(upbeat music) >> Welcome back to the program, and we're going to dig into the number one topic on the minds of every technology organization, that's cybersecurity. You know, survey data from ETR, our data partner, shows that among CIOs and IT decision makers, cybersecurity continues to rank as the number one technology priority to be addressed in the coming year. That's ahead of even cloud migration and analytics. And with me to discuss this critical topic area, are Jim Shook, who's the Global Director of Cybersecurity and Compliance Practice at Dell Technologies, and he's joined by Andrew Gonzalez, who focuses on cloud and infrastructure consulting at DXC Technology. Gents, welcome, good to have you. >> Thanks Dave, great to be here. >> Thank you. >> Jim, let's start with you. What are you seeing from the front lines in terms of the attack surface and how are customers responding these days? >> It's always up and down and back and forth. The bad actors are smart, they adapt to everything that we do. So we're seeing more and more, kind of living off the land. They're not necessarily deploying malware, makes it harder to find what they're doing. And I think though, Dave, we've adapted and this whole notion of cyber resilience really helps our customers figure this out. And the idea there goes beyond cybersecurity, it's, let's protect as much as possible so we keep the bad actors out as much as we can, but then let's have the ability to adapt to, and recover to the extent that the bad actors are successful. So we're recognizing that we can't be perfect a hundred percent of the time against a hundred percent of the bad actors. Let's keep out what we can, but then recognize and have that ability to recover when necessary. >> Yeah, thank you. So Andrew, you know, I like what Jim was saying, about living off the land, of course, meaning using your own tooling against you, kind of hiding in plain sight, if you will. But, and as Jim was saying, you can't be perfect. But, so given that, what's your perspective on what good cybersecurity hygiene looks like? >> Yeah, so you have to understand what your crown jewel data looks like, what a good copy of a recoverable asset looks like when you look at an attack if it were to occur, right? How you get that copy of data back into production, and not only that but what that golden image actually entails. So, whether it's networking, storage, some copy of a source code, intellectual property, maybe seem to be data or an active directory or DNS dump, right? Understanding what your data actually entails that you can protect it, and that you can build out your recovery plan for it. >> So, and, where's that live? Where's that gold copy? You put in a yellow sticky? No, it's got to be, you got to be somewhere safe, right? So you have to think about that chain as well, right? >> Absolutely, yeah. So, a lot of folks have not gone through the exercise of identifying what that golden copy looks like. Everyone has a DR scenario, everyone has a DR strategy but actually identifying what that golden crown jewel data, let's call it, actually entails as one aspect of it and then where to put it, how to protect it, how to make it immutable and isolated? That's the other portion of it. >> You know, if I go back to sort of earlier part of last decade, you know, cybersecurity was kind of a checkoff item. And then as you got toward the middle part of the decade and I'd say clearly by 2016 it, security became a boardroom issue. It was on the agenda, you know, every quarter at the board meetings. So, compliance is no longer the driver, is my point. The driver is business risk, real loss of reputation or data, you know, or money, et cetera. What are the business implications of not having your cyber house in order today? >> They're extreme, Dave. I mean the, you know, bad actors are good at what they do. These losses by organizations, tens, hundreds of millions into the billions sometimes, plus the reputational damage that's difficult to really measure. There haven't been a lot of organizations that have actually been put out of business by an attack, at least not directly, if they're larger organizations, but that's also on the table too. So you can't just rely on, oh, we need to do, you know, A, B, and C because our regulators require it. You need to look at what the actual risk is to the business and then come up with the strategy from there. >> You know, Jim, staying with you, one of the most common targets we hear of attackers is to go after the backup corpus. So how should customers think about protecting themselves from that tactic? >> Well, Dave, you hit on it before, right? Everybody's had the backup and DR strategies for a long time going back to requirements that we had in place for physical disaster or human error. And that's a great starting point for a resilience capability, but that's all it is, is a starting point. Because the bad actors will, they also understand that you have those capabilities and they've adapted to that. In every sophisticated attack that we see the backup is a target, the bad actors want to take it out or corrupt it or do something else to that backup so that it's not available to you. That's not to say they're always successful and it's still a good control to have in place because maybe it will survive. But you have to plan beyond that. So, the capabilities that we talk about with resilience, let's harden that backup infrastructure. You've already got it in place, let's use the capabilities that are there like immutability and other controls to make it more difficult for the bad actors to get to. But then, as Andrew said, that gold copy, that critical systems, you need to protect that in something that's more secure which commonly we might say a cyber vault, although there's a lot of different capabilities for cyber vaulting, some far better than others, and that's some of the things that we focus on. >> You know, it's interesting, but I've talked to a lot of CIOs about this is, prior to the pandemic, they, you know, had their, as you're pointing out, Jim, they had their DR strategy in place but they felt like they weren't business resilient and they realized that when we had the forced march to digital. So, Andrew, are there solutions out there to help with this problem? Do you guys have an answer to this? >> Yeah, absolutely. So, I'm glad you brought up resiliency. We take a position that to be cyber resilient it includes operational resiliency, it includes understanding at the C-level what the implication of an attack means, as we stated, and then how to recover back into production. When you look at protecting that data, not only do you want to put it into what we call a vault, which is a Dell technology that is an offline immutable copy of your crown jewel data but also how to recover it in real-time. So DXC offers a, I don't want to call it a turnkey solution, since we architect these specific each client needs, right? When we look at what client data entails, their recovery point objectives, recovery time objectives, what we call quality of the restoration. But when we architect these out we look at not only how to protect the data but how to alert and monitor for attacks in real-time. How to understand what we should do when a breaches in progress. Putting together with our security operations centers a forensic and recovery plan and a runbook for the client. And then being able to cleanse and remediate so that we can get that data back into production. These are all services that DXC offers in conjunction with the Dell solution to protect and recover, and keep bad actors out. And if we can't keep 'em out, to ensure that we are back into production in short order. >> You know, this discussion we've been having about DR kind of versus resilience, and you were just talking about RPO and RTO, I mean, it used to be that a lot of firms wouldn't even test their recovery 'cause it was too risky or, you know, maybe they tested it on, you know, July 4th or something like that. But I'm inferring that's changed. I wonder if we could, you know, double click on recovery, how hard is it to test that recovery and how quickly are you seeing organizations recover from attacks? >> So it depends, right, on the industry vertical, what kind of data, again. Financial services client compared to a manufacturing client are going to be two separate conversations. We've seen it as quickly as being able to recover in six hours, in 12 hours. In some instances we have the grace period of a day to a couple days. We do offer the ability to run scenarios once a quarter where we can stand up in our systems the production data that we are protecting to ensure that we have a good recoverable copy, but it depends on the client. >> I really like the emphasis here, Dave, that you're raising and that Andrew's talking about. It's not on the technology of how the data gets protected it's focused on the recovery, that's all that we want to do. And so the solution with DXC really focuses on generating that recovery for customers. I think where people get a little bit twisted up on their testing capability is you have to think about different scenarios. So, there are scenarios where the attack might be small, it might be limited to a database or an application. It might be really broadly-based, like the NotPetya attacks from a few years ago. The regulatory environment, we call those attacks severe but plausible. So you can't necessarily test everything with the infrastructure but you can test some things with the infrastructure. Others, you might sit around on a tabletop exercise or walk through what that looks like to really get that recovery kind of muscle memory so that people know what to do when those things occur. But the key to it, as Andrew said before, have to focus down what are those critical applications? What do we need? What's most important? What has to come back first? And that really will go a long way towards having the right recovery points and recovery times from a cyber disaster. >> Yeah, makes sense, understanding the value of that data is going to inform you how to respond and how to prioritize. Andrew, one of the things that we hear a lot on theCUBE, especially lately is around, you know, IOT, IIOT, Industry 4.0, the whole OT security piece of it. And the problem being that, you know, traditionally operations technologies have been air-gapped often by design. But as businesses, increasingly they're driving initiatives like Industry 4.0 and they're connecting these OT systems to IT systems. They're, you know, driving efficiency, preventative maintenance, et cetera. So, a lot of data flowing through the pipes, if you will. What are you seeing in terms of the threats to critical infrastructure and how should customers think about addressing these issues? >> Yeah, so bad actors can come in many forms. We've seen instances of social engineering, we've seen, USB stick dropped in a warehouse. That data that is flowing through the IOT devices is as sensitive now as your core mainframe infrastructure data. So, when you look at it from a protection standpoint, conceptually it's not dissimilar from what we've been talking about, where you want to understand, again, what the most critical data is. Looking at IOT data and applications is no different than your core systems now, right? Depending on what your business is, right? So when we're looking at protecting these, yes, we want firewalls, yes, we want air gap solutions, yes, we want front-end protection but we're looking at it from a resiliency perspective. Putting that data, understanding what data entails to put in the vault from an IOT perspective is just as critical as it is for your core systems. >> Jim, anything you can add to this topic? >> Yeah, I think you hit on the key points there, everything is interconnected. So even in the days where maybe people thought the OT systems weren't online, oftentimes the IT systems are talking to them or controlling theM, SCADA systems, or perhaps supporting them. Think back to the pipeline attack of last year. All the public testimony was that the OT systems didn't get attacked directly but there was uncertainty around that and the IT systems hadn't been secured so that caused the OT systems to have to shut down. It certainly is a different recovery when you're shutting them down on your own versus being attacked but the outcome was the same that the business couldn't operate. So, you really have to take all of those into account. And I think that does go back to exactly what Andrew's saying, understanding your critical business services and then the applications and data, and other components that support those and drive those and making sure those are protected, you understand them, you have the ability to recover them if necessary. >> So guys, I mean you made the point, I mean, you're right, the adversary is highly capable, they're motivated 'cause the ROI is so, it's so lucrative. It's like this never ending battle that cybersecurity pros, you know, go through. It really is kind of frontline, sort of technical heroes, if you will. And so, but sometimes it just feels daunting. Why are you optimistic about the future of cyber from the good guys' perspective? >> I think we're coming at the problem the right way, Dave, so that focus. I'm so pleased with the idea that we are planning that the systems aren't going to be a hundred percent capable every single time and let's figure that out, right? That's real world stuff. So, just as the bad actors continue to adapt and expand, so do we. And I think the differences there, the common criminals, it's getting harder and harder for them. The more sophisticated ones, they're tough to beat all the time. And of course, you've raised the question of some nation states and other activities but there's a lot more information sharing, there's a lot more focus from the business side of the house and not just the IT side of the house that we need to figure these things out. >> Yeah, to add to that, I think furthering education for the client base is important. You brought up a point earlier, it used to be a boardroom conversation due to compliance reasons. Now as we have been in the market for a while we continue to mature the offerings, it's further education for not only the business itself but for the IT systems and how they interconnect, and working together so that these systems can be protected and continue to be evolved and continue to be protected through multiple frameworks as opposed to seeing it as another check the box item that the board has to adhere to. >> All right guys, we got to go. Thank you so much. Great conversation on a really important topic. Keep up the good work, appreciate it. >> Thanks Dan. >> Thank you. >> All right, thank you for watching. Stay tuned for more excellent discussions around the partnership between Dell Technologies and DXC Technology. We're talking about solving real world problems, how this partnership has evolved over time. Really meeting the changing enterprise landscape challenges. Keep it right there. (upbeat music)

>> Welcome back to the program, and we're going to dig into the number one topic on the minds of every technology organization. That's cybersecurity. Survey data from ETR, our data partner, shows that among CIOs and IT decision makers, cybersecurity continues to rank as the number one technology priority to be addressed in the coming year. That's ahead of even cloud migration and analytics. And with me, to discuss this critical topic area, are Jim Shook, who's the global director of cybersecurity and compliance practice at Dell Technologies, and he's joined by Andrew Gonzalez, who focuses on cloud and infrastructure consulting at DXC Technology. Gents, welcome, good to have you. >> Thanks, Dave. Great to be here. >> Thank you. >> Jim, let's start with you. What are you seeing from the front lines in terms of the attack surface and how are customers responding these days? >> It's always up and down and back and forth. The bad actors are smart, they adapt to everything that we do, so, we're seeing more and more kind of living off the land, they're not necessarily deploying malware, makes it harder to find what they're doing. And I think, though, Dave, we've adapted and this whole notion of cyber resilience really helps our customers figure this out. And the idea there goes beyond cybersecurity, it's let's protect as much as possible, so we keep the bad actors out as much as we can, but then let's have the ability to adapt to and recover to the extent that the bad actors are successful. So, we're recognizing that we can't be perfect 100% of the time against 100% of the bad actors. Let's keep out what we can, but then recognize and have that ability to recover when necessary. >> Yeah, thank you. So, Andrew, I like what Jim was saying about living off the land, of course, meaning using your own tooling against you, kind of hiding in plain sight, if you will. And as Jim was saying, you can't be perfect, but so, given that, what's your perspective on what good cybersecurity hygiene looks like? >> Yeah, so you have to understand what your crown-jewel data looks like, what a good copy of a recoverable asset looks like when you look at an attack, if it were to occur, right? How you get that copy of data back into production. And not only that, but what that golden image actually entails. So, whether it's networking, storage, some copy of a source code, intellectual property, maybe SIM2B data, or an Active Directory, or DNS dump, right? Understanding what your data actually entails, so that you can protect it, and that you can build out your recovery plan for it. >> So, and where's that live? Where's that gold copy? You put in a yellow sticky? You know, it's got to be somewhere safe, right? So, you have to think about that chain as well, right? >> Absolutely. Yeah. So, a lot of folks have not gone through the exercise of identifying what that golden copy looks like. Everyone has a DR scenario, everyone has a DR strategy, but actually identifying what that golden crown-jewel data, let's call it, actually entails is one aspect of it, and then where to put it, how to protect it, how to make it immutable and isolated, that's the other portion of it. >> If I go back to sort of earlier part of last decade, cybersecurity was kind of a check-off item, and then as you got toward the middle part of the decade, and I'd say clearly by 2016, security became a boardroom issue, it was on the agenda every quarter at the board meetings. So, compliance is no longer the driver is my point. The driver is business risk, real loss of reputation, or data, or money, etc. What are the business implications of not having your cyber house in order today? >> They're extreme, Dave. I mean, the bad actors are good at what they do, these losses by organizations tens, hundreds of millions into the billions, sometimes, plus the reputational damage that's difficult to really measure. There haven't been a lot of organizations that have actually been put out of business by an attack, at least not directly, if they're larger organizations. But that's also on the table too. So, you can't just rely on, oh, we need to do A, B and C because our regulators require it. You need to look at what the actual risk is to the business, and then come up with the strategy from there. >> Jim, staying with you. One of the most common targets we hear of attackers is to go after the backup corpus. So, how should customers think about protecting themselves from that tactic? >> Well, Dave, you hit on it before, right? Everybody's had the backup and DR strategies for a long time going back to requirements that we had in place for physical disaster or human error. And that's a great starting point for a resilience capability. But that's all it is, is a starting point. Because the bad actors will, they also understand that you have those capabilities, and they've adapted to that. In every sophisticated attack that we see, the backup is a target, the bad actors want to take it out, or corrupt it, or do something else to that backup so that it's not available to you. That's not to say they're always successful, and it's still a good control to have in place because maybe it will survive. But you have to plan beyond that. So, the capabilities that we talk about with resilience, let's harden that backup infrastructure, you've already got it in place, let's use the capabilities that are there like immutability and other controls to make it more difficult for the bad actors to get to. But then, as Andrew said, that gold copy, that critical systems, you need to protect that in something that's more secure, which commonly we might say a cyber vault, or there's a lot of different capabilities for cyber vaulting, some far better than others. And that's some of the things that we focus on. >> You know, it's interesting, but I've talked to a lot of CIOs about this prior to the pandemic, they had their, as you're pointing out, Jim, they had their DR strategy in place, but they felt like they weren't business-resilient, and they realized that when we had the forced march to digital. So, Andrew, are there solutions out there to help with this problem? Do you guys have an answer to this? >> Yeah, absolutely. So, I'm glad you brought up resiliency. We take a position that to be cyber resilient, it includes operational resiliency, it includes understanding at the C level what the implication of an attack means, as we stated, and then how to recover back into production. When you look at protecting that data, not only do you want to put it into what we call a vault, which is a Dell technology that is an offline immutable copy of your crown-jewel data, but also how to recover it in real time. So, DXC offers a, I don't want to call it a turnkey solution, since we architect these specific to each client needs, right? When we look at what client data entails, their recovery point, objectives, recovery time objectives, what we call quality of the restoration, but, when we architect these out, we look at not only how to protect the data, but how to alert and monitor for attacks in realtime. How to understand what we should do when a breach is in progress. Putting together with our security operations centers a forensic and recovery plan and a runbook for the client. And then being able to cleanse and remediate, so that we can get that data back into production. These are all services that DXC offers in conjunction with the Dell solution to protect and recover and keep bad actors out. And if we can't keep 'em out, to ensure that we are back into production in short order. >> This discussion we've been having about DR kind of versus resilience, and you were just talking about RPO and RTO, I mean, it used to be that a lot of firms wouldn't even test their recovery, 'cause it was too risky, or maybe they tested it on July 4th or something like that, but I'm inferring that's changed. I wonder if we could double-click on recovery, how hard is it to test that recovery, and how quickly are you seeing organizations recover from attacks? >> So, it depends, right? On the industry vertical, what kind of data, again, financial services client compared to a manufacturing client are going to be two separate conversations. We've seen it as quickly as being able to recover in six hours, in 12 hours, in some instances we have the grace period of a day to a couple days, we do offer the ability to run scenarios once a quarter where we can stand up in our systems, the production data that we are protecting to ensure that we have a good recoverable copy. But it depends on the client. >> I really like the emphasis here, Dave, that you're raising and that Andrew's talking about, it's not on the technology of how the data gets protected, it's focused on the recovery. That's all that we want to do. And so, the solution with DXC really focuses on generating that recovery for customers. I think where people get a little bit twisted up on their testing capability is you have to think about different scenarios. So, there are scenarios where the attack might be small, it might be limited to a database or an application. It might be really broadly based, like the NotPetya attacks from a few years ago. In the regulatory environment we call those attacks severe but plausible. So, you can't necessarily test everything with the infrastructure, but you can test some things with the infrastructure, others, you might sit around on a tabletop exercise, or walk through what that looks like to really get that recovery kind of muscle memory, so that people know what to do when those things occur. But the key to it, as Andrew said before, have to focus down what are those critical applications. What do we need? What's most important? What has to come back first? And that really will go a long way towards having the right recovery points and recovery times from a cyber disaster. >> Yeah, makes sense. Understanding the value of that data is going to inform you how to respond and how to prioritize. Andrew, one of the things that we hear a lot on theCUBE, especially lately, is around IOT, IIOT, Industry 4.0, the whole OT security piece of it. And the problem being that, traditionally, operations technologies have been air gapped, often by design, but as businesses increasingly they're driving initiatives like Industry 4.0, and they're connecting these OT systems to IT systems. They're driving efficiency, preventative maintenance, etc. So, a lot of data flowing through the pipes, if you will. What are you seeing in terms of the threats to critical infrastructure, and how should customers think about addressing these issues? >> Yeah. So, bad actors can come in many forms, we've seen instances of social engineering, we've seen USB stick dropped in a warehouse. That data that is flowing through the IOT device is as sensitive now as your core mainframe infrastructure data. So, when you look at it from a protection standpoint, conceptually, it's not dissimilar from what we've been talking about, where you want to understand, again, what the most critical data is. Looking at IOT data and applications is no different than your core systems now, right? Depending on what your business is, right? So, when we're looking at protecting these, yes, we want firewalls, yes, we want air gap solutions, yes, we want front end protection, but we're looking at it from a resiliency perspective. Putting that data, understanding what data entails to put in the vault from an IOT perspective is just as critical as it is for your core systems. >> Jim, anything you can add to this topic? >> Yeah, I think you hit on the key points there. Everything is interconnected. So, even in the days where maybe people thought the OT systems weren't online, oftentimes the IT systems are talking to them, or controlling them SCADA systems, or perhaps supporting them. Think back to the pipeline attack of last year. All the public testimony was that the OT systems didn't get attacked directly, but there was uncertainty around that, and the IT systems hadn't been secured. So, that caused the OT systems to have to shut down. It certainly is a different recovery when you're shutting them down on your own versus being attacked, but the outcome was the same, that the business couldn't operate. So, you really have to take all of those into account, and I think that does go back to exactly what Andrew's saying, understanding your critical business services, and then the applications and data, and other components that support those and drive those, and making sure those are protected, you understand them, you have the ability to recover them if necessary. >> So guys, I mean, you made the point, I mean, you're right. The adversary is highly capable, they're motivated, 'cause the ROI is so lucrative. It's like this never-ending battle that cybersecurity pros go through, it really is kind of frontline sort of technical heroes, if you will. But sometimes it just feels daunting. Why are you optimistic about the future of cyber from the good guys' perspective? >> I think we're coming at the problem the right way, Dave, so that focus, I'm so pleased with the idea that we are planning that the systems aren't going to be 100% capable every single time and let's figure that out, right? That's real-world stuff. So, just as the bad actors continue to adapt and expand, so do we. And I think the differences there, the common criminals, it's getting harder and harder for them. The more sophisticated ones, they're tough to beat all the time, and, of course, you've raised the question of some nation states and other activities, but there's a lot more information sharing, there's a lot more focus from the business side of the house, and not just the IT side of the house that we need to figure these things out. >> Yeah. To add to that, I think furthering education for the client base is important. You brought up a point earlier, it used to be a boardroom conversation due to compliance reasons. Now, as we have been in the market for a while, we continue to mature the offerings, it's further education for not only the business itself, but for the IT systems and how they interconnect, and working together so that these systems can be protected, and continue to be evolved, and continue to be protected through multiple frameworks as opposed to seeing it as another check-the-box item that the board has to adhere to. >> All right, guys. We got to go. Thank you so much. Great conversation on a really important topic. Keep keep up the good work. Appreciate it. >> Thanks, Dave. >> Thank you. >> All right. And thank you for watching. Stay tuned for more excellent discussions around the partnership between Dell Technologies and DXC Technology. We're talking about solving real-world problems, how this partnership has evolved over time, really meeting the changing enterprise landscape challenges. Keep it right there.

>> Narrator: From the CUBE Studios in Palo Alto, in Boston. Connecting with thought leaders all around the world, this is a CUBE Conversation. >> Hi, everybody. Welcome to the special Cube Conversation. With COVID-19 hitting, organizations really had to focus on business resiliency, and we've got two great guests here to talk about that topic. Bob Bender's the chief technology officer at Founders Federal Credit Union. And he's joined by Jim Shook, who is the director of cybersecurity and compliance practice at Dell Technologies. Gentlemen, thanks for coming on the CUBE, great to see you. >> Thanks, Dave, great to see you, thank you. So, Bob, let's start with you, give us a little bit of background on Founders and your role. >> Founders Federal Credit Union is a financial institution that has about 225,000 members, serving them in 30 different locations, located in the Carolinas. I serve as chief technology officer bringing in the latest technology and cyber resilient direction for the company. >> Great. And Jim, talk about your role. Is this a new role that was precipitated by COVID or was this something that Dell has had for a while? Certainly relevant. >> It's actually been around for a while, Dave. The organization invested in this space going back about five years, I founded the cyber security and compliance practice. So really, my role is most of the time in the field with our customers, helping them to understand and solve their issues around the cyber resilience and cyber recovery field that we're talking about. But I also, to do that properly, spend a lot of time with organizations that are interested in that space. So it could be with an advisory partner, could be the FBI, might be a regulator, a particular group like Sheltered Harbor that we've worked with frequently. So it's just really, as you point out, taken off first with ransomware a couple of years ago, and then with the recent challenges from work from home in COVID. So we're really helping out a lot of our customers right now. >> Bob, I've talked privately to a number of CIOs and CSOs and many have said to me that when COVID hit that their business continuance was really much too (voice cuts out) Now, you guys actually started your journey way back in 2017. I wonder if you could take us back a few years and what were the trends that you were seeing that precipitated you to go on this journey? >> Well, I think we actually saw the malware, the horizon there. And I'll take you back a little further 'cause I just love that story is, when we looked at the relationship of Dell EMC, we talked to the 1% of the 1%, who is protecting their environment, their data capital, the new critical asset in our environment. And Dell EMC was the top of the line every time. When we looked at the environment and what it required, to put our assets under protection, again, we turned to Dell EMC and said, where do we need to go here? You look at this Mecklenburg County, you look at the city of Atlanta, you look at Boeing and I hate to use the examples, but some very large companies, some really experienced companies were susceptible to this malware attacks that we just knew ourself it was going to change us. So the horizon was moving fast and we had to as well. >> Well, you were in a highly regulated industry as well. How did that factor into the move? Well, you're exactly right. We had on our budget, our capital budget horizon, to do an air gap solution. We were looking at that. So the regulatory requirements were requiring that, the auditors were in every day talking about that. And we just kept framing that in what we were going to do in that environment. We wanted to make sure as we did this purpose built data bunker, that we looked at everything, talk to the experts, whether that was federal state regulation. You mentioned Sheltered Harbor, there's GDPR. All these things are changing how are we going to be able to sustain a forward look as we stand this environment up. And we also stood up a cyber security operations center. So we felt very confident in our Runbooks, in our incident response, that you would think that we would be ready to execute. I'll share with you that we reached out every which way and a friend called me and was actually in a live ransomware event and asked if I wanted to come on to their site to help them through that incident. We had some expertise on our staff that they did not possess at that time. So going into that environment, spending 30 hours of the last 72 hours of an attack we came back changed. We came back changed and went to our board and our executives and said, "We thought we knew what we were doing." But when you see the need to change from one to 10 servers recovery to 300 in 72 hours, we just realized that we had to change our plan. We turned to the investment we had already made and what we had looked at for some time, and said, "Dell EMC, we're ready to look at that "PowerProtect Cyber Recovery solution. "How can you stand this up very quickly?" >> So, Jim, Bob was saying that he looked at the 1% of the 1%, so these guys are early adopters, but anything you can add to that discussion in terms of what you saw precipitate the activity, let's go pre-COVID, certainly ransomware was part of that. Was that the big catalyst that you saw? >> It really was. So when we started the practice, it was following up on the Sony Pictures attack, which only hit Sony in that. But it was unique in that it was trying to destroy an organization as opposed to just steal their data. So we had financial industry really leading the way, the regulators in the financial industry saying, "Gosh, these attacks could happen here "and they would be devastating." So they led the way. And as our practice continued, 2016 became the year of ransomware and became more prevalent, with the attackers getting more sophisticated and being able to monetize their efforts more completely with things like cryptocurrencies. And so as we come around and start talking to Bob, he still was well ahead of the game. People were talking about these issues, starting to grow concerned, but didn't really understand what to do. And Dave, I know we'll get to this a little bit later, but even today, there's quite a bit of disconnect, many times between the business, understanding the risks of the business and then the technology, which really is the business now, but making those pieces fit together and understanding where you need to improve to secure against these risks is a difficult process. >> Well, I think I'd love to come back to Bob and try to understand how you pitch this to the board, if you will, how you made the business case. To Jim's point, the adversaries are highly capable. It's a lucrative business. I always talk to my kids about ROI numerator and denominator. If you can raise the denominator, that's going to lower the value. And that's the business that you're in is making it less attractive for the bad guys. But how did you present this to the board? Was it a board level discussion? >> It was, exactly. We brought Dell EMC PowerProtect Cyber Recovery solution to them and said, not only you're experiencing and seeing in the news daily, these attacks in our regions, but we have actually gone out into an environment and watch that attack play out. Not only that is when we stepped away, and we ran through some tabletops with them and we stepped away. And we said, "Are you okay? "Do you know how it got in? "Are you prepared to protect now and detect that again?" Within 30 days, they were hit again by the same ransomware attacks and hackers. So I hate to say this, but I probably fast forwarded on the business case and in the environment, the horizon around me, players, they made my case for me. So I really appreciated that top down approach. The board invested, the executive invested, they understood what was at risk. They understood that you don't have weeks to recover in the financial institution. You're dealing with hundreds of thousand transactions per second so it made my case. We had studied, we had talked to the experts. We knew what we wanted. We went to Dell EMC and said, "I have six months and here's my spend." And that's from equipment hitting our CoLOS and our data centers, standing it up, standing up the Runbooks and it's fully executed. And I wanted an environment that was not only holistic. We built it out to cover all of our data and that I could stand up the data center within that environment. I didn't need another backup solution. I needed a cyber recovery environment, a lifestyle change, if you would say. It's got to be different than your BCP/DR. While it inherits some of those relationships, we fund it with employees separately. We treated the incident response separately, and it is really benefited. And I think we've really grown. And we continue to stress that to educate ourselves not only at the board level, but a bottom up approach as well with the employees. 'cause they're a part of that human firewall as well. >> I think you've seen this where a lot of organizations, they do a checkbox on backup or as I was saying before, DR. But then in this world of digital, when a problem hits, it's like, "Oh-oh, we're not ready." So I wonder Jim, if we can get into this solution that Bob has been talking about the Dell EMC PowerProtect Cyber Recovery solution, there's a mouthful there. You got the power branding going on. What is that all about? Talk to us about the tech that's behind this. >> It's something that we've developed over time and really added to in our capability. So at its core, PowerProtect Cyber Recovery is going to protect your most critical data and applications so that if there is a cyber attack, a ransomware or destructive attack, they're safe from that attack. And you can take that data and recover the most important components of the business. And to do that, we do a number of things, Dave. The solution itself takes care of all these things. But number one is we isolate the data so that you can't get there from here. If you're a bad actor, even an insider, you can't get to the data because of how we've architected. And so we'll use that to update the critical applications and data. Then we'll lock that data down. People will use terms like immutability or retention lock. So we'll lock it down in that isolated environment, and then we'll analyze it. So it's one thing to be able to protect the data with the solution, it's another, to be able to say that what I have here in my data vault, in my air gapped isolated environment is clean. It's good data. And if there was an attack, I can use that to recover. And then of course over time, we've built out all the capabilities. We've made it easier to deploy, easier to manage. We have very sophisticated services for organizations that need them. And then we can do a much lighter touch for organizations that have a lot of their built in capabilities. At its core, it's a recover capability so that if there was an attack that was unfortunately successful, you don't lose your business. You're not at the mercy of the criminals to pay the ransom. You have this data and you can recover it. >> So Bob, talk to us about your objectives going into this. It's more than a project. It really is a transformation of your resiliency infrastructure, I'll call it. What were your objectives going in? A lot of companies are reacting, and it's like, you don't have time to really think. So what are the objectives? How long did it take? Paint a picture of the project and what it looked like, some of the high level milestones that you were able to achieve. >> Well, I think several times Dell EMC was able to talk us off the edge, where it really got complicated. The Foundation Services is just one of your more difficult conversations, one of the top three, definitely, patch management, notification, and how you're going to rehydrate that data, keeping that window very small to reduce that risk almost completely as you move. I think other area this apply is that we really wanted to understand our data. And I think we're on a road to achieving that. It was important that if we were going to put it into the vault, it had a purpose. And if we weren't going to put it in a vault, let's see why would we choose to do that? Why would we have this data? Why would we have this laying around? Because that's a story of our members, 225 stories. So their ability to move into financial security, that story is now ours to protect. Not only do we want to serve you in the services and the industry and make sure you achieve what you're trying to, but now we have that story about you that we have to protect just as passionately. And we had that. I think that was two of the biggest things. I think the third is that we wanted to make sure we could be successful moving forward. And I'll share with you that in the history of the credit union, we achieved one of the biggest projects here, in the last two years. That umbrella of the Cyber Recovery solution protection was immediate. We plugged in a significant project of our data capital and it's automatically covered. So I take that out of the vendor of responsibility, which is very difficult to validate, to hold accountable sometimes. And it comes back under our control into this purpose built data security and cyber resilient, business strategy. That's a business strategy for us is to maintain that presence. So everything new, we feel that we're sized, there's not going to be a rip and replace, a huge architectural change because we did have this as an objective at the very beginning. >> Tim, when you go into a project like this, what do you tell customers in terms of things that they really should be focused on to have a successful outcome? >> I'm going to say first that not everybody has a Bob Bender. So we have a lot of these conversations where we have to really start from the beginning and work through it with our customers. If you approach this the right way, it's really about the business. So what are the key processes for your business? It can be different from a bank than from a hospital than from a school point. So what are the key things that you do? And then what's the tech that supports that and underlies those processes? That's what we want to get into the vault. So we'll have those conversations early on. I think we have to help a lot of organizations through the risks too. So understand the risk landscape, why doing one or two little things aren't really going to protect you from the full spectrum of attackers. And then the third piece really is, where do we start? How do we get moving on this process? How do we get victory so that the board can understand and the business can understand, and we can continue to progress along the way? So it's always a bit of a journey, but getting that first step and getting some understanding there on the threat landscape, along with why we're doing this is very important. >> So, Bob, what about any speed bumps that you encountered? What were some of those? No project is ever perfect. What'd you run into? How'd you deal with it? >> Well, I would say the Foundation Services were major part of our time. So it really helped for Dell EMC to come and explain to us and look at that perimeter and how our data is brought into that and size that for us and make sure it's sustainable. So that is definitely, could be a speed bump that we had to overcome. But today, because of those lifts, those efforts invested the Runbooks, the increase in new products, new data as our business organically grows is a non-event. It's very plug and play and that's what we wanted from the start. Again, you go back to that conversation at 1% of the 1%, it's saying, who protects you? We followed that. We stayed with the partner we trusted, the horizon holistically has come back and paid for itself again and again. So speed bumps, we're just enjoying that we were early adapters. I don't want to throw anybody out there, but you look about two weeks ago, there was a major announcement about an attack that was successful. They got them with ransomware and the company paid the ransom. But it wasn't for the ransomware, it was for the data they stole so that they would delete it. That's again, why we wanted this environment is we needed time to react in the case that these malwares are growing much faster than we're capable of understanding how they're attacking. Now it's one, two punch, where's it going to be? Where is it going to end? We're not going to likely be patient zero, but we're also not going to have to be up at night worrying that there's a new strain out there. We have a little time now that we have this secure environment that we know has that air gap solution that was built with the regulatory consideration, with the legal considerations, with the data capital, with the review of malware and such. You can go back in time and say, "Scan to see if I have a problem. So again, the partnership is while we focus on our business, they're focusing on the strategy for the future. And that's what we need. We can't be in both places at once. >> How long did the project take from the point of which you agreed, signed the contract to where you felt like you were getting value out of the solution? >> Six months. >> Really? >> We were adamant. I'd put it off for a year and a half, that's two budget cycles basically is what it felt. And then I had to come back and ask for that money back because we felt so passionate that our data, our critical data didn't need to be at that risk any longer. So it was a very tight timeline. And again, product on prem within six months. And it was a lot of things going on there. So I just wasn't idle during that time. I was having a conversation with Dell EMC about our relationship and our contracts. Let's build that cyber resilience into the contract. Now we've got this, PowerProtect Cyber Recovery environment, let's build it here where you also agree to bring on extra hardware or product if I need that. Let's talk about me being on a technology advisory panel So I can tell you where the pricing of the regulations are going, so you can start to build that in. Let's talk about the executive board reporting of your products and how that can enable us. We're not just talking about cyber and protecting your data. We're talking about back then 60% of your keep the lights on IT person will spend with auditors, talking about how we were failing. This product helped us get ahead of that to now where we're data analytic. We're just analysts that can come back to the business table and say, "We can stand that up very quickly." Not only because of the hardware and the platform solution we have, but it is now covered with a cyber resilience of the the cyber security recovery platform. >> I want to ask you about analytics. Do you feel as though you've been able to go from what is generally viewed as a reactive mode into something that is more anticipatory or proactive using analytics? >> Well, I definitely do. We pull analytics daily and sometimes hourly to make sure we're achieving our KPIs. And looking at the KRIs, we do risk assessments from the industry to make sure if our controls layer of defenses are there, that they will still work what we stood up three years ago. So I definitely think we've gone from an ad hoc rip and replace approach to transformation into a more of a threat hunting type of approach. So our cyber security operation center, for us, is very advanced and is always looking for opportunities not only to improve, to do self-assessments, but we're very active. We're monetizing that with a CUSO arm of the credit union to go out and help others where we're successful, others that may not have that staff. It's very rewarding for us. And I hate to say it sometimes it's at their expense of being in-evolved in the event of a ransomware attack or a malware event. We learned so much the gaps we have, that we could take this back, create Runbooks and make the industry stronger against these types of attacks. >> Well, so Jim, you said earlier, not every company has a Bob Bender. How common is it that you're able to see customers go from that reactive mode into one that is proactive? Is that rare or is it increasingly common? It can't be a 100%, but what are you seeing as trends? >> It's more common now. You think of, again, back to Bob, that's three plus years ago, and he's been a tireless supporter and tireless worker in his industry and in his community, in the cyber area. And efforts like those of Bob's have helped so many other organizations I think, understand the risks and take further action. I think too, Bob talks about some of the challenges with getting started in that three year timeframe, PowerProtect Cyber Recovery has become more productized, our practice is more mature. We have more people, more help. We're still doing things out there that nobody else is touching. And so we've made it easier for organizations that have an interest in this area, to deploy and deploy quickly and to get quick value from their projects. So I think between that some of the ease of use, and then also there's more understanding, I think, of what the bad actors can do and those threats. This isn't about somebody maybe having an outage for a couple of hours. This is about the very existence of a business being threatened. That if you're attacked, you might not come back from it. And there've been some significant example that you might lose hundreds of millions of dollars. So as that awareness has grown, more and more people have come on board and been able to leverage learnings from people like Bob who started much earlier. >> Well, I can see the CFO saying, "Okay, I get it. "I have no choice where we're going to be attacked. "We know that, I got to buy the insurance. You got me." But I can see the CFO saying, "Is there any way we can "get additional value out of this? "Can we use it to improve our processes and cut our costs? "Can we monetize this in some way?" Bob, what's the reality there? Are you able to find other sources of value beyond just an insurance policy? >> Definitely, Dave you're exactly right. We're able to go out there and take these Runbooks and really start to educate what cyber resilience means and what air gap means, what are you required to do, and then what is your responsibility to do it. When you take these exercises that are offered and you go through them, and then you change that perspective and go through a live event with other folks that see that after 60 hours of folks being up straight, it really changes your view to understand that there's no finish line here. We're always going to be trying to improve the product and why not pick somebody that you're comfortable with and you trust. And I think that's the biggest win we have from this is that was a Dell EMC partnership with us. It is very comfortable fit. We moved from backup and recovery into cyber resilience and cybersecurity as a business strategy with that partner, with our partner Dell, and it hasn't failed us. It's a very comforting. We're talking about quality of life for the employee. You hear that, keep the lights on. And they've really turned into professionals to really understand what security means differently today and what that quality of data is. Reports, aren't just reports, they're data capital. The new currency today of the value we bring. So how are we going to use that? How are we going to monetize that? It's changing. And then I hate to jump ahead, but we had our perimeters at 1% of our workforce remote and all of a sudden COVID-19 takes on a different challenge. We thought we were doing really good and next, we had to move 50% of our employees out in five days. And because of that Dell EMC, holistic approach, we were protected every step of the way. We didn't lose any time saying, we bought the wrong control, the wrong hardware, the wrong software. It was a very comfortable approach. The Runbooks held us, our security posture stayed solid. It's been a very rewarding. >> Well, Bob, that was my next question, actually is because you've started the journey. >> Sorry. >> No, no, it's okay. Because you started the journey early, were you able to respond to COVID in a more fast sell manner? it sounds like you just went right in. But there's nuance there, because you've got now 50% or more of the workforce working at home, you got endpoint security to worry about. You got identity access management, and it sounds like you were, "No problem. "We've got this covered." Am I getting that right? >> You're exactly right, Dave. We test our endpoints daily. We make sure that we understand what residue of data is where. And when we saw that employee shift to a safe environment, our most consideration at that time, we felt very comfortable that the controls we had in place, again, Dell and their business partners who we are going to hold true and be solid. And we test those metrics daily. I get reports back telling me, what's missing in patch management, what's missing in a backup. I'll go back to keeping BCP and cyber security separate. In the vault, we take approach of recovery and systems daily. And now that goes from maybe a 2% testing rate almost to 100% annually. So again, to your point, COVID was a real setback. We just executed the same Runbooks we had been maturing all along. So it was very comfortable for employees and it was very comfortable for our IT structure. We did not feel any service delays or outages because of that. In a day, when you have to produce that data, secure that data, every minute of every day of every year, it's very comforting to know it's going to happen. You don't push that button and nothing happens. It's executed as planned. >> Jim, did you see a huge spike in demand for your services as a result of COVID and how did you handle it? You guys got a zillion customers, how did you respond and make sure that you were taking care of everybody? >> We really did see a big spike, Dave. I think there were a couple of things going on. As Bob points out, the security posture changes very quickly when you're sending people to work from home or people remotely, you've expanded or obliterated your parameter, you're not ready for it. And so security becomes even more important and more top of mind. So with PowerProtect Cyber Recovery, we can go in and we can protect those most critical applications. So organizations are really looking at their full security posture. What can we do better to detect and protect against these threats? And that's really important. For us, we're focusing on what happens when those fail? And with that extension and people going home, and then the threat actors getting even more active, the possibilities of those failures become more possible and the risks are just in front of everybody. So I think it was a combination of all of those things. Many, many customers came to us very quickly and said, "Tell us more about what you're doing here. "How does it fit into our infrastructure? "What does it protect us against? "How quickly can we deploy?" And so there has been a huge uptake in interest. And we're fortunate in that, as you pointed out early on, Dave, we invested early here. I'm five years into the practice. We've got a lot of people, very mature, very sophisticated in this area, a lot of passion among our team. And we can go take care of all those customers. >> Bob, if you had a mulligan, thinking about this project, what would you do differently if you had a chance to do it over? >> I think I would start earlier. I think that was probably the biggest thing I regret in that realizing you need to understand that you may not have the time you think you do. And luckily, we came to our senses, we executed and I got to say it was with common sense, comfortable products that we already understood. We didn't have to learn a whole new game plan. I don't worry about that. I don't worry about the sizing of the product 'cause we did it, I feel correctly going in and it fits us as we move forward. And we're growing at an increased rate that we may not expect. It's plug and play. Again, I would just say, stay involved, get involved, know that what we know today about malware and these attacks are only going to get more complicated. And that's where I need to spend my time, my group become experts there. Why I really cherish the Dell EMC relationship is from the very beginning, they've always been very passionate on delivering products that recover and protect and now are cyber resilient. I don't have to challenge that, you pay for what you get for. And I just got to say, I don't think there's much other than I would have started earlier. So start today, don't put it off. >> So you said earlier though, you're never done, you never are, in this industry. So what's your roadmap look like? Where do you want to go from here with this capability? >> I definitely want to keep educating my staff, keep training them, keep working with Dell. Again, I tell you they're such forward thinking as a company. They saved me that investment. So if you're looking at part of the investment, it's got to be, are you with a partner that's forward thinking? So we definitely want to mature this, challenge it, keep challenging, keep working with Dell and their products to deliver more. Again, we go to the federal and state regulatory requirements. You go to the Sheltered Harbor, the ACET testing from the NCUA regulators, just software asset management. You can keep on going down the line. This product, I hate to say it, it's like the iPhone. You think about how many products the iPhone has now made not relevant. I don't even own a flashlight, I don't think. This is what the Dell product line brings to me is that I can trust they're going to keep me relevant so I can stay at the business table and design products that help our members today. >> Jim, how about from Dell's perspective, the roadmap, without giving away any confidential information, where do you want to take this? We talk about air gaps. I remember watching that documentary Zero Days and hearing them say, "We got through an air gap. "No problem." So analytics obviously plays a role in this machine intelligence, machine learning, AI. Where does Dell want to take this capability? Where do you see that going? >> We've got some things in mind and then we're always going to listen to our customers and see where the regulations are going to. And thus far, we've been ahead of those with the help of people like Bob. I think where we have a huge advantage, Dave is with PowerProtect Cyber Recovery. It's a product. So we've got people who are dedicated to this full time. We have a maturity in the organization, in the field to deliver it and to service it. And having something as a product like that really enables us to have roadmaps and support and things that customers need to really make this effective for them. So as we look out on the product, and thanks for your reminder, I don't want to risk saying anything here I'm going to get in trouble for. We look at things in three paths. One is we want to increase the ability for our customers to consume the product. So they want it in different forms. They might want it in appliances, in the Cloud, virtual, all of those things are things that we've developed and continue to develop. They want more capabilities. So they want the product to do more things. They want it to be more secure, and keeping up. As you mentioned, machine learning with the analytics is a big key for us. Even more mundane things like operational information makes it easier to keep the vault secure and understand what's going on there without having to get into it all the time. So those are really valuable. And then our third point, really, we can't do everything. And so we have great partners, whether they're doing delivery, offering cyber recovery as a service or providing secure capabilities, like our relationship with Unisys. They have a stealth product that is a zero knowledge, zero trust product that helps us to secure some of the connections to the vault. We'll keep iterating on all of those things and being innovative in this space, working with the regulators, doing things. Bob's mentioned a couple of times, Sheltered Harbor. We've been working with them for two years to have our product endorsed to their specification. Something that nobody else is even touching. So we'll continue along all those paths, but really following our customer's lead in addition to maybe going some places that they haven't thought about before. >> It's great guys. I have to fear that when you talk to SecOps pros, you ask them what their biggest challenge is, and they'll say lack of talent, lack of skills. And so this is a great example, Jim, you're mentioning it, you've productized this. This is a great example of a technology company translating, IT labor costs into R&D. And removing those so customers can spend time running their business. Bob and Jim, thanks so much for coming on the CUBE. Great story. Really appreciate your time. >> Thank you, Dave. >> Thank you, Dave. >> Thanks, Bob. >> All right. And thank you everybody for watching. This is Dave Vellante for the CUBE. We'll see you next time. (instrumental music)

>>from around the globe. It's the Cube with digital coverage of Dell Technologies. World Digital Experience Brought to you by Dell Technologies. Hey, welcome back. You're ready. Jeffrey here with the Cube. Welcome back to our ongoing coverage of Dell Technology World 2020. The Digital Experience. I'm coming to you from Palo Alto. It's a digital event, just like everything else in 2020. But we're excited to have our next guest. I think he's coming in all the way from Atlanta, Georgia. He's Jim Shook, the director of cyber security and compliance practice at Del Technology. Jim, Great to see you. >>Thanks, Jeff. It's quite the title there. Thanks for getting all that out. >>I have a big posted notes so that, uh, that's very helpful. But, you know, it's it's actually kind of an interesting thing because you have compliance and cybersecurity and your title, and it's it's It's interesting relationship between compliance as a motivator of behavior versus you know, you need to go a lot further than just what the compliance says. So I'm curious if you can talk about that relationship between yeah, we need to be compliant, and we need to follow the rules. But you need to think a lot bigger than that. >>Yeah, definitely. I mean, there's so many different standards out there and requirements. So typically, what we'll see on the regulatory side is very much a minimum baseline, and leading the way, as usual in the cybersecurity space, will be financial and health care organizations. That's particularly true in the US, but pretty much globally, at least on the financial side. So they'll set some baselines. A lot of industries don't really have many. And so what we look at many times is just general risk to the business. And, of course, if you're a publicly traded company, that might trigger some SEC requirements or other things like that. But again, we really look at those requirements as minimum baselines, and you have to work up from there based on the organization's risk profile. >>Yeah, yeah, and we see that we see that, too, with privacy and a whole a whole bunch of stuff where traditionally the regs and the compliance kind of lag, you know where the technologies and where the markets moving. So let's before we get too deep into it. Let's let's talk about the cove it impact because obviously a huge thing. Insecurity, Uh, you know, a light switch moment in mid March when everybody had to work from home. So suddenly your tax surfaces increase exponentially. People are working out of home environments that you don't necessarily know what's going on there. Who's going on there, The shared networks with the spouse and the kids and and everybody else. And but now we're, you know, 678 months into this. This is something that's going to be going on for a while, and even the new normal will have some type of a hybrid relationship with with, you know, an increased level of remote remote work once they work from home. But it's really work from anywhere. So I wonder if you could share your thoughts about how things have transitioned from you know, what happened in mid March, taking care of your own business and your own people to, you know, then taking care of your customers and the emergencies that they had. But now really thinking in terms of more of kind of a long term, fundamental shift in the security profile that people have with all their data and information >>Yeah. Gosh, it's been really interesting. I think organizations have done an amazing job when you think about the things that they've had to get done just really overnight. So a lot has been written about the pandemic, and you mentioned Jeff to really that expanded threats surface. All of a sudden, you've got people working from home. There wasn't enough VPN capacity. A lot of places. I talked to some organizations. Employees just took their desktop off of their desk and brought it home so it wasn't really ready toe work at a remote location. But organizations really adapted well to it. Meanwhile, that was opportunity for the criminals, and they've taken it. But Jeff, one of the things that I think about two is to an extent, this is the new normal, not necessarily the work from home, but the shift that's going to consistently happen in cybersecurity. Things change. The criminals air really smart, they adapt. So that was work from home. What's the next thing going to be? There's I O T. There's remote devices. There will be some vulnerabilities. We just have to get used to this pace and continue it. Unfortunately, >>right, right, right Yeah, it's always it's always a little bit of, Ah, a cat and mouse game, Right? But what? And then one of the other trends that we're seeing, I don't know, maybe more visibility or maybe higher profile is is the ransomware attacks, right? So we've seen, you know, kind of this thing really interesting continuation of different types of security threats between just the the local kid who's just trying to do it because it's fun versus, you know, competitive stuff where people are trying to take out their competitors versus nation states and nation states being, um, you know, kind of driving these attacks. But the ransom, the ransom where we've seen before, but it seems to be increasing in frequency. Maybe we're just hearing about it. What's special about ransom, where as a specific type of security threat. >>So I started this practice about five years ago, and at that point, ransom or was just barely a blip, it was really about destruction and the way that we talk about it in the cybersecurity spaces. There's this triad, these three components of our data that we're trying to protect. So one of those is confidentiality, and that traces back to the attacks you're talking about. That's when somebody steals your data. You don't want them to do that. That breaks the confidentiality of the data. And that's really where the cybersecurity controls kind of grew up around, that you didn't want credit cards, intellectual property, healthcare information. And that's still a problem with ransom, where they're affecting the availability of the data or the integrity of the data. And those were the other two prongs that go with confidentiality. And so these attacks. That's why they feel different. Their impact in your ability to access the data, which in many cases can shut a business down. There have been headlines over the last couple of months. Some businesses that really were closed off for components of their business that were shut down, and it's because they didn't have their data or their systems, and then eventually they either found a way to recover them. Or perhaps in many cases, the speculation is they paid the ransom to get the data back, >>right. And of course, the problem with ever paying a ransom, um, is that you don't necessarily know you're going to get the data back. That you may just be encouraging them to hit you again. Eso paying the ransom is is not necessarily the best solution. And then then, in talking about this thing, turns out that in fact, not only may it not be the right solution, you may be breaking the law. This is a pretty interesting thing. I had no idea that there's really laws dictating, you know, I guess responding to a criminal threat. What? Where does that go? What's that from? >>Yeah, that's we've talked about this for a while. But it wasn't until about two weeks ago that some information was released from the Department of Treasury. So the idea here is that every not every country, many countries, the US among them have lists of countries and organizations that you can't do business with. So essentially a prohibited or sanctions list. And, as it turns out, many of the ransomware bad actors and Jeff is actually real name of one of them evil court. It sounds like a movie or a book, but that's one of the ransomware bad actors there on those lists. So if you get attacked by an organization that's on the list and you pay them. You have now completed a transaction with a prohibited entity and you're subject to potential sanctions. There was a lot written about this being a new law, or the US came up with this law, and that's not the case. The laws have been on the books for a while. It was the Department of Treasury, kind of issuing some guidance, just nudging people. Hey, by the way, you shouldn't be doing this and some of the research I've done a lot of countries have these laws. So while it's just the US that came out with this advisory, which was very public and certainly a big wake up call, these laws exist in a lot of other countries. So organizations really need to be prepared for what they're going to do if they get hit with the Ransomware attack. Not really counting on paying the ransom for the reasons that you said, Plus, it may be against the law. >>And just to make sure I understand you, it's against the law because you're effectively doing business by having a financial transaction with one of these, prohibited either organizations or they're in a prohibited country complete. >>That's correct Yeah, mostly about the organization, um, and then an interesting component of this and we won't get into too much of the weeds on the legal side. But the law is actually a strict liability. So that means it doesn't matter whether you knew or should have known that the entity was on a prohibited list. The mere fact of having that transaction makes you liable. And then the way that the the regulations are written, you can't get someone else to do your dirty work for you. So if you are facilitating that transaction anyway, you may be running afoul of those laws. >>Jesus. One more thing to worry about where you're trying to get business. You're trying to get your business back up and running, but specifically with with with ransomware and why it's different. I mean, there's been business continuity, planning forever. You know, you guys have backup and recovery solutions. Uh, you know, there's so much effort around that What's different here? Is it just because of the time in which you have to respond the availability of those backups toe to come back and get in production? What makes Ransomware so special from a business continuity perspective besides the fact that you're not allowed to pay him because it might be breaking the law. >>Ah, lot, You hit on a couple things there. So we've known forever that with D R. Disaster recovery One of the major things you're doing there is your replicating data quickly so that if you lose sight A you can pop up its site B With ransomware, you're replicating the corrupted data, so you lose that with backups. The bad guys know, just like you mentioned that if you have a backup, you could use that to recover. So they are more frequently now gathering their credentials and attacking the backup. So many cases we see the backups being deleted or otherwise destroyed. And that's really where we have focused with our power. Protect cyber recovery solution is creating a new, extra offline air gapped copy of the most critical applications. That's not going to be susceptible to the attack or the follow up attack that deletes the data. >>So let's jump into that a little bit, um, in a little bit more detailed. So this is a special solution, really targeted, um, as a defense against Ransomware because of the special attributes that ransom where, uh, e guess threatens threatens or the fact that they they also go after your backup in recovery at the same time, knowing you're gonna use that to basically lower the value of their ransom attack. That's crazy. >>Yeah, they're smart. You know, these these Attackers air smart. There's billions of dollars at stake. E think organizations like Evil Corp estimates are they could be making hundreds of millions of dollars. So they're they're not even small businesses. They're almost industries unto themselves. They have advanced tactics, They're leveraging capabilities, and they have. They have products, essentially. So when you think about your production data, your backups, your disaster recovery, those air, all in environments, that they're not accessible on the Internet. But that's where you're doing business. So there is access there. There's employees that have access, and the bad guys find ways to get in through spear phishing attacks, where they're sending emails that look like they're from somebody else and they get a foothold. Once they have that foothold, they can leverage that access to get throughout that production environment. They have access to that data, and they deleted with cyber recovery. What we're doing is we're creating a vaulted environment that's offline. They can't get there from from where they are, so they can't get access to that data. We lock it down, we analyze it, we make sure that it's good and then this happens automatically and day over day. So you've always got that copy of data. If your worst case scenario develops and you lose your production environment, that happens. You've got this copy of data for your most critical applications. You don't want to copy everything in there, but you can use to actually recover and that recover capability. Jeff is one of the pillars of a cyber security structure, so we focus a lot, kind of like you said before. What's different about these attacks? We focus a lot on protecting data and detecting bad guys. This is the recover capability that is part of all these frameworks, >>right? So there's a lot to unpack there before we get into the recovery. And kinda actually, why don't we just start there and then I want to get into the air gap because that's a great That's a great thing to dig in on the recovery what's kind of your targeted s l A Is it based on the size of the application? Um, is it based on on, you know, a different level of service. I mean, what is what is the hope? If I buy into this this solution that I can get my recovery and get back into business if I choose, not toe to pay these guys? What? What does it? What does that kind of look like? >>Most of the time, we're providing a product that our customers are deploying, and then we have some partners that will deployed as a service to, so the SLS may vary, but what we're targeting is a very secure environment, and you can look at how it's architected and think about the technologies. If it's properly operated, you can't get there. You can't get to the data. So the points that we're really looking at is how frequently do we want to update that data? So in other words, how much data can you afford to lose? And then how long will it take you to recover? And both of those? You can leverage the technologies to shorten those up to kind of your requirements. So loosely speaking, the in the shorter you make the time may cost you a little bit more money, a little bit more effort. But you can tighten those up pretty much what your requirements are going to be, >>right? Right? And then let's talk about air gaps because air gaps. That means something very, very specific. It literally means classically right, an air gap. There is a space in between these systems until electrons learn how to jump. Um, they're they're they're physically separated. Um, but that's harder and harder to do, right, because everything is now a P I based, and everything is an app that's based on a bunch of other APS, and there's calls and there's, you know, everything is so interconnected now. But you talked about something specifically said, an automated air gap. And you also said that you know, we're putting this data where it is not connected for some period of time. So I wonder if you could explain a little bit more detail how that works, how it's usually configured, um t to reintroduce an air gap into this crazy connected world. >>Yeah, it's kind of going backward to go forward in a lot of ways. When we're careful about the term, we'll use the term logical air gap because you're right, Jeff on Air Gap is there's a gap, and what we're doing is we're manipulating that air gap in a way that most of the time that data are are safe. Data are vaulted, data is on the other side of the air gap, so you can't get there. But we'll bring it up in air. Gap will logically enable that air gap so that there is a connection which enables us to update the data that's in the vault, and then we'll bring that connection back down. And the way that we've architected the solution is that even when it's enabled like that, we've minimized the capability to get into the vault. So, really, if you're a bad actor, if you know everything that's going on, you might be able to prevent the update. But you can't get into the vault unless you're physically there. And, of course, we put some controls on that so that even insiders are very limited what they can do if they get inside the vault and the A. P. T s, the advanced persistent threats. People who are coming from other countries. Since they're not physically there, they can't access that data. >>That's good. So it's on its off, but it's usually off most of the time, so the bad guys can't get across there. >>Yeah, and again it's It's important that even when it's on it za minimal exposure there. So you think about our triad, the confidentiality, integrity, availability. You know, we're blocking them from getting in so they can maybe do a denial of service type of attack. But that's it. They can't get into break into the vault and break things and destroy the data like they would in production. >>I want to shift gears a little bit gym, and I've I've gone to our essay, I think, for the last three or four years of fact, I think it was the last big live event we did in 2020 before everything came to a screeching halt. And, you know, one of the things I find interesting about the security industry is this one of these opportunities for cooperative Shin um within the security industry that even though you might work for a company that competes with another company. You know there's opportunities to work with your peers at other companies. So you have more of a unified front against the bad guys as well as learn from what's going on. Uh, with some of the other you know, people. So you can learn from the from the attacks that they're surfacing. There's interesting, uh, organization called Sheltered Harbor that it came across and doing research for this. You guys have joined it. It was basically it looks like it was built around 100 30. This this article is from earlier in the years. Probably groaning is from February 130 participating financial institutions, which collectively hold 72% of all deposit accounts and 71% of all U. S retail brokerage assets. It's a big organization focused on security, Del joined not as a financial institution but as a vendor. I wonder if you can share what this organizations all about. Why did you guys join and what? Where you see some of the benefits both for you as well as your customers? >>Yeah, there's a lot there, Jeff. I've been part of that process for a little bit over two years and kicked it off after we identified. Sheltered Harbor is an organization that we wanted to work with. So, as you said, founded by some of the banks and credit unions and other financial institutions in the US, and what's unique about it is it's designed to protect the U. S. Financial system and consumer confidence. It's not actually designed to protect the bank. So of course, that's an outcome there if you're protecting consumer confidence than it's better for the banks. But that's really the goal. And so it's a standards based organization that looked at the problem of what happens if a bank it's attacked, what happens to the customers. So they actually came up with the specifications, which follows so closely to what we do with cyber recovery. They identified important data. They built requirements, not technologies, but capabilities that a vault would need to have to protect that data. And then the process is to recover that data if an event occurred. So we talked to the team for a while. We're very proud of what we've been able to accomplish with them is the only solution provider in their advisory program, and the work that we've done with the power protect cyber recovery solution. We have some more news coming out. I'm not permitted toe announce it yet. It's pretty soon, so stay tuned, and it's just been a really great initiative for us to work with, and the team over there is fantastic. >>So I just one or two. If you can share your thoughts as as the role of security has changed over the last several years from, you know, kind of a perimeter based point of view and you know, protection and walls and, uh, firewalls and and and all these things which is completely broken down now to more of a integrated security approach and baking security into your data to your encryption to your applications, your access devices, etcetera and really integrating security more into the broader flow of product development and and delivery and and how that's impacted the security of the of the customers and impacted professionals like you that are trying to look down the road and get ahead of the next. You know, kind of two or three bad things that are coming. How is that security posture really benefited everybody out there? >>It gets a really difficult problem that we just keep working at it again. We don't have a goal, because if we're targeting here, the threat actors is a bad actors. They're gonna be here. I was reading an article today about how they're already the bad actors already employing machine learning to improve what they're doing and how they target their phishing attacks and things like that. So thinking about things like security by design is great. We have millions billions of devices, and if we start from the ground up that those devices have security built in, it makes the rest of the job a lot easier. But that whole integration process is really important to I mentioned before the recovery capability and protect and detect Well, if you look at the nice cybersecurity framework has five pillars that have capabilities within each one, and we need to keep focusing on our capabilities in those space, we can't do one and not the other. So we do multi factor authentication. But we need to look at encryption for our devices. We need to build from the ground up. We need to have those recover capabilities. It's just kind of a never ending process. But I feel like one of the most important things that we've done over the last year, partly driven by the changes that we've had, is that we're finally recognizing that cyber security is a business issue. It's not a nightie issue. So if your digital and your assets are digital, how can you confine this to a nightie group? It's It's the business. It's risk. Let's understand what risk is acceptable cover the risk that isn't and treated like a business process that it ISS. >>That's great, because because I always often wonder, you know, if you think of it as an insurance problem, you know, then you're gonna be in trouble because you can't You can't just lock everything down, right? You gotta you gotta do business. And you always think of the, you know, ships or safest, uh, at harbor. But that's not what ships are built for, right? You can't just lock everything down, but if you take it more of a business approach, so you're you're measuring investments and risk and putting dollar amounts on it. Then you can start to figure out how much should I invest in security because you can't spend ah, 100% of your revenue on security. What is the happy medium? How do you decide and how do you apply that investment where, you know, it's kind of a portfolio strategy problem >>it is. And and that's one of the areas that again my five years in the building, the practice we've seen organizations start to move to. So you want to protect your most important assets the best. And then there are things that you still want to protect, but you can't afford the time, the budget, the operational expense of protecting everything. So let's understand what really drives this business if I'm a law firm might be my billion and document management systems and health care. It's a electronic medical record and manufacturing the manufacturing systems. So let's protect the most important things the best and then kind of moved down from there. We have to understand what those systems are before we can actually protect them. And that's where the business really needs to work more closely. And they are with the I T teams with cyber security teams, >>right, and like, I like a lot of big problems, right? You gotta break it down. You gotta You gotta prioritize. You gotta, you know, start just knocking off what's important and not so overwhelmed by, you know, trying to protect everything to the same degree. This is not practical, and it's not not a good investment. >>That's exactly the case. And there's the ongoing discussions about shortage of people in the cybersecurity space, which there are. But there are things that we can do that to really maximize what those people do, get them to focus on the higher level capabilities and let the tools do some of the things that the tools air good at. >>Right. So, you know, you triggered one last point and we'll wrap on this, but I'll give you the last word. Aziz, you look forward. Two things like automation and two things like artificial intelligence and machine learning that you can apply to make those professionals more effective on automate some stuff. Um, how do you see that evolving? And does that give you big smiles or frowns as you think about your use of AI in a nml versus the bad guys, they have some of the same tools as well. >>They dio and look, we have to use those to keep up. I'll give you example with with power, protect cyber recovery. We already use AI and ML to analyze the data that's in our vault. So how do you know that the data is good? We're not gonna have somebody in the vault looking through the files by leveraging those capabilities. We could give a verdict on that data. And so you know that it's good. I think we we have to continue to be careful that we understand what the tools are. We deploy them in the right way. You can't deploy tool just to deploy honor because it's hot or because it's interesting that goes back to understanding the systems that we need to protect the risks that we can accept or perhaps cover with insurance and the risks that gosh, we really can't accept. We need to make sure that the business continues to operate here, so I think it's great. Um, the communities have really come together. There's more information sharing than ever has gone on. And that's really one of our big weapons against the bad actors. >>All right, Well, Jim, thank you so much for sharing your insight. I think your job security is locked in for the foreseeable future. We didn't even get into five G and I o t and ever increasing attack, surface and sophistication of the bad guys. So thank you for doing what you do and helping keep us safe. Keep your data safe and keeping our companies running. >>Thank you for the opportunity. >>Alright, He's Jim. Mom. Jeff. Thanks for watching the cubes. Continuous coverage of Dell Technology World 2020. The Digital Experience. Thanks for watching. We'll see you next time.

>> If you really want to make an impact to your business, it takes more than just moving your workloads into the cloud. So-called lift and shift is fine to reduce data center footprints and associated costs, but to really drive change, you don't want to simply "pave the cow path," as the saying goes. Rather, you need to think about the operating model, and that requires more comprehensive systems thinking. In other words, how will changes in technology affect business productivity? Or, you know what? Even flip that. What changes in my business process could lower cost, cut elapse times, and accelerate time to market, increase user productivity, and lower operational risks? And what role can technology play in supporting these mandates through modernization, automation, machine intelligence, and business resilience? And that's what we're here to discuss today. Welcome to Driving Business Results with Cloud Transformation, made Possible by Dell and DXC. My name is Dave Vellante, and today we're going to zoom out and explore many aspects of cloud transformation that leading organizations are acting on today. Yeah, sure, we're going to look at optimizing infrastructure, but we'll also dig deeper into cloud considerations, governance, compliance, and security angles, as well as the impact of emerging opportunities around edge and Industry 4.0. Our focus will be on how to remove barriers and help you achieve business outcomes. And to do this, our program features the long-term partnership between Dell and DXC. And we bring to this program six experts in three separate sessions, who are working directly with top organizations in virtually every industry to achieve high impact results. We're going to start with a conversation about cloud, the cloud operating model, and transforming key aspects of your infrastructure. And then we'll look into governance, security, and business resilience. And in our third session, we'll discuss exciting transformations that are occurring in smart manufacturing and facilities innovations. So let's get right into it with our first session. Enjoy the program. (bright music) Hello, and welcome to what is sure to be an insightful conversation about getting business results with cloud transformation. My name is Dave Vellante, and I'm here with James Miller, Chief Technologist for Cloud and Infrastructure Services, and Jay Dowling, Americas Sales Lead for Cloud and Infrastructure Services, both with DXC Technology. Gentlemen, thanks for your time today. Welcome to theCube. >> Great. Thanks for having us. >> Thank you Dave. Appreciate it. >> So let's get right into it. You know, I've talked to a lot of practitioners who've said, "Look, if you really want to drop zeros, like a lot of zeros to the bottom line, you can't just lift and shift." You really got to think about modernizing, the application portfolio. You got to think about your business model, and really think about transforming your business, particularly the operating model. So my first question, Jim, is, What role does the cloud play in modernization? >> Well, there are really three aspects that the, the cloud plays in modernization. You mentioned multiple zeros. One is cost optimization, and that can be achieved through business operations, through environmental, social, and governance. Also being more efficient with your IT investments. But that's not the only aspect. There's also agility and innovation. And that can be achieved through automation and productivity, speed to market for new features and functions, improvements in the customer experience, and the capability to metabolize a great deal more data in your environment, which the end result is an improvement in releasing of new things to the field. And finally, there's resilience. And I'm not really talking about IT resilience, but more of business resilience, to be able, to be able to handle operational risk, improve your securities and controls, deal with some of the talent gap that's in the industry, and also protect your brand reputation. So modernization is really about balancing these three aspects, cost optimization, agility and innovation, and resilience. >> So, so thank you for that. So Jay, I got to ask you, in the current climate, everybody's, you know, concerned, and there's not great visibility on the macro. So, Jim mentioned cost optimization. That seems to be one of the top areas that customers are focused on. The two I hear a lot are consolidating redundant vendors and optimizing cloud costs. So that's, you know, top of mind today. I think everybody really, you know, understands the innovation and, and, and agility piece, at least at a high level, maybe realizing it is different. And then the business resilience piece is really interesting because, you know, prior to the pandemic people, you know, they had a DR strategy, but they realized, "Wow, my business might not be that resilient." So Jay, my question to you is, What are you hearing when you talk to customers? What's the priority today? >> Yeah, the priority is an often overused term of digital transformation. You know, people want to get ready for next generation environments, customer experience, making sure they're improving, you know, how they engage with their clients and what their branding is. And what we find is a lot of clients don't have the underlying infrastructure in place today to get to where they want to get to. So cloud becomes an important element of that. But, you know, with DXC's philosophy, not everything goes to, not everything necessarily needs to go to cloud to be cost optimized, for instance. In many cases, you can run applications, you know, in your own data center, or on-prem, or in other environments, in a hybrid environment, or multi-cloud environment, and, and still be very optimized from a cost spend standpoint and also put yourself in position for modernization and for be able to do the, bring the things to the business that the clients are, you know, that their clients are looking for, like the CMO and the CFO, et cetera. Trying to use IT as a lever to drive business and to drive, you know, business acceleration and drive profitability, frankly. So there's a lot of dependency on infrastructure, but there's a lot of elements to it. And, and we advocate for, you know, there's not a single answer to that. We like to evaluate clients' environments and work with them to get them to an optimal target operating model, you know, so that they can really deliver on what the promises are for their departments. >> So if, let's talk about some of the, the barriers to realizing value in, in a context of modernization. We talked about cost optimization, agility, and, and, and resilience. But there's a business angle, and there's a technical angle here. 'Cause we always talk about people, process, and technology. Technology, oftentimes, CIOs will tell us, "Well, that's the easy part. We'll figured that out," whether it's true or not. But I agree, people and process is sometimes the tough one. So Jay, why don't you start. What do you see as the barriers, particularly from a business standpoint? >> I think people need to let their guard down and be open to the ideas that are, that are out there in the market from, you know, the, the standards that are being built by, you know, best in class models. And, and there's many people that have gone on, you know, cloud journeys and been very successful with it. There's others that have set high expectations with their business leaders that haven't necessarily met the goals that they need to meet or maybe haven't met them as quickly as they promised. So there's a, you know, there's a change management aspect that you'd need to look at with the, you know, with the environments. There's a, you know, there's a skillset set environment that they need to be prepared for. Do they have the people, you know, to deliver with the, you know, with the tools and the skills and the, and the models that that they're putting themselves in place for in the future versus where they are now? There's just a lot of, you know, there's a lot of different elements. It's not just a, "This price is better," or, "This can operate better than one environment over the other." I think we like to try to look at things holistically and make sure that, you know, we're being, you know, as much of a consultative advocate for the client, for where they want to go, what their destiny is, and based on what we've learned with other clients. You know, and we can bring those best practices forward because we've worked, you know, across such a broad spectra of clients versus them being somewhat contained and sometimes can't see outside of their own, you know, their own challenges, if you would. So they need, they need advocacy to help, you know, bring them to the next level. And we like to translate that through, you know, technology advances, which, you know, Jim's really good at doing for us. >> Yeah, Jim, is, is it, is it a, is the big barrier a skills issue, you know, bench strength? Are there other considerations from your perspective? >> Well, we, we've identified a number of factors that inhibit success of, of customers. One is thinking it's only a technology change in moving to cloud when it's much broader than that. There are changes in governance, changes in process that need to take place. The other is evaluating the cloud providers on their current pricing structure and performance. And, and we see pricing and structure changing dramatically every few months between the various cloud providers. And you have to be flexible enough to, to determine which providers you want. And it may not be feasible to just have a single cloud provider in this world. The other thing is a big bang approach to transformation, "I want to move everything, and I want to move it all at once." That's not necessarily the best approach. A well thought out cloud journey and strategy and timing your investments are really important to get at maximizing your business return on the journey to the cloud. And finally, not engaging stakeholders early and continuously. You have to manage expectations in moving to cloud on what business factors will get affected, how you will achieve your cost savings, and, and how you will achieve the business impact over the journey and reporting out on that with very strict metrics to all of the stakeholders. >> You know, mentioned multi-cloud just then. We had, in January 17th, we had our Supercloud 2 event. And Supercloud is basically, it's really multi, what multi-cloud should have been, I, I like to say. So it's this creating a common experience across clouds. And you guys were talking about, you know, there's different governance, there's different security, there's different pricing. So, and, and one of the takeaways from this event in talking to customers and practitioners and technologists is, you can't go it alone. So I wonder if you could talk about your partnership strategy, what do partners bring to the table, and what is, what is DXC's, you know, unique value? >> I'd be happy to lead with that if you'd like. >> Great. >> I, you know, we've got a vast partner ecosystem at DXC, given the size and, and the history of the company. I could use several examples. One of the larger partners in my particular space is Dell Technology, right? They're a great, you know, partner for us across many different areas of the business. It's not just a storage and compute play anymore. They're, they're on the edge. They're, you know, they're, they've got intelligence in their networking devices now. And they've really brought, you know, a lot of value to us as a partner. And, you know, there, there's somebody, you could look at Dell technology as somebody that might, you know, have a victim, you know, effect because of all the hyperscale activity and all the cloud activity. But they've really taken an outstanding attitude with this and say, "Listen, not all things are destined for cloud, or not all things would operate better in a cloud environment." And they like to be part of those discussions to see how they can, you know, how we can bring a multi-cloud environment, you know, both private and public, you know, to clients. And let's look at the applications and the infrastructure and, and what's, you know, what's the best optimal running environment, you know, for us to be able to bring, you know, the greatest value to the business with speed, with security, with, you know. And, you know, the things that they want to keep closest to the business are often things that you want to kind of, you know, keep on your premise or keep in your own data center. So they're, they're an ideal model of somebody that's resourced us well, partners with us well in the market. And, and we continue to grow that relationship day in and day out with those guys. And we really appreciate, you know, their support of our strategy, and, and we like to also compliment their strategy and work, you know, work together hand in hand in front of our clients. >> Yeah, you know, Jim, Matt Baker, who's the head of strategic planning at Dell talks about, "It's not a zero sum game." And I think, you know, you're right, Jay. I think initially people felt like, "Oh wow, it's, it is a zero sum game." But it's clearly not, and this idea of of, whether you call it supercloud or ubercloud or multicloud, clearly Dell is headed in in that direction. And I, you know, look at some of their future projects. There's their narrative. I'm curious from a technology standpoint, Jim, what your role is. Is it to make it all work? Is it to, you know, end to end? I wonder if you could help, you know, us understand that. >> Help us figure this out, Jim, here. (group laughing) >> Glad to expand on that. One of my key roles is developing our product roadmap for DXC offerings. And we do that roadmap in conjunction with our partners where we can leverage the innovation that our partners bring to the table. And we often utilize engineering resources from our partners to help us jointly build those offerings that adapt to changes in the market and also adapt to many of our customers changing needs over time. So my primary role is to look at the market, talk to our customers, and work with our partners to develop a product roadmap for delivering DXC products and services to our clients so that they can get the return on investment on their technology journeys. >> You know, we've been working with these two firms for a while now. Even predates, you know, the, the name DXC and that, that transformation. I'm curious as to what's, how you would respond to, "What's unique?" You know, you hear a lot about partnerships. You guys got a lot of competition. Dell has a lot of competition. What's specifically unique about this combination? >> I think, go ahead, Jim. >> I would say our unique approach, we call it cloud right. And that, that approach is making the right investments, at the right time, and on the right platforms. And our partners play a, play a key role in that. So we, we encourage our customers to not necessarily have a cloud first approach, but a cloud right approach where they place the workloads in the environment that is best suited from a technology perspective, a business perspective, and even a security and governance perspective. And, and the right approach might include mainframe. It might include an on-premises infrastructure. It could include private cloud, public cloud, and SaaS components all integrated together to deliver that value. >> Yeah, Jay, please. >> If you were... >> That is a complicated situation for a lot of customers. Chime in here. (Jay chuckles) >> And now, if you were speaking specifically to Dell here, like they, they also walk the talk, right? They invest in DXC as a partnership. They put people on the ground that their only purpose in life is to help DXC succeed with Dell in, you know, arm in arm in front of clients. And it's not, you know, it's not a winner take all thing at all. It's really a true partnership. They, they, they've brought solution resources. We have an account CTO. We've got executive sponsorship. We do regular QBR meetings. We have regular executive touchpoint meetings. It's really important that you keep a high level of intimacy with the client, with the partners, you know, and, and the, and the GSI community. And I, I've been with several GSIs, and, and this is an exceptional example of true partnership and commitment to success with Dell technology. I'm really extremely impressed on, on the engagement level that we've had there and, you know, continue to show a lot of support, you know, both for them. You know, there's other OEM partners, of course, in the market. There's always going to be other technology solutions for certain clients, but this has been a particularly strong element for us in our partnership and in our go-to-market strategy. >> Well, I think too, just my observation, is a lot of it's about trust. You guys have both earned the trust, the kind of, over the, over the years taking your arrows, you know, of over decades. And, and you know, that just doesn't happen overnight. So guys, I appreciate it. Thanks for your time. It's all about getting cloud right, isn't it? >> That's right. (chuckles) (Dave chuckles) >> Thank you Dave. Appreciate it very much. >> Dave, thank you. >> Jay, Jim, great to have you on. Keep it right there for more action on theCube. Be right back. (upbeat guitar music) (keyboard clicks) Welcome back to the program. My name is Dave Vellante, and in this session we're going to explore one of the more interesting topics of the day. IoT for smart factories and with me are Todd Edmunds, the Global CTO of Smart Manufacturing Edge and Digital Twins at Dell Technologies. That is such a cool title. (Todd chuckles) I want to be you. And Dr. Aditi Banerjee who's the Vice President, General Manager for Aerospace Defense and Manufacturing at DXC Technology. Another really cool title. Folks, welcome to the program. Thanks for coming on. >> Thank you. >> Thanks, Dave. Great to be here. >> Nice to be here. So, Todd, let's start with you. We hear a lot about Industry 4.0, smart factories, IIoT. Can you briefly explain like what is Industry 4.0 all about, and why is it important for the manufacturing industry? >> Yeah, sure, Dave. You know, it's been around for quite a while. And it's got, it's gone by multiple different names, as you said, Industry 4.0, smart manufacturing, industrial IoT, smart factory, but it all really means the same thing. Its really applying technology to get more out of the factories and the facilities that you have to do your manufacturing. So being much more efficient, implementing really good sustainability initiatives. And so we really look at that by saying, "Okay, what are we going to do with technology to really accelerate what we've been doing for a long, long time?" So it's really not, it's not new. It's been around for a long time. What's new is that manufacturers are looking at this not as a one-off, two-off, individual use case point of view. But instead they're saying, "We really need to look at this holistically, thinking about a strategic investment in how we do this, not to just enable one or two use cases, but enable many, many use cases across the spectrum." I mean, there's tons of them out there. There's predictive maintenance, and there's OEE, overall equipment effectiveness, and there's computer vision. And all of these things are starting to percolate down to the factory floor. But it needs to be done in a little bit different way. And, and, and really, to really get those outcomes that they're looking for in smart factory, or Industry 4.0, or however you want to call it, and truly transform. Not just throw an Industry 4.0 use case out there, but to do the digital transformation that's really necessary and to be able to stay relevant for the future. You know, I heard it once said that you have three options. Either you digitally transform and stay relevant for the future, or you don't and fade into history like 52% of the companies that used to be on the Fortune 500 since 2000, right? And so really that's a key thing, and we're seeing that really, really being adopted by manufacturers all across the globe. >> Yeah so, Aditi, that's like digital transformation is almost synonymous with business transformation. So is there anything you'd add to what Todd just said? >> Absolutely. Though, I would really add that what really drives Industry 4.0 is the business transformation, what we are able to deliver in terms of improving the manufacturing KPIs and the KPIs for customer satisfaction, right? For example, improving the downtime, you know, or decreasing the maintenance cycle of the equipments, or improving the quality of products, right? So I think these are a lot of business outcomes that our customers are looking at while using Industry 4.0 and the technologies of Industry 4.0 to deliver these outcomes. >> So Aditi, I wonder if I could stay with you. And maybe this is a bit esoteric. But when I first started researching IoT and, and, and Industrial IoT 4.0, et cetera, I felt, you know, while there could be some disruptions in the ecosystem, I kind of came to the conclusion that large manufacturing firms, aerospace defense companies, the firms building out critical infrastructure, actually had kind of an incumbent advantage in a great opportunity. Of course, then I saw on TV, somebody now they're building homes with 3D printers. Its like, blows your mind. So that's pretty disruptive, but, so, but they got to continue. The incumbents have to continue to invest in the future. They're well capitalized. They're pretty good businesses, very good businesses. But there's a lot of complexities involved in kind of connecting the old house to the new addition that's being built, if you will, or this transformation that we're talking about. So my question is, How are your customers preparing for this new era? What are the key challenges that they're facing and the, the blockers, if you will? >> Yeah, I mean the customers are looking at Industry 4.0 for greenfield factories, right? That is where the investments are going directly into building the factories with the new technologies, with the new connectivities, right, for the machines. For example, industrial IoT, having the right type of data platforms to drive computational analytics and outcomes, as well as looking at edge versus cloud type of technologies, right? Those are all getting built in the greenfield factories. However, for the install-based factories, right, that is where our customers are looking at, "How do I modernize these factories? How do I connect the existing machine?" And that is where some of the challenges come in on, you know, the legacy system connectivity that they need to think about. Also, they need to start thinking about cybersecurity and operation technology security, right, because now you are connecting the factories to each other, right? So cybersecurity becomes top of mind, right? So there is definitely investment that is involved. Clients are creating roadmaps for digitizing and modernizing these factories and investments in a very strategic way, right? So perhaps they start with the innovation program, and then they look at the business case, and they scale it up, right? >> Todd, I'm glad Aditi brought up security. Because if you think about the operations technology, you know, folks, historically, they air gapped, you know, the systems. That's how they created security. That's changed. The business came in and said, "Hey, we got to, we got to connect. We got to make it intelligent." So that's, that's got to be a big challenge as well. >> It, it, it absolutely is Dave. And, and you know, you can no longer just segment that because really, to get all of those efficiencies that we talk about, that IoT and Industrial IoT and Industry 4.0 promise, you have to get data out of the factory. But then you got to put data back in the factory. So no longer is it just firewalling everything is really the answer. So you really have to have a comprehensive approach to security, but you also have to have a comprehensive approach to the cloud and what that means. And does it mean a continuum of cloud all the way down to the edge, right down to the factory? It absolutely does because no one approach has the answer to everything. The more you go to the cloud, the broader the attack surface is. So what we're seeing is a lot of our customers approaching this from a, kind of that, that hybrid, you know, "write once, run anywhere" on the factory floor down to the edge. And one of the things we're seeing, too, is to help distinguish between what is the edge, and that, and, and bridge that gap between, like Dave, you talked about IT and OT. And also help that, what Aditi talked about, is the greenfield plants versus the brownfield plants that they call it, that are the legacy ones and modernizing those. Is, it's great to kind of start to delineate. What does that mean? Where's the edge? Where's the IT and the OT? We see that from a couple of different ways. We start to think about really two edges in a manufacturing floor. We talk about an industrial edge that sits, or some people call it a far edge or a thin edge, sits way down on that plan. It consists of industrial hardened devices that do that connectivity. The hard stuff about, "How do I connect to this obsolete legacy protocol and what do I do with it?" And create that next generation of data that has context. And then we see another edge evolving above that, which is much more of a data and analytics and enterprise grade application layer that sits down in the factory itself that helps figure out where we're going to run this. Does it connect to the cloud? Do we run applications on-prem? Because a lot of times that on-prem application is, is, needs to be done because that's the only way that its going to, it's going to work because of security requirements, because of latency requirements, performance, and a lot of times cost. It's really helpful to build that multiple edge strategy because then you kind of, you consolidate all of those resources, applications, infrastructure, hardware, into a centralized location. Makes it much, much easier to really deploy and manage that security. But it also makes it easier to deploy new applications, new use cases, and become the foundation for DXC's expertise and applications that they deliver to our customers as well. >> Todd, how complex are these projects? I mean, I feel like it's kind of the, the digital equivalent of building the Hoover Dam. I mean, it, it, it's, (chuckles) it, it, so. Yeah, how long does a typical project take? I know it varies, but what, you know, what are the critical success factors in terms of delivering business value quickly? >> Yeah, that's a great question in that, in that we're, you know, like I said at the beginning, we, this is not new. Smart factory and Industry 4.0 is not new. It's been, it's, people have been trying to implement the holy grail of smart factory for a long time. And what we're seeing is a switch, a little bit of a switch, or quite a bit of a switch, to where the enterprise and the IT folks are having a much bigger say and have a lot to offer to be able to help that complexity. So instead of deploying a computer here, and a gateway there, and a server there, I mean, you go walk into any manufacturing plant and you can see servers sitting underneath someone's desk or a, or a PC in a closet somewhere running a critical production application. So we're seeing the enterprise have a much bigger say at the table, much louder voice at the table to say, "We've been doing this at enterprise all the time. We, we know how to really consolidate, bring hyper-converged applications, hyper-converged infrastructure, to really accelerate these kind of applications, really accelerate the outcomes that are needed to really drive that smart factory, and start to bring that same capabilities down into the, on the factory floor." That way, if you do it once to make it easier to implement, you can repeat that. You can scale that. You can manage it much easily. And you can then bring that all together because you have the security in one centralized location. So we're seeing manufacturers, yeah, that first use case may be fairly difficult to implement and we got to go down in and see exactly what their problems are. But when the infrastructure is done the correct way, when that, think about how you're going to run that and how are you going to optimize the engineering. Well, let's take that, what you've done in that one factory, and then set. Let's that, make that across all the factories, including the factory that we're in, but across the globe. That makes it much, much easier. You really do the hard work once and then repeat, almost like a cookie cutter. >> Got it. Thank you. Aditi, what about the skillsets available to apply these, to these projects? You got to have knowledge of digital, AI, data, integration. Is there a talent shortage to get all this stuff done? >> Yeah, I mean definitely, a lot. Different types of skillsets are needed from a traditional manufacturing skillset, right? Of course, the basic knowledge of manufacturing is, is important. But the, the digital skillset sets like, you know, IoT, having a skillset in different protocols for connecting the machines, right, that experience that comes with it, data and analytics, security, augmented virtual reality programming. You know, again, looking at robotics and the digital twin. So you know, it's a lot more connectivity software, data driven skillsets that are needed to smart factory to life at scale. And, you know, lots of firms are, you know, recruiting these types of skill, resources with these skillsets to, you know, accelerate their smart factory implementation, as well as consulting firms like DXC Technology and others. We, we, we recruit. We, we train our talent to, to provide these services. >> Got it. Aditi, I wonder if we could stay on you. Let's talk about the partnership between DXC and Dell. What are you doing specifically to simplify the move to Industry 4.0 for customers? What solutions are you offering? How are you working together, Dell and DXC, to, to bring these to market? >> Yeah, Dell and DXC have a very strong partnership. You know, and we work very closely together to, to create solutions, to create strategies, and how we, we are going to jointly help our clients, right? So areas that we have worked closely together is edge compute, right, how that impacts the smart factory. So we have worked pretty closely in that area. We're also looked at vision technologies, you know. How do we use that at the edge to improve the quality of products, right? So we have several areas that we collaborate in. And our approach is that we, we want to bring solutions to our client, and as well as help them scale those solutions with the right infrastructure, the right talent, and the right level of security. So we bring a comprehensive solution to our clients. >> So, Todd, last question, kind of similar but different. You know, why Dell DXC? Pitch me. What's different about this partnership? You know, where do you, are you confident that, you know, you're going to be, deliver the best value to, to customers? >> Absolutely. Great question. You know, there's no shortage of bespoke solutions that are out there. There's hundreds of people that can come in and do individual use cases and do these things. And just, and, and, and that's, that's where it ends. What Dell and DXC Technology together bring to the table is, we do the optimization, the optimization of the engineering of those previously bespoke solutions upfront, together, right? The power of our scalables, enterprise-grade, structured, you know, industry standard infrastructure, as well as our expertise in delivering package solutions that really accelerate with DXC's expertise and reputation as a global, trusted, trusted advisor. Be able to really scale and repeat those solutions that DXC is so really, really good at. And, and Dell's infrastructure, and our, what, 30,000 people across the globe that are really, really good at that, at that scalable infrastructure, to be able to repeat. And then it really lessens the risk that our customers have and really accelerates those solutions. So it's again, not just one individual solutions, it's all of the solutions that not just drive use cases, but drive outcomes with those solutions. >> Yeah, the, you're right, the partnership has gone, I mean, I first encountered it back in, I think it was 2010, May of 2010, we had you, you guys both on theCube. I think you were talking about converged infrastructure. And I had a customer on, and it was, actually a manufacturing customer, was quite interesting. And back then it was, "How do we kind of replicate what's coming in the cloud?" And, and you guys have obviously taken it into the digital world. Really want to thank you for your time today. Great conversation, and love to have you back. >> Thank you so much. >> Absolutely. >> It was a pleasure speaking with you. >> I agree. >> All right, keep it right there for more discussions that educate and inspire on theCube. (bright music) Welcome back to the program and we're going to dig into the number one topic on the minds of every technology organization. That's cybersecurity. You know, survey data from ETR, our data partner, shows that among CIOs and IT decision makers, cybersecurity continues to rank as the number one technology priority to be addressed in the coming year. That's ahead of even cloud migration and analytics. And with me to discuss this critical topic area are Jim Shook, who's the Global Director of Cybersecurity and Compliance Practice at Dell Technologies, and he's joined by Andrew Gonzalez, who focuses on Cloud and Infrastructure consulting at DXC Technology. Gents, welcome. Good to have you. >> Thanks Dave. Great to be here. >> Thank you. >> Jim, let's start with you. What are you seeing from the front lines in terms of the attack surface, and, and how are customers responding these days? >> It's always up and down and back and forth. The bad actors are smart. They adapt to everything that we do. So we're seeing more and more kind of living off the land. They're not necessarily deploying malware. Makes it harder to find what they're doing. And I think though, Dave, we've, we've adapted, and this whole notion of cyber resilience really helps our customers figure this out. And the idea there goes beyond cybersecurity, it's, "Let's protect as much as possible, so we keep the bad actors out as much as we can. But then, let's have the ability to adapt to and recover to the extent that the bad actors are successful." So we're recognizing that we can't be perfect a hundred percent of the time against a hundred percent of the bad actors. Let's keep out what we can, but then recognize and have that ability to recover when necessary. >> Yeah, thank you. So Andrew, you know, I like what Jim was saying about living off the land, of course, meaning using your own tooling against you, kind of hiding in plain sight, if you will. But, and, and as Jim is saying, you, you can't be perfect. But, so given that, what's your perspective on what good cybersecurity hygiene looks like? >> Yeah, so you have to understand what your crown jewel data looks like, what a good copy of a recoverable asset looks like. When you look at an attack, if it were to occur, right, how you get that copy of data back into production. And not only that, but what that golden image actually entails. So, whether it's networking, storage, some copy of a source code, intellectual property, maybe CMBD data, or an active directory, or DNS dump, right? Understanding what your data actually entails so that you can protect it and that you can build out your recovery plan for it. >> So, and where's that live? Where's that gold copy? You put on a yellow sticky? No, it's got to be, (chuckles) you got to be somewhere safe, right? So you have to think about that chain as well, right? >> Absolutely. Yeah. You, so, a lot of folks have not gone through the exercise of identifying what that golden copy looks like. Everyone has a DR scenario, everyone has a DR strategy, but actually identifying what that golden crown jewel data, let's call it, actually entails is one aspect of it. And then where to put it, how to protect it, how to make it immutable and isolated, that's the other portion of it. >> You know, if I go back to sort of earlier part of last decade, you know, cybersecurity was kind of a checkoff item. And as you got toward the middle part of the decade, and I'd say clearly by 2016, it, security became a boardroom issue. It was on the agenda, you know, every quarter at the board meetings. So compliance is no longer the driver, is, is my point. The driver is business risk, real loss of reputation or data, you know, it's, or money, et cetera. What are the business implications of not having your cyber house in order today? >> They're extreme, Dave. I mean the, you know, the bad actors are good at what they do. These losses by organizations, tens, hundreds of millions into the billions sometimes, plus the reputational damage that's difficult to, to really measure. There haven't been a lot of organizations that have actually been put out of business by an attack, at least not directly on, if they're larger organizations. But that's also on the table, too. So you can't just rely on, "Oh we need to do, you know, A, B and C because our regulators require it." You need to look at what the actual risk is to the business, and then come up with a strategy from there. >> You know, Jim, staying with you, one of the most common targets we hear of attackers is to go after the backup corpus. So how should customers think about protecting themselves from that tactic? >> Well, Dave, you hit on it before, right? Everybody's had the backup and DR strategies for a long time going back to requirements that we had in place for physical disaster or human error. And that's a great starting point for resilience capability. But that's all it is, is a starting point. Because the bad actors will, they also understand that you have those capabilities, and, and they've adapted to that. In every sophisticated attack that we see, the backup is a target. The bad actors want to take it out, or corrupt it, or do something else to that backup so that it's not available to you. That's not to say they're always successful, and it's still a good control to have in place because maybe it will survive. But you have to plan beyond that. So the capabilities that we talk about with resilience, let's harden that backup infrastructure. You've already got it in place. Let's use the capabilities that are there like immutability and other controls to make it more difficult for the bad actors to get to. But then as Andrew said, that gold copy, that critical systems, you need to protect that in something that's more secure, which commonly we, we might say a cyber vault. Although, there's a lot of different capabilities for cyber vaulting, some far better than others, and that's some of the things that we focus on. >> You know, it's interesting, but I've talked to a lot of CIOs about this, is prior to the pandemic, they, you know, had their, as you're pointing out, Jim, they had their DR strategy in place, but they felt like they weren't business resilient. And they realized that when we had the forced march to digital. So Andrew, are there solutions out there to help with this problem? Do you guys have an answer to this? >> Yeah, absolutely. So I'm glad you brought up resiliency. We, we take a position that to be cyber resilient, it includes operational resiliency. It includes understanding at the C level what the implication of an attack means, as we stated, and then, how to recover back into production. When you look at protecting that data, not only do you want to put it into what we call a vault, which is a Dell technology that is an offline immutable copy of your crown jewel data, but also how to recover it in real time. So DXC offers a, I don't want to call it a turnkey solution since we architect these specific to each client needs, right, when we look at what client data entails, their recovery point, objectives, recovery time objectives, what we call quality of the restoration. But when we architect these out, we look at not only how to protect the data, but how to alert and monitor for attacks in real time, how to understand what we should do when a breach is in progress, putting together with our security operations centers, a forensic and recovery plan and a runbook for the client, and then being able to cleanse and remediate so that we can get that data back into production. These are all services that DXC offers in conjunction with the Dell solution to protect, and recover, and keep bad actors out. And if we can't keep them out to ensure that we are back into production in short order. >> You know, this, this discussion we've been having about DR kind of versus resilience, and, and you were just talking about RPO and RTO. I mean, it used to be that a lot of firms wouldn't even test their recovery 'cause it was too risky. Or, you know, maybe they tested it on, you know, July 4th or something like that. But, but it, I'm inferring that's changed. I wonder if we could, you know, double click on recovery? How hard is it to, to, to test that recovery, and, and how quickly are you seeing organizations recover from attacks? >> So it depends, right, on the industry vertical, what kind of data. Again, a financial services client compared to a manufacturing client are going to be two separate conversations. We've seen it as quickly as being able to recover in six hours, in 12 hours. In some instances we have the grace period of a day to a couple of days. We do offer the ability to run scenarios once a quarter where we can stand up in our systems the production data that we are protecting to ensure that we have a good recoverable copy. But it depends on the client. >> I really like the emphasis here, Dave, that you're raising and that Andrew's talking about. It's not on the technology of how the data gets protected. It's focused on the recovery. That's all that we want to do. And so the solution with DXC really focuses on generating that recovery for customers. I think where people get a little bit twisted up on their testing capability is, you have to think about different scenarios. So there are scenarios where the attack might be small. It might be limited to a database or an application. It might be really broadly based like the NotPetya attacks from a few years ago. The regulatory environment, we call those attacks severe but plausible. So you can't necessarily test everything with the infrastructure, but you can test some things with the infrastructure. Others, you might sit around on a tabletop exercise or walk through what that looks like to really get that, that recovery kind of muscle, muscle memory so that people know what to do when those things occur. But the key to it, as Andrew said before, have to focus down, "What are those critical applications? What do we need, what's most important? What has to come back first?" And that really will go a long way towards having the right recovery points and recovery times from a cyber disaster. >> Yeah, makes sense. Understanding the value of that data is going to inform you how to, how to respond and how to prioritize. Andrew, one of the things that we hear a lot on theCube, especially lately, is around, you know, IOT, IIOT, Industry 4.0, the whole OT security piece of it. And the problem being that, you know, traditionally, operations technologies have been air gapped, often by design. But as businesses, increasingly they're driving initiatives like Industry 4.0, and they're connecting these OT systems to IT systems. They're, you know, driving efficiency, preventative maintenance, et cetera. So a lot of data flowing through the pipes, if you will. What are you seeing in terms of the threats to critical infrastructure and how should customers think about addressing these issues? >> Yeah, so bad actors, you know, can come in many forms. We've seen instances of social engineering. We've seen, you know, a USB stick dropped in a warehouse. That data that is flowing through the IoT device is as sensitive now as your core mainframe infrastructure data. So when you look at it from a protection standpoint, conceptually, it's not dissimilar from what we've been been talking about where you want to understand, again, what the most critical data is. Looking at IoT data and applications is no different than your core systems now, right? Depending on what your, your business is, right? So when, when we're looking at protecting these, yes, we want firewalls, yes, we want air gap solutions, yes, we want front end protection, but we're looking at it from a resiliency perspective. Putting that data, understanding what what data entails to put in the vault from an IoT perspective is just as critical as as it is for your core systems. >> Jim, anything you can add to this topic? >> Yeah, I think you hit on the, the key points there. Everything is interconnected. So even in the days where maybe people thought the OT systems weren't online, oftentimes the IT systems are talking to them, or controlling them, SCADA systems, or perhaps supporting them. Think back to the pipeline attack of last year. All the public testimony was that the OT systems didn't get attacked directly. But there was uncertainty around that, and the IT systems hadn't been secured. So that caused the OT systems to have to shut down. It certainly is a different recovery when you're shutting them down on your own versus being attacked, but the outcome was the same that the business couldn't operate. So you really have to take all of those into account. And I think that does go back to exactly what Andrew's saying, understanding your critical business services, and then the applications and data and other components that support those and drive those, and making sure those are protected. You understand them, you have the ability to recover them if necessary. >> So guys, I mean, you made the point. I mean, you're right. The adversary is highly capable. They're motivated 'cause the ROI is so, it's so lucrative. It's like this never ending battle that cybersecurity pros, you know, go through. It really is kind of frontline sort of technical heroes, if you will. And so, but sometimes it just feels daunting. Why are you optimistic about the future of, of cyber from the good guy's perspective? >> I think we're coming at the problem the right way, Dave. So that, that focus, I'm so pleased with the idea that we are planning that the systems aren't going to be hundred percent capable every single time, and let's figure that out, right? That's, that's real world stuff. So just as the bad actors continue to adapt and expand, so do we. And I think the differences there, the common criminals, it's getting harder and harder for them. The more sophisticated ones, they're tough to beat all the time. And of course, you've raised the question of some nation states and other activities. But there's a lot more information sharing. There's a lot more focus from the business side of the house and not just the IT side of the house that we need to figure these things out. >> Yeah, to, to add to that, I think furthering education for the client base is important. You, you brought up a point earlier. It used to be a boardroom conversation due to compliance reasons. Now, as we have been in the market for a while, we continue to mature the offerings. It's further education for not only the business itself, but for the IT systems and how they interconnect, and working together so that these systems can be protected and continue to be evolved and continue to be protected through multiple frameworks as opposed to seeing it as another check the box item that the board has to adhere to. >> All right, guys, we got to go. Thank you so much. Great conversation on a, on a really important topic. Keep up the good work. Appreciate it. >> Thanks Dan. >> Thank you. >> All right, and thank you for watching. Stay tuned for more excellent discussions around the partnership between Dell Technologies and DXC Technology. We're talking about solving real world problems, how this partnership has evolved over time, really meeting the changing enterprise landscape challenges. Keep it right there. (bright music) Okay, we hope you enjoyed the program and learned some things about cloud transformation and modernizing your business that will inspire you to action. Now if you want to learn more, go to the Dell DXC partner page shown here, or click on the URL in the description. Thanks for watching everybody and on behalf of our supporters, Dell and DXC, good luck. And as always, get in touch if we can be of any assistance. (bright music)