andrew, any insights from specifically working with customers on securing their software supply chain? What can you tell us about what leading practitioners are doing today? >> They're going in and not only assessing what their software components consist of. Using tools like an SBOM, a software bill of materials, understand where all the components of their ecosystem and their lineage comes from. We're hearing almost every single day, new vulnerabilities that are being introduced in various software packages. By having that understanding of what is in your ecosystem, you can then better understand how to mitigate those concerns moving forward. >> Andrea, Andrew was just saying, one of the things is you don't just dive in. You've got to be careful. There's going to be ripple effects is what I'm inferring, but at the same time, there's a mandate to move quickly. Are there things that could accelerate the adoption of regulation or even the creation of regulations and that guidance in your view? What could accelerate this? >> As far as accelerating it goes, I think it's having those conversations proactively with the stakeholders in your organization and understanding the environment like Andrew said. Go ahead and get that baseline. And just know that whatever changes you make are maybe going to be audited down the road, because as we were moving towards this kind of third-party verification, that you're actually implementing things in order to do business with another organization. The importance of that, if organizations see that gravity to this, I think they will try to speed things up. I think that if organizations and the people in those organizations understand that why, that I talked about earlier and they understand how things like solar winds or things like the oil disruption that happened earlier this year. The personal effect to cyber events will help your organization move forward. Again, everybody's bought into the concept, everybody's working towards the same goals and they understand that why behind it. >> In addition to that, having tooling available, that makes it easy for them. You have a lot of individuals who this is all foreign, providing that base level tooling that aligns to a lot of the regulations that might be applicable within their real realm and their domain, makes it easier for them to start to complying and taking less burden off of them to be able to be successful. >> So it's a hard problem because Andrew, how do you deal with sort of the comment more tools, okay. But I look at that the Optiv map, if you've seen that. It makes your eyes cross. You've got so many tools, so much fragmentation, you're introducing new tools. Can automation help that? Is there hope for consolidation of that tools portfolio? >> Right now, this space is very emerging. It's very emergent, it's very fluid to be honest, 'cause there is actually mandates only a year or two old. But as they come over the course of time, however, I do see these types of tooling starting to consolidate where right now it seems like every vendor has a tool that tries to address this. It's being able to have the people work together, have more regulations that will come out that will allow us to start to redefine and solidify on certain tools like ISO standards. There are certain ones that I mentioned on as balance previously, there's now a ISO standard on SBOM there wasn't previously. So as more and more of these regulations come out, it makes it easier to provide that recommended set of tooling that organization is leveraging instead of vendor A, vendor B. >> Andrea, I said this before I was a cynic, but will give you the last word, give us some hope. I mean, obviously public policy is very important. A partnership between governments and industry, both the practitioners, the organizations that are buying these tools, as well as the technology industry got to work together in an ecosystem. Give us some hope. >> The hope I think will come from realizing that as you're doing this, as you are implementing these changes, you're in a sense trying to prevent those future incidents from happening. There's some assurance that you're doing everything that you can do here. It's a situation, it can be daunting, I'll put it that way. It can be really daunting for organizations, but just know that organizations like Red Hat are doing what we can to help you down the road. >> And really it's just continuing this whole shifting left mentality. The top of supply chain is just one component, but the introducing dev sec ops security at the beginning, that really will make the organizations become successful because this is not just a technology problem, It's a people issue as well. And being able to kind of package them all up together will help organizations as a whole. >> Yeah, so that's a really important point. You hear that term shift left. For years, people say, hey, you can't just bolt security on, as an afterthought, that's problematic. And that's the answer to that problem, right? Is shifting left meaning designing it in at the point of code, infrastructure as code, dev sec ops. That's where it starts, right? >> Exactly, being able to have security at the forefront and then have everything afterwards. Propagate from your security mindset. >> Excellent, okay, Andrea, Andrew, thanks so much for coming to the program today. >> Thank you for having us. >> Very welcome, thanks for watching. This is Dave Vellante for The Cube. Your a global leader in enterprise tech coverage. (soft music)

(upbeat music) >> Okay, we're here talking about how you can better understand and manage the risks associated with the digital supply chain. How in this day and age where software comes from so many different places and sources throughout the ecosystem, how can organizations manage the risks associated with our dependence on software? And with me now are two great guests, Andrea Hall, who is a specialist solution architect and project manager for security and compliance at Red Hat. She's going to focus on public sector. And Andrew Block who's a distinguished architect at Red Hat Consulting, folks welcome. >> Welcome >> Thank you. Thanks for having us. >> You're very welcome. Andrea, let's start with you. Let's talk about regulations. What exists today that we should be aware of that organizations should be paying attention to? >> Oh sure, so the thing that comes to mind first being in the US is the presidential executive order on cybersecurity that came out a few months ago. Organizations are really paying attention to that. And in the US, it's having a ripple effect with policy, but we're also seeing policy considerations pop up in other countries, Australia and England. The supply chain is a big focus right now, of course, but we see these changes coming down the road as more and more government organizations are trying to secure their critical infrastructure. >> Is there kind of a leadership, or probably in other words, is somebody saying seeing what the UK does and say, okay, we're going to follow that template? Or is it just a variety and a mish mash with no sort of consolidation? How is that sort of playing out? >> I see a lot of organizations kind of basing their requirements on (indistinct) However, each organization has its own nuances. Each agency has its own nuances to how it wants them implemented. >> Andrew, maybe you could chime in here. What are you seeing when you talk to customers that are tuned into this issue? >> No as Andrea had just mentioned having that north star in terms of regulations is so fundamentally great for them because many of them especially in regulate industries, look to these regulations on how they apply their own policies. So at least it has some guidance on how to move forward because as we all know the secure software supply chain is getting news every day and how they react to it is something that I know all their leaders are asking themselves, especially those IT leaders. >> Andrea, when I talk to practitioners, sometimes they're frustrated. They understand they have to comply. They know new regulations are coming out, but sometimes it's hard for them to keep up. It would be helpful if you're sitting across the table from somebody who's frustrated and they ask you, what are your expectations? What are the trends in regulations? How do you see the current regulations evolving to specifically accommodate the digital supply chain and the security exposures and corollary requirements there? >> We see a lot of organizations struggling in the sense of trying to understand what the policy actually wants. Definitions are still a little bit vague, but implementation is also difficult because sometimes organizations will add more tools to their toolkit, adding a layer of complexity there. Really automation has to be pulled in. That's key to implementing this instead of adding more workload and more burden to your folks. It's really important for these organizations to pull stakeholders in the organization together. So the IT leaders bring together the developers, the security operations sit at the same table, talk about whether or not what needs to be implemented or what's proposed to be implemented, will affect the mission or in any way or disrupt operations. It's important for everybody to be on the same page so it doesn't slow anything down as you're trying to roll it out. >> And one of the things here is that we're seeing a lot of change with these new regulations and with a lot of organizations, any type of change is scary. And that is one area that they're looking for guidance not only in the tooling, but also how they apply it in the organization. >> I'll add on. >> Please. >> I'll add onto that and say, organizations really need to take into account the people side of things too. People need to understand what the impact is to the organization, so that they don't try to find the loopholes, they're buying into what needs to be done. They understand the why behind it. You for example, if you walk into your house, you normally close the door behind you. Security needs to be seen as that, as well, that's the culture and it's the habit. And it's ingrained in the fabric of the organization to live this way, not just implement the tools to do it. >> Right, and the number of doors you have in your infrastructure are a lot more than just a couple. Andrew mentioned sort of guidance and governments are obviously taking a more active role. I mean, sometimes I'm a cynic. I mean, the president Biden signs an executive order, but swipe of a pen doesn't really give us enough to go on. Do you think Andrea, that we're going to see new guidance from governments in the very near future? What are you expecting? >> I expect to see more conversations happening. I know that agencies who developed the policies are pulling together stakeholders and getting input. But I do see in the not too distant future, that mandates will be rolling out, yes. >> Well, so Andrew of course, Andrea, if you have a thought on this as well, but how do you see organizations dealing with adopting these new policies. >> Slowly, don't boil the ocean is one thing I tell a lot to every one of them, because a lot of these tooling, a lot of these concepts are foreign to them, brand new. How they adopt those and how they implement them, needs to be done in a very agile fashion, very slow and prescriptive. Go ahead and try to find one area of improvement and go ahead and work upon it and build upon it. Because not only does that normally make your organization more successful and secure, but also helps your organization just from a more out standpoint. One thing that you need to emphasize is that don't blame anyone. 'Cause a lot of times when you're going through this, you're reassessing your own supply chain. You might find where you could see improvements that need to be done. Don't blame things that may have occurred in the past. See how you can benefit from these lessons learned in the future. >> It's interesting you say that the blame game, I mean it used to be that failure meant you get fired and that's obviously has changed. As many have said, you know you're going to have incidents. It's how you respond to those incidents. What you learn from them. Do you have Andrew, any insights from specifically working with customers on securing their software supply chain? What can you tell us about what leading practitioners are doing today? >> They're going in and not only assessing what their software components consist of. Using tools like an SBOM, a software bill of materials, understand where all the components of their ecosystem and their lineage comes from. We're hearing almost every single day, new vulnerabilities that are being introduced in various software packages. By having that understanding of what is in your ecosystem, you can then better understand how to mitigate those concerns moving forward. >> Andrea, Andrew was just saying, one of the things is you don't just dive in. You've got to be careful. There's going to be ripple effects is what I'm inferring, but at the same time, there's a mandate to move quickly. Are there things that could accelerate the adoption of regulation or even the creation of regulations and that guidance in your view? What could accelerate this? >> As far as accelerating it goes, I think it's having those conversations proactively with the stakeholders in your organization and understanding the environment like Andrew said. Go ahead and get that baseline. And just know that whatever changes you make are maybe going to be audited down the road, because as we were moving towards this kind of third-party verification, that you're actually implementing things in order to do business with another organization. The importance of that, if organizations see that gravity to this, I think they will try to speed things up. I think that if organizations and the people in those organizations understand that why, that I talked about earlier and they understand how things like solar winds or things like the oil disruption that happened earlier this year. The personal effect to cyber events will help your organization move forward. Again, everybody's bought into the concept, everybody's working towards the same goals and they understand that why behind it. >> In addition to that, having tooling available, that makes it easy for them. You have a lot of individuals who this is all foreign, providing that base level tooling that aligns to a lot of the regulations that might be applicable within their real realm and their domain, makes it easier for them to start to complying and taking less burden off of them to be able to be successful. >> So it's a hard problem because Andrew, how do you deal with sort of the comment more tools, okay. But I look at that the Optiv map, if you've seen that. It makes your eyes cross. You've got so many tools, so much fragmentation, you're introducing new tools. Can automation help that? Is there hope for consolidation of that tools portfolio? >> Right now, this space is very emerging. It's very emergent, it's very fluid to be honest, 'cause there is actually mandates only a year or two old. But as they come over the course of time, however, I do see these types of tooling starting to consolidate where right now it seems like every vendor has a tool that tries to address this. It's being able to have the people work together, have more regulations that will come out that will allow us to start to redefine and solidify on certain tools like ISO standards. There are certain ones that I mentioned on as balance previously, there's now a ISO standard on SBOM there wasn't previously. So as more and more of these regulations come out, it makes it easier to provide that recommended set of tooling that organization is leveraging instead of vendor A, vendor B. >> Andrea, I said this before I was a cynic, but will give you the last word, give us some hope. I mean, obviously public policy is very important. A partnership between governments and industry, both the practitioners, the organizations that are buying these tools, as well as the technology industry got to work together in an ecosystem. Give us some hope. >> The hope I think will come from realizing that as you're doing this, as you are implementing these changes, you're in a sense trying to prevent those future incidents from happening. There's some assurance that you're doing everything that you can do here. It's a situation, it can be daunting, I'll put it that way. It can be really daunting for organizations, but just know that organizations like Red Hat are doing what we can to help you down the road. >> And really it's just continuing this whole shifting left mentality. The top of supply chain is just one component, but the introducing dev sec ops security at the beginning, that really will make the organizations become successful because this is not just a technology problem, It's a people issue as well. And being able to kind of package them all up together will help organizations as a whole. >> Yeah, so that's a really important point. You hear that term shift left. For years, people say, hey, you can't just bolt security on, as an afterthought, that's problematic. And that's the answer to that problem, right? Is shifting left meaning designing it in at the point of code, infrastructure as code, dev sec ops. That's where it starts, right? >> Exactly, being able to have security at the forefront and then have everything afterwards. Propagate from your security mindset. >> Excellent, okay, Andrea, Andrew, thanks so much for coming to the program today. >> Thank you for having us. >> Very welcome, thanks for watching. This is Dave Vellante for The Cube. Your a global leader in enterprise tech coverage. (soft music)

>>Yeah. Welcome back to a W s reinvent 20 twenty-one. This is the live. In addition, the last year, of course, it was virtual. This is probably the most important hybrid event of the year. Over 20,000 people. We have two sets here at the Cube. My name is David. I'm really excited to have Caroline see more on the vice president of product marketing at Serato, which is now an H p e company. And Daniel, who is the director of worldwide partner Essays at A W s. Folks, welcome to the good to see you. >>Yeah, great to be here. So, >>Caroline, you got some news. Why don't we start their hard news? We always like to start with that. >>First of all, I think I just like to talk a little bit about the acquisition because it has been acquired by H. P. And in September, we announced, um, disaster recovery as a service is part of the Green Lake platform. And so that's really exciting. Both from, uh, customers as well is also H B customers. But the innovation continues here at a W s reinvent, we are announcing a new solution 02 in cloud, which is a disaster recovery for Amazon. Easy to, um, and if I think about the value that it brings to the customers, it's delivering orchestrated disaster. Recovery is delivering that simplicity at scale and scale is very important aspect because it will deliver that from tends to thousands of work clothes and as well, it's helping organizations to drive more operational efficiencies around their processes. So that's sort of a nutshell of the news. The cloud for a W s >>great. Thank you for that. So I wanna ask you, obviously, in lock down, people look to the cloud. Uh, and you know, data protection used to be just back up, and then people realize that recovery is important, but it used to be a bolt on an afterthought. You sort of launch the application of the service. And so we got to protect this thing and whatever and throw it on there that that's unacceptable. Today, if you're not going to run your digital business with a bolt on, So what? Our customers telling you in terms of what they want to see from their data protection portfolios and how are you seeing the ecosystem and a W s helping them to integrate that >>absolutely well to your point, the pandemic has absolutely accelerated a lot of businesses movement into the cloud. So companies that hadn't formerly thought about using cloud technologies are now doing that. And for them, in order to have a very simple and easy and scalable data protection solution, is critical for them to feel comfortable into moving into a W s. And so that's what we're seeing from a lot of customers. Um, and of course, back to your point about recovery with the challenges around ransomware, Um, that is definitely an area where a lot of companies have just done their back up. But they're also testing it and making sure that it's something that they know that they can rely on, um, as they moved there, workloads into the club. >>And speaking of ransomware, I mean, it's just front and center. Anybody can be a ransomware. Today they go in the dark web by ransomware service. They put a stick into a server and then bad things happen. Hopefully that that individual ends up in handcuffs, but not always so when we've seen Ransom's getting paid $40 million ransom's multi-million dollar. And we all know about the fact that our front and center So what are you seeing in terms of the customer base? How How h b n z two helping and where does a W s fit? Maybe you could start off Caroline. >>Great question, because I think from the perspective, we look at it from the need for recovery. Uh, strategy as part of your overarching, um, security and prevention is is one aspect that you always need two prevention. But to us, it's a matter of not if you're going to be attacked. It's when and when that gets through your firewall. And so you need to be able to have a recovery strategy in place that allows you to recover in minutes to set to within seconds of when that when an attack actually happens. And, um, I can give a case in, for example, for there's a company 10 Carter Protective fabric, textiles manufacturing company, MULTI-MILLION business. And they suffered to to a tax crypto attack first time, and they were using more traditional, um, back up to take. And it took him two weeks to recover having been attacked, and they suffered significant data loss, and then they deployed photo photo. Um, unfortunately, a little while later, they were attacked a second time with more sophisticated case of So it continues. Um, but this time the recovery was very different. What happened was that they were able to recover within minutes and they had seconds of data loss. And that is because of r c d p technology C D. P. Being continuous data protection. And that is with our replication and a unique journaling capability that allows you to, uh, set up the different checkpoint. So you have thousands of recovery points and you can recover to a specific recovery point with within seconds of that attack. Very, very powerful. >>I wanna ask you a question and what Caroline was just talking about with the classic metrics in this business r P O R T r P o recovery point objective. Always say, how much data do you want to lose? And people say none. Okay, how much? What kind of budget do you have? So that's always been the trade-off, although, as you mentioned, it's getting a little bit more cost-effective and then recovery time objective. How long does it take you to get back up. Absolutely. So so. Those are some of the concepts that you were talking about. I wanna ask you, Daniel, it feels like an Caroline. You feel like data protection is now becoming. It's certainly a tight adjacent to overall security. It's not security per se sick of it, so but it's but it's becoming. The lines are blurring. How do you see that you have a shared responsibility model? Where does this whole topic fit in? >>Well, I think lots of companies are really finding a lot of value in their data, right. Whereas, you know, perhaps years ago it was less. It was easy to hang on to it, to actually make it valuable to do metrics and analytics on it to do machine learning, perhaps on it. And so, by having, um, products such as the product, you know, they're now able to hang on to that data and make sure that they have it in perpetuity so that they can do what they need to do on it. So, yes, we're seeing, you know, companies that were traditionally storage cos thinking about security, security cos thinking about data, so yes, all of those lines are being blurred for sure. And I think that, you know, as far as the short security model we think of the you know, we think of our partners and ourselves, obviously as extensions. And we're really looking to have the best customer experience that we can >>can I think every company security company, Obviously you impact enterprise care a lot about security A W s. I don't know any company because I don't really care about security. That's that's not my swim land out of business. If you If you had that attitude now. So from from your standpoint, where does it fit inside of you know, you're you're thinking, How are you guys thinking about security and data protection? Back up and recovery? Is it all just coming together or they still kind of separate entities? >>No, you're absolutely right. It is coming together, and what we're seeing is we're having a lot more conversations with ISO's, um so the more the security offices of organizations and I think what's happening is that's where the budget is to. And so you're saying they're sort of the working together on the I T and also the Office of Security to um so we're having more conversations there, and we see that, as I mentioned before, the recovery strategy is a key element of our focus. And what we can do is part of the overarching strategy of an organization. >>So what? How should we think about the cloud? Is it another layer of protection? Um, is it a replacement for tape? Maybe not, but we need as much protection as possible. So how should we think about the cloud in the context of data protection? >>Well, the cloud, Yeah, absolutely. Um can provide an alternative to tape or, um disc, for example, of this year. We also added support for a mutability preserved for A W S. With so we are ensuring in the fact that you know you can be changed so that that's absolutely critical. >>So that's a a right once read only technology. That's a service that you tap. So your integrating zero was integrating with that capability. So that's another layer of protection. That's another layer of protection. And then, of course, you know there's there's gaps, is another part of the strategy. So let's talk strategy for a minute. What's the I know it's not one size fits all, but what are you seeing as best practice strategies for customers to protect themselves against traditional just human error? Cyber attacks? What's the what's the sort of prevailing approach? How should we think about that? >>Well, I mean, you're absolutely right. Those the, you know, the filed elections, the database corruptions, and so our solutions, that is, our continuous data protection. It absolutely is, um, the ability to be able to get that granular level of recovery, which you can do with backups. I'm not saying that backup isn't part of your overall strategy, but if you're actually trying to recover quickly and within seconds to whether it's an attack to whether it's a file deleted, a database corruption, you need that continuous data protection. And that's something that you need to us that we've been delivering since the day that um was formed. So >>that's your secret sauce is it is a very granular ability to dial down based on your r p o. That's requirements based on the application requirements, uh, and then bring in the cloud for things like mutability. Maybe gapping. Maybe Last resort is still the last resort. I don't know. Maybe >>there. So, um, you know, a w s to be a target for disaster recovery. So all back up. >>You talk about that? >>Yeah. So, with what we have enabled is first of all, if you want to, um, my great, your work clothes to a W s. And we're seeing an awful lot of that. We provide that capability. So the mobility aspect, if you are looking at instead of an on premises disaster recovery site, you can use a W S D R site. Um, And if you want to back up to a W s and use, um, cost efficient storage, we support that with cloud tearing and mutability. And as I say today, we're announcing cloud for a W s, which is once you've got your work clothes in a W s. We can protect them now in, um, in a W s itself. So the full spectrum. And then earlier this year, we announced for communities for US work clothes, So we're really trying to ensure that we can protect any A W s workload wherever it is. >>So I look around here pretty impressive given that we're in the second year of a pandemic here, pretty packed floor. But the ecosystem is just exploding. That's gonna make you feel good. Cos like choosing to partner with a W s leaning in writing to your cloud-native fooling. Maybe give us the update on how you see this partnership. >>Well, I mean, just to Caroline's earlier point, you can see how Xero is continuing to innovate, right? And that's really key. So, um, having a cloud-native solution and then also having a solution that works for us. We're seeing a lot of companies thinking about containers thinking about server lists. And so, you know, the best partnerships that we have are the ones in which they're innovating with us continuously. And I've known about since I started in 2014. So they've been around for a long time, and they're continuing, um, to do that. And they are working closely with us to do P O. C. D. S. And and to help our customers really get what they need, um, in the data protection space and continuing to innovate, which is >>your customers, they want that they need that your your deep into data protection. Yes. You're scale of cloud But you're not going to have the the capabilities of Stack. So that one plus one hopefully is greater than to How do you where can we find out more information about you know, the new solutions? What's the what's the call to >>action culture as well? A couple of things. We've, uh we just We just launched deserted for a W s hands-on lab. And what that does is allow in your own time in your own environment to be able to try with a W S as a target and back up. Um, so we've just launched that and that enables you to see how it works with a W S. We also have for communities, um, lab as well, so you can see how it works with a K s. Uh, coming soon, we're going to have to in cloud lab that you can actually see how to protect your workload in the cloud in a W s. So those are the really the best ways to be able to Well, for a call to action is try. The lab really is >>awesome. Guys, thanks so much for coming to the Cube. Very important topic and keep up the good work. >>Thank you. Thank you. Very well. So >>we're seeing the evolution of data protection rethinking data protection in 2020. No longer is it a Bolton cloud modernization with deep stacks. Fine granularity for your r p o. But also quick recovery protection from Ransomware. It's a whole new world, and we're here to cover it. My name is David. You're watching the Cube, the leader in high tech coverage. We'll be right back. Yeah, Yeah, yeah. Mm, yeah.

(gentle music) >> Welcome back to theCUBE's continuous coverage of AWS re:Invent 2021. I'm your host, Lisa Martin. We are running one of the industry's most important and largest hybrid tech events of the year with AWS and its ecosystem partners. We have two live sets, two remote sites, and over a hundred guests on the program talking about the next decade in cloud innovation. I'm pleased to welcome Jon Bakke, Chief Revenue Officer from Maria DB as my next guest. Jon, welcome to the program. >> Thanks for having me, Lisa. >> Talk to me a little bit about MariaDB. What makes it unique? What differentiates it? What gaps in the market does it address? >> Yeah, so we have a lot of passion here at MariaDB because we are, at the end of the day, we're the backbone of services used by people everyday, all over the world. In fact, you might not realize that, but you've probably hit a MariaDB database in the past 60 minutes. It's true. For example, if you're using a Samsung mobile phone, we provide data services for the Samsung cloud. In fact, we've provided services for 5G networks all over the globe. And so at the end of the day, we actually process trillions of transactions per day. And I think that's really cool. >> Awesome. Talk to me a little bit about the key problems. You mentioned Samsung. Big fan, lots of Samsung devices in the house. Talk to me about some of the key problems that MariaDB SkySQL specifically solves for customers. What are they coming to you, looking for them, looking for help for? >> Yeah, so we launched SkySQL and AWS earlier this year. It's become wildly popular. And so SkySQL overcome some of the limitations of the cloud. 1.0, 2.0 era. In fact, we went from having zero customers to a slew of customers in just a short period of time. There are a ton of pent up demand from MariaDB and distributed SQL in particular, and that's our Xpand product. And where Samsung uses Xpand is, they use it to store data for the phones, just like, you might if you're an iPhone user on the iCloud, they have the Samsung cloud. So what we do is we provide expanding database services for them, for a large user base across the globe. And they do that because they just can't get the scale out of some of the community databases that are offered by the major CSPs. >> And obviously that scale is critical. We've seen so much change in the last year and a half, two years with growth, with acceleration to cloud acceleration of digital. Talk to me about what you seen as the CRO of the company from a customer lens perspective. How has the last 20 months really affected acceleration, adoption, of Maria's technologies? >> Yeah, so, I'm a geek at heart. I grew up in the database business. In fact, I've been in the database business for 30 years and during the last 20 months during the pandemic, and even before that, companies like MariaDB strive to create a beautiful database and what it really is a beautiful database. It's a database that is flushed with features that make applications work. Lightweight, portable, and fast for the cloud, but still reliable and familiar so that application developers can use it for multiple workloads. So when it comes to the database industry, we're still going after those characteristics and we provide world-class support. My team just rocks it for our customers. And it's really important to them to get that. And at the end of the day, our costs while at the end of the day, we're the least expensive. So it really is a beautiful database and we're very proud of it. >> Beautiful database that's the least expensive. That sounds like music to probably a lot of companies ears. Talk to me about where it went. Obviously AWS, you mentioned SkySQL was launched earlier this year on AWS? >> That's correct. Yep. >> Talk to me a little bit more about the capabilities there, the partnership that Maria and AWS have, what you bring to your customers. >> Yeah, so we have a great partnership with AWS. They provide a tremendous levels of support to help startups like MariaDB get going satisfactory and everything about their go-to market strategy to make enabled partners like us. But we have a customer that is, well, they're a major trading application on the internet and they were an AWS customer, right? So they were an existing AWS customer, but they were struggling with some of the community databases in AWS to find that scale and that elasticity that they were looking for on their platform. So enter MariaDB Xpand, where we can scale a relational database out far and wide to make it possible for a customer like that. Who's really pushing the limits of what a database needs to do to remain an AWS customer. So in this particular case, we worked with AWS to land them on SkySQL and use Xpand, a distributed database technology. So we went together and that's a really great story for everybody. >> Talk to me about some of the technical requirements, as we've seen so much change in the last 20 months, as I said, but so much growth and scale and needs are changing so dynamically. What are some of the key technical requirements of the database to keep up with that? And how does MariaDB exhibit those? >> Yeah, that's a great question. So in distributed SQL, in particular, which I see as sort of the next wave of database, particularly in the cloud, right? The database needs to leverage familiar application paradigms like relational and document databases do and connection protocols so that existing applications connect to those. But at the end, they have to be highly scalable for the cloud by design and highly available in the cloud by design. Xpand just screams. It's really fast. It's really reliable. And transactional integrity is inherent to the architecture. So our customers love it. And so really, what's not to love about a database that does all of those things? >> What's not to love about a beautiful database? That speed. I mean, the speed is critical. I think one of the many things that we've learned in the last interesting couple of years of our lives is that real time is no longer a nice to have, right? Nobody wants a less data, slower. That ability to deliver real-time data, real-time analytics is critical for businesses in any company as we're seeing. And you're probably seeing this as a CRO, every company becoming a software company, or leaning to. >> Absolutely, yeah. Some of our biggest customers are major SAS providers. So if you work for a business that is using ServiceNow, one of the largest SAS companies in the world, you're using MariaDB every day, billions and billions of transactions by service, now on an hourly basis and it's all in the cloud. So when we look at how we've evolved to this point, we're offering services to companies big and small, we're being tested by companies like ServiceNow and their infrastructure on a regular basis. >> What are some of the trends that you're seeing as we... And 22 months or so in this pandemic, what are some of the market trends that you're seeing from a scalability perspective? And what is it that a distributed SQL database can deliver to help customers meet those trends? >> Well, certainly, I think when you look at what is a good database for the cloud in the future, it really does need to have the features that make applications work. So you had mentioned analytical databases and transactional databases. One thing that is inherent to our strategy, is the ability to use hybrid approach to transactional and analytical because a lot of applications are both at the end of the day. And why use two different databases in order to get there? Right? Our database is lightweight and fast. It's portable. It's reliable and familiar to the customer and versatile in the workload. So those are the things that are trending at the conclusion of sort of this year going into next year, as we roll out more technology in subsequent versions, we'll just enhance those capabilities, make it possible for even more and more workloads to find their way into SkySQL. >> And talk about the adoption of cloud, the acceleration. We've been talking about that a lot in the last year and a half about the acceleration of digital transformation, the acceleration to cloud. It was so critical for so many businesses, especially if you think of the SAS adoption, the collaboration tools, but what are some of the things that you're seeing? How are you helping customers on that migration journey? >> Yeah. So migration is a key element there. there are customers leading older proprietary database technology. There are customers trying to enhance their cloud experience and go from the early cloud databases up to more modern architectures. And so migration is a constant activity that we work with our customers on. And so over the years, just as a matter of course, we've become better and better at getting database workloads from proprietary, older databases, even other open source databases onto MariaDB, so that we can consume those workloads and get those in the cloud and make them work for customers better than they ever have before. >> And I'm curious as the Chief Revenue Officer, how your customer conversations have evolved in the last year or so, where is cloud database security? Where are those things with respect to the level of conversations that you're having with customers? And is that conversation going up the stack? >> Yeah, so the security has always been a key cornerstone of the database industry, really, when you think about it, database is information assurance and confidentiality is a key tenant to information security and information assurance in general. So it's always an ever present in the discussion. MariaDB is enhancing its list of compliance that we've gone through, like SOC 2, we're on the precipice of that. We've got ISO certifications and we have US Department of Defense install guys that are secure for a MariaDB. All sorts of activity around that, to make it possible for customers to standardize on MariaDB. We have customers that have taken out every ounce of their legacy, relational database, the older incumbents, and replace that with lighter weight MariaDB, because we have the security qualifications, but we also meet their functional needs and their information assurance needs. And so that's whats made us really successful. >> In addition to compliance, you talked about this database being beautiful. You described what you meant by that, but also you said least expensive. So I'm wondering from a business outcome perspective, are customers all across the board, reducing TCO, leveraging MariaDB? >> Absolutely. And in cases where we displace a proprietary database, the TCO can reduce by as much as 90%. And so it's very attractive to customers that are looking for the next wave. Not only do we take them to a lower cost, but we bring them to a more modern multi-cloud architecture. So AWS is our primary focus for certain in this conversation but also just generally because there's such a huge install base. But they do like the option of being able to say, "Hey, I can use this database on any cloud. It works everywhere. And the vendor that makes it is supporting it in all environments." So for us, that's a huge strong point in terms of what makes our business run. >> And we're seeing so much, we're talking so much about Hybrid, Hybrid IT, Hybrid Cloud, Hybrid work from anywhere environments. So I imagine MariaDB runs on, obviously AWS, but Azure, Google cloud platform, so that customers that are in that multi-cloud world and those that will be can take advantage of the services. >> That's correct. So Azure is in our near term pipeline or roadmap for the cloud, but we're already present in GCP and we're available in other clouds as well. >> Excellent. So talk to me a little bit about what customers can do. Can they test out MariaDB? Can they test out SkySQL, Xpand? If so, where do they go? How do they get their hands on it? >> Right, so existing AWS customers, they can get to SkySQL on the AWS marketplace, right? It's incredibly easy. AWS customers go to the marketplace. They can find us by doing a search. But not to be outdone, there are customers that aren't on AWS and they can come to MariaDB.com. You can start SkySQL there and select AWS as the deployment cloud and try it for free. It's super cool. It's really easy. >> I'm just curious. What's the typical deployment time from the free trial POC to deployment? What do you normally see from a time distinct band perspective? >> Oh yeah, customers are up and running with a live database in just a few minutes. >> Minutes? >> Yep. >> Minutes up to 90% TCO. Big business outcomes there that affect every business in every industry. John, we appreciate you coming on, talking to us about MariaDB, the solutions that you offer, and how you're partnering with AWS and where folks can go to get started. >> Thank you. >> He's Jon Bakke. I'm Lisa Martin. You're watching theCUBE's continuous coverage of AWS re:Invent 2021. Stick around, more coverage coming up next. (peaceful music)

(upbeat music) >> Hey everyone, I'm John Furrier with The Cube, we're here in Palo Alto, California for a remote interview and session for The Cube presents AWS startup showcase, the next big thing in AI security in life sciences. I'm John Furrier. We're here with a great segment on cloud. Next big thing in Cloud with Chaos Search, Thomas Hazel, Chief Technology and Science Officer of Chaos Search joined by Jeremy Foran, the head of data analytics, the bad boy of data analyst as they say, but BAI communications, Jeremy Thomas, great to have you on. >> Great to be here. >> Pleasure to be here. >> So we're going to be talking about applying large scale log analytics to building the future of the transit industry. Obviously Telco's a big part of that, smart cities, you name the use case self-driving trucks, cars, you name it, everything's now edge. That the edge is super valuable, it's a new kind of last mile if you will, it's moving fast, it's mobile. This is a huge deal. Let's get into it, Thomas. What's this big story around this, this session? >> Well, we provide unique ability to take all that edge data and drive it into a data lake offering that we provide data analytics, both in logs, BI and coming out with ML there this year into next. So our unique play is transforming customers' cloud outer storage into an analytical platform. And really, I think with BIA is a log analytics specifically where, you know there's a lot of data streams from all those devices going into a lake that we transform their lake into analytics for driving, I guess, operational analysis. >> You know, Jeremy, I remember back in the day, I'm old enough to remember when the edge was the remote switch or campus hub or something. And then even on the Telco side, there was no wifi back in 2000 and you know, someone was driving in a car and you got any signal, you're lucky. Now you got, you know, no perimeter you have unlimited connectivity everywhere. This has opened up more of an Omni channel data problem. How do you see that world? Because you still got more devices pushing out at this edge and it's getting super local, right? Even on the body, even on people in the car. So certainly a lot of change on the infrastructure side. What does that pose for data challenge? >> Yeah, I, I would say that, you know users always want more, more bandwidth, more performance and that requires us to create more systems that require more complexity to deliver that user experience that we're, we're very proud of. And with that complexity means, you know exponentially more data. And so one of the wifi networks we offer in the Toronto subway system, T-connect, you know we see a 100-200,000 unique users a day and you can imagine just the amount of infrastructure to support that so that everyone has a seamless experience and can get their news and emails and even stream media while they're waiting for the subway. >> So you guys provide state of the art infrastructure for cell, wifi, broadcast, radio, IP networks, basically I mean, I call it the smart city kind of go-to. But that's basically anything involving kind of that edge piece. This is a huge thing. So as smart cities are on the table, which and you seeing 5G being called more of an enterprise app where there's feeding large dense areas of people this is now a new modern version of what I would call the, the smart city blueprint. What's changed in your mind on this whole modernization of this smart city infrastructure concept? What's new? What's cutting edge? >> Yeah. I would say that, you know there was an explosion of data and a lot of our insights aren't coming from one system anymore. It's coming from collecting data from all of the different pieces, the different infrastructure whether that's your fiber infrastructure or your wireless infrastructure, and then to solve problems you need to correlate data across those systems. So we're seeing more and more technologies that allow you to do that correlation. And that's really where we're finding tons of value, right? >> Thomas, take us through what you guys do as a, as a, as a product, a value proposition, the secret sauce, and and why I'm here with Jeremy? Why is this conversation important for the folks watching? What's the connection between Chaos Search and BAI communication? >> Well, it's data, right? And lots of it. So our unique platform allows people like Jeremy to stream all this data, right? In you know, today's world terabytes go to petabytes really easily, billions go to trillion really easily, and so providing the analysis of that data for their operations is challenging particularly based on technology and architectures that have been around for a long time. So what we do here at Chaos Search is the ability for BIA to stream all these devices, all these services into one centralized data lake on their cloud outer storage, where we connect to that cloud outer storage and transform it into an analytical database to do, in this case log analytics and do it seamlessly, easily where a new workload a new stream just streams into that lake. And we, as a service take over, we discover we index it and publish well-known open API and visualization so that they can focus on their business, not all the operational data pipeline, database and data engineering type work that again, at these types of scales is is frankly a nightmare. >> You know, one of the things that we've always observed on The Cube when you see new things come out that are really cool groundbreaking products like you guys are doing it's always a challenge to manage the cost and complexity of bringing in the new. So Jeremy, take us through this tech stack here because you know, it's, sometimes it might be unwieldy just in from a tech stack perspective, nevermind the business logic or the business processes that got to be either unwound or changed. Can you take us through the IT stack that's critical to support your, your area? >> Yeah, absolutely. So with all the various different equipment you know, to provide our public wifi and and our desks, carrier agnostic, LT and 5G networks, you know, we need to be able to adhere to PCI compliance and ISO 27,000, so that, you know, requires us to keep a tremendous amount of our data. And the challenge we were facing is how do we do that cost effectively, and not have to make any sort of compromises on how we do that? A lot of times you'll find you don't know the value of your data today until tomorrow. An example would be COVID. You know, we, when we were storing data two years ago we weren't planning for a pandemic, but now that we were able to retain that data and look back we can see a tremendous amount of value with trying to forecast how our systems will recover when things get back to normal. And so when I met Thomas and we were sort of talking about how we were going to solve some of these data retention problems, he started explaining to me their compression in some of the performance metrics of their profession. And, you know, I said, oh, middle out compression. And it was a bit, it's been a bit of a running joke between me and him and I'm sure others, but it's incredibly impressive the amount of data we're able to store at the kind of cost, right? >> What, what problem does, did he solve for you? Because I mean, these guys, honestly, you know the startups have a lot and the Cloud's enabling more value now, we're seeing this, but when you look at this what was your, what was your core problem that you had? >> Yeah, so we, when you we want to be able to, I mean, primarily this is for our CIS log server. And CIS long servers today aren't what they were 10, 15 years ago where you just sort of had a machine and if something broke you went and looked, right? Now, they're very complex, that data is feeding to various systems and third-party software. So, you know, we're actively looking for changes in patterns and we have our, you know security teams auditing these from, for penetration testing and such. And then the getting that data to S3 so that we could have it in case, you know, for two, three years of storage. Well, the problem we were facing is all of that all of these different systems we needed to feed and retain data, we couldn't do that on site. We wanted to do use S3 but when we were doing some projections, it's like, we, we don't really have the budget for all of these places. Meeting Thomas and, and working with Chaos Search, you know, using their compression brought those costs down drastically. And then as we've been working with them the really exciting thing is they we're bringing more and more features to that surface or offering. So, you know, first it was just storing that data away. And now we're starting to build solutions off of that sitting in storage. So that's where it gets really exciting because you know, there, it's nothing to start getting anomaly detection off those logs, which, you know originally it was just, we need to store them in case somebody needs them two, three years from now. >> So Thomas Thomas, if I get this right then what I'm hearing is obviously I've put aside the complexity and the governing side the regulations for a minute just generally. Data retention as, as a key value proposition and having data available when you need it and then to do that and doing it in a very cost-effective simple way. It sounds like what you guys are offering. Is that right? >> Yeah, I mean, one key aspect of our solution is retention, right? Those are a lot of the challenges, but at the same time we provide real time notification like a classic log analytic type platform, alerting, monitoring. The key thing is to bringing both those worlds together and solving that problem. And so this, you know, middle in middle out, well, to be frank, we created a new technology called what we call Chaos Index that is a database index that is wonderfully small as as we're indicating, but also provides all the features that makes Cloud object storage, high performance. And so the idea is that use this lake offering to store all your data in a cost effective way but our service allows you to analyze it both in a long retention perspective as well as real-time perspective and bringing those two worlds together is so key because typically you have Silo Solutions and whether it's real-time at scale or retention scale the cost complexity and time to build out those solutions I know Jeremy knows also, well, a lot of folks come to us to solve those problems because you know when you're dealing with, you know terabytes and up, you know these things get complicated and to be frank, fall over quite often. >> Yeah. Let me, let me just ask you the question that's probably on everyone's mind who's watching and you guys probably have both heard this many times, because a lot of people just throw the data lake solution around like it's, you know why they whitewash their kind of old legacy solutions with data lake, store it on data lake. It's been called a data swamp. So people are fearful that, okay. I love this idea of a data lake, who doesn't like throwing data into a repository, having it available at will with notifications, all this secret magic beans that just magically create value. But I doubt that, I don't want to turn into a data swamp. So Thomas and Jeremy, talk about that, that concern. How do you mitigate that? How do you talk to that? Because if done properly, there's huge value in having a control plane or some sort of data system that is going to be tied in with signals and just storage retention. So I see the value. How do you manage the concern that people might say, Hey, I don't want to date a swamp? >> Yeah, I'll jump into that. So, you know, let's just be frank, Hadoop was a great tool for a very narrow scenario. I think that data swamp came out because people were using the tooling in an incorrect way. I've always had the belief that data lakes are the future. You just have the right to have the right service the right philosophy to leverage it. So what we do here at Chaos Search is we allow you to organize it, discover it, automatically index that data so that swamp doesn't get swampy. You know, when you stream data into your lake how do you organize it, such that it's has a nice stream? How do you transform that data into a value? So with our service we actually start where the storage begins, not a end point, not an archive. So we have tooling and services that keep your lake from being swampy to be, to be clear. And, but the key value is the benefits of the lake, the cost effectiveness, the reliability, security, the scale, those are all the benefits. The problem was that no one really made cloud offer storage a first-class citizen and we've done that. We've dressed the swamp nature but provided all the value of analysis. And that cost metrics, that scale. No one can touch cloud outer storage, it just, you can't. But what we've done is cracked the code of how you make it analytical. >> Jeremy, I want to get your thoughts on this too, on your side I mean, as a practitioner and customer of, of of these solutions, you know, the concern is am I missing anything? And I've been a big proponent of data retention for many, many years. You know, Dave Alondra in our Cube knows all know that I bang on the table all the time, store your data, be a data hoarder, because it's going to come back and be valuable. Costs are going down so I'm a big fan of data retention. But the fear might be on, what am I missing? Because machine learning starts to come in down the road you got AI, the more data you have that's accessible in real time, the more machine learning is effective. Do you, do you worry about missing anything or do you just store everything? >> We, we store everything. Sometimes it's, it's interesting where the value and insights come from your data. Something that see, might seem trivial today down the road offers tremendous, tremendous value. So one of the things we do is provide because we have wifi in the subway infrastructure, you know taking that wifi data, we can start to understand the flow of people in and out of the subway network. And we can take that and provide insights to the rail operators, which get them from A to B quicker. You know, when we built the wifi it wasn't with the intention of getting Torontonians across the city faster. But that was one of the values that we were able to get from the data in terms of, you know, Thomas's solution, I think one of the reasons we we engaged him in the first place is because I didn't believe his compression. It sounded a little too good to be true. And so when it was time to try them out, you know all we had to do was ship data to an S3 bucket. You know, there's tons of, of solutions to do that. And, and data shippers right out of the box. It took a few, you know, a few minutes and then to start exploring the data was in Cabana, which is or their dashboard, which is, you know, an interface that's easy to use. So we were, you know, within a two days getting the value out of that data that we were looking for which is, you know, phenomenal. We've been very happy. >> Thomas, sounds like you've got a great, great testimonial here and it's not like an easy problem that he's living in there. I mean, I think, you know, I was mentioning this earlier and we're going to get into it now. There's regulations and there's certain compliance issues. First of all, everyone has this now problem now, it's not just within that space. But just the technical complexities of packets moving around I got on my wifi and the stop here, I'm jumping over here, and there's a ton of data it's all over the place, it's totally unstructured. So it's a tough, tough test for you guys, Chaos Search. So yeah, it's almost like the Mount Everest of customer testimonials. You've got to, it's a big, it's a big use case here. How does this translate to other clients? And talk about this governance and security controls because I know this highly regulated and you got there's penalties involved on his side of the world and Telco, the providers that have these edge devices there's actually penalties and, and whatnot so, not just commercial, it's maybe a, you know risk management, but here there's actually penalties. >> Absolutely. So, you know centralizing your data has a real benefit of of not getting in trouble, right? So you have one place, you store one place that's a good thing, but what we've done and this was a key aspect to our offering is we as Chaos, Chaos Search folks, we don't own the customer's data. We don't own BIA's data. They own the data. They give us access rights, very standard way with Cloud App storage roll on policies from Amazon, read only access rights to their data. And so not owning a customer's data is a big selling point not only for them, but for us for compliance regulatory perspective. So, you know, unlike a lot of solutions where you move the data into them and now they are responsible, actually BIA owns everything. We, they provide access so that we could provide an analysis that they could turn off at any point in time. We're also SOC 2 type 1 and type 2 compliant you got to do it, you know, in this, this world, you know when we were young we ran at this because of all of these compliance scenarios that we will be in, but, you know, the long as short of it is, we're transient service. The storage, cloud storage is the source of truth where all data resides and, you know, think about it, it's architecturally smart, it's cost effective, it's secure, it's reliable, it's durable. But from a security perspective, having the customer own their own data is a big differentiation in the market, a big differentiation. >> Jeremy, talk about on your end the security controls surrounding the log management environments that span across countries with different regulations. Now you've got all kinds of policy dimensions and technical dimensions and topology dimensions. >> Yeah, absolutely. So how we approach it is we look at where we have offerings across the globe and we figure out what the sort of highest watermark level of adherence we need to hit. And then we standardize across that. And by shipping to S3, it allows us to enforce that governance really easily and right to Tom's point you know, we manage the data, which is very important to us and we don't have to be worried about a third party or if we want to change providers years down the road. Although I don't think anyone's coming out with 81% compression anytime soon (laughs). But yeah, so that's, for us, it's about meeting those high standards and having the technologies that enable us to do it. And Chaos Search is a very big part of that right now. >> All right let me ask you a question, for the folks watching that are like really interested in this topic, what would you say to them when evaluating Chaos Search obviously, your use case is complex, but so are others as enterprises start to have an edge, obviously the security posture shifts, everything shifts. There's no more perimeter and the data problem becomes acute to them. So the enterprises are going to start seeing what you've been living for in your world. What's your advice to people watching? >> My advice would be to give them a try. You know, it's it's has been really quite impressive. The customer service has been hands-on and we've been getting, you know, they've been under-promising and over-delivering, which when you have the kind of requirements to manage solutions in these very complex environment, cloud local, you know various data centers and such, you know that kind of customer service is very important, right? It enables us to continue to deliver those high quality solutions. >> So Thomas give us the, the overview of the secret sauce. You've got a great testimonial here. You got people watching, what's different now in the world that you're going after, what wave are you on? Talk to the people who are watching this and saying, okay why Chaos Search? Why are you relevant? Obviously there's some cool things you're doing. I love that. What's cool, and what's relevant and why what's in it for them if they work with you? >> Yeah. So you know, that that whole Silicon Valley reference actually got that from my patent attorney when we were talking. But yeah, no, we, we, you know, focus on if we can crack this code of making data, one a face small, store small, moves small, process small. But then make it multimodal access make it virtual transformation. If we could do that, and we could transform cloud outer storage into a high-performance medical database all these heavy, heavy problems, all that complexity that scaffolding that you build to do these type of scales would be solved. Now what we had to focus on and this has been my, I guess you say life passion is working on a new data representation. And that's our secret sauce that enables a new architecture a new service that where the customer folks on their tooling, their APIs, their visualizations that they know and love, what we focus is on taking that data lake, and again, to transform it into an analytical database, both for log analytics think of like elastic search replacement, as well as a BI replacement for your SQL warehousing database. And coming out later this year into 2022, ML support on one representation. You don't have the silo your information you don't have to re index your data, both. So elastic search CQL and actually ML TensorFlow actions on the exact same representation. So think about the data retention, doing some post analysis on all those logs of data, months, years, and then maybe set up some triggers if you see some anomaly that's happening within your service. So you think about it, the hunt with BI reporting, with predictive analysis on one platform. Again, it sounds a little unicorn, I agree with Jeremy, maybe it didn't sound true but it's been a life's work. So it didn't happen overnight. And you know, it's eight years, at least in the in the making, but I guess the life journey in the end. >> Well, you know, the timing is great. You know, all the database geeks out there who have been following the data industry know that, you know there's a good point for structured data but when you start getting into mechanisms and they become a bottleneck or a blocker to innovation, you know you starting to see this idea of a data lake being let the data kind of form, let it be. You know, I hate the word control plane but more of a, a connective tissue between systems is become an interesting thing. So now you can store everything so you know, no worries there, no blind spots and then let the magic of machine learning in the future, come around. So Jeremy, with that, I got to ask you since you're the bad boy of data analytics at BAI communications head of data analytics, what does that, what do you look for in the future as you start to set this up because I can almost imagine and connecting the dots here in the interview, you got the data lake you're storing everything, which is good. Now you have to create more insights and get ahead of the curve and provide some prescriptive and automated ways to do things better. What's your vision? >> First I would just like to say that, you know when astrophysicists talk about, you know, dark dark energy, dark matter, I'm convinced that's where Thomas is hiding the ones and zeros to get that compression, right? I don't don't know that to be fact but I know it to be true. And then in terms of machine learning and these sort of future technologies, which are becoming available you know, starting from scratch and trying to build out you know, models that have value, you know that takes a fair amount of work. And that landscape keeps changing, right? Being able to push our data into an S3 bucket and then you know, retain that data and then get anomaly detection on top of it. That's, I mean, that's something special and that unlocks a lot of ability for you know, our teams to very easily deliver anomaly detection, machine learning to our customers, without having to take on a lot of work to understand the latest and greatest in machine learning. So, I mean, it's really empowering to our team, right? And, and a tool that we're going to. >> Yeah, I love and I love the name, Chaos Search, Thomas. I got to say, you know it brings up the inside baseball around chaos monkey which everyone knows was a DevOps tool to create kind of day two simulate day two operations and disruptions in DevOps. But what you're really getting at is your whole new architecture that's beyond DevOps movement, it's like next gen architecture. Talk about that to the people watching who have a lot of legacy and want to transform over to a more enabling platform that's going to give them some headroom for their data. What, what do you say to them? How do they get started? What, how should they, how what's their mindset? What they, what are some first principles you can share? >> Well, you know, I always start with first principles but you know, I like to say we're the next next gen. The key thing with the Chaos Search offering is you can start today with B, without even Chaos Search. Stream your data to S3. We're going to make hip and cool data lakes again. And actually it's a, Google it now, data lakes are hip and cool. So start streaming now, start managing your data in a well-formed centralized viewpoint with security governance and cost effectiveness. Then call Chaos Search shop, and we'll make access to it easily, simply to ultimately solve your problems. The bug whether your security issue, the bug, whether it's more performance issues at scale, right? And so when workloads can be added instantaneously in your data lake it's, it's game changing it's mind changing. So from the DevOps folks where, you know, you're up all night trying to say, how am I going to scale from terabyte, you know one today to 50 terabytes, don't. Stream it to S3. We'll take over, we'll worry about that scale pain. You worry about your job of security, performance, operations, integrity. >> That really highlights the cloud scale the value proposition as, as apps start to be using data as an input, not just as a a part of a repo repo, so great stuff. Thomas, thanks for sharing your life's work and your technology magic. Jeremy, thanks for coming on and sharing your use cases with us and how you are making it all work. Appreciate it. >> Thank you. >> My pleasure. >> Okay. This is The Cubes, coverage and presenting AWS this time showcase the next big thing here with Chaos Search. I'm John Furrier, your host. Thanks for watching. (upbeat music)

(upbeat electronic music) >> Hello, everyone. Welcome to theCUBE's presentation of the AWS Startup Showcase. The Next Big Thing in AI, Security, and Life Sciences. In this segment, we feature Orca Security as a notable trend setter within, of course, the security track. I'm your host, Dave Vellante. And today we're joined by Gil Geron. Who's the co-founder and Chief Product Officer at Orca Security. And we're going to discuss how to eliminate cloud security blind spots. Orca has a really novel approach to cybersecurity problems, without using agents. So welcome Gil to today's sessions. Thanks for coming on. >> Thank you for having me. >> You're very welcome. So Gil, you're a disruptor in security and cloud security specifically and you've created an agentless way of securing cloud assets. You call this side scanning. We're going to get into that and probe that a little bit into the how and the why agentless is the future of cloud security. But I want to start at the beginning. What were the main gaps that you saw in cloud security that spawned Orca Security? >> I think that the main gaps that we saw when we started Orca were pretty similar in nature to gaps that we saw in legacy, infrastructures, in more traditional data centers. But when you look at the cloud when you look at the nature of the cloud the ephemeral nature, the technical possibilities and disruptive way of working with a data center, we saw that the usage of traditional approaches like agents in these environments is lacking, it actually not only working as well as it was in the legacy world, it's also, it's providing less value. And in addition, we saw that the friction between the security team and the IT, the engineering, the DevOps in the cloud is much worse or how does that it was, and we wanted to find a way, we want for them to work together to bridge that gap and to actually allow them to leverage the cloud technology as it was intended to gain superior security than what was possible in the on-prem world. >> Excellent, let's talk a little bit more about agentless. I mean, maybe we could talk a little bit about why agentless is so compelling. I mean, it's kind of obvious it's less intrusive. You've got fewer processes to manage, but how did you create your agentless approach to cloud security? >> Yes, so I think the basis of it all is around our mission and what we try to provide. We want to provide seamless security because we believe it will allow the business to grow faster. It will allow the business to adopt technology faster and to be more dynamic and achieve goals faster. And so we've looked on what are the problems or what are the issues that slow you down? And one of them, of course, is the fact that you need to install agents that they cause performance impact, that they are technically segregated from one another, meaning you need to install multiple agents and they need to somehow not interfere with one another. And we saw this friction causes organization to slow down their move to the cloud or slow down the adoption of technology. In the cloud, it's not only having servers, right? You have containers, you have manage services, you have so many different options and opportunities. And so you need a different approach on how to secure that. And so when we understood that this is the challenge, we decided to attack it in three, using three periods; one, trying to provide complete security and complete coverage with no friction, trying to provide comprehensive security, which is taking an holistic approach, a platform approach and combining the data in order to provide you visibility into all of your security assets, and last but not least of course, is context awareness, meaning being able to understand and find these the 1% that matter in the environment. So you can actually improve your security posture and improve your security overall. And to do so, you had to have a technique that does not involve agents. And so what we've done, we've find a way that utilizes the cloud architecture in order to scan the cloud itself, basically when you integrate Orca, you are able within minutes to understand, to read, and to view all of the risks. We are leveraging a technique that we are calling side scanning that uses the API. So it uses the infrastructure of the cloud itself to read the block storage device of every compute instance and every instance, in the environment, and then we can deduce the actual risk of every asset. >> So that's a clever name, side scanning. Tell us a little bit more about that. Maybe you could double click on, on how it works. You've mentioned it's looking into block storage and leveraging the API is a very, very clever actually quite innovative. But help us understand in more detail how it works and why it's better than traditional tools that we might find in this space. >> Yes, so the way that it works is that by reading the block storage device, we are able to actually deduce what is running on your computer, meaning what kind of waste packages applications are running. And then by con combining the context, meaning understanding that what kind of services you have connected to the internet, what is the attack surface for these services? What will be the business impact? Will there be any access to PII or any access to the crown jewels of the organization? You can not only understand the risks. You can also understand the impact and then understand what should be our focus in terms of security of the environment. Different factories, the fact that we are doing it using the infrastructure itself, we are not installing any agents, we are not running any packet. You do not need to change anything in your architecture or design of how you use the cloud in order to utilize Orca Orca is working in a pure SaaS way. And so it means that there is no impact, not on cost and not on performance of your environment while using Orca. And so it reduces any friction that might happen with other parties of the organization when you enjoy the security or improve your security in the cloud. >> Yeah, and no process management intrusion. Now, I presume Gil that you eat your own cooking, meaning you're using your own product. First of all, is that true? And if so, how has your use of Orca as a chief product officer help you scale Orca as a company? >> So it's a great question. I think that something that we understood early on is that there is a, quite a significant difference between the way you architect your security in cloud and also the way that things reach production, meaning there's a difference, that there's a gap between how you imagined, like in everything in life how you imagine things will be and how they are in real life in production. And so, even though we have amazing customers that are extremely proficient in security and have thought of a lot of ways of how to secure the environment. Ans so, we of course, we are trying to secure environment as much as possible. We are using Orca because we understand that no one is perfect. We are not perfect. We might, the engineers might, my engineers might make mistakes like every organization. And so we are using Orca because we want to have complete coverage. We want to understand if we are doing any mistake. And sometimes the gap between the architecture and the hole in the security or the gap that you have in your security could take years to happen. And you need a tool that will constantly monitor your environment. And so that's why we are using Orca all around from day one not to find bugs or to do QA, we're doing it because we need security to our cloud environment that will provide these values. And so we've also passed the compliance auditing like SOC 2 and ISO using Orca and it expedited and allowed us to do these processes extremely fast because of having all of these guardrails and metrics has. >> Yeah, so, okay. So you recognized that you potentially had and did have that same problem as your customer has been. Has it helped you scale as a company obviously but how has it helped you scale as a company? >> So it helped us scale as a company by increasing the trust, the level of trust customer having Orca. It allowed us to adopt technology faster, meaning we need much less diligence or exploration of how to use technology because we have these guardrails. So we can use the richness of the technology that we have in the cloud without the need to stop, to install agents, to try to re architecture the way that we are using the technology. And we simply use it. We simply use the technology that the cloud offer as it is. And so it allows you a rapid scalability. >> Allows you allows you to move at the speed of cloud. Now, so I'm going to ask you as a co-founder, you got to wear many hats first of a co-founder and the leadership component there. And also the chief product officer, you got to go out, you got to get early customers, but but even more importantly you have to keep those customers retention. So maybe you can describe how customers have been using Orca. Did they, what was their aha moment that you've seen customers react to when you showcase the new product? And then how have you been able to keep them as loyal partners? >> So I think that we are very fortunate, we have a lot of, we are blessed with our customers. Many of our customers are vocal customers about what they like about Orca. And I think that something that comes along a lot of times is that this is a solution they have been waiting for. I can't express how many times I hear that I could go on a call and a customer says, "I must say, I must share. "This is a solution I've been looking for." And I think that in that respect, Orca is creating a new standard of what is expected from a security solution because we are transforming the security all in the company from an inhibitor to an enabler. You can use the technology. You can use new tools. You can use the cloud as it was intended. And so (coughs) we have customers like one of these cases is a customer that they have a lot of data and they're all super scared about using S3 buckets. We call over all of these incidents of these three buckets being breached or people connecting to an s3 bucket and downloading the data. So they had a policy saying, "S3 bucket should not be used. "We do not allow any use of S3 bucket." And obviously you do need to use S3 bucket. It's a powerful technology. And so the engineering team in that customer environment, simply installed a VM, installed an FTP server, and very easy to use password to that FTP server. And obviously two years later, someone also put all of the customer databases on that FTP server, open to the internet, open to everyone. And so I think it was for him and for us as well. It was a hard moment. First of all, he planned that no data will be leaked but actually what happened is way worse. The data was open to the to do to the world in a technology that exists for a very long time. And it's probably being scanned by attackers all the time. But after that, he not only allowed them to use S3 bucket because he knew that now he can monitor. Now, you can understand that they are using the technology as intended, now that they are using it securely. It's not open to everyone it's open in the right way. And there was no PII on that S3 bucket. And so I think the way he described it is that, now when he's coming to a meeting about things that needs to be improved, people are waiting for this meeting because he actually knows more than what they know, what they know about the environment. And I see it really so many times where a simple mistake or something that looks benign when you look at the environment in a holistic way, when you are looking on the context, you understand that there is a huge gap. That should be the breech. And another cool example was a case where a customer allowed an access from a third party service that everyone trusts to the crown jewels of the environment. And he did it in a very traditional way. He allowed a certain IP to be open to that environment. So overall it sounds like the correct way to go. You allow only a specific IP to access the environment but what he failed to to notice is that everyone in the world can register for free for this third-party service and access the environment from this IP. And so, even though it looks like you have access from a trusted service, a trusted third party service, when it's a Saas service, it's actually, it can mean that everyone can use it in order to access the environment and using Orca, you saw immediately the access, you saw immediately the risk. And I see it time after time that people are simply using Orca to monitor, to guardrail, to make sure that the environment stays safe throughout time and to communicate better in the organization to explain the risk in a very easy way. And the, I would say the statistics show that within few weeks, more than 85% of the different alerts and risks are being fixed, and think it comes to show how effective it is and how effective it is in improving your posture, because people are taking action. >> Those are two great examples, and of course they have often said that the shared responsibility model is often misunderstood. And those two examples underscore thinking that, "oh I hear all this, see all this press about S3, but it's up to the customer to secure the endpoint components et cetera. Configure it properly is what I'm saying. So what an unintended consequence, but but Orca plays a role in helping the customer with their portion of that shared responsibility. Obviously AWS is taking care of this. Now, as part of this program we ask a little bit of a challenging question to everybody because look it as a startup, you want to do well you want to grow a company. You want to have your employees, you know grow and help your customers. And that's great and grow revenues, et cetera but we feel like there's more. And so we're going to ask you because the theme here is all about cloud scale. What is your defining contribution to the future of cloud at scale, Gil? >> So I think that cloud is allowed the revolution to the data centers, okay? The way that you are building services, the way that you are allowing technology to be more adaptive, dynamic, ephemeral, accurate, and you see that it is being adopted across all vendors all type of industries across the world. I think that Orca is the first company that allows you to use this technology to secure your infrastructure in a way that was not possible in the on-prem world, meaning that when you're using the cloud technology and you're using technologies like Orca, you're actually gaining superior security that what was possible in the pre cloud world. And I think that, to that respect, Orca is going hand in hand with the evolution and actually revolutionizes the way that you expect to consume security, the way that you expect to get value, from security solutions across the world. >> Thank You for that Gil. And so we're at the end of our time, but we'll give you a chance for final wrap up. Bring us home with your summary, please. >> So I think that Orca is building the cloud security solution that actually works with its innovative aid agentless approach to cyber security to gain complete coverage, comprehensive solution and to gain, to understand the complete context of the 1% that matters in your security challenges across your data centers in the cloud. We are bridging the gap between the security teams, the business needs to grow and to do so in the paste of the cloud, I think the approach of being able to install within minutes, a security solution in getting complete understanding of your risk which is goes hand in hand in the way you expect and adopt cloud technology. >> That's great Gil. Thanks so much for coming on. You guys doing awesome work. Really appreciate you participating in the program. >> Thank you very much. >> And thank you for watching this AWS Startup Showcase. We're covering the next big thing in AI, Security, and Life Science on theCUBE. Keep it right there for more great content. (upbeat music)

>> Announcer: From theCUBE studios in Palo Alto and Boston, connecting with thought leaders all around the world. This is a CUBE Conversation. >> Hello. Welcome to today's session of the AWS Startup Showcase, The Next Big Thing in AI, Security & Life Sciences. Today featuring TetraScience for the life sciences track. I'm your host Natalie Erlich, and now we are joined by our special guests, Michelle Bradbury, VP of Product at TetraScience, as well as Mike Tarselli, the Chief Scientific Officer at TetraScience. We're going to talk about the R&D Data Cloud movement in life sciences, unlocking experimental data to accelerate discovery. Thank you both very much for joining us today. >> Thank you for having us. >> Yeah, thank you. Great to be here. >> Well, while traditionally slower to adopt cloud technology in R&D, global pharmas are now launching digital lab initiatives to improve time to market for therapeutics. Now, can you discuss some of the key challenges still facing big pharma in terms of digital transformation? >> Sure. I guess I'll start in. The big pharma sort of organization that we have today happens to work very well in its particular way, i.e., they have some architecture they've installed, usually on-premises. They are sort of tentatively sticking their foot into the cloud. They're learning how to move forward into that, and in order to process and automate their data streams. However, we would argue they haven't done enough fast enough and that they need to get there faster in order to deliver patient value and efficiencies to their businesses. >> Well, how specifically, now for Michelle, can R&D Data Cloud help big pharma in this digital transformation? >> So the big thing that large pharmas face is a couple different things. So the ecosystem within large pharma is a lot of diverse data types, a lot of diverse file types. So that's one thing that the data cloud handles very well to be able to parse through, harmonize, and bring together your data so that it can be leveraged for things like AI and machine learning at large-scale, which is sort of the other part where I think one of the large sort of challenges that pharma faces is sort of a proliferation of data. And what cloud offers, specifically, is a better way to store, more scalable storage, better ability to even tier your storage while still making it searchable, maintainable, and offer a lot of flexibility to the actual pharma companies. >> And what about security and compliance, or even governance? What are those implications? >> Sure. I'll jump into that one. So security and compliance, every large pharma is a regulated industry. Everyone watching this probably is aware of that. And so we therefore have to abide by the same tenets that they would. So 21 CFR Part 11 compliance, getting ready for GXP ready systems, And in fact, doing extra certifications around a SOC 2 Type 2, ISO 9001, really every single regulation that would allow our cloud solution to be quality, ready, inspectable, and really performant for what needs to be done for an eventual FDA submission. >> And can you also speak about some of the advances that we're seeing in machine learning and artificial intelligence, and how that will impact pharma, and what your role is in that at TetraScience? >> Sure. I'll pass this one to Michelle first. >> I was going to say I can take that one. So one of the things that we're seeing in terms of where AI and ML will go with large pharma is their ability to not only search and build models against the data that they have access to right now, which is very limited in the way they search, but the ability to go through the historical amount of data, the ability to leverage mass parallel compute on top of these giant data clusters, and what that means in terms of not only faster time to market for drugs, but also, I think, more accurate and precise testing coming in the future. So I think there's so much opportunity for this really data-rich vertical and industry to leverage in a lot of the modern tooling that it hasn't been able to leverage so far. >> And Mike, what would you say are the benefits that a fully automated lab could bring with increased fairness and data liquidity? >> Yeah, sure. Let's go five years into the future. I am a bench chemist, and I'm trying to get some results in, and it's amazing because I can look up everything the rest of my colleagues have ever done on this particular project with a single click of a button in a simple term set in natural language. I can then find and retrieve those results, easily visualize them in our platform or in any other platform I choose to use. And then I can inspect those, interrogate those, and say, "Actually, I'm going to be able to set up this automation cascade." I'll probably have it ready by the afternoon. All the data that's returned to me through this is going to be easily integratable, harmonized, and you're going to be able to find it, obviously. You're going to interoperate it with any system, so if I suddenly decide that I need to send a report over to another division in their preferred vis tool or data system of choice, great! I click three buttons, configure it. Boom. There goes that report to them. This should be a simple vision to achieve even faster than five years. And that data liquidity that enables you to sort of pass results around outside of your division, and outside of even your sort of company or division, to other who are able to see it should be fairly easy to achieve if all that data is ingested the right way. >> Well, I'd love to ask this next question to both of you. What is your defining contribution to the future of cloud scale? >> Mike, you want to go first? >> (chuckles) I would love to. So right now the pharmaceutical and life sciences companies, they aren't seeing data increase linearly. They're seeing it increase exponentially, right? We are living in the exabyte era, and really have on the internet since about 2016. It's only going to get bigger, and it's going to get bigger in a power law, right? So you're going to see, as sequencing comes on, as larger form microscopy comes on, and as more and more companies are taking on more and more data about each individual sample, retaining that data for longer, doing more analytics of that data, and also doing personalized medicine, right, more data about a specific patient, or animal, or cell line. You're just going to see this absolute data explosion. And because of that, the only thing you can really do to keep up with that is be in the cloud. On-prem, you will be buying disk drives and out of physical materials before you're going to outstrip the data. Michelle? >> Yeah. And, I think, to go along with not just the data storage scale, I think the compute scale. Mike is absolutely right. We're seeing personalized drugs. We're seeing customers that want to, within a matter of three, four hours, get to a personalized drug for patients. And that kind of scale on a compute basis not just requires a ton of data, but requires mass compute ability to be able to get it right, right? And so it really becomes this marriage of getting a huge amount of data, and getting the mass compute to be able to really leverage that per patient. And then the one thing that... Sort of enabling that ecosystem to come centrally together across such a diverse dataset is sort of that driving force. If you can get the data together but you can't compute it, if you can compute it but you can't get it together, it all needs to come together. Otherwise it just doesn't work. >> Yeah. Well, on your website you have all these great case studies, and I'd love it if you could outline some of your success stories for us, some specific, concrete examples. >> Sure. I'll take one first, and then they'll pass to Michelle. One really great concrete example is we were able to take data format processing for a biotech that had basically previously had instruments sitting off in a corner that they could not connect, were integratable for a high throughput screening cascade. We were able to bring them online. We were able to get the datasets interpretable, and get literally their processing time for these screens from the order of weeks to the order of minutes. So they could basically be doing probably a couple hundred more screens per year than they could have otherwise. Michelle? >> We have one customer that is in the process of automating their entire lab, even using robotics arms. So it's a huge mix of being able to ingest IoT data, send experiment data to them, understand sampling, getting the results back, and really automating that whole process, which when they even walked me through it, I was like, "Wow," and I'm like, "so cool." (chuckles) And there's a lot of... I think a lot of pharma companies want, and life science companies, want to move forward in innovation and do really creative and cool things for patients. But at the end of it, you sort of have to also realize it's like their core competency is focusing on drugs, and getting that to market, and making patients better. And we're just one part of that, really helping to enable that process and that ecosystem come to life, so it's really cool to watch. >> Right, right. And I mean, in this last year we've seen how critical the healthcare sector is to people all over the world. Now, looking forward, what do you anticipate some of the big innovations in the sector will be in the next five years, and where do you see TetraScience's role in that? >> So I think some of the larger innovations are... Mike mentioned one of them already. It's going to be sort of the personalized drugs the personalized health care. I think it is absolutely going to go to full lab automation to some degree, because who knows when the next pandemic will hit, right? And we're all going to have to go home, right? I think the days of trying to move around data manually and trying to work through that is just... If we don't plan for that to be a thing of the past, I think we're all going to do ourselves a disservice. So I think you'll see more automation. I think you'll see more personalization, and you'll see more things that leverage larger amounts of data. I think where we hope to sit is really at the ecosystem enablement part of that. We want to remain open. That's one of the cornerstones. We're not a single partner platform. We're not tied to any vendors. We really want to become that central aid and the ecosystem enabler for the labs. >> Yeah, to that point- >> And I'd also love to get your insight. >> Oh! Sorry. (chuckles) Thank you. To that point, we're really trying to unlock discovery, right? Many other horizontal cloud players will do something like you can upload files, or you can do some massive compute, but they won't have the vertical expertise that we do, right? They won't have the actual deep life sciences dedication. We have several PhDs, postdocs, et cetera, on staff who have done this for a living and can do this going forward. So you're going to see the realization of something that was really exciting in sort of 2005, 2006, that is fully automated experimentation. So get a robot to about an experiment, design it, have a human operator assist with putting together all the automation, and then run that over and over again cyclically until you get the result you want. I don't think that the compute was ready for that at the time. I don't think that the resources were up to snuff, but now you can do it, and you can do it with any tool, instrument, technique you want, because to Michelle's point, we're a vendor-agnostic partner networked platform. So you can actually assemble this learning automation cascade and have it run in the background while you go home and sleep. >> Yeah, and we often hear about automation, but tell us a little bit more specifically what is the harmonizing effect of TetraScience? I mean, that's not something that we usually hear, so what's unique about that? >> You want to take that, or you want me to go? >> You go, please. (chuckles) >> All right. So, really, it's about... It's about normalizing and harmonizing the data. And what does that... What that means is that whether you're a chromatography machine from, let's say Waters, or another vendor, ideally you'd like to be able to leverage all of your chromatography data and do research across all of it. Most of our customers have machinery that is of same sort from different customers, or sorry, from different vendors. And so it's really the ability to bring that data together, and sometimes it's even diverse instrumentation. So if I track a molecule, or a project, or a sample through one piece, one set of instrumentation, and I want to see how it got impacted in another set of instrumentation, or what the results were, I'm able to quickly and easily be able to sort of leverage that harmonized data and come to those results quickly. Mike, I'm sure you have a- >> May I offer a metaphor from something outside of science? Hopefully that's not off par for this, but let's say you had a parking lot, right, filled with different kinds of cars. And let's say you said at the beginning of that parking lot, "No, I'm sorry. We only have space right here for a Ford Fusion 2019 black with leather interior and this kind of tires." That would be crazy. You would never put that kind of limitation on who could park in a parking lot. So why do specific proprietary data systems put that kind of limitation on how data can be processed? We want to make it so that any car, any kind of data, can be processed and considered together in that same parking lot. >> Fascinating. Well, thank you both so much for your insights. Really appreciate it. Wonderful to hear about R&D Data Cloud movement in big pharma, and that of course is Michelle Bradbury, VP of Product at TetraScience, as well as Mike Tarselli, the Chief Scientific Officer at TetraScience. Thanks again very much for your insights. I'm your host for theCUBE, Natalie Erlich. Catch us again for the next session of the AWS Startup Session. Thank you. (smooth music)

>> Hello everyone, and welcome back to theCUBEs coverage of the Snowflake Data Cloud Summit 2020. We're tracking the rise of the data cloud Sunny Bedi is here with me. He's the CIO and Chief Data Officer for Snowflake. Sunny, thanks for making the time today. Good to see you. >> Same here, Dave. Thanks for having me over. >> Yeah, so you're welcome. So before we get into it, I got to ask you, I mean, you recently left Nvidia to join Snowflake. I mean(chuckles) one of the few companies that are almost as hot as Snowflake, how come? >> Well, you know Dave I joined Nvidia 12 years ago. I was there for 12 years, when Nvidia was less than 2000 people company. And Nvidia have an unbelievable growth trajectory, and then from 2000 employees to 16,000, when I left in December of 2019. And Snowflake kind of provided the same opportunity to come in, and help scale the company. I thrive in an environment where I can be creative, I thrive in an environment where I can build things, I can scale things, I can grow things. And its been just a perfect opportunity to come and repeat that success over here. >> Awesome, Well we wish you the best. Talk about your role a little bit. I mean, it's like totally unique. I mean, especially in certain smaller organizations that have the same person, in the role of Chief Information Officer and Chief Data Officer, but, which are you? Are you more CIO, CDO, how do you balance that out? >> I would say that I'm both, to be an effective CIO, you need immersion with automation, you need immersion with data, you need immersion with security, and you also need immersion with compliance. So if all of these things are together, things are integrated. You have a cohesive way of handling all the pieces that come together. We believe if you keep them separated, you create silos and we definitely don't want silos. We want integration. We want seamless integration to drive and scale the company for future. >> I always felt-- >> So my time is balanced between both areas. >> I mean, I always felt like a lot of the CIOs I talked to, they'd love to get more involved in the data, but they're just too busy trying to keep the lights on. So, maybe what are your thoughts on the priorities of each hats CIO and CDO? >> Yeah, so look, I mean, I think because we're a full cloud company, we don't have anything on-prem. I don't have any workloads on-prem. we don't have a data center. I really don't have to worry about all the operational challenges that you have to deal with being an on-prem company. So the cycles that I can be involved from a transformation prospect, driving transformation for the company, both on the data side, as well as on the IT side. I have that cycles to invest that time and energy into both areas. Typically in a traditional company, which has not yet migrated towards the cloud, a major portion of their bandwidth gets wasted. CIOs bandwidth and IT professionals bandwidth gets wasted, in dealing with the operational challenges that you have in an on-prem environment. So having not to worry about that over here, it gives me all the cycles to be investing my time on both areas. >> Yeah, a lot of wasted IT labor over the decades. Let me ask you, how is running a data company? We were inside of a fast moving Silicon Valley Tech Company. What are the similarities and the differences from some of the customers? I mean, on the one hand, you're moving faster than your customers at least most of them, and you don't have the technical that you just described, CX on Nirvana. On the other hand, you're an example of what's possible. You can sort of set the best practice mark. How do you see that dynamic? >> So, in our firm world-class IT organization, it needs to be data-driven, it needs to be highly automated, it needs to enable world-class user experience, and then to secure and make the environment compliant resilient. The cloud platform that we have, inside Snowflake, allows us to achieve all of that. Now that is, an ideal situation to be in. But you don't have to deal with, all the on-prem type of workloads. So finding that balance is what we're going after. And, however this is a journey, right. For other companies who are not on the cloud, its a journey. They have to prioritize that. They have to start moving things to the cloud, and that's where we are different and similar, right. We're different that we don't have to worry about that. Everything is in the cloud for us. And then, that's kind of how we see it. >> So, you know, used to call it the dogfooding segment, but Oliver Bussmann was the CIO of SAP. So no, no, Dave, we call it drinking your own champagne. (laughs) which is how you guys are referring to it. But, sometimes still in such situations you're (laughs) inside the sausage factory, which is good in a way because you see it before it goes into production. But, so what's your journey with, with Snowflake been like? >> Yeah, so that's a really good question. That's a major portion of what I do at work. And, let's start with the first principles of we believe, that we want to measure everything in the company, that's important for companies performance. If we measure the right things, we believe we can drive the best outcomes. We are driven through those first principles and we leveraged our business applications, our data, our security, our automation, and our compliance to integrate with our product to power, all these use cases and workloads. In our own environment, we call that snow house. Which is nothing but a Snowflake instance. So, for all the new products that we are coming into market with, we work very closely with the engineering team, with the product management team, to make sure that we actually become customer zero, and try to use as much functionality of that, inside our own enterprise and give as much feedback to our engineering and our product management teams, so that they can make the customer one experience to be world-class. So that's kind of in a nutshell how we go to market with those products. >> So you're customer zero. So all the product guys that they suck up to you, or are they afraid of you? (laughs) >> Well, I think it's a very neutral, beneficial relationship. So, they know that my team's feedback, is important to how they are kind of shaping up the product, and it's just not necessarily IT, right. We have folks in finance, folks in sales, marketing, everybody is drinking the champagne, right. And IT and the data team actually enabled that deployment, but the use cases are pretty much in the entire enterprise of the company in every aspect of it. Well you know-- >> Including security. >> Well, that's what we say. We always talk about alignment, but it's like, it's almost alignment by design, as opposed to being this forced thing. I'm interested in this, sort of Snowflake on Snowflake concept that you guys talk about. What were your objectives going in and maybe thinking about the outcomes, what did you expect? Did you work backwards from that? What were you trying to achieve? >> Yeah, I mean, look again back to the first principles. We believe we want to measure everything that's important to our business. That will drive the right outcomes. We then layer the application layer. We then overlay the business process layer. We then overlay the compliance and security layer. And the end result really is operationalizing Snowflake internally to drive our business, making the right choices, right decisions for the company. So we have a ton of use cases that are just ideal, using Snowflake on Snowflake. You know I can give you some examples of that if you like, >> Yes. >> But, >> Go on please. >> Security being one of the biggest use cases. We use the entire monitoring and remediation work that goes in the security compliance world, all through Snowflake. And we are finding real time events through data sharing, with our key suppliers. And we're ensuring that we're protecting our environment as much as possible with that whole infrastructure. >> You talked about layering, governance, security, et cetera. Yeah (laughs) I'm imagining a coat of primer paint in a nice and smooth over, it's not a bolt-on. I want to press you on that, because it can't be an afterthought. And what you're describing is much more of a modern approach. And I want you to totally differentiate between the layers that you talked about and what you've surely seen in your experience over the years as a bolt-on, what's the difference? >> Well, I mean the security wall, there's a lot of data, and a lot of the data that is critical to your environment. You want to make sure it is fully complete, you're getting it in the right hands, in the right platform to understand that, and doing the correlation work that needs to happen real time. Our platform allows all that data to be ingested and real time and anything that is suspicious, that's being out there. We're finding that stuff in real time. The monitoring has to be real time. And if there is an event, somebody needs to take an action real time. So the platform allows it to integrate altogether. And basically, the suppliers that we're using are also doing data sharing with us on this platform. So it makes the whole security remediation to be really really fantastic experience. >> Well I think too, I'd to share often with my audience when I talk to practitioners that are using Snowflake they, surprising to me when I first heard this, they said, "Well we choose Snowflake as the security," and I went, what! But the simplicity and the workflow is simpler, and it just means less human labor involved in setting these things up. So I wonder if you could talk about the team that you put together, the culture that you're building, and what's the makeup look like? >> Sure, so are you specifically asking about the characteristics of how we're building up the culture? >> Yeah, absolutely. >> Okay, so I think we're looking for, obviously very much high energy folks, people who have, high accountability, they're data-driven. We want to measure everything that's important to us. We're looking for folks who have situational awareness, and then finally high sense of urgency. I think all of these elements, allows IT organization to be integrated with the business. In large traditional companies, IT organizations kind of disintegrate with the business. We want to integrate with the business, to drive the best outcomes that are needed for the company. >> I Want to ask you about some of your favorite use cases, but you mentioned measurement. How do you measure? What are you measuring? >> Sure, so I would say that, let's just take security. Cause we talked about security. Let's just use security as a use case. So in security, there are many different frameworks, as you may know, right. There is the NIST framework, there is the CIS framework, there is an ISO framework. We have adopted towards a CIS framework inside Snowflake. That framework has 20 controls and that 20 controls has another 20 sub-controls. So we're talking about 400 controls potentially. Not every control is applicable to us, but majority of them are. And so for every control, there is a source of data, that's being ingested in Snowflake. I'll give you an example of that is asset management. So, asset management for end points, asset management for our servers, or asset management for our network gear. All of that data gets ingested inside Snowflake. We measure that. We can tell you exactly how many end points I have. I can tell you exactly when an employee gets onboarded, what laptop we have given them, when the employee leaves the company, I'll be collecting that laptop back on time, I'll be revoking all that access. That's part of CIS Control 1 as an example, and we're measuring all of that. And I can tell you exactly at my real time inside Snowflake. How effective I am for that specific control. That's just an example of that Dave. Now imagine 400 of these items that make up the whole security CIS framework. You want to measure everything on that 400 controls or 400 sub-controls. And you want to make sure that if any of that control is not being managed properly, you're alerted about it and you're remediating it to prevent a security issue that may pop up. >> Awesome, visibility and automation component. Are you a CSO too Sunny? We don't really have that title. We don't really have a CSO title, but I do wear a security hat as well. It's actually a joint responsibility between... I manage the corporate security. The product security is inside the product team, but we use the same common framework. We use the same common telemetry. We use the same common methodology. Incident management response teams are very similar, and it's all powered through a Snowflake. >> Awesome. Sunny Bedi you're great guests, I would imagine the sales guys love dragging you on zooms these days to sales calls, just to (laughs) share best practice, but love to have you back and continue the conversation. Sunny Bedi, really appreciate your time. Thank you. >> Thank you Dave. Thank you very much. >> All right, keep it right there everybody. We'll be right back with our next guest, right after this short break.

>>LA from Las Vegas. It's the cube covering AWS reinvent 2019 brought to you by Amazon web services and along with its ecosystem partners. >>Welcome back to Vegas, Lisa Martin with John farrier. We are live at AWS reinvent in the expo hall at the sands convention center. There's tons of people in here. You could probably hear some of the background AWS expecting 65,000 or so folks. John, how many of those 65,000 and have you talked to in the last two days? >>Well, I can hear all the conversations happening at once. It's about hybrid cloud, IOT edge data, machine learning. my head's going to come. >>I was going to say lots of cool stuff. John and I are pleased to be joined by Greg Coralville, the VP of products and strategy for Blackberry Q. Next group. Welcome to the program >>to be here with 65,000 of our closest friends. >>His friends. Exactly. So Blackberry, cute X. What's it all about? >>What's it all about? Well, we do software. We do embedded software for mission critical systems at this event, at the AWS reinvent over showing a software and a really cool car, a karma, and we're connecting it to the AWS IOT backend services and showing some really, really cool use cases. Some of which are near term summer, which are a bit longer term are pretty exciting. Take a quick minute to describe Kunis. Is background acquired by Blackberry system history legacy? Exactly. Just take a quick minute to explain that. So we were founded in 1980 and then developing software for mission critical devices and medical, industrial. And then we started developing software for automotive in 1998 so we've been in automotive for about 20 years and developing originally an infotainment and then digital instrument clusters, telematic systems, gateways, safety systems, acoustics systems, pretty much becoming the software platform in the car because in the car, the car, the software is to be reliable, safe, secure. >>So we're trusted to deliver that. In automotive, we were acquired by Blackberry in 2010 and we're bringing the best of Blackberry and automotive and all of our other markets. So Lisa and I always talk about IOT is RPA automation. All this stuff's going on. But one of the things that comes up is we're trying to grok what's the software development environment in the cloud, in the car, and a Amazon one by having great API APIs. Yep. That was one of their core design principles. Is there a similar design principle from a car standpoint? Because if I'm an app developer, I just love, I have my mobile app sit on the car, right? But I don't want to have to become an expert on all the nuances of is there a connector? So is there going to be multiple platforms? What's the, what's the principle? Can you explain that a great question and great observation. >>So cars traditionally have been proprietary, pretty much closed systems and started open up with CarPlay and Android auto or all of a sudden you saw your mobile device being able to communicate with the car and now I could run Android apps, I could run iOS apps and started to open it up a bit. And now what you've seen is cars are becoming more connected, they're becoming more automated, eventually autonomous. Um, they're definitely, and what you're seeing in the car is in order for that car to really evolve and to offer connected services and shared mobility and the electrification that's occurring, the automotive industry is going through a disruption. We've all heard that and it really is true. So to the point where the electronics in the car, the networks in the car, the software in the car, it's getting completely redesigned and you're seeing a lot more high end processors. >>You're seeing safety critical systems, which have always been in cars, but now you're seeing a lot more complexity. And that speaks to exactly what we do. So where that car's going, if you think about it, is moving to more of a software platform. You have applications and mobile devices. Why? Because you've got Android and you've got iOS. That car is moving to that sort of a common platform where with the help of AWS connected services, the cubix Blackberry Punic software platform in the car, all of a sudden that'll open the door to that kind of environment to applications, to connected services. And that's exactly where it's going. So connectivities, it's here and it's going to be predominant through a pretty much all the vehicles coming off the line in the coming years. So you're going to see the connectivity and now we can bring the services and the apps to that vehicle. But at the same time you got to keep it safe, got to keep it secure. Gotta keep it reliable. You know, it's the classic mobile device, bingo literal device on wheels, right of two ton mobile device on wheels. >>Doc disruption sounds really cool and it's consumers. We just had this expectation that we can have whatever I want, the whole experience I want. And obviously as everything evolves, we want it to be safer and safer. And as there's laws and regulations that govern, Hey, you're going to get hefty fines if you're seeing with this device and you're driving. But disruption is really challenging, right? We talked, we got some great examples yesterday on stage with Andy Jassy of Goldman Sachs, right? How many years old are they and how they have leveraged disruption to revolutionize their consumer business or healthcare revolutionizing. I'd love to get your perspective on what are some of the automakers that are bleeding edge going, we get it. We want to work with you guys so that they understand that this the, you know, the, the mobile devices, the connected device on wheels is going to be transformative for their business. >>Good point. So first of all, every automaker we work with and we work, we work with almost 50 auto makers and we're over a hundred. We're in over 150 million vehicles and multiple systems in the cars. They're all putting safety first. That's never really changed. But that remains primary, primary objective. And to your point is how do you maintain that safety net reliability while at the same time opening the door to connectivity, making sure that vehicle is secure and resilient to attacks and whatnot. And you've seen some of those attacks in the past. And the industry is learning. Um, but that's, that's exactly what, that's what speaks to us and what we do. Same thing with AWS. If you think about what we do, we're plumbers. We, we build plumbing in the car, AWL splits, plumbing in the cloud. And I've had that call, those conversations with AWS and they're like, yeah, we're plumbers. >>And I said, so are we, we're going to get along great. But to your point, we have to keep our eye on security. Our definitely our eye on privacy and safety. And that's exactly what we do. As much as we all want the consumer apps and the connected experience at the same time, we can't compromise on that. So the good thing in automotive is there's a automotive safety standards, ISO two, six, two, six, two and whatnot, which we've certified our products to and we're going to keep doing that and keep delivering that software in the car. But that's awesome for 0.2 ton mobile device on wheels. So we got to always be aware of that. Great opportunity. People want more conduct and safety too. And that's a huge thing. Security and safety. I want to get to that in a second, but I got to ask you, um, what is the relationship that you guys have with Amazon? >>Could you explain that? And what are you guys doing at reinvent this year? Is your leg a presentation demo? Take a minute to explain the relationship between queen Nixon and Amazon web services and what you're showing here. Well, we're in the connected home exhibit. In fact, we're in the quote unquote garage where we've got a vehicle, a beautiful karma Rivero GT. And I was told it's the first time there's actually a car at reinvent. So that was pretty cool. And it's a cool car if you get a chance, come on over. And what we've done is we've taken the karma vehicle and we've actually connected it to AWS IOT. So if you think about what we do, we do software in the car, as I was saying earlier. And then we worked with the Amazon team, with the AWS team to say, okay, what can we do? So one of the things we're doing is we're doing battery monitoring and prediction in terms of the life of the battery. >>That's one of the things that we're doing. The other thing we're doing is personalized cockpit, which is, which is pretty exciting. And, and the last thing we're doing is kind of a business to business demonstration, um, where it's data orchestrations. If you think about the vehicle, there's a lot of sensors on the vehicle, a lot of information available on the vehicle. And what we're doing with AWS is pulling information from the vehicle, putting it in the cloud. And then we've got a few examples that we're using. So one of them is an application for an auto detailing company where they might want, you might want to have your vehicle detailed where we can make the position of your vehicle available, GPS, the VIN number. So the identify the identification of the vehicle. Um, and then you could actually contract with that expert detailings what we called them to come to your vehicle, clean the vehicle, detail your vehicle within a finite period of time securely. >>And then you'll get notified when it's done and whatnot. We're doing facial recognition in the vehicle and we also put some ML in machine learning in the car. We're actually showing gesture recognition where I can fold the mirrors with a, with a peace sign or victory signs. I could have the mirrors fold in. Uh, I can, I can interact with the infotainment system. I can personalize the music and whatnot. So really personalizing the cockpit. But all through the power of AWS. Sorry, what are we going to have to the car flying cars? Come on Jetsons flyers. I love this coming. Maybe not the flying carpet. Wow. Okay. Flying cars. Fine. I mean, I always say anything else that's in star Trek or star Wars will be invented. So I'm respecting some flying vehicles. All fun aside. Yeah. Now the serious conversation is safety and security. >>Worst case scenario, my car is hacked. Take over. This is a fear. Again, it's the worst. It's a doom season here. Those stories are straight. All IOT device. It's a car. How do you guys view the security posture? Um, good question. This is concerned. It might be on people's mind. Yeah. And that's what really speaks to where our company has been for almost four decades now. You know, when people would ask me, Hey, where would I find Punic software? Blackberry Punic software, I'd say almost everywhere, but the desktop. So where things have to be reliable, safe, secure work all the time. That's where you'll find our software. So factory floor, we're in laser eye surgery. Machines are in patient monitoring devices, MRI machines. And so essentially those areas which are safety critical, where safety, security and reliability, you know, our top real really industrial IOT thing, big time, big time. >>And that's the cool thing about walking around reinvent. There's all kinds of industrial devices and control. So if you go to the car now, if you think about the vehicle, same fundamental needs, reliability, safety, security, and we're trusted to deliver an automotive. So security is one of those things. It's not static. So when you, when you, when you make something that's secure, you're really building something that's resilient to attacks. So you'd be as resilient as possible to prevent attacks. And then you do whatever you can to prevent any malicious act or actions on that. So we will monitor what's going on in the system. We'll monitor any communications going to the car, for instance. So the minute we detect something a bit of normal, we can take action based on that. So that, that's absolutely key, especially given the cars connected and more and more becoming connected. >>What's the opportunity is in a trucking industry, when I think of the number of sensors on trucks, the regulations that you know for drivers safety in terms of how many hours they actually have to be able to can drive. What's the opportunity there for Q next? >>Good question. So everything we're doing in the car, which I should generalize and say a vehicle applies to trucks. So if you think about trucking or vehicles or drones or anything like that, you have multiple sensors that you have to interact with. You have to interpret that information, you have to take action based on that information. So if we look at trucking specifically, everybody knows a major shortage of truck truck, truck drivers. So when people ask me about autonomous cars and Hey, when are we going to see autonomy's vehicles? I always look at trucking and we're working with companies, trucking companies that are using our technology. And one of the first use cases that they're putting forward is something called platooning, where you'll actually have the first truck on the road with a driver and any other trucks on the road. We'll be operating autonomously essentially following like a train if you want on a highway, and then they'll have a starting location and a drop off location and that all of a sudden becomes a real world scenario, which makes use of the same sensors, LIDAR, radar cameras, et cetera. >>So from a trucking perspective, we look at it very similar to a car and automotive perspective because they need the same fundamental technologies. So pretty exciting. Like I said, what we do applies all over the place and again, all going to be connected. But grant, thanks for coming on. I really appreciate, I want to get your final thoughts, at least from my perspective on developers. When you see deep racer, you see that trend. It's kind of, they've got LIDAR, it's kind of a toy, but people geeking out on this. And so I would imagine that we're going to see an emergence of a software development environment where as a controlled sandboxes, cause yeah, they've got the concern with the industrial equipment. Exactly. Yeah. How do you balance that old school industrial mindset of, you know, IOT with the new rapid agile product development? Yeah. And to your point, we're going through that transition now. >>So this is where things like Sage maker come into play where I can develop out and develop and refine machine learning models in the cloud. You still have those tight control loops that you need and there's tools for that. So that's the deeply embedded stuff that's controlling actuators and whatnot. You still need that. But to your point, you need to be more iterative. You need to be more agile, need to develop according to the safety standards and the various industries that they might be in. So it's that is evolving and it's evolving at exactly the right pace. Really glad to see that evolution. But to your point, all of these devices are going to become interconnected. There's going to be new opportunities. And from a developer perspective, you know, we can't hire enough developers. No one can. It's really exciting whether it's IOT cloud developers or embedded developers. >>There's such an exciting future ahead. And I got to ask, this is just popped in my head. So I want to ask, cause I'm curious, um, spectrum and RF power is great, but you need connectivity to make an IOT device work, right? How do you guys, how does the car folks look at conductivity? Just when they get to a spot they can connect. So is it managing the spectrum? How are cars thinking about the connectivity? So we work very closely with the modem vendors. For instance, in today in cars you'll see Bluetooth, you'll see wifi, you'll see 4g. Obviously there's the emergence of 5g. Um, vehicle to vehicle communications is through something called DSRC. Essentially wifi 5g is going to come along, so now you're going to be able to have throughput and also what's called low latency. So quick turn around on your messages and the information being exchanged. >>So that too is evolving from a, from a QA software perspective, we'll make use of whatever modems there. But to your point, we also have to deal with the cases where I've lost connectivity. I still need that V vehicle to operate safely. And especially if you consider that the systems might be, um, uh, the systems might be connected or we don't want to make, make it such that they're dependent on that connectivity. So you have to have fail over scenarios and whatnot, but cars will become connected, devices will become connected. We're going to take advantage of that connectivity, but not be dependent on that connectivity. >>Well, Greg, please let me know when that, uh, personalized service is available so that my car can be found and detailed. They'd find it right in my driveway going lady, please. It's been a pleasure, a really cool stuff. Blackberry Kunis thank you for joining John. We'll be, we'll have to go check out that car for John furrier. I'm Lisa Martin. You're watching the cube live in Vegas at AWS. Reinvent 19. Thanks for watching.

>> Narrator: From Miami Beach, Florida, it's theCUBE, covering Acronis Global Cyber Summit 2019. Brought to you by Acronis. >> Okay, welcome back everyone. It's theCUBE's two day coverage of Acronis' Global Cyber Summit 2019, here in Miami Beach, at the Fontainebleau Hotel. I'm John Furrier, host of theCUBE. We're with Katya Fisher, Partner Chief and Chief Privacy Officer at Greenspoon Marder. Legal advice is right here on theCUBE, ask her anything. We're going to do a session here. Thanks for coming on, appreciate it. >> Thank you very much, I'm going to have to do the little disclaimer that all lawyers do, which is, nothing here is to be construed as advice. It's just opinions and information only. >> I didn't mean to set you up like that. All kidding aside, you closed for the panel here for Acronis' conference. Obviously, cyber protection's their gig. Data protection, cyber protection. Makes sense, I think that category is evolving from a niche, typical enterprise niche, to a much more holistic view as data becomes you know, critical in the security piece of it. What was on the, what were you guys talking about in the panel? >> Well, so, the first issue that you have to understand is that cyber protection is something that has now become critical for pretty much every individual on the planet, as well as governments. So something that we talked about on the panel today was how governments are actually dealing with incoming cyber threats. Because now, they have to take a look at it from the perspective of, first of all, how they themselves are going to become technologically savvy enough to protect themselves, and to protect their data, but also, in terms of regulation and how to protect citizens. So, that was what the panel discussion was about today. >> On the regulatory front, we've been covering on SiliconANGLE, our journalism site, the innovation balance, is regulatory action helpful or hurtful to innovation? Where is the balance? What is the education needed? What's your thoughts on this, where are we? I mean early stages, where's the progress? What needs to get done? What's your view on the current situation? >> So, I'm an attorney, so my views are perhaps a bit more conservative than some of the technologists you might speak with and some of my clients as well. I think that regulation is, as a general matter, it can be a good thing. And it can be quite necessary. The issues that we see right now, with regard to regulation, I think one of the hottest issues today is with respect to data laws and data privacy laws. And that's obviously something that I think everyone is familiar with. I mean take a look at, in the United States alone. We've seen the city of Baltimore dealing with breaches. We've seen other parts of the government, from the Federal level all the way down to municipalities, dealing with breaches in cyber attacks. We've seen data breaches from banks, Capital One, right? I believe Dunkin' Donuts suffered a breach. Equifax, and then at the same time we've also seen individuals up in arms over companies like 23andMe and Facebook, and how data is used and processed. So data seems to be a very very hot button issue today across the board. So something that we're really thinking about now is, first of all, with respect to the regulatory climate, how to deal with it, not only in the United States, but on a global level, because, when we talk about technology and the internet right, we're in an era of globalization. We're in an era where a lot of these things go across boarders and therefore we have to be mindful of the regulatory regimes in other places. So, I'll give you an example. You might be familiar with the GDPR. So the GDPR is in the European Union. It's been in effect now for the last year and a half, but it affects all my U.S. clients. We still have to take a look at the GDPR because at the end of the day my clients, my firm, might be dealing with foreign companies, foreign individuals, companies that have some sort of nexus in the European Union, et cetera. So because of that, even though the GDPR is a set of regulations specific to the European Union, it becomes extremely important in the context of the United States and globally. At the same time, the GDPR has certain issues that then end up conflicting often times with some of the regulations that we have here in the United States. So, for example, the right to be forgotten is perhaps the most famous clause or part of the GDPR and the right to be forgotten is this concept in the GDPR that an individual can have information erased about him or her in order to protect his or her privacy. The problem is that from a technical's perspective, first of all, it's an issue because it becomes very very difficult to figure out where data is stored, if you're using third-party processors, et cetera. But from a regulatory perspective, the conflict comes in when you take a look at certain U.S. laws. So take a look for example at banking regulations in the United States. Banks have to hold some types of data for seven years and other types of data they can never delete. Right? Lawyers. I am licensed by the New York State Bar Association. Lawyers have their own rules and regulations with regard to how they store data and how they store information. HIPAA, medical records. So, you see these conflicts and there are ways to deal with them appropriately, but it becomes some food for thought. >> So it's complicated. >> It's really complicated >> There's a lot of conflicts. >> Yeah. >> First of all, I talked to a storage guy. He's like data? I don't even know which drive that's on. Storage is not elevated up to the level of state-of-the-art, from a tracking standpoint. So, it's just on the business logic is complicated. I can't imagine that. So, I guess my question to you is that, are you finding that the jurisdictional issue, is it the biggest problem, in terms of crossport and the business side or is the technical underpinnings, that with GDPR's the problem or both? What's your-- >> I mean it's both, right? They're a lot of issues. You're right, it's very complicated. I mean, in the United States we don't have some sort of overarching federal law. There's no cyber protection law in the United States. There's no overarching data protection law. So, even in the U.S. alone, because of federalism, we have HIPAA and we have COPPA which protects children and we have other types of acts, but then we also have state regulations. So, in California you have the California Privacy Act. In New York you have certain regulations with regard to cyber security and you have to deal with this patchwork. So, that becomes something that adds a new layer of complexity and a new layer of issues, as we take a look, even within the U.S. alone, as to how to deal with all of this. And then we start looking at the GDPR and all of this. From a technical perspective. I'm not a technologist, but. >> Katya, let me ask you a question on the (mumbles) and business front. (mumbles) I think one of the things. I'm saying it might or may not be an issue, but I want to get your legal weigh-in on this. >> Katya: Sure. >> It used to be when you started a company, you go to Delaware, very friendly, domicile in Delaware, do some formation there, whether you're a C corp or whatever, that's where we tend to go, raise some money, get some preferred stock, you're in business. >> Is there a shift in where companies with domicile, their entity, or restructure their companies around this complexity? Because, there's two schools of thought. This brute force act, everything coming at you, or you restructure your corporate formation to handle some of the nuances, whether it's I have a Cayman or a Bermuda... whatever's going on in the regulatory regime, whether it's innovative or not. Are people thinking like that? Or, what's your take on it? What's some of the data you're seeing from the field around, restructuring around the problem? >> So, with respect to restructuring, specifically around data laws and data protection laws, I'm not seeing too much of that, simple because of the fact that regulations like the GDPR are just so all-encompassing. With respect to companies setting up in Delaware as opposed to other jurisdictions, those are usually based on two issues, right, two core ones, if I can condense it. One has to do with the court system and how favorable a court system is to the corporation, and the second is taxes. So, a lot of times when you see companies that are doing all of this restructuring, where they're setting up in offshore zones, or et cetera, it's usually because of some sort of a tax benefit. It might be because of the fact that, I don't know, for example, intellectual property. If you have a company that's been licensing IP to the United States, there's a 30% withholding tax when royalties are paid back overseas. So a lot of times when you're looking at an international structuring, you're trying to figure out a jurisdiction that might have a tax treaty with the United States, that will create some sort of an opportunity to get rid of that 30% withholding. So, that's where things usually come into play with regard to taxes and IP. I haven't seen yet, on the side of looking for courts that are more favorable to companies, with respect to data privacy and data protection. I just haven't seen that happen yet because I think that it's too soon. >> How do companies defend themselves against claims that come out of these new relations? I mean GDPR, I've called it the shitstorm when it came out. I never was a big fan of it. It just didn't. I mean, I get the concept, but I kind of understood the technical issues, but let's just say that you're a small growing business and you don't have the army of lawyers or if someone makes a claim on you, I have to defend it. How are companies defending themselves? Do they just shut down? Do they hire you guys? I mean, obviously lawyers need to be involved. But, at some point there's a line of where having a U.S. company and someone consumes my media in Germany and it says, hey I'm a German citizen. You American company, delete my records. How does that work? Do I have to be responsible for that? I mean, what's? >> So, it's really case-by-case basis. First of all, obviously, with regard to what I was talking about earlier, with respect to the fact that there are certain regulations in the U.S. that conflict with GDPR and the right to be forgotten. If you can actually assert a defense and sort of a good reason for why you have to maintain that information, that's step one. Step two is, if it's some complaint that you received, is to delete the person's information. There's an easier way to do it. >> Yeah, just do what they want. >> Just comply with what they want. If somebody wants to be off of a mailing list, take them off the mailing list. The third is, putting in best practices. So, I'm sure a lot of things that people see online, it's always great to go ahead and obtain legal counsel, even if you're consulting with a lawyer just for an hour or two, just to really understand your particular situation. But, take a look at privacy policies online. Take a look at the fact that cookies now have a pop-up whenever you go to a website. I'm sure you've noticed this, right? >> John: Yeah. So, there are little things like this. Think about the fact that there are, what is known as clickwrap agreements. So, usually you have to consent. You have to check a box or uncheck a box with respect to reading privacy policies, being approved for having your email address and contact information somewhere. So, use some common sense. >> So, basically don't ignore the prompt. >> Don't ignore the problem. >> Don't ignore it. Don't stick your head in the sand. It'll bite you. >> Correct. And the thing is, to be honest, for most people, for most small companies, it's not that difficult to comply. When we start talking about mid-size and large businesses, the next level, the next step, obviously beyond hiring attorneys and the like, is try to comply with standards and certifications. For example, there's what is known as ISO standards. Your company can go through the ISO 27001 certification process. I think it costs around approximately $20,000. But, it's an opportunity to go ahead, go through that process, understand how compliant you are, and because you have the certification, you're then able to go to your customers and say, hey, we've been through this, we're certified. >> Yeah. Well, I want to get, Katya, your thoughts, as we wrap up on this segment, around Crypto and Blockchain. Obviously, we're bullish on Blockchain. We think this is a supply chain. (mumbles) Blockchain can be a good force, although some think there's some work needs to be done on the whole energy side of it, which is, we would agree. But, still. I'm not going to make that be a wet blanket of excitement. But cryptocurrency has been fraudulent. It's been. The SCC's been cracking down in the U.S., in the news. Lieber's falling apart, although, I called that separately, but, (laughing) it had nothing to do with that Lieber. It was more of Facebook, but. Telegram. We were talking about that, others. People are getting handcuffed on this stuff. They're really kind of clamping down. But, overseas in Asia, it's still an unregulated, seems to be (mumbles) kind of market. Your advice to clients was to shy away, be careful? >> My advice to clients is as follows. First of all, Blockchain and cryptocurrency are not the same thing. Right? Cryptocurrency is a use case coming out of Blockchain technology. I think that in the United States, the best way to think about it is to understand that the term cryptocurrency, from a regulatory perspective, is actually a misnomer. It's not a currency. It's property. Right? It's an asset. It's digital assets. So, if you think about it the same way that we think of shares in a company, it's actually much easier to become compliant, because, then you can understand that it's going to be subject to U.S. securities laws, just like other securities. It's going to be taxed, just like securities are taxed, which means that it's going to be subject to long and short-term capitol gain, and it's also going to be subject to the other regulatory restrictions that are adherent to securities, both on the federal and state level. >> It's interesting that you mentioned security. The word security. If you look back at the ICO craze, internet coin offerings, crypto offerings, whatever you call it, The people who got whacked the most were the ones that went out as a utility tokens. Not to get nerdy on this, but utility and security are two types of tokens. The ones that went out and raised money as the utility token had no product, raised money using the utility that doesn't exist. That's essentially a security. And, so, no wonder why they're getting slapped. >> They're securities. Look, Bitcoin, different story, because Bitcoin is the closest to being I guess, what we could consider to be truly decentralized, right? And the regulatory climate around Bitcoin is a little bit different from what I'm talking about, with respects to securities laws. Although, from a tax perspective, it's the same. It's taxed as property. It's not taxed the way that foreign currency is taxed. But ultimately, yeah. You had a lot of cowboys who went out, and made a lot of money, and were just breaking the law, and now everyone is shocked when they see what's going on with this cease-and-desist order from the SCC against Telegram, and these other issues. But, none of it is particularly surprising because at the end of the day we have regulations in place, we have a regulatory regime, and most people just chose to ignore it. >> It's interesting how fast the SCC modernized their thinking around this. They really. From a speed standpoint, all government agencies tend to be glacier speed kind of movement. They were pretty fast. I mean, they kind of huddled on this for a couple months and came out with direction. They've been proactive. I got to say. I was usually skeptical of most government organization. I don't think they well inform. In this case, I think the SCC did a good job. >> So, I think that the issue is as follows. You know, Crypto is a very very very small portion of what the SCC deals with, so, they actually paid an inordinate amount of attention to this, and, I think that they did it for a couple of reasons. One is because, you asked me in the beginning of this interview about regulations versus innovation. And, I don't think anyone wants to stifle innovation in America. It's a very interesting technology. It's very interesting ideas, right? No one wants that to go away and no one wants people to stop experimenting and stop dreaming bigger. At the same time, the other issue that we've seen now, especially, not only with the SCC, but with the IRS now getting involved, is the fact that even though this is something very very small, they are very concerned about where the technology could go in the future. The IRS is extremely concerned about erosion of the tax space. So, because of that, it makes a lot of sense for them to pay attention to this very very early on, nip this in the bud, and help guide it back into the right direction. >> I think that's a good balance. Great point. Innovation doesn't want to be stifled at all, absolutely. What's new and exciting for you? Share some personal or business updates in your world. What's going on? What's getting you excited these days, in the field? >> What's getting me excited these days? Well, I have to tell you that one thing that actually has gotten me excited these days is the fact that the Blockchain and cryptocurrency industries have grown up, substantially. And, now we're able to take a look at those industries in tandem with the tech industry at large, because they seem to sort of be going off in a different direction, and now we're taking a look at it, and now you can really see sort of where the areas that things are going to get exciting. I look at my clients and I see the things that they're doing and I'm always excited for them, and I'm always interested to see what new things that they'll innovate, because, again, I'm not a technologist. So, for me, that's a lot of fun. And, in addition to that, I think that other areas are extremely exciting as well. I'm a big fan of Acronis. I'm a big fan of cyber protection issues, data protection, data regulation. I think something that's really interesting in the world of data regulation, that actually has come out of the Blockchain community, in a way, is the notion of data as a personal right, as personal property. So, one of the big things is the idea that now that we've seen these massive data breaches with Facebook and 23andME, and the way that big government, big companies, are using individuals' datas, the idea that if data were to be personal property, it would be used very very differently. And technologists who are using Blockchain technology say that Blockchain technology might actually be able to make that happen. Because if you could have a decentralized Facebook, let's say, people could own their own data and then use that data as they want to and be compensated for it. So, that's really interesting, right-- Yeah, but, if you're just going to use the product, they might as well own their data, right? >> Katya: Exactly. >> Katya, thanks for coming on theCUBE. Thanks for the insight. Great, compelling narrative. Thanks for sharing. >> Sure, thank you very much. >> Appreciate it. I'm John Furrier here on theCUBE, Miami Beach, at the Fontainebleau hotel for Acronis' Global Cyber Summit 2019. We'll be back with more coverage after this short break.