(upbeat bright music) >> Hello, welcome back to theCUBE's main stage coverage of DockerCon 2022. I'm John for your host of theCUBE. We have Knox Anderson, vice president of Product Management, Sysdig. Knox, welcome to theCUBE. >> Thanks for having me. Glad to be back. >> So IAC containers is going crazy madness in terms of adoption, standard, even mainstream enterprise, IT and cloud are all containerized. It's only getting better, and it increases the complications when you start thinking about scale and supportability. This is a huge discussion, and it ranges from how do you support, how do you run operations, how do you secure in the supply chain. All this is happening, and with the growth of cloud and server (indistinct) seeing Kubernetes at the center of everything. So I got to ask you, how has Kubernetes changed how you secure cloud infrastructure? >> Yeah, so Kubernetes is really the modern operating system for the cloud. And with that, you get a lot of facilities. So you get things like Kubernetes' network policies, you can use things like admission controllers. And with that, you're securing multiple layers, whether it's the control plane, individual workloads. And so there's a nice mixture of built-in tools, and part of the Kubernetes platform that then you can leverage to do prevention, auditing, and things like that. But it really requires an entire rethink of your stack and the tools you bring in alongside your people and processes. And so it's an exciting time because it gives you an opportunity to be more secure, but really have to rethink your approach there. >> And I want to get into the whole observability trend here 'cause you start thinking about the mobility, what containers enables. And getting all the data is everything. And then also that feeds into kind of having a good sense of what is going on. And when you hear about shift left and data as code, you know, developers don't want to get stopped coding, right? And then have to come back and go dig into things that they thought they had taken care of. So you kind of got this kind of flywheel going in the wrong direction. So that's causing teams to be disrupted. So how do teams keep up with the changes to the containerized applications or what to prioritize around that? Because if I shift left, am I done or what? And these are the things that come up all the time. >> Yeah. You have to shift left but also watch the right. Like, shifting left is a little bit harder from a people and process perspective. Like you put a tool in place, then it's a gating factor for getting in. And so that runtime context on the right is equally as important. And it's often easier to roll out a runtime tool just because you're not going in and introducing new processes. And that runtime visibility can also make shift left much better. If you're scanning a container image, you might get a thousand different vulnerabilities that you need to address, but only three of those are in packages that are actually executed at runtime. And so we recently released a feature called risk spotlight which does that exact feedback loop. And that's something that's important whether you're addressing vulnerabilities, misconfigurations, or responding to event. What's on the right, what's on the left, and then tie those together. >> Yeah, it's like left, right, it's like driving training here in the United States. You got a stop sign, you want to be moving, always be moving. I got to ask you what are some of the side effects of infrastructure automation and the result in code artifacts? >> Yeah, it's really, like, Kubernetes is nice because it's a declarative system, but it doesn't always work out that way. Like, someone might have a Helm chart and then someone else changes it in production. So understanding what is drift is really important in these environments. And then it also has enabled real remediation workflows. I think previously, you might patch something, a week later there's a new deploy, that patch gets written over. And so because Kubernetes and the rise of IAC, it's now easier to see a misconfiguration in production, open a poll request, and then fix that at source, which provides that full kind of visibility across those different environments. And it allows you to actually fix issues versus constantly being in that kind of whack-a-mole of patching things and moving on. >> Yeah, I mean this is all about cloud native development, and you look at, you know, some of the things going on, you're starting to see best practices developed. What do you guys see as a best practice for getting started with designing and securing cloud native applications? What are some of the tools that people should look at for beginners and for the entry-level position? And then as they get traction, what does that turn into? >> Yeah, so the pattern we've often seen is like someone gets started on the open source side, whether you're using Open Policy Agent or Falco, which Laurice who've you met with before created. And so really when you're starting, choose kind of the open source option. Learn from that. And then often what we've seen with customers is at scale, there's some companies like if you're in Uber, or Snapchat, and Apple, you can maybe build something around open source, but a lot of other people start to really consolidate platforms that are built on top of those open source technologies, and trying to get that really single view into what's happening in their environment, what are those events. And the thing that I would say, process wise, is most important is build that container center of excellence, that cloud center of excellence, whatever you call it, that brings together people from your ops team, your infrastructure team, your dev team, your security team. Everyone's got to have a seat at the table to have containers be successful. It's a big shift, and if you do it right, it really takes off, but each team really needs to be included there. >> Yeah, there's a lot of operational discussions going on around the devs, and the devs are being pulled to the front lines. We've been saying this for a decade, but now when you got edge computing, you got cloud native operations, on-premises, you start to see that they're getting pulled even further to the frontline. So, you know, what are you guys up to Sysdig? You know, they got a lot of developers here at DockerCon, what's in it for them? Why Sysdig, why should they care? What would you say to the old developers that are watching? What's in it for them? >> Yeah, we really make it easier for you to prioritize what to fix and what to address in your environment. I know I've built something before and like, my test suite or my scanner just lights up like a Christmas tree, and you just want to move to another task because it's just too much to deal with at that time. And so we really help you focus on what matters and get the most bang for your buck. Everyone has way too much time or too many things going on and not enough time. And so being able to understand effective risk, your different vulnerabilities, what to fix, is really key to delivering secure software. >> I mean, it's like a doctor needs to know what to work on with the patient, if you will, when to, and what's important, and then the dependencies, and you got, a system's mindset, you got to know what the consequences. So it sounds easy, just knock down a list of things, but isn't that easy. You got to want to hit things that you know that will be, to have an impact right away. That seems to be the big aha moment here. >> Yeah, definitely. >> So we're going to be at KubeCon in Europe, you guys going to have booth there, what's the quick plug for the company? Give a shout out to what's happening at Sysdig and cloud native world. >> Yeah, really excited to be in Valencia. We have a ton of people at, sorry, at DockerCon with, giving a couple different talks here. So the first is Master Your Container Security Model and then Software Supply Chain Security and Standards. On the supply chain one, we're getting deep into SBOMs. So if that's a topic that's important to you, please join that one. >> Awesome, and then that's a big topic supply chain. We've got a minute and a half left. What's the most important thing people should pay attention to as open source continues to grow in prominence, not just from a code standpoint, but as a social environment, as people's doing ventures and venture capitalists are mining the area, what should they pay attention to as supply chain becomes important, what's the big thing? >> There's a lot of companies I think going around the SBOM space, and kind of trying to certify like where did this come from, and have that providence across the entire supply chain. We, under the hood, use those SBOMs to understand kind of what have you built, what packages are used, and then tie that with that runtime data. So a lot of the things that we talked around before with RiskSpotlight is based on that deep SBOM knowledge. And that's something that, I think the standards are still getting kind of worked out where there's CycloneDX, SBX. And so people really are saying, "Hey, I need to generate SBOMs," and we're regenerating them, but there's going to be more and more applications on "Okay what do you do with that? How does it integrate with other tools?" So it's kind of I think in the little bit of the early data lake phases where it's like, "I've taken all my data, I put it here. Now I need to do more with it." And so that's where I think we'll start to see some pretty exciting things over the next year or two. >> It's super exciting. On one hand you got the attackers, and that's a zero trust environment, and you get the builders, the developers where trust is everything. You got to know what it's in the code. It's really interesting time and super important to scale. So Knox, thanks for for coming on theCUBE and sharing the Sysdig update. Appreciate it, thanks for coming on. Now back to you at the DockerCon main stage, this is theCUBE. I'm John for your host. Thanks for watching. (upbeat bright music)

(upbeat music) >> Welcome to the Q3 AWS Startup Showcase. I'm Lisa Martin. I'm pleased to welcome Knox Anderson, the VP of Product Management, from Sysdig, to the program. Knox, welcome. >> Thanks for having me, Lisa. >> Excited to uncover Sysdig. Talk to me about what you guys do. >> So Sysdig, we are a secure DevOps platform, and we're going to really allow customers to secure the entire lifecycle of an application from source to production. So give you the ability to scan IAC for security best practices, misconfiguration, help you facilitate things like image scanning as part of the build process, and then monitor runtime behavior for compliance or threats, and then finish up with incident response, so that you can respond to and recover from incidents quickly. >> What are some of the main challenges that you're solving and have those changed in the last 18 months? >> I'd say the main challenge people face today is a skills gap with Kubernetes. Everyone wants to use Kubernetes, but the amount of people that can operate those platforms is really difficult. And then getting visibility into the apps, that's running in those environments is also a huge challenge. So with Sysdig, we provide just an easy way to get your Kubernetes clusters instrumented, and then provide strong coverage for threat detection, compliance, and then observability for those environments. >> One of the things that we've seen in the last 18 months is a big change in the front landscape. So, I'm very curious to understand how you're helping customers navigate some of the major dynamics that are going on. >> Yeah, I'd say, the adoption of cloud and the adoption of Kubernetes have, have changed drastically. I'd say every single week, there's a different environment that has a cryptomining container. That's spun up in there. Obviously, if the price of a Bitcoin and things like that go up, there's more and more people that want to steal your resources for mining. So, we're seeing attacks of people pulling public images for Docker hub onto their clusters, and there's a couple of different ways that we'll help customers see that. We have default Falco rules, better vetted by the open source community to detect cryptomining. And then we also see a leading indicator of this as some of the metrics we, we collect for resource abuse and those types of things where you'll see the CPU spike, and then can easily identify some workload that could have been compromised and is now using your resources to mine Bitcoin or some other alt-coin. >> Give me a picture of a Sysdig customer. Help me understand the challenges they had, why they chose you and some of the results that they're achieving. >> Yeah, I used to say that we were very focused on financial services, but now everyone is doing Kubernetes. Really where we get introduced to an organization is they have their two or three clusters that are now in production and I'm going through a compliance audit, or it's now a big enough part of my estate that I need to get security for this Kubernetes and cloud environment. And, so we come in to really provide kind of the end-to-end tools that you would need for that compliance audit or to meet your internal security guidelines. So they'll usually have us integrated within their Dev pipelines so that developers are getting actionable data about what they need to do to make sure their workloads are as secure as possible before they get deployed to production. So that's part of that shift, left mindset. And then the second main point is around runtime detection. And that's where we started off by building our open source tool Falco, which is now a CNCF project. And that gives people visibility into the common things like, who's accessing my environment? Are there any suspicious connections? Are my workloads doing what they expected? And, those types of things. >> Since the threat landscape has changed so much in the last year and a half, as I mentioned. Are the conversations you're having with customers changing? Is this something at the C-suite or the board level from a security and a visibility standpoint? >> I think containers and Kubernetes and cloud adoption under the big umbrella of digital transformation is definitely at board level objective. And then, that starts to trickle down to, okay, we're taking this app from my on-prem data center, it's now in the cloud and it has to meet the twenty security mandates have been meeting for the last fifteen years. What am I going to do? And so definitely there's practitioners that are coming in and picking tools for different environments. But, I would definitely say that cloud adoption and Kubernetes adoption are something that everyone is trying to accelerate as quickly as possible. >> We've seen a lot of acceleration of cloud adoption in the last eighteen months here, right? Now, something that I want to get into with you is the recent executive order, the White House getting involved. How is this changing the cybersecurity discussion across industries? >> I really like how they kind of brought better awareness to some of the cybersecurity best practices. It's aligned with a lot of the NIST guidance that's come out before, but now cloud providers are picking, private sector, public sector are all looking at this as kind of a new set of standards that we need to pay attention to. So, the fact that they call out things like unauthorized access, you can look at that with Kubernetes audit logs, cloud trail, a bunch of different things. And then, the other term that I think you're going to hear a lot of, at least within the federal community and the tech community, over the next year, is this thing called an 'S bomb', which is for, which is a software bill of materials. And, it's basically saying, "as I'm delivering software to some end user, how can I keep track of everything that's in it?" A lot of this probably came out of solar winds where now you need to have a better view of what are all the different components, how are those being tracked over time? What's the life cycle of that? And, so the fact that things like S bombs are being explicitly called out is definitely going to raise a lot of the best practices as organizations move. And then the last point, money always talks. So, when you see AWS, Azure, Google all saying, we're putting 10, 10 billion plus dollars behind this for training and tooling and building more secure software, that's going to raise the cybersecurity industry as a whole. And so it's definitely driving a lot of investment and growth in the market. >> It's validation. Absolutely. Talk to me about some of the, maybe some of the leading edges that you're seeing in private sector versus public sector of folks and organizations who are going alright, we've got to change. We've got to adopt some of these mandates because the landscape is changing dramatically. >> I think Kubernetes at auction goes hand in hand with that, where it's a declarative system. So, the way you define your infrastructure and source code repost is the same way that runs in production. So, things like auditing are much easier, being able to control what's in your environment. And then containers, it's much easier to package it once and then deploy it wherever you want. So container adoption really makes it easier to be more secure. It's a little tricky where normally like you move to something that's bleeding edge, and a lot of things become much harder. And there's operational parts that are hard about Kubernetes. But, from a pure security perspective, the apps are meant to do one thing. It should be easy to profile them. And so definitely I think the adoption of more modern technology and things like cloud services and Kubernetes is a way to be more secure as you move into these environments. >> Right? Imagine a way to be more secure and faster as well. I want to dig in now to the Sysdig AWS partnership. Talk to me about that. What do you guys do together? >> AWS is a great partner. We, as a company, wouldn't be able to deliver our software without AWS. So we run our SAS services on Amazon. We're in multiple regions around the globe. So we can deliver that to people in Europe and meet all the GDPR requirements and those kinds of things. So from a, a vendor partnership perspective, it's great there. And then on a co-development side, we've had a lot of success and a fun time working with the Fargate team, Fargate is a service on Amazon, that makes it easier for you to run your containers without worrying about the underlying compute. And so they faced the challenge about a year and a half ago where customers didn't want to deploy on Fargate because they couldn't do deeper detection and incident response. So we worked together to figure out different hooks that Amazon could provide to open source tools like Falco or commercial products like Sysdig. So then customers could meet those incident response needs, and those detection needs for Fargate. And really, we're seeing more and more Fargated option as kind of more and more companies are moving to the cloud. And, you don't want to worry about managing infrastructure, a service like Fargate is a great place to get started there. >> Talk to me a little bit about your joint. Go to mark. Is there a joint go-to-market? I should say. >> Yeah, we sell through the AWS marketplace. So customers can procure Sysdig software directly though AWS. It'll end up on your AWS bill. You can kind of take some of your committed spend and draw it down there. So that's a great way. And then we also work closely with different solutions architects teams, or people who are more boots on the ground with different AWS customers trying to solve those problems like PCI-compliance and Fargate, or just building a detection and response strategy for EKS and those types of things. >> Let's kind of shift gears now and talk about the role of open source, in security. What is Sysdig's perspective? >> Yeah, so the platform, open source is a platform, is something that driving more and more adoption these days. So, if you look at like the fundamental platform like Kubernetes, it has a lot of security capabilities baked in there's admission controllers, there's network policies. And so you used to buy a firewall or something like that. But with Kubernetes, you can enforce services, service communication, you put a service mesh on top of that, and you can almost pretend it's a WAF sometimes. So open source is building a lot of fundamental platform level security, and by default. And then the second thing is, we're also seeing a rise of just open source tools that traditionally had always come from commercial products. So, there's things like OPA, which handle authorization, which is becoming a standard. And then there's also projects like Falco, that provide an easy way for people to do IDS use cases and auditing use cases in these environments. >> Last question for you. Talk to me about some of the things that you're most excited about. That's coming down here. We are at, this is the, our Q3 AWS Startup Showcase, but what are some of the things that you're most excited about in terms of being able to help customers resolve some of those challenges even faster? >> I think there's more and more Kubernetes standardization that's going on. So a couple of weeks ago, Amazon released EKS Anywhere, which allows companies who still have an on-prem footprint to run Kubernetes locally the same way that they would run it in the cloud. That's only going to increase cloud adoption, because once you get used to just doing something that matches the cloud, the next question you're going to answer is, okay, how fast can I move that to the cloud? So that's something I'm definitely really excited about. And then, also, the different, or AWS is putting a lot of investment behind tools like security hub. And we're doing a lot of native integrations where we can publish different findings and events into security hubs, so that different practitioners who are used to working in the AWS console can remediate those quickly without ever kind of leading that native AWS ecosystem. And that's a trend I expect to see more and more of over time, as well. >> So a lot of co-innovation coming up with AWS. Where can folks go to learn more information? Is there a specific call to action that you'd like to point them to? >> The Sysdig blog is one of the best sources that I can recommend. We have a great mixture of technical practitioner content, some just one-oh-one level, it's, I'm starting with container security. What do I need to know? So I'd say we do a good job of touching the different areas and then really the best way to learn about anything is to get hands-on. We have a SAS trial. Most of the security vendors have something behind a paywall. You can come in, get started with us for free and start uncovering what's actually running in your infrastructure. >> Knox, let's talk about the secure DevOps movement. As we see that DevOps is becoming more and more common, how is it changing the role of security? >> Yeah, so a lot of traditional security requirements are now getting baked into what a DevOps team does day-to-day. So the DevOps team is doing things like implementing IAC. So your infrastructure is code, and no changes are manually made to environments anymore. It's all done by a Terraform file, a cloud formation, some code that's representing what your infrastructure looks at. And so now security teams, or sorry, these DevOps teams have to bake security into that process. So they're scanning their IAC, making sure there's not elevated privileges. It's not doing something, it shouldn't. DevOps teams, also, traditionally, now are managing your CI/CD Pipeline. And so that's where they're integrating scanning tools in as well, to go in and give actionable feedback to the developers around things like if there's a critical vulnerability with a fix, I'm not going to push that to my registry. So it can be deployed to production. That's something a developer needs to go in and change. So really a lot of these kind of actions and the day-to-day work is driven by corporate security requirements, but then DevOps has the freedom to go in and implement it however they want. And this is where Sysdig adds a lot of value because we provide both monitoring and security capabilities through a single platform. So that DevOps teams can go into one product, see what they need for capacity planning, chargebacks, health monitoring, and then in the same interface, go in and see, okay, is that Kubernetes cluster meeting my SOC 2 controls? How many images have my developers submitted to be scanned over the past day? And all those kinds of things without needing to learn to how to use four or five different tools? >> It sounds to me like a cultural shift almost in terms of the DevOps, the developers working with security. How does Sysdig help with that? If that's a cultural shift? >> Yeah, it's definitely a cultural shift. I see some people in the community getting angry when they see oh we're hiring for a Head of DevOps. They're like DevOps is a movement, not a person. So would totally agree with that there, I think the way we help is if you're troubleshooting an issue, if you're trying to uncover what's in your environment and you are comparing results across five different products, it always turns into kind of a point the finger, a blame game. There's a bunch of confusion. And so what we think, how we help that cultural shift, is by bringing different teams and different use cases together and doing that through a common lens of data, user workflows, integrations, and those types of things. >> Excellent. Knox, thank you for joining me on the program today, sharing with us, Sysdig, what you do, your partnership with AWS and how customers can get started. We appreciate your information. - Thank you. For Knox Anderson. I'm Lisa Martin. You're watching the cube.

(soft electronic music) >> Welcome to this CUBE Conversation. I'm Lisa Martin. This conversation is part of our third AWS Startup Showcase for this year. I'm pleased to welcome Knox Anderson, the VP of Product Management at Sysdig. Knox, welcome to the program. >> Thanks for having me, Lisa. >> Talk to me a little bit about Sysdig, secure DevOps for containers, Kubernetes, and cloud. Give the audience an overview of what you guys do. >> So Sysdig is this secure DevOps platform that provides observability, security, and compliance functions for anyone that's adopting Kubernetes and Cloud. We really secure the entire lifecycle from source to production, so do things like scan your ISE for misconfiguration, monitor your runtime environments for threats and operational best practices. We provide a lot of capabilities around Prometheus Monitoring, as well, and then also let organizations perform incident response and compliance audits against these environments. >> So founded in 2013, talk to me about the gap in the market that you guys saw then and what some of the key challenges are that you saw for your customers. >> Yeah so we came to market around the same time as containers and Kubernetes and I'd say 2015 to 2018 we kept on saying it's the year of Kubernetes, it's the year of Kubernetes, it's the year of Kubernetes. And then really during the last year and a half in the COVID pandemic, Kubernetes has gone gangbusters. Every major cloud is seeing a huge adoption in their Kubernetes services so that's really our wedge into a lot of organizations. They're changing their platform to take advantages of containers and Kubernetes and you really have to rethink all of your security tooling, and that's when a company like Sysdig comes in. >> Talk to me about customers in terms of, especially in the last year and a half when things have been so dynamic, we've seen so much too, on the threat landscape front changing. Give me an example of a customer or two that you're really helped with solving some of their major challenges, here. >> Yeah, a great customer that we work with is SAP Concur and they kind of encompass a lot of the things that are nice about modern DevOps. So it's a DevOps team that's running a Kubernetes platform that thousands of developers are building their apps and deploying those onto. And they chose Sysdig because really it's not scalable to have every single data team ping that DevOps team and say what's the performance of my service, how is it responding, how can I get scanning integrated with that and so they use Sysdig as a platform that allows developers to easily onboard onto their Kubernetes clusters and then ensure that they're meeting compliance needs and FedRAMP needs for that platform that they deliver their core business apps on. >> Let's talk about the Sysdig's commitment to opensource on the Falco project. >> So Falco is a opensource project that we started at Sysdig, it's built on top of our core system core instrumentation. And so Falco meets a lot of your IDS or your file integrity monitoring requirements that you might have as you move to Kubernetes. And really, it's something we started at about 2016. In 2019, we donated that project to the CMCS which is the same governance body behind Kubernetes, Prometheus, and other kind of core building blocks of the climate of ecosystem. Since then, it's grown immensely. Companies like Shopify are using it to make sure that their PCI apps that they run Kubernetes are fully compliant. And so it's something that we are constantly contributing to the community also from even companies like AWS is a core contributor to the Falco project. And I'm really excited to see where it goes over the next year as Falco extends to also cover some cloud security use cases. >> What can you tell me about the relationship that Sysdig and AWS have? >> They've been a great partner. We internally run our SaaS on AWS so we're using AWS services to deliver our product to our customers. And then we've also really worked closely around how you can provide better security for services like Fargate. So we did working sessions with their engineering teams, learned what we could do to get the visibility that we need for tools like Falco and Sysdig to work seamlessly in Fargate environments. And last April we were able to kind of, AWS released that new functionality, Sysdig built on top of that, and we've already seen great adoption of customers using the Sysdig product on top of Fargate. >> Excellent. Well thank you very much, Knox, for stopping by theCUBE telling us about Sysdig, what you guys are doing ahead of the AWS Startup Showcase. We appreciate your time and your information. >> Thanks for having me. >> For Knox Anderson, I'm Lisa Martin. You're watching this CUBE Conversation. (soft electronic music)

>>from around the globe. It's the Cube covering space and cybersecurity. Symposium 2020 hosted by Cal Poly. Yeah, Lauren, Welcome to the Space and Cybersecurity Symposium 2020 put on by Cal Poly and hosted with Silicon Angle acute here in Palo Alto, California for a virtual conference. Couldn't happen in person this year. I'm John for a year. Host the intersection of space and cybersecurity. I'll see critical topics, great conversations. We got a great guest here to talk about the addressing the cybersecurity workforce gap, and we have a great guest, a feature speaker. Stewart Knox, the undersecretary with California's Labor and Workforce Development Office. Stewart Thanks for joining us today. >>Thank you so much, John. Appreciate your time today and listening to a little bit of our quandaries with making sure that we have the security that's necessary for the state of California and making sure that we have the work force that is necessary for cybersecurity in space. >>Great, I'd love to get started. I got a couple questions for you, but first take a few minutes for an opening statement to set the stage. >>Sure, realizing that in California we lead the nation in much of cybersecurity based on Department of Defense contractors within the Santa California leading the nation with over $160 billion within the industry just here in California alone and having over 800,000 bus workers. Full time employment in the state of California is paramount for us to make sure that we face, um, defense manufacturers approximate 700,000 jobs that are necessary to be filled. There's over 37,000 vacancies that we know of in California, just alone in cybersecurity. And so we look forward to making sure that California Workforce Development Agency is leading the charge to make sure that we have equity in those jobs and that we are also leading in a way that brings good jobs to California and to the people of California, a good education system that is developed in a way that those skills are necessarily met for the for the employers here in California and the nation, >>One of the exciting things about California is obviously look at Silicon Valley, Hewlett Packard in the garage, storied history space. It's been a space state. Many people recognize California. You mentioned defense contractors. It's well rooted with with history, um, just breakthroughs bases, technology companies in California. And now you've got technology. This is the cybersecurity angle. Um, take >>them into >>Gets more commentary to that because that's really notable. And as the workforce changes, these two worlds are coming together, and sometimes they're in the same place. Sometimes they're not. This is super exciting and a new dynamic that's driving opportunities. Could you share, um, some color commentary on that dynamic? >>Absolutely. And you're so correct. I think in California we lead the nation in the way that we developed programs that are companies lead in the nation in so many ways around, uh, cyberspace cybersecurity, Uh, in so many different areas for which in the Silicon Valley is just, uh, such a leader in those companies are good qualified companies to do so. Obviously, one of the places we play a role is to make sure that those companies have a skilled workforce. Andi, also that the security of those, uh, systems are in place for our defense contractors onda For the theater companies, those those outlying entities that are providing such key resource is to those companies are also leading on the cutting edge for the future. Also again realizing that we need to expand our training on skills to make sure that those California companies continue to lead is just, um, a great initiative. And I think through apprenticeship training programs on By looking at our community college systems, I think that we will continue to lead the nation as we move forward. >>You know, we've had many conversations here in this symposium, virtually certainly around. The everyday life of consumer is impacted by space. You know, we get our car service Uber lyft. We have maps. We have all this technology that was born out of defense contracts and r and D that really changed generations and create a lot of great societal value. Okay, now, with space kind of on the next generation is easier to get stuff into space. The security of the systems is now gonna be not only paramount for quality of life, but defending that and the skills are needed in cybersecurity to defend that. And the gap is there. What >>can we >>do to highlight the opportunities for career paths? It used to be the day when you get a mechanical engineering degree or aerospace and you graduated. You go get a job. Not anymore. There's a variety of of of paths career wise. What can we do to highlight this career path? >>Absolutely correct. And I think it starts, you know, k through 12 system on. I know a lot of the work that you know, with this bow and other entities we're doing currently, uh, this is where we need to bring our youth into an age where they're teaching us right as we become older on the uses of technology. But it's also teaching, um, where the levels of those education can take them k through 12. But it's also looking at how the community college system links to that, and then the university system links above and beyond. But it's also engage in our employers. You know, One of the key components, obviously, is the employers player role for which we can start to develop strategies that best meet their needs quickly. I think that's one of the comments we hear the most labor agency is how we don't provide a change as fast as we should, especially in technology. You know, we buy computers today, and they're outdated. Tomorrow it's the same with the technology that's in those computers is that those students are going to be the leaders within that to really develop how those structures are in place. S O. K. Through 12 is probably primary place to start, but also continuing. That passed the K 12 system and I bring up the employers and I bring them up in a way, because many times when we've had conversations with employers around what their skills needs were and how do we develop those better? One of the pieces that of that that I think is really should be recognized that many times they recognized that they wanted a four year degree, potentially or five year, six year degree. But then, when we really looked at the skill sets, someone coming out of the community college system could meet those skill sets. And I think we need to have those conversations to make sure not that they shouldn't be continue their education. They absolutely should. Uh, but how do we get those skill sets built into this into 12 plus the two year plus the four year person? >>You know, I love the democratization of these new skills because again. There's no pattern matching because they weren't around before, right? So you gotta look at the exposure to your point K through 12 exposure. But then there's an exploration piece of whether it's community, college or whatever progression. And sometimes it's nonlinear, right? I mean, people are learning different ways, combining the exposure and the exploration. That's a big topic. Can you share your view on this because this now opens up mawr doors for people choice. You got new avenues. You got online clock and get a cloud computing degree now from Amazon and walk in and help. I could be, you know, security clearance, possibly in in college. So you know you get exposure. Is there certain things you see? Is it early on middle school? And then I'll see the exploration Those air two important concepts. Can you unpack that a little bit exposure and exploration of skills? >>Absolutely. And I think this takes place, you know, not only in in the K 12 because somebody takes place in our community colleges and universities is that that connection with those employers is such a key component that if there's a way we could build in internships where experiences what we call on the job training programs apprenticeship training pre apprenticeship training programs into a design where those students at all levels are getting an exposure to the opportunities within the Space and Cybersecurity Avenue. I think that right there alone will start to solve a problem of having 37 plus 1000 openings at any one time in California. Also, I get that there's there's a burden on employers. Thio do that, and I think that's a piece that we have to acknowledge. And I think that's where education to play a larger role That's a place we had. Labor, Workforce, Development Agency, player role With our apprenticeship training programs are pre apprenticeship training programs. I could go on all day of all of our training programs that we have within the state of California. Many of the list of your partners on this endeavor are partners with Employment Training Panel, which I used to be the director of the Brown administration of um, That program alone does incumbent worker training on DSO. That also is an exposure place where ah worker, maybe, you know, you know, use the old adage of sweeping the floors one day and potentially, you know, running a large portion of the business, you know, within years. But it's that exposure that that employee gets through training programs on band. Acknowledging those skill sets and where their opportunities are, is what's valid and important. I think that's where our students we need to play a larger role in the K 12. That's a really thio Get that pushed out there. >>It's funny here in California you're the robotics clubs in high school or like a varsity sport. You're seeing kids exposed early on with programming. But you know, this whole topic of cybersecurity in space intersection around workforce and the gaps and skills is not just for the young. Certainly the young generations gotta be exposed to the what the careers could be and what the possible jobs and societal impact and contributions what they could be. But also it's people who are already out there. You know, you have retraining re Skilling is plays an important role. I know you guys do a lot of thinking on this is the under secretary. You have to look at this because you know you don't wanna have a label old and antiquated um systems. And then a lot of them are, and they're evolving and they're being modernized by digital transformation. So what does the role of retraining and skill development these programs play? Can you share what you guys are working on in your vision for that? >>Absolutely. That's a great question. And I think that is where we play a large role, obviously in California and with Kobe, 19 is we're faced with today that we've never seen before, at least in my 27 years of running program. Similar Thio, of course, in economic development, we're having such a large number of people displaced currently that it's unprecedented with unemployment rates to where we are. We're really looking at How do we take? And we're also going to see industries not return to the level for which they stood at one point in time. Uh, you know, entertainment industries, restaurants, all the alike, uh, really looking at how do we move people from those jobs that were middle skill jobs, topper skilled jobs? But the pay points maybe weren't great, potentially, and there's an opportunity for us to skill people into jobs that are there today. It may take training, obviously, but we have dollars to do that generally, especially within our K 12 and are que 14 systems and our universities. But we really wanna look at where those skill sets are are at currently. And we want to take people from that point in time where they said today, and try to give them that exposure to your point. Earlier question is, how do we get them exposed to a system for which there are job means that pay well with benefit packages with companies that care about their employees? Because that's what our goal is. >>You know. You know, I don't know if you have some visibility on this or ah opinion, but one observation that I've had and talking to whether it's a commercial or public sector is that with co vid uh, there have been a lot of awareness of the situation. We're adequately prepared. There's, um, readiness. But as everyone kind of deals with it, they're also starting to think about what to do. Post covert as we come out of it, Ah, growth strategy for a company or someone's career, um, people starting to have that on the top of their minds So I have to ask you, Is there anything that you see that they say? Okay, certain areas, maybe not doubling down on other areas. We're gonna double down on because we've seen some best practices on a trajectory of value for coming out of co vid with, you know, well, armed skills or certain things because you because that's what a lot of people are thinking right now. It's probably cyber is I mean, how many jobs are open? So you got well, that that's kind of maybe not something double down on here are areas we see that are working. Can you share your current visibility to that dynamic? >>Absolutely. Another great question. One of the key components that we look at Labor Workforce Development Agency. And so look at industries and growth modes and ones that are in decline boats. Now Kobe has changed that greatly. We were in a growth rate for last 78 years. We saw almost every industry might miss a few. You know that we're all in growth in one way or enough, obviously, that has changed. Our landscape is completely different than we saw 67 months ago. So today we're looking at cybersecurity, obviously with 30 plus 1000 jobs cos we're looking at Defense Department contractor is obviously with federal government contracts. We were looking at the supply chains within those we're looking at. Health care, which has always been one, obviously are large one of our large entities that has has grown over the years. But it's also changed with covered 19. We're looking at the way protective equipment is manufactured in the way that that will continue to grow over time. We're looking at the service industry. I mean, it will come back, but it won't come back the way we've seen it, probably in the past, but where the opportunities that we develop programs that we're making sure that the skill sets of those folks are transferrable to other industries with one of the issues that we face constant labor and were forced moment programs is understanding that over the period of time, especially in today's world again, with technology that people skill sets way, don't see is my Parents Day that you worked at a job for 45 years and you retired out of one job. Potentially, that is, that's been gone for 25 years, but now, at the pace for which we're seeing systems change. This is going to continue to amp up. I will stay youth of today. My 12 year old nephew is in the room next door to me on a classroom right now online. And so you know, there. It's a totally different atmosphere, and he's, you know, enjoying actually being in helping learning from on all online system. I would not have been able to learn that way, but I think we do see through the K Through 12 system where we're moving, um, people's interest will change, and I think that they will start to see things in a different way than we have in the past. They were forced systems. We are an old system been around since the thirties. Some even will say prior to the thirties came out of the Great Depression in some ways, and that system we have to change the way we develop our programs are should not be constant, and it should be an evolving system. >>It's interesting a lot of the conversation between the private and public partnerships and industry. You're seeing an agile mind set where it's a growth mindset. It's also reality based mindset and certainly space kind of forces. This conversation with cyber security of being faster, faster, more relevant, more modern. You mentioned some of those points, and with co vid impact the workforce development, it's certainly going to put a lot of pressure on faster learning. And then you mentioned online learning. This has become a big thing. It's not just putting education online per se. There's new touch points. You know you got APS, you got digital. This digital transformation is also accelerating. How do you guys view the workforce development? Because it's going to be open. It's gonna be evolving. There's new data coming in, and maybe kids don't want to stare at a video conference. Is there some game aspect to it? Is there how do you integrate thes new things that are coming really fast? And it's happening kind of in real time in front of our eyes. So I love to get your thoughts on how you guys see that, because it will certainly impact their ability to compete for jobs and or to itself learn. >>I think one of the key components of California's our innovation right and So I think one of the things that we pride ourselves in California is around that, um that said, that is the piece that I think the Silicon Valley and there's many areas in California that that have done the same, um, or trying to do the same, at least in their economy, is to build in innovation. And I think that's part of the K through 12 system with our with our our state universities and our UCS is to be able to bridge that. I think that you we see that within universities, um, that really instill an innovative approach to teaching but also instill innovation within their students. I'm not sure there yet with our fully with our K 12 system. And I think that's a place that either our community colleges could be a bridge, too, as well. Eso that's one component of workforce development I think that we look at as being a key. A key piece you brought up something that's really interesting to me is when you talk about agile on day, one of the things that even in state government on this, is gonna be shocking to you. But we have not been an agile system, Aziz. Well, I think one of the things that the Newsome administration Governor Newsom's administration has brought is. And when I talk about agile systems, I actually mean agile systems. We've gone from Kobol Systems, which are old and clunky, still operating. But at the same time, we're looking at upgrading all of our systems in a way that even our technology in the state of California should be matching the technology that our great state has within our our state. So, um, there in lies. It's also challenges of finding the qualified staff that we need in the state of California for all of our systems and servers and everything that we have. Um, currently. So you know, not only are we looking at external users, users of labor, workforce development, but we're looking at internal users that the way we redevelop our systems so that we are more agile in two different ways. >>You just got me. I triggered with COBOL. I programmed in the eighties with COBOL is only one credit lab in college. Never touched it again. Thank God. But this. But this >>is the >>benefit of cloud computing. I think this is at the heart, and this is the undertone of the conference and symposium is cloud computing. You can you can actually leverage existing resource is whether there legacy systems because they are running. They're doing a great job, and they do a certain work load extremely well. Doesn't make sense to replace what does a job, but you can integrate it in this. What cloud does this is Opening up? Can mawr more and more capabilities and workloads? This is kind of the space industry is pointing to when they say we need people that can code. And that could solve data problems. Not just a computer scientist, but a large range of people. Creative, um, data, science, everything. How does California's workforce solve the needs of America's space industry? This is because it's a space state. How do you see that? Let your workforce meeting those needs. >>Yeah, I think I think it's an investment. Obviously, it's an investment on our part. It's an investment with our college partners. It's an investment from our K 12 system to make sure that that we are allocating dollars in a way through meeting the demand of industry Onda, we do look at industry specific around there needs. Obviously, there's a large one. We wanna be very receptive and work with our employers and our employee groups to make sure that we need that demand. I think it's putting our money where our mouth is and and designing and working with employer groups to make sure that the training meets their needs. Um, it's also working with our employer groups to make sure that the employees are taken care of. That equity is built within the systems, Um, that we keep people employed in California on their able to afford a home, and they're able to afford a life here in California. But it's also again, and I brought up the innovation component. I think it's building an innovation within systems for which they are employers but are also our incoming employees are incumbent workers. And you brought this up earlier. People that already employed and people that are unemployed currently with the skill set that might match up, is how do we bridge those folks into employment that they maybe have not thought about. We have a whole career network of systems out throughout the city, California with the Americans job Centers of California on day will be working, and they already are working with a lot of dislocated workers on day. One of the key components of that is to really look at how do we, um, take what their current skills that might be and then expose them to a system for which we have 37 plus 1000 job openings to Andi? How do we actually get those books employed? It's paying for potentially through those that local Workforce Innovation Opportunity Act, funding for Americans job centers, um, to pay for some on the job, training it Z to be able to pay for work experiences. It's to be able to pay for internships for students, um, to get that opportunity with our employers and also partner with our employers that they're paying obviously a percentage of that, too. >>You know, one of the things I've observed over my, um, career 54 times around the sun is you know, in the old days when I was in college in school, you had career people have longer jobs, as you mentioned. Not like that anymore. But also I knew someone I'm gonna be in line to get that job, maybe nepotism or things of that nature. Now the jobs have no historical thing or someone worked longer in a job and has more seniority. Ah, >>lot of these >>jobs. Stewart don't HAVA requirements like no one's done them before. So the ability for someone who, um, is jumping in either from any college, there's no riel. It's all level set. It's like complete upside down script here. It's not like, Oh, I went to school. Therefore I get the job you could be Anyone could walk into these careers because the jobs air so new. So it's not where you came from or what school you went to or your nationality or gender. The jobs have been democratized. They're not discriminating against people with skills. So this opens up mawr. How >>do you >>see that? Because this really is an opportunity for this next generation to be more diverse and to be mawr contributed because diversity brings expertise and different perspectives. Your thoughts on that? >>Absolutely. And that was one of the things we welcome. Obviously we want to make sure that that everybody is treated equally and that the employers view everyone as employer employer of choice but an employee of choices. Well, we've also been looking at, as I mentioned before on the COVITZ situation, looking at ways that books that are maybe any stuck in jobs that are don't have a huge career pathway or they don't have a pathway out of poverty. I mean, we have a lot of working for people in the state of California, Um, that may now do to cope and lost their employment. Uh, this, you know, Let's let's turn back to the old, you know? Let's try, eliminate, eliminate, eliminate. How do we take those folks and get them employed into jobs that do have a good career pathway? And it's not about just who you knew or who you might have an in with to get that job. It is based on skills, I think, though that said there we need to have a better way to actually match those jobs up with those employers. And I think those are the long, ongoing conversations with those employer groups to make sure that one that they see those skill sets is valid and important. Um, they're helping design this crew sets with us, eh? So that they do match up and that were quickly matching up those close skills. That so that we're not training people for yesterday skills. >>I think the employer angles super important, but also the educators as well. One of the things that was asked in another question by the gas they they said. She said The real question to ask is, how early do you start exposing the next generation? You mentioned K through 12. Do you have any data or insight into or intuition or best practice of where that insertion point is without exposure? Point is, is that middle school is a elementary, obviously high school. Once you're in high school, you got your training. Wheels are off, you're off to the races. But is there a best practice? What's your thoughts? Stewart On exposure level to these kinds of new cyber and technical careers? >>Sure, absolutely. I I would say kindergarten. We San Bernardino has a program that they've been running for a little bit of time, and they're exposing students K through 12 but really starting in kindergarten. One is the exposure Thio. What a job Looks like Andi actually have. I've gone down to that local area and I've had three opportunity to see you know, second graders in a health care facility, Basically that they have on campus, built in on dear going from one workstation as a second grader, Uh, looking at what those skills would be and what that job would entail from a nurse to a Dr Teoh physician's assistant in really looking at what that is. Um you know, obviously they're not getting the training that the doctor gets, but they are getting the exposure of what that would be. Andi, I think that is amazing. And I think it's the right place to start. Um, it was really interesting because I left. This was pre covet, but I jumped on the plane to come back up north. I was thinking to myself, How do we get this to all school district in California, where we see that opportunity, um, to expose jobs and skill sets to kids throughout the system and develop the skill set so that they do understand that they have an opportunity. >>We're here at Cal Poly Space and Cybersecurity Symposium. We have educators. We have, um, students. We have industry and employers and government together. What's your advice to them all watching and listening about the future of work. Let's work force. What can people do? What do you think you're enabling? What can maybe the private sector help with And what are you trying to do? Can you share your thoughts on that? Because we have a range from the dorm room to the boardroom here at this event. Love to get your thoughts on the workforce development view of this. >>Yeah, absolutely. I think that's the mix. I mean, I think it's going to take industry to lead A in a lot of ways, in terms of understanding what their needs are and what their needs are today and what they will be tomorrow. I think it takes education, toe listen, and to understand and labor and workforce development also listen and understand what those needs will look like. And then how do we move systems? How do we move systems quickly? How do we move systems in a way that meets those needs? How do we, uh, put money into systems where the most need is, but also looking at trends? What is that trend going to look like in two years? What does that train gonna look like in five years. But that's again listening to those employers. Um, it's also the music community based organizations. I think, obviously some of our best students are also linked to CBS. And one way or another, it may be for services. It maybe for, uh, faith based. It may be anything, but I think we also need to bring in the CBS is Well, ah, lot of outreach goes through those systems in conjunction with, but I think that's the key component is to make sure that our employers are heard on. But they sit at the table like you said to the boardroom of understanding, and I think bringing students into that so that they get a true understanding of what that looks like a well, um, is a key piece of this. >>So one of the things I want to bring up with you is maybe a bit more about the research side of it. But, um, John Markoff, who was a former New York Times reporter with author of the book What the Dormouse, said It was a book about the counter culture of the sixties and the computer revolution, and really there was about how government defense spending drove the computer revolution that we now saw with Apple and PC, and then the rest is history in California has really participated. Stanford, uh, Berkeley and the University of California School system and all the education community colleges around it. That moment, the enablement. And now you're seeing space kind of bringing that that are a lot of research coming in and you eat a lot of billionaires putting money in. You got employers playing a role. You have this new focus space systems, cybersecurity, defending and making it open and and not congested and peaceful is going to enable quickly new inflection points for opportunities. E want to get your thoughts on that? Because California is participate in drove these revolutions that created massive value This next wave seems to be coming upon us. >>Yeah, absolutely. And again, Nazis covered again as too much of ah starting point to this. But I think that is also an opportunity to actually, because I think one of the things that we were seeing seven months ago was a skill shortage, and we still see the skills shortage, obviously. But I think a key piece to that is we saw people shortage. Not only was it skills shortage, but we didn't have enough people really to fill positions in addition to and I think that people also felt they were already paying the bills and they were making ends meet and they didn't have the opportunities. Thio get additional skills This again is where we're looking at. You know that our world has changed. It changed in the sixties based on what you're you're just expressing in terms of California leading the way. Let's like California lead the way again in developing a system from which labor, workforce development with our universities are, you know, are amazing universities and community college system and structure of how do we get students back into school? You know, a lot of graduates may already have a degree, but how do they now take a skill so that they already have and develop that further with the idea that they those jobs have changed? Whales have a lot of folks that don't have a degree, and that's okay. But how do we make that connection to a system that may have failed? Ah, lot of our people over the years, um, and our students who didn't make it through the school system. How do we develop in adult training school? How do we develop contract education through our community college system with our employer sets that we developed cohorts within those systems of of workers that have amazing talents and abilities to start to fill these needs? And I think that's the key components of hearing Agency, Labor, Workforce Development Agency. We work with our community. Colleges are UCS in our state universities t develop and figure that piece out, and I think it is our opportunity for the future. >>That's such a great point. I want to call that out This whole opportunity to retrain people that are out there because these air new jobs, I think that's a huge opportunity, and and I hope you keep building and investing in those programs. That's that's really worth calling out. Thank you for doing that. And, yeah, it's a great opportunity. Thes jobs they pay well to cyber security is a good job, and you don't really need to have that classical degree. You can learn pretty quickly if you're smart. So again, great call out there question for you on geography, Um, mentioned co vid we're talking about Covic. Virtualization were virtual with this conference. We couldn't be in person. People are learning virtually, but people are starting to relocate virtually. And so one observation that I have is the space state that California is there space clusters of areas where space people hang out or space spaces and whatnot. Then you got, like, the tech community cybersecurity market. You know, Silicon Valley is a talented in these hubs, and sometimes cyber is not always in the same hubs of space. Maybe Silicon Valley has some space here, Um, and some cyber. But that's not generally the case. This is an opportunity potentially to intersect. What's your thoughts on this? Because this is This is something that we're seeing where your space has historical, you know, geography ease. Now, with borderless communication, the work boat is not so much. You have to move the space area. You know what I'm saying? So okay. What's your thoughts on this? How do you guys look at this? Is on your radar On how you're viewing this this dynamic? >>It's absolute on our radar, Like you said, you know, here we are talking virtually on and, you know, 75% of all of our staff currently in some of our department that 80% of our staff are now virtual. Um you know, seven months ago, uh, we were not were government again being slow move, we quickly transitioned. Obviously, Thio being able to have a tele work capacity. We know employers move probably even quickly, more quickly than we did, but we see that as an opportunity for our rural areas. Are Central Valley are north state um, inland Empire that you're absolutely correct. I mean, if you didn't move to a city or to a location for which these jobs were really housed, um, you didn't have an opportunity like you do today. I think that's a piece that we really need to work with our education partners on of to be able to see how much this has changed. Labor agency absolutely recognizes this. We are investing funding in the Central Valley. We're investing funding in the North State and empire to really look a youth populations of how the new capacity that we have today is gonna be utilized for the future for employers. But we also have to engage our universities around. This is well, but mostly are employers. I know that they're already very well aware. I know that a lot of our large employers with, um, Silicon Valley have already done their doing almost 100% tele work policies. Um, but the affordability toe live in rural areas in California. Also, it enables us to have, ah, way thio make products more affordable is, well, potentially in the future. But we want to keep California businesses healthy and whole in California. Of course, on that's another way we can We can expand and keep California home to our 40 plus million people, >>most to a great, great work. And congratulations for doing such a great job. Keep it up. I gotta ask about the governor. I've been following his career since he's been office. A za political figure. Um, he's progressive. He's cutting edge. He likes toe rock the boat a little bit here and there, but he's also pragmatic. Um, you're starting to see government workers starting to get more of a tech vibe. Um um just curious from your perspective. How does the governor look at? I mean, the old, almost the old guard. But like you know, used to be. You become a lawyer, become a lawmaker Now a tech savvy lawmaker is a premium candidates, a premium person in government, you know, knowing what COBOL is. A start. I mean, these are the things. As we transform and evolve our society, we need thinkers who can figure out which side the streets, self driving cars go on. I mean, who does that? I mean, it's a whole another generation off thinking. How does the Governor how do you see this developing? Because this is the challenge for society. How does California lead? How do you guys talk about the leadership vision of Why California and how will you lead the future? >>Absolutely no governor that I'm aware of that I've been around for 26 27 years of workforce development has led with an innovation background, as this governor has a special around technology and the use of technology. Uh, you know, he's read a book about the use of technology when he was lieutenant governor, and I think it's really important for him that we, as his his staff are also on the leading edge of technology. I brought a badge. I'll systems. Earlier, when I was under the Brown administration, we had moved to where I was at a time employment training panel. We moved to an agile system and deported that one of the first within within the state to do that and coming off of an old legacy system that was an antique. Um, I will say it is challenging. It's challenging on a lot of levels. Mostly the skill sets that are folks have sometimes are not open to a new, agile system to an open source system is also an issue in government. But this governor, absolutely. I mean, he has established three Office of Digital Innovation, which is part of California and department technology, Um, in partnership with and that just shows how much he wants. Thio push our limits to make sure that we are meeting the needs of Californians. But it's also looking at, you know, Silicon Valley being at the heart of our state. How do we best utilize systems that already there? How do we better utilize the talent from those those folks is well, we don't always pay as well as they dio in the state. But we do have great benefit packages. Everybody does eso If anybody's looking for a job, we're always looking for technology. Folks is well on DSO I would say that this governor, absolute leads in terms of making sure that we will be on cutting edge of technology for the nation, >>you know, and, you know, talk about pay. I mean, I know it's expensive to live in some parts of California, but there's a huge young population that wants a mission driven job and serving, um, government for the governments. Awesome. Ah, final parting question for you, Stuart, is, as you look at, um, workforce. Ah, lot of people are passionate about this, and it's, you know, you you can't go anywhere without people saying, You know, we got to do education this way and that way there's an opinion everywhere you go. Cybersecurity is a little bit peaked and focused, but there are people who are paying attention to education. So I have to ask you, what creative ways can people get involved and contribute to workforce development? Whether it's stem underrepresented minorities, people are looking for new, innovative ways to contribute. What advice would you give these people who have the passion to contribute to the next cyber workforce. >>Yeah, I appreciate that question, because I think is one of the key components. But my secretary, Julie Sue, secretary of Labor and Workforce Development Agency, talks about often, and a couple of us always have these conversations around. One is getting people with that passion to work in government one or on. I brought it up community based organizations. I think I think so many times, um, that we didn't work with our CBS to the level of in government we should. This administration is very big on working with CBS and philanthropy groups to make sure that thing engagement those entities are at the highest level. So I would say, You know, students have opportunities. Thio also engage with local CBS and be that mission what their values really drives them towards Andi. That gives them a couple of things to do right. One is to look at what ways that we're helping society in one way or another through the organizations, but it also links them thio their own mission and how they could develop those skills around that. But I think the other piece to that is in a lot of these companies that you are working with and that we work with have their own foundations. So those foundations are amazing. We work with them now, especially in the new administration. More than we ever have, these foundations are really starting to help develop are strategies. My secretary works with a large number of foundations already. Andi, when we do is well in terms of strategy, really looking at, how do we develop young people's attitudes towards the future but also skills towards the future? >>Well, you got a pressure cooker of a job. I know how hard it is. I know you're working hard, appreciate you what you do and and we wish you the best of luck. Thank you for sharing this great insight on workforce development. And you guys working hard. Thank you for what you do. Appreciate it. >>Thank you so much. Thistle's >>three cube coverage and co production of the space and cybersecurity supposed in 2020 Cal Poly. I'm John for with silicon angle dot com and the Cube. Thanks for watching

>> Announcer: From around the globe, it's theCUBE! Covering Space and Cybersecurity Symposium 2020. Hosted by Cal Poly. >> Hello everyone. Welcome to the Space and Cybersecurity Symposium 2020, put on by Cal Poly and hosted with SiliconANGLE theCUBE here in Palo Alto, California for a virtual conference. Couldn't happen in person this year, I'm John Furrier, your host. The intersection of space and cybersecurity, obviously critical topics, great conversations. We've got a great guest here to talk about the addressing the cybersecurity workforce gap. And we have a great guest, and a feature speaker, Stewart Knox, the undersecretary with California's Labor and Workforce Development Office. Stewart, thanks for joining us today. >> Thank you so much, John. I appreciate your time today and listening to a little bit of our quandaries with making sure that we have the security that's necessary for the state of California and making sure that we have the workforce that is necessary for cybersecurity in space. >> Great. I'd love to get started. I've got a couple of questions for you, but first take a few minutes for an opening statement to set the stage. >> Sure, realizing that in California, we lead the nation in much of cybersecurity based on Department of Defense contractors within the state of California, leading the nation with over 160 billion dollars within the industry just here in California alone and having over 800,000 plus workers full time employment in the state of California is paramount for us to make sure that we face defense manufacturers, approximately 700,000 jobs that are necessary to be filled. There's over 37,000 vacancies that we know of in California, just alone in cybersecurity. And so we look forward to making sure that California Workforce Development Agency is leading the charge to make sure that we have equity in those jobs and that we are also leading in a way that brings good jobs to California and to the people of California, a good education system that is developed in a way that those skills are necessarily met for the employers here in California, and the nation. >> One of the exciting things about California is obviously look at Silicon Valley, Hewlett Packard and the garage story, history, space, it's been a space state, many people recognize California. You mentioned defense contractors. It's well rooted with history, just breakthroughs, bases, technology companies in California. And now you've got technology. This is the cybersecurity angle. Take a minute to give some more commentary to that because that's really notable, and as the workforce changes, these two worlds are coming together and sometimes they're in the same place, sometimes they're not. This is super exciting and a new dynamic that's driving opportunities. Could you share some color commentary on that dynamic? >> Absolutely. And you're so correct. I think in California, we lead the nation in the way that we develop programs, that our companies lead in the nation in so many ways around cyberspace, cybersecurity in so many different areas, for which in the Silicon Valley is just such a leader and those companies are good, qualified companies to do so. Obviously one of the places we play a role is to make sure that those companies have a skilled workforce. And also that the security of those systems are in place for our defense contractors and for the feeder companies, those outlying entities that are providing such key resources to those companies are also leading on a cutting edge for the future. Also again, realizing that we need to expand our training and skills to make sure that those California companies continue to lead, is just such a great initiative. And I think through apprenticeship training programs, and looking at our community college systems, I think that we will continue to lead the nation as we move forward. >> You know, we've had many conversations here in this symposium virtually, certainly around the everyday life of a consumer is impacted by space. You know, we get our car service, Uber, Lyft, we have maps, we have all this technology that was born out of defense contracts and R and D that really changed generations and created a lot of great societal value. Okay, now with space kind of going to the next generation, it's easier to get stuff into space. The security of the systems is now going to be not only paramount for quality of life, but defending that, and the skills are needed in cybersecurity to defend that. And the gap is there. What can we do to highlight the opportunities for career paths? It used to be the day where you get a mechanical engineering degree or aerospace and you graduate and you go get a job, not anymore. There's a variety of paths, career-wise. What can we do to highlight this career path? >> Absolutely correct. And I think it starts, you know, K through 12 system. And I know a lot of the work that (indistinct) and other entities are doing currently. This is where we need to bring our youth into an age where they're teaching us, right, as we become older, on the uses of technology, but it's also teaching where the levels of those education can take them, K through 12, but it's also looking at how the community college system links to that. And then the university system links above and beyond, but it's also engaging our employers. You know, one of the key components, obviously as the employers play a role, for which we can start to develop strategies that best meet their needs quickly. I think that's one of the comments we hear the most, at Labor Agency is how we don't provide a change as fast as we should, especially in technology. You know, we buy computers today and they're outdated tomorrow. It's the same with the technology that's in those computers is that those students are going to be the leaders within that to really develop how those structures are in place. So K through 12 is probably our primary place to start, but also continuing that past the K-12 system. And I bring up the employers and I bring them up in a way, because many times when we've had conversations with employers around what their skills needs were and how do we develop those better? One of the pieces of that, that I think really should be recognized, many times they recognize that they wanted a four year degree, potentially, or a five year or six year degree. But then when we really looked at the skillsets, someone coming out of the community college system could meet those skillsets. And I think we need to have those conversations to make sure, not that they shouldn't be continuing their education. They absolutely should. But how do we get those skillsets built into this into a K-12 plus the two year plus the four year person? >> Yeah, I love the democratization of these new skills, because again, there's no pattern matching 'cause they weren't around before, right? So you got to look at the exposure, to your point, K through 12 exposure, but then there's an exploration piece of it, whether it's community college or whatever progression, and sometimes it's nonlinear, right? I mean, people are learning different ways, combining the exposure and the exploration. That's a big topic. Can you share your view on this? Because this now opens up more doors for people, choice, you got new avenues, you got online, I can get a cloud computing degree now from Amazon and walk in and help. I can be, you know, security clearance possibly in college. So, you know, you get exposure. Is there certain things you see, is it early on? Middle school? And then obviously the exploration, those are two important concepts. Can you unpack that a little bit, exposure and exploration of skills? >> Absolutely, and I think this takes place not only in the K-12 system, but it takes place in our community colleges and our four year universities is that, that connection with those employers is such a key component, that if there's a way we could build in internships, work experiences, what we call on the job training programs, apprenticeship training, pre-apprenticeship training programs, into a design where those students at all levels are getting an exposure to the opportunities within the space and cybersecurity avenue. I think that right there alone will start to solve a problem of having 37 plus thousand openings at any one time in California. Also, I get that there's a burden on employers to do that. And I think that's a piece that we have to acknowledge, and I think that's where education can play a larger role. That's a place we at Labor Workforce Development Agency play a role with our apprenticeship training programs, our pre-apprenticeship training programs. I could go on all day of all of our training programs that we have within the state of California. Many of the list of your partners on this endeavor are partners with Employment Training Panel, which I used to be the director of the Brown administration of. That program alone does incumbent worker training. And so that also is an exposure place where a worker may be, you know, I use the old adage of sweeping the floors one day and potentially writing a large portion of the business, within years. But it's that exposure that that employee gets through training programs, and acknowledging those skill sets and where their opportunities are, is what's valid and important. I think that's where our students, we need to play a larger role than the K-12 system, really, to get that pushed out there. >> It's funny, here in California, you were the robotics clubs in high school are like a varsity sport, you're seeing kids exposed early on with programming, but it's, you know, this whole topic of cybersecurity and space intersection around workforce, and the gaps in the skills, it's not just for the young, certainly the young generation's got to be exposed to what the careers could be and what the possible jobs and societal impact and contributions, what they could be, but also it's people who are already out there. You know, you have retraining, re-skilling, this plays an important role. I know you guys do a lot of thinking on this as the undersecretary, you have to look at this because you know, you don't want to have a label "old and antiquated" systems. And a lot of them are, and they're evolving and they're being modernized by digital transformation. So what does the role of retraining and skill development for these programs play? Can you share what you guys are working on and your vision for that? >> Absolutely. That's a great question. 'Cause I think that is where we play a large role, obviously in California and with COVID-19 is we are faced with today that we've never seen before. At least in my 27 years of running programs, similar to all workforce and economic development, we are having such a large number of people displaced currently that it's unprecedented, we've got employment rates to where we are. We're really looking at how do we take, and we're also going to see industries not return to the level for which they stood at one point in time, you know, entertainment industries, restaurants, all of the alike, really looking at how do we move people from those jobs that were middle skill jobs to upper skill jobs, but the pay points maybe weren't great, potentially. And there's an opportunity for us to skill people into jobs that are there today. It may take training, obviously, but we have dollars to do that, generally, especially within our K-12 and our K-14 systems and our universities. But we really want to look at where those skillsets are at, currently. And we want to take people from that point in time where they sit today, and try to give them that exposure to your point earlier question is how do we get them exposed to a system for which there are job with means that pay well, with benefit packages, with companies that care about their employees. 'Cause that's what our goal is. >> You know, I don't know if you have some visibility on this or an opinion, but one of the observations that I've had and talk to whether it's a commercial or public sector, is that with COVID, there's been a lot of awareness of the situation. We're adequately prepared. There's some readiness, but as everyone kind of deals with it, they're also starting to think about what to do post-COVID as we come out of it, a growth strategy for a company or someone's career. People are starting to have that on the top of their minds. So I have to ask you, is there anything that you see that they say, "Okay, certain areas, maybe not doubling down on other areas, we're going to double down on because we've seen some best practices on a trajectory of value for coming out of COVID with, you know, well-armed skills or certain things." 'Cause that's what a lot of people are thinking right now. And certainly cyber is, I mean, how many jobs are open? So you got "Well that that's kind of maybe not something to double down on, here are areas we see that are working." Can you share your current visibility into that dynamic? >> Absolutely. Another great question. One of the key components that we look at at Labor Workforce Development Agency is to look at the industries in growth modes and ones that are in decline modes. Now COVID has changed that greatly. We were in a growth mode for the last seven, eight years. We saw almost every industry, minus a few, that were all in growth in one way or another, but obviously that has changed. Our landscape is completely different than we saw six, seven months ago. So today we're looking at cybersecurity, obviously with 30 plus thousand job openings, we are looking at Defense Department contractors, obviously, with federal government contracts. We are looking at the supply chains within those. We are looking at healthcare, which has always been one of obviously our large, one of our large entities that has grown over the years. But it's also changed with COVID-19. We're looking at the way protective equipment is manufactured and the way that that will continue to grow over time, we're looking at the service industry. I mean, it will come back, but it won't come back the way we've seen it probably in the past, but where are the opportunities that we develop programs that we are making sure that the skill sets of those folks are transferable to other industries. We have one of the issues that we face constantly in Labor and Workforce Development programs is understanding that over the period of time, especially in today's world, again, with technology, that people's skillsets, we don't see as in my parents' day that you worked at a job for 45 years and you retired at one job potentially. That's been gone for 25 years, but now at the pace for which we are seeing systems change, this is going to continue to amp up, and I will say, youth of today, my 12 year old nephew is in the room next door to me, in a classroom right now online. And so, you know, it's a totally different atmosphere and he's enjoying actually being at home and learning from an all online system. I would not have been able to learn that way, but I think we do see through the K through 12 system, the way we're moving, people's interests will change. And I think that they will start to see things in a different way than we have in the past. They were forced systems. We are an old system, been around since the 30s. Some even we'll say prior to the 30s, came out of the Great Depression in some ways. And that system, we have to change the way we develop our programs. It should not be constant and it should be an evolving system. >> It's interesting. A lot of the conversations between the private and public partnerships and industry, you're seeing an agile mindset where it's a growth mindset, it's also a reality-based mindset and certainly space kind of forces this conversation with cybersecurity of being faster, faster, more relevant, more modern. And you mentioned some of those points, and with COVID impact, the workforce development is certainly going to put a lot of pressure on faster learning. And then you mentioned online learning. This has become a big thing. It's not just putting education online per se. There's new touchpoints. You know, you've got apps, you've got digital. This digital transformation is also accelerating. How do you guys view the workforce development? Because it's going to be open. It's going to be evolving. There's new data coming in and maybe kids don't want to stare at a video conference. Is there some game aspect to it? Is there, how do you integrate these new things that are coming really fast, and it's happening kind of in real time in front of our eyes. So I'd love to get your thoughts on how you guys see that because it'll certainly impact their ability to compete for jobs and/or to self-learn. >> Well, I think one of the key components of California is our innovation, right? And so I think one of the things that we pride ourselves in California is around that. That said, that is the piece that I think the Silicon Valley, and then there's many areas in California that have done the same, or tried to do the same, at least in their economy is to build in innovation. And I think that's part of the K through 12 system, with our state universities and our UCs is to be able to bridge that. I think that you, we see that within universities that really instill an innovative approach to teaching, but also instill innovation within their students. I'm not sure we're there yet fully, with our K-12 system, and I think that's a place that either our community colleges could be a bridge to as well. So that's one component of workforce development I think that we look at as being a key piece. You brought up something that's really interesting to me is when you talk about agile, and one of the things that even in state government, this is going to be shocking to you, but we have not been an agile system as well. I think one of the things that the Newsom administration, Governor Newsom's administration has brought is, and when I talk about agile systems, I actually mean agile systems. We've gone from COBOL systems, which are old and clunky, still operating, but at the same time, we're looking at upgrading all of our systems in a way that even in our technology, in the state of California should be matching, the technology that our great state has within our state. So therein lies, it's also challenges of finding the qualified staff that we need in the state of California for all of our systems and servers and everything that we have currently. So, you know, not only are we looking at external users of labor workforce development, but we're looking at internal users, that the way we redevelop our systems so that we are more agile in two different ways. >> You just got me triggered with COBOL. I programmed in the 80s with COBOL, only one credit lab in college. Never touched it again, thank God. But this is the benefit of cloud computing. I think this is at the heart and this is the undertone of the conference and symposium is cloud computing, you can actually leverage existing resources, whether they're legacy systems, because they are running, they're doing a great job and they do a certain workload extremely well. Doesn't make sense to replace if it does a job. You can integrate it and that's what cloud does. This is opening up more and more capabilities and workloads. This is kind of what the space industry is pointing to when they say "We need people that can code and that can solve data problems," not just the computer scientists, but a large range of people, creative, data, science, everything. How does California's workforce solve the needs of America's space industry? This is because it's a space state. How do you see the labor workforce meeting those needs? >> Yeah, I think it's an investment. Obviously it's an investment on our part. It's an investment with our college partners. It's an investment from our K-12 system to make sure that we are allocating dollars in a way through meeting the demand of industry. And we do look at industry-specific around their needs, obviously this is a large one. We want to be very receptive, and work with our employers and our employee groups to make sure that we meet that demand. I think it's putting our money where our mouth is and designing and working with employer groups to make sure that the training meets their needs. It's also working with our employer groups to make sure that the employees are taken care of and that equity is built within the systems, that we keep people employed in California, and they're able to afford a home and they're able to afford a life here in California, but it's also again and I brought up the innovation component. I think it's building an innovation within systems for which they are employers, but are also our incoming employees and our incumbent workers. And you brought those up earlier, people that are already employed and people that are unemployed currently with a skill set that might match up is how do we bridge those folks into employment that they maybe have not thought about? We have a whole career network of systems out throughout The City of California with the America's Job Centers of California, and they will be working, and they already are working with a lot of dislocated workers. And one of the key components of that is to really look at how do we take what their current skillset might be, and then expose them to a system for which we have 37 plus thousand job openings, too, and how do we actually get those folks employed? It's paid for potentially through that local Workforce Innovation and Opportunity Act funding through our America's Job Centers, to pay for some on the job training. It's to be able to pay for work experiences, it's to be able to pay for internships for students to get that opportunity with our employers and also partnering with our employers that they're paying, obviously a percentage of that too. >> You know, one of the things I've observed over my career, 54 times around the sun is, you know, in the old days, when I was in college and school, you had career, people had the longer jobs, as you mentioned it's not like that anymore. But also I knew someone I'm going to to be in line to get that job, maybe nepotism or things of that nature. Now the jobs have no historical thing or someone worked longer in a job and has more seniority. A lot of these jobs, Stewart, don't have requirements, like no one's done them before. So the ability for someone who is jumping in, either from any college, there's no real, it's all level set, it's a complete upside down script here. It's not like, "Oh, I went to school, therefore I get the job." It can be, anyone can walk into these careers because the jobs are so new. So it's not where you came from or what school you went to or your nationality or gender. The jobs have been democratized. They're not discriminating against people with skills. This opens up more. How do you see that? Because this really is an opportunity for this next generation to be more diverse and to be more contributive because diversity brings expertise and different perspectives. Your thoughts on that. >> Absolutely, and that was one of the things we welcome, obviously. We want to make sure that that everybody is treated equally and that the employers view everyone as an employer of choice, but an employee of choice as well. We've also been looking at, as I mentioned before on the COVID situation, looking at ways that folks that are maybe stuck in jobs that don't have a huge career pathway, or they don't have a pathway out of poverty. I mean, we have a lot of working poor people in the state of California that may now due to COVID lost their employment. This, you know, let's turn back to the old adage, let's turn lemons into lemonade. How do we take those folks and get them employed into jobs that do have a good career pathway? And it's not about just who you knew, or who you might have an in with to get that job. It is based on skills. I think though, that said, we need to have a better way to actually match those jobs up with those employers. And I think those are the ongoing conversations with those employer groups to make sure that, one, that they see those skill sets as valid and important. They're helping design those career sets with us so that they do match up and that we're quickly matching up those close skillsets so that we're not training people for yesterday's skills. >> I think the employer angle's super important, but also the educators as well. One of the things that was asked in another question by the guest, they said, she said, the real question to ask is, how early do you start exposing the next generation? You mentioned K through 12, do you have any data or insight into or intuition or best practice of where that insertion point is, that exposure point? Is it middle school? Is it elementary, honestly, high school, once you're in high school, you got your training wheels are off, you're off to the races, but is there a best practice? What's your thoughts, Stewart, on exposure level to these kinds of new cyber and technical careers? >> Sure, absolutely. I would say kindergarten. We, San Bernardino has a program that they've been running for a little bit of time, and they're exposing students K through 12, but really starting in kindergarten. One is the exposure to what a job looks like. And then actually I've gone down to that local area and I've had the opportunity to see, you know, second graders in a healthcare facility, basically, that they have on campus built-in. And they're going from one workstation as a second grader, looking at what those skills would be and what that job would entail from a nurse to a doctor, to a physician's assistant, and really looking at what that is. You know, obviously they're not getting the training that a doctor gets, but they are getting the exposure of what that would be. And I think that is amazing. And I think it's the right place to start. It was really interesting 'cause as I left, this was pre-COVID, but as I jumped on the plane to come back up north, I was thinking to myself, "How do we get this to all school districts in California where we see that opportunity to expose jobs and skill sets to kids throughout the system and develop those skill sets so that they do understand that they have an opportunity?" >> We are here at Cal Poly Space and Cybersecurity Symposium. We have educators, we have students, we have industry and employers and government together. What's your advice to them all watching and listening about the future of work, this workforce, what can people do? What do you think you're enabling? What can maybe the private sector help with and what are you trying to do? Can you share your thoughts on that? Because we have a range from the dorm room to the boardroom here at this event. I'd love to get your thoughts on the workforce development view of this. >> Yeah, absolutely. And I think that's the mix. I mean, I think it's going to take industry to lead, in a lot of ways in terms of understanding what their needs are and what their needs are today and what they will be tomorrow. I think it takes education to listen, and to understand, and labor and workforce development to also listen and understand what those needs will look like. And then how do we move systems? How do we move systems quickly? How do we move systems in a way that meets those needs? How do we put money into systems where the most need is, but also looking at trends? What is that trend going to look like in two years? What is that trend going to look like in five years, (indistinct), again, listening to those employers, it's also listening to the community-based organizations. I think obviously some of our best students are also linked to CBOs in one way or another. It may be for services, it may be for faith-based, it may be anything, but I think we also need to bring in the CBOs as well. A lot of outreach goes through those systems in conjunction with, but I think that's the key component is to make sure that our employers are heard and that they sit at the table, like you said, to the boardroom of understanding, and I think bringing students into that so that they get a true understanding of what that looks like as well, is a key piece of this. >> Stu, one of the things I want to bring up with you is maybe a little bit more about the research side of it, but John Markoff, who was a former New York times reporter, but author of the book, "What the Dormouse Said," it was a book about the counterculture of the 60s and the computer revolution. And really it was about how government defense spending drove the computer revolution that we now saw with Apple and PC. And then the rest is history in California, has really participated, Stanford, the Berkeley, and the University of California school system, and all the education community colleges around it. That moment, the enablement, and now you're seeing space kind of bringing that, a lot of research coming in, need a lot of billionaires putting money in, you've got employers playing a role. You have this new focus, space systems, cybersecurity defending and making it open and, not congested and peaceful, is going to enable quickly, new inflection points for opportunities. I want to get your thoughts on that because California's participated and drove those revolutions, that's created massive value. This next wave seems to be coming upon us. >> Yeah, absolutely. And again, not to use COVID again as too much of a starting point to this, but I think that is also an opportunity to actually, 'cause I think one of the things that we were seeing seven months ago was a skill shortage, and we still see the skill shortage, obviously. But I think a key piece to that is we saw a people shortage. Not only was it skill shortage, but we didn't have enough people really to fill positions in addition, too, and I think that people also felt they were already paying the bills and they were making ends meet and they didn't have the opportunities to get additional skills. This again is where we're looking at, you know, our world has changed. It changed in the 60s based on what you're just expressing in terms of California leading the way. Let's let California lead the way again in developing a system for which labor workforce development with our universities, our amazing universities and community college system structure, of how do we get students back into school? You know, a lot of graduates may already have a degree, but how do they now take a skill set that they already have and develop that further with the idea that those jobs have changed? We also have a lot of folks that don't have a degree, and that's okay, but how do we make that connection to a system that may have failed a lot of our people over the years, and our students who didn't make it through the school system, how do we develop an adult training school? How do we develop contract education through our community college system with our employer sets, that we develop cohorts within the systems of workers that have amazing talents and abilities to start to fill these needs. And I think that's the key components that here at Labor Workforce Development Agency, we work with our community colleges, our UCs and our state universities to develop and figure that piece out. And I think it is our opportunity for the future. >> That's such a great point. I want to call that out, this whole opportunity to retrain people that are out there because these are new jobs. I think that's a huge opportunity and, I hope you keep building and investing in those programs. That's really worth calling out. Thank you for doing that. And yeah, it's a great opportunity to gain these jobs. They pay well, too, cybersecurity's a good job and you don't really need to have that classical degree. You can learn pretty quickly if you're smart. So again, great call out there. A question for you on geography. You mentioned COVID, we're talking about COVID, virtualization, we're virtual with this conference. We couldn't be in person. People are learning virtually, but people are starting to relocate virtually. And so one observation that I have is the space state that California is, there's space clusters of areas where space people hang out, or space spaces and whatnot. Then you got like the tech community, the cybersecurity market, you know, Silicon Valley, you know, the talent is in these hubs. And sometimes cyber's not always in the same hubs as space. Maybe Silicon Valley has some space here, and some cyber, but that's not generally the case. This is an opportunity potentially to intersect. What's your thoughts on this? Because this is something that we're seeing, where space has historical, you know, geographies. Now with borderless communication, the work mode is not so much "You have to move to this space area." You know what I'm saying? So what's your thoughts on this? How do you guys look at, this is on your radar, and how you're viewing this dynamic. >> It's absolutely on our radar. Like you said, you know, here we are, talking virtually, and you know, 75% of all of our staff currently, in some of our departments, it's 80% of our staff, are now virtual. Seven months ago, we were not. Government, again, being slow move, we quickly transitioned, obviously, to being able to have a telework capacity. We know employers moved probably even more quickly than we did, but we see that as an opportunity for our rural areas, our Central Valley, our Northstate, Inland Empire. That you're absolutely correct. I mean, if you didn't move to a city or to a location for which these jobs were really housed, you didn't have an opportunity like you do today. I think that's a piece that we really need to work with our education partners on, to be able to see how much this has changed. Labor Agency absolutely recognizes this. We are investing funding in the Central Valley. We're investing funding in the Northstate and Inland Empire to really look at youth populations, of how the new capacity that we have today is going to be utilized for the future for employers. But we also have to engage our universities around this as well, but mostly our employers. I know that they're already very well aware. I know that a lot of our large employers within Silicon Valley have already done it. They're doing almost 100% telework policies, but the affordability to live in rural areas in California, also enables us to have a way to make products more affordable as well, potentially in the future. But we want to keep California businesses healthy and whole in California, of course. And that's another way we can expand and keep California home to our 40 plus million people. >> Well Stewart, great work and congratulations for doing such a great job. Keep it up. I got to ask you about the governor. I've been following his career since he's been in office as a political figure. He's progressive, he's cutting edge. He likes to rock the boat a little bit here and there, but he's also pragmatic. You're starting to see government workers starting to get more of a tech vibe. Just curious from your perspective, how does the governor look at, I mean, the old, I won't say "old guard," but like, you know, it used to be, you become a lawyer, you become a lawmaker. Now a tech savvy lawmaker is a premium candidate, is a premium person in government. Knowing what COBOL is, is a start. I mean, these are the things that as we transform and evolve our society, we need thinkers who can figure out which side of the streets self driving cars go on. I mean, who does that? It's a whole nother generation of thinking. How does the governor, how do you see this developing? Because this is the challenge for society. How does California lead? How do you guys talk about the leadership vision of why California and how will you lead the future? >> Absolutely. No governor that I'm aware of, and I've been around for 26, 27 years of workforce development, has led with an innovation background as this governor has, especially around technology and the use of technology. You know, he's wrote a book about the use of technology when he was lieutenant governor. And I think it's really important for him that we, as his staff are also on the leading edge of technology. I brought up agile systems earlier. When I was under the Brown administration, we had moved to where I was at the time, Employment Training Panel, we moved to an agile system and deployed that. One of the first within the state to do that and coming off of an old legacy system that was an antique. I will say it is challenging. It's challenging on a lot of levels. Mostly the skill sets that our folks have, sometimes are not open to a new agile system, to an open source system is also an issue in government. But this governor absolutely, I mean, he has established the Office of Digital Innovation, which is part of California Department of Technology, in partnership with, and that just shows how much he wants to push our limits to make sure that we are meeting the needs of Californians. But it's also looking at, you know, Silicon Valley being at the heart of our state, how do we best utilize systems that are already there? How do we better utilize the talent from those folks as well? We don't always pay as well as they do in the state, but we do have great benefit packages, everybody knows. So if anybody's looking for a job, we're always looking for technology folks as well. And so I would say that this governor absolutely leads in terms of making sure that we will be on cutting edge technology for the nation. >> And, you know, talk about pay, I mean, I know it's expensive to live in some parts of California, but there's a huge young population that wants a mission-driven job, and serving the government for the government, it's awesome. A final parting question for you, Stewart, is as you look at the workforce, a lot of people are passionate about this and it's, you know, you can't go anywhere without people saying, you know, "We've got to do education this way, and that way," there's an opinion everywhere you go. Cybersecurity, obviously a little bit peaked and focused, but there are people who are paying attention to education. So I have to ask you what creative ways can people get involved and contribute to workforce development, whether it's STEM, underrepresented minorities, people are looking for new, innovative ways to contribute. What advice would you give these people who have the passion to contribute to the next cyber workforce? >> Yeah, I appreciate that question because I think it's one of the key components that my secretary, Julie Su, secretary of Labor and Workforce Development Agency, talks about often. And a couple of us always have these conversations around one is getting people with that passion to work in government, one, or, and I brought it up community-based organizations. I think so many times that we didn't work with our CBOs to the level that in government, we should, this administration is very big on working with CBOs and philanthropy groups to make sure that the engagement of those entities are at the highest level. So I would say, students have opportunities to also engage with local CBOs and be that mission, what their values really drives them towards. And that gives them a couple of things to do, right? One is to look at ways that we're helping society in one way or another through those organizations, but it also links them to their own mission and how they can develop those skills around that. But I think the other piece to that is in a lot of these companies that you are working with and that we work with, have their own foundations. So those foundations are amazing. We work with them now, especially in the Newsom administration, more than we ever have. These foundations are really starting to help develop our strategies. My secretary works with a large number of foundations already, and we do as well in terms of strategy, really looking at how do we develop young people's attitudes towards the future, but also skills towards the future? >> Well, you got a pressure cooker of a job. I know how hard it is. I know you're working hard and appreciate what you do. And, and we wish you the best of luck, thank you for sharing this great insight on workforce development. And you guys are working hard. Thank you for what you do. Appreciate it. >> Great. Thank you so much. I appreciate it. >> This is theCUBE coverage and co-production of the Space and Cybersecurity Symposium 2020 with Cal Poly. I'm John Furrier with siliconangle.com and theCUBE. Thanks for watching. (calm music)

(upbeat music) [Reporter] - Live from San Diego, California it's theCUBE covering Goodcloud and Cloud- Native cloud. Brought to you by Red Hat the Cloud-Native computing foundation. and its ecosystem partners. >> Welcome back, we're here at Kubecon Cloud-Native con 2019 in San Diego, I'm Stu Miniman. We've got over 12,000 in attendance here and we have a three guest lineup of Kubecon veterans here. To my right is Loris Degioanni who's the CTO and founder of Sysdig. To his right, representing the Tiger is Amit Gupta who's vice president of business development and Product Management at Tigera, and also Knox Anderson who's Director of Product Management. We know from the Octopus, Amit, that also means that he's with Sysdig. So gentlemen, thank you all for joining. [Loris]- Octopus and Tiger >> Octopus and Tiger, bringing it all together on the tube. We have a menagerie as it were. So Loris, let's start as they said, you know all veterans, you've been here, you've almost been to every single one, something about a you know, a child being born made you miss one. [Loris] - The very first one. >> So, why don't you bring us in kind of what's so important about this ecosystem, why it's growing so fast and Sysdig's relationship with the community? >> Yeah, I mean, you can just look around, right? Kubecon is growing year after year, it's becoming bigger and bigger and this just a reflection of the community getting bigger and bigger every year, right? It's really looks like we are, you know, here with this community creating the next step, you know? For computing, for cloud computing, and really, you know, Kubernetes is becoming the operating system powering, you know, the cloud and the old CNC ecosystem around it is really becoming, essentially the ecosystem around it. And the beauty of it is it's completely open this time, right? For the first time in history. >> All right, so since you are the founder, I need to ask, give me the why? So we've been saying you know, we've been starting this program almost 10 years ago and the big challenge of our time is you know building software for distributed systems. Cloud's doing that, Edge is taking that even further. Bring us back to that moment of the birth of Sysdig and how that plays into all the open source and that growth you're talking about. >> Yeah, I mean, Sysdig was born, so first of all, a little bit of background of me. I've been working in open source and networking for my whole career. My previous company was the business behind washer, then it took on a live service, so, a huge open source community and working with enterprises all around the world, essentially to bring visibility over their neighbors. And then I started realizing the stack was changing radically, right? With the event of cloud computing. With the event of containers and Docker. With the event of Kubernetes. It, legacy ways of approaching the problem were just not working. Were not working the technical level because, you need to create something completely new for the new stack but they were also not working at the approach level. Every thing was proprietary. Every thing was in silos, right? So the approach now is much more, like inclusive and community first, and that's why I decided to start Sysdig. >> All right. so Amit, we know things are changing all the time. One thing that does not ever change is security is paramount. I really say, I go back 10 or 15 years you know, they've got a lot of lip service around security. Today, it's a board level discussion. Money, development, especially here in the Cloud-Native space it's really important so, talk about Tigera relationship with Sysdig and very much focused on the Kubernetes ecosystems. >> Absolutely. So I couldn't agree with you more, Stu. I mean, security is super critical and more so now as folks are deploying more and more mission critical applications on the Kubernetes based platform. So, Sysdig is a great partner for us. Tigera provides networking and network security aspects of that Kubernetes deployment. And if you think about it how modern applications are built today, you've taken a big large model and decomposed into hundreds of micro services so there's procedural cause that were happening inside the code and now API calls on the network so you've got a much bigger network with that service a highly distributed environment. So the traditional architectures where you manage the security typically with the firewall or a gateway, it's not sufficient. It's important, it's needed and that's really where, as people design their architecture, they have to think about how do you design security across that entire infrastructure in a distributed fashion or done in the early stages of your projects. >> Knox, help us understand the relationship here, how it fits into Sysdig's product with Tigera. >> Yeah, so we're great partners with Tigera. Tigera lives at the network security level. Sysdig's secure in that the product we built extends the instrumentation that Loris started off with our open source tool, to provide security across the entire container lifecycle. So at build time, making sure your images are properly configured, free of vulnerabilities at run time, looking at all the activity that's happening and then the big challenge in the Kubernetes space is around incident response and audit. So if something happens in that pod, Kubernetes is going to kill it before anyone can investigate and Sysdig helps you with those work flows. >> Maybe it would help, we all throw around those terms, Cloud-Native a lot and it's a term I've heard for a number of years. But the definition like cloud itself is one that you know matures over time and when we get there so, maybe if we focus in a little bit on Cloud-Native security. You know, what is it we're hearing from customers, what does it mean to really build Cloud-Native Security. What makes that different from the security we've been building in our data centers, in clouds for years? >> Well I thought Cloud-Native was just a buzzword. Does it actually mean something? (laughs) >> Well hopefully it's more than just a buzzword and that's what I'm hoping you could explain. >> Yeah, so again, the way I see it is the real change that you are witnessing is how software is being written. And we're touching a little bit on it at this point. Software intended to be architected as big monoliths now is being splayed into smaller components. And this is just a reflection of software development teams in a general way being much more efficient when you can essentially, break the problem into sub-problems and break the responsibilities into sub-responsibilities. This is perhaps something that is extremely beneficial especially in terms of productivity. But also, sort of revolutionizes the way you write software, you run software, you maintain software, CICD, you know continues development, continues integration, pipelines, the reliance on GIT and suppository to store everything. And this also means that, securing, monitoring, troubleshooting infrastructures becomes much different. And one of things we are seeing is legacy two's don't work anymore and the new approaches like Calico Networking or like Falco and runtime security or like Sysdig secure, for the lifecycle and security of containers are something bubbling up as alternatives to the old way of doing things. >> I would add to that I agree with you. I would add that if you're defining a Cloud-Native security the Cloud-Native means it's a distributed architecture. So your security architecture has got to be distributed as well, absolutely got a plan for that. And then to your point, you have to automate the security as part of the various aspects of your lifecycle. Security can not be an afterthought you have to design for that right from the beginning and then one last thing I would add is just like your applications are being deployed in an automated fashion your security has to be done in that fashion so, policy is good, infrastructure is good and the security is just baked in as part of that process. It's critical you design that way to get the best outcomes. >> Yeah, and I'd say the asset landscape has completely changed. Before you needed to surface finding against a host or an IP. Now you need to surface vulnerabilities and findings against clusters, name spaces, deployments, pods, services and that huge explosion of assets is making it much harder for teams to triage events, vulnerabilities and it's really changing the process in how the sock works. >> And I think that the landscape of the essence is changing also is reflected on the fact that the persona landscape is changing. So, the separation between attempts and operation people is becoming thinner and thinner and more and more security becomes a responsibility of the operation team, which is the team in charge of essentially owning the infrastructure and taking care of it, not only for the operational point of view but also from the security. >> Yeah, I think I've heard the point that you've made a many times. Security can't be a bolt on or an afterthought. It's really something fundamental, we talk about DevOps is, it needs to be just baked into the process, >> Yeah. >> It's, as I've heard chanted at some conferences, you know, security is everyone's responsibility, >> Correct. >> make sure you step up. We're talking a lot about open source here. There's a couple of projects you mentioned, Falco and Calico, you're partners with Red hat. I remember going to the Red Hat show years ago and they'd run these studies and be like, people are worried that open source and security couldn't go side by side, but no, no you could actually, you know open source is secure but taking the next step and talking about building security products with open source give us, where that stands today and how customers are you know embracing that? And how can it actually keep up with the ever expanding threat surfaces and attacks that are coming out? >> Yeah. First of all as we know open source is actually more secure and we're getting proof of that you know, pretty much on a daily basis including you know, the fact that tools like Kubernetes are regularly scrutinized by the security ecosystem and the vulnerabilities are found early on and disclosed. In particular, Sysdig is the original creator of Falco which is an open source, CNCF phased anomaly detection system that is based on collecting high granular data from a running Kubernetes environment. For example, through the capture of the system calls and understanding the activity of the containers and being able to alert about the anomalous behavior. For example, somebody being able to break into your container, extricating data or modifying binaries, or you know perpetrating an attack or stuff like that. We decided to go with an approach that is open source first because, first of all, of course, we believe into participating with the community and giving something as an inclusive player to the community. But also we believe that you really achieve better security by being integrated in the stack, right? It's very hard , for example, to have, I don't know, security in AWS that is deeply integrated with the cloud stack upon us, alright? Because this it's propietary. Why would Kubernetes solutions like Falco or even like Calico, we can really work with the rest of the community to have them really tightly coupled and so much more effective than we could do in the past. >> You know, I mean I would make one additional point to your question. It's not only that users are adopting open source security. It's actually very critical that security solutions are available as an open source, because, I mean, look around us here this is a community of open source people, they're building and distributing infrastructure platform from that is all open source so we're doing this service if we don't offer a good set of security tools to them, not an open source. So that's really our fundamental model that's why Calico provides two key problems networking and network security for our users, you deploy your clusters, your infrastructures, and you have all the bells and whistles you need to be able to run a highly secure, highly performing cluster in your environment and I believe that's very critical for this community. >> Yeah, and I'd say that and now with open source, prevention has moved into the platform. So, with network policy and things like Calico or in our 3.0 launch we incorporated the ability to automate tests and apply pod security policies. And those types of prevention mechanisms weren't available on your platforms before. >> Okay, I often find if you've got any customer examples, talk about, you know, how they're running this production kind of the key, when they use your solutions you know, the benefits that they're having? >> Yeah, I'll take a few examples. I mean, today it is probably fair to say Calico from the partial phone home data we get a 100,000 plus customers across the globe, some of the, I can't take the actual names of the customers but, so the largest banks are using Calico for their enterprise networking scenarios and essentially, the policies, the segmentation inside the clusters should be able to manage the security for those workloads inside their environments. So that's how I would say. >> Yeah, and Sysdig, we, have an open core base with Falco, and then we offer a commercial product called Sysdig secure, in particular, last week we release version 3.0 of our commercial product which is another interesting dynamic because if we can offer the open core essentially to the community but then offer additional features with our commercial product. And Falco is installed in many, many thousands extension of platforms. and Sysdig secure you know secures, and offers visibility to the biggest enterprises in the world. We have deployments that are at a huge scale with the biggest banks, insurance companies, media companies, and we tend to fall to cover the full life cycle of applications because as the application and as the software moves in the CICD pipeline so security needs to essentially accompany the application through the different stages. >> All right, well thank you all three of you for providing the update. Really appreciate you joining us in the program and have a great rest of the week >> Thank you very much. >> Thank you. >> Thank you. >> We'll be back with more coverage here from Kubecon, Cloud-Nativecon. I'm Stu Miniman and thanks for watching theCUBE. (upbeat music)

>> Announcer: theCUBE presents "Dell Technologies World," brought to you by Dell. >> Hey, everyone. Welcome back to theCUBE's coverage of day one of "Dell Technologies World 2022" live from the Venetian in Las Vegas. They're excited. I dunno if you heard that, a group behind me very excited to be here. Lisa Martin, Dave Vellante. We're very pleased to welcome Jules Johnston, the SVP of channel from Equinix. Jules, welcome to the program. >> Thank you for having me. I appreciate it. >> And those people back there are very excited, if you heard that big applause when we went live. (Jules laughing) So the vibe here is fantastic for the first live "Dell Technologies World" since 2019. A lot of people here, this Expo Hall is packed. A lot of momentum here, but there's also a lot of momentum at Equinix. Talk to us about what's going on. >> Well, so many exciting things for Equinix and this partnership of Dell sort of gives us a chance to share that with partners here throughout the conference. So we are very excited, as you said about and we just were named to the Fortune 500 this year, 77 quarters of growth consecutively. But underpinning that is having made huge investments in what is the world's largest footprint of global data centers, 240 of them on six continents in 66 markets but then interconnecting them. So they have the connections that Dell customers need to the clouds. They have the connections that they need to all of the future SaaS providers. So that foresight to put together that interconnection network across our footprint has set us on the path we're on today, which we're very grateful to be at in. And really, the things that are happening with Equinix and Dell together couldn't be more of the moment. >> Talk to me about the last two years. The moments of the last two years have been very challenging >> They have. >> For everyone. How has the partnership evolved in that time? >> Well, we, together, Dell and Equinix, what we're doing is really helping our shared interface customers navigate the complexities of their digital transformation. And digital transformation is hard. It's not a one and done and it's not an overnight solution. And so, what we are doing is partnering with Dell to think about putting a dedicated Dell IT stack in an Equinix data center to give customers that sovereign adjacency so that they can have that security proximate to all the clouds and everything else they need to participate in the ecosystem. And then pairing that with these interconnected enterprises. So, Dell and we are helping customers then be able to have some of their solution on-prem, some of their solution in the cloud, access public clouds and use that collectively to define what we're calling the intelligent edge, together. And that intelligent edge means so many different things to customers but it is really our honor to work together with Dell to help each customer define that for themselves. >> Equinix is an amazing company. Like you said, it's... I didn't realize it was that many consecutive quarters but it's a 60 billion plus market cap. If you look at the stock chart, it'll blow your mind. Really incredibly successful. And part of the reason... It's funny, 10, 15 years ago, people thought, well... Or, 10 years ago, anyway, the cloud is going to hurt companies like Equinix. It was the exact opposite. And that's because Charles Phillips used to joke, "Friends don't let friends build data centers." >> Yes. >> And it's not a good use of capital for most companies, unless you're in the data center business. Now, of course, you have some of your own as a service offerings. >> We do. >> What's the overlap with Dell? How do they compliment each other? >> It's a good question because... And we get that. Are you and Dell in fact competitors? No, we see them as wholly complimentary. And in fact, we're working with Dell to bring to market things like something we call PowerEdge, which involves their servers. And PowerStore, which involves their storage, and then VxRail, which is really the hyper-converged infrastructure. And those are just a few first of a series of offerings we expect to bring to market with Dell. And if you think about Metal, and it's Equinix Metal that people sometimes think is a competitor, but what Metal does for customers is it really allows them to advance, have the equipment placed in our data centers so that they can access that capacity and according to spikes or needs that they have. That equipment in our data centers that's there for them to avail themselves of that capacity is most often Dell equipment. So we are really doing and executing that bare Metal as a service together. >> What are some of the things that you're hearing from your partner community, in terms of the partnership with Dell? Partners must be excited, the momentum there. What's going on in the partner community? >> So, that's what's near and dear to my heart since that's what I'm responsible for, Equinix's global partnerships. And they're just very excited about what we're doing with Dell. And to be honest with you, all of our top partners are also top partners of Dell. So it makes sense that we bring it together. So, big categories of partners like the world's largest global network service providers, some of whom are here and who we'll meet with, AT&T, Orange Business Services, those folks in addition to the world's largest global systems integrators, Kendra, Deloitte, Accenture, WiPro, DXC. All of these are partners that Dell and we will meet with together to further our, what we call Power of Three, that together we're better. Because as much as Dell and Equinix are delivering, the customers most often don't have the experience they need to execute it without a partner. So they are relying on those partners to take what we are doing and make it their own. And so, they're excited about it. You see, it's a big opportunity for them from a... Of revenue services and an opportunity for them to step into a next level trusted advisor status. So partners are excited and we're going to be spending a lot of time with them the next few days. >> Do you see Equinix... 'Cause these partnerships are not bespoke partnerships. It's an ecosystem that's organic and evolving and growing. Are you a dot connector in a way? Can it be a flywheel effect in your ecosystem? >> Well, so our ecosystems that we provide, wide range of those from high frequency trading to connected cars, to the internet of things and content providers, we do see it as our role to the 10,000 and growing customers that are in our 240 data centers on six continents that provide those ecosystems. It is our mission to continue to grow that, enrich it, because that does differentiate us greatly from another data center provider. And it's the combination of the ecosystem that you'd find and the people you can connect to at Equinix. And then also the leverage of our fabric in order to be able to access your future needs. >> And it's a lot of technology underneath these. It's that first layer one, I guess, if you will, of the data center, right? And so, a lot of your customers or your partner's customers, they just don't want to be in that business as we were saying before. I mean, it's just too expensive. The power requirements are going through the roof. So you got to be really good at managing power. >> You do. In fact... So first of all, you're right. It's extremely difficult for them to also be able to make that commitment to keep a data center they would manage themselves at the level that Equinix is able to invest. So it's very difficult for people to do it themselves. But even show... Another point you mentioned actually about the power, is near and dear to our hearts because Equinix is super committed to sustainability. And so we've made a commitment to wholly renewable energy. And it's something that we talk a lot about how we also help partners like Dell meet their initiatives. So partners like AT&T meet their connected climate goals. So we are actually using that and coming together with Dell on that story, and then helping to amplify that with our partners. >> And that's... How do you do that? That's putting data centers where you can cool with ambient air. Is it being near the Columbia River? What's your strategy in that regard? >> On sustainable... I have to be honest to you. I would be out of my depth if I didn't say... >> This is the high level, yeah. >> So we are deploying some of the latest technologies about that and then experts people who, all they do is really help us to reduce the carbon footprint and be able to offset that, be able to use solar, be able to use wind, be able to take advantage of that. And then also to navigate what's available when you're in 240 locations on six continents. It's not the same options to reduce your power consumption and your burden are different in Africa as we just discovered with our main one acquisition than they are in India or than they are in other parts of the world. So it is for us a journey, and we've been assembling a lot of the talent to do that, >> But you're so large now, even a small percentage improvement can really move the needle. >> And I think because we are the largest, it is incumbent upon us to really set the standard and be committed to it. And we do see other people following, which is a good thing for all of us. >> Well, how important is that in your partnership conversations. That partners have that same focus and commitment on ESG that Equinix has. >> Partners care a lot about it, but customers ask us both all the time. We increasingly see a portion of an RFP or scope of work asking, "Before I decide to go with Equinix and Dell, tell me how you're going to impact the environment. Tell me about your commitment." And so, we are committed to it, but customers are demanding it too. >> So it's... >> Where do you... Go ahead please. >> Oh, I was just going to say, it's coming from the voice of the customer, which Equinix is listening to, we know Dell is listening to it as well. >> I'm sorry, one more time. >> That the sustainability, the ESG demand is coming from the customers, as you were saying. >> Both. I mean, we want to do the right thing and we've made commitments to it, but our customers are holding us accountable to it. And sustainability is now a board level priority. It is for us. And it is for companies like Dell and it is for partners and customers. >> It really is... It's up there with security in terms of the board level conversation. Where do you want to see the partner ecosystem in the next let's call it three to five years. In your business you can look out that far. >> Well, I think that our partners and by that I mean Dell's and our mutual partners, We've been listening to customers with Dell to deliver a flexible set of options for how customers would consume Equinix and Dell. So our partners are going to be integrating a variety of those in order to meet the customer where they are in that journey. Whether they want to buy Apex as a service, whether they want to buy Equinix Metal, whether they want to have a partner put together bespoke, do-it-yourself combination with other services. I mean, the customers are going to demand a choice of options. I think partners are going to embrace multiple versions of that so that they can to meet the customer where they are and take them. >> Well. That's incredibly important these days to meet the customer where they are, the customers have a lot of choice. >> It is. >> But everything that we're all doing is for the customer ultimately at the end of the day. >> Yes, it is. And you know, the customers are getting savvier, but we are all still early in this journey as far as the edge. I think we are all still grappling that. Right now we like to say that as customers are looking to define that, the footprint that we offer together with Dell gives them an awfully robust set of choices for now. And then we want to continue to invest and expand to be wherever they need us. >> Well, that's the thing about your business? It's optionality. I mean, the cloud has a lot of stuff, but you can't get everything you want in the cloud. >> Jules: You can, >> And you can put anything in your data center. That's IT. >> You can, but you may not know what you need yet. And so that's one of the things we spend a lot of time having our solutions, architects and our sales to people together, but they'll talk about future proofing, their strategy. So future proofing, that combination of on-prem and in an Equinix data center, and maybe some public and future proofing, leveraging our fabric so that they might elect different SaaS space services or cloud-based services a year to five years from now than they are even thinking about today. And, they may expand their edge over time, because they may see that as at the customer end point. Today, most businesses are still using a footprint like ours as their edge, but that could change. And so we want to be there when it does. >> Yeah. That's a great point because you don't want to necessarily have to rip it out every co couple of years. If you can have an architecture that can grow. Yeah, sure. You might want to upgrade it. >> Well, and that's one of the most appealing things about services like Metal where they also do prevent that sort of rip and replace, but they also help people navigate the supply chain shortages that are going on right now. So this has been a trying two years for supply chain shortages. And being able to take advantage of Dell equipment already staged at an Equinix data center and partners can then bring their customers a quicker immediate response. >> Have you also seen this? You mentioned the supply chain shortages, some of the many challenges that we've experienced in a last few years. How much of a factor has the great resignation been? The labor shortages, the cybersecurity skills gap, on folks coming to Equinix saying, "Help, we don't have the resources here to do this ourselves." >> We have been fortunate to be... If you're asking me how the reservation has affected us as a company. >> No your customers. >> Oh customers it has. Oh, okay I get it. So it is a challenge for them, but it's an opportunity for our partners. So what I see there is it's been challenging for customers to hold onto that talent, but partners are filling that gap. And we with Equinix being forced to hold onto a lot of our best and brightest. And so we put them together with our partners and we try to help customers fill those gaps. >> Well that's the most important thing, filling those gaps. >> You ever been inside one of these ultra modern data centers? >> I have not, not yet. It's pretty cool, isn't it? >> Have you ever had a tour of one? >> I've never had a tour of an Equinix data center, but I've seen some modern data centers that will blow your mind? >> Well, they come with all the requisite biometrics and man traps and all of the sort of bells and whistles that are actually the first slay of physical security, but then once you get into the data center, then we get into the virtual and the digital security that you would expect. >> Yeah, it's good. And you know, it's not like you drive by the data center, and there's a big sign that says, here's the data center. They're trying to stay a little hidden and then like getting in, it's like getting into Fort Knox. It's probably harder. And then, but then the it's like this giant clean room. It's amazingly clean and just huge. It'll blow your mind. >> And inside the data centers, all the world's networks come together and peer, and then we have inside their, the most direct roam reps to the cloud. So you would expect there's a lot of wires and pipes running very neatly through a very secure clean... >> Cooling systems and power systems that are just... >> Pristine environment for sure. >> Amazing engineering. >> It is really. >> We need a tour. >> Do you let people tour your data center? >> I will bring both of you on a tour. >> Awesome. >> Be my guests. >> I would love to. Great. >> Sounds fantastic. Would love to. >> We'll bring a camera. (laughing) Oh, no, we're not allowed. >> Not today. >> No phones, no phones sequester. So what are some of the things that you're excited about seeing and hearing the next couple of days as this is the first time we've all gotten to be together in so long? >> We are excited about the conversations that we're going to have, power of three that I was talking about. So, we really pride ourselves on having that combination add up to more to benefit the customer. And so this will be sort of a coming out party of sorts. Equinix and Dell will meet with almost 20 different global partners that are really important to both of us. So I am most excited about those conversations and about the education I'm going to get on the ways they're thinking about integrating it differently, because that is good choice for the market. That is good choice for the customer set, for the enterprises out there. So that's what I'm most excited about. >> Awesome, sounds like tremendous opportunity, lots going on this week. But thank you for coming on Jules, >> Oh my pleasure, thank you. talking about... >> How Equinix and Dell better together, the way that your channel partner program is growing and of course the momentum of the company. Can't wait to see what happens next year. >> Thank you. Thank you. Well, we will aim to deliver and thank you again for having us. >> Thanks Jules. >> Our pleasure. For Dave Vellante, I'm Lisa Martin and you're watching theCUBE's live coverage day one, "Dell Technologies World" live from Las Vegas. Stick around, we'll be right back with our next guest. (slow upbeat music)

(upbeat music) >> Hello everyone, welcome to the special CUBE presentation of the AWS Partner Showcase season one, episode two. I'm John Furrier, your host of theCUBE. We've got two great guest here. Douglas Ko, Director of product marketing at Cohesity and Sabina Joseph General Manager of AWS, Amazon Web Services. Welcome to the show. >> Thank you for having us. >> Great to see you Sabina and Douglas. Great to see you, congratulations at Cohesity. Loved the shirt, got the colors wearing there on Cohesity, Always good I can't miss your booth at the shows, can't wait to get back in person, but thanks for coming in remotely. I got to say it's super excited to chat with you, appreciate it. >> Yeah, pleasure to be here. >> What are the trends you're seeing in the market when it comes to ransomware threats right now. You guys are in the middle of it right now more than ever. I was hearing more and more about security, cloud scale, cloud refactoring. You guys are in the middle of it. What's the latest trends in ransomware? >> Yeah, I have to say John, it's a pleasure to be here but on the other hand, when you asked me about ransomware, right? The data and the statistics are pretty sobering right now. If we look at what just happened in 2020 to 2021, we saw a tenfold increase in a ransomware attacks. We also saw the prediction of a ransomware attack happening every 11 seconds meaning by the time I finished this sentence there's going to be another company falling victim to ransomware. And it's also expected by 2031 that the global impact of ransomware across businesses will be over $260 billion, right? So, that's huge. And even at Cohesisity, right, what we saw, we did our own survey, and this one actually directly to end users and consumers. And what we found was over 70% of them would reconsider doing business with a company that paid a ransom. So all these things are pretty alarming and pretty big problems that we face today in our industry. >> Yeah, there's so many dimensions to it. I mean, you guys at Cohesity have been doing a while. It's being baked in from day one, security in the cloud and backup recovery, all that is kind of all in one thing now. So to protect against ransomware and other threats is huge Sabina, I got to ask you Amazon's view of ransomware is serious. You guys take it very seriously. What's the posture and specifically, what is AWS doing to protect customers from this threat? >> Yeah, so as Doug mentioned, right, there's no industry that's immune to ransomware attacks. And just as so we all level set, right? What it means is somebody taking control over and locking your data as an individual or as a company, and then demanding a ransom for it, right? According to the NIST, the National Institute of Standards and Technology cybersecurity framework, there are basically five main functions which are needed in order to plan and manage these kind of cybersecurity ransomware attacks. They go across identifying what do you need to protect, actually implementing the things that you need in order to protect yourself, detecting things if there is an attack that's going on, then also responding, how do you get out of this attack? And then bringing things, recovery, right? Bringing things back to where they were before the attack. As we all know, AWS takes security very seriously. We want to make sure that our customer's data is always protected. We have a number of native security solutions, but we are also looking to see how we can work with partners. And this is in fact when in the fall of 2019, the Cohesity CEO, Mohit Aron, myself and a couple of us, we met and we brainstorm, what could we do something that is differentiated in the market? When we built this data management as a service native solution on top of AWS, it's a first of a kind solution, John. It doesn't exist anywhere else in the market, even to even today. And we really focused on using the well architected review, the five pillars of security, reliability, operational excellence, performance, and cost optimization. And we built this differentiated solution together, and it was launched in April, 2020. And then of course from a customer viewpoint, they should use a comprehensive set of solutions. And going back to that security, that cyber security framework that I mentioned, the Cohesity data management as a service solution really falls into that recovery, that last area that I mentioned and solution actually provides, granular management of data, protection of data. Customers can spin up things very quickly and really scale their solution across the globe. And ensure that there is compliance, no matter how many times we do data changes, ads and so on across the world. >> Yeah, Sabina, that's a great point about that because a lot of the ransomware actually got bad actors, but also customers can misconfigure things. They don't follow the best practice. So having that native solutions are super important. So that's a great call out. Douglas, I got to go back to you because you're on the Cohesity side and a the partner of AWS. They have all these best practices that for the good actors, got to pay attention to the best practices and the bad actors also trying to get in creates a two, challenge an opportunity. So how do organizations protect their data against these attacks? And also how do they maintain their best practices? Because that's half the battle too, is the best practices to make sure you're following the guidelines on AWS side, as well as protecting the attacks. What's your thoughts? >> Yeah, absolutely. First and foremost, right? As an organization, you need to understand how ransomware operates and how it's evolved over the years. And when you first look at it, Sabina already mentioned it, they started with consumers, small businesses, attacking their data, right? And some of these, consumers or businesses didn't have any backup. So the first step is just to make sure your data is backed up, but then the criminals kind of went up market, right? They understood that big organizations had big pocket and purses. So they went after them and the larger organizations do have backup and recovery solutions in place. So the criminals knew that they had to go deeper, right? And what they did was they went after the backup systems themselves and went to attack, delete, tamper with those backup systems and make it difficult or impossible to recover. And that really highlighted some solutions is out there that had some vulnerabilities with their data immutability and capabilities around WORM. And those are areas we suggest customers look at, that have immutability and WORM. And more recently again, given the way attacks have happened now is really to add another layer of defense and protection. And that includes, traditionally what we used to call, the 3-2-1 rule. And that basically means, three copies of data on two different sets of media with one piece of that data offsite, right? And in today's world and the cloud, right? That's a great opportunity to kind of modernize your environment. I wish that was all that ransomware guys we're doing right now and the criminals were doing, but unfortunately that's not the case. And what we've seen is over the past two years specifically, we've seen a huge increase in what you would call data theft or data exfiltration. And that essentially is them taking that data, a specific sense of the data and they're threatening to expose it to the dark web or selling it to the highest bidder. So in this situation it's honestly very difficult to manage. And the biggest thing you could do is obviously harden your security systems, but also you need a good understanding about your data, right? Where all that sensitive information is, who has access to it and what are the potential risks of that data being exposed. So that takes another step in terms of leveraging a bunch of technologies to help with that problem set. >> What can businesses do from an architectural standpoint and platform standpoint that you guys see there's key guiding principles around how their mindset should be? What's the examples of other approaches- >> Yeah. >> Approach here? >> No, I think they are both us at Cohesity and I'll speak for Sabina, AWS, we believe in a platform approach. And the reason for that is this a very complicated problem and the more tools and more things you have in there, you add risk of complexity, even potential new attack surfaces that the criminals can go after. So we believe the architecture approach should kind of have some key elements. One is around data resiliency, right? And that again comes from things like data encryption, your own data is encrypted by your own keys, that the data is immutable and has that, right, want to read many or WORM capabilities, so the bad guys can't temper with your data, right? That's just step one. Step two is really understanding and having the right access controls within your environment, right? And that means having multi factor authentication, quorum, meaning having two keys for the closet before you can actually have access to it. But it's got to go beyond there as well too. We got to leverage some newer technologies like AI and machine learning. And that can help you with detection and analysis of both where all your sensitive information is, right? As well as understanding potential anomalies that could signify attack or threat in progress. So, those are all key elements. And the last one of course is I think it takes a village, right? To fight the ransomware war. So we know we can't do it alone so, that's why we partner with people like AWS. That's why we also partner with other people in the security space to ensure you really have a full ecosystem support to manage all those things around that framework. >> That's awesome. Before I get to Sabina, I want to get into the relationship real quick, but I want to come back and highlight what you said about the data management as a service. This is a joint collaboration. This is some of the innovation that Cohesity and AWS are bringing to the market to combat ransomware. Can you elaborate more on that piece 'cause this is important. It's a collaboration that we're going to gather. So it's a partner and you guys were going to take us through what that means for the customer and to you guys. I mean, that's a compelling offering. >> So when we start to work with partners, right? we want to make sure that we are solving a customer problem. That's the whole working backwards from a customer. We are adding something more that the customer could not do. That's why when either my team or me, we start to either work on a new partnership or a new solution, it's always focused on, okay, is this solution enabling our customer to do something that they couldn't do before? And this approach has really helped us, John, in enabling majority of the fortune 500 companies and 90% of the fortune 100 companies use partner solutions successfully. But it's not just focused on innovation and technology, it's also focused on the business side. How are we helping partners grow their business? And we've been scaling our field teams, our AWS sales teams globally. But what we realized is through partner feedback, in fact, that we were not doing a great job in helping our partners close those opportunities and also bring net new opportunities. So in our field, we actually introduced a new role called the ISV Success Manager, ISMs that are embedded in our field to help partners either close existing opportunities, but also bring net new opportunities to them. And then at re:Invent 2020, we also launched the ISB accelerate program, which enables our field teams, the AWS field teams to get incentive to work with our partners. Cohesity, of course, participates in all of these programs and has access to all of these resources. And they've done a great job in leveraging and bringing our field teams together, which has resulted in hundreds of wins for this data management as a service solution that was launched. >> So you're bringing customers to Cohesity. >> Absolutely. >> Okay, I got to get the side. So they're helping you, how's this relationship going? Could you talk about the relationship on the customer side? How's that going? Douglas, what's your take on that? >> Yeah, absolutely. I mean, it's going great. That's why we chose to partner with AWS and to be quite honest, as Sabina mentioned, we really only launched data management and service back in 2020, late 2020. And at that time we launched with just one service then, right, when we first launched with backup as a service. Now about 15 months later, right? We're on the brink of launching four services that are running on AWS cloud. So, without the level of support, both from a go to market standpoint that Sabina mentioned as well as the engineering and the available technology services that are on the AWS Cloud, right? There's no way we would've been able to spin up new services in such a short period of time. >> Is that Fort Knox and Data Govern, those are the services you're talking about Or is that- >> Yeah, so let me walk you through it. Yeah, so we have Cohesity DataProtect, which is our backup as a service solution. And that helps customers back their data to the cloud, on-prem, SaaS, cloud data like AWS, all in a single service and allows you to recover from ransomware, right? But a couple months ago we also announced a couple new services that you're alluding to John. And that is around Fort Knox and DataGovern. And basically Fort Knox, it is basically our SaaS solution for data isolation to a vaulted copy in the AWS cloud. And the goal of that is to really make it very simple for customers, not only to provide data immutability, but also that extra layer of protection by moving that data offsite and keeping it secure and vaulted away from cyber criminals and ransomware. And what we're doing is simplifying the whole process that normally is manual, right? You either do it manually with tapes or you'll manually replicate data to another data center or even to the cloud, but we're providing it as a service model, basically providing a modern 3-2-1 approach, right? For the cloud era. So, that's what's cool about Fort Knox, DataGovern, right? That's also a new service that we announced a few months ago and that really provides data governance and user behavior analytics services that leverages a lot that AI machine learning that everybody's so excited about. But really the application of that is to automate the discovery of sensitive data. So that could be your credit card numbers, healthcare records, a personal information of customers. So understanding where all that data is, is very important because that's the data that the criminals are going to go after and hold you host. So that's kind of step one. And then step two is again, leveraging machine learning, actually looking at how users are accessing and managing that data is also super important because that's going to help you identify potential anomalies, such as people sharing that data externally, which could be a threat. It could be in improper vault permissions, or other suspicious behaviors that could potentially signify data exfiltration or ransomware attack in progress. >> That's some great innovation. You got the data resiliency, of course, the control mechanism, but the AI piece machine learning is awesome. So congratulations on that innovation. Sabina, I'm listening to conversation and hear you talk. And it reminds me of our chat at re:Invent. And the whole theme of the conference was about the innovation and rapid innovations and how companies are refactoring with the cloud and this NextGen kind of journey. This is a fundamental pillar of AWS's rapid innovation concept with your partners. And I won't say it's new, but it's highly accelerated. How are you guys helping partners be with this rapid innovation, 'cause you're seeing benefits can come faster now, Agile is here. What are some of the programs that you're doing? How are you helping customers take advantage of the rapid innovation with the secret sauce of AWS? >> Yeah, so we have a number of leadership principles, John, and one of them, of course, is customer obsession. We are very focused on making sure we are developing things that our customers need. And we look for these very same qualities when we work with partners such as Cohesity. We want to make sure that it's a win-win approach for both sides because that's what will make the partnership durable over time. And this John, our leadership team at AWS, right from our CEO down believes that partners are critical to our success and as partners lean in, we lean in further. And that's why we signed the strategic collaboration agreement with Cohesity in April, 2020, where data management as a service solution was launch as part of that agreement. And for us, we've launched this solution now and as Doug said, what are the next things we could be doing, right? And just to go back a little bit when Cohesity was developing this solution with us, they used a number of our programs. Especially on the technical side, they used our SaaS factory program, which really helped them build this differentiated solution, especially focused around security compliance and cost optimizing the solution. Now that we've launched this solution, just like Doug mentioned, we are now focused on leveraging other services like security, AIML, and also our analytic services. And the reason for that is Cohesity, as we all know, protects, manages this data for the customer, but we want to make sure that the customer is extracting value from this data. That is why we continue to look, what can we do to continue to differentiate this solution in this market. >> That's awesome. You guys did a great job. I got to say, as it gets more scale, there's more needs for this rapid, I won't say prototyping, but rapid innovation and the Cohesity side does was you guys have been always on point on the back and recovery and now with security and the new modern application development, you guys are in the front row seats of all the action. So, I'll give you the final worry what's going on at Cohesity, give an update on what you guys are doing. What's it like over there these days? How's life give a quick plug for Cohesity. >> Yeah, Cohesity is doing great, right? We're always adding folks to the team, on our team, we have a few open racks open both on the marketing side, as well as the technology advocacy side. And of course, some of our other departments too, and engineering and sales and also our partner teams as well, working with AWS partners such as that. So, in our mind, the data delusion and growth is not going to slow down, right? So in this case, I think all tides raises all the boats here and we're glad to be innovative leader in this space and really looking to be really, the new wave of NextGen data management providers out there that leverages things like AI that leverages cybersecurity at the core and has an ecosystem of partners that we're working with, like AWS, that we're building out to help customers better manage their data. >> It's all great. Data is in the mid center of the value proposition. Sabina, great to see you again, thanks for sharing. And Douglas, great to see you too. Thanks for sharing this experience here in theCUBE. >> Thanks, John. >> Okay, this is theCUBE's AWS Partner Showcase special presentation, speeding innovation with AWS. I'm John Furrier your host of theCUBE. Thanks for watching. (upbeat music)

>> We're back at AWS reinvent 2021. You're watching theCUBE. We're here live with one of the first live events, very few live events this year. It's the biggest hybrid event really of the year, of the season. Hopefully it portends a great future. We don't know it's a lot of uncertainty, but AWS said they're going to go for it. Close to 30,000 people here, Chris Wiborg is here. He's the VP of product marketing at Cohesity. Chris, great to see you face to face man. >> It's great to see you live again Dave. You understand that. >> Over the last couple of years we've had a lot of virtual meetup, hang out, and we talk every other quarter. >> Yeah. >> So it's great to see. Wow. You know, we were talking before the show. Well, we didn't really know what it was going to be like. I don't think AWS knew. >> No. >> It's like everything these days. >> You know, we did our own virtual event back in October because that was the time. And this is the first thing we've been back to live. And I was wondering, what's going to be like when I show up, but it's great to see all the folks that are here. >> Yeah. So I could see the booth. You know, you guys have had some good traffic. >> We have, yeah. >> A lot of customers here, obviously huge ecosystem. This, you know, the "flywheel keeps going". >> Yeah. You and I had a conversation recently about data management. It's something that you guys have put a stake in the ground. >> Absolutely. >> Saying, you know, we're not just backup, we're a good data management. It's fuzzy to a lot of people, we've had that conversation, but you're really starting to, through customer feedback, hone that message and the product portfolio. So let's start from the beginning. What is data management to cohesity? >> Well, so for us it's about the data lifecycle, right? And you heard a little bit about this actually during the keynote today, right? >> Right. >> When you think about the various services, you need to apply to data along the way to do basic things like protect it, be able to make sure you can recover from disasters, obviously deal with security today given the prevalence of ransomware out there, all the way down to at the end, how do you get more value out of it? And we do that in some cases with our friends from AWS using some of their AIML services. >> So your view of data may mean, it's kind of stops at the database right underneath. There's an adjacency to security that we've talked about. >> Yeah, very much. >> Data protection is now becoming an increasingly important component of a security strategy. >> It is. >> It's not a direct security play, but it's just the same way that it's not just the SecOps team has to worry about security anymore. It's kind of other parts of the organization. Talk about that a little bit. >> Yeah, well, we actually had a customer advisory board about two months or so ago now. And we talked to many of our customers there, and one of them I won't name, a large financial institution. We asked them, you know, where did we stand in your spend these days? And he's able to tell you, a while back about a year ago, having new backup and recovery is a starting point was kind of on the wishlist. And he said today it's number two. And I said, well why? He said well, because of ransomware, right? You'd be able to come back from that and ask, well, great, what's number one? He said, well, endpoint security. So there you are, number one and number two, right? Top of mind for customers these days in dealing with really the scourge that's affecting so many organizations out there. And I think where you're going, you starting to see these teams work together in a way that perhaps they hadn't before, or you've got the SecOps team, you've got the IT operations team. And while exactly your point, we don't position ourselves as just a data security company, that's part of what we do. We are part of that strategy now where if you have to think about the various stages and dealing with that, defending your backups, 'cause that's often the first point of attack now for the bad guys. Being able to detect what's going on through AI and the anomaly detection and such, and then being able to rapidly recover, right? In the recover phase, that's not something that security guys spend time on necessarily, but it's important for the business to be able to bring themselves back when they're subject to an attack, and that's where we come in in spades. >> Yeah. So the security guys are busy trying to figure out, okay, what happened? How do we stop it from happening again? >> There's another business angle which is okay, how do we get back up and running? How much data did we lose? Ideally none. How fast can we get it back up? That's that's another vector that's now becoming part of that broader security stack. >> That's right. I mean, I think if you look at the traditional NIST cybersecurity framework, right? Stage five has always been the recover piece. And so this is where we're working with some of the players in the security space. You may see an announcement we did with Cisco around secure access recently. Where, you know, we're working together, not only to unite two tribes within large organizations. Right? The SecOps and ITOps guys. But then bringing vendors together because it's through that, that really, we think we're going to solve that problem best. >> Before we get into the portfolio, and I want to talk about how you've evolved that, let's talk a little about ransomware, it's in the news. You know, I just wrote a piece recently and just covered some of the payments that have made. I mean, I think the biggest is 40 million, but many tens of millions here and there. And it was, you know, one case, I think it was the Irish health service did not pay, thus far hasn't paid, but it's costing him $600 million to recover as the estimate. So this is serious threat. And as I've said, many times on theCUBE, exactly anybody can be a ransomware as they go on the dark web. >> Ransomware is a service. >> Right, ransomware is a service. Hey, can you set up a help desk for me to help me negotiate? And I'm going to put a stick into a server and you know, I hope that individual gets arrested but you never know. Okay. So now it's top of mind, what are you guys doing? First of all, what are you seeing from customers? How are they responding? What are you guys doing to help? >> Well, I think you're right. First of all, it's just a huge problem. I think the latest stat I saw was something like every 11 seconds there's a new attack because I can go into your point with a credit card, sign up as a service and then launch an attack. And the average payment is around 4.2 million or such, but there's some that are obviously lots bigger. And I think what's challenging is beyond the costs of recovering and invent itself is there's also the issue around brand and reputation, and customer service. And all these downstream effects that I think, you know, the IT guys don't think about necessarily. We talked to one customer or a regional hospital where the gentleman there told me that what he's starting to see after the fact is now, you've actually got class action suits from patients coming after them saying like, "Hey you, you let my data get stolen. Right? Can you imagine no IT guys thinking about that. So the cost is huge. And so it's not just an issue I think that was once upon a time just for ITOps or SecOps through the CIO, even it's even past the board level now if you can imagine. It's something the general public worries about and we actually did a survey recently where we asked people on the consumer side, are you more or less likely to do business with companies if you know they've been subject to ransomware or attacks? And they said, no, we are concerned about that, we are more reticent to do business with people as consumers if they're not doing the right things to defend their business against ransomware. Fascinating. Right? It's long past the tipping point where this is an IT only issue. >> So, high-level strategy. So we talk about things like air gaps, when I talked about your service to ensure immutability, >> Yeah, yeah. >> And at 50,000 foot level, what's the strategy then I want to get into specifics on it. >> Let's talk a little bit about, so the evolution of the attack, nature of attacks, right? So once upon a time, this is in the distant past now, the bad guys that you used to come after your production data, right? And so that was pretty easy to fix with companies like us. It's just restore from backup. They got a little smarter< let's call that ransomware 2.0, right? Where now, they say, let's go after the backup first and encrypt or destroy that. And so there, to your point, you need immutability down to the file system level. So you can't destroy the backup. You got to defend the backup data itself. And increasingly we're seeing people take in isolation in a different way than they used to. So you probably recall the sort of standard three, two, one rule, right? >> Yeah, sure. >> Where the one traditionally meant, take that data offsite on magnetic tape, send it to Iron mountain for example, and then get the data back when I need it. Well, you know, if your business is at risk, trying to recover from tape, it just takes too long. That's just no reason. >> It can be weeks. >> It can be weeks and you've got to locate the tapes, you got to ship them, then you got to do the restore. And just because of the physical media nature, it takes a while. So what we're starting to see now is people figuring out how to use the cloud as a way to do that and be able to have effectively that one copy stored offsite in a different media, and use the cloud for that. And so one of the things we announced actually back in our show in October, was a new service that allows you to do just that. We're calling it for now Project Fort Knox. We're not sure if that name is going to work globally, right? But the idea is a bunker, an isolated copy of the data in the cloud that's there, that can restore quickly. Now, is it as fast as having a local replica copy? Of course not. But, it's way better than tape. And this is a way to really give you that sort of extra layer of insurance on top of what you're already doing probably to protect your data. >> And I think that's the way to think of it. It's an extra layer. It's not like, hey, do this instead of tape, you're still going to do tape, you know. >> There's some that do that for all sorts of reasons, including compliance and governance and regulatory ones. Right? >> Yeah. >> And, you know, even disaster recovery scenarios of the worst case, I hope I never have to go through it. Yeah, you could go to the cloud. >> That's right. >> So, local copy is the best. If that's not there, you've got your air gap copy in the cloud. >> Yap. >> If that's not there for some crazy reason. >> We have a whole matrix we've been sharing with our customers recently with a different options. Right? And it's actually really interesting the conversation that occurs between the IT operations folks, and the SecOps folks back to that. So, you know, some SecOps folks, if they could, they just unplug everything from the network, it's safe. Right? But they can't really do business that way. So it's always a balance of what's the return that you need to meet. And by return I mean, coming back from an attack or disaster versus the security. And so again, think of this as an extra layer that gives you that ability to sleep better at night knowing that you've got a third, a tertiary copy, stored somewhere offsite in a different media, but you can bring it back at the same time. >> How have you evolve your portfolio to deal with both the data management trends that we've talked about and the cyber threats. >> Yeah. Well, a number of things. So amongst the other announcements we made back in October is DR. So DR is not a security thing per se, you know, who gets paged when something goes wrong? It's not the info SEC guys for DR, it's the ITOps guys. And so we've always had that capability, but one of the things we announced is be able to do that to do that to the cloud now in AWS. So, instead of site to site, being able to do it site to cloud, and for some organizations, that is all about being able to maybe eliminate a secondary site, you know, smaller organizations, others that are larger enterprises, they probably have a hybrid strategy where that's a part of their strategy now. And the value there is, it's an OpEx cost, right? It's not CapEx anymore. And so again, you lower your cost of operations. So that's one thing in the data management side. On the security side, another thing we announced was yet another service that runs in AWS, we call Cohesity Data Govern. And this is a way to take a look at your data before something ever occurs. One of the key things in dealing with ransomware is hygiene is prevention, right? And so you sort of have classically security folks that are trying to protect your data, and then another set of folks, certainly a large enterprise that are more on the compliance regulatory front, wanting to know where your PII is, your private sensitive data. And we believe those things need to come together. So this data governance product actually does that. It takes a look at first classifying your data, and then being able to detect anomalies in terms of who's coming in from where to get to it, to help you proactively understand what's at threat, and first of all, you know, where your crown jewels really are and make sure that you're protecting those appropriately and maybe modifying access policies If you have set up in your existing native applications,. So it's a little bit of awareness, a little bit prevention, and then when things start to go wrong, another layer that helps you know what's wrong. >> I love that the other side of the coin, I mean, you going to get privacy as a service along with my data protection as a service, know that's a better model. Tight on time sir, but the last question. >> Sure. >> The ecosystem. >> Yeah. >> So you mentioned endpoint security, I know identity access is cloud security, and since the remote work has really escalated, we talk about the ecosystem and some of the partnerships that you're enabling, API integration. >> Yeah, totally. So, you know, we have this, what we call our threat defense model, has got four layers to it. One is the core, is all about resiliency. You need to assume failure. We have, you know, the ability to fail over, fail back down our file system. It has to be immutable to keep the bad guys out. You have to have encryption, basic things like that. The next layer, particularly in this world of zero trust. Right? Is you have to have various layers access control, obvious things like multifactor authentication, role-based access control, as well as things like quorum features. It's the two keys in the safety deposit box to unlock it. But that's not enough. The third layer is AI powered anomaly detection, and being able to do data classification and stuff and such. But then the fourth layer, and this was beyond just us, is the ability to easily integrate in that ecosystem. Right? So I'll go back to the Cisco example I gave you before. We know that despite having our own admin console, there's no SecOps person that's going to be looking at that. They're going to look at something like a SecureAX, or maybe a Palo Alto XR, and be able to pull signals from different places including endpoints, including firewall. >> You going to feed that. >> Exactly. So we'll send signals over that, they can get a better view and then because we're all API based, they can actually invoke the remedy on their side and initiate the workflow that then triggers us to do the right thing from a data protection standpoint, and recovery standpoint. >> It's great to have you here. Thanks so much for coming on. >> It's good to see you again live today. >> See you in the evolution of cohesity. Yes, absolutely. Hopefully we do this a lot in 2022, Chris. >> Absolutely, looking forward to. >> All right. Me too. All right, thank you for watching this is theCUBE's coverage, AWS reinvent. We are the leader in high tech coverage, we'll be right back.

(upbeat music) >> Okay, I'm back. I'm John Furrier with theCube. We're here in the middle of the action at Mobile World Congress at Cloud City is where the action is. Danielle Royston and Telco DR. Digital disruption here happening. This next interview I did with Casey Choi, the Executive Vice President at Samsung. I did this remotely. He couldn't be here in person. We wanted to bring him in for a conversation. I had a chance to record this with him. He talks about the intelligent Human Edge or Industry 4.0. It was about Edge computing, Samsung as a leader. Obviously we know what they do. They're part of this IOT revolution, Casey Choi, brilliant executive I really enjoyed my conversation. Take a listen. (upbeat music) Welcome to theCube's coverage of Mobile World Congress, 2021. I'm John Furrier host of theCube. We're here with Cube alumni, Casey Choi's Executive Vice President and GM of the Global Mobile B2B Team, Communications Team at Samsung. Casey, great to see you. Thank you for coming off for the special Remote Mobile World Congress. We're here in person, but also hybrid event. We got a lot of remote interviews. Thank you for taking the time to speak with me. >> John. Great to see you. Great as always to be with you and great to be at least here, virtually with the team and in Barcelona from WC. >> You know, in Samsung, we think about the edge. You are leading a team that's driving this innovation. We've talked in the past about Industry 4.0, but the innovation at the intelligent edge, human edge is a big part of it, with 5G. It's just another G, but it's not just another G you got to have a backbone. You got to have a back haul. You got to have an interconnection. You have commercial, not just consumer technology. So the edge is becoming both this human and device commercial environment. So the industry is quickly moving to this. You call it the 4.0 trend. What do you see happening? This is a clear change over the Telco is not what it used to be. Change is coming fast. A lot of disruption, what's your view? >> Yeah, I think we see a number of things done. And certainly from our perspective, which is, I think we've got somewhat of a unique view on this because of our huge focus really in consumer use and attitudes. And certainly it's been informed by what we've seen, what we've all collectively seen over the last year and a half or so, and are still seeing today. And I think one of the things that we're certainly experiencing is I think the edge is it's expanding further out. I think it's also getting more tightly coupled in many respects to the human factor. And it's not just a set of billions of discrete sensors anymore. And I think the evolution of our thinking around this has changed quite a bit from the IOT Version One variant of this. We put more of what I would call billions of these things, communicating all kinds of information, either to the cloud or the data centers and doing it in a very voluminous way. And what we're saying is with the advent of more the human to machine interface, and certainly the capabilities that we're saying both on the network and the device side, it's really redefining how we're thinking about edge. And certainly here at Samsung and with some of our partners, and we're starting to call this more of the intelligent human edge, where the human factor really begins to play a big role in how we're defining the Internet Of Things. And those things include really people. And this is how we're looking at it. >> I love the theme, the human edge, I think that's very relevant. I want to get a human aspect of here tied into the industry side, because as we emerge from the pandemic and move to a broader economic recovery, you see the psychology of the industry where cloud is one of the shining examples of what the pandemic highlighted cloud speed, cloud agility. And now you're seeing with openness in the Teleco industry, that cloud is coming in, open cloud interoperability. So coming out of the pandemic, cloud is the theme is driving an economic recovery, which is driving the psychology of we're back to real life, we're back to business, but it's not business as usual. The fashion is changing. The attitudes are changing. You mentioned that, and now the disruption of how cloud will be implemented. And it seems to be Telco is where these edge and cloud are just completely radically changing, what was once a kind of a slow moving Telco space. So how do you see the partnerships and coming out of the pandemic, some of the response of cloud impact, cloud technology, public cloud impact on this new Telcom? >> Yeah. Let me try to unpack that a little bit. I think we see two dimensions on this, certainly on the carrier side, the operator's side of the equation, we're certainly partnered with everybody across the globe on that. Certainly there's been a definitive impact around software defined everything, right? So, and this has been accelerated really by the standards that have started to develop around 5G. And even now there's a lot of discussion and I'm sure there'll be a lot of it around WMC about 6G and what is happening there. But I think with the advent of things like O-RAN for example, and some of the activity that we're seeing really around NEC type solutions and opportunities, the traditional role of the carrier and the operator is evolving and has to evolve, right? It is now much more aligned with the provision of these types of services that are very different from the type of data or voice services that we've seen in the past. So certainly we're seeing that transition. The second big transition is really around the notion of hybridity. Now we've been talking about this now in the industry for a while, but I think it's really starting to take firm root the idea of not only multiple clouds, but clouds that are deployed either on prem or certainly, available as a service in its various forms. So I think that combination along with the advances that we're seeing in the technology, and this was both on the connectivity side. So certainly around the ultra reliable, low latency communications, what we're seeing with things like slicing, for example, starting to take root as well as frankly, the devices themselves are getting that much more powerful and compact. This is what we're saying with SOC technologies is what we're seeing with the functions being moved more and more to on device capability. So I think about hybrid, I mean, in my past to think about it more as a small data center. How do you compact it, move it out to somewhere else. Now we're thinking about it more in terms of the type of processing capability that you can put really in the hands of the human or hands of the device. And at that point, you really start to get different use cases, start to emerge from that. So this is how we're thinking about this extension and what I'm talking about more as, an expansion on the edge, further out. >> I love is it splicing or slicing, what's the term? Slicing is the technology? >> Slicing, network slicing. >> Slicing, not splicing cable. >> Yeah. >> Slicing. >> Not splicing cable, no. >> Okay so this come up a lot, so splicing kind of points to this end to end, workflows. You look at some of the modern development, the frameworks of successful, you're seeing these multifunctional teams kind of having an end to end visibility into the modern application workflow from CIC pipeline, whatever. Now, if you take the concept of O-RAN you mentioned Open Radio Access Networks, this kind of brings up this idea of interoperability, because if you're going to have end to end and you add edge to it, you have to have the ability to watch something go end to end, but it's never been like that in the past because you had to traverse multiple networks. So this becomes kind of this hybrid a little bit deeper. Can you share how you see that and how Samsung's working with folks and how you guys are addressing this because you can be at the edge, but ultimately you've got to integrate. So you've got openness, you've got the idea of interoperability issues, and you ultimately have to move around and work with other networks, other clouds and other systems. This is not, it's not always like that. So can you share how this is evolving and how real this is and what is your view on it. >> Yeah, our thinking on this. I mean, let me start by maybe tackling this in a little bit of a different angle. One of the things that we see as one of the barriers around interoperability has really been more on the application side of the equation. And this is actually the third component in making all of this work. And let me just be very clear in what I'm saying here, I think in terms of mobile architectures and really Edge architectures, it has been one of the last bastions, if you will of closed architectures, there've been very much what I would call purpose-built architectures at the edge. Certainly that's been driven by things like the industrial side coming together with more of the commercial side of the equation, but we think it's time really to extend the interoperability of what we are seeing really on the IT side of the equation and really driven by cloud native. This was really in the area of containers. It's in the area of microservices, it's in the area of cloud native development. And if we're really talking about this, we really need to extend that interoperability from the application point of view on the data point of view, really to the end point. And this is where some of the work that we're doing, and we really embarked on in earnest last year with Red Hat and IBM, and with VMware for example, in really opening up that edge architecture to really the open source community, as well as really to the microservices architectures that we have now seen propagate down from the cloud into hybrid architecture. So this has been really one of the key focus areas for us. The network interoperability has really been driven by the standards that we've seen and that have been really adopted by the industry. And when it comes to, for example 5G standards. what we've been more focused on quite honestly, is the interoperability on the application and data side. And we think that by extending, if you will, that write once run many type concepts down into the edge and into the device, that this is going to open up really a wealth of opportunity for us on the application and on the data side. >> That's awesome, I love the openness, love the innovation you guys are doing. I think that's where the action is and that's where the growth is going to be. I do have to ask you how you see edge computing in the IOT era in terms of security. Are we more vulnerable because of it now? And how are you guys addressing the issue of security and data privacy at the edge? What's your opinion on that? What's Samsung doing? >> I mean, we just have to look at the news today, it's obvious that we are more vulnerable, right? There's no doubt that points of vulnerability are being exposed and they're probably being exposed in now industrial areas, right? Certainly with what we've seen, just even recently with some of the attacks that, that have occurred. So a couple of things there, number one, we are relying very heavily on our long history around establishing root of trust in kind of zero trust environments. We've had our Knox platform as an example, we just celebrated, in fact, our 10th year of the product. In fact, it was announced at MWC back about 10 years ago. So this is something that, that we're celebrating, it's an anniversary. Our belief on this is that we really need to ensure that we maintain a hardware-based route across when it comes to the edge. We can't only rely upon software protection at that layer. We can't naturally rely upon some of the network protections that are there. So, we've shipped about 3 billion devices with our Knox Security Suite over the last 10 years. And this is something that we're relying very heavily on. Not only for again, that hardware based root of process. So one of the key solutions, there's our Knox Vault product, which we just released a few months back. This is really a safe within a safe concept, really ensuring that the biometric password and other user data is protected. It's really what drives some of our strategy around making sure that we rely upon something that protects all of the back doors that are resident, not only at the software layer, but at the hardware layer as well. And then management is the other key piece of this, security without the ability of managing these thousands to millions of devices is really somewhat compromised. So we've extended a lot of our Knox management capability at our device level really to address some of those particular attributes, as well as these fleets become more prominent. And they start to take on workloads that are more critical to IOT type workloads. >> Casey, great to have you on. Your insight's awesome. Love what you're doing at Samsung. And again, you're a leader, you've been there, you've seen those cycles of innovation. I have to ask you my final question for you is a personal one and a professional one. The last Mobile World Congress was 2019. In person, last year was canceled a lot's happened in the industry since 20 something months ago. Now we're going to be in person, a lot of hybrid still remotely, but there'll be people in person. The world's changed. What is the big change in the Telco, Telco Cloud, Telco Edge, what's happened in these 20 plus months since the last Mobile World Congress that people should pay attention to? What's the most important thing in your mind? >> Most important? Thank God John. You're putting me on the spot here, right? I think it's wisdom to be quite honest with you. I mean, we've certainly all collectively learned a lot in terms of user patterns and what people need and want. And I hope to think that collective wisdom is going to be a key part of how we drive this going forward. And then if I can just pick one more, I would say re-invention, I think what we're starting to see is that coming out of, again from 2019 to what we're seeing now, we do see this opportunity reinventing and rethinking. And I think that's the difference. And the pace of that is going to really dictate how we look at this and how we collectively solve these challenges. So I hope to think we're wiser and that we're more imaginative coming out of this. And again after being in this industry for 30 years, we've not seen the types of things that we've seen over the last couple. So I hope to think that this is a pivot point for all of us. >> Well, Samsung is certainly a leader in many areas and great to see you on theCube here and the theme in your talks around intelligence, human edge innovation, open. This is a force that's happening. And I think the big change, as you said, the wisdom combined with a reinvention is happening and it's going to be very interesting ride, should be fun to work on. >> It will be John and I thank you for our friendship and our relationship over the years. It's always great to see you and to be with you. And again, we're very optimistic as we always have, coming out of this And again, thanks for the time and have a great MWC. >> You too, Casey Choi, Executive Vice President General Manager of the Global Mobile Business to Business Unit Commercial Unit at Samsung. This is theCube's coverage of Mobile World Congress. I'm John Furrier. Thanks for watching. Okay. We're back here. That was Casey Choi. Talk about wisdom, collective wisdom coming out of the pandemic. Great friend of theCube, great friend of the industry doing great work there. Casey Choi. Like we are doing here on the ground at Mobile World Congress in Cloud City, as well as Adam and the team in the studio. So back to you, Adam and team.

(upbeat music) >> Welcome everybody to VeeamON 2021 you're watching theCUBE. My name is Dave Villante. You know in 2020 cyber adversaries they seize the opportunity to really up their game and target workers from home and digital supply chains. It's become increasingly clear to observers that we're entering a new era of cyber threats where infiltrating companies via so-called Island Hopping and stealthily living off the land meaning they're using your own tools and infrastructure to steal your data. So they're not signaling with new tools that they're in there. It's becoming the norm for sophisticated hacks. Moreover, these well-funded and really sophisticated criminals and nation States are aggressively retaliating against incident responses. In other words, when you go to fix the problem they're not leaving the premises they're rather they're tightening the vice on victims by holding your data ransom and threatening to release previously ex filtrated and brand damaging information to the public. What a climate in which we live today. And with me to talk about these concerning trends and what you can do about it as Gil Vega, the CISO of Veeam Gil great to see you. Thanks for coming on. >> Great to see you, Dave. Thanks for having me. >> Yeah. So, you know, you're hearing my intro. It's probably understating the threat. You are a Veeam's first CISO. So how do you see the landscape right now? >> That's right. Yeah. And I've been with the company for just over a year now, but my background is in financial services and spent a lot of time managing cybersecurity programs at the classified level in Washington DC. So I've gleaned a lot of scar tissue from lots of sophisticated attacks and responses. But today I think what we're seeing is really a one-upmanship by a sophisticated potentially nation state sponsored adversaries, this idea of imprisoning your data and charging you to release it is it's quite frightening. And as we've seen in the news recently it can have devastating impacts not only for the economy, but for businesses. Look at the gas lines in the Northeast right now because of the quality of a pipeline, a ransomware attack. I just, the government just released an executive order this morning, that hopes to address some of the some of the nation's unpreparedness for these sophisticated attacks. And I think it's time. And I think everyone's excited about the opportunity to really apply a whole of government approach, to helping critical infrastructure to helping and partnering with private sector and imposing some risks, frankly, on some of the folks that are engaged in attacking our country. >> A number of years ago, I often tell this story. I had the pleasure of interviewing Robert Gates the former Defense Secretary. And it was a while ago we were talking about cyber and he sits on a number of boards. And we were talking about how it's a board level issue. And, and we're talking about cyber crime and the like and nation States. And I said, well, wait, cyber warfare, even. And I said, "But don't we have the best cyber tech. I mean, can't we go on the offense?" And he goes, "Yeah, we do. And we can, but we have more to lose." And to your point about critical infrastructure, it's not just like, okay, we have the most powerful weapons. It's really we have the most valuable infrastructure and a lot to lose. So it's really a tricky game. And this notion of having to be stealthy in your incident response is relatively new. Isn't it? >> It is. It is. And you know, there are, you mentioned that and I was surprised you mentioned because a lot of people really don't talk about it as you're going into your response your adversaries are watching or watching your every move. You have to assume in these days of perpetual state of compromise in your environments, which means that your adversaries have access to your environment to the point that they're watching your incident responders communicate with one another and they're countering your moves. So it's sort of a perverse spin on the old mutually assured destruction paradigm that you mentioned the United States has the world's largest economy. And quite frankly the world's most vulnerable, critical infrastructure. And I would concur with Director Gates or Secretary Gates rather it is assessment that we've got to be awfully careful and measured in our approach to imposing risks. I think the government has worked for many years on defining red lines. And I think this latest attack on the colonial pipeline affecting the economy and people's lives and potentially putting people's lives at risk is towing also the close to that red line. And I'm interested to see where this goes. I'm interested to see if this triggers even a, you know a new phase of cyber warfare, retaliation, you know proactive defense by the National Security Community of the United States government. Be interesting to see how this plays out. >> Yeah, you're absolutely right though. You've got this sort of asymmetric dynamic now which is unique for the United States as soon as strongest defense in the world. And I wanted to get it to ransomware a bit. And specifically this notion of ransomware as a service it's really concerning where criminals can actually outsource the hack as a service and the bad guys will set up, you know, on the dark web they'll have, you know, help desks and phone lines. They'll do the negotiations. I mean, this is a really concerning trend. And obviously Veeam plays a role here. I'm wondering as a, as a SecOps pro what should we be doing about this? >> Yeah, you mentioned ransomware as a service, whereas RWS it's an incredibly pernicious problem perpetrated by sophisticated folks who may or may not have nation state support or alliances. I think at a minimum certain governments are looking the other way as it relates to these criminal activities. But with ransomware as a service, you're essentially having very sophisticated folks create very complex ransomware code and distributed to people who are willing to pay for it. And oftentimes take a part of the ransom as their payment. The, issue with obviously ransomware is you know the age old question, are you going to pay a ransom or are you not going to pay a ransom? The FBI says, don't do it. It only encourages additional attacks. The Treasury Department put out some guidance earlier earlier in the year, advising companies that they could be subject to civil or criminal penalties. If they pay a ransom and the ransom goes to a sanction density. So there's danger on all sides. >> Wow okay. But so, and then the other thing is this infiltrating via digital supply chains I call it Island Hopping and the like, we saw that with the solar winds hack and the scary part is, you know different malware is coming in and self forming and creating different signatures. Not only is it very difficult to detect, but remediating, you know, one, you know combined self formed malware it doesn't necessarily take care of the others. And so, you know, you've got this sort of organic virus, like thing, you know, create mutating and that's something that's certainly relatively new to me in terms of its prevalence your thoughts on that and how to do it. >> Yeah, exactly right. You know, the advent of the polymorphic code that changes the implementation of advanced artificial intelligence and some of this malware is making our job increasingly difficult which is why I believe firmly. You've got to focus on the fundamentals and I think the best answers for protecting against sophisticated polymorphic code is,are found in the NIST cybersecurity framework. And I encourage everyone to really take a close look at implementing that cybersecurity framework across their environments, much like we've done here, here at Veeam implementing technologies around Zero Trust again assuming a perpetual state of compromise and not trusting any transaction in your environment is the key to combating this kind of attack. >> Well, and you know, as you mentioned, Zero Trust Zero Trust used to be a buzzword. Now it's like become a mandate. And you know, it's funny. I mean, in a way I feel like the crypto guys I know there's a lot of fraud in crypto, but but anybody who's ever traded crypto it's like getting into Fort Knox. I mean, you got to know your customer and you've got to do a little transaction. I mean, it's really quite sophisticated in terms of the how they are applying cybersecurity and you know, most even your bank isn't that intense. And so those kinds of practices, even though they're a bit of a pain in the neck, I mean it's worth the extra effort. I wonder if you could talk about some of the best practices that you're seeing how you're advising your clients in your ecosystem and the role that Veeam can play in helping here. >> Yeah, absolutely. As I mentioned so many recommendations and I think the thing to remember here so we don't overwhelm our small and medium sized businesses that have limited resources in this area is to remind them that it's a journey, right? It's not a destination that they can continually improve and focus on the fundamentals. As I mentioned, things like multi-factor authentication you know, a higher level topic might be micro-segmentation breaking up your environment into manageable components that you can monitor a real time. Real time monitoring is one of the key components to implementing Zero Trust architecture and knowing exactly what good looks like in your environment in a situation where you've got real-time monitoring you can detect the anomalies, the things that shouldn't be happening in your environment and to spin up your response teams, to focus and better understand what that is. I've always been a proponent of identity and access management controls and a key focus. We've heard it in this industry for 25 years is enforcing the concept of least privilege, making sure that your privileged users have access to the things they need and only the things that they need. And then of course, data immutability making sure that your data is stored in backups that verifiably has not been changed. And I think this is where Veeam comes into the equation where our products provide a lot of these very easily configured ransomware protections around data and your ability to the ability to instantly back up things like Office 365 emails, you know support for AWS and Azure. Your data can be quickly restored in the event that an attacker is able to in prison that with encryption and ransom demands. >> Well, and so you've certainly seen in the CISOs that I've talked to that they've had to obviously shift their priorities, thanks to the force march to digital, thanks to COVID, but Identity access management, end point security cloud security kind of overnight, you know, Zero Trust. We talked about that and you could see that in some of these, you know, high flying security stocks, Okta Zscaler, CrowdStrike, they exploded. And so what's in these many of these changes seem to be permanent sort of you're I guess, deeper down in the stack if you will, but you, you compliment these toolings with obviously the data protection approach the ransomware, the cloud data protection, air gaps, immutability. Maybe you could talk about how you fit in with the broader, you know, spate of tools. I mean, your, my eyes bleed when you look at all the security companies that are out there. >> Yeah for sure. You know, I'm just going to take it right back to the NIST cybersecurity framework and the five domains that you really need to focus on. Identify, protect, detect, respond, and recover, you know and until recently security practitioners and companies have really focused on on the protect, identify and protect, right and defend rather where they're focused on building, you know, moats and castles and making sure that they've got this, you know hard exterior to defend against attacks. I think there's been a shift over the past couple of years where companies have recognized that the focus needs to be on and respond and recover activities, right? Assuming that people are going to breach or near breach, your entities is a safe way to think about this and building up capabilities to detect those breaches and respond effectively to those breaches are what's key in implementing a successful cybersecurity program where Veeam fits into this since with our suite of products that that can help you through the recovery process, right? That last domain of the NIST cybersecurity framework it'll allow you to instantaneously. As I mentioned before, restore data in the event of a catastrophic breach. And I think it provides companies with the assurances that while they're protecting and building those Zero Trust components into their environments to protect against these pernicious and well-resourced adversaries there's the opportunity for them to recover very quickly using the VM suite of tools? >> Well, I see, I think there's an interesting dynamic here. You're pointing out Gil. There's not no longer is it that, you know, build a moat the Queen's leaving her castle. I always say, you know there is no hardened perimeter anymore. And so you've seen, you know, the shift obviously from hardware based firewalls and you I mentioned those other companies that are doing great but to me, it's all about these layers and response is a big in recovery is a huge part of that. So I'm seeing increasingly companies like Veeam is a critical part of that, that security cyber data protection, you know, ecosystem. I mean, to me it's just as important as the frontline pieces of even identity. And so you see those markets exploding. I think it's, there's a latent value that's building in companies like Veeam that are a key part of those that data protection layer you think about you know, defense strategies. It's not just you, the frontline it's maybe it's airstrikes, maybe it's, you know, C etcetera. And I see that this market is actually a huge opportunity for for organizations like yours. >> I think you're right. And I think the proof is in, you know in the pudding, in terms of how this company has grown and what we've delivered in version 11 of our suite, including, you know features like continuous data protection, we talked about that reliable ransomware protection support for AWS S3 Glacier and Azure archive the expanded incident recovery, and then support for disaster recovery and backup as a service. You know, what I found most interesting in my year here at Veeam is just how much our administrators the administrators in our company and our customers companies that are managing backups absolutely love our products that ease of use the instant backup capabilities and the support they receive from Veeam. It's almost cultish in terms of how our customers are using these products to defend themselves in today's pretty intense cyber threat environment. >> Well, and you talked about the NIST framework, and again big part of that is recovery, because we talked about earlier about, do you pay the ransom or not? Well, to the extent that I can actually recover from having all my data encrypted then I've got obviously a lot more leverage and in many ways, I mean, let's face it. We all know that it's not a matter of if it's, when you get infiltrated. And so to the extent that I can actually have systems that allow me to recover, I'm now in a much much stronger position in many respects, you know and CISOs again, will tell you this that's where we're shifting our investments >> Right. And you've got to do all of them. It's not just there's no silver bullet, but but that seems to me to be just a a misunderstood and undervalued part of the equation. And I think there's tremendous upside there for companies like yours. >> I think you're right. I think what I'll just add to that is the power of immutability, right? Just verifiably ensuring that your data has not changed because oftentimes you'll have attackers in these low and slow live off the land types of attacks change your data and affect its integrity with the Veeam suite of tools. You're able to provide for immutable or unchanged verifiable data and your backup strategy which is really the first step to recovery after a significant event. >> And that's key because a lot of times the hackers would go right after the backup Corpus you know, they'll sometimes start there is that all the data, you know, but if you can make that immutable and again, it, you know there's best practices there too, because, you know if you're not paying the cloud service for that immutability, if you stop paying then you lose that. So you have to be very careful about, you know how you know, who has access to that and you know what the policies are there, but again, you know you can put in, you know so a lot of this, as you know, is people in process. It's not just tech, so I'll give you the last word. I know you got to jump, but really appreciate.. >> Yeah, sure. >> You know, the only, the only thing that we didn't mention is user awareness and education. I think that is sort of the umbrella key focus principle for any successful cybersecurity program making sure your people understand, you know how to deal with phishing emails. You know, ransomware is a huge threat of our time at 90% of ransomware malware is delivered by phishing. So prepare your workforce to deal with phishing emails. And I think you'll save yourself quite a few headaches. >> It's great advice. I'm glad you mentioned that because because bad user behavior or maybe uninformed user behaviors is the more fair way to say it. It will trump good security every time. Gil, thanks so much for coming to the CUBE and and keep fighting the fight. Best of luck going forward. >> Great. Thank you, Dave. >> All right. And thank you for watching everybody. This is Dave Villante for the CUBEs continuous coverage VeeamON 2021, the virtual edition. We will be right back. (upbeat music)

>> Voiceover: From around the globe, it's theCUBE with digital coverage of IBM Think 2021, brought to you by IBM. >> Hello and welcome back everyone to theCUBE's coverage of IBM Think 2021 virtual. I'm John Furrier, your host of theCUBE. I'm excited to have this next guest, CUBE alumni, K.C. Choi, Corporate EVP, Executive Vice President and General Manager at Samsung Mobile the B2B/B2G Team. K.C., great to see you, how you've been? >> John, it is wonderful to see you and it's been way too long. Great to be back on theCUBE with you looking forward to our conversation and I hope you're safe. >> Yeah and same to you. Great to see you, I'm so excited. One of the things I've really admired about you and our conversations in the past is you've always had your finger on the pulse of the waves and you're always involved with some really great engineering work. And I want to dig into this now because your role is really hitting the industry for that kind of wave which is the confluence of tech, media, entertainment, every vertical, big data, IOT and with the distributed computing now called the Cloud and edge. It really sets the table for what is now going to be the preferred architecture probably for the next 20 plus years. So give us your view on how you see the changing landscape in the industry. >> Yeah, I think you covered all of the major seismic shifts that are happening here. And then as we've all experienced over the last, over a year with the COVID pandemic, that's actually accelerated a lot of the thinking around edge. We've certainly seen news cases proliferate whether it be in things such as healthcare, manufacturing's also taken I think, a real hard look at the applicability of these types of solutions. We've seen things like, for example 5G pickup in these industrial applications as the industrial companies have thought about worker safety, as they've thought about automation, as they thought about utilizing more protocols, as well as bringing these technologies and processes together in a way that will help to reinvent their particular economic base, as well as the learnings that we've seen over the last year, coming from these new safety protocols as well as the need for now with the economies is picking back up, the need for productivity, as well as greater efficiencies coming from these types of solutions. So we've seen that confluence happen. And then certainly on our end, as our network connectivity has become much stronger, lower latency, as well as the endpoint capabilities have increased dramatically over the last few years, as SOC and others have taken root, we've seen the edge, if you will, start be more extreme, in the sense that it's pushing further and further out beyond what we originally envisioned the edge to be. >> And the SOC trend actually highlights that it's not so much about Moore's law as it is more about more chips, more performance. If you look at actual performance, Dave Vellante just put out a report on this, where there's actually more performance now than ever before coming in from the combined energy and combined processing power out there. So it's super, super amazing what you can do at the edge. Before we get into the edge, I want to just clarify what is your new role there? I mean, Samsung is known for obviously the B2C with the phones and everything else, but you have a specific focus, what is your main focus there? >> Yeah, our mission's pretty straightforward. And as everyone knows, Samsung is a powerhouse consumer electronics company. We pride ourselves in obviously our position in that, but we also have a very significant role really in the business to business and in the government and financial services sector space with our mobile devices, as well as with our Knox security platform solution and device management platform. We actually provide a large portion of the security devices for governments worldwide as well as the Knox platform that is built into the majority of our, both, consumer as well as business devices that really allows for that, if you will, that next protective layer on top of the Android OS that allows for things such as, personal and professional profiles. So we produce those solutions out of my team as well as we provide really the go-to-market support, as well as the RnD support for that platform, including an area that's growing rapidly for us which is in the rugged category, which is one of the key products that we're using for some of these edge applications that we'll be talking about. >> Great, let's jump into that. What are you guys doing specifically in the edge computing space? Let's dig into it. >> Yeah, I think maybe the place to start on that is we're really reenvisioning what the edge is. And I mentioned a little earlier that with what's occurring in the performance profile and really the functional profile, what is being produced at the device level. We're talking about in the last few years, the fidelity and the capabilities are in, what I would call the computer class type functions, as well as obviously mobile devices have always been communication gateways for a number of functions, whether they be videos or photos. They're multisensory in nature. And as this has become more practical and the connective tissue has gotten there with 5G as well as all kinds of other fast low latency communications capabilities and Wi-Fi 6, UWB, included within that. What we're finding is that the use case to bring applications especially cloud native and container native applications to these devices to be augmenting the endpoint user, the frontline worker, really the knowledge worker and moving that capability further away from, if you will, an extension to cloud services as well as MEC type services, this is where we see it going. And really what we're trying to work on with IBM and with Red Hat is how do we continue to fortify this, not only from an actual processing AI/ML capability, but also equip these devices so that they can fully participate as part of a multi-hybrid cloud architecture. The endpoint is really one of the last bastions where we have not conquered bringing cloud first container native applications really to that point. And we believe the time is right because of the capabilities that are there along with, again, the connectivity that is becoming much more ubiquitous now to allow for that type of architecture to exist. And we're starting to call this the intelligent human edge as well. We think that the applications that we'll see for this are ones that will make the human operator more productive, safer, certainly more efficient. And we think that this augmentation of that frontline worker is an area that we are, put our stakes on in terms of pioneering, just because of again, our experience in that mobility space and in that consumer space. >> That's great you brought up Red Hat and IBM. Obviously Red Hat was bought by IBM. Arvin, the CEO who I interviewed in 2019 in theCUBE at Red Hat summit, ironically, a couple months later, buys the company and a smile on his face. He likes cloud. >> K.C.: Maybe you had something to do with that, John. >> No, he wanted to, I could see he wanted to say it, but he loves the cloud. Everyone who knows Arvin knows that he's into the cloud in a new way. And this edge piece that you mentioned that you're using Red Hat and IBM for hybrid, this is what the new operating system is going to look like. It's a completely distributed system and the edge is just part of that operating model. This is what their vision is, which I love by the way. I think that redefines what that is. Are you saying that you guys are working with Red Hat and IBM for that hybrid edge piece? How does that work? Can you take me through that? >> Yeah, that's exactly right. I mean, obviously the ecosystem is bigger than that, but IBM and Red Hat really bring the expertise really around container ecosystems, certainly the work that they have done in terms a multi hybrid cloud, certainly the work that OpenShift has brought forward in terms of, you know, multi-platform capability. We really love the concept of develop bonds run, any sort of a construct. And when you think about it, the mobile platforms specifically, you know, ours, as well as others, has really been that last baskin of areas where more of the development is on a particular platform, it's more bespoke. We think that by broaching this, you know in conjunction with IBM and Red Hat this is going to give us the ability to have these device architectures become a full voting member, if you will, of that hybrid cloud architecture and of that microservice container architecture that is becoming much more prevalent. So this is really the work that we're doing. And then obviously we're working at a vertical level to see where are the applicable use cases in places such as the design studio we have in Singapore, where with the Singaporean government we're looking at really bringing a Renaissance to industry 4.0 type applications, smart factory automation, public safety, these areas where we believe that this type of architecture can be deployed. >> That's awesome. And I totally believe that, you know the edge is still going to be pushed farther and further out, honestly, having that open standards of hybrid. So I got to ask you, on the edge just while I got you here, you know, one of the things that you see clearly as the industrial edge, it's called, factories and whatnot. You've mentioned some of those. And then you've got the human piece, which is like people have phones and wearables and other things are going to be happening. So as you start to have those end points, which are then going to be connected into a distributed network, AKA a hybrid cloud, soon to be multiple clouds. But that's the sub system within the cloud construct. The complaint has been, not complaint, but the observation has been and complaint, if you look at it that the edge is limited by power and connectivity, okay. These are like key basic concepts. How is the connectivity option? I know 5G is coming, it's here, we're seeing it being deployed. We got people saying, hey, this is our business application. Clearly got higher throughput, not as much range. Give us your take on this because this becomes important, obviously, power is battery that is driven, it's getting better and better and power is not really that much of a problem, but connectivity seems to be, what's your vision of this? >> Yeah and you know, there's a lot of ways to approach that. I will tell you on the industrial side, at least in some of the deployments and PLCs that we've been involved in over the last a year or two years, connectivity is an issue. And a lot of it has to do with the infrastructure that is available in many of these plants or factories, or points of distribution, they're not necessarily leading edge, in many cases we're dealing with what I would call sub par connectivity. It's not like an office complex where you may have state-of-the-art Wi-Fi capability or 10 gig capability or whatever it might be. So what we've found on that is it requires actually quite a bit of work, in terms of fine tuning, both, on the the network infrastructure side, whatever that might be or we've also found that on the device side, the programmability of the of the device, in terms of tuning it for whatever connective environment would be there. And we've worked with everything from, you know, Bluetooth, UWB to Wi-Fi 6 and everything in between and in many cases or multiple protocols or connectivity methods that are there. So, you know, one thing we've learned is that you can't necessarily assume that in a, especially in a factory environment that those conditions are going to allow for consistency. So you have to engineer around that, you know, in some of the things that we've done are really around making sure that we've got deployable programmability at the device as well as board dynamic network tuning capabilities that will allow for better connectivity and to handle things such as consistency. >> All right, K.C., great insight. Final question for you, why Samsung and IBM? What's the bottom line? >> Yeah, I think the bottom line is really straightforward. I mean, we've had a 30 year history of working together, you know, we've been mutual customers to each other. We do a lot of work for IBM, in regards to foundry type services and semiconductor services. And that we work very closely with them over many years on applications. So number one, there's been a natural relationship, just in the services that we provided to each other. But as we look at really the go-to-market, I mean, IBM brings so much credibility from a vertical market perspective. There's a trusted advisor type status that I think is a very profound and it's been built over many years, you know, delivering on the promises. And on our end, I think what we bring is really this cycle time that is driven by our passion in the consumer space. And when we start to apply that into more of these vertical industrial, you know, vertical sectors, I think that combination is very powerful. The services piece obviously comes into play with IBM. And then really, the Red Hat piece of this really just puts the icing on the cake with really the the market leadership in hybrid cloud and in the container native architecture, so it's just a very powerful combo and the cooperation there has been strong and we continue to look forward to delivering more through that partnership. >> K.C., great to see you, great thing to hear. You know, you got scalable infrastructure, you got modern applications, got the edge, all hybrid. Great partnership. K.C. Choi, Corporate Executive Vice President and General Manager of Samsung Mobile B2B Team. Great to see you and congratulations on your mission and it's an exciting project. Thanks for coming on theCUBE and sharing. >> Great to see you, John, take care of yourself and looking forward to seeing you again. >> Okay, this is theCUBE's coverage IBM Think 2021. I'm John Furrier, your host of theCUBE. Thanks for watching. (soft upbeat music) (melodious music)

(melodious music) >> Voiceover: From around the globe, it's theCUBE with digital coverage of IBM Think 2021, brought to you by IBM. >> Hello and welcome back everyone to theCUBE's coverage of IBM Think 2021 virtual. I'm John Furrier, your host of theCUBE. I'm excited to have this next guest, CUBE alumni, K.C. Choi, Corporate EVP, Executive Vice President and General Manager at Samsung Mobile the B2B/B2G Team. K.C., great to see you, how you've been? >> John, it is wonderful to see you and it's been way too long. Great to be back on theCUBE with you looking forward to our conversation and I hope you're safe. >> Yeah and same to you. Great to see you, I'm so excited. One of the things I've really admired about you and our conversations in the past is you've always had your finger on the pulse of the waves and you're always involved with some really great engineering work. And I want to dig into this now because your role is really hitting the industry for that kind of wave which is the confluence of tech, media, entertainment, every vertical, big data, IOT and with the distributed computing now called the Cloud and edge. It really sets the table for what is now going to be the preferred architecture probably for the next 20 plus years. So give us your view on how you see the changing landscape in the industry. >> Yeah, I think you covered all of the major seismic shifts that are happening here. And then as we've all experienced over the last, over a year with the COVID pandemic, that's actually accelerated a lot of the thinking around edge. We've certainly seen news cases proliferate whether it be in things such as healthcare, manufacturing's also taken I think, a real hard look at the applicability of these types of solutions. We've seen things like, for example 5G pickup in these industrial applications as the industrial companies have thought about worker safety, as they've thought about automation, as they thought about utilizing more protocols, as well as bringing these technologies and processes together in a way that will help to reinvent their particular economic base, as well as the learnings that we've seen over the last year, coming from these new safety protocols as well as the need for now with the economies is picking back up, the need for productivity, as well as greater efficiencies coming from these types of solutions. So we've seen that confluence happen. And then certainly on our end, as our network connectivity has become much stronger, lower latency, as well as the endpoint capabilities have increased dramatically over the last few years, as SOC and others have taken root, we've seen the edge, if you will, start be more extreme, in the sense that it's pushing further and further out beyond what we originally envisioned the edge to be. >> And the SOC trend actually highlights that it's not so much about Moore's law as it is more about more chips, more performance. If you look at actual performance, Dave Vellante just put out a report on this, where there's actually more performance now than ever before coming in from the combined energy and combined processing power out there. So it's super, super amazing what you can do at the edge. Before we get into the edge, I want to just clarify what is your new role there? I mean, Samsung is known for obviously the B2C with the phones and everything else, but you have a specific focus, what is your main focus there? >> Yeah, our mission's pretty straightforward. And as everyone knows, Samsung is a powerhouse consumer electronics company. We pride ourselves in obviously our position in that, but we also have a very significant role really in the business to business and in the government and financial services sector space with our mobile devices, as well as with our Knox security platform solution and device management platform. We actually provide a large portion of the security devices for governments worldwide as well as the Knox platform that is built into the majority of our, both, consumer as well as business devices that really allows for that, if you will, that next protective layer on top of the Android OS that allows for things such as, personal and professional profiles. So we produce those solutions out of my team as well as we provide really the go-to-market support, as well as the RnD support for that platform, including an area that's growing rapidly for us which is in the rugged category, which is one of the key products that we're using for some of these edge applications that we'll be talking about. >> Great, let's jump into that. What are you guys doing specifically in the edge computing space? Let's dig into it. >> Yeah, I think maybe the place to start on that is we're really reinvisioning what the edge is. And I mentioned a little earlier that with what's occurring in the performance profile and really the functional profile, what is being produced at the device level. We're talking about in the last few years, the fidelity and the capabilities are in, what I would call the computer class type functions, as well as obviously mobile devices have always been communication gateways for a number of functions, whether they be videos or photos. They're multisensory in nature. And as this has become more practical and the connective tissue has gotten there with 5G as well as all kinds of other fast low latency communications capabilities and Wi-Fi 6, UWB, included within that. What we're finding is that the used case to bring applications especially cloud native and container native applications to these devices to be augmenting the endpoint user, the frontline worker, really the knowledge worker and moving that capability further away from, if you will, an extension to cloud services as well as MEC type services, this is where we see it going. And really what we're trying to work on with IBM and with Red Hat is how do we continue to fortify this, not only from an actual processing AI ML capability, but also equip these devices so that they can fully participate as part of a multi hybrid cloud architecture. The endpoint is really one of the last baskins where we have not conquered bringing cloud first container native applications really to that point. And we believe the time is right because of the capabilities that are there along with, again, the connectivity that is becoming much more ubiquitous now to allow for that type of architecture to exist. And we're starting to call this the intelligent human edge as well. We think that the applications that we'll see for this are ones that will make the human operator more productive, safer, certainly more efficient. And we think that this augmentation of that frontline worker is an area that we are, put our stakes on in terms of pioneering, just because of again, our experience in that mobility space and in that consumer space. >> That's great you brought up Red Hat and IBM. Obviously Red Hat was bought by IBM. Arvin, the CEO who I interviewed in 2019 in theCUBE at Red Hat summit, ironically, a couple months later, buys the company and a smile on his face. He likes cloud. >> K.C.: Maybe you had something to do with that, John. >> No, he wanted to, I could see he wanted to say it, but he loves the cloud. Everyone who knows Arvin knows that he's into the cloud in a new way. And this edge piece that you mentioned that you're using Red Hat and IBM for hybrid, this is what the new operating system is going to look like. It's a completely distributed system and the edge is just part of that operating model. This is what their vision is, which I love by the way. I think that redefines what that is. Are you saying that you guys are working with Red Hat and IBM for that hybrid edge piece? How does that work? Can you take me through that? >> Yeah, that's exactly right. I mean, obviously the ecosystem is bigger than that, but IBM and Red Hat really bring the expertise really around container ecosystems, certainly the work that they have done in terms a multi hybrid cloud, certainly the work that OpenShift has brought forward in terms of, you know, multi-platform capability. We really love the concept of develop bonds run, any sort of a construct. And when you think about it, the mobile platforms specifically, you know, ours, as well as others, has really been that last baskin of areas where more of the development is on a particular platform, it's more bespoke. We think that by broaching this, you know in conjunction with IBM and Red Hat this is going to give us the ability to have these device architectures become a full voting member, if you will, of that hybrid cloud architecture and of that microservice container architecture that is becoming much more prevalent. So this is really the work that we're doing. And then obviously we're working at a vertical level to see where are the applicable use cases in places such as the design studio we have in Singapore, where with the Singaporean government we're looking at really bringing a Renaissance to industry 4.0 type applications, smart factory automation, public safety, these areas where we believe that this type of architecture can be deployed. >> That's awesome. And I totally believe that, you know the edge is still going to be pushed farther and further out, honestly, having that open standards of hybrid. So I got to ask you, on the edge just while I got you here, you know, one of the things that you see clearly as the industrial edge, it's called, factories and whatnot. You've mentioned some of those. And then you've got the human piece, which is like people have phones and wearables and other things are going to be happening. So as you start to have those end points, which are then going to be connected into a distributed network, AKA a hybrid cloud, soon to be multiple clouds. But that's the sub system within the cloud construct. The complaint has been, not complaint, but the observation has been and complaint, if you look at it that the edge is limited by power and connectivity, okay. These are like key basic concepts. How is the connectivity option? I know 5G is coming, it's here, we're seeing it being deployed. We got people saying, hey, this is our business application. Clearly got higher throughput, not as much range. Give us your take on this because this becomes important, obviously, power is battery that is driven, it's getting better and better and power is not really that much of a problem, but connectivity seems to be, what's your vision of this? >> Yeah and you know, there's a lot of ways to approach that. I will tell you on the industrial side, at least in some of the deployments and PLCs that we've been involved in over the last a year or two years, connectivity is an issue. And a lot of it has to do with the infrastructure that is available in many of these plants or factories, or points of distribution, they're not necessarily leading edge, in many cases we're dealing with what I would call sub par connectivity. It's not like an office complex where you may have state-of-the-art Wi-Fi capability or 10 gig capability or whatever it might be. So what we've found on that is it requires actually quite a bit of work, in terms of fine tuning, both, on the the network infrastructure side, whatever that might be or we've also found that on the device side, the programmability of the of the device, in terms of tuning it for whatever connective environment would be there. And we've worked with everything from, you know, Bluetooth, UWB to Wi-Fi 6 and everything in between and in many cases or multiple protocols or connectivity methods that are there. So, you know, one thing we've learned is that you can't necessarily assume that in a, especially in a factory environment that those conditions are going to allow for consistency. So you have to engineer around that, you know, in some of the things that we've done are really around making sure that we've got deployable programmability at the device as well as board dynamic network tuning capabilities that will allow for better connectivity and to handle things such as consistency. >> All right, K.C., great insight. Final question for you, why Samsung and IBM? What's the bottom line? >> Yeah, I think the bottom line is really straightforward. I mean, we've had a 30 year history of working together, you know, we've been mutual customers to each other. We do a lot of work for IBM, in regards to foundry type services and semiconductor services. And that we work very closely with them over many years on applications. So number one, there's been a natural relationship, just in the services that we provided to each other. But as we look at really the go-to-market, I mean, IBM brings so much credibility from a vertical market perspective. There's a trusted advisor type status that I think is a very profound and it's been built over many years, you know, delivering on the promises. And on our end, I think what we bring is really this cycle time that is driven by our passion in the consumer space. And when we start to apply that into more of these vertical industrial, you know, vertical sectors, I think that combination is very powerful. The services piece obviously comes into play with IBM. And then really, the Red Hat piece of this really just puts the icing on the cake with really the the market leadership in hybrid cloud and in the container native architecture, so it's just a very powerful combo and the cooperation there has been strong and we continue to look forward to delivering more through that partnership. >> K.C., great to see you, great thing to hear. You know, you got scalable infrastructure, you got modern applications, got the edge, all hybrid. Great partnership. K.C. Choi, Corporate Executive Vice President and General Manager of Samsung Mobile B2B Team. Great to see you and congratulations on your mission and it's an exciting project. Thanks for coming on theCUBE and sharing. >> Great to see you, John, take care of yourself and looking forward to seeing you again. >> Okay, this is theCUBE's coverage IBM Think 2021. I'm John Furrier, your host of theCUBE. Thanks for watching. (soft upbeat music) (melodious music)

>>from around >>The globe. It's the cube with digital coverage of IBM. Think 2021 brought to you by IBM Hello and welcome back everyone to the cubes coverage of IBM Think 2021 virtual. I'm john for your host of the cube. I'm excited to have this next guest cube alumni Casey choi corporate E V P. Executive vice president and general manager at Samsung Mobile, the B to B and B to G team Casey, great to see you how you been >>john it is wonderful to see you and it's been way too long. Great to be back on the cube with you. Looking forward to our conversation and hope you're safe >>and same to you. Great to see you. I'm so excited. One of the things I've really admired about you and our conversations in the past as you've always had your finger on the pulse of the waves and you've always involved with some really great engineering work and I want to dig into this now because um your role is really hitting the industry four dot oh kind of wave, which is the confluence of tech, media, entertainment, every vertical big data IOT and the the with the distributed computing now called the cloud and edge. It really sets the table for what is now going to be the preferred architecture probably for the next 20 plus years. So give us your view on how you see the the changing landscape in the industry. >>Yeah, I think I think you you covered you know, all of the major seismic shifts that are happening here and then, you know, as we've all experienced over the last, you know, over a year with the covid pandemic, that's actually accelerated a lot of the thinking around the edge. We've certainly seen use cases proliferate whether it be in things such as health care, Manufacturing is also taken. I think a real hard look at the applicability of these types of solutions. Uh we've seen things like for example 5G pick up in these sort of industrial applications as um you know as the industrial companies have thought about worker safety as they thought about automation as they thought about, you know, utilize being more protocols as well as you know, bringing these technologies and processes together in a way that will help to kind of reinvent their their particular economic base as well as kind of the learnings that we've seen over the last year coming from these new uh safety protocols as well as the need for now with the economy is picking back up the need for productivity as well as you know, greater efficiencies coming from these types of solutions. So we've seen that confluence happened and then certainly on our end as our network connectivity has become much stronger, lower latency as well as the endpoint capabilities have increased dramatically over the last few years, as S O C. S and others have taken root. We've seen the edge, if you will start to be more extreme in the sense that it's pushing further and further out beyond what we originally envisioned the edge to be. >>And the S O C trend actually highlights that it's not so much about moore's law as it is more about more chips, more more performance if you look at actual performance, David and they just put out a report on this where there's much more performance now than ever before coming in from the combined energy. So uh and combined processing power out there. So it's super, super amazing what you can do at the edge. Before we get into the edge. I want to just Clarify, what is your new role there? I mean Samsung is known for, I'll see the B2C with the phones and everything else, but you have a specific focus uh what is your main focus there? >>Yeah, our missions pretty straightforward and as everyone knows, you know, Samsung is this uh you know, powerhouse uh consumer electronics company we pride ourselves in and obviously uh our our position in that, but um we also have a very significant role really in the business to business and in the government and financial services sector space uh with our mobile devices as well as with our knock security platform solution and device management platform. We actually provide a large portion of the secure devices for governments worldwide, as well as the Knox platform that is built into the majority of our both consumer as well as business devices uh really allows for uh that uh if you will that next protective layer on top of the android. Os that allows for things such as personal and professional profile. So we produce those solutions out of my team um as well as we provide really the the go to market support as well as the R and D support for that platform, including uh an area that's growing rapidly for us, which is in the rugged category, which is, you know, one of the key products that we're using for some of these edge applications that will be talking about. >>Great, let's jump into that. What are you guys doing specifically on the edge computing space? Let's dig into it. >>Yeah, I think, you know, maybe the place to start on that is uh we're really kind of re envisioning what the edges and uh I mentioned a little earlier that uh with what's occurring in the performance profile and really the functional profile, what is being produced at the device level, You know, we're talking about in the last few years, the fidelity and the capabilities are, you know, in, you know, what I would call the the computer class type uh, functions as well as obviously mobile devices have always been um, communication gateways for a number of functions, whether they be, you know, videos or photos, their multi sensory in nature. And as this has become more practical and the connective tissue has gotten there with five G as well as all kinds of other, you know, fast, low latency communications capabilities and wifi six U w b, you know, included within that. What we're finding is that the use case to bring applications, especially cloud, native and container native applications uh, to these devices to be, you know, augmenting the the endpoint user, the frontline worker, uh really the Knowledge Worker and moving that capability further away from if you will and an extension to cloud services as well as the M E C type services. This is where we see it going and really what we're trying to to work on with IBM and with red hat is how do we, you know, continue to fortify this, not only from a actual processing ai Ml capability, but also equipped these devices so that they can fully participate as part of a multi hybrid cloud architecture. Uh the endpoint is really one of the last baskets where we have not uh kind of conquered bringing uh, you know, cloud first container native applications really to that point and we believe the time is right because of the capabilities that are there along with again, uh the connectivity that is becoming much more ubiquitous now to allow for that type of architecture to exist. And uh, we're starting to call this the intelligent human edge as well. We think that the applications that will see for this are you know, ones that will uh, you know, make the, the human operator more productive, safer, uh certainly more efficient and uh we think that this augmentation of that front line workers is an area that we, we are, you know, put put our, our steaks on in terms of pioneering just because of our experience in that mobility space and in the consumer space. >>That's great. You brought up red hat and IBM obviously red hat was bought by IBM Arvin Arvin Ceo. Well I interviewed in 2019 and the cube that red hat summit, ironically a couple months later by the company just smile on his face. He likes clowns. >>You had something to do with that. You know, >>he wanted to, I could see he wanted to say it, but but he loves the cloud. Everyone who knows Arvin knows that he's into the cloud in a new way in this edge piece that you mentioned that you're using red hat and IBM for hybrid. This is what the new operating system is going to look like. It's a completely distributed system and the edge is just part of that operating model. This is what their vision is, which I love by the way, I think that redefines what that is. Are you saying that you guys are working with red hat and IBM for that hybrid edge piece. How does that work? Can you take me through that? >>Yeah, that's exactly right. I mean this is a obviously the ecosystems bigger than that, but IBM and red Hat really bring the expertise really around uh container ecosystems, certainly the work that they have done in terms of multi hybrid cloud, uh certainly the work that open ship has brought forward in terms of, you know, multi platform capability. We really love the concept of developed once run any sort of a construct. And uh when you think about it, the mobile platforms specifically, you know, ours as well as others has really been that last bastion of, of areas where more of the development is on a particular platform, it's more bespoke. We think that by broaching this uh, you know, in conjunction with IBM and Red Hat, um this is going to give us the ability to have these device architecture has become a full voting member if you will of of that hybrid cloud architecture and of that microservices can contain architecture that is becoming much more prevalent. So this is really the work that we're doing. And then obviously we're working at a vertical level to see where are the applicable use cases in places such as the design studio we have in Singapore, where with the Singaporean government, we're looking at really bringing a renaissance to industry ford auto type application, smart factory automation, public safety. These areas where we believe that this type of architecture can be, can be deployed. >>That's awesome. And totally believe that the edge um it's still gonna be pushed further and further out, honestly having that open, open standards of of hybrid. So I gotta ask you on the edge just well I got you here, you know, one of the things that you see clearly as the industrial edge, it's called factories and whatnot. You mentioned some of those and then you got the human piece, which is like people have phones and wearables and other things are gonna be happening. So as you start to have those endpoints which are then gonna be connected into a distributed network, take a hybrid cloud, so to be multiple clouds. But yeah, that's the subsystem within the cloud construct. The complaint has been not complaint, but the observation has been and complain if you look at it that the edges limited by power and connectivity. Okay. These are like key basic concepts, How is the connectivity option? I know five Gs coming, it's here, we're seeing it being deployed, we got people saying, hey, this is our business application, clearly got higher throughput, not as much range, give us your take on this because this becomes important. I'll see powers battery driven, getting better and better and and power is getting uh is not really that much of a problem, but connectivity seems to be what's your vision of this? >>Yeah, and you know, there's a lot of ways to approach that, I will tell you on the industrial side, at least in some of the deployments and pOC is that we've been involved in over the last year to two years, um connectivity is an issue uh and a lot of it has to do with the infrastructure that is available in many of these uh you know, plants or factories or you know, points of distribution. Uh they're not necessarily, you know, leading edge in many cases we're dealing with uh you know what I would call subpar connectivity, it's not like an office complex where You may have, you know, kind of state of the art wifi capability or you know, 10 gig capability or whatever it might be. Um So what we've, what we've found on that is it requires actually quite a bit of work in terms of fine tuning both on the network infrastructure side, whatever that might be. Uh Or we've also found that on the device side, the program ability of the of the device in terms of tuning it for whatever connective environment would be there. And we worked with everything from, you know, bluetooth, you w b uh to wifi six and everything in between and in many cases they're multiple uh you know, protocols or connectivity methods that are there. So, you know, one thing we've learned is that um you can't you can't necessarily assume that in a especially in a factory environment that those conditions are going to allow for um uh you know, consistency, so you have to engineer around that, you know, and some of the things that we've done are really around making sure that we've got uh, you know, deployable program ability at the device as well as, you know, uh more dynamic network tuning capabilities that will allow for, you know, better connectivity and handle things such as consistency. >>All right, Casey, Great to incite final question for you why Samsung and IBM, what's the bottom line? >>Yeah, I think the bottom line is really straightforward. I mean we've had a, you know, 30 year history of working together, uh you know, we've been mutual customers to each other. We do a lot of work for IBM in regards to foundry type services and semiconductor services and then we work very closely with them over many years on applications. So number one, there's been a natural relationship just in the the the services that we provided to each other. But as as we look at really to go to market, I mean, IBM brings so much credibility from a vertical market perspective. Um there's a trusted advisor type status that I think is is very profound and it's been built over many years, you know, delivering on the promises and on our end. I think what we bring is really this uh this uh cycle time that is driven by our passion in the consumer space. And when we start to apply that into more of these vertical industrial, uh you know, vertical sectors, I think that combination is very powerful. Um the services piece obviously comes into play with IBM and then really the red hat piece of this really just puts the icing on the cake with really the market leadership in uh you know, hybrid cloud and in the container native architecture. So it's just a very powerful combo. And um you know, the cooperation there has been strong and we continue to look forward to delivering more through that partnership. >>Casey great to see a great, great thing to hear. You know, you got scalable infrastructure, you get modern applications at the edge, all of hybrid. Great, great partnership. Casey Choi Executive Vice Corporate Executive Vice President and General Manager of Samsung Mobile B two B team. Great to see you and congratulations on your mission. It's exciting project. Thanks for coming on the cube and sharing. >>Great to see you, jOHn take care of yourself and looking forward to seeing you again. >>Okay, this is the cubes coverage. IBM think 2021. I'm john for your host of the cube. Thanks for watching.

(radio calls) >> Announcer: From around the globe, its theCUBE covering Space & Cybersecurity Symposium 2020, hosted by Cal poly. Hello, welcome back to theCUBE virtual coverage with Cal Poly for the Space and Cybersecurity Symposium, a day four and the wrap up session, keynote session with the Lieutenant Governor of California, Eleni Kounalakis. She's here to deliver her keynote speech on the topic of California's role in supporting America's Cybersecurity future. Eleni, take it away. >> Thank you, John, for the introduction. I am Lieutenant Governor Eleni Kounalakis. It is an honor to be part of Cal Poly Space and Cybersecurity Symposium. As I speak kind of Pierre with the governor's office of business and economic development is available on the chat, too ready to answer any questions you might have. California and indeed the world are facing significant challenges right now. Every day we are faced with the ongoing COVID-19 pandemic and the economic downturn that is ensued. We have flattened the curve in California and are moving in the right direction but it is clear that we're not out of the woods yet. It is also impossible right now to escape the reality of climate change from the fire sparked by exceptionally rare, dry lightening events to extreme heat waves threatening public health and putting a strain on our electricity grid. We see that climate change is here now. And of course we've been recently confronted with a series of brutal examples of institutionalized racism that have created an awakening among people of all walks of life and compelled us into the streets to march and protest. In the context of all this, we cannot forget that we continue to be faced with other less visible but still very serious challenges. Cybersecurity threats are one of these. We have seen cities, companies and individuals paralyzed by attacks costing time and money and creating an atmosphere of uncertainty and insecurity. Our state agencies, local governments, police departments, utilities, news outlets and private companies from all industries are target. The threats around cybersecurity are serious but not unlike all the challenges we face in California. We have the tools and fortitude to address them. That is why this symposium is so important. Thank you, Cal Poly and all the participants for being here and for the important contributions you bring to this conference. I'd like to also say a few words about California's role in America's future in space. California has been at the forefront of the aerospace industry for more than a century through all the major innovations in aerospace from wooden aircraft, to World War II Bombers, to rockets and Mars rovers. California has played a pivotal role. Today, California is the number one state in total defense spending, defense contract spending and total number of personnel. It is estimated the Aerospace and Defense Industry, provides $168 billion in economic impact to our state. And America's best trained and most experienced aerospace and technology workforce lives here in California. The fact that the aerospace and defense sector, has had a strong history in California is no accident. California has always had strong innovation ecosystem and robust infrastructure that puts many sectors in a position to thrive. Of course, a big part of that infrastructure is a skilled workforce. And at the foundation of a skilled workforce is education. California has the strongest system of public higher education in the world. We're home to 10 university of California campuses, 23 California State university campuses and 116 California Community Colleges. All told nearly 3 million students are enrolled in public higher education. We also have world renowned private universities including the California Institute of Technology and Stanford University numbers one and three in the country for aerospace engineering. California also has four national laboratories and several NASA facilities. California possesses a strong spirit of innovation, risk taking and entrepreneurship. Half of all venture capital funding in the United States, goes to companies here in California. Lastly, but certainly no less critical to our success, California is a diverse state. 27% of all Californians are foreign born, 27% more than one in four of our population of 40 million people are immigrants from another country, Europe central and South America, India, Asia, everywhere. Our rich cultural diversity is our strength and helps drive our economy. As I look to the future of industries like cybersecurity and the growing commercial space industry, I know our state will need to work with those industries to make sure we continue to train our workforce for the demands of an evolving industry. The office of the lieutenant governor has a unique perspective on higher education and workforce development. I'm on the UC Board of Regents, the CSU Board of Trustees. And as of about two weeks ago, the Community Colleges Board of Governors. The office of the lieutenant governor is now the only office that is a member of every governing board, overseeing our public higher education system. Earlier in the symposium, we heard a rich discussion with Undersecretary Stewart Knox from the California Labor and Workforce Development Agency about what the state is doing to meet the needs of space and cybersecurity industries. As he mentioned, there are over 37,000 job vacancies in cybersecurity in our state. We need to address that gap. To do so, I see an important role for public private partnerships. We need input from industry and curriculum development. Some companies like Lockheed Martin, have very productive partnerships with universities and community colleges that train students with skills they need to enter aerospace and cyber industries. That type of collaboration will be key. We also need help from the industry to make sure students know that fields like cybersecurity even exist. People's early career interests are so often shaped by the jobs that members of their family have or what they see in popular culture. With such a young and evolving field like cybersecurity, many students are unaware of the job opportunities. I know for my visits to university campuses that students are hungry for STEM career paths where they see opportunities for good paying jobs. When I spoke with students at UC Merced, many of them were first generation college students who went through community college system before enrolling in a UC and they gravitated to STEM majors. With so many job opportunities available to STEM students, cybersecurity ought to be one that they are aware of and consider. Since this symposium is being hosted by Cal Poly, I wanted to highlight the tremendous work they're doing as leaders in the space and cybersecurity industry. Cal Poly California Cybersecurity Institute, does incredible work bringing together academia, industry and government training the next generation of cyber experts and researching emerging cybersecurity issues. As we heard from the President of Cal Poly, Jeff Armstrong the university is in the perfect location to contribute to a thriving space industry. It's close to Vandenberg Air Force Base and UC Santa Barbara and could be home to the future permanent headquarters of US Space Command. The state is also committed to supporting this space industry in the Central Coast. In July, the State of California, Cal poly US-based force and the others signed a memorandum of understanding to develop a commercial space port at Vandenberg Air Force Base and to develop a master plan to grow the commercial space industry in the region. Governor Newsom has made a commitment to lift up all regions of the state. And this strategy will position the Central Coast to be a global leader in the future of the space industry. I'd like to leave you with a few final thoughts, with everything we're facing. Fires, climate change, pandemic. It is easy to feel overwhelmed but I remain optimistic because I know that the people of the State of California are resilient, persistent, and determined to address our challenges and show a path toward a better future for ourselves and our families. The growth of the space industry and the economic development potential of projects like the Spaceport at Vandenberg Air Force Base, our great example of what we can look forward to. The potential for the commercial space industry to become a $3 trillion industry by mid century, as many experts predict is another. There are so many opportunities, new companies are going to emerge doing things we never could have dreamed of today. As Lieutenant General John Thompson said in the first session, the next few years of space and cyber innovation are not going to be a pony ride at the state fair, they're going to be a rodeo. We should all saddle up. Thank you. >> Okay, thank you very much, Eleni. I really appreciate it. Thank you for your participation and all your support to you and your staff. You guys doing a lot of work, a lot going on in California but cybersecurity and space as it comes together, California's playing a pivotal role in leading the world and the community. Thank you very much for your time. >> Okay, this session is going to continue with Bill Britton. Who's the vice president of technology and CIO at Cal Poly but more importantly, he's the director of the cyber institute located at Cal Poly. It's a global organization looking at the intersection of space and cybersecurity. Bill, let's wrap this up. Eleni had a great talk, talking about the future of cybersecurity in America and its future. The role California is playing, Cal Poly is right in the Central Coast. You're in the epicenter of it. We've had a great lineup here. Thanks for coming on. Let's put a capstone on this event. >> Thank you, John. But most importantly, thanks for being a great partner helping us get this to move forward and really changing the dynamic of this conversation. What an amazing time we're at, we had quite an unusual group but it's really kind of the focus and we've moved a lot of space around ourselves. And we've gone from Lieutenant General Thompson and the discussion of the opposition and space force and what things are going on in the future, the importance of cyber in space. And then we went on and moved on to the operations. And we had a private company who builds, we had the DOD, Department Of Defense and their context and NASA and theirs. And then we talked about public private partnerships from President Armstrong, Mr. Bhangu Mahad from the DOD and Mr. Steve Jacques from the National Security Space Association. It's been an amazing conference for one thing, I've heard repeatedly over and over and over, the reference to digital, the reference to cloud, the reference to the need for cybersecurity to be involved and really how important that is to start earlier than just at the employment level. To really go down into the system, the K through 12 and start there. And what an amazing time to be able to start there because we're returning to space in a larger capacity and it's now all around us. And the lieutenant governor really highlighted for us that California is intimately involved and we have to find a way to get our students involved at that same level. >> I want to ask you about this inflection point that was a big theme of this conference and symposium. It was throughout the interviews and throughout the conversations, both on the chat and also kind of on Twitter as well in the social web. Is that this new generation, it wasn't just space and government DOD, all the normal stuff you see, you saw JPL, the Hewlett Foundation, the Defense Innovation Unit, Amazon Web Services, NASA. Then you saw entrepreneurs come in, who were doing some stuff. And so you had this confluence of community. Of course, Cal Poly had participated in space. You guys does some great job, but it's not just the physical face-to-face show up, gets to hear some academic papers. This was a virtual event. We had over 300 organizations attend, different organizations around the world. Being a virtual event you had more range to get more people. This isn't digital. This symposium isn't about Central California anymore. It's global. >> No, it really has gone. >> What really happened to that? >> It's really kind of interesting because at first all of this was word of mouth for this symposium to take place. And it just started growing and growing and the more that we talk to organizations for support, the more we found how interconnected they were on an international scale. So much so that we've decided to take our cyber competition next year and take it globally as well. So if in fact as Major General Shaw said, this is about a multinational support force. Maybe it's time our students started interacting on that level to start with and not have to grow into it as they get older, but do it now and around space and around cybersecurity and around that digital environment and really kind of reduce the digital dividing space. >> Yeah, General Thompson mentioned this, 80 countries with programs. This is like the Olympics for space and we want to have these competitions. So I got great vision and I love that vision, but I know you have the number... Not number, the scores and from the competition this year that happened earlier in the week. Could you share the results of that challenge? >> Yeah, absolutely. We had 83 teams participate this year in the California Cyber Innovation Challenge. And again, it was based around a spacecraft scenario where a spacecraft, a commercial spacecraft was hacked and returned to earth. And the students had to do the forensics on the payload. And then they had to do downstream network analysis, using things like Wireshark and autopsy and other systems. It was a really tough competition. The students had to work hard and we had middle school and high school students participate. We had an intermediate league, new schools who had never done it before or even some who didn't even have STEM programs but were just signing up to really get involved in the experience. And we had our ultimate division which was those who had competed in several times before. And the winner of that competition was North Hollywood. They've been the winning team for four years in a row. Now it's a phenomenal program, they have their hats off to them for competing and winning again. Now what's really cool is not only did they have to show their technical prowess in the game but they also have to then brief and out-brief what they've learned to a panel of judges. And these are not pushovers. These are experts in the field of cybersecurity in space. We even had a couple of goons participating from DefCon and the teams present their findings. So not only are we talking technical, we're talking about presentation skills. The ability to speak and understand. And let me tell you, after reading all of their texts to each other over the weekend adds a whole new language they're using to interact with each other. It's amazing. And they are so more advanced and ready to understand space problems and virtual problems than we are. We have to challenge them even more. >> Well, it sounds like North Hollywood got the franchise. It's likethe Patriots, the Lakers, they've got a dynasty developing down there in North Hollywood. >> Well, what happens when there's a dynasty you have to look for other talent. So next year we're going global and we're going to have multiple states involved in the challenge and we're going to go international. So if North Hollywood pulls it off again next year, it's going to be because they've met the best in the world than defeated >> Okay, the gauntlet has been thrown down, got to take down North Hollywood from winning again next year. We'll be following that. Bill, great to get those results on the cyber challenge we'll keep track and we'll put a plug for it on our site. So we got to get some press on that. My question to you is now as we're going digital, other theme was that they want to hire digital natives into the space force. Okay, the DOD is looking at new skills. This was a big theme throughout the conference not just the commercial partnerships with government which I believe they had kind of put more research and personally, that's my personal opinion. They should be putting in way more research into academic and these environments to get more creative. But the skill sets was a big theme. What's your thoughts on how you saw some of the highlight moments there around skill sets? >> John, it's really interesting 'cause what we've noticed is in the past, everybody thinks skill sets for the engineering students. And it's way beyond that. It's all the students, it's all of them understanding what we call cyber cognizance. Understanding how cybersecurity works whatever career field they choose to be in. Space, there is no facet of supporting space that doesn't need that cyber cognizance. If you're in the back room doing the operations, you're doing the billing, you're doing the contracting. Those are still avenues by which cybersecurity attacks can be successful and disrupt your space mission. The fact that it's international, the connectivities, all of those things means that everyone in that system digitally has to be aware of what's going on around them. That's a whole new thought process. It's a whole new way of addressing a problem and dealing with space. And again it's virtual to everyone. >> That's awesome. Bill, great to have you on. Thank you for including theCUBE virtual, our CUBE event software platform that we're rolling out. We've been using it for the event and thank you for your partnership in this co-creation opening up your community, your symposium to the world, and we're so glad to be part of it. I want to thank you and Dustin and the team and the President of Cal Poly for including us. Thank you very much. >> Thank you, John. It's been an amazing partnership. We look forward to it in the future. >> Okay, that's it. That concludes the Space and Cybersecurity Symposium 2020. I'm John Furrier with theCUBE, your host with Cal Poly, who put on an amazing virtual presentation, brought all the guests together. And again, shout out to Bill Britton and Dustin DeBrum who did a great job as well as the President of Cal poly who endorsed and let them do it all. Great event. See you soon. (flash light sound)

>>From Las Vegas. It's the cube covering Qualis security conference 2019 you buy quality. >>Hey, welcome back. You're ready. Jeff Frick here with the cube. We're in Las Vegas at the Bellagio, at the quality security conference. It's the 19th year they've been doing this. It's our first year here and we're excited to be here and it's great to have a veteran who's been in this space for so long, to give a little bit more of a historical perspective as to what happened in the past and where we are now and what can we look forward to in the future. So coming right off his keynote is Felipe korto, the chairman and CEO of Qualys. Phillip, great to see you. Thank you. Same, same, same for me. Absolutely. So you touched on so many great, um, topics in your conversation about kind of the shifts of, of, of modern computing from the mainframe to the mini. We've heard it over and over and over, but the key message was really about architecture. If you don't have the right architecture, you can't have the right solution. So how has the evolution of architects of architectures impacted your ability to deliver security solutions for your clients? >>So now that's a very good question. And in fact, you know, what happened is that we started in 1999 with a vision that we could use exactly like a salesforce.com this nascent internet technologies and apply that to security. And uh, so, and mod when you have applied that to essentially changing the way CRM was essentially used and deployed in enterprises and with a fantastic success as we know. So for us, the, I can say today that 19 years later the vision was right. It took a significant longer because the security people are not really, uh, warm at the idea of silently, uh, having the data in their view, which was in place that they could not control. And the it people, they didn't really like at all the fact that suddenly they were not in control anymore of the infrastructure. So we had a lot of resistance. >>I, wherever we always, I always believe, absolutely believe that the, the cloud will be the cloud architecture to go back. A lot of people make the confusion. That was part of the confusion that for people it was a cloud, that kind of magical things someplace would you don't know where. And when I were trying to explain, and I've been saying that so many times that well you need to look at the cloud like compute that can architecture which distribute the competing power far more efficiently than the previous one, which was client server, which was distributing the convening power far better than of course the mainframes and the mini computers. And so if you look at their architectures, so the mainframe were essentially big data centers in uh, in Fort Knox, like settings, uh, private lines of communication to a dump terminal. And of course security was not really issue then because it's security was built in by the IBM's and company. >>Same thing with the mini computer, which then was instead of just providing the computing power to the large, very large company, you could afford it. Nelson and the minicomputer through the advanced in semiconductor technology could reduce a foot Frank. And then they'll bring that computing power to the labs and to the departments. And was then the new era of the digital equipment, the prime, the data general, et cetera. Uh, and then kind of server came in. So what client server did, again, if you look at the architecture, different architecture now silently servers, the land or the internal network and the PC, and that was now allowing to distribute the computing power to the people in the company. And so, but then you needed to, so everybody, nobody paid attention to security because then you were inside of the enterprise. So it started inside the walls of the castle if you prefer. >>So nobody paid attention to that. It was more complex because now you have multiple actors. Instead of having one IBM or one digital equipment, et cetera, suddenly you have the people in manufacturing and the servers, the software, the database, the PCs, and on announcer, suddenly there was the complexity, increasing efficiency, but nobody paid attention to security because it wasn't a needed until suddenly we realized that viruses could come in through the front door being installed innocently. You were absolutely, absolutely compromised. And of course that's the era of the antivirus which came in. And then because of the need to communicate more and more now, Senator, you could not stay only in your castle. You needed to go and communicate to your customers, to your suppliers, et cetera, et cetera. And now he was starting to open up your, your castle to the world and hello so now so that the, the bad guy could come in and start to steal your information. >>And that was the new era of the forward. Now you make sure that those who come in, but of course that was a little bit naive because there were so many other doors and windows, uh, that people could come in, you know, create tunnels and create these and all of that trying to ensure your customers because the data was becoming more and more rich and more, more important or more value. So whenever there is a value, of course the bad guys are coming in to try to sell it. And that was that new era of a willing to pay attention to security. The problem has been is because you have so many different actors, there was nothing really central there that was just selling more and more solutions and no, absolutely like 800 vendors bolting on security, right? And boating on anything is short-lived at the end of the day because you put more and more weight and then you also increase the complexity and all these different solutions you need. >>They need to talk together so you have a better context. Uh, but they want the design to talk together. So now you need to put other system where they could communicate that information. So you complicated and complicated and complicated the solution. And that's the problem of today. So now cloud computing comes in and again, if you look at the architecture of cloud computing, it's again data centers, which is not today I've become thanks to the technology having infinite, almost competing power and storage capabilities. And like the previous that I sent her, the are much more fractured because you just one scale and they become essentially a little bit easier to secure. And by the way, it's your fewer vendors now doing that. And then of course the access can be controlled better. Uh, and then of course the second component is not the land and the one, it's now the internet. >>And the internet of course is the web communications extremely cheap and it brings you an every place on the planet and soon in Morris, why not? So and so. Now the issue today is that still the internet needs to be secure. And today, how are we going to secure the internet? Which is very important thing today because you see today that you can spoof your email, you can spoof your website, uh, you can attack the DNS who, yes, there's a lot of things that the bad guys still do. And in fact, they've said that leverage the internet of course, to access everywhere so they take advantage of it. So now this is obviously, you know, I created the, the trustworthy movement many years ago to try to really address that. Unfortunately, the quality's was too small and it was not really our place today. There's all the Google, the Facebook, the big guys, which in fact their business depend on the internet. >>Now need to do that. And I upload or be diabetic, criticized very much so. Google was the first one to essentially have a big initiative, was trying to push SSL, which everybody understand is secret encryption if you prefer. And to everybody. So they did a fantastic job. They really push it. So now today's society is becoming like, okay, as I said, you want to have, as I said it all in your communication, but that's not enough. And now they are pushing and some people criticize them and I absolutely applaud them to say we need to change the internet protocols which were created at a time when security, you were transferring information from universities and so forth. This was the hay days, you know, of everything was fine. There was no bad guys, you know, the, he'd be days, if you like, of the internet. Everybody was free, everybody was up and fantastic. >>Okay. And now of course, today this protocol needs to be upgraded, which is a lot of work. But today I really believe that if you put Google, Amazon, Facebook altogether, and they can fix these internet protocols. So we could forget about the spoofing and who forgot about all these phishing and all these things. But this is their responsibility. So, and then you have now on the other side, you have now very intelligent devices from in a very simple sensors and you know, to sophisticated devices, the phone, that cetera and not more and more and more devices interconnected and for people to understand what is going. So this is the new environment and whether we always believe is that if you adopt an architecture, which is exactly which fits, which is similar, then we could instead of bolting security in, we can now say that the build security in a voting security on, we could build security in. >>And we have been very proud of the work that we've done with Microsoft, which we announced in fact relatively recently, very recently, that in fact our agent technologies now is bundled in Microsoft. So we have built security with Microsoft in. So from a security perspective today, if you go to the Microsoft as your secretly center, you click on the link and now you have the view of your entire Azure environment. Crazier for quality Sagent. You click on a second link and now you have the view of your significant loss posture, crazy of that same quality. Say Sagent and then you click on the third name with us. Nothing to do with quality. It's all Microsoft. You create your playbook and you remediate. So security in this environment has become click, click, click, nothing to install, nothing to update. And the only thing you bring are your policies saying, I don't want to have this kind of measured machine expose on the internet. >>I want, this is what I want. And you can continuously audit in essentially in real time, right? So as you can see, totally different than putting boxes and boxes and so many things and then having to for you. So very big game changer. So the analogy that I want you that I give to people, it's so people don't understand that paradigm shift is already happening in the way we secure our homes. You put sensors everywhere, you have cameras, you have detection for proximity detection. Essentially when somebody tried to enter your home, all that data is continuously pumped up into an incidence restaurant system. And then from your phone, again across the internet, you can change the temperature of your rooms. You can do what you can see the person who knocks on the door. You can see its face, you can open the door, close the door, the garage door, you can do all of that remotely, another medically. >>And then if there's a burglar then in your house to try to raking immediately the incidents or some system called the cops or the far Marsha difficult fire. And that's the new paradigm. So security has to follow that paradigm. And then you have interesting of the problem today that we see with all the current secretly uh, systems, uh, incidents, response system. They have a lot of false positive, false positive and false negative are the enemy really of security. Because if you are forced visited, you cannot automate the response because then you are going to try to respond to something that is not true. So you are, you could create a lot of damage. And the example I give you that today in the, if you leave your dog in your house and if you don't have the ability, the dog will bark, would move. And then the sensors would say intruder alert. >>So that's becomes a false positive. So how do you eliminate that? By having more context, you can eliminate automatically again, this false positives. Like now you take a fingerprint of your dog and of these voice and now the camera and this and the sensors and the voice can pick up and say, Oh, this is my dog. So then of course you eliminate that for solar, right? Right. Now even if another dog managed to enter your home through a window which was open or whatever for soul, you will know her window was up and but you know you cannot necessarily fix it and the dog opens. Then you will know it's a, it's a, it's not sure about, right? So that's what security is evolving such a huge sea of change, which is happening because of all that internet and today companies today, after leveraging new cloud technology, which are coming, there's so much new technology. >>What people understand is where's that technology coming from? How come silently we have, you know, Dockers netics all these solutions today, which are available at almost no cost because it's all open source. So what happened is that, which is unlike the enterprise software, which were more the Oracle et cetera, the manufacturer of that software today is in fact the cloud public cloud vendors, the Amazon, the Google, the Facebook, the Microsoft. We suddenly needed to have to develop new technology so they could scale at the size of the planet. And then very shrewdly realized that effective that technology for me, I'm essentially going to imprison that technology is not going to evolve. And then I need other technologies that are not developing. So they realized that they totally changed that open source movement, which in the early days of opensource was more controlled by people who had more purity. >>If you prefer no commercial interests, it was all for the good of the civilization and humankind. And they say their licensing model was very complex. So they simplified all of that. And then nothing until you had all this technology coming at you extremely fast. And we have leverage that technology, which was not existing in the early days when when socials.com started with the Linux lamp pour called what's called Linux Apache. My SQL and PHP, a little bit limiting, but now suddenly all this technology, that classic search was coming, we today in our backend, 3 trillion data points on elastic search clusters and we return inflammation in a hundred milliseconds. And then onto the calf cabin, which is again something at open source. We, we, we, and now today 5 million messages a day and on and on and on. So the world is changing and of course, if that's what it's called now, the digital transformation. >>So now enterprises to be essentially agile, to reach out to the customers better and more, they need to embrace the cloud as the way they do, retool their entire it infrastructure. And essentially it's a huge sea of change. And that's what we see even the market of security just to finish, uh, now evolving in a totally different ways than the way it has been, which in the past, the market of security was essentially the market for the enterprise. And I'm bringing you my, my board, my board town solutions that you have to go and install and make work, right? And then you had the, the antivirus essentially, uh, for all the consumers and so forth. So today when we see the marketplace, which is fragmenting in four different segments, which is one is the large enterprise which are going to essentially consolidate those stock, move into the digital transformation, leveraging absolutely dev ops, which isn't becoming the new buyer and of course a soak or they could improve, uh, their it for, to reach out to more customers and more effectively than the cloud providers as I mentioned earlier, which are building security in the, no few use them. >>You don't have to worry about infrastructure, about our mini servers. You need, I mean it is, it's all done for you. And same thing about security, right? The third market is going to be an emergence of a new generation of managed security service providers, which are going to take to all these companies. We don't have enough resources. Okay, don't worry, I'm going to help you, you know, do all that digital transformation. And that if you build a security and then there's a totally new market of all these devices, including the phone, et cetera, which connects and that you essentially want to all these like OT and IOT devices that are all now connected, which of course presents security risk. So you need to also secure them, but you also need to be able to also not only check their edits to make sure that, okay, because you cannot send people anymore. >>So you need to automate the same thing on security. If you find that that phone is compromised, you need to make, to be able to make immediate decisions about should I kill that phone, right? Destroyed everything in it. Should I know don't let that phone connect anymore to my networks. What should I do? Should I, by the way detected that they've downloaded the application, which are not allowed? Because what we see is more and more companies now are giving tablets, do the users. And in doing so now today's the company property. So they could say, okay, you use these tablets and uh, you're not allowed to do this app. So you could check all of that and then automatically remote. But that again requires a full visibility on what you are. And that's why just to finish, we make a big decision about a few, three months ago that we have, we build the ability for any company on the planet to automatically build their entire global HSE inventory, which nobody knows what they have in that old networking environment. >>You don't know what connects to have the view of the known and the unknown, totally free of charge, uh, across on premise and pawn cloud containers, uh, uh, uh, whether vacations, uh, OT and IOT devices to come. So now there's the cornerstone of security. So with that totally free. So, and then of course we have all these additional solutions and we're build a very scalable, uh, up in platform where we can take data in, pass out data as well. So we really need to be and want to be good citizen here because security at the end of the day, it's almost like we used to say like the doctors, you have to have that kind of apricot oath that you cannot do no arm. So if you keep, if you try to take the data that you have, keep it with you, that's absolutely not right because it's the data of your customers, right? >>So, and you have to make sure that it's there. So you have to be a good warning of the data, but you have to make sure that the customer can absolutely take that data to whatever he wants with it, whatever he needs to do. So that's the kind of totally new field as a fee. And finally today there is a new Ash culture change, which is, which is happening now in the companies, is that security has become fronted centers, is becoming now because of GDPR, which has a huge of financial could over you challenge an impact on a company. A data breach can have a huge financial impact. Security has become a board level. More and more social security is changing and now it's almost like companies, if they want to be successful in the future, they need to embrace a culture of security. And now what I used to say, and that was the, the conclusion of my talk is that now, today it DevOps, uh, security compliance, people need to unite. Not anymore. The silos. I do that. This is my, my turf, my servers. You do that, you do this. Everybody in the company can work. I have to work together towards that goal. And the vendors need to also start to inter operate as well and working with our customers. So it's a tall, new mindset, which is happening, but the safes are big. That's what I'm very confident that we're now into that. Finally, we thought, I thought it would have happened 10 years ago, quite frankly. And uh, but now today's already happening. >>She touched on a lot, a lot there. And I'll speak for another two hours if we could. We could go for Tara, but I want to, I want to unpack a couple of things. We've had James Hamilton on you to at AWS. Um, CTO, super smart guy and it was, it was at one of his talks where it really was kind of a splash, a wet water in the face when he talked about the amount of resources Amazon could deploy to just networking or the amount of PhD power he could put on, you know, any little tiny sub segment of their infrastructure platform where you just realize that you just can't, you can't compete, you cannot put those kinds of resources as an individual company in any bucket. So the inevitability of the cloud model is just, it's, it's the only way to leverage those resources. But because of that, how has, how has that helped you guys change your market? How nice is it for you to be able to leverage infrastructure partners? Like is your bill for go to market as well as feature sets? And also, you know, because the other piece they didn't talk about is the integration of all these things. Now they all work together. Most apps are collection of API APIs. That's also changed. So when you look at the cloud provider GCP as well, how does that help you deliver value to your customers? >>Yeah, but the, the, the, the club, they, they don't do everything. You know, today what is interesting is that the clubs would start to specialize themselves more and more. So for example, if you look at Amazon, the, the core value of Amazon since the beginning has been elastic computing. Uh, now today we should look at Microsoft. They leverage their position and they really have come up with a more enterprise friendly solution. And now Google is trying to find also their way today. And so then you have Addy Baba, et cetera. So these are the public cloud, but life is not uniform like is by nature. Divers life wants to leave lunch to find better ways. We see that that's what we have so many different species and it just ended up. So I've also the other phenomena of companies also building their own cloud as well. >>So the word is entering into a more hybrid cloud. And the technology is evolving very fast as well. And again, I was selling you all these open source software. There's a bigger phenomenon at play, which I used to say that people don't really understand that much wood, but it's so obvious is if you look at the printing price, that's another example that gives the printing price essentially allowed, as we all know, to distribute the gospel, which has some advantage of, you know, creating more morality, et cetera. But then what people don't know for the most part, it distributed the treaties of the Arabs on technology, the scientif treaties, because the archives, which were very thriving civilization at the time, I'd collected all the, all the, all the information from India, from many other places and from China and from etc. And essentially at the time all of Europe was pretty in the age they really came up and it now certainty that scientific knowledge was distributed and that was in fact the seeds of the industrial revolution, which then you're up cat coats and use that and creating all these different technologies. >>So that confidence of this dimension of electricity and all of that created the industrial revolution seeded by now, today what is happening is that the internet is the new printing press, which now is distributing the knowledge that not to a few millions of people to billions of people. So the rate today of advancing technology is accelerating and it's very difficult. I was mentioning today, we know today that work and working against some quantum computing which are going to totally change things. Of course we don't know exactly how and you have also it's clear that today we could use genetic, uh, the, the, the, if you look at DNA, which stores so much information, so little place that we could have significant more, you know, uh, memory capabilities that lower costs. So we have embarked into absolutely a new world where things are changing. I've got a little girl, which is 12 years old and fundamentally that new generation, especially of girls, not boys, because the boys are still on, you know, at that age. >>Uh, they are very studious. They absorb so much information via YouTube. They are things like a security stream. They are so knowledgeable. And when you look back at history 2000 years plus ago in Greece, you at 95 plus percent of the population slaves. So a few percent could start to think now, today it's totally changed. And the amount of information they can, they learn. And this absolutely amazing. And you know, she, she's, I would tell you the story which has nothing to do with computing, but as a button, the knowledge of, she came to me the few, few weeks ago and she said, Oh daddy, I would like to make my mother more productive. Okay. So I said, Oh, that's her name is Avia, which is the, which is the, the, the either Greece or Zeus weathered here. And so I say, Evie, I, so that's a good idea. >>So how are you going to do it? I mean, our answer, I was flawed, but that is very simple. Just like with, for me, I'm going to ask her to go to YouTube to learn what she needs to learn. Exactly. And she learns, she draws very well. She learns how to draw in YouTube and it's not a gifted, she's a nice, very nice little girl and very small, but all her friends are like that. Right? So we're entering in a word, which thing are changing very, very fast. So the key is adaptation, education and democracy and democratization. Getting more people access to more. Absolutely. It's very, very important. And then kind of this whole dev ops continuous improve that. Not big. That's a very good point that you make because that's exactly today the new buyer today in security and in it is becoming the DevOps shipper. >>Because what? What are these people? There are engineers which suddenly create good code and then they want to of course ship their code and then all these old silos or you need to do these, Oh no, we need to put the new server, we don't have the capacity, et cetera. How is that going to take three months or a month? And then finally they find a way through, again, you know, all the need for scale, which was coming from the Google, from the Facebook and so forth. And by the way, we can shortcut all of that and we can create and we can run out to auto-ship, our code. Guess what are they doing today? They are learning how to secure all of that, right? So again, it's that ability to really learn and move. And today, uh, one of the problem that you alluded to is that, which the Amazon was saying is that their pick there, they have taken a lot of the talent resources in the U S today because of course they pay them extra to me, what? >>Of course they'll attract that talent. And of course there's now people send security. There's not enough people that even in, but guess what? We realized that few years ago in 2007, we'll make a big decision who say, well, never going to be able to attract the right people in the Silicon Valley. And we've started to go to India and we have now 750 people. And Jack Welch used to say, we went to India for the cost and discover the talent. We went to India for the talent and we discover the cost. And there is a huge pool of tenants. So it's like a life wants to continue to leave and now to, there are all these tools to learn, are there, look at the can Academy, which today if you want to go in nuclear physics, you can do that through your phone. So that ability to learn is there. So I think we need just more and more people are coming. So I'm a very optimistic in a way because I think the more we improve our technologies that we look at the progress we're making genetics and so everywhere and that confidence of technology is really creating a new way. >>You know, there's a lot of conversations about a dystopian future and a utopian future with all these technologies and the machines. And you know what? Hollywood has shown us with AI, you're very utopian side, very optimistic on that equation. What gives you, what gives you, you know, kind of that positive feeling insecurity, which traditionally a lot of people would say is just whack a mole. And we're always trying to chase the bad guys. Generally >>speaking, if I'm a topian in in a way. But on the other end, you'd need to realize that unfortunately when you have to technological changes and so forth, it's also create factors. And when you look at this story in Manatee, the same technological advancement that some countries to take to try to take advantage of fathers is not that the word is everything fine and everything peaceful. In fact, Richard Clark was really their kid always saying that, Hey, you know that there is a sinister side to all the internet and so forth. But that's the human evolution. So I believe that we are getting longterm. It's going to. So in the meantime there's a lot of changes and humans don't adapt well to change. And so that's in a way, uh, the big challenge we have. But I think over time we can create a culture of change and that will really help. And I also believe that probably at some point in time we will re-engineer the human race. >>All right, cool. We'll leave it there. That's going to launch a whole nother couple hours. They leave. Congratulations on the event and a great job on your keynote. Thanks for taking a few minutes with us. Alrighty. It's relief. I'm Jeff. You're watching the cube where the Qualice security conference at the Bellagio in Las Vegas. Thanks for watching. We'll see you next time.