>> Okay, welcome back to the portion of the program for customer lightning talks, where we chat with Armis' customers for a rapid fire five minute session on their Cisco perspectives and insights into cybersecurity. First up is Tim Everson, CISO of Kalahari resorts and conventions. Let's get it going. Hi, Tim. Welcome to theCUBE and Armis program, managing risk across your extended surface area. >> Thanks for having me appreciate it. >> So let's get going. So unified visibility across the extended asset serves as key. You can't secure what you can't see. Tell me about what you're able to centralize, your views on network assets and what is Armis doing from an impact standpoint that's had on your business? >> Sure. So traditionally basically you have all your various management platforms, your Cisco platforms, your Sims, your wireless platforms, all the different pieces and you've got a list of spare data out there and you've got to chase all of this data through all these different tools. Armis is fantastic and was really point blank dropping in place for us as far as getting access to all of that data all in one place and giving us visibility to everything. Basically opened the doors letting us see our customer wireless traffic, our internal traffic, our PCI traffic because we deal with credit cards, HIPAA, compliance, all this traffic, all these different places, all into one. >> All right, next up, vulnerability management is a big topic, across all assets, not just IT devices. The gaps are there in the current vulnerability management programs. How has Armis vulnerability management made things better for your business and what can you see now that you couldn't see before? >> So Armis gives me better visibility of the network side of these vulnerabilities. You have your Nessus vulnerability scanners, the things that look at machines, look at configurations and hard facts. Nessus gives you all those. But when you turn to Armis, Armis looks at the network perspective, takes all that traffic that it's seeing on the network and gives you the network side of these vulnerabilities. So you can see if something's trying to talk out to a specific port or to a specific host on the internet and Armis consolidates all that and gives you trusted sources of information to validate where those are coming from. >> When you take into account all the criticality of the different kinds of assets involved in a business operation and they're becoming more wider, especially with edge in other areas, how has the security workload changed? >> The security workload has increased dramatically, especially in hospitality. In our case, not only do we have hotel rooms and visitors and our guests, we also have a convention center that we deal with. We have water parks and fun things for people to do. Families and businesses alike. And so when you add all those things up and you add the wireless and you add the network and the audio video and all these different pieces that come into play with all of those things in hospitality and you add our convention centers on top of it, the footprint's just expanded enormously in the past few years. >> When you have a digital transformation in a use case like yours, it's very diverse. You need a robust network, you need a robust environment to implement SaaS solutions. No ages to deploy, no updates needed. You got to be in line with that to execute and scale. How easy was Armis to implement ease of use of simplicity, the plug and play? In other words, how quickly do you achieve this time to value? >> Oh goodness. We did a proof of concept about three months ago in one of our resort locations, we dropped in an Armis appliance and literally within the first couple hours of the appliance being on the network, we had data on 30 to 40,000 devices that were touching our network. Very quick and easy, very drop and plug and play and moving from the POC to production, same deal. We, we dropped in these appliances in site. Now we're seeing over 180,000 devices touching our networks within a given week. >> Armis has this global asset knowledge base, it's crowdsourced an a asset intelligent engine, it's a game changer. It tracks managed, unmanaged IOT devices. Were you shocked when you discovered how many assets they were able to discover and what impact did that have for you? >> Oh, absolutely. Not only do we have the devices that we have, but we have guests that bring things on site all the time, Roku TVs and players and Amazon Fire Sticks and all these different things that are touching our network and seeing those in real time and seeing how much traffic they're using we can see utilization, we can see exactly what's being brought on, we can see vehicles in our parking lot that have access points turned on. I mean, it's just amazing how much data this opened our eyes to that you know it's there but you don't ever see it. >> It's bring your own equipment to the resort just so you can watch all your Netflix, HDMI cable, everyone's doing it now. I mean, this is the new user behavior. Great insight. Anything more you'd want to say about Armis for the folks watching? >> I would say the key is they're very easy to work with. The team at Armis has worked very closely with me to get the integrations that we've put in place with our networking equipment, with our wireless, with different pieces of things and they're working directly with me to help integrate some other things that we've asked them to do that aren't there already. Their team is very open. They listen, they take everything that we have to say as a customer to heart and they really put a lot of effort into making it happen. >> All right, Tim. Well, thanks for your time. I'm John Furrier with theCUBE, the leader in enterprise tech coverage. Up next in this lightning talk session is Brian Gilligan, manager, security and Operations at Brookfield Properties. Thanks for watching.

(upbeat music) >> Hello, welcome to this CUBE Conversation here in Palo Alto, California. I'm John Furrier, host of theCUBE. We're here with Tim Everson, CISO at Kalahari Resorts & Conventions. Tim, great to see you. Thanks for coming on theCUBE. >> Thank you for having me. Looking forward to it. >> So, you know, RSA is going on this week. We're talking a lot about security. You've got a lot of conferences. Security is a big scale now across all enterprises, all businesses. You're in the hospitality, you got conventions. You're in the middle of it. You have an interesting environment. You've got a lot of diverse use cases. And you've got a lot of needs. They're always changing. I mean, you talk about change. You've got a network that has to be responsive, robust and support a lot of tough customers who want to have fun or do business. >> Exactly, yeah. We have customers that come in, that we were talking about this before the segment. And we have customers that come in that bring their own Roku Sticks their own Amazon devices. All these different things they bring in. You know, our resort customers need dedicated bandwidth. So they need dedicated network segments stood up at a moment's notice to do the things they're doing and run the shows they're showing. So it's never, never ending. It's constantly changing in our business. And there's just data galore to keep an eye on. So it's really interesting. >> Can you scope the scale of the current cybersecurity challenges these days in the industry? Because they're wide and far, they're deep. You got zero trust on one end, which is essentially don't trust anything. And then you got now on the software supply chain, things like more trust. So you got the conflict between a direction that's more trusted and then zero trust, and everything in between. From, endpoint protection. It's a lot going on. What's the scale of this situation right now in cyber? >> You know, right now everything's very, very up in the air. You talk about zero trust. And zero trust can be defined a lot of ways depending on what security person you talk to today. So, I won't go into my long discussion about zero trust but suffice to say, like I said zero trust can be perceived so many different ways. From a user perspective, from a network perspective, from an end point. I look more broadly at the regulatory side of things and how that affects things too. Because, regulations are changing daily. You've got your GDPRs, your CCPAs, your HIPAA regulations, PCI. All these different things that affect businesses, and affect businesses different ways. I mean, at Kalahari we're vulnerable or we're not vulnerable, but we're subject to a lot of these different regulations, more so than other people. You wouldn't expect a lot of hotels to have HIPAA regulations for instance. We have health people at our resorts. So we actually are subject to HIPAA in a lot of cases. So there's a lot of these broad scenarios that apply and they come into play with all different industries. And again, things you don't expect. So, when you see these threats coming, when you see all the hacks coming. Even today I got an email that the Marriott breach data from a few years ago, or the MGM breach from a few years ago. We've got all these breaches out there in the world, are coming back to the surface and being looked at again. And our users and our guests and our corporate partners, and all these different people see those things and they rely on us to protect them. So it makes that scope just exponentially bigger. >> Yeah, there's so many threads to pull on here. One is, you know we've observed certainly with the pandemic and then now going forward is that if you weren't modern in your infrastructure, in your environment, you are exposed. Even, I'm not talking old and antiquated like in the dark ages IT. We're talking like really state of the art, current. If you're lagging just by a few years, the hackers have an advantage. So, the constant bar raising, leveling up on technology is part of this arms race against the bad guys. >> Absolutely. And you said it, you talked earlier about the supply chain. Supply chain, these attacks that have come through the SolarWinds attacks and some of these other supply chain attacks that are coming out right now. Everybody's doing their best to stay on top of the latest, greatest. And the problem with that is, when you rely on other vendors and other companies to be able to help you do that. And you're relying on all these different tool sets, the supply chain attack is hugely critical. It makes it really, really important that you're watching where you're getting your software from, what they're doing with it, how they secure it. And that when you're dealing with your vendors and your different suppliers, you're making sure that they're securing things as well as you are. And it just, it adds to the complexity, it adds to the footprint and it adds to the headache that a lot of these security teams have. Especially small teams where they don't have the people to manage those kind of contacts. >> It's so interesting, I think zero trust is a knee jerk reaction to the perimeter being gone. It's like, you got to People love the zero trust. Oh it's like, "We're going to protect this that nobody, and then vet them in." But once you're trusted, trust also is coming in to play here. And in your environment, you're a hotel, you're a convention. You have a lot of rotation of guests coming in. Very much high velocity. And spear phishing and phishing, I could be watching and socially engineering someone that could be on your property at any given time. You got to be prepared for that. Or, you got ransomware coming around the corners or heavily. So, you got the ransomware threat and you got potentially spear phishing that could be possible at your place. These are things that are going on, right? That you got to protect for. What's your reaction to that? >> Absolutely. We see all those kind of attacks on a daily basis. I see spear phishing attacks. I see, web links and I chase them down and see what's going on. I see that there's ransomware trying to come in. We see these things every single day. And the problem you have with it is not only, especially in a space where you have a high volume of customers and a high turnover of customers like you're talking about that are in and out of our resorts, in and out of our facilities. Those attacks aren't just coming from our executives and their email. We can have a guest sitting on a guest network, on a wireless network. Or on one of our business center machines, or using our resort network for any one of a number of the conference things that they're doing and the different ports that we have to open and the different bandwidth scenarios that you've got dealing with. All of these things come into play because if any attack comes from any of those channels you have to make sure that segmentation is right, that your tooling is proper and that your team is aware and watching for it. And so it does. It makes it a very challenging environment to be in. >> You know, I don't want to bring up the budget issue but I'll bring up the budget issue. You can have unlimited budget because there's so many tools out there and platforms now. I mean, if you've look at the ecosystem map of the cybersecurity landscape that you have to navigate through as a customer. You've got a lot of people knocking on your door to sell you stuff. So I have to ask you, what is the scale? I mean, you can't have unlimited budget. But the reality is you have to kind of, do the right thing. What's the most helpful kind of tools and platforms for you that you've seen that you've had experience with? Where's this going in terms of the most effective mechanisms and software and platforms that are available out there? >> From the security perspective specifically, the three things that are most important to me are visibility. Whether it's asset visibility or log visibility. You know, being able to see the data, being able to see what's going on. End user. Making sure that the end user has been trained, is aware and that you're watching them. Because the end user, the human is always the weakest link. The human doesn't have digital controls that can be hard set and absolutely followed. The human changes every day. And then our endpoint security solutions. Those are the three biggest things for me. You know, you have your network perimeter, your firewalls. But attackers aren't always looking for those. They're coming from the inside, they're finding a way around those. The biggest three things for me are endpoint, visibility and the end user. >> Yeah, it's awesome. And a lot of companies are really looking at their posture right now. So I would ask you as a CISO, who's in the front end of all this great stuff and protecting your networks and all your environments and the endpoints and assets. What advice would you have for other CISOs who are kind of trying to level up to where you're at, in terms of rethinking their security posture? What advice would you give them? >> The advice I would give you is surround yourself with people that are like-minded on the security side. Make sure that these people are aware but that they're willing to grow. Because security's always changing. If you get a security person that's dead set that they're going to be a network security person and that's all they're going to do. You know, you may have that need and you may fill it. But at the end of the day, you need somebody who's open rounded and ready to change. And then you need to make sure that you can have somebody, and the team that you work with is able to talk to your executives. It never fails, the executives. They understand security from the standpoint of the business, but they don't necessarily understand security from the technical side. So you have to make sure that you can cross those two boundaries. And when you grow your team you have to make sure that that's the biggest focus. >> I have to ask the pandemic question, but I know cybersecurity hasn't changed. In fact, it's gotten more aggressive in the pandemic. How has the post pandemic or kind of like towards the tail end of where we're at now, affect the cybersecurity landscape? Has it increased velocity? Has it changed any kind of threat vectors? Has it changed in any way? Can you share your thoughts on what happened during the pandemic and now has we come out of it into the next, well post pandemic? >> Absolutely. It affected hospitality in a kind of unique way. Because, a lot of the different governments, state, federal. I'm in Ohio. I work out of our Ohio resort. A lot of the governments literally shut us down or limited severely how many guests we could have in. So on the one hand you've got less traffic internal over the network. So you've got a little bit of a slow down there. But on the flip side it also meant a lot of our workers were working from home. So now you've got a lot of remote access coming in. You've got people that are trying to get in from home and work machines. You have to transition call centers and call volume and all of the things that come along with that. And you have to make sure that that human element is accounted for. Because, again, you've got people working from home, you no longer know if the person that's calling you today, if it's not somebody you're familiar with you don't know if that person is Joe Blow from the front desk or if that person's a vendor or who they are. And so when you deal with a company with 5,000 ish employees or 10,000 that some of these bigger companies are. 15,000, whatever the case may be. You know, the pandemic really put a shift in there because now you're protecting not only against the technologies, but you're dealing with all of the scams, all of the phishing attempts that are coming through that are COVID related. All of these various things. And it really did. It threw a crazy mix into cybersecurity. >> I can imagine that the brain trust over there is prior thinking, "Hey, we were a hybrid experience." Now, if people who have come and experienced our resorts and conventions can come in remotely, even in a hybrid experience with folks that are there. You've seen a lot of hybrid events for instance go on, where there's shared experience. I can almost imagine your service area is now extending to the homes of those guests. That you got to start thinking differently. Has that been something that you guys are looking at? >> We're looking at it from the standpoint of trying to broaden some of the events. In the case of a lot of our conventions, things of that nature. The conventions that aren't actually Kalahari's run conventions, we host them, we manage them. But it does... When you talk about workers coming from home to attend these conventions. Or these telecommuters that are attending these conventions. It does affect us in the stance that, like I said we have to provision network for these various events. And we have to make sure that the network and the security around the network are tight. So it does. It makes a big deal as far as how Kalahari does its business. Being able to still operate these different meetings and different conventions, and being able to host remotely as well. You know, making sure that telecommunications are available to them. Making sure that network access and room access are available to them. You know for places where we can't gather heavily in meetings. You know, these people still being able to be near each other, still being able to talk, but making sure that that technology is there between them. >> Well, Tim is great to have you on for this CUBE Conversation. CISO from the middle of all the action. You're seeing a lot. There's a lot of surface area you got to watch. There's a lot of data you got to observe. You got to get that visibility. You can only protect what you can see, and the more you see the better it is. The better the machine learning. You brought up the the common area about like-minded individuals. I want to just ask you on the final point here, on hiring and talent coming into the marketplace. I mean, this younger generation coming out of university and college is, or not even going to school. There's no cyber degree. I mean, there are now. But I mean, the world's changing. It's easy to level up. So, skill sets you can't get a degree in certain things. I mean, you got to have a broad set. What do you look for in talent? Is there a trend you see in terms of what makes a good cybersecurity professional, developer, analyst? Is there roles that you see emerging that you think people should pay attention to? What's your take on this as someone who's looking at the future? And- >> You know, it's very interesting that you bring this up. I actually have two of my team members, one directly working for me and another team member at Kalahari that are currently going through college degree programs for cybersecurity. And I wrote recommendations for them. I've worked with them, I'm helping them study. But as you bring people up, you know the other thing I do is I mentor at a couple of the local technical schools as well. I go in, I talk to people, I help them design their programs. And the biggest thing I try to get across to them is, number one, if you're in the learning side of it. Not even talking about the hiring side of it. If you're in the learning side of it, you need to come into it with a kind of an understanding to begin with to where you want to fit into security. You know, do you want to be an attacker, a defender, a manager? Where do you want to be? And then you also need to look at the market and talk to the businesses in the area. You know, I talk to these kids regularly about what their need is. Because if you're in school and you're taking Cisco classes, and focusing on firewalls and what an organization needs as somebody who can read log and do things like that. Or somebody who can do pen testing. You know, that's a huge thing. So I would say if you're on the hiring side of that equation, you know. Like you said, there's no super degrees that I can speak to. There's a lot of certifications. There's a lot of different things like that. The goal for me is finding somebody who can put hands to the ground and feet to the ground, and show me that they know what they know. You know, I'll pull somebody in, I'll ask them to show me a certain specific or I'll ask them for specific information and try to feel that out. Because at the end of the day, there's no degree that's going to protect my network. There's no degree that's a hundred percent going to understand Kalahari, for instance. So I want to make sure that the people I talk to, I get a broad interview scope, I get a number of people to talk to. And really get a feel for what it is they know, and what tools they want to work with and make sure it's going to align with us. >> Well, Tim, that's great that you do that. I think the industry needs that. And I think that's really paying it forward, by getting in and using your time to help shape the young curriculums and the young guns out there. It's interesting you know, like David Vellante and I talk on theCUBE all the time. Cyber is like sports. If you're playing football, you got to know the game. If you're playing football and you come in as a baseball player, the skills might not translate, right? So it's really more of, categorically cyber has a certain pattern to it. Math, open mindedness, connecting dots, seeing things around corners. Maybe it's more holistic views, if you're at the visibility level or getting the weeds with data. A lot of different skill sets needed. The aperture of the job requirements are changing a lot. >> They are. And you know, you touched on that really well. You know, they talk about hacking and the hacker mindset. You know, all the security stuff revolves around hacker. And people mislabel hacker. Hacking in general is making something do something that it wasn't originally designed to do. And when I hire people in security, I want people that have that mindset. I want people that not only are going to work with the tool set we have, and use that mathematical ability and that logic and that reasoning. But I want them to use a reasoning of, "Hey, we have this tool here today. How can this tool do what I want it do but what else can it do for me?" Because like any other industry we have to stretch our dollar. So if I have a tool set that can meet five different needs for me today, rather than investing in 16 different tool sets and spreading that data out and spreading all the control around. Let's focus on those tool sets and let's focus on using that knowledge and that adaptive ability that the human people have on the security side, and put that to use. Make them use the tools that work for them but make 'em develop things, new tools, new methods, new techniques that help us get things across. >> Grow the capabilities, protect, trust all things coming in. And Tim, you're a tech athlete, as we say and you've got a great thing going on over there. And again, congratulations on the work you're doing on the higher ed and the education side and the Kalahari Resorts & Conventions. Thanks for coming on theCUBE. I really appreciate the insight you're sharing. Thank you. >> Thanks for having me. >> Okay. I'm John Furrier here in Palo Alto for theCUBE. Thanks for watching. (somber music)