(upbeat music) >> The stampede to cloud and massive VC investments has led to the emergence of a new generation of object store based data lakes. And with them two important trends, actually three important trends. First, a new category that combines data lakes and data warehouses aka the lakehouse is emerged as a leading contender to be the data platform of the future. And this novelty touts the ability to address data engineering, data science, and data warehouse workloads on a single shared data platform. The other major trend we've seen is query engines and broader data fabric virtualization platforms have embraced NextGen data lakes as platforms for SQL centric business intelligence workloads, reducing, or somebody even claim eliminating the need for separate data warehouses. Pretty bold. However, cloud data warehouses have added complimentary technologies to bridge the gaps with lakehouses. And the third is many, if not most customers that are embracing the so-called data fabric or data mesh architectures. They're looking at data lakes as a fundamental component of their strategies, and they're trying to evolve them to be more capable, hence the interest in lakehouse, but at the same time, they don't want to, or can't abandon their data warehouse estate. As such we see a battle royale is brewing between cloud data warehouses and cloud lakehouses. Is it possible to do it all with one cloud center analytical data platform? Well, we're going to find out. My name is Dave Vellante and welcome to the data platform's power panel on theCUBE. Our next episode in a series where we gather some of the industry's top analysts to talk about one of our favorite topics, data. In today's session, we'll discuss trends, emerging options, and the trade offs of various approaches and we'll name names. Joining us today are Sanjeev Mohan, who's the principal at SanjMo, Tony Baers, principal at dbInsight. And Doug Henschen is the vice president and principal analyst at Constellation Research. Guys, welcome back to theCUBE. Great to see you again. >> Thank guys. Thank you. >> Thank you. >> So it's early June and we're gearing up with two major conferences, there's several database conferences, but two in particular that were very interested in, Snowflake Summit and Databricks Data and AI Summit. Doug let's start off with you and then Tony and Sanjeev, if you could kindly weigh in. Where did this all start, Doug? The notion of lakehouse. And let's talk about what exactly we mean by lakehouse. Go ahead. >> Yeah, well you nailed it in your intro. One platform to address BI data science, data engineering, fewer platforms, less cost, less complexity, very compelling. You can credit Databricks for coining the term lakehouse back in 2020, but it's really a much older idea. You can go back to Cloudera introducing their Impala database in 2012. That was a database on top of Hadoop. And indeed in that last decade, by the middle of that last decade, there were several SQL on Hadoop products, open standards like Apache Drill. And at the same time, the database vendors were trying to respond to this interest in machine learning and the data science. So they were adding SQL extensions, the likes Hudi and Vertical we're adding SQL extensions to support the data science. But then later in that decade with the shift to cloud and object storage, you saw the vendor shift to this whole cloud, and object storage idea. So you have in the database camp Snowflake introduce Snowpark to try to address the data science needs. They introduced that in 2020 and last year they announced support for Python. You also had Oracle, SAP jumped on this lakehouse idea last year, supporting both the lake and warehouse single vendor, not necessarily quite single platform. Google very recently also jumped on the bandwagon. And then you also mentioned, the SQL engine camp, the Dremios, the Ahanas, the Starbursts, really doing two things, a fabric for distributed access to many data sources, but also very firmly planning that idea that you can just have the lake and we'll help you do the BI workloads on that. And then of course, the data lake camp with the Databricks and Clouderas providing a warehouse style deployments on top of their lake platforms. >> Okay, thanks, Doug. I'd be remiss those of you who me know that I typically write my own intros. This time my colleagues fed me a lot of that material. So thank you. You guys make it easy. But Tony, give us your thoughts on this intro. >> Right. Well, I very much agree with both of you, which may not make for the most exciting television in terms of that it has been an evolution just like Doug said. I mean, for instance, just to give an example when Teradata bought AfterData was initially seen as a hardware platform play. In the end, it was basically, it was all those after functions that made a lot of sort of big data analytics accessible to SQL. (clears throat) And so what I really see just in a more simpler definition or functional definition, the data lakehouse is really an attempt by the data lake folks to make the data lake friendlier territory to the SQL folks, and also to get into friendly territory, to all the data stewards, who are basically concerned about the sprawl and the lack of control in governance in the data lake. So it's really kind of a continuing of an ongoing trend that being said, there's no action without counter action. And of course, at the other end of the spectrum, we also see a lot of the data warehouses starting to edit things like in database machine learning. So they're certainly not surrendering without a fight. Again, as Doug was mentioning, this has been part of a continual blending of platforms that we've seen over the years that we first saw in the Hadoop years with SQL on Hadoop and data warehouses starting to reach out to cloud storage or should say the HDFS and then with the cloud then going cloud native and therefore trying to break the silos down even further. >> Now, thank you. And Sanjeev, data lakes, when we first heard about them, there were such a compelling name, and then we realized all the problems associated with them. So pick it up from there. What would you add to Doug and Tony? >> I would say, these are excellent points that Doug and Tony have brought to light. The concept of lakehouse was going on to your point, Dave, a long time ago, long before the tone was invented. For example, in Uber, Uber was trying to do a mix of Hadoop and Vertical because what they really needed were transactional capabilities that Hadoop did not have. So they weren't calling it the lakehouse, they were using multiple technologies, but now they're able to collapse it into a single data store that we call lakehouse. Data lakes, excellent at batch processing large volumes of data, but they don't have the real time capabilities such as change data capture, doing inserts and updates. So this is why lakehouse has become so important because they give us these transactional capabilities. >> Great. So I'm interested, the name is great, lakehouse. The concept is powerful, but I get concerned that it's a lot of marketing hype behind it. So I want to examine that a bit deeper. How mature is the concept of lakehouse? Are there practical examples that really exist in the real world that are driving business results for practitioners? Tony, maybe you could kick that off. >> Well, put it this way. I think what's interesting is that both data lakes and data warehouse that each had to extend themselves. To believe the Databricks hype it's that this was just a natural extension of the data lake. In point of fact, Databricks had to go outside its core technology of Spark to make the lakehouse possible. And it's a very similar type of thing on the part with data warehouse folks, in terms of that they've had to go beyond SQL, In the case of Databricks. There have been a number of incremental improvements to Delta lake, to basically make the table format more performative, for instance. But the other thing, I think the most dramatic change in all that is in their SQL engine and they had to essentially pretty much abandon Spark SQL because it really, in off itself Spark SQL is essentially stop gap solution. And if they wanted to really address that crowd, they had to totally reinvent SQL or at least their SQL engine. And so Databricks SQL is not Spark SQL, it is not Spark, it's basically SQL that it's adapted to run in a Spark environment, but the underlying engine is C++, it's not scale or anything like that. So Databricks had to take a major detour outside of its core platform to do this. So to answer your question, this is not mature because these are all basically kind of, even though the idea of blending platforms has been going on for well over a decade, I would say that the current iteration is still fairly immature. And in the cloud, I could see a further evolution of this because if you think through cloud native architecture where you're essentially abstracting compute from data, there is no reason why, if let's say you are dealing with say, the same basically data targets say cloud storage, cloud object storage that you might not apportion the task to different compute engines. And so therefore you could have, for instance, let's say you're Google, you could have BigQuery, perform basically the types of the analytics, the SQL analytics that would be associated with the data warehouse and you could have BigQuery ML that does some in database machine learning, but at the same time for another part of the query, which might involve, let's say some deep learning, just for example, you might go out to let's say the serverless spark service or the data proc. And there's no reason why Google could not blend all those into a coherent offering that's basically all triggered through microservices. And I just gave Google as an example, if you could generalize that with all the other cloud or all the other third party vendors. So I think we're still very early in the game in terms of maturity of data lakehouses. >> Thanks, Tony. So Sanjeev, is this all hype? What are your thoughts? >> It's not hype, but completely agree. It's not mature yet. Lakehouses have still a lot of work to do, so what I'm now starting to see is that the world is dividing into two camps. On one hand, there are people who don't want to deal with the operational aspects of vast amounts of data. They are the ones who are going for BigQuery, Redshift, Snowflake, Synapse, and so on because they want the platform to handle all the data modeling, access control, performance enhancements, but these are trade off. If you go with these platforms, then you are giving up on vendor neutrality. On the other side are those who have engineering skills. They want the independence. In other words, they don't want vendor lock in. They want to transform their data into any number of use cases, especially data science, machine learning use case. What they want is agility via open file formats using any compute engine. So why do I say lakehouses are not mature? Well, cloud data warehouses they provide you an excellent user experience. That is the main reason why Snowflake took off. If you have thousands of cables, it takes minutes to get them started, uploaded into your warehouse and start experimentation. Table formats are far more resonating with the community than file formats. But once the cost goes up of cloud data warehouse, then the organization start exploring lakehouses. But the problem is lakehouses still need to do a lot of work on metadata. Apache Hive was a fantastic first attempt at it. Even today Apache Hive is still very strong, but it's all technical metadata and it has so many different restrictions. That's why we see Databricks is investing into something called Unity Catalog. Hopefully we'll hear more about Unity Catalog at the end of the month. But there's a second problem. I just want to mention, and that is lack of standards. All these open source vendors, they're running, what I call ego projects. You see on LinkedIn, they're constantly battling with each other, but end user doesn't care. End user wants a problem to be solved. They want to use Trino, Dremio, Spark from EMR, Databricks, Ahana, DaaS, Frink, Athena. But the problem is that we don't have common standards. >> Right. Thanks. So Doug, I worry sometimes. I mean, I look at the space, we've debated for years, best of breed versus the full suite. You see AWS with whatever, 12 different plus data stores and different APIs and primitives. You got Oracle putting everything into its database. It's actually done some interesting things with MySQL HeatWave, so maybe there's proof points there, but Snowflake really good at data warehouse, simplifying data warehouse. Databricks, really good at making lakehouses actually more functional. Can one platform do it all? >> Well in a word, I can't be best at breed at all things. I think the upshot of and cogen analysis from Sanjeev there, the database, the vendors coming out of the database tradition, they excel at the SQL. They're extending it into data science, but when it comes to unstructured data, data science, ML AI often a compromise, the data lake crowd, the Databricks and such. They've struggled to completely displace the data warehouse when it really gets to the tough SLAs, they acknowledge that there's still a role for the warehouse. Maybe you can size down the warehouse and offload some of the BI workloads and maybe and some of these SQL engines, good for ad hoc, minimize data movement. But really when you get to the deep service level, a requirement, the high concurrency, the high query workloads, you end up creating something that's warehouse like. >> Where do you guys think this market is headed? What's going to take hold? Which projects are going to fade away? You got some things in Apache projects like Hudi and Iceberg, where do they fit Sanjeev? Do you have any thoughts on that? >> So thank you, Dave. So I feel that table formats are starting to mature. There is a lot of work that's being done. We will not have a single product or single platform. We'll have a mixture. So I see a lot of Apache Iceberg in the news. Apache Iceberg is really innovating. Their focus is on a table format, but then Delta and Apache Hudi are doing a lot of deep engineering work. For example, how do you handle high concurrency when there are multiple rights going on? Do you version your Parquet files or how do you do your upcerts basically? So different focus, at the end of the day, the end user will decide what is the right platform, but we are going to have multiple formats living with us for a long time. >> Doug is Iceberg in your view, something that's going to address some of those gaps in standards that Sanjeev was talking about earlier? >> Yeah, Delta lake, Hudi, Iceberg, they all address this need for consistency and scalability, Delta lake open technically, but open for access. I don't hear about Delta lakes in any worlds, but Databricks, hearing a lot of buzz about Apache Iceberg. End users want an open performance standard. And most recently Google embraced Iceberg for its recent a big lake, their stab at having supporting both lakes and warehouses on one conjoined platform. >> And Tony, of course, you remember the early days of the sort of big data movement you had MapR was the most closed. You had Horton works the most open. You had Cloudera in between. There was always this kind of contest as to who's the most open. Does that matter? Are we going to see a repeat of that here? >> I think it's spheres of influence, I think, and Doug very much was kind of referring to this. I would call it kind of like the MongoDB syndrome, which is that you have... and I'm talking about MongoDB before they changed their license, open source project, but very much associated with MongoDB, which basically, pretty much controlled most of the contributions made decisions. And I think Databricks has the same iron cloud hold on Delta lake, but still the market is pretty much associated Delta lake as the Databricks, open source project. I mean, Iceberg is probably further advanced than Hudi in terms of mind share. And so what I see that's breaking down to is essentially, basically the Databricks open source versus the everything else open source, the community open source. So I see it's a very similar type of breakdown that I see repeating itself here. >> So by the way, Mongo has a conference next week, another data platform is kind of not really relevant to this discussion totally. But in the sense it is because there's a lot of discussion on earnings calls these last couple of weeks about consumption and who's exposed, obviously people are concerned about Snowflake's consumption model. Mongo is maybe less exposed because Atlas is prominent in the portfolio, blah, blah, blah. But I wanted to bring up the little bit of controversy that we saw come out of the Snowflake earnings call, where the ever core analyst asked Frank Klutman about discretionary spend. And Frank basically said, look, we're not discretionary. We are deeply operationalized. Whereas he kind of poo-pooed the lakehouse or the data lake, et cetera, saying, oh yeah, data scientists will pull files out and play with them. That's really not our business. Do any of you have comments on that? Help us swing through that controversy. Who wants to take that one? >> Let's put it this way. The SQL folks are from Venus and the data scientists are from Mars. So it means it really comes down to it, sort that type of perception. The fact is, is that, traditionally with analytics, it was very SQL oriented and that basically the quants were kind of off in their corner, where they're using SaaS or where they're using Teradata. It's really a great leveler today, which is that, I mean basic Python it's become arguably one of the most popular programming languages, depending on what month you're looking at, at the title index. And of course, obviously SQL is, as I tell the MongoDB folks, SQL is not going away. You have a large skills base out there. And so basically I see this breaking down to essentially, you're going to have each group that's going to have its own natural preferences for its home turf. And the fact that basically, let's say the Python and scale of folks are using Databricks does not make them any less operational or machine critical than the SQL folks. >> Anybody else want to chime in on that one? >> Yeah, I totally agree with that. Python support in Snowflake is very nascent with all of Snowpark, all of the things outside of SQL, they're very much relying on partners too and make things possible and make data science possible. And it's very early days. I think the bottom line, what we're going to see is each of these camps is going to keep working on doing better at the thing that they don't do today, or they're new to, but they're not going to nail it. They're not going to be best of breed on both sides. So the SQL centric companies and shops are going to do more data science on their database centric platform. That data science driven companies might be doing more BI on their leagues with those vendors and the companies that have highly distributed data, they're going to add fabrics, and maybe offload more of their BI onto those engines, like Dremio and Starburst. >> So I've asked you this before, but I'll ask you Sanjeev. 'Cause Snowflake and Databricks are such great examples 'cause you have the data engineering crowd trying to go into data warehousing and you have the data warehousing guys trying to go into the lake territory. Snowflake has $5 billion in the balance sheet and I've asked you before, I ask you again, doesn't there has to be a semantic layer between these two worlds? Does Snowflake go out and do M&A and maybe buy ad scale or a data mirror? Or is that just sort of a bandaid? What are your thoughts on that Sanjeev? >> I think semantic layer is the metadata. The business metadata is extremely important. At the end of the day, the business folks, they'd rather go to the business metadata than have to figure out, for example, like let's say, I want to update somebody's email address and we have a lot of overhead with data residency laws and all that. I want my platform to give me the business metadata so I can write my business logic without having to worry about which database, which location. So having that semantic layer is extremely important. In fact, now we are taking it to the next level. Now we are saying that it's not just a semantic layer, it's all my KPIs, all my calculations. So how can I make those calculations independent of the compute engine, independent of the BI tool and make them fungible. So more disaggregation of the stack, but it gives us more best of breed products that the customers have to worry about. >> So I want to ask you about the stack, the modern data stack, if you will. And we always talk about injecting machine intelligence, AI into applications, making them more data driven. But when you look at the application development stack, it's separate, the database is tends to be separate from the data and analytics stack. Do those two worlds have to come together in the modern data world? And what does that look like organizationally? >> So organizationally even technically I think it is starting to happen. Microservices architecture was a first attempt to bring the application and the data world together, but they are fundamentally different things. For example, if an application crashes, that's horrible, but Kubernetes will self heal and it'll bring the application back up. But if a database crashes and corrupts your data, we have a huge problem. So that's why they have traditionally been two different stacks. They are starting to come together, especially with data ops, for instance, versioning of the way we write business logic. It used to be, a business logic was highly embedded into our database of choice, but now we are disaggregating that using GitHub, CICD the whole DevOps tool chain. So data is catching up to the way applications are. >> We also have databases, that trans analytical databases that's a little bit of what the story is with MongoDB next week with adding more analytical capabilities. But I think companies that talk about that are always careful to couch it as operational analytics, not the warehouse level workloads. So we're making progress, but I think there's always going to be, or there will long be a separate analytical data platform. >> Until data mesh takes over. (all laughing) Not opening a can of worms. >> Well, but wait, I know it's out of scope here, but wouldn't data mesh say, hey, do take your best of breed to Doug's earlier point. You can't be best of breed at everything, wouldn't data mesh advocate, data lakes do your data lake thing, data warehouse, do your data lake, then you're just a node on the mesh. (Tony laughs) Now you need separate data stores and you need separate teams. >> To my point. >> I think, I mean, put it this way. (laughs) Data mesh itself is a logical view of the world. The data mesh is not necessarily on the lake or on the warehouse. I think for me, the fear there is more in terms of, the silos of governance that could happen and the silo views of the world, how we redefine. And that's why and I want to go back to something what Sanjeev said, which is that it's going to be raising the importance of the semantic layer. Now does Snowflake that opens a couple of Pandora's boxes here, which is one, does Snowflake dare go into that space or do they risk basically alienating basically their partner ecosystem, which is a key part of their whole appeal, which is best of breed. They're kind of the same situation that Informatica was where in the early 2000s, when Informatica briefly flirted with analytic applications and realized that was not a good idea, need to redouble down on their core, which was data integration. The other thing though, that raises the importance of and this is where the best of breed comes in, is the data fabric. My contention is that and whether you use employee data mesh practice or not, if you do employee data mesh, you need data fabric. If you deploy data fabric, you don't necessarily need to practice data mesh. But data fabric at its core and admittedly it's a category that's still very poorly defined and evolving, but at its core, we're talking about a common meta data back plane, something that we used to talk about with master data management, this would be something that would be more what I would say basically, mutable, that would be more evolving, basically using, let's say, machine learning to kind of, so that we don't have to predefine rules or predefine what the world looks like. But so I think in the long run, what this really means is that whichever way we implement on whichever physical platform we implement, we need to all be speaking the same metadata language. And I think at the end of the day, regardless of whether it's a lake, warehouse or a lakehouse, we need common metadata. >> Doug, can I come back to something you pointed out? That those talking about bringing analytic and transaction databases together, you had talked about operationalizing those and the caution there. Educate me on MySQL HeatWave. I was surprised when Oracle put so much effort in that, and you may or may not be familiar with it, but a lot of folks have talked about that. Now it's got nowhere in the market, that no market share, but a lot of we've seen these benchmarks from Oracle. How real is that bringing together those two worlds and eliminating ETL? >> Yeah, I have to defer on that one. That's my colleague, Holger Mueller. He wrote the report on that. He's way deep on it and I'm not going to mock him. >> I wonder if that is something, how real that is or if it's just Oracle marketing, anybody have any thoughts on that? >> I'm pretty familiar with HeatWave. It's essentially Oracle doing what, I mean, there's kind of a parallel with what Google's doing with AlloyDB. It's an operational database that will have some embedded analytics. And it's also something which I expect to start seeing with MongoDB. And I think basically, Doug and Sanjeev were kind of referring to this before about basically kind of like the operational analytics, that are basically embedded within an operational database. The idea here is that the last thing you want to do with an operational database is slow it down. So you're not going to be doing very complex deep learning or anything like that, but you might be doing things like classification, you might be doing some predictives. In other words, we've just concluded a transaction with this customer, but was it less than what we were expecting? What does that mean in terms of, is this customer likely to turn? I think we're going to be seeing a lot of that. And I think that's what a lot of what MySQL HeatWave is all about. Whether Oracle has any presence in the market now it's still a pretty new announcement, but the other thing that kind of goes against Oracle, (laughs) that they had to battle against is that even though they own MySQL and run the open source project, everybody else, in terms of the actual commercial implementation it's associated with everybody else. And the popular perception has been that MySQL has been basically kind of like a sidelight for Oracle. And so it's on Oracles shoulders to prove that they're damn serious about it. >> There's no coincidence that MariaDB was launched the day that Oracle acquired Sun. Sanjeev, I wonder if we could come back to a topic that we discussed earlier, which is this notion of consumption, obviously Wall Street's very concerned about it. Snowflake dropped prices last week. I've always felt like, hey, the consumption model is the right model. I can dial it down in when I need to, of course, the street freaks out. What are your thoughts on just pricing, the consumption model? What's the right model for companies, for customers? >> Consumption model is here to stay. What I would like to see, and I think is an ideal situation and actually plays into the lakehouse concept is that, I have my data in some open format, maybe it's Parquet or CSV or JSON, Avro, and I can bring whatever engine is the best engine for my workloads, bring it on, pay for consumption, and then shut it down. And by the way, that could be Cloudera. We don't talk about Cloudera very much, but it could be one business unit wants to use Athena. Another business unit wants to use some other Trino let's say or Dremio. So every business unit is working on the same data set, see that's critical, but that data set is maybe in their VPC and they bring any compute engine, you pay for the use, shut it down. That then you're getting value and you're only paying for consumption. It's not like, I left a cluster running by mistake, so there have to be guardrails. The reason FinOps is so big is because it's very easy for me to run a Cartesian joint in the cloud and get a $10,000 bill. >> This looks like it's been a sort of a victim of its own success in some ways, they made it so easy to spin up single note instances, multi note instances. And back in the day when compute was scarce and costly, those database engines optimized every last bit so they could get as much workload as possible out of every instance. Today, it's really easy to spin up a new node, a new multi node cluster. So that freedom has meant many more nodes that aren't necessarily getting that utilization. So Snowflake has been doing a lot to add reporting, monitoring, dashboards around the utilization of all the nodes and multi node instances that have spun up. And meanwhile, we're seeing some of the traditional on-prem databases that are moving into the cloud, trying to offer that freedom. And I think they're going to have that same discovery that the cost surprises are going to follow as they make it easy to spin up new instances. >> Yeah, a lot of money went into this market over the last decade, separating compute from storage, moving to the cloud. I'm glad you mentioned Cloudera Sanjeev, 'cause they got it all started, the kind of big data movement. We don't talk about them that much. Sometimes I wonder if it's because when they merged Hortonworks and Cloudera, they dead ended both platforms, but then they did invest in a more modern platform. But what's the future of Cloudera? What are you seeing out there? >> Cloudera has a good product. I have to say the problem in our space is that there're way too many companies, there's way too much noise. We are expecting the end users to parse it out or we expecting analyst firms to boil it down. So I think marketing becomes a big problem. As far as technology is concerned, I think Cloudera did turn their selves around and Tony, I know you, you talked to them quite frequently. I think they have quite a comprehensive offering for a long time actually. They've created Kudu, so they got operational, they have Hadoop, they have an operational data warehouse, they're migrated to the cloud. They are in hybrid multi-cloud environment. Lot of cloud data warehouses are not hybrid. They're only in the cloud. >> Right. I think what Cloudera has done the most successful has been in the transition to the cloud and the fact that they're giving their customers more OnRamps to it, more hybrid OnRamps. So I give them a lot of credit there. They're also have been trying to position themselves as being the most price friendly in terms of that we will put more guardrails and governors on it. I mean, part of that could be spin. But on the other hand, they don't have the same vested interest in compute cycles as say, AWS would have with EMR. That being said, yes, Cloudera does it, I think its most powerful appeal so of that, it almost sounds in a way, I don't want to cast them as a legacy system. But the fact is they do have a huge landed legacy on-prem and still significant potential to land and expand that to the cloud. That being said, even though Cloudera is multifunction, I think it certainly has its strengths and weaknesses. And the fact this is that yes, Cloudera has an operational database or an operational data store with a kind of like the outgrowth of age base, but Cloudera is still based, primarily known for the deep analytics, the operational database nobody's going to buy Cloudera or Cloudera data platform strictly for the operational database. They may use it as an add-on, just in the same way that a lot of customers have used let's say Teradata basically to do some machine learning or let's say, Snowflake to parse through JSON. Again, it's not an indictment or anything like that, but the fact is obviously they do have their strengths and their weaknesses. I think their greatest opportunity is with their existing base because that base has a lot invested and vested. And the fact is they do have a hybrid path that a lot of the others lack. >> And of course being on the quarterly shock clock was not a good place to be under the microscope for Cloudera and now they at least can refactor the business accordingly. I'm glad you mentioned hybrid too. We saw Snowflake last month, did a deal with Dell whereby non-native Snowflake data could access on-prem object store from Dell. They announced a similar thing with pure storage. What do you guys make of that? Is that just... How significant will that be? Will customers actually do that? I think they're using either materialized views or extended tables. >> There are data rated and residency requirements. There are desires to have these platforms in your own data center. And finally they capitulated, I mean, Frank Klutman is famous for saying to be very focused and earlier, not many months ago, they called the going on-prem as a distraction, but clearly there's enough demand and certainly government contracts any company that has data residency requirements, it's a real need. So they finally addressed it. >> Yeah, I'll bet dollars to donuts, there was an EBC session and some big customer said, if you don't do this, we ain't doing business with you. And that was like, okay, we'll do it. >> So Dave, I have to say, earlier on you had brought this point, how Frank Klutman was poo-pooing data science workloads. On your show, about a year or so ago, he said, we are never going to on-prem. He burnt that bridge. (Tony laughs) That was on your show. >> I remember exactly the statement because it was interesting. He said, we're never going to do the halfway house. And I think what he meant is we're not going to bring the Snowflake architecture to run on-prem because it defeats the elasticity of the cloud. So this was kind of a capitulation in a way. But I think it still preserves his original intent sort of, I don't know. >> The point here is that every vendor will poo-poo whatever they don't have until they do have it. >> Yes. >> And then it'd be like, oh, we are all in, we've always been doing this. We have always supported this and now we are doing it better than others. >> Look, it was the same type of shock wave that we felt basically when AWS at the last moment at one of their reinvents, oh, by the way, we're going to introduce outposts. And the analyst group is typically pre briefed about a week or two ahead under NDA and that was not part of it. And when they dropped, they just casually dropped that in the analyst session. It's like, you could have heard the sound of lots of analysts changing their diapers at that point. >> (laughs) I remember that. And a props to Andy Jassy who once, many times actually told us, never say never when it comes to AWS. So guys, I know we got to run. We got some hard stops. Maybe you could each give us your final thoughts, Doug start us off and then-- >> Sure. Well, we've got the Snowflake Summit coming up. I'll be looking for customers that are really doing data science, that are really employing Python through Snowflake, through Snowpark. And then a couple weeks later, we've got Databricks with their Data and AI Summit in San Francisco. I'll be looking for customers that are really doing considerable BI workloads. Last year I did a market overview of this analytical data platform space, 14 vendors, eight of them claim to support lakehouse, both sides of the camp, Databricks customer had 32, their top customer that they could site was unnamed. It had 32 concurrent users doing 15,000 queries per hour. That's good but it's not up to the most demanding BI SQL workloads. And they acknowledged that and said, they need to keep working that. Snowflake asked for their biggest data science customer, they cited Kabura, 400 terabytes, 8,500 users, 400,000 data engineering jobs per day. I took the data engineering job to be probably SQL centric, ETL style transformation work. So I want to see the real use of the Python, how much Snowpark has grown as a way to support data science. >> Great. Tony. >> Actually of all things. And certainly, I'll also be looking for similar things in what Doug is saying, but I think sort of like, kind of out of left field, I'm interested to see what MongoDB is going to start to say about operational analytics, 'cause I mean, they're into this conquer the world strategy. We can be all things to all people. Okay, if that's the case, what's going to be a case with basically, putting in some inline analytics, what are you going to be doing with your query engine? So that's actually kind of an interesting thing we're looking for next week. >> Great. Sanjeev. >> So I'll be at MongoDB world, Snowflake and Databricks and very interested in seeing, but since Tony brought up MongoDB, I see that even the databases are shifting tremendously. They are addressing both the hashtag use case online, transactional and analytical. I'm also seeing that these databases started in, let's say in case of MySQL HeatWave, as relational or in MongoDB as document, but now they've added graph, they've added time series, they've added geospatial and they just keep adding more and more data structures and really making these databases multifunctional. So very interesting. >> It gets back to our discussion of best of breed, versus all in one. And it's likely Mongo's path or part of their strategy of course, is through developers. They're very developer focused. So we'll be looking for that. And guys, I'll be there as well. I'm hoping that we maybe have some extra time on theCUBE, so please stop by and we can maybe chat a little bit. Guys as always, fantastic. Thank you so much, Doug, Tony, Sanjeev, and let's do this again. >> It's been a pleasure. >> All right and thank you for watching. This is Dave Vellante for theCUBE and the excellent analyst. We'll see you next time. (upbeat music)

>>Okay, welcome back everyone. To the cubes coverage of ADB has re-invent 2021. I'm John fare with Dave Nicholson. My cohost we're here exploring all the future innovations. We've got a great guest we'll lead negam who's the EVP executive vice president chief research innovation officer cap, Gemini engineering will lead. Thanks for coming on the cube. Thank you. So I love the title, chief research, innovation engineering officer. >>I didn't make it up. They did. >>You got to love the cloud evolution right now because just more and more infrastructure as codes happening. You got this whole data abstraction layer developing where people are starting to see. Okay. I can have horizontally scalable governed data in a data lake. That's smart, someone intelligent and use machine learning. It seems to be the big trend here from AWS. More serverless, more goodness. So engineering kind of on the front lines here kind of making it happen. >>Yeah. So, uh, the question that our clients are asking us is how do these data center technologies moving over into cars, planes, trains, construction, equipment, industrial, right? And you know, maybe two decades ago it was called IOT. Uh, but we're not talking about just sensors, vertical lift aircraft, uh, software-defined cars, um, manufacturing facilities as a whole, you know, how are these data center technologies going to impact these companies? And it's not a architectural shift for say the Evie, the electric vehicle, many OEM, it's a financial transformation, right? Because if they can make their vehicle containerized, uh, if they can monitor the cars, behaviors, they can offer new types of experiences for their clients. So the questions we were asking ourselves is how do you get the cloud into the car? >>Yeah. And software driving, all that. So you've got software defined everything. Now you've got data-driven pun intended with the cars cloud everywhere. How does that look? What are the concerns, obviously, latency moving data around. They got outposts. Am I moving the cloud to the edge? How are you guys thinking? How are customers thinking through the architectural, I guess foundational playbook? Is there one? Yeah. >>I, you know, coming into this, I did ask my, my son, the question is hardware or software more important. And then he, you know, he's not, and he said, you know, we're coding our way out of hardware. It was very interesting insight software rules. That that is for sure. But when we're talking about physical products and these talking about trillions of dollars of investments going into green energy, uh, into autonomous driving into green aviation. So we're not, it's not just the matter of verse here. We're dealing real physical products. I think though the point for us as engineers or as an engineering businesses, how do you co-design hardware and software together? What are the questions you to ask about that machine learning model being moved over from AWS? For example, into the car, is the Silicon going to be able to support the inferencing rates that are required right. In real time and whatnot. So some of the things like that, >>Well, that's been a, it's been an age old battle between the idea that, uh, the flour that's nurtured in a walled garden is always going to be more beautiful than the one that grows out in the meadow. In other words, announcement, uh, at, in Adam's keynote, talking about advances in AWS Silicon. So what's your view on how important that is? You just sort of alluded to it as being important, the co-development of hardware and software together. >>Yeah. We're seeing product makers again, think, you know, anybody from a life sciences company building a digital therapeutics product, maybe a blood glucose monitor or, um, an automotive or even an aerospace, uh, going direct to Silicon asking questions around the performance of the Silicon and designing their experience around that. Right. So, uh, if they need a low latency, low power efficiency, green networks, they're taking those questions in-house or asking those questions in house. So, you know, AWS having a, sort of a portfolio of custom or bespoke Silicon now as part of the architectural discussion. Right? And so I look around here, I see a lot of developers who are going to have to get a little bit more versed in some of these questions around, you know, should I use an arm based chip? You know, do I use this Silicon partner? You know, what happens when I move it into the vehicle? And then I have over the air updates, how do I protect that code in an enclave in the car just to continue to use the so there's are a lot of architectural questions that I don't think software engineers typically ask when they're just dealing in the cloud. Uh, although at the end of the day over time, a lot of these will be abstracted from the developer to some degree, you know, that is just the nature of the game. >>It reminds me of the operating system theory of system software meeting hardware. And because you have software developers just want to code now, you're saying, well, now I'm responsible hardware. Well, not if it's programmer, was there a hard top two it's over, these are big questions and important ones I think is we're in a major inflection point, but it comes back down to, you mentioned aerospace space is the same problem. You can't send that break, fix engineer in space. Right. You've got software now. So you've got trust that security supply chain who's right. And who's doing the hardware now you've got the software supply chain. So a lot of interesting kind of, yeah. >>So you, you, you know, you check them off, back in into it, the supply chain problems with Silicon, and there are now alternatives to try and get around the bottlenecks using high-performance computers versus hundreds of ECS and a vehicle allows you kind of get away from the supply chain shortage. Uh there's you know, folks moving from one architecture to another, to avoid kind of getting locked in and then of course creating your own Silicon, or at least having more ownership over the Silicon. I think suffer defined systems, uh, are the way to go regardless of the industry. Uh, so you're going to make some decisions on performance, characteristics of the hardware, but ultimately you want a software defined system, so you can update it regularly. >>I was talking with doc some of the top hair executives. I talked to, um, the marketplace guys here, Deepak, uh, over at the, here at Amazon and containers comes up. You start to see a trend in containers where you see certified containers because containers are everywhere. You can put malware and containers. So, you know, think about like just hacking software. It's a surface area now. So you bring the software security model in there. So to see this kind of like certified containers, I can imagine certified infrastructure now because I mean, what's a processor, it's just a hardened top to a PC. Now you've got the cloud. If I have hardware, how do I know it's workable? How do I trust it? You know, how could it not be hacked? I don't want my car to be hacked and driven off the road. >>So, so, um, when you're dealing with a payment system or you're dealing with tick-tock different than when you're dealing with a car with life consequences. So we are very active in the software defined transformation of automotive. And it's easy to say, I'm just going to load it up with all this data center technology, but there's safety criticality issues that you have to take into considerations, but containers are well suited for that. Just requires some thought. I mean, my excitement, enthusiasm about this product engineering is if you just take any of these products and, and apply them into a product engineering context, there's so much invention and creativity can happen. Uh, but on the safety side, we're working through security enclaves using containers and hardware based roots of trust. So there's ways around, you know, malware and bad actors at the edge. Um, >>What's your, what's your take on explainable AI? Why got you might as well ask because this comes up a lot, explainable AI is hot in college right now, AI, that can be explained. It's kind of got some policy, uh, to it. What's your thoughts on this AI trend? Cause obviously it's everywhere. Um, I mean, what is explainable AI? Is that even real or how do you explain AI? Is that democratized? >>Yeah. Computer vision is a great example. I think to bring it to life I'm all of the audience probably knows this, but you could, you know, you can tell your kid that this is a cat once and they'll know every single cat out there is a cat, but if you, you, you need a thousands of images, uh, for a computer vision model to learn that this is a cat. And even, you know, you can probably give it an example, um, out of say a remote region of the world and it going to get confused. So to me, explainability is about adding some sort of certainty to the decision-making process. Um, and when there's a, some confusion, be able to understand why that happened. I think in, in automotive or any, even in quality assurance, being able to know that this product was definitively defective or this pedestrian definitively did cross the crosswalk or not. You know, it's very important because it could, you know, there are, there are consequences. So just being able to understand why the algorithm or the model said what it said, why did it make that judgment is super important, super important. >>So I've got to ask you now that we're here, re-invent from your engineering perspectives, you look at the landscape of AWS, the announcements. What, what, how do you think about it to other engineers out there trying to, uh, grok all the technology who really want to put innovation in place, whether it's creating new markets, new categories or innovating their existing business, how do you grab the class out and make it work for you? I mean, from an engineering standpoint, how do you look at AWS and say, how do I make this work better for me? >>Uh, so I mean, over the years, I, um, I think it's true. AWS has started to really look like a utility, you know, the days where it was called utility as a service. And, um, you know, I, I, I did attend a workshop on, I think it was called LightSail or something like that, but they are simplifying the way that you can consume this infrastructure to a degree that is somewhat phenomenal. Uh, and they're building any, yeah, they continue to expand the ecosystem. Um, so I mean, for me, it's, it's a utility. Uh, it's it's, it's, it's, it's, it's consumable. Uh, if you got an idea pick and roll your own. >>Okay. So back back to the, uh, the concept of AI and explainability, uh, one of my cars won't allow me to unlock certain functions because of the way that I drive. No one needs to explain to me why, because I know what I'm doing wrong, but I'm still frustrated by it. So that that's sort of leads to kind of the larger philosophical question to you about what you're seeing, where are we in this kind of leapfrog, constant pace of the technology exists, but people aren't culturally ready to accept it because it feels like right now to me that there isn't anything we can't do with cloud technology from a technical perspective, it can all be done. Swami's keynote today, talking about integrating all sorts of sources of data and actually leveraging them in the cloud. Um, technically possible yet 85% of it spend is still on prem. So, so what's your thought there? What are the, what are the inhibitors, what are the real inhibitors from a technology perspective versus the cultural ones? Uh, setting aside my lack of, uh, adherence to, uh, to driving lawful >>I industry by industry. I think in, um, you know, if you're trying to do a diagnostic on an MRI in an automated way, and there's going to be false positives, false negatives, and yes, we know that yeah, we know that there's going to be a physician participating in the final judgment call. Um, I think just getting a really good comfort level on the trustworthiness of these decision points, um, is really important. And so I don't blame folks for being reticent about, you know, trusting or, or asking some questions about, does this really work and are these autonomous systems as they become more and more precise, are they doing the right thing? Uh, I think there's research that has to be done on agency. You know, am I in patrol? What happened? Did I lose control? I think there's questions around handoffs, you know, and participation in decision-making. So I think just overall, just the broad area of trust and, uh, the relationship between the participants, the humans and the machines still. I think there's some work to do, to be honest with you. I think there's some work to do maybe in a manufacturing facility where everything's automated, you know, maybe it's a solved problem, but in an open road, when the vehicles driving, you know, in the middle afternoon, you know, you probably should ask some more questions. >>Well, I want to ask you what we got a couple of minutes left, real time data near real time, real time, always a big, hot topic. Seeing one more databases out there in the keynote today from Swami real-time are we there yet? How are we dealing with real-time data, software consuming the data? It comes to cars and things that are moving real time versus near real time. It could be life or death. I mean, this is big time. Where are we? >>So, um, I was trying to conduct a web conference. I won't tell the vendor because it has nothing to do with the vendor. Um, and I couldn't get a connection. I couldn't get a connection at reinvent. I just couldn't get it. I'm sorry guys. I can't get it. So I, you know, so we talk about real time talking about real-time operating systems and real time data collection at the edge. Yeah. We're there, we can collect the data and we can deploy a model in, you know, in the aircraft on the train to do predictive analytics. If we got to stream that data back home to the cloud, you know, we better figure out how to make sure we have a reliable and stable connection. 5g is a, you know, is, is, will be deployed, right? And it has ultra low latency, uh, and can achieve those types of, uh, requirements. But, uh, you know, it has to be in the right setting, right? That's to be the right setting and a facility, uh, very well controlled where you understand the density of the cell sites, small cells sound cells, and you really can deploy a, uh, a mobile robot, uh, wirelessly. Yes know, we can do that, but you know, kind of in, in, in other scenarios, we have a lot of ask that question about >>With the connections and making that false, huh? Well, he, thanks for coming on. Great insight, great conversation. Very deep, awesome work. Thanks for coming on and sharing your insights from cap Gemini. We're here in the cube, the worldwide leader in tech coverage live on the floor here at re-invent I'm John fare with Dave Nicholson. We write back.

>> Announcer: From around the globe, it's theCUBE, covering Space and Cybersecurity Symposium 2020, hosted by Cal Poly. >> Everyone, welcome to this special presentation with Cal Poly hosting the Space and Cybersecurity Symposium 2020 virtual. I'm John Furrier, your host with theCUBE and SiliconANGLE here in our Palo Alto studios with our remote guests. We couldn't be there in person, but we're going to be here remote. We got a great session and a panel for one hour, topic preparing students for the jobs of today and tomorrow. Got a great lineup. Bill Britton, Lieutenant Colonel from the US Air Force, retired vice president for information technology and CIO and the director of the California Cybersecurity Institute for Cal Poly. Bill, thanks for joining us. Dr. Amy Fleischer, who's the dean of the College of Engineering at Cal Poly, and Trung Pham, professor and researcher at the US Air Force Academy. Folks, thanks for joining me today. >> Our pleasure. >> Got a great- >> Great to be here. >> Great panel. This is one of my favorite topics. >> Thank you for the opportunity. >> Preparing students for the next generation, the jobs for today and tomorrow. We got an hour. I'd love you guys to start with an opening statement to kick things off. Bill, we'll start with you. >> Well, I'm really pleased to be, to start on this as the director for the Cybersecurity Institute and the CIO at Cal Poly, it's really a fun, exciting job, because as a polytechnic, technology has such a forefront in what we're doing, and we've had a wonderful opportunity being 40 miles from Vandenberg Air Force Base to really look at the nexus of space and cybersecurity. And if you add into that both commercial, government, and civil space and cybersecurity, this is an expanding wide open time for cyber and space. In that role that we have with the Cybersecurity Institute, we partner with elements of the state and the university, and we try to really add value above our academic level, which is some of the highest in the nation, and to really merge down and go a little lower and start younger. So we actually are running the week prior to this showing a cybersecurity competition for high schools and middle schools in the state of California. That competition this year is based on a scenario around hacking of a commercial satellite and the forensics of the payload that was hacked and the networks associated with it. This is going to be done using products like Wireshark, Autopsy, and other tools that will give those high school students what we hope is a huge desire to follow up and go into cyber and cyberspace and space and follow that career path and either come to Cal Poly or some other institution that's going to let them really expand their horizons in cybersecurity and space for the future of our nation. >> Bill, thanks for that intro. By the way, I just want to give you props for an amazing team and job you guys are doing at Cal Poly, the DxHub and the efforts you guys are having with your challenge. Congratulations on that great work. >> Thank you. It's a rock star team. It's absolutely amazing to find that much talent at one location. And I think Amy's going to tell you, she's got the same amount of talent in her staff, so it's a great place to be. >> Dr. Amy Fleischer. You guys have a great organization down there, amazing curriculum, amazing people, great community. Your opening statement. >> Hello everybody. It's really great to be a part of this panel on behalf of the Cal Poly College of Engineering. Here at Cal Poly, we really take preparing students for the jobs of today and tomorrow completely seriously, and we can claim that our students really graduate so they're ready day one for their first real job. But that means that in getting them to that point, we have to help them get valuable and meaningful job experience before they graduate, both through our curriculum and through multiple internship or summer research opportunities. So we focus our curriculum on what we call a learn by doing philosophy. And this means that we have a combination of practical experience and learn by doing both in and out of the classroom. And we find that to be really critical for preparing students for the workforce. Here at Cal Poly, we have more than 6,000 engineering students. We're one of the largest undergraduate engineering schools in the country. And US News ranks us the eighth best undergraduate engineering program in the country and the top ranked state school. We're really, really proud that we offer this impactful hands-on engineering education that really exceeds that of virtually all private universities while reaching a wider audience of students. We offer 14 degree programs, and really, we're talking today about cyber and space, and I think most of those degree programs can really make an impact in the space and cybersecurity economy. And this includes not only things like aero and cyber directly, but also electrical engineering, mechanical engineering, computer engineering, materials engineering, even manufacturing, civil, and biomedical engineering, as there's a lot of infrastructure needs that go into supporting launch capabilities. Our aerospace program graduates hundreds of aerospace engineers and most of them are working right here in California with many of our corporate partners, including Northrop Grumman, Lockheed, Boeing, Raytheon, SpaceX, Virgin Galactic, JPL, and so many other places where we have Cal Poly engineers impacting the space economy. Our cybersecurity focus is found mainly in our computer science and software engineering programs, and it's really a rapidly growing interest among our students. Computer science is our most popular major, and industry interests and partnerships are integrated into our cyber curriculum, and we do that oftentimes through support from industry. So we have partnerships with Northrop Grumman for professorship in a cyber lab and from PG&E for critical infrastructure cybersecurity lab and professorship. And we think that industry partnerships like these are really critical to preparing students for the future as the field is evolving so quickly and making sure we adapt our facilities and our curriculum to stay in line with what we're seeing in industry is incredibly important. In our aerospace program, we have an educational partnership with the Air Force Research Labs that's allowing us to install new high-performance computing capabilities and a space environments lab that's going to enhance our satellite design capabilities. And if we talk about satellite design, Cal Poly is the founding home of the CubeSat program, which pioneered small satellite capabilities, And we remain the worldwide leader in maintaining the CubeSat standard, and our student program has launched more CubeSats than any other program. So here again we have this learn by doing experience every year for dozens of aerospace, electrical, computer science, mechanical engineering students, and other student activities that we think are just as important include ethical hacking through our white hat club, Cal Poly Space Systems, which does really, really big rocket launches, and our support program for women in both of these fields, like WISH, which is Women In Software and Hardware. Now, you know, really trying to bring in a wide variety of people into these fields is incredibly important, and outreach and support to those demographics traditionally underrepresented in these fields is going to be really critical to future success. So by drawing on the lived experiences by people with different types of backgrounds will we develop the type of culture and environment where all of us can get to the best solution. So in terms of bringing people into the field, we see that research shows we need to reach kids when they're in late elementary and middle schools to really overcome that cultural bias that works against diversity in our fields. And you heard Bill talking about the California Cybersecurity Institute's yearly cyber challenge, and there's a lot of other people who are working to bring in a wider variety of people into the field, like Girl Scouts, which has introduced dozens of new badges over the past few years, including a whole cybersecurity series of badges in concert with Palo Alto Networks. So we have our work cut out for us, but we know what we need to do, and if we're really committed to properly preparing the workforce for today and tomorrow, I think our future is going to be bright. I'm looking forward to our discussion today. >> Thank you, Dr. Fleischer, for a great comment, opening statement, and congratulations. You got the right formula down there, the right mindset, and you got a lot of talent, and community, as well. Thank you for that opening statement. Next up, from Colorado Springs, Trung Pham, who's a professor and researcher at the US Air Force Academy. He's doing a lot of research around the areas that are most important for the intersection of space and technology. Trung. >> Good afternoon. First I'd like to thank Cal Poly for the opportunity. And today I want to go briefly about cybersecurity in space application. Whenever we talk about cybersecurity, the impression is that it's a new field that is really highly complex involving a lot of technical area. But in reality, in my personal opinion, it is indeed a complex field because it involves many disciplines. The first thing we think about is computer engineering and computer networking, but it's also involving communication, sociology, law practice. And this practice of cybersecurity doesn't only involve computer expert, but it's also involve everybody else who has a computing device that is connected to the internet, and this participation is obviously everybody in today's environment. When we think about the internet, we know that it's a good source of information but come with the convenience of information that we can access, we are constantly facing danger from the internet. Some of them we might be aware of. Some of them we might not be aware of. For example, when we search on the internet, a lot of time our browser will be saying that this site is not trusted, so we will be more careful. But what about the sites that we trusted? We know that those are legitimate sites, but they're not 100% bulletproof. What happen if those site are attacked by a hacker and then they will be a silent source of danger that we might not be aware of. So in the reality, we need to be more practicing the cybersecurity from our civil point of view and not from a technical point of view. When we talk about space application, we should know that all the hardware are computer-based or controlled by by computer system, and therefore the hardware and the software must go through some certification process so that they can be rated as airworthy or flightworthy. When we know that in the certification process is focusing on the functionality of the hardware and software, but one aspect that is explicitly and implicitly required is the security of those components. And we know that those components have to be connected with the ground control station, and the communication is through the air, through the radio signal, so anybody who has access to those communication radio signal will be able to control the space system that we put up there. And we certainly do not want our system to be hijacked by a third party. Another aspect of cybersecurity is that we try to design the space system in a very strong manner so it's almost impossible to hack in. But what about some other weak system that might be connected to the strong system? For example, the space system will be connected to the ground control station, and on the ground control station, we have the human controller, and those people have cell phone. They are allowed to use cell phone for communication. But at the same time, they are connected to the internet through the cell phone, and their cell phone might be connected to the computer that control the flight software and hardware. So what I want to say is we try to build strong system and we've protected them, but there will be some weaker system that we could not intended but exists to be connected to our strong system, and those are the points the hacker will be trying to attack. If we know how to control the access to those weak points, we will be having a much better system for the space system. And when we see the cybersecurity that is requiring the participation everywhere it's important to notice that there is a source of opportunity for students who enter the workforce to consider. Obviously students in engineering can focus their knowledge and expertise to provide technological solution to protect the system that we view. But we also have students in business who can focus their expertise to write business plan so that they can provide a pathway for the engineering advances to reach the market. We also have student in law who can focus their expertise in policy governing the internet, governing the cybersecurity practice. And we also have student in education who can focus their expertise to design how to teach cybersecurity practice, and student in every other discipline can focus their effort to implement security measure to protect the system that they are using in their field. So it's obvious that cybersecurity is everywhere and it implies job opportunity everywhere for everybody in every discipline of study. Thank you. >> Thank you, Trung, for those great comments. Great technology opportunities. But interesting, as well, is the theme that we're seeing across the entire symposium and in the virtual hallways that we're hearing conversations, and you pointed out some of them. Dr. Fleischer did, as well. And Bill, you mentioned it. It's not one thing. It's not just technology. It's different skills. And Amy, you mentioned that computer science is the hottest degree, but you have the hottest aerospace program in the world. I mean, so all this is kind of balancing. It's interdisciplinary. It's a structural change. Before we get into some of the, how they prepare the students, can you guys talk about some of the structural changes that are modern now in preparing in these opportunities, because societal impact is a, law potentially impact, it's how we educate. There's now cross-discipline skill sets. It's not just get the degree, see you out in the field. Bill, you want to start? >> Well, what's really fun about this job is that in the Air Force, I worked in the space and missile business, and what we saw was a heavy reliance on checklist format, security procedures, analog systems, and what we're seeing now in our world, both in the government and the commercial side, is a move to a digital environment, and the digital environment is a very quick and adaptive environment, and it's going to require a digital understanding. Matter of fact, the undersecretary of Air Force for acquisition recently referenced the need to understand the digital environment and how that's affecting acquisition. So as both Amy and Trung said, even business students are now in the cybersecurity business. And so again, what we're seeing is the change. Now, another phenomenon that we're seeing in the space world is there's just so much data. One of the ways that we addressed that in the past was to look at high-performance computing. There was a lot stricter control over how that worked. But now what we're seeing is adaptation of cloud, cloud technologies in space support, space data, command and control. And so what we see is a modern space engineer who has to understand digital, has to understand cloud, and has to understand the context of all those with a cyber environment. That's really changing the forefront of what is a space engineer, what is a digital engineer, and what is a future engineer, both commercial or government. So I think the opportunity for all of these things is really good, particularly for a polytechnic, Air Force Academy, and others that are focusing on a more widened experiential level of cloud and engineering and other capabilities. And I'll tell you the part that as the CIO I have to remind everybody, all this stuff works with the IT stuff. So you've got to understand how your IT infrastructures are tied and working together. As we noted earlier, one of the things is that these are all relays from point to point, and that architecture is part of your cybersecurity architecture. So again, every component has now become a cyber aware, cyber knowledgeable, and what we like to call as a cyber cognizant citizen where they have to understand the context. (speaking on mute) >> (indistinct) software Dr. Fleischer, talk about your perspective, 'cause you mentioned some of the things about computer science. I remember in the '80s when I got my computer science degree, they called us software engineers and then you became software developers. And then, so again, engineering is the theme. If you're engineering a system, there's now software involved, and there's also business engineering, business models. So talk about some of your comments, 'cause you mentioned computer science is hot. You got the aerospace. You got these multi-disciplines. You got definitely diversity, as well, brings more perspectives in, as well. Your thoughts on these structural interdisciplinary things? >> I think this is really key to making sure that students are prepared to work in the workforce is looking at the blurring between fields. No longer are you just a computer scientist. No longer are you just an aerospace engineer. You really have to have an expertise where you can work with people across disciplines. All of these fields are just working with each other in ways we haven't seen before. And Bill brought up data. You know, data science is something that's cross-cutting across all of our fields. So we want engineers that have the disciplinary expertise that they can go deep into these fields, but we want them to be able to communicate with each other and to be able to communicate across disciplines and to be able to work in teams that are across disciplines. You can no longer just work with other computer scientists or just work with other aerospace engineers. There's no part of engineering that is siloed anymore. So that's how we're changing. You have to be able to work across those disciplines. And as you, as Trung pointed out, ethics has to come into this. So you can no longer try to fully separate what we would traditionally have called the liberal arts and say, well, that's over there in general education. No, ethics is an important part of what we're doing and how we integrate that into our curriculum. So is communication. So is working on public policy and seeing where all these different aspects tie together to make the impact that we want to have in the world. So you no longer can work solo in these fields. >> That's great point. And Bill also mentioned the cloud. One thing about the cloud that's showed us is horizontal scalability has created a lot of value, and certainly data is now horizontal. Trung, you mentioned some of the things about cryptography for the kids out there, I mean, you can look at the pathway for career. You can do a lot of tech, but you don't have to go deep sometimes. You can as deep as you want, but there's so much more there. What technology do you see that's going to help students, in your opinion? >> Well, I'm a professor in computer science, so I like to talk a little bit about computer programming. Now we are working in complex projects. So most of the time we don't design a system from scratch. We build it from different components, and the components that we have, either we get it from vendors or sometimes we get it from the internet in the open source environment. It's fun to get the source code and then make it work to our own application. So now when we are looking at cryptology, when we talk about encryption, for example, we can easily get the source code from the internet. And the question, is it safe to use those source code? And my question is maybe not. So I always encourage my students to learn how to write source code the traditional way that I learned a long time ago before I allow them to use the open source environment. And one of the things that they have to be careful especially with encryption is the code that might be hidden in the source that they downloaded. Some of the source might be harmful. It might open up back gate for a hacker to get in later. We've heard about these back gates back then when Microsoft designed the operating system with the protection of encryption, and it is true that is existing. So while open source code is a wonderful place to develop complex system, but it's also a dangerous place that we have to be aware of. >> Great point. Before we get into the comments, one quick thing for each of you I'd like to get your comments on. There's been a big movement on growth mindset, which has been a great big believer in having a growth mindset and learning and all that good stuff. But now when you talk about some of these things we're mentioning about systems, there's a new trend around a systems mindset, because if everything's now a system, distributed systems now you have space and cybersecurity, you have to understand the consequences of changes. And you mention some of that, Trung, in changes in the source code. Could you guys share your quick opinions on the of systems thinking? Is that a mindset that people should be looking at? Because it used to be just one thing. Oh, you're a systems guy or gal. There you go. You're done. Now it seems to be in social media and data, everything seems to be systems. What's your take? Dr. Fleischer, we'll start with you. >> I'd say it's another way of looking at not being just so deep in your discipline. You have to understand what the impact of the decisions that you're making have on a much broader system. And so I think it's important for all of our students to get some exposure to that systems level thinking and looking at the greater impact of the decision that they're making. Now, the issue is where do you set the systems boundary, right? And you can set the systems boundary very close in and concentrate on an aspect of a design, or you can continually move that system boundary out and see where do you hit the intersections of engineering and science along with ethics and public policy and the greater society. And I think that's where some of the interesting work is going to be. And I think at least exposing students and letting them know that they're going to have to make some of these considerations as they move throughout their career is going to be vital as we move into the future. >> Bill, what's your thoughts? >> I absolutely agree with Amy. And I think there's a context here that reverse engineering and forensics analysis and forensics engineering are becoming more critical than ever. The ability to look at what you have designed in a system and then tear it apart and look at it for gaps and holes and problem sets. Or when you're given some software that's already been pre-developed, checking it to make sure it is really going to do what it says it's going to do. That forensics ability becomes more and more a skillset that also you need the verbal skills to explain what it is you're doing and what you found. So the communication side, the systems analysis side, the forensics analysis side, these are all things that are part of system approach that I think you could spend hours on and we still haven't really done a great job on it. So it's one of my fortes is really the whole analysis side of forensics and reverse engineering. >> Trung, real quick, systems thinking, your thoughts. >> Well, I'd like to share with you my experience when I worked in the space station program at NASA. We had two different approaches. One is a compound approach where we design it from the system general point of view where we put components together to be a complex system. But at the same time, we have the (indistinct) approach where we have an engineer who spent time and effort building individual component and they have to be expert in those tiny component that general component they deliver. And in the space station program, we bring together the (indistinct) engineer who designed everything in detail and the system manager who managed the system design from the top down, and we meet in the middle, and together we compromised a lot of differences and we delivered the space station that we are operating today. >> Great insight. And that's the whole teamwork collaboration that Dr. Fleischer was mentioning. Thanks so much for that insight. I wanted to get that out there because I know myself as a parent, I'm always trying to think about what's best for my kids and their friends as they grow up into the workforce. I know educators and leaders in industry would love to know some of the best practices around some of the structural changes. So thanks for that insight. But this topic's about students and helping them prepare. So we heard be multiple discipline, broaden your horizons, think like systems, top down, bottom up, work together as a team, and follow the data. So I got to ask you guys, there's a huge amount of job openings in cybersecurity. It's well-documented. And certainly with the intersection of space and cyber, it's only going to get bigger, right? You're going to see more and more demand for new types of jobs. How do we get high school and college students interested in security as a career? Dr. Fleischer, we'll start with you on this one. I would say really one of the best ways to get students interested in a career is to show them the impact that it's going to have. There's definitely always going to be students who are going to want to do the technology for the technology's sake, but that will limit you to a narrow set of students, and by showing the greater impact that these types of careers are going to have on the types of problems that you're going to be able to solve and the impact you're going to be able to have on the world around you, that's the word that we really need to get out. And a wide variety of students really respond to these messages. So I think it's really kind of reaching out at the elementary, the middle school level, and really kind of getting this idea that you can make a big difference, a big positive difference in the field with some of these careers, is going to be really critical. >> Real question to follow up. What do you think is the best entry point? You mentioned middle. I didn't hear elementary school. There's a lot of discussions around pipelining, and we're going to get into women in tech and underrepresented minorities later. But is it too early, or what's your feeling on this? >> My feeling is the earlier we can normalize it, the better. If you can normalize an interest in computers and technology and building in elementary school, that's absolutely critical. But the drop-off point that we're seeing is between what I would call late elementary and early middle school. And just kind of as an anecdote, I for years ran an outreach program for Girl Scouts in grades four and five and grade six, seven, and eight. And we had 100 slots in each program. And every year the program would sell out for girls in grades four and five, and every year we'd have spots remaining in grades six, seven, and eight. And that's literally where the drop-off is occurring between that late elementary and that middle school range. So that's the area that we need to target to make sure we keep those young women involved and interested as we move forward. >> Bill, how are we going to get these kids interested in security? You mentioned a few programs you got. >> Yeah. >> I mean, who wouldn't want to be a white hat hacker? I mean, that sounds exciting. >> So yeah, great questions. Let's start with some basic principles, though, is let me ask you a question, John. Name for me one white hat, good person hacker, the name, who works in the space industry and is an exemplar for students to look up to. >> You? >> Oh man, I'm feeling really... >> I'm only, I can't imagine a figure- >> (indistinct) the answer because the answer we normally get is the cricket sound. So we don't have individuals we've identified in those areas for them to look up to. >> I was going to be snarky and say most white hackers won't even use their real name, but... >> Right, so there's an aura around their anonymity here. So again, the real question is how do we get them engaged and keep them engaged? And that's what Amy was pointing out to exactly, the engagement and sticking with it. So one of the things that we're trying to do through our competition on the state level and other elements is providing connections. We call them ambassadors. These are people in the business who can contact the students that are in the game or in that challenge environment and let 'em interact and let 'em talk about what they do and what they're doing in life. But give them a challenging game format. A lot of computer-based training, capture the flag stuff is great, but if you can make it hands-on, if you can make it a learn by doing experiment, if you can make it personally involved and see the benefit as a result of doing that challenge and then talk to the people who do that on a daily basis, that's how you get them involved. The second part is part of what we're doing is we're involving partnership companies in the development of the teams. So this year's competition that we're running has 82 teams from across the state of California. Of those 82 teams at six students a team, middle school, high school, and many of those have company partners, and these are practitioners in cybersecurity who are working with those students to participate. It's that adult connectivity. It's that visualization. So at the competition this year, we have the founder of Defcon Red Flag is a participant to talk to the students. We have Vint Cerf, who is, of course, very well-known for something called the internet, to participate. It's really getting the students to understand who's in this, who can I look up to, and how do I stay engaged with them? >> There's definitely a celebrity aspect of it, I will agree. I mean, the influencer aspect here with knowledge is key. Can you talk about these ambassadors, and how far along are you on that program? First of all, the challenge stuff is, anything gamification-wise, we've seen that with hackathons, it just really works well. Creates bonding. People who create together can get sticky and get very high community aspect to it. Talk about this ambassador thing. What is that, industry, is that academic? >> Yeah, absolutely. >> What is this ambassador thing? >> Industry partners that we've identified, some of which, and I won't hit all of 'em, so I'm sure I'll short change this, but Palo Alto, Cisco, Splunk, many of the companies in California, and what we've done is identified schools to participate in the challenge that may not have a strong STEM program or have any cyber program. And the idea of the company is they look for their employees who are in those school districts to partner with the schools to help provide outreach. It could be as simple as a couple hours a week, or it's a team support captain or it's providing computers and other devices to use. And so again, it's really about a constant connectivity and trying to help where some schools may not have the staff or support units in an area to really provide them what they need for connectivity. What that does is it gives us an opportunity to not just focus on it once a year, but throughout the year. So for the competition, all the teams that are participating have been receiving training and educational opportunities in the gamification side since they signed up to participate. So there's a website, there's learning materials, there's materials provided by certain vendor companies like Wireshark and others. So it's a continuum of opportunity for the students. >> You know, I've seen, just randomly, just got a random thought. Robotics clubs are moving then closer into that middle school area, Dr. Fleischer, and in certainly in high schools, it's almost like a varsity sport. E-sports is another one. My son just called me. "I made the JV at the college team." It's big and serious, right? And it's fun. This is the aspect of fun. It's hands-on. This is part of the culture down there. Learn by doing. Is there, like, a group? Is it, like, a club? I mean, how do you guys organize these bottoms-up organically interest topics? >> So here in the college of engineering, when we talk about learn by doing, we have learned by doing both in the classroom and out of the classroom. And if we look at these types of out of the classroom activities, we have over 80 clubs working on all different aspects, and many of these are bottom-up. The students have decided what they want to work on and have organized themselves around that. And then they get the leadership opportunities. The more experienced students train the less experienced students. And it continues to build from year after year after year with them even doing aspects of strategic planning from year to year for some of these competitions. Yeah, it's an absolutely great experience. And we don't define for them how their learn by doing experiences should be. We want them to define it. And I think the really cool thing about that is they have the ownership and they have the interest and they can come up with new clubs year after year to see which direction they want to take it, and we will help support those clubs as old clubs fade out and new clubs come in. >> Trung, real quick, before we go on the next talk track, what do you recommend for middle school, high school, or even elementary? A little bit of coding, Minecraft? I mean, how do you get 'em hooked on the fun and the dopamine of technology and cybersecurity? What's your take on that? >> On this aspect, I'd like to share with you my experience as a junior high and high school student in Texas. The university of Texas in Austin organized a competition for every high school in Texas in every field from poetry to mathematics to science, computer engineering. But it's not about the University of Texas. The University of Texas is only serving as a center for the final competition. They divide the competition to district and then regional and then state. At each level, we have local university and colleges volunteering to host the competition and make it fun for the student to participate. And also they connected the students with private enterprises to raise fund for scholarship. So student who see the competition is a fun event for them, they get exposed to different university hosting the event so that they can see different option for them to consider college. They also get a promise that if they participate, they will be considered for scholarship when they attend university and college. So I think the combination of fun and competition and the scholarship aspect will be a good thing to entice the student to commit to the area of cybersecurity. >> Got the engagement, the aspiration, scholarship, and you mentioned a volunteer. I think one of the things I'll observe is you guys are kind of hitting this as community. I mean, the story of Steve Jobs and Woz building the Mac, they called Bill Hewlett up in Palo Alto. He was in the phone book. And they scoured some parts from him. That's community. This is kind of what you're getting at. So this is kind of the formula we're seeing. So the next question I really want to get into is the women in technology, STEM, underrepresented minorities, how do we get them on cybersecurity career path? Is there a best practices there? Bill, we'll start with you. >> Well, I think it's really interesting. First thing I want to add is, if I could, just a clarification. What's really cool, the competition that we have and we're running, it's run by students from Cal Poly. So Amy referenced the clubs and other activities. So many of the organizers and developers of the competition that we're running are the students, but not just from engineering. So we actually have theater and liberal arts majors and technology for liberal arts majors who are part of the competition, and we use their areas of expertise, set design and other things, visualization, virtualization. Those are all part of how we then teach and educate cyber in our gamification and other areas. So they're all involved and they're learning, as well. So we have our students teaching other students. So we're really excited about that. And I think that's part of what leads to a mentoring aspect of what we're providing where our students are mentoring the other students. And I think it's also something that's really important in the game. The first year we held the game, we had several all-girl teams, and it was really interesting because A, they didn't really know if they could compete. I mean, this is their reference point. We don't know if. They did better than anybody. I mean, they just, they knocked the ball out of the park. The second part, then, is building that confidence level that can, going back and telling their cohorts that, hey, it's not this obtuse thing you can't do. It's something real that you can compete and win. And so again, it's building that camaraderie, that spirit, that knowledge that they can succeed. And I think that goes a long way. And Amy's programs and the reach out and the reach out that Cal Poly does to schools to develop, I think that's what it really is going to take. It is going to take that village approach to really increase diversity and inclusivity for the community. >> Dr. Fleischer, I'd love to get your thoughts. You mentioned your outreach program and the drop-off, some of those data. You're deeply involved in this. You're passionate about it. What's your thoughts on this career path opportunity for STEM? >> Yeah, I think STEM is an incredible career path opportunity for so many people. There's so many interesting problems that we can solve, particularly in cyber and in space systems. And I think we have to meet the kids where they are and kind of show them what the exciting part is about it, right? But Bill was alluding to this when he was talking about trying to name somebody that you can point to. And I think having those visible people where you can see yourself in that is absolutely critical, and those mentors and that mentorship program. So we use a lot of our students going out into California middle schools and elementary schools. And you want to see somebody that's like you, somebody that came from your background and was able to do this. So a lot of times we have students from our National Society of Black Engineers or our Society of Hispanic Professional Engineers or our Society of Women Engineers, which we have over 1,000 members, 1,000 student members in our Society of Women Engineers who are doing these outreach programs. But like I also said, it's hitting them at the lower levels, too, and Girl Scouts is actually distinguishing themselves as one of the leading STEM advocates in the country. And like I said, they developed all these cybersecurity badges starting in kindergarten. There's a cybersecurity badge for kindergartener and first graders. And it goes all the way up through late high school. The same thing with space systems. And they did the space systems in partnership with NASA. They did the cybersecurity in partnership with Palo Alto Networks. And what you do is you want to build these skills that the girls are developing, and like Bill said, work in girl-led teams where they can do it, and if they're doing it from kindergarten on, it just becomes normal, and they never think, well, this is not for me. And they see the older girls who are doing it and they see a very clear path leading them into these careers. >> Yeah, it's interesting, you used the word normalization earlier. That's exactly what it is. It's life, you get life skills and a new kind of badge. Why wouldn't you learn how to be a white hat hacker or have some fun or learn some skills? >> Amy: Absolutely. >> Just in the grind of your fun day. Super exciting. Okay, Trung, your thoughts on this. I mean, you have a diverse, diversity brings perspective to the table in cybersecurity because you have to think like the other guy, the adversary. You got to be the white hat. You can't be a white hat unless you know how black hat thinks. So there's a lot of needs here for more points of view. How are we going to get people trained on this from underrepresented minorities and women? What's your thoughts? >> Well, as a member of the IEEE Professional Society of Electrical and Electronic Engineers, every year we participate in the engineering week. We deploy our members to local junior high school and high school to talk about our project to promote the study of engineering. But at the same time, we also participate in the science fair that the state of Texas is organizing. Our engineer will be mentoring students, number one, to help them with the project, but number two, to help us identify talent so that we can recruit them further into the field of STEM. One of the participation that we did was the competition of the, what they call Future City, where students will be building a city on a computer simulation. And in recent year, we promote the theme of smart city where city will be connected the individual houses and together into the internet. And we want to bring awareness of cybersecurity into that competition. So we deploy engineer to supervise the people, the students who participate in the competition. We bring awareness not in the technical detail level, but in what we've call the compound level so student will be able to know what required to provide cybersecurity for the smart city that they are building. And at the same time, we were able to identify talent, especially talent in the minority and in the woman, so that we can recruit them more actively. And we also raise money for scholarship. We believe that scholarship is the best way to entice student to continue education at the college level. So with scholarship, it's very easy to recruit them to the field and then push them to go further into the cybersecurity area. >> Yeah, I mean, I see a lot of the parents like, oh, my kid's going to go join the soccer team, we get private lessons, and maybe they'll get a scholarship someday. Well, they only do half scholarships. Anyway. I mean, if they spent that time doing these other things, it's just, again, this is a new life skill, like the Girl Scouts. And this is where I want to get into this whole silo breaking down, because Amy, you brought this up, and Bill, you were talking about it, as well. You got multiple stakeholders here with this event. You've got public, you've got private, and you've got educators. It's the intersection of all of them. It's, again, if those silos break down, the confluence of those three stakeholders have to work together. So let's talk about that. Educators. You guys are educating young minds. You're interfacing with private institutions and now the public. What about educators? What can they do to make cyber better? 'Cause there's no real manual. I mean, it's not like this court is a body of work of how to educate cybersecurity. Maybe it's more recent. There's cutting edge best practices. But still, it's an evolving playbook. What's your thoughts for educators? Bill, we'll start with you. >> Well, I'm going to turn to Amy and let her go first. >> Let you go. >> That's fine. >> I would say as educators, it's really important for us to stay on top of how the field is evolving, right? So what we want to do is we want to promote these tight connections between educators and our faculty and applied research in industry and with industry partnerships. And I think that's how we're going to make sure that we're educating students in the best way. And you're talking about that inner, that confluence of the three different areas. And I think you have to keep those communication lines open to make sure that the information on where the field is going and what we need to concentrate on is flowing down into our educational process. And that works in both ways, that we can talk as educators and we can be telling industry what we're working on and what types of skills our students have and working with them to get the opportunities for our students to work in industry and develop those skills along the way, as well. And I think it's just all part of this really looking at what's going to be happening and how do we get people talking to each other? And the same thing with looking at public policy and bringing that into our education and into these real hands-on experiences. And that's how you really cement this type of knowledge with students, not by talking to them and not by showing them, but letting them do it. It's this learn by doing and building the resiliency that it takes when you learn by doing. And sometimes you learn by failing, but you just pick up and you keep going. And these are important skills that you develop along the way. >> You mentioned sharing, too. That's the key. Collaborating and sharing knowledge. It's an open world and everyone's collaborating. Bill, private-public partnerships. I mean, there's a real, private companies, you mentioned Palo Alto Networks and others. There's a real intersection there. They're motivated. They could, there's scholarship opportunities. Trung points to that. What is the public-private educator view there? How do companies get involved and what's the benefit for them? >> Well, that's what a lot of the universities are doing is to bring in as part of either their cyber centers or institutes people who are really focused on developing and furthering those public-private partnerships. That's really what my role is in all these things is to take us to a different level in those areas, not to take away from the academic side, but to add additional opportunities for both sides. Remember, in a public-private partnership, all entities have to have some gain in the process. Now, what I think is really interesting is the timing on particularly this subject, space and cybersecurity. This has been an absolute banner year for space. The standup of Space Force, the launch of commercial partnership, you know, commercial platforms delivering astronauts to the space station, recovering them, and bringing them back. The ability of a commercial satellite platform to be launched. Commercial platforms that not only launch but return back to where they're launched from. These are things that are stirring the hearts of the American citizens, the kids, again, they're getting interested. They're seeing this and getting enthused. So we have to seize upon that and we have to find a way to connect that. Public-private partnerships is the answer for that. It's not one segment that can handle it all. It's all of them combined together. If you look at space, space is going to be about commercial. It's going to be about civil. Moving from one side of the Earth to the other via space. And it's about government. And what's really cool for us, all those things are in our backyard. That's where that public-private comes together. The government's involved. The private sector's involved. The educators are involved. And we're all looking at the same things and trying to figure out, like this forum, what works best to go to the future. >> You know, if people are bored and they want to look for an exciting challenge, you couldn't have laid it out any clearer. It's the most exciting discipline. It's everything. I mean, we just talk about space. GPS is, everything we do is involved, has to do with satellites. (laughs) >> I have to tell you a story on that right? We have a very unique GPS story right in our backyard. So our sheriff is the son of the father of GPS for the Air Force. So you can't get better than that when it comes to being connected to all those platforms. So we really want to say, you know, this is so exciting for all of us because it gives everybody a job for a long time. >> You know, the kids that think TikTok's exciting, wait till they see what's going on here with you guys, this program. Trung, final word on this from the public side. You're at the Air Force. You're doing research. Are you guys opening it up? Are you integrating into the private and educational sectors? How do you see that formula playing out? And what's the best practice for students and preparing them? >> I think it's the same in every university in the engineering program will require our students to do the final project before graduation. And in this kind of project, we send them out to work in the private industry, the private company that sponsor them. They get the benefit of having an intern working for them and they get the benefit of reviewing the students as the prospective employee in the future. So it's good for the student to gain practical experience working in this program. Sometimes we call that a co-op program. Sometimes we call that a capstone program. And the company will accept the student on a trial basis, giving them some assignment and then pay them a little bit of money. So it's good for the student to earn some extra money, to have some experience that they can put on their resume when they apply for the final, for the job. So the collaboration between university and private sector is really important. When I join a faculty normally there already exist that connection. It came from normally, again, from the dean of engineering, who would wine and dine with companies, build up relationship, and sign up agreement. But it's us professor who have to do the (indistinct) approach to do a good performance so that we can build up credibility to continue the relationship with those company and the student that we selected to send to those company. We have to make sure that they will represent the university well, they will do a good job, and they will make a good impression. >> Thank you very much for a great insight, Trung, Bill, Amy. Amazing topic. I'd like to end this session with each of you to make a statement on the importance of cybersecurity to space. We'll go Trung, Bill, and Amy. Trung, the importance of cybersecurity to space, brief statement. >> The importance of cybersecurity, we know that it's affecting every component that we are using and we are connecting to, and those component, normally we use them for personal purpose, but when we enter the workforce, sometimes we connect them to the important system that the government or the company are investing to be put into space. So it's really important to practice cybersecurity, and a lot of time, it's very easy to know the concept. We have to be careful. But in reality, we tend to forget to to practice it the way we forget how to drive a car safely. And with driving a car, we have a program called defensive driving that requires us to go through training every two or three years so that we can get discount. Every organization we are providing the annual cybersecurity practice not to tell people about the technology, but to remind them about the danger of not practicing cybersecurity and it's a requirement for every one of us. >> Bill, the importance of cybersecurity to space. >> It's not just about young people. It's about all of us. As we grow and we change, as I referenced it, we're changing from an analog world to a digital world. Those of us who have been in the business and have hair that looks like mine, we need to be just as cognizant about cybersecurity practice as the young people. We need to understand how it affects our lives, and particularly in space, because we're going to be talking about people, moving people to space, moving payloads, data transfer, all of those things. And so there's a whole workforce that needs to be retrained or upskilled in cyber that's out there. So the opportunity is ever expansive for all of us. >> Amy, the importance of cybersecurity in space. >> I mean the emphasis of cybersecurity is space just simply can't be over emphasized. There are so many aspects that are going to have to be considered as systems get ever more complex. And as we pointed out, we're putting people's lives at stake here. This is incredibly, incredibly complicated and incredibly impactful, and actually really exciting, the opportunities that are here for students and the workforce of the future to really make an enormous impact on the world around us. And I hope we're able to get that message out to students and to children today, that these are really interesting fields that you need to consider. >> Thank you very much. I'm John Furrier with theCUBE, and the importance of cybersecurity and space is the future of the world's all going to happen in and around space with technology, people, and society. Thank you to Cal Poly, and thank you for watching the Cybersecurity and Space Symposium 2020. (bright music)

>> Live from Las Vegas, it's theCUBE! Covering the AWS Accenture Executive Summit. Brought to you by Accenture. >> Welcome back everyone to theCUBE's live coverage of the AWS Executive Summit here in Las Vegas. I'm your host, Rebecca Knight. We have three guests for this segment. We have Joe Donahue, managing director at Accenture. Hal Stern, AVP, IT Engineering Merck Research Labs. And Derek Seymour, Global Partner Leader Industry Verticals at AWS. Thank you so much for coming on theCUBE. >> Thank you! >> So, we're talking today about a new informatics research platform in the pharmaceutical/medical research industry. Will you paint a picture for us right now, Joe, of what it's like today. Sort of what medical research the time frame we're thinking about, the clunkiness of it all. >> Yeah, so it's a great question Rebecca. Drug discovery today generally takes more than a decade, it costs billions of dollars and has a lot of failures in excess of 90%. So it's not an exact science, we're generating more and more data. And at the same time, just our understanding of human disease biology continues to increase. These metrics haven't really changed. If you look back at the last coupe of decades, it's a 10 year plus process and that much money. So we're looking for ways that we can apply technology to really improve the odds of discovering a new drug that could help patients sooner and faster. >> And that will ultimately save lives. So it's a real social problem, a real problem. Why a platform for this? >> I think if you look at basic research, and you talk about basic blood sciences research, the lingua franca there is chemistry and biology. And we still don't really understand all the aspects, all the mechanisms of action that lead to chronic disease or lead to specific disease that we're interested in. So very, very much research is driven by the scientific method. You formulate a hypothesis based on some data, you run an experiment, you collect the data, you analyze it, and you start over again. So your ability to essentially cycle your data through that discovery process is absolutely critical. The problem is that we buy a lot of applications. And the applications were not designed to be able to interchange data freely. There is no platform to the sense of you have one on your phone, or you have one on your server operating system, where things were designed with a fairly small set of standards that say this is how you share data, this is how you represent it, this is how you access it. Instead we have these very top to bottom integrated applications that, quite honestly, they work together through a variety of copy and paste. Sometimes quite literal copy and paste mechanisms. And our goal in producing a platform is we would like to be able to first separate data from the applications to allow it to flow more freely around the cycle, that basic scientific method. Number two, to now start to allow component substitution. So we'll actually start to encourage more innovation in the space, bring in some of the new players. Make it easier to bring in new ideas is there better ways of analyzing the data or better ways of helping shape and formulate and curate those hypothesis. And finally, there's just a lot of parts of this that are fairly common. They're what we call pre competitive. Everybody has to do them. Everybody has to store data, everybody has to get lab instrument information. Everybody has to be able to go capture assay information. It's very hard to do it better than one of your competitors. So we should just all do it the same way. You see this happen in the cable industry, you see this happen at a variety of other industries where there are industry standards for how you accomplish basic commoditized things, and we haven't really had that. So one of the goals is, let's just sit down and find the first things to commoditize and go drive that economic advantage of being able to buy them as opposed to having to go build them bespoke each time. >> So this pre competitive element is really important. Derek, can you talk a little bit about how this platform in particular operates? >> Certainly. Our goal collectively as partners is to help pharma companies and researchers improve their efficiency and effectiveness in the drug discovery process. So the platform that we built brings together content and service and data from the pharma companies in a way that allows them, the researchers, a greater access to share that information. To do analysis, and to spend their time on researching the data and using their science and less on the work of managing an IT environment. So in that way we can both elevate their work and also take away, what we at AWS, call the undifferentiated heavy lifting of managing an IT environment. >> So you're doing the heavy lifting behind the scenes so that the researchers themselves can do what they do, which is focus on the science. So what have we seen so far? What kind of outcomes are we seeing? Particularly because it is in this pre competitive time. >> Well we've just really started, but we're getting a lot of excitement. Merck obviously is our first client, but our intent is that we'll have other pharmaceutical and biotech companies coming on board. And right now we've effectively started to create this two sided marketplace of pharma and biotech companies on one side and the key technology providers and content providers on the other side. We've effectively created that environment where the technology companies can plug in their secret sauce, you know via standardized APIs and micro services, and then the pharmaceutical and biotech companies can leverage those capabilities as part of this industry standard open platform that we're co creating. And so far we've started that process. The results are really encouraging. And the key thing is, you know really two fold. Get the word out there, we're doing that today here. Talking to other pharmaceutical and biotech companies. As well as not only the established technology providers in this space, but also the new comers. 'Cause this type of infrastructure, this type of platform, will enable the new innovative companies, the startup companies, to enter a market that traditionally has been very challenging to get into. Because there's so much data, there's so much legacy infrastructure. We're creating a mechanism that pharmaceutical researchers can take advantage of new technologies faster. For example, the latest algorithms on artificial intelligence and machine learning analyze all of this diverse data that's being generated. >> So that's for the startups, and that's sort of the promise of this kind of platform approach. But what about for a Merck, a established player in this. What kinds of things are you feeling and seeing inside the company? >> You think about this efficient frontier of what does is cost us to run the underlying technology systems that are foundational to our science? And you think about it, there are some things we do which are highly commoditized, we want them to be very efficient. And some things we do, which are very highly specialized, they're highly competitive, and it's okay if they're less efficient. You want to invest your money there. And you really want to invest more in things that are going to drive you a unique competitive advantage. And less in the things that are highly commoditized. The example I use frequently is you could go out and buy a barrel of oil, bring it home, refine it in your backyard, make your own gasoline. It's not recommended. It's messy, it really annoys the neighbors. Especially when it goes wrong. And it's not nearly as cost effective or as convenient as driving over to Exxon Mobil and filling up at the pump. If you're in New Jersey, having someone else even pump it for you. That's kind of the environment we're in right now today where we're refining that barrel of oil for every single application we have. So in doing this, we start to establish the base line of really thinking about refactoring our core applications into those things which can be driven by the economics of the commodity platform and those things which are going to give us unique advantage. We will see things I think, like improved adoption of data standards. We're going to see a lower barrier to entry for new applications, for new ideas. We're also going to see a lower barrier to exit. It'll be easier for us to adopt new ideas. Or to change or to substitute components because they really are built as part of a platform. And you see this, you look at, I would say over time things that have sedimented into AWS. It's been a remarkable story of starting with things that were basically resting our faces on a pausics file system and turned all the sudden into a seamless data base. By sedimenting well defined open source projects, we would like to see some of the same thing happen, where some of the core things we have to go do, entity registration, assay data captured, data management. They should be part of the platform. It's really hard to register an entity better than your competitor. What you do with it, how you describe what you're registering, how you capture intellectual property, how it drives your next invention. Completely bespoke, completely highly competitive. I'm going to keep that. But the underlying mechanics of it, to me it's file system stuff, it's data base stuff. We should leverage the economics of our industry. And again, leverage it as technologist ingredient. It's not the top level brand, chemistry and biology are the top level brand, technology's an ingredient brand we should really use the best ingredients we can. >> When you're hearing this conversation so related to life sciences, medical, bio/pharma research, what are sort of the best practices that have emerged, in terms of the way life sciences approaches its platform, and how it can be applied to other industries? >> What we've seen through the early collaboration with Merck and with Accenture is that bringing together these items in a secure environment, multi talent environment, managed by Accenture, run by AWS. We can put those tools in the hands of the researchers. We can provide them with work flow data analytics capabilities, reporting capabilities, to cover the areas that Hal is talking about so that they can elevate the work that they are doing. Over time, we expect to bring in more components. The application, the platform, will become more feature rich as we add additional third parties. And that's a key element in life science is that the science itself, while it may take place in (mumbles), it's a considerable collaboration across a number of research institutes. Both within the pharma and biotech community. Having this infrastructure in place where those companies and the researchers can come together in a secure manner, we're very proud to be supporting of that. >> So Joe, we started this conversation with you describing the state of medical research today, can you describe what you think it will be in 10 years from now as more pharmaceutical companies adopt this platform approach. And we're talking about the Mercks of the world, but then also those hungry start ups that are also. >> Sure, I think we're starting to see that transition actually happen now. And I think it's the recognition and you start to hear it as you hear some of the pharmaceutical CEO's talking about their business and the transformation. They've always talked about the science. They've always talked about the research. Now they're talking about data and informatics and they're realizing being a pharmaceutical company is not just about the science, it's about the data and you have to be as good and as efficient on the informatics and the IT side as you are on the science side. And that's the transition that we're going through right now. In 10 years, where we all hope we should be, is leveraging modern computing architectures. Existing platform technology to let the organizations focus on what's really important. And that's the science and the data that they generate for the benefit potentially of saving patient's lives in the future. >> So not only focusing on their core competencies, but then also that means that drug discovery will be quicker, that failure rates will go down. >> Even a 10 or 20% improvement in failure rates would be incredibly dramatic to the industry. >> And could save millions of lives. And improve lives and outcomes. Great, well thank you all so much for coming on theCUBE. It's been a really fun and interesting conversation. >> Same here, thank you Rebecca. >> Thank you, thank you. >> Thank you. >> I'm Rebecca Knight, we will have more of the AWS Executive Summit and theCUBE's live coverage coming up in just a little bit. (upbeat music)

>> Announcer: Live from New York City It's TheCube. Covering CyberConnect 2017. Brought to you by Centrify and the Institute for Critical Infrastructure Technology. >> It got out of control, they were testing it. Okay, welcome back everyone. We are here live in New York City for CyberConnect 2017. This is Cube's coverage is presented by Centrify. It's an industry event, bringing all the leaders of industry and government together around all the great opportunities to solve the crisis of our generation. That's cyber security. We have Cricket Liu. Chief DNS architect and senior fellow at Infoblox. Cricket, great to see you again. Welcome to theCUBE. >> Thank you, nice to be back John. >> So we're live here and really this is the first inaugural event of CyberConnect. Bringing government and industry together. We saw the retired general on stage talking about some of the history, but also the fluid nature. We saw Jim from Aetna, talking about how unconventional tactics and talking about domains and how he was handling email. That's a DNS problem. >> Yeah, yeah. >> You're the DNS guru. DNS has become a role in this. What's going on here around DNS? Why is it important to CyberConnect? >> Well, I'll be talking tomorrow about the first anniversary, well, a little bit later than the first anniversary of the big DDoS attack on Dyn. The DNS hosting provider up in Manchester, New Hampshire. And trying to determine if we've actually learned anything, have we improved our DNS infrastructure in any way in the ensuing year plus? Are we doing anything from the standards, standpoint on protecting DNS infrastructure. Those sorts of things. >> And certainly one of the highlight examples was mobile users are masked by the DNS on, say, email for example. Jim was pointing that out. I got to ask you, because we heard things like sink-holing addresses, hackers create domain names in the first 48 hours to launch attacks. So there's all kinds of tactical things that are being involved with, lets say, domain names for instance. >> Cricket: Yeah, yeah. >> That's part of the critical infrastructure. So, the question is how, in DDoS attacks, denial-of-service attacks, are coming in in the tens of thousands per day? >> Yeah, well that issue that you talked about, in particular the idea that the bad guys register brand new domain names, domain names that initially have no negative reputation associated with them, my friend Paul Vixie and his new company Farsight Security have been working on that. They have what is called a -- >> John: What's the name of the company again? >> Farsight Security. >> Farsight? >> And they have what's called a Passive DNS Database. Which is a database basically of DNS telemetry that is accumulated from big recursive DNS servers around the internet. So they know when a brand new domain name pops up, somewhere on the internet because someone has to resolve it. And they pump all of these brand new domain names into what's called a response policy zone feed. And you can get for example different thresh holds. I want to see the brand new domain names created over the last 30 minutes or seen over the last 30 minutes. And if you block resolution of those brand new domain names, it turns out you block a tremendous amount of really malicious activity. And then after say, 30 minutes if it's a legitimate domain name it falls off the list and you can resolve it. >> So this says your doing DNS signaling as a service for new name registrations because the demand is for software APIs to say "Hey, I want to create some policy around some techniques to sink-hole domain address hacks. Something like that? >> Yeah, basically this goes hand in hand with this new system response policy zone which allows you to implement DNS policy. Something that we've really never before done with DNS servers, which that's actually not quite true. There have been proprietary solutions for it. But response policy zones are an open solution that give you the ability to say "Hey I do want to allow resolution of this domain name, but not this other domain name". And then you can say "Alright, all these brand new domain names, for the first 30 minutes of their existence I don't want-- >> It's like a background check for domain names. >> Yeah, or like a wait list. Okay, you don't get resolved for the first 30 minutes, that gives the sort of traditional, reputational, analyzers, Spamhaus and Serval and people like that a chance to look you over and say "yeah, it's malicious or it's not malicious". >> So serves to be run my Paul Vixie who is the contributor to the DNS protocol-- >> Right, enormous contributor. >> So we should keep an eye on that. Check it out, Paul Vixie. Alright, so DNS's critical infrastructure that we've been talking about, that you and I, love to riff about DNS and the role What's it enabled? Obviously it's ASCII, but I got to ask you, all these Unicode stuff about the emoji and the open source, really it highlight's the Unicode phenomenon. So this is a hacker potential haven. DNS and Unicode distinction. >> It's really interesting from a DNS standpoint, because we went to a lot of effort within the IETF, the Internet Engineering Task Force, some years ago, back when I was more involved in the IETF, some people spent a tremendous amount of effort coming up with a way to use allow people to use Unicode within domain name. So that you could type something into your browser that was in traditional or simplified Chinese or that was in Arabic or was in Hebrew or any number of other scripts. And you could type that in and it would be translated into something that we call puny code, in the DNS community, which is an ASCII equivalent to that. The issue with that though, becomes that there are, we would say glifs, most people I guess would say characters, but there are characters in Unicode that look just like, say Latin alphabet characters. So there's a lowercase 'a' for example, in cyrillic, it's not a lowercase 'a' in the Latin alphabet, it's a cyrillic 'a', but it looks just like an 'a'. So it's possible for people to register names, domain names, that in there Unicode representation, look like for example, PayPal, which of course has two a's in it, and those two a's could be cyrillic a's. >> Not truly the ASCII representation of PayPal which we resolve through the DNS. >> Exactly, so imagine how subtle an attack that would be if you were able to send out a bunch of email, including the links that said www.-- >> Someone's hacked your PayPal account, click here. >> Yeah, exactly. And if you eyeballed it you'd think Well, sure that's www.PayPal.com, but little do you know it's actually not the -- >> So Jim Ruth talked about applying some unconventional methods, because the bad guys don't subscribe to the conventional methods . They don't buy into it. He said that they change up their standards, is what I wrote down, but that was maybe their sort of security footprint. 1.5 times a day, how does that apply to your DNS world, how do you even do that? >> Well, we're beginning to do more and more with analytics DNS. The passive DNS database that I talked about. More and more big security players, including Infoblox are collecting passive DNS data. And you can run interesting analytics on that passive DNS data. And you can, in some cases, automatically detect suspicious or malicious behavior. For example you can say "Hey, look this named IP address mapping is changing really, really rapidly" and that might be an indication of let's say, fast flux. Or you can say "These domain names have really high entropy. We did an engram analysis of the labels of these". The consequence of that we believe that this resolution of these domain names, is actually being used to tunnel data out of an organization or into an organization. So there's some things you can do with these analytical algorithms in order to suss out suspicious and malicious. >> And you're doing that in as close to real time as possible, presumably right? >> Cricket: That's right. >> And so, now everybody's talking about Edge, Edge computing, Edge analytics. How will the Edge effect your ability to keep up? >> Well, the challenge I think with doing analytics on passive DNS is that you have to be able to collect that data from a lot of places. The more places that you have, the more sensors that you have collecting passive DNS data the better. You need to be able to get it out from the Edge. From those local recursive DNS servers that are actually responding to the query's that come from say your smart phone or your laptop or what have you. If you don't have that kind of data, you've only got, say, big ISPs, then you may not detect the compromise of somebody's corporate network, for example. >> I was looking at some stats when I asked the IOT questions, 'cause you're kind of teasing out kind of the edge of the network and with mobile and wearables as the general was pointing out, is that it's going to create more service area, but I just also saw a story, I don't know if it's from Google or wherever, but 80% plus roughly, websites are going to have SSL HTBS that they're resolving through. And there's reports out here that a lot of the anti virus provisions have been failing because of compromised certificates. And to quote someone from Research Park, and we want to get your reaction to this "Our results show", this is from University of Maryland College Park. "Our results show that compromised certificates pose a bigger threat than we previously believed, and is not restricted to advanced threats and digitally signed malware was common in the wild." Well before Stuxnet. >> Yeah, yeah. >> And so breaches have been caused by compromising certificates of actual authority. So this brings up the whole SSL was supposed to be solving this, that's just one problem. Now you've got the certificates, well before Stuxnet. So Stuxnet really was kind of going on before Stuxnet. Now you've got the edge of the network. Who has the DNS control for these devices? Is it kind of like failing? Is it crumbling? How do we get that trust back? >> That's a good question. One of the issues that we've had is that at various points, CAs, Certificate Authorities, have been conned into issuing certificates for websites that they shouldn't have. For example, "Hey, generate a cert for me". >> John: The Chinese do it all the time. >> Exactly. I run www. Bank of America .com. They give it to the wrong guy. He installs it. We have I think, something like 1,500 top level certification authorities. Something crazy like that. Dan Komenski had a number in one of his blog posts and it was absolutely ridiculous. The number of different CA's that we trust that are built into the most common browsers, like Chrome and Firefox and things like that. We're actually trying to address some of those issues with DNS, so there are two new resource records being introduced to DNS. One is TLSA. >> John: TLSA? >> Yeah, TLSA. And the other one is called CAA I think, which always makes me think of a California Automotive Association. (laughter) But TLSA is basically a way of publishing data in your own zone that says My cert looks like this. You can say "This is my cert." You can just completely go around the CA. And you can say "This is my cert" and then your DNS sec sign your zone and you're done. Or you can do something short of that and you can say "My cert should look like this "and it should have this CA. "This is my CA. "Don't trust any other one" >> So it's metadata about the cert or the cert itself. >> Exactly, so that way if somebody manages to go get a cert for your website, but they get that cert from some untrustworthy CA. I don't know who that would be. >> John: Or a comprimised-- >> Right, or a compromised CA. No body would trust it. No body who actually looks up the TSLA record because they'll go "Oh, Okay. I can see that Infoblox's cert that their CA is Symantech. And this is not a Symantech signed cert. So I'm not going to believe it". And at the same time this CAA record is designed to be consumed by the CA's themselves, and it's a way of saying, say Infoblox can say "We are a customer of Symantech or whoever" And when somebody goes to the cert and says "Hey, I want to generate a certificate for www.Infoblox.com, they'll look it up and say "Oh, they're a Symantech customer, I'm not going to do that for you". >> So it creates trust. So how does this impact the edge of the network, because the question really is, the question that's on everyone's mind is, does the internet of things create more trust or does it create more vulnerabilities? Everyone knows it's a surface area, but still there are technical solutions when you're talking about, how does this play out in your mind? How does Infoblox see it? How do you see it? What's Paul Vixie working on, does that tie into it? Because out in the hinterlands and the edge of the network and the wild, is it like a DNS server on the device. It could be a sensor? How are they resolving things? What is the protocol for these? >> At least this gives you a greater assurance if you're using TLS to encrypt communication between a client and a web server or some other resource out there on the internet. It at least gives you a better assurance that you really aren't being spoofed. That you're going to the right place. That your communications are secure. So that's all really good. IOT, I think of as slightly orthogonal to that. IOT is still a real challenge. I mean there is so many IOT devices out there. I look at IOT though, and I'll talk about this tomorrow, and actually I've got a live event on Thursday, where I'll talk about it some more with my friend Matt Larson. >> John: Is that going to be here in New York? >> Actually we're going to be broadcasting out of Washington, D.C. >> John: Were you streaming that? >> It is streamed. In fact it's only streamed. >> John: Put a plug in for the URL. >> If you go to www.Infoblox.com I think it's one of the first things that will slide into your view. >> So you're putting it onto your company site. Infoblox.com. You and Matt Larson. Okay, cool. Thursday event, check it out. >> It is somewhat embarrassingly called Cricket Liu Live. >> You're a celebrity. >> It's also Matt Larson Live. >> Both of you guys know what you're talking about. It's great. >> So there's a discussion among certain boards of directors that says, "Look, we're losing the battle, "we're losing the war. "We got to shift more on response "and at least cover our butts. "And get some of our response mechanisms in place." What do you advise those boards? What's the right balance between sort of defense perimeter, core infrastructure, and response. >> Well, I would certainly advocate as a DNS guy, that people instrument their DNS infrastructure to the extent that they can to be able to detect evidence of compromise. And that's a relatively straight forward thing to do. And most organizations haven't gone through the trouble to plumb their DNS infrastructure into their, for example, their sim infrastructure, so they can get query log information, they can use RPZs to flag when a client looks up the domain name of a known command and control server, which is a clear indication of compromise. Those sorts of things. I think that's really important. It's a pretty easy win. I do think at this point that we have to resign ourselves to the idea that we have devices on our network that are infected. That game is lost. There's no more crunchy outer shell security. It just doesn't really work. So you have to have defensive depth as they say. >> Now servs has been around for such a long time. It's been one of those threats that just keeps coming. It's like waves and waves. So it looks like there's some things happening, that's cool. So I got to ask you, CyberConnect is the first real inaugural event that brings industry and some obviously government and tech geeks together, but it's not black hat or ETF. It's not those geeky forums. It's really a business community coming together. What's your take of this event? What's your observations? What are you seeing here? >> Well, I'm really excited to actually get the opportunity to talk to people who are chiefly security people. I think that's kind of a novelty for me, because most of the time I think I speak to people who are chiefly networking people and in particular that little niche of networking people who are interested in DNS. Although truth be told, maybe they're not really interested in DNS, maybe they just put up with me. >> Well the community is really strong. The DNS community has always been organically grown and reliable. >> But I love the idea of talking about DNS security to a security audience. And hopefully some of the folks we get to talk to here, will come away from it thinking oh, wow, so I didn't even realize that my DNS infrastructure could actually be a security tool for me. Could actually be helpful in any way in detecting compromise. >> And what about this final question, 'cause I know we got a time check here. But, operational impact of some of these DNS changes that are coming down from Paul Vixie, you and Matt Larson doing some things together, What's the impact of the customer and they say "okay, DNS will play a role in how I role out my architecture. New solutions for cyber, IOT is right around the corner. What's the impact to them in your mind operationally. >> There certainly is some operational impact, for example if you want to subscribe to RPZ feeds, you've got to become a customer of somebody who provides a commercial RPZ feed or somebody who provides a free RPZ feed. You have to plumb that into your DNS infrastructure. You have to make sure that it continues transferring. You have to plumb that into your sim, so when you get a hit against an RPZ, you're notified about it, your security folks. All that stuff is routine day to day stuff. Nothing out of the ordinary. >> No radical plumbing changes. >> Right, but I think one of the big challenges in so many of the organizations that I go to visit, the security organization and the networking organization are in different silos and they don't necessarily communicate a lot. So maybe the more difficult operational challenge is just making sure that you have that communication. And that the security guys know the DNS guys, the networking guys, and vice versa. And they cooperate to work on problems. >> This seems to be the big collaboration thing that's happening here. That it's more of a community model coming together, rather than security. Cricket Liu here, DNS, Chief Architect of DNS and senior fellow of Infoblox. The legend in the DNS community. Paul Vixie amongst the peers. Really that community holding down the fort I'll see a lot of exploits that they have to watch out for. Thanks for your commentary here at the CyberConnect 2017 inaugural event. This is theCUBE. We'll be right back with more after this short break. (techno music)