>>Welcome to this cube conversation with 40 net. I'm your host. Lisa Martin, Derek Minky is back. He's the chief security insights and global threat alliances at 40 minutes, 40 guard labs, Derek. Welcome back to the program. >>Likewise, we've talked a lot this year. And of course, when I saw that there are, uh, you guys have predictions from 40 guard labs, global threat intelligence and research team about the cyber threat landscape for 2022. I thought it was going to be a lot to talk about with Derek here. So let's go ahead and dig. Right in. First of all, one of the things that caught my attention was the title of the press release about the predictions that was just revealed. The press release says 40 guard labs, predict cyber attacks aimed at everything from crypto wallets to satellite internet, nothing. There is no surface that is safe anymore. Talk to me about some of the key challenges that organizations in every industry are facing. >>Yeah, absolutely. So this is a, as you said, you, you had the keyword there surface, right? That, and that attack surface is, is open for attack. That's the attack surface that we talk about it is literally be pushed out from the edge to space, like a lot of these places that had no connection before, particularly in OT environments off grid, we're talking about, uh, you know, um, uh, critical infrastructure, oil and gas, as an example, there's a lot of these remote units that were living out there that relied on field engineers to go in and, uh, you know, plug into them. They were air gapped, those such low. Those are the things that are going to be accessible by Elio's low earth orbit satellites. And there are 4,000 of those out there right now. There's going to be over 30,000. We're talking Starlink, we're talking at least four or five other competitors entering this space, no pun intended. And, um, and that's a big deal because that it's a gateway. It opens the door for cyber criminals to be able to have accessibility to these networks. And so security has to come, you know, from, uh, friends of mine there, right. >>It absolutely does. We've got this fragmented perimeter tools that are siloed, the expand and very expanded attack surface, as you just mentioned, but some of the other targets, the 5g enabled edge, the core network, of course, the home environment where many of us still are. >>Yeah, yeah, definitely. So that home environment like the edge, it is a, uh, it's, it's the smart edge, right? So we have things called edge access Trojans. These are Trojans that will actually impact and infect edge devices. And if you think about these edge devices, we're talking things that have machine learning and, and auto automation built into them a lot of privilege because they're actually processing commands and acting on those commands in a lot of cases, right? Everything from smart office, smart home option, even until the OT environment that we're talking about. And that is a juicy target for attackers, right? Because these devices naturally have more privileged. They have APIs and connectivity to a lot of these things where they could definitely do some serious damage and be used as these pivot within the network from the edge. Right. And that's, that's a key point there. >>Let's talk about the digital wallet that we all walk around with. You know, we think out so easy, we can do quick, simple transactions with apple wallet, Google smart tab, Venmo, what have you, but that's another growing source of that, where we need to be concerned, right? >>Yeah. So I, I I've, I've worn my cyber security hat for over 20 years and 10 years ago, even we were talking all about online banking Trojans. That was a big threat, right? Because a lot of financial institutions, they hadn't late ruled out things like multifactor authentication. It was fairly easy to get someone's bank credentials go in siphoned fans out of an account. That's a lot harder nowadays. And so cyber criminals are shifting tactics to go after the low hanging fruit, which are these digital wallets and often cryptocurrency, right? We've actually seen this already in 40 guard labs. Some of this is already starting to happen right now. I expect this to happen a lot more in 20, 22 and beyond. And it's because, you know, these wallets are, um, hold a lot of whole lot of value right now, right. With the crypto. And they can be transferred easily without having to do a, like a, you know, EFT is a Meijer transfers and all those sorts of things that includes actually a lot of paperwork from the financial institutions. And, you know, we saw something where they were actually hijacking these wallets, right. Just intercepting a copy and paste command because it takes, you know, it's a 54 character address people aren't typing that in all the time. So when they're sending or receiving funds, they're asking what we've actually seen in malware today is they're taking that, intercepting it and replacing it with the attackers. Well, it's simple as that bypassing all the, you know, authentication measures and so forth. >>And is that happening for the rest of us that don't have a crypto wallet. So is that happening for folks with apple wallets? And is that a growing threat concern that people need to be? It is >>Absolutely. Yeah. So crypto wallets is, is the majority of overseeing, but yeah, no, no digital wallet is it's unpatched here. Absolutely. These are all valid targets and we are starting to see activity in. I am, >>I'm sure going after those stored credentials, that's probably low-hanging fruit for the attackers. Another thing that was interesting that the 2022 predictions threat landscape, uh, highlighted was the e-sports industry and the vulnerabilities there. Talk to me about that. That was something that I found surprising. I didn't realize it was a billion dollar revenue, a year industry, a lot of money, >>A lot of money, a lot of money. And these are our full-blown platforms that have been developed. This is a business, this isn't, you know, again, going back to what we've seen and we still do see the online gaming itself. We've seen Trojans written for that. And oftentimes it's just trying to get into, and user's gaming account so that they can steal virtual equipment and current, you know, there there's virtual currencies as well. So there was some monetization happening, but not on a grand scale. This is about a shift attackers going after a business, just like any organization, big business, right. To be able to hold that hostage effectively in terms of DDoSs threats, in terms of vulnerabilities, in terms of also, you know, crippling these systems with ransomware, like we've already seen starting to hit OT, this is just another big target. Right. Um, and if you think about it, these are live platforms that rely on low latency. So very quick connections, anything that interrupts that think about the Olympics, right on sports environment, it's a big deal to them. And there's a lot of revenue that could be lost in cybercriminals fully realizes. And this is why, you know, we're predicting that e-sports is going to be a, um, a big target for them moving forward. >>Got it. And tell, let's talk about what's going on with brands. So when you and I spoke a few months ago, I think it was ransomware was up nearly 11 X in the first half of a calendar year, 2021. What are you seeing from an evolution perspective, uh, in the actual ransomware, um, actions themselves as well as what the, what the cyber criminals are evolving to. >>Yeah. So to where it's aggressive, destructive, not good words, right. But, but this is what we're seeing with ransomware. Now, again, they're not just going after data as the currency, we're seeing, um, destructive capabilities put into ransomware, including wiper malware. So this used to be just in the realm of, uh, APTT nation state attacks. We saw that with should moon. We saw that with dark soil back in 2013, so destructive threats, but in the world of apt and nation state, now we're seeing this in cyber crime. We're seeing it with ransomware and this, I expect to be a full-blown tactic for cyber criminals simply because they have the, the threat, right. They've already leveraged a lot of extortion and double extortion schemes. We've talked about that. Now they're going to be onboarding this as a new threat, basically planting these time bombs. He's ticking time bombs, holding systems for, for, for ransom saying, and probably crippling a couple of, to show that they mean business and saying, unless you pay us within a day or two, we're going to take all of these systems offline. We're not just going to take them offline. We're going to destroy them, right. That's a big incentive for people to, to, to pay up. So they're really playing on that fear element. That's what I mean about aggressive, right? They're going to be really shifting tactics, >>Aggressive and destructive, or two things you don't want in a cybersecurity environment or to be called by your employer. Just wanted to point that out. Talk to me about wiper malware. Is this new emerging, or is this something that's seeing a resurgence because this came up at the Olympics in the summer, right? >>Absolutely. So a resurgence in, in a sort of different way. Right. So, as I said, we have seen it before, but it's been not too prevalent. It's been very, uh, it's, it's been a niche area for them, right. It's specifically for these very highly targeted attack. So yes, the Olympics, in fact, two times at the Olympics in Tokyo, but also in the last summer Olympics as well. We also saw it with, as I mentioned in South Korea at dark school in 2013, we saw it an OT environment with the moon as an example, but we're talking handfuls here. Uh, unfortunately we have blogged about three of these in the last month to month and a half. Right. And that, and you know, this is starting to be married with ransomware, which is particularly a very dangerous cause it's not just my wiper malware, but couple that with the ransom tactics. >>And that's what we're starting to see is this new, this resurgent. Yes. But a completely new form that's taking place. Uh, even to the point I think in the future that it could, it could severely a great, now what we're seeing is it's not too critical in a sense that it's not completely destroying the system. You can recover the system still we're talking to master boot records, those sorts of things, but in the future, I think they're going to be going after the formal firmware themselves, essentially turning some of these devices into paperweights and that's going to be a very big problem. >>Wow. That's a very scary thought that getting to the firmware and turning those devices into paperweights. One of the things also that the report talked about that that was really interesting. Was that more attacks against the supply chain and Linux, particularly talk to us about that. What did you find there? What does it mean? What's the threat for organizations? >>Yeah. So we're seeing a diversification in terms of the platforms that cyber criminals are going after. Again, it's that attack surface, um, lower hanging fruit in a sense, uh, because they've, you know, for a fully patched versions of windows, 10 windows 11, it's harder, right. For cyber criminals than it was five or 10 years ago to get into those systems. If we look at the, uh, just the prevalence, the amount of devices that are out there in IOT and OT environments, these are running on Linux, a lot of different flavors and forms of Linux, therefore this different security holes that come up with that. And that's, that's a big patch management issue as an example too. And so this is what we, you know, we've already seen it with them or I bought net and this was in our threat landscape report, or I was the number one threat that we saw. And that's a Linux-based bot net. Now, uh, Microsoft has rolled out something called WSL, which is a windows subsystem for Linux and windows 10 and windows 11, meaning that windows supports Linux now. So that all the code that's being written for botnets, for malware, all that stuff is able to run on, on new windows platforms effectively. So this is how they're trying to expand their, uh, attack surface. And, um, that ultimately gets into the supply chain because again, a lot of these devices in manufacturing and operational technology environments rely quite heavily actually on Linux. >>Well, and with all the supply chain issues that we've been facing during the pandemic, how can organizations protect themselves against this? >>Yeah. So this, this is a big thing, right? And we talked about also the weaponization of artificial intelligence, automation and all of these, there's a lot going on as you know, right from the threats a lot to get visibility on a lot, to be able to act quickly on that's a big key metric. There is how quick you can detect these and respond to them for that. You need good threat intelligence, of course, but you also truly need to enable, uh, uh, automation, things like SD wan, a mesh architecture as well, or having a security fabric that can actually integrate devices that talk to each other and can detect these threats and respond to them quickly. That's a very important piece because if you don't stop these attacks well, they're in that movement through the attack chain. So the kill chain concept we talk about, um, the risk is very high nowadays where, you know, everything we just talked about from a ransomware and destructive capabilities. So having those approaches is very important. Also having, um, you know, education and a workforce trained up is, is equally as important to, to be, you know, um, uh, to, to be aware of these threats. >>I'm glad you brought up that education piece and the training, and that's something that 49 is very dedicated to doing, but also brings up the cybersecurity skills gap. I know when I talked with Kenzie, uh, just a couple months ago at the, um, PGA tournament, it was talking about, you know, big investments in what 40 guard, 40, 40 net is doing to help reduce that gap. But the gap is still there. How do I teach teams not get overloaded with the expanding service? It seems like the surface, the surface has just, there is no limit anymore. So how does, how does it teams that are lean and small help themselves in the fact that the threat is landscape is, is expanding. The criminals are getting smarter or using AI intelligent automation, what our it teams do >>Like fire with fire. You got to use two of the same tools that they're using on their side, and you need to be able to use in your toolkit. We're talking about a security operation center perspective to have tools like, again, this comes to the threat intelligence to get visibility on these things. We're talking Simmons, sor uh, we have, you know, 40 AI out now, uh, deception products, all these sorts of things. These are all tools that need that, that, uh, can help, um, those people. So you don't have to have a, you know, uh, hire 40 or 50 people in your sock, right? It's more about how you can work together with the tools and technology to get, have escalation paths to do more people, process procedure, as we talk about to be able to educate and train on those, to be able to have incident response planning. >>So what do you do like, because inevitably you're going to be targeted, probably interacts where attack, what do you do? Um, playing out those scenarios, doing breach and attack simulation, all of those things that comes down to the skills gaps. So it's a lot about that education and awareness, not having to do that. The stuff that can be handled by automation and AI and, and training is you're absolutely right. We've dedicated a lot with our NSC program at 49. We also have our 40 net security academy. Uh, you know, we're integrating with those secondary so we can have the skillsets ready, uh, for, for new graduates. As an example, there's a lot of progress being made towards that. We've even created a new powered by 40 guard labs. There is a 40 guard labs play in our NSC seven as an example, it's, uh, you know, for, um, uh, threat hunting and offensive security as an example, understanding really how attackers are launching their, their campaigns and, um, all those things come together. But that's the good news actually, is that we've come a long way. We actually did our first machine learning and AI models over 10 years ago, Lisa, this isn't something new to us. So the technology has gone a long way. It's just a matter of how we can collaborate and obviously integrate with that for the, on the skills gap. >>And one more question on the actual threat landscape, were there any industries that came up in particular, as we talked about e-sports we talked about OT and any industries that came up in particular as, as really big hotspots that companies and organizations really need to be aware of. >>Yeah. So also, uh, this is part of OT about ICS critical infrastructure. That's a big one. Uh, absolutely there we're seeing, uh, also cyber-criminals offering more crime services now on dark web. So CAS, which is crime as a service, because it used to be a, again, a very specialized area that maybe only a handful of organized criminal organizations could actually, um, you know, launch attacks and, and impact to those targets where they're going after those targets. Now they're offering services right on to other coming cyber criminals, to be able to try to monetize that as well. Again, we're seeing this, we actually call it advanced persistent cybercrime APC instead of an apt, because they're trying to take cyber crime to these targets like ICS, critical infrastructure, um, healthcare as well is another one, again, usually in the realm of APMT, but now being targeted more by cybercriminals in ransomware, >>I've heard of ransomware as a service, is that a subcategory of crime as a service? >>Absolutely. Yeah. It is phishing as a service ransomware as, and service DDoSs as a service, but not as, as many of these subcategories, but a ransomware as a service. That's a, another big problem as well, because this is an affiliate model, right. Where they hire partners and pay them commission, uh, if they actually get payments of ransom, right? So they have literally a middle layer in this network that they're pushing out to scale their attacks, >>You know, and I think that's the last time we talked about ransomware, we talked about it's a matter of, and I talk to customers all the time who say, yes, it's a matter of when, not, if, is, is this the same sentiment? And you think for crime as a service in general, the attacks on e-sports on home networks, on, uh, internet satellites in space, is this just a matter of when, not if across the board? >>Well, yeah, absolutely. Um, you know, but the good news is it doesn't have to be a, you know, when it happens, it doesn't have to be a catastrophic situation. Again, that's the whole point about preparedness and planning and all the things I talked about, the filling the skills gap in education and having the proper, proper tools in place that will mitigate that risk. Right. And that's, and that's perfectly acceptable. And that's the way we should handle this from the industry, because we process we've talked about this, people are over a hundred billion threats a day in 40 guard labs. The volume is just going to continue to grow. It's very noisy out there. And there's a lot of automated threats, a lot of attempts knocking on organizations, doors, and networks, and, you know, um, phishing emails being sent out and all that. So it's something that we just need to be prepared for just like you do for a natural disaster planning and all these sorts of other things in the physical world. >>That's a good point. It doesn't have to be aggressive and destructive, but last question for you, how can, how is 4d guard helping companies in every industry get aggressive and disruptive against the threats? >>Yeah. Great, great, great question. So this is something I'm very passionate about, uh, as you know, uh, where, you know, we, we don't stop just with customer protection. Of course, that is as a security vendor, that's our, our primary and foremost objective is to protect and mitigate risk to the customers. That's how we're doing. You know, this is why we have 24 7, 365 operations at 40 guy labs. Then we're helping to find the latest and greatest on threat intelligence and hunting, but we don't stop there. We're actually working in the industry. Um, so I mentioned this before the cyber threat Alliance to, to collaborate and share intelligence on threats all the way down to disrupt cybercrime. This is what big target of ours is, how we can work together to disrupt cyber crime. Because unfortunately they've made a lot of money, a lot of profits, and we need to reduce that. We need to send a message back and fight that aggressiveness and we're we're on it, right? So we're working with Interpol or project gateway with the world economic forum, the partnership against cyber crime. It's a lot of initiatives with other, uh, you know, uh, the, uh, the who's who of cyber security in the industry to work together and tackle this collaboratively. Um, the good news is there's been some steps of success to that. There's a lot more, we're doing the scale of the efforts. >>Excellent. Well, Derek as always great and very informative conversation with you. I always look forward to these seeing what's going on with the threat landscape, the challenges, the increasing challenges, but also the good news, the opportunities in it, and what 40 guard is doing 40 left 40 net, excuse me, I can't speak today to help customers address that. And we always appreciate your insights and your time we look forward to talking to you and unveiling the next predictions in 2022. >>All right. Sounds good. Thanks, Lisa. >>My pleasure for Derek manky. I'm Lisa Martin. You're watching this cube conversation with 40 net. Thanks for watching.

>>From around the globe. It's the cube covering Fortinet security summit brought to you by Fortinet. >>Welcome back to the cubes coverage of 40 net championship security summit from beautiful Napa valley. Lisa Martin here with John farrier, John, and has been phenomenal to do an event in person outdoors and Napa valley. >>You're so bright. We have to wear shades. It's been sunny and it's been hot. It's been great. It's been a great, it's been a great day. I mean, I think Fordanet stepping up to that sponsorship for the PGA is a bold move they're doing well on the business front. They're expanding it. It's good for their customers. It's a new, bold marketing step. Affordanet honestly, they're doing extremely well on the business front. As I mentioned, they got a lot of cash coming in. They got happy customers and they're all here. And golf is a great environment for tech buyers. We know that. So it's great to have the cube on the sports circuit and, uh, we'll be doing more of them. It's it's awesome. >>Good. I, it is great to be on this sport circuit. One of the things that I talked with several folks about today, John Madison being one that CEO, CFO, COO, and then Kenzie, the CEO of Fordanet about the cultural synergies between the PGA and Ford nine. It was really nice to hear how both of these companies, both of these organizations are so invested in things like women in technology and steam and stem programs, and they really align on those two cultures. >>Yeah, there's a, it's a, it's a, it's a culture fit. I mean, they basically, it's a winning formula. Look at Ford and net. Um, you know, and having that kind of representation is good. They, they have a great reputation put in. It does PGA does as well and it's quality, right? So people like, like quality and they want to line that. So it's a great business move for Fordanet to, uh, to do the, uh, the golf sponsorship, uh, multiple years. I think it's six years, five or six years, they get they're doing this. Um, it's phenomenal. I think they're going to Fortnite is going to turn into a marketing powerhouse. I think you're going to start to see John Madison and the team, uh, really gin up some nice new things, because you can do a lot with the PGA. Again, this foundations is charities, again, a lot of causes that are involved in, in fundraising around the PGA and you got the tour players and honestly the tech scene. So I think tech and sports has always been something that I've loved. And I think, you know, we'd love to come and bring our sets here and having the cube here is just a really fun kind of winning formula as well. We'd love it. And we, and we wish we could eat it for more days this year. I think we will, but this has been so much, >>It has been so much fun. There's been about over 300 customers and partners here. Fortnite is a, is a hundred percent partner driven organization. Lot of innovation being discussed the last eight hours or so, but one of the things that you definitely feel is the strength in their partner, community and Fortinets commitment to it. Also something that really impresses me is their commitment to helping to fill the cybersecurity skills gap. This is a gap that has been growing for the last five years. They last week announced a pledge to train 1 million people in the next five years to help shorten that gap. And as we know that the threat landscape is only continuing to expand. So the great combination there, >>And it's a, cause that's a good business logic behind it because there's a of negative unemployment. They need more people to do cybersecurity careers, but also you mentioned women in tech, you know, a lot of that's a big movement too. You start to see a much more women in tech scene here. We had, uh, Merritt bear on principal office of the CSO at Amazon web services on she's amazing. She's wearing the Amazon Krypto shirts. That was a home run, love that interview, but you started to see them afford a net with the whole scene. Here is they're taking their message directly to their customers and they're including their customers. So the magic of this formula that they have with the PGA and this whole program is they don't have live concert series. They got a pavilion here with all their top partners, with customers that doing a summit behind us with their top marquee customers. And they're telling the story direct and you're going, I think you need to shift to see Fordanet really do more of that. What we love in the key, which is take that direct to, to media model, to their customers and contents data. We had great conversations here. I mean, that's all you, you know, viewing the, uh, head VP SVP of at and T cybersecurity, uh, amazing, uh, uh, candidate there's great cube guests. And he was just traveling some serious wisdom. So great guests all along. Fantastic. >>Well, it's, it's been an inspiring day. It's nice that 40 minute has taken the step to do an in-person event. Obviously they did it extremely safely. We were outdoors, but people are, I think a lot of people and I'm speaking for myself, for sure, ready for this to come back and meet the threat landscape that changes that that 40 net has seen in the last 18 months are phenomenal. The growth in ransomware, nearly 11 X in a year. And you had this massive shift to work from home. And now they're talking about how they're partnering with links us, for example, to help enterprises, to really make that remote work environment far more secure, faster, and optimize for the worker. Who's on video conferencing, communication tools. All the kids at home gaming are probably going to be pretty bummed about this, but it really shows coordinates commitment to this. There's a lot of permanence to what we're seeing here in this model. >>I know you and I have done ton of interviews together and, uh, with great guests around cybersecurity and the phrase always comes up and over the past decade, there's there is no more perimeter here. You couldn't, you couldn't, it was louder than ever here because now you have so much going on connected devices. The future of work is at home with the virtual, uh, issues with the pandemic. And now with the Delta variant, uh, continuing at forward, it's a reality, we're in a hybrid world and, um, everything's going hybrid. And I think that's a new thing for companies to operationalize. So they got, there's no playbook. So there is a security playbook. And what these guys are doing is building an ecosystem to build product that people can wrap services around and to solve the key security problems. And that's that, that to me is a good business model. And the SAS is, again, you're seeing everyone go SAS. They want to go SAS product, or, you know, uh, some sort of business models involved in cloud. So cloud security, SAS all kind of rolled up. It's really kinda interesting trend. >>Yeah. We've talked about a whole bunch of trends today. One of them is just one of the marketing terms I've been using and I don't like to use it, but around for years as a future ready people, tech companies always describing solutions and technologies and products is future ready? Well, what does that really mean? Well, when the pandemic struck, none of us were future ready, but what we did hear and see and feel today from 40 net and their partners is how much acceleration they've done. So that going forward, we are going to be future ready for situations that arise like in this challenging cybersecurity landscape that businesses in every industry can prepare for. >>I think, I think the talks here in the cyber security summit behind us, it's interesting. Uh, Tufin one of their customers on a lot of the talks were the same thing, talking about the cultural shift, the cultural shift and security departments has to become more agile. And so that is a big untold story right now is that security departments. Aren't well-liked, they slow things down. I mean, you know, app review everything's gotta be looked at and it takes weeks. That is not good for developers. So app developers in the cloud, they want minutes, you know, shift left is something that we talk about all the time in our events with the developers dev ops movement is putting pressure on the security teams, culturally, who moves first. You don't go faster. You're going to be replaced, but you can't replace a security team. So I find that whole security cloud team dynamic, real organizational challenges. That's something I'm going to look into is one of my key takeaways from this this week. Yeah. >>A huge organizational change. And with that comes, you know, obviously different cultures with these organizations, but at the same time, there really is no more choice. They have to be working together. And as Kenzie and I were talking about, you know, security is no longer an ITP, this is a board level initiative and discussion businesses in every industry, whether it's a retailer or PGA tour have to be prepared. >>Yeah. I mean, I'm a security Hawk. I think every company needs to be prepared to take an offensive strike and be ready on the defense. And this is a huge agility and speed cause ransomware, you get taken down, you know, I mean that's business critical issue. You're dead, you're dead in the water. So, so again, this is all part of his quote digital transformation, uh, that everyone's talking about and is a do over, everyone's doing it over and doing it with the cloud. And I remember just recently in 2012, people were saying, oh, the cloud is not secure. It's now some more secure than anything else. So we starting to see that shift so that realities hit everybody. So it's been great. >>What are some of the things that excited you about the conversations that you had today? >>I was pretty impressed by the fact that one was a physical advantage. You mentioned. So, you know, people in personal, I found it refreshing. I think people here, I noticed we're one relieved to be out and about in public and talking on the cube. Um, but I was really impressed with, uh, the guests from Amazon web services. She was a crypto shirt that got me there. But I think this idea that security is not just a guy thing, right? So to me, women in tech was a, was a big conversation. I thought it was very positive this week, um, here and still a lot more work to do, but I think that's, what's cool. And just the talks were great. I mean, it's cutting edge concepts here. And I thought at, and T was great. I thought, uh, Tufin was a great conversation and again, all the guests that were awesome. So what did you think, what was your take? >>Just how much acceleration we've seen in the last year on innovation and partnerships that really jumped out that when, like I said, we talked about future ready and go, wow. So much of the world wasn't future ready a year and a half ago when this came out and all of the innovation and the positivities that have come out of technology companies creating, because we don't have a choice. We have to figure out secure work from home. For example, we know that some amount of it's going to persist hybrid maybe here to stay, to see what 40 net and their partner ecosystem have done in a short time period. Given the fact that you mentioned ransomware and their global threat landscape, I was talking with Derek, nearly X increased in ransomware and just, >>And they've got four to guard. They got all this. I think your interview with Ken, the CEO, I thought it was really compelling. It was one point he said, um, we're making a lot more investments when you asked him a pointed question. And I think that theme comes across really strong in all of our interviews today. And the conversations in the hallway here is that people that are making the investments are doing well. And so there's more investments being made and that's like, people kind of say, oh yeah, we can do this one, but you have to now. And so the other thing that I thought was awesome with John Madison, talking about their strategy around the PGA, it's a bold move, but it's kind of got this mindset of always innovating, but they're not, they go step at a time, so they get better. So I'm, I'm expecting next year to be better than this year, bigger, uh, and more integrated because that's what they do. They make things better. Um, I think that's gonna be fun to watch, but I think that's a bold move for Affordanet to be doing this kind of marketing. It's really, they haven't done that in the, in the past. So I think this is a really bold move. >>I agree. And they've spun this out of their accelerate event, which is an event that we've covered for years in person. So this was the first time that they've pulled the security summit out as its own event. And clearly there was a great buzz behind us all day. Lots of, lots of topics, a lot of discussions, a lot of partnership. And you're right. A lot of talk about investment investment in their partner ecosystem and investment internally. Yes. >>It's fun too. On a personal note, we've been following Fordanet for many, many years. You and I both got doing the interviews and you do and go to the events is watching them grow and be successful. And it's kind of proud though. I, yeah, I'll go for it. And that kind of rooting for him. And I want to thank them for inviting the cube here because we're so psyched to be here and be part of this awesome event. And again, golf, the cube kind of go together, right? Sports, the cubes. We love it. So always fun. So thanks to, for, to net out there for, uh, supporting us and being, being part of the cube. >>Well, you got the gear, you got your Fordanet Gulf t-shirt I got one too. And pink. It's beautiful. Yeah. You got some shades, but we also have some gear here help us in the morning for our next shows. Be caffeinated. Yeah. But no, it's been great. It's been great to be here. Great to hook co-host with you again in person if for 20 months or so, and looking forward to seeing how 49 and how back >>He was back up the vents. Thanks to the crew. Chuck Leonard, every one's era, Brendan. Right. Well done. Fordanet thank you. Thank you for >>John's been great. Thanks for having me up here today. Looking forward to the next time from Napa valley, Lisa Martin, for John farrier, you've been watching the cube

>>from the Cube Studios in Palo Alto and Boston connecting with thought leaders all around the world. This is a cube conversation. Hello, everyone, and welcome to this week's Cuban sites, powered by ET are in this breaking analysis, we want to accomplish three things. First thing I'll do is we'll recap the current spending outlook. Next, we want to share some of the priorities and sentiments and the outlook that we're hearing from leading tech execs that we've been interviewing in the past couple of weeks on the remote cube. And finally, we'll take a look at really what's going on in the market place, a little bit of a look forward and what we expect in the coming weeks and months ahead. Now, as you know, E. T. R was really the first to quantify with real survey data the impact of covert 19 on I t spend. So I just want to review that for a moment. This CTR graphic right here shows that results from more than 1200 CIOs and I T practitioners. That shows that they expect their I t spending how they're they're spending on the change in 2020 now, look at the gray bar shows a very large number of organizations that they're plowing ahead without any change. In overall, I spend about 35% now shown in the green bars before 21% of respondents are actually increase their budgets this year. And the red bars, of course, they show the carnage. Really, 28% of customers are expecting a decrease of more than 10% year on year. Now, as we've reported, the picture would look a lot worse were it not for the work from home infrastructure, offset by E spending on collaboration tools and related networking security. VPN, VD I interest infrastructure, etcetera. Now remember each year launched this survey on March 11th and ran it through early April. So it caught the change in sentiment literally in real time on a daily basis. And that's what I'm showing here in this graphic. What it does is it overlays key events that occurred during that time frame and what E. T. R did was they modeled and rear end the data excluding the responses prior to each event. So, of course, the forecast got progressively worse over time. But as you can see on the Purple Line. There was a little bit of an uptick in sentiment from the stimulus package, and it looked like, you know, there's another. It looks like there's another economic cash injection coming soon. Now, as we've reported, the card forecast calls for around 4% decline in I t spend from 2020. That's down from plus 4% prior to Corona virus. It's ER has now entered its self imposed quiet period for two weeks. But what we're doing here is showing some of the sectors that we're watching closely for big changes. We're gonna drill into these over the next several weeks. Now, of course, is we've reported we're seeing a substantial cut in I t spend across the board. Capex will be down. We would expect sectors like I t consulting and outsourcing to be way, way down as organizations put a lot of projects on the back burner. But there are bright spots is shown here in the green. One that we really haven't highlighted to date is cloud really haven't dug into that and also data center related services around Cloud Cloud, we think, is definitely going to remain strong and these related services to get connect clouds via Coehlo services and really reducing latency across clouds and on Prem, we think will remain strong. Now I want to shift gears a little bit and talk about some of the learnings and takeaways from our conversations with CSOs over the past couple of weeks. One of the great things about the Cube is we get to build relationships with many, many people. Over the past 10 years, I've probably personally interviewed close to 5000 people, so we've reached out to a number of those execs over the last couple of weeks to really try and understand how they're managing through this cove in 19 Crisis. So let me summarize just some of the things that we heard. And then I'll let the execs speak to you directly first, of course, like tech execs, are there half full people perpetual optimist, if you will. It was interesting to hear how many of the people that I spoke with, that they actually had early visibility on this crisis. Why? Because a lot of our operations, we're actually in China and other parts of Asia, so they saw this coming to an extent, and they saw it coming to the U. S. And so you know, there were somewhat ready and you're here. They all had on air of confidence about their long term viability and putting their put their employees ahead of profits. But the same time, once they see that their employees are okay, they want to get them focused and productive. Now what they've also done is they've increased the cadence and the frequency of their communications. Yeah, and most, if not all, are trying to get back with a free no strings attached software and other similar programs. But the bottom line is, they really don't know what's coming. They don't know when this thing will end. They don't know what a recovery really is gonna look like when people are going to feel safe traveling again what the overall economic impact is gonna be. So I think it's best summarized to say they're hoping for the best, but planning for the worst. But let's listen to this highlight clip that we put together of five execs that I talked to along with John Furrier Melissa DiDonato of Susa. Frank Sluman, who had snowflake and he's formerly the chairman and CEO of service. Now Jeremy Burton is the CEO of a company called Observe. He used to be the CMO of Dell and EMC. Before that, brand products Sanjay Poonam as the CEO of VM Ware and ST ST Vossen heads up Cisco's collaboration business. Roll the clip. >>What keeps me up at night now and how I wake up every morning is wondering about the health of my employees, that a couple of employees, one that was quite ill in Italy. We were phoning him and calling and emailing him from his hospital bed. And that's what's really keeping me going. What's inspiring me to leave this incredible company is the people and the culture that they built that I'm honoring and taking forward as part of the open source value system. My first movers, Let's not overreact. Take a deep breath. Let's really examine what we know. Let's not jump to conclusions. Let's not try to project things that were not capable of projecting death hard because, you know, we tend to have sort of levels off certainty about what's gonna happen in the next week in the next month, and so on. All of a sudden that's out of the window creates enormous anxiety with people. So, in other words, you've got a sort of a reset to Okay, what do we know? What can we do? What we control, Um, and and not let our minds sort of, you know, go out of control. So I talk to are people time of maintain a sense of normalcy focused on the work. Stay in the state in the moment. And ah, I don't turn the news feed off. Right, Because the hysteria you get through that through the media really not helpful. Just haven't been through, you know, a couple of recessions where, you know, we all went through 9 11 You know, the world just turn around and you come out the other side. And so the key thing is, you said it very much is a cliche, but you gotta live in the moment. What can I do right now? What can I affect right now? How can I make sure that you know what I'm working on is a value for when we come out the other side. And when you know more code balls come along. I think you'd better reason about that with the best information you have at the time. I always tell people the profits of VM Ware wheat. If you are not well, if your loved ones not well, if you take a picture of that first, we will be fine. You know this to show fast, but if you're healthy, let's turn our attention because we're not going to just sit in a little mini games. We're gonna so, customers, How do we do that? A lot of our customers are adjusting to this pool, and as a result they have to, you know, either order devices, but the laptop screens things were the kinds to allow work for your environment to be as close to productive as they're working today. I do see some, some things coming. Problem right? Do I expect the volumes off collaboration to go down? You know, it's never going to go back to the same level. The world as we know it is going to change forever. We are going to have a post code area, and that's going to be changed for the better. There's a number of employees who have been skeptical, reticent, working from home were suddenly going to say just work from home. Thing is not so bad after all. >>So you can hear from the execs who all either currently or one point of lead large companies in large teams. They're pretty optimistic now. The other thing that's Lukman told me, by the way, is he approves investments in engineering with no qualms because that's the future of the company. But he's much more circumspect with regard to go to market investments because he wants to see a high probability of yield from the sales teams before making investments there. I also want to share some perspectives that I've learned from small early stage companies, and we've all seen the Sequoia Black Swan memo and you might remember there onerous rest in peace, good times the alert that they put out in 2008. It basically they're essentially advising companies to stop spending on non essential items. By the way, another slew of society also somewhat scoffed at this advice, and he told me on the Cube, you should always stop spending money on non essential items. At any rate, I've talked to a number of early stage investors and portfolio companies, and I'll share a little bit of their play Bach playbook that they're using during this crisis, and it might have some value to the cut, cut cut narrative that you're hearing out there. I think the summary for these early stage startups is first focus on those customers that got you to where you are today. In other words, don't lose sight of your core. The second thing is, try to hone your go to market and align it with current conditions. In other words, paint a picture of the ideal customer and the value proposition that you deliver specifically in the context of the current market. The third thing is, they're updating their forecast more frequently and running sensitivity analysis much more often so that they can better predict outcomes. I e. Reset. You're likely best case and worst case models. The third is essentially reset your near term and midterm plans and those goals and re balance your expense portfolio to reflect these new targets. And this is important by the way, to communicate to your investors. When I've seen is those companies with annual recurring revenue there actually in pretty good shape, believe it or not, in almost all cases, I've seen targets lowered. But there are some examples of startups that are actually increasing their outlook. Think, Zoom, even those who is not a startup anymore. But generally I've seen resets of between 5 to 10% downward, which you know what often is in pretty much in line with the board level goals. And I've seen more drastic reductions as well of up to 50% now. So we've heard some pretty good stories from larger tech companies and some of these VC funded startups. Now I want to talk about small business broadly and what we're hearing from small business owners and also the banks that serve them. Look, I'm not going to sugar coat this many small businesses, as you well know, in deep trouble. They're gonna go out of business. They're laying off people on. There are a number of unemployed the aid package that the government's putting forth the small businesses. It's not working its way through the banking system. Not nearly fast enough, despite the Treasury secretaries efforts, The bottom line is banks don't want to make these loans to small businesses. Right now, there's too much that they don't understand. They're making no money on these loans they're being overwhelmed with. Volume will give you some examples. Bank of America, when the small business payroll program first hit signal that would Onley help companies with both ah banking relationship and an existing lending relationship with the bank UPS is another example said it was only gonna directly help companies with over 500 employees. And for small businesses, it was outsourcing that relationship to another firm, which, of course, meant you had to go through a new rectal exam, if you will, with that new firm. In a way, you can't blame the banks. They're being asked to execute on these programs without clear guidance on how they're supposed to enforce guidelines. And what happens if they make a mistake? Is the federal government gonna pull their guaranteed backing? What are those guidelines? They seem to be changing all the time. And what's the banks, liability and authority to enforce them? Why don't I spend time talking about this? Well, nearly half of US employees work for small businesses, and nearly 17 million workers as of this date have filed for unemployment, and I'll say the banks got bailed out in the financial crisis of 2008 and they need to step up, period, and the government needs to help them, all right. The other buzz kill data that I want to bring up is our national debt. Now many have invoked that there's no such thing as a free lunch, including the famous Milton Friedman, the Economist who I'm gonna credit. Others have said it, but I'll give it to him. Why? Because he espoused controlling the money supply and letting the market's fix themselves bailouts. The banks, airlines, Boeing, automakers, etcetera, those air antithetical to his underlying philosophy. Currently, the U. S national debt is $24 trillion. That's $194,000. Protects player Americans. Personal debt is now 20 trillion. Our unfunded liabilities, like Social Security, Medicare, etcetera now stands at a whopping 139 trillion. And that equates to about 422,000 per citizen. Think about this. The average liquid savings for US family is 15 K, and the U. S debt is now 111% of GDP. So we've been applying Kenzie and Economics for a while now. I'm gonna say it seems to have been working. Think about the predictions of inflation after the 8 4000 and nine crisis. They proved to be wrong. But my concern is I don't see how we grow our way out of this debt, and I worry about that. I've worried about this for a long time, but look, we're knee deep into it and it looks like there's no turning back so well, I'll try to keep my rhetoric to a minimum and stay positive here because I think there is light at the end of the tunnel. We're starting to see some some good opportunities emerging here just in terms of flattening the curve and the like. One of the things that pretty positive about is there gonna be some permanent changes from Cove it. It's kind of ironic that this thing hit as we're entering a new decade decade and as I said before, I expect digital transformations to be accelerated because of this crisis and the many companies that have talked digital from the corner office. But I haven't necessarily really walked the walk, I think will now I think is going to be more cloud more subscription less wasted labor, more automation, more work from home unless big physical events, at least in the next couple of years. So that's kind of the new expectation. As always, we're going to continue to report from our studios in Palo Alto and Boston, and we really welcome and appreciate your feedback. Remember, these segments are all available as podcasts, and we're publishing regularly on silicon angle dot com and on wiki bond dot com. Check out ctr dot plus for all the spending action, and you can feel free to comment on my LinkedIn post or DME at development or email me at David Volante Wiki. Sorry, David Vellante is silicon angle dot com. This is Dave Volante for the Cube Insights powered by CTR. Thanks for watching everyone. We'll see you next time. >>Yeah, yeah, yeah, yeah.

from the Hard Rock Hotel in Las Vegas it's the cube covering no joke on 2018 brought to you by osho everyone welcome back to our live coverage here in Las Vegas for Osho Khan's first industry security conference dedicated to security in the blockchain it's presented by ho show and also the industry it's an industry conference it's not necessarily a host show cause I'm John Ford's the cue for our coverage our next guest is Kenzie Crone and vice president of business development prime trust welcome to the cube thanks for joining us thanks for having me here so crowdsourcing and crowdfunding all this has been a big part of it I mean terrorists are funding through Bitcoin you've got all kinds of things going on in entrepreneurial spaces so it's clearly the money's flowing with with with crypto what do you guys do if we're getting into some of the things that we want to talk about what is prime trust to take a minute to explain your business business model value proposition absolutely so prime trust is a trust company so it's a regulated financial institution that holds funds between transactions between businesses you could also use prime trust to created a trust account for an individual as well so what our value is in this industry is that we hold crypto assets which very few qualified custodians like us exist to do that so that's a really important part of bringing in institutional funding because institutions are looking for qualified custodians as a regulated place to keep funds and they want to get into crypto so it's a it's a very important part of the puzzle so custody and custodial service has been a big topic here at O joke on controversial on the keynotes as well because you know the purists will say hey like Andreas why don't we need custody if it's working it's just it's the same old guard with new faces new business cards it's not really revolutionary and that's on one answer on the other inspection is there's so much growth in activity we've got a trusted partners to actually help us manage the risk and do these things so you have again two spectrums what's the story what should people understand about these two dynamics well what I think yeah what I think the key note you're talking about the the idea is we are just trading one type of banker for another type of banker right that's happening anyway so you are you're trading one type of financial system for another type of financial system the question is what does that look like and how can we be secure and safe in that space right personally I'm a big fan of anything that requires some kind of a license right and it's not because I think it's really fun to go through the bureaucratic process of getting a license or filling out paperwork but it's really because that once you have a license that license can be taken away from you if you misbehave right and that's really important so if you're following the laws that are set forth that are designed to protect people and then you break those laws then you're not you're not allowed to do that anymore right so that's what you get out of having regulation involved in this space is its protection and it's making sure that they're really by the way the regulation is happening anyway so that's another the regulation is happening anyway and that's why these very smart people who are managing billions of dollars are looking for that they're not saying oh cool you have a website that with technology that I don't understand you're telling me that you can safely hold something but there's no other protection there there's no liability you could just mount GOx me right and so there's got to be a way to get some sort of some sort of regulation in there and I know there's a lot of opinions in the space and obviously I'm very much on the side of regulation yeah and it also made some balance within the day those are polarized positions but I think the industry recognizes growth by recognizing the domicile problem of companies and governments so the question is you know really than a licenses legitimacy is people want legitimacy trust and growth yes at the same time but the other side says is hey you know who are those people making the laws so who's taking what away so again this is the ecosystem will solve these problems in my opinion and I believe that you know as much as I love the purist view and I think this architectural technical things that make that happen the end of the day is the self-governance of the community really is is what me happen here and so that's where the growth comes in because if real money is coming in to the sector you got to have parties that are trusted it's my opinion all right so what do you think about the conference here what's your take away so far I'll see its kind of diverse background you got you know people walking around with colorful costumes too you know buttoned up bankers and FBI agents and NSA agency folks yes we're in a really funny time in this space I think because you still have yet the Bitcoin garb and the like you know the flashing glasses and and then you've got people who spent 20 years on Wall Street and now they're in the space so I've seen that actually a lot lately in the last year at these conferences and it's very interesting I love when both sides can come in with an open mind to the other because you think there's something to be learned on both sides absolutely it's so for the people who have been in the traditional regulated space they are getting all this inspiration and the possibility of doing things differently the system that the financial system that we have now is one it's essentially you know a very old house that's just been added on to and built and there's corridors going into stairways that you know don't go anywhere right and that's that's something that needs to be fixed and and it is being fixed well Security's a driver in all this and I think one of the things I've observed you'd love to get your reaction to is you have the crypto world that's certainly changing a lot of in dynamics on the global scale you have a cyber security and then you have fin tech so you guys this is where everything I think is a melting pot which is interesting you have all these things happening but at the center of all this is security absolutely it's almost like we're all swimming out to the to the raft and whoever gets there first and wins a security model wins at all well I thought I think well I think this the conversations all threads through security so the cyber conversations we've had are like okay Cyrus security for individuals and nation-states crypto currency for protection and freedom and and you know in immutability Ledger's almost great supply-chain aspects and then you get the FinTech which is like hey people want to do business so you have the entire changeover on the financial services side all kind of happening yeah yeah I think that they're all gonna be contributing to a solution it's it's each one is going to learn we're really open-minded at prime trust we want to build and grow we know that this we're in the most embryonic stage of this and so we don't know exactly what's gonna come next or what's going to be down the road and we want to be informed by everybody that's around us at a place that makes sense do you have to work with with the industries so take me through I want to ask you a question about your job so we'll take me through the day in the life of what's going on in prime chess what are some of the things that you guys do customers and what are they asking for what's like what's the some of the issues you guys are solving what did some of the dynamics can you share some color around that sure so our main services are so we are a trust company so we do escrow services and we do compliance on all of the escrow that comes through our ICS and stos that come through so that's a ml and kyc that's really important what distinguishes us I think is a real a real game changer for our customers is that we're really a technology company and we have API stocks that allow for companies to build their businesses on top of integration so that they have customers coming in and making accounts on their their their website their dashboard their platform and that's all feeding directly and they're actually making an account so you're building your you're targeting folks saying hey we'll take care of the heavy lifting on kyc ma ml and all the stuff that needs to happens that's heavy lifting that's around DoDEA services custodial service all comes through you yes so it comes in we can hold it we can review it you're not having asset managers also holding funds which is a problem so you're not needing to touch the funds at all you can just you can just do you at you're trying to do in this space and we'll take care of that aspect that's entrepreneurial side that's the stos and the IC knows what's the alternative for the your customer build their own go with unknown shop of their other so what so if I if it's a great service sounds like a great service and takes a lot of pressure off the build out of a opportunity what's the alternative if someone doesn't go with you well there's a few I mean it's to hold your own funds right figure that out on your own in the case of many different types of funds and businesses their boards are not okay with that because it's it's too much risk and liability so in many cases the alternative is don't do it yet just keep watching and waiting and wanting to be in crypto but you can't yet so and when we're seeing that a lot that there's like a sigh of relief when we finally have this conversation and it turns out it's extremely easy to make an account with us and suddenly that major roadblock is just gone so that's what that's the career opportunity takes the risk off the table little bit and accelerates the opportunity when the sec bomb decrypt yesterday was reporting that the sec in the united states is actually going into IC OS and having them return their money because of of course they are like well of course they are that makes sense that's they were always going to do that just because they make a statement and slowly decide how to act because look last july is when they said we're going to do this and most of the crypto community said you can't because we really don't want you to and we are gonna tell ourselves all these excuses for why it's not possible for the US government to actually pursue this and why they won't really do it because they're dinosaurs and that's just not how the government works so the way the government does work is that they everything takes a long time and it's all thought through and there are a million different approval processes within the system and they don't tell you anything until they're really ready to stand by whatever same and they make so they leave you in the dark for eight months a year whatever well you guys have a good opportunity so I had to ask the question what's the business model how does someone engage with you guys sounds likely to go in and create an account is there a fee involved what's the fee can you share the engagement that somewhere would would engage with you young sure so they can visit our website which is prime trust com they can email me at Kinsey at prime trust pretty easy and we have different pricing for escort services versus custodial services and we actually pay interest on any Fiat that we held in custody and we charge a monthly basis point fee based on how much is in in custody with us and where's you guys located was the company located headquarters this here in Nevada in Las Vegas I'm based out of Los Angeles we've got some team members in San Francisco in New York as well that's awesome so it's a question how did you get into the space what's your story I got into the space I started out an equity crowdfunding so I was working with companies that were raising capital under A+ reg D and reg CF and I was in the trenches with them figuring out from like the very earliest days how what the laws were gonna look like you know launching companies the day the regulations came out barking into effect and then sort of working through that so it's been an adventure on that side and then my first experience in crypto was at an at a meet up in Santa Monica where companies were talking about raising 40 million dollars in ten seconds and that and they were also pitching in methods like I knew were not legal so it was it's kind of just dropping to me well one was how did you manage to get that many people to want to invest in you so quickly because it's a struggle for for many companies and then so that's amazing I want to learn more about that and then also did you know that there's a more legal way to do this and that you're putting yourself at a lot of risk so that made me really want to jump in and figure this out so you got totally intoxicated by the Wild West yeah there's a problem they gotta be solved in there it's kind of fun at the same time because you know all those those days are over thankfully so because you know it should be it should be more legitimize and it is getting there I think security tokens are a good sign that people are moving border security tokens at least in the u.s. the legal firms the service providers are starting to get hold up on some of the new things and that's good still expensive to run the run the process it's like own public almost as a start-up it's almost ridiculous and I kinda had the same view we're the gaps in your opinion so you now look at the crowdfunding which has been great you see all that stuff happening as essentially as a decentralized you know efficiency around disrupting venture capital and other fundraising which is great where are the gaps in your mind from a service provider standpoint from an ecosystem where's the to-do items what needs to get done faster where are the gaps I think everybody's building out their technology to make everything easier currently there's a lot that's done manually or just to manually and needs to be more automated and then I think there's also a lot of education on both sides that needs to be done that's that's I think a huge gap there's a tendency to create echo chambers and so you end up talking with people who just won't even consider the other side of it with the possibility for change in whichever area they're in and that is I think we are gonna see that come together but that tends to hold people back because you thanks for coming on and sharing your insights great to have you on the cube and good luck with prime trust thank you okay this is a cube live coverage here at hosts show con I'm John furrow your stay with us more live coverage after the short break

(upbeat music) >> Live from Las Vegas, it's theCUBE. Covering Fortinet Accelerate 18. Brought to you by Fortinet. >> Welcome back to theCUBEs continuing coverage of Fortinet Accelerate 2018. I'm Lisa Martin here in Las Vegas with my co-host Peter Burris and we're excited to welcome a Cuba alumni back to theCUBE, please welcome Eric Kohl, the VP of Advanced Solutions from Ingram Micro. Welcome back! >> Thank you, thanks for having me back. Excited to be here. >> Yes, we're very excited. So tell us, what's new? We talked to you last year at this event, what's new and Ingram? Tell us about your role there and the things that are all exciting Ingram Micro. >> Yeah, brand-new for me. I'm in my 20th year at Ingram Micro. I lead our security practice for Ingram Micro U.S. and I have responsibility for sales, vendor management, strategy and execution on behalf of our manufacturer partners. It's a ever evolving space. It's such a great space to be in, I love watching the news every day. You know there's going to be some big logo but just as much fun as I have watching those, that's some of these small breaches that you don't hear about and it's just fascinating. So much more exciting than virtualization. (laughs) >> Some might argue with that. So tell us about the partnership that you guys have with Fortinet. How has that evolved over your time there? >> Yeah so been at Ingram for 10 and I've been working with Fortinet for, I'm sorry I've been at Ingram for 20 and been with Fortinet for over 10, back to when we signed the contract together. Just a very great partnership. They're our security partner of the year, last year. Good friends, excited to see John Bove back leading channels back to Fortinet and you know, we both invest in each other's success and so I think that's pretty unique. Huge investment for them here, having an event like this. Not every company does it but to bring everybody together where you can have security conversations get on the same page, it's extremely valuable, huge investment, and we're proud to be a sponsor. >> I'd love to chat about a little bit of the evolution that you've seen at Fortinet in the last 10 years as we look at, you mentioned breaches. I mean, there were some very notable things that happened in 2017. How have you seen the evolution from them on a security transformation standpoint as it relates to your customers and digital transformation. >> Yeah, so I mean it's something that we see every day from you know, as you know we sell to and through partners but you know, one thing obviously is their breath of solutions has expanded. But you know, also things that partners are asking us today is how is this technology being consumed? And in the face of digital transformation, that's a huge value point because ultimately we want to help our partners to architect, recommend the right technology to solve that business problem and then how do you want to consume it? How does your want to your client want to consume that? So I think that's one of the biggest kind of trends that we're seeing right now. >> So as you think about where you've come from to where you are and we'll talk a little bit about where you think might go, what were the stories you told about security 10 years ago? And how are they different from the stories you're telling about security today? >> I would say it's changed from my perspective because at Ingram, we have never ever been a services company like we are today. And so what I mean by that is, we wrap our services, partner services around the Fortinet solution to make it stronger. 10 years ago I would say we are living more in the traditional distribution role of hey, how do we get a box from here to there? Certainly channel enablement, we've been doing that for a long time but our offering of services to help drive demand is incredibly strong. You know, we work with Fortinet for example, on their threat assessment program and we have an engineer that can go and help. Our partners understand to do that, it's a huge partner ecosystem and so we've got to help them with all those channel enablement efforts. >> What are some of the biggest security challenges that you're hearing, say in the last year or so through the channel, that your partnership with Fortinet can help address? >> You know, it's all around complexity and that as you have likely heard that the shortage of folks that can get out and do some of these services have limitations. There's incredibly high demand for services, you know we're serving a channel ecosystem of roughly 12,000 companies that are buying security technology from us, all with varying degrees of capability and so we've really got to help them understand, hey, how can we help you deploy these services, etc. >> So as you imagine then the steps associated with helping the customer, the roles and relationships between Fortinet, Ingram, and your partners also must be evolving. So how is, as a person responsible for ensuring that that stays bound together in a coherent way for customers, how are you seeing that changing? >> Well you know, look it's a three-legged stool. (laughs) It's us, it's Fortinet and that's our partner community and we're reliant on each other to go and be successful in the market. Look, we couldn't be as great as we are working with our Fortinet channel ecosystem if we didn't have the support of Fortinet, the investments they make, the team that they have wrapped around our business, the team we've put in place wrapped around their business so that's kind of what I'm seeing there. >> They shared a lot of momentum not only in the keynotes this morning but also a number of the guests that we've had on the show today in terms of what Fortinet achieved last year. 1.8 billion in billing, nearly 18 thousand new customers acquired, a lot of momentum, a lot of numbers, I love that theme of the event today. So if we look at some of the things that were shared by Kenzie this morning for example, like I mentioned that the customer numbers and even talking about what they're doing to protect 90% of customers in the global S&P 100 and showed some some big brands there. Tell us a little bit about the partnership and how you're leveraging the momentum of what Fortinet is able to do in terms of capturing customers. How does that momentum translate and really kind of maybe fuel Ingram and what you're able to do? >> Well look, I mean there's incredible demand in security today. There was a slide that they showed this morning and I think it was the perfect storm. I like to call the security space a beautiful disaster. It's a mess, it's complicated, it's scary, the threat attacks are you know new and different and they're never going to stop but it again comes back to hey, how do we work together to kind of harness this? How do we go and there's a great partner community here, lots of our friends are here but they can't all be here. So we want to be able to help take that message out to our channel partners that were not here. Things like that. >> What are some of, oh sorry, go ahead Peter. >> I was going to say so Ingram, Ingram itself has changed. You said you've now, are now introducing security or you're introducing more services. So how is that.. How is security leading that charge to move from a more of a product and a distributor to now services? Is security one of the reasons why Ingram is going in that direction? >> It's one of them. I joked on virtualization but there's a lot of services that we can wrap around and I think, obviously there's a high demand of services and we will lead with Fortinet services and solutions where we can. We want our partners to lead with theirs but really we've hired people to go out do assessments. We have a partner ecosystem where, hey I can't get down to New Mexico to do an install. We have a partner network where they can tap into that and make sure that everything is installed correctly, all the features are turned on. You think about all these breaches that happen in the news, it's not that they didn't have the technology, they missed an alert or they didn't have it all deployed. We want to be able to help our partners solve for that. >> Along the partnership front, what are some of the things that excite you about the Fabric-Ready Partner Program and the announcements they've made today? >> Yeah, love it. Look Fortinet has built comprehensive end-to-end solutions within their Fortinet, I'm sorry, for their Fabric ecosystem but they've also recognized that they can't do it all alone and so they've introduced a lot of partners into that. And so what's exciting for me, leading our security category is, hey how do we bring new partners into our ecosystem too? Because it is a differentiator for Ingram to be able to provide multi-vendor solutions. To have somebody you can go to to say, how does SentinelOne work with for Fortinet Fabric? Those types of things, those conversations are happening all the time. >> Another thing that was announced today was what they're doing with with AI. Tell us a little bit about that and how are you seeing what they're going to be able to do with AI as an advantage for your partners and customers. >> Again the artificial intelligence, machine learning, it all goes back to making the technology easier to use. I still think, you think intelligence and I think back to the human factor. Some of these big breaches, look the threat actors are going to get in but how you recover from a breach, I think if we could inject some artificial intelligence into some of these companies that haven't figured out how to successfully pivot. You know paying your hacker a hundred thousand dollars to keep quiet is not the answer but I think that some of these machine learning things are going to make it easier. It's going to be easier to manage the alerts that are happening every day. So anything that helps eliminate, as they said today, the enemy of security is complexity. Things that help to discover these threats and remediate against them, all good stuff for our partners. >> On the enablement side, when we were talking with the channel chief, John Bove, earlier today and talking about sort of this long history of partner focused culture at Fortinet. Tell us about that in terms of the enablement that you're able to glean from them and then pass on to your channels in terms of selling strategies, marketing to, marketing through. What are some of the things that-- >> Look, we have an amazing team. John Bove, Curt Stratton, the folks that really spent so much time working with Ingram and then we've built an amazing team. I think we have 12 people from our company here at this event to make sure we're making the most out of it but you know. If you heard, we're at The Cosmo. They have Secret Pizza, have you been there? Have you heard about it? >> Lisa: No, Secret Pizza? >> Yeah, it's amazing, it's pretty good, okay. (laughs) >> You didn't bring any, I noticed that but continue. >> I didn't but it's secret not-so-secret pizza but we have some secret not so secret weapons. Jenna Tombolesi an NSE 7. She's one of the highest certified engineers on the planet and she works for Ingram Micro helping to technically enable some of our partners. We've got a guy by the name of Will The Thrill Sharland and The Thrill is out talking to partners every single day, helping them to be more profitable, trusted security advisors helping them through anything you can imagine from a channel enablement perspective. And then just huge teams of people that we go to serve this big market together. >> Are you seeing any vertical specificities? When Ken was sharing some slides this morning, they were talking about, they showed some verticals from a kind of market share perspective but I'm curious some of the verticals that kind of come to mind where security is concerned that maybe are a little bit more elevated than some of the others in terms of risk or health care education and financial services. Maybe Fed, SLED, are you seeing any verticals in particular, maybe those that are really going to be kind of having to be leading-edge, where security transformation is concerned? >> They have to be. Think about health care and when they're big ransomware attack hit last year. There's guys on CNN saying, they had to postpone my surgery because ransomware head. I mean that's life-and-death stuff there but I don't think there's any vertical that's immune to what's going on today. So I think you know regardless of your vertical, you have to be prepared, you have to choose the right technology, and choose the right partner to help you implement it. >> If you imagine where Ingram's going to go with this relationship, what kinds of things are you looking to be able to do as a consequence of great strong partnership with Fortinet. >> Look, the way that companies want to consume technology is changing in the space of digital transformation. Once we work with Fortinet and the partner to recommend the right technology and I mentioned this, like how do you want to consume it? Is it public cloud, is it AWS, or Azure? We have an answer for that today is that hey, it's on premise but I need some creative financing to help close this deal to solve a budget constraint. We have an answer for that. There's several variations of that but however that technology wants to be consumed, we have an answer together. So I think that's a testament to the strength of our relationship. >> And I think one of the words that I saw in, at least one of the press releases, was adaptability. Adaptability of some of the technologies and even John Madison was kind of talking about how customers can go, I've got 20-plus security products, how do I start this Fabric? And that word adaptability kind of jumped out at me as how do you enable adaptability when your customers, through the channel, have so many technologies in place and how does Fortinet help that adaptation? >> I would say they're placing bets like we are on top partners that are going to lead with that technology. They've got to go be the experts in that field and really start driving that. Events like this help get everybody on the same page, understand the new offerings. I mentioned Jenna, she was locked in a room all day yesterday all excited about all these things. She's been running around all day but look we've just got to help the channel understand what the new technologies are, what are the new offerings, and hey, how do we go solve that customer problem together. >> So are there any particular new approaches or tactics or techniques that you're using to get the channels to understand better? >> I don't think that there's anything necessarily new. We're all driving towards the same common goal. Having a security conversation today is easier than ever before so you know, I think we're we're going to continue doing what we've been doing. It's been very successful for us but that's, you know. >> What are some of the things, kind of wrapping up here, that you're looking forward to throughout the rest of 2018? We're kind of still in the first quarter calendar, some big announcements from your partner here today. What are some of the things that excite you at Ingram about the year of 2018? >> Look, it's a market that's that's really ripe right now and I think that when you talk about their new technologies, when you talk about the machine learning, there's a lot of these things happening out there. It's just look, we've got a huge market. The potential is unlimited and I think one area where we're really going to drill down this year is down market, down SMB in mid market because they need enterprise grade technology and Fortinet delivers that and has a history of delivering that. So I think we're going to double click down there together this year and John and his team have been great around putting some programs together for us to go and tackle that together. >> Excellent, well we thank you so much Eric for stopping by theCUBE again. >> Yes and I'll bring pizza next time. >> Please do. >> All right. >> Yes and maybe some beverages so we don't have dry throats. >> Of course, yes. >> So we wish you and Ingram the best of luck in this next year and we look forward to talking to you next year, if not sooner. >> Sounds good. Great, thank you. >> We want to thank you for watching theCUBE's continuing coverage of Fortinet Accelerate 2018. For Peter Burris, I'm Lisa Martin, after the short break we'll be right back. (upbeat music)

>> Announcer: Live from Las Vegas, it's the Cube, covering Fortinet Accelerate 2018. Brought to you by Fortinet. >> Hi. Welcome back to Fortinet Accelerate 2018. I am Lisa Martin with the Cube. We're excited to be here for our second year. I'm joined by Peter Burris from the Cube as well. And we're very excited to be joined by our next guest, John Bove, the Vice President of America's channels at Fortinet. Welcome to the Cube. >> Thank you. Thank you for having us. >> So, it's exciting for us to be here. I, as a marketer, geek out on tag lines. >> Yup. >> So, I'd love for you to kind of tell our viewers, strength and numbers. >> Yup. >> As the title of event. What does that mean? >> Well, it's really about the depth and breadth of what Fortinet's doing in the marketplace. You know, bringing the security fabric, not only to our customers, but to enable our partner community, right. So, Accelerate is a collection and we have about, almost 3,000 attendees here, about 2,300 of those are our carrier partners, resell partners, manage security service providers, and also our fabric ready alliance partners, right. So, the security fabric has allowed us to incorporate, you know, some additional third party technologies, right. And it's really, we're creating a really strong culture around, you know, integration and openness. >> Before we get into the technology, let's talk about pivot on that culture for a second. >> Sure. >> 'Cause one of the things that, that was evident from the keynotes this morning that Kenzie talked about, which really, this long standing partner driven culture that Fortinet has. You've recently come back to Fortinet. >> I have. >> Tell us about being a boomerang. What excites you about coming back? But also, how has that culture of really being partner-focus and maybe partner-first evolve? >> Well, the channel first culture at Fortinet makes my job really easy, right. And the reason that I came back was here with the company for six years, we experienced a tremendous, you know, run of revenue. And to have the opportunity to lead the America's Channel Organization is a great privilege. But, it really comes from the culture within the company of being a channel leverage and a channel first company. I think, you know, in Patrice's keynote this morning, and in Ken's keynote as well, they really talked about the channel program, and the channel partners. You know, the partners are the fabric of what we do as an organization. You know, and we're doing the security fabric. Something that they can build a business around. >> Joe, as you think about what the type or the nature of the changes that are taking place in all business. Security business, and as we've heard today, the repitity with which changes happening in security world. That, I got to believe is putting a fair amount of stress on your partners because they have to come up to speed very, very rapidly on new things, even as they demonstrate that they can sustain operational excellence for all things. What is the role that education's playing? Culturating your partner's to a new network. Or a new approach doing these, how is that leading to a better set of capabilities for your customers? >> Sure. Well, I think the one change in this digital transformation era is change, right. We're seeing customers consume technologies much differently than they ever have before. And so our partners have to be in a situation to be able to deliver those technologies. We're seeing the threat landscape continue to widen and be very broad in nature. And so, existing postures and existing deployments are not necessarily going to be able to protect those customers and quite frankly, from a partner standpoint, the way that they look at their business, and build their business needs to be different today than it was due to the change that digital transformation is driving. >> So in terms of your, sort of, symbiosis with the channel, we talked with Phil Quade just a minute ago, we talked about, you know, how our seat is looking to him, to say how are you guys doing this at Fortinet in terms of security? Tell me about the symbiotic relationship with your partners. What information are they bringing to you from the front lines from the customers? Whether it's education, fedsled, healthcare, that is helping to evolve Fortinet's technologies >> I mean, at the end of the day, security is a very noisy space right now, right. And we depend upon our partners, not only to ensure our programs and how we go deliver, you know, value to them, but also, I mean what the customers are telling them, and what they're seeing in the marketplace today. We're really focused on service enablement and the service delivery because the transactional type of business that we've seen in the past is no longer the route to market for success for, you know, the broad base, you know channel organizations, right. So, you know, we have a responsibility as a company to ensure that our partners have the capabilities to deliver services in ways that customers want it, you know, consume. You know, IOT is a marketplace that's been created, right. OT is opportunistic for the bad actors, right. The move to, of workloads, to public clouds and data based applications, and the fabric is really resonating with those partners in terms of being able to meet those customers changing needs. >> And you guys have had a, do a partner advisory council. >> We do. >> How long has that been going on? And what are some of the things that excite you about it? >> Yeah, so. Over 10 years we've had a partner advisory council. And it's, you know, it's industry leaders that are business owners and business drivers that, you know, really kind of keep us honest about what we're doing internally. They have access to our executive staff. They have access to, you know, product roadmaps as well. And you know, with the creation of the fabric, and what we're doing with our alliance partnerships, you know, they're kind of helping fill some of those holes as to, you know, what we're seeing in the marketplace today. You know, I think today we announced 11 additional fabric alliance partners. You know, today, organizations like Fanta for orchestration and automation, right. Integration is truly the new best breed. But the ability to react when things occur, and to orchestrate and to automate those controls are really important. And the company's done a great job, and we attribute a lot of that guidance to our partner advisory council. >> As Fortinet grows and expands its footprint, which in place new types of arrangements, like the CTA and other types of things, it's ecosystem continues to expand, in a way that Fortinet is moving towards the center. More of a focus, at least a low side >> Right. >> within the ecosystem. What does that mean from your ability to get partners, to influence partner behavior and customers, and get more pull through out of the entire ecosystem? How is that going to shape the way Fortinet competes in a way Fortinet serves its customers over the next few years? >> I think, simply put, you know, the tailwinds we have behind us. You know, we're on the precipice of two billion dollars in revenue. You know, we've got now line of sight to three and four here pretty quickly. We definitely think that the fabric is going to allow us to continue to scale and grow. You know, through that partner community. But quite frankly, I am amazed just in my time here, you know, how partners have embraced and really wrapped a business practice, in a service is first business practice, you know around that fabric. So, we're really excited about the opportunity that we have at hand. I think the fabric is going to continue to, you know, change the game, right. It's not about, you know, products. It's about delivering an integrated solution. >> Speaking of the fabric. I was kind of thinking of pivoting on what you were saying Peter, about differentiation. When partners have choices of companies to work with, you guys have been in this place for a really long time. >> We have, yup. >> But, besides the fabric, what are some of, maybe the other top two differentiators where a partner may be coming into the program that's, I get it, for with this partnership with Fortinet, we can go and really revolutionize customers in any industry >> You know, we're really unique in the market because we serve from the S&B to the mid-market, to the enterprise and some of the largest service provider brands. And that affords our partner community to be extremely diverse, and we want to be very easy to work with. So I think more than anything, my goal is to be simple and predictable in nature, and ensure that we're driving a very margin rich solution. You know, a lot of companies in the market will be enterprise focused or mid-market focused, and so, you know, we're really keen on establishing clear routes to market with our partner community. Aligning and investing where they fit. And then taking advantage of some of, even the vertical opportunities that the partners present based on those capabilities. >> I was, we were chatting a little bit earlier about education and that was one of the things I was reading, that, in some articles, that some of your guys did. And it's been awhile since I've been in college, and it just, it's so remarkable how, you know, smart classrooms, and it's BYOD, and how vulnerable school districts are for, obvious reasons we won't go into, for political reasons. But, even from a security perspective, I'm curious if there's any kind of, maybe, favorite example that you have of a partner, customer, through the channel in education that has really been able to facilitate a digital business transformation with the under pending of security, security transformation. >> I actually was just in a partner meeting, and we were talking about that very topic. And they had established with a, one of the top five largest school districts in the United States. A, you know, a fully deployed wireless mesh network. That they, once that was deployed, then they really were able to underpin it with, you know, the fortigate, fortios, and really be able to deliver the security posture back through that wireless infrastructure. You know, you make a really good point. We're seeing more and more internet connected devices. A lot of those internet connected devices are very low end in terms of their overall price point. And so these organizations, they're not necessarily pushing out vulnerabilities to it. And in patches in remediation. And that's why IOT security is so important in that kind of K through 12 example, right. Leveraging fortios, connecting to both land and wireless land capabilities, and it really, that's a great use case of how the fabric can impact a customer. >> So as you imagine the world of partnership in a play in the future, will they be more purveyors of hardware, purveyors of software, purveyors of services? How do you think the ecosystem's going to evolve as Fortinet expands it's footprint? >> Sure. That's a really good question. And quite frankly, I spend a lot of my time thinking about that. I feel, I truly feel like we have an obligation and a responsibility to help our partners through this digital transformation into where we think things are going to go. Things are moving towards security as a service. Things are moving towards, you know, on demand, you know, pay as you go, consumption modeling, right. And we have to put our partners in a situation to be able to deliver some goods and services to our customer based the way they want to buy, and make sure that they're driving value after the transaction. Because, you know, selling to the transaction is probably going to be a dying, you know, breed. It's really important that partners have the capabilities to install, deploy and support on the ongoing basis, in which is really becoming a best practice in the security space. >> And one of the other things about digital business is that historically businesses have been aligned by the arrangement of their assets so you can look at a transportation company and say, oh, that company is transportation assets, or financial services company and say, oh, that company is financial services assets. But digital business starts changing that. Because when you bring programmability and digital orientation to a lot of these assets, you reduce the specificity of those assets which increases mobility across businesses. >> That's right. >> How do you think the opportunity of helping partners transform in this business way is going to increase the noise or complexity or the interconnectedness and the potential conflicts within partners, as they go after? As their expertise, and their relationships becomes more fungible. >> That's a, I mean, that's really good point. We deal and we want to ensure that we've got a programmatic way to handle, you know, channel conflicts. Right, I mean at the end of the day. Partner brings us >> But also channel opportunity >> And channel opportunity, that's right. You know, so it's really about being consistent in how you treat, you know, the partner community and having really set rules. But, you know, digital transformation, if anything else, the thing that makes Fortinet so unique, is we are an engineering company. Security is very complicated. And the good news is that the heart of what we do is technology. The feedback we continue to get from our partners is that our technology is second to none. So we win on the technology side. And now with the momentum that we're seeing with the, you know, the fabric or the alliance programs, the momentum that we're seeing in the marketplace, and really kind of being prepared for this shift of technology by introducing the fabric concept. You know, we're really excited about the opportunity for our partners and the role they're going to play in the coming years. >> So as we kind of, you know, wrap things up here. I'll go back to where we started off with John and talking about the strength and numbers. And some things that I wrote down that I think Patrice shared this morning. Nearly 18,000 new customers acquired in 2017. >> That's right. >> What are your, as the channel chief. What are your hopes and dreams for what that number will look like at the end, by the end of 2018? >> You know, at the end of the day, I want to be able to drive and enable to channel organization to go take advantage of the tailwinds in the market, right. We want to go, continue to drive market share in the S&B, that's going to be partner-led. We want to go expand in the fabric, you know, within the mid-market. And we want to be very opportunistic in the enterprise, to go knock down some of the largest logos. You know, I'm mostly, the opportunity we have in the U.S. alone is really quite significant. And we're really excited to see, you know, as, you know, we just exceed the half a billion dollar mark in Q4 for the first time as a company, and so as we start, you know, planning in future quarters. It's really exciting to be a part of the momentum we have here at Fortinet. >> And I think the momentum is tangible. You can feel it here. You can hear it behind us in the expo. So >> It's quite exciting. >> We thank you so much John for stopping by to keep sharing >> Thank you. Thanks for having us. >> Absolutely. Sharing your insights and how the, I'm feeling another tagline with the fabric of our lives, but I think somebody else beat you guys to it. Cotton maybe? Anyway, thanks so much John for sharing what's going on in the channel and we wish you a great show. >> Thank you. Thank you very much. >> And for my co-host, Peter Burris, I'm Lisa Martin. You've been watching the Cube live from Fortinet Accelerate 2018. Stick around, we'll be right back. (light techno music)

(computerized music) >> Announcer: Live from Las Vegas, it's theCUBE. Covering Fortinet Accelerate 18. Brought to you by Fortinet. (computerized music) >> Hi, welcome back to Fortinet Accelerate 2018. I'm Lisa Martin with theCUBE. Excited to be back here for our second year. I'm joined by my esteemed cohost Peter Burris. Peter and I are excited to be joined by the chief information security officer of Fortinet, Phil Quade. Phil, welcome back to theCUBE >> Thanks of having me today. >> Great to have you here. So you had this interesting keynote this morning talking about cyber security fundamentals in the age of digital transformation. So we'll kind of peel apart that. But, something that I'm really curious about is, as a CISO, you are probably looked at as a trusted advisor to your peers, at Fortinet customers, at perspective customers. Tell us about, as we're in this evolution of security that Kenzie talked about, what are some of the things that you're hearing? What are they looking to you to help them understand and help from strategic perspective to enable in their environments? >> I often hear people say, "I recognize that my security's inadequate, what can I do about it?" Or, "I think my security's good enough, but I'm not evolving commensurably with the risk." And they say, "What do I do about that? How do I get to a better spot?" And I typically talk about them modernizing their strategy, and then based on their modernized strategy, that leads to specific technical solutions. And I'll have to talk to you more about what some of those might be. >> Yeah, on the strategy side of things, I find that very interesting. Peter and I were talking with Kenzie earlier, and with the 20 to 30 different security solutions that an organization has in place today that are disparate, not connected, where does the strategy discussion start? >> Well it starts to me with, I say, the adversary's comin at you at speed and scale, so how do you address the problems of speed and scale? It's through automation and integration. And fortunately, I believe in that strategy, but it plays directly into Fortinet's strengths, right? We have speed baked into our solution set. We have speed at the edge for our custom ASICs. And we're fundamentally are an integrated company where our products are designed to work together as a team because what you want to do strategy wise, is you want to, I think, you want to defend at your place of strength. And at a time and place of strength as opposed if your adversaries, where he's probing at your weak point. So, that's this integration thing's not only strategic, but it's essential to address the problems with speed and scale. >> So, Phil, technology's being applied to a lot of IT and other business disciplines. So, for example, when I was seeing machine learning, and related types of technologies actually being applied to improve programmer productivity through what we call augmented programming. And that may open the aperture on the number of people that actually can participate in the process of creating digital value. But it still requires a developer mindset. You still have to approach your problem from a developer perspective. What is the security mindset? That as security technology becomes more automated, that more people can participate, more people can be cognizant of the challenges. What is that constant security mindset that has to be sustained in an enterprise to continue to drive better and superior security. >> Got it. I think that some companies get too hyped about artificial intelligence, and I think it's important to remember that you need to use computer science to get to science fiction. So, a very disciplined way you need to say, well in order to achieve high degrees of automation, or perhaps machine learning, or artificial intelligence, what are the building blocks of that? Well, the building blocks are speed, because if you have a decision that's too late, who cares. Integration. If you have a decision that can't be communicated effectively, who cares. And then, of course, access to all the right types of data. In order to get smart to do machine learning, you need access to lots of different data sources, so you need to have lots of disparate centers sending in data for you to analyze. Back in my old job, we used to do some centralized processing, say back in the data center. We would precompute a result, we'd push that precomputed result back to the edge, and then you would do that last bit of analysis right at the point of need. And I think, again, the Fortinet architecture supports that in that we have a back end called Fortiguard Labs, if you know what that is. It does deep analysis and research, pushes their results forward, then we use speed at the edge inside customer premises to sort of compute, I'm mixing metaphors, but do the last mile of computing. So I think it's, back to your question, what's the mentality? It's about leveraging technology to our advantage, rather than people being the slaves of machines, we need to have machines serving more man. And we need computer science to do that, rather than, like I say, creating busy work for humans. >> Peter: Got it. >> You talked about speed and scale a minute ago. And as we look at, I'm curious of your perspective as the CISO, how do you get that balance between enabling digital business transformation, which is essential for growth, profitability, competition, and managing, or really balancing that with security risk management. So, if a business can't evolve digitally at speed and scale, and apply security protocols at every point they need to, is digital transformation meaningless? How do they get that-- >> Great question. Cause you don't want to feel like it's going to be a haves and have nots. The good news is that, for example, for those who seek to move to the cloud for whatever reason, convenience or agility or business efficiencies, you don't have to go all cloud or no cloud, right. And the security solutions of Fortinet allows you to do each. You can have some cloud, some non-cloud, and get them both to work together simultaneously under what we call a single pane of glass. So, as a user, you don't care if your firewall is a physical appliance or a virtual one, you want to establish a security policy and have that pushed out no matter what your firewall looks like. So to answer your question, I think that hybrid solutions are the way to go, and we need to let people know that it's not an all or nothing solution. >> That visibility that you kind of mentioned seems to have been kind of a bane of security folk's existence before. How do we get that broad visibility? >> Yeah, I think right, it's visibility and complexity I'd say are the bane of cyber security, right? Visibility, what you can't see, you can't defend against, and complexity is the enemy of security, right? So we need to address the problems. You asked me what CISOs say. We have to reduce complexity, and we have to improve visibility. And again, I think Fortinet's well postured to offer those types of solutions. >> So as you increase, we talk about the edge, you mentioned the edge. As more processing power goes to the edge, and more data's being collected, and more data's being acted upon at the edge, often independent of any essential resource, the threat of exposure goes up. Cause you're putting more processing power, or more data out there. How is securing the edge going to be different than securing other resources within the enterprise? >> Well encryptions will remain a part, right. Encryption to create confidentiality between the two computing entities is always a part. And then of course encryption can be used to authenticate local processes at the edge. So even though encryption might not be perceived as the silver bullet that it used to be, in the age of pending quantum computing, I can talk more about that in a second. In fact encryption is a fantastic tool for creating trust among entities and within an entity. So I think the applications of smart, strong encryption among and within the entities can create that web of trust we're talking to. If I could just briefly go back to quantum computing, right. So most commercial entities today, or most think tanks think that a quantum computer, a usable one, will be invented within 15ish or so years or so. Fortinet is actually already implementing quantum resistant cryptography in our products. >> Peter: Quantum what? >> It's called quantum resistant cryptography. And a quantum computer-- >> I understand. >> Will be able to break asymmetric encryption, so we're making sure we're implementing the algorithms today to future-proof our products against a future quantum computer. >> That's a major statement. Cause as you said, we're probably not looking at a more broad base utilization of quantum computing for many many many many years. And we'll know when they're being used by bad guys. We'll know who has one. How fast is that going to become a real issue. I mean as people think about it. >> The problem is that private sector doesn't know what the bad guy countries, when they will indeed have a computer, so Fortinet is being forward leaning, making sure we're starting to get familiar with the technology now. And also encryption's the type of thing that sometimes it requires special hardware requirements, special power-- >> Peter: Quantum computing does. >> No. Any encryption technology. The more computation you have to do, sometimes it might require more memory, or a faster processor. Well that takes months, if not years, if you're putting that into a custom chip. So we're planning and doing these things now, so we can make sure that we're ready, and aren't surprised by the actual compute power that's required of quantum resistant cryptography, or, and of course, aren't surprised when an adversary does in fact have one. >> Peter: Interesting. >> Good stuff. >> One of the things that you're doing later today is a panel, right? Between IT and OT folks. And I wanted to explore with you some of the evolution in the risks on the operational technology side. Tell us a little bit about what that panel today is going to discuss and maybe and example of, Triton for example, and how these types of attacks are now very prevalent from a physical stand point. >> Favorite topic of mine. Thanks for bringing it up. So one of the first things I'll do is I'll make the distinction between OT, operational technology, and IOT. So what I'll say is operational technology's designed primarily to work to protect the safety and reliability of physical processes and things. Things that move electricity, move oil and gas inside industrial automation plants. So operational technology. And then I'll talk a little bit more about IOT, the internet of things, which are primarily, and I'm cartooning a little bit, more about enabling consumer friendly things to happen. To increase the friendliness, the convenience, of our everyday lives. And so, once I make that distinction, I'll talk about the security solutions that are different between those. So, the OT community has done just fine for years, thank you very much, without the IT folks coming in saying I'll save your day. But that's because they've had the luxury of relying on the air gap. But unfortunately-- Meaning to attack an OT system you had to physically touch it. But unfortunately the air gap is dead or dying in the OT space as well. So we need to bring in new strategies and technologies to help secure OT. The IT side, that's a different story, because IOT is fundamentally lightweight, inexpensive devices without security built in. So we're not as a community going to automatically be able to secure IOT. What we're going to need to do is implement a strategy we call earned trust. So a two part strategy. Number one, rather than pretend we're going to be able to secure the IOT devices at the device level, that are currently unsecurable, we're going to move security to a different part of the architecture. Cause remember I talked about that's what you can do with security fabric, if you do defense as a team, you want to defend at the time and place you're choosing. So with IOT, we'll move the defense to a different part of the architecture. And what we'll implement is a strategy we call earned trust. We'll assign a level of trust to the IOT appliances, and then evaluate how they actually behave. And if they do in fact behave over time according to their advertised type of trust, we'll allow more, or in some cases, less access. So that's our IOT solution. And both of them are really important to the community, but they're very different IOT and OT. But unfortunately they share two letters and people are mixing them up to much. >> But at the same time, as you said, the air gap's going away, but also we're seeing an increasing number of the protocols and the technologies and other types of things start to populate into the OT world. So is there going to be a-- There's likely to be some type of convergence, some type of flattening of some of those devices, but it would be nice to see some of those as you said, hardened, disciplined, deep understanding of what it means to do OT security also start to influence the way IT thinks about security as well. >> Love it. Great point. Not only can the OT folks perhaps borrow some strategies and technologies from the IT folks, but the opposite's true as well. Because on the OT side, I know you're making this point, they've been securing their industrial internet of things for decades, and doing just fine. And so there's plenty that each community can learn from each other. You brought up a recent type of malware effecting OT systems Triton or Trisis. And the memory brings me back to about nine years ago, you might be familiar there was just a catastrophic incident in Russia at their-- It was a failure of operational technology. Specifically it was the largest electricity generation, hydroelectric plant, ninth biggest in the whole world, they took it offline to do some maintenance, loaded some parameters that were out of range, cause vibration in the machinery, and next thing you know, a major cover flew off, a 900 ton motor came off its bearings, water flooded the engine compartment, and it caused a catastrophic explosion. With I think, I'll just say, well over 50 people dying and billions of dollars of economic loss. So, what I'm trying to say is not, you know, get excited over a catastrophe, but to say that the intersection between physical and cyber is happening. There's not just the stuff of spy novels anymore. Countries have demonstrated the will and the ability to attack physical infrastructures with cyber capabilities. But back to Triton and Trisis. This is just a couple months ago. That sort of rocked the operational community because it was a very sophisticated piece of malware. And not only could it affect what are called control systems, but the safety systems themselves. And that is considered the untouchable part of operational technologies. You never want to affect the safety system. So the time is here. The opportunity and need is here for us to do a better job as a community to protecting the OT systems. >> So the speed, the scale, all the other things that you mentioned, suggests that we're moving beyond, and Kenzie has talked about this as well, the third generation of security. That we're moving beyond just securing a perimeter and securing a piece of hardware. We're now thinking about a boundary that has to be porous, where sharing is fundamentally the good that is being provided. How is a CISO thinking differently about the arrangement of hardware, virtuals, services, virtual capabilities, and, in fact, intellectual property services, to help businesses sustain their profile? >> I think you're spot on. The boundary as we know it is dead. You know, dying, if not dead. Right so, the new strategy is doing agile segmentation, both at the macro level and the micro level. And because you might want to form a coalition today that might break apart tomorrow, and that's why you need this agile segmentation. Back you your point about having some stuff in the cloud and some stuff perhaps in your own data center. Again, we don't want to make people choose between those two things. We need to create a virtual security perimeter around the data, whether part of it's existing in the data center or part of it exists in the cloud. And that again gets back to that strategy of agile segmentation at both macro and micro levels. And of course we need to do that with great simplicity so we don't overwhelm the managers of these systems with complexity that causes the human brain to fail on us. I'll often times say it's not the hardware or the software that fails us, it's the wetware. It's the brain that we have that we get overwhelmed by complexity and it causes us to do silly or sloppy things. >> So let me build on that thought one second, and come back to the role that you play within Fortinet, but also the CISO is starting to evolve into. As a guy who used to run not a big business, but a publicly traded company, I learned that when you wanted to go into a partnership with another firm, you got a whole bunch of lawyers involved, you spent a long time negotiating it, you set the parameters in place, and then you had a set of operating models with people that made sure that the partnership worked together. When we're talking about digital, we're talking about that partnership happening at much faster speeds, potentially much greater scale, and the issue of securing that partnership is not just making sure that the people are doing the right things, but the actual systems are doing the right things. Talk about the evolving role of the CISO as a manager of digital partnerships. >> I think you're right, it used to be the case where if you're entering a partnership, you're partner might say tell me a little bit more about how you secure your systems. And that company might say that's none of your business, thank you very much. But today, for the reasons you so well said, your risk is my risk. As soon as we start operating collaboratively, that risk becomes a shared situation. So, in fact, it becomes a responsibility of the CISOs to make sure the risks are appropriately understood and co-managed. Don't get me wrong, each company still needs to manage their own risk. But once you start richly collaborating, you have to make sure that your interfacing doesn't create new risks. So it used to be the day that only a couple of people in a company could say no. Of course the CEO, maybe the general council, maybe the CFO. But increasingly the CISO can say no too, because the exposure to a company is just too broad to take risks that you can't understand. >> And it's not a financial problem. It's not a legal problem. It's an operational problem >> That's right. That's right. And so the good news that CISOs I think are stepping up to the plate for that. The CISOs of today are not the CISOs of five, seven years ago. They're not insecure folks fighting for their posture C suite. They are valued members to the C suite. >> I wish we had more time guys, cause I would love to dig into that shared responsibility conversation. We've got to wrap up. Phil, thank you so much for stopping by theCUBE again, and sharing your insights on the strategic side, not only the evolution of Fortinet and security, but also the evolution that you guys are leading in at 2018 with your partners. We wish you a great time at the event, and we think you're having us back. >> Thanks for having me very much. I enjoyed talking to you both. >> And for my cohost Peter Burris, I'm Lisa Martin. We are live on theCUBE at Fortinet Accelerate 2018. Stick around and we'll be right back. (computerized music)