>>Welcome back to the cubes, continuous coverage of AWS reinvent 2021 live in Las Vegas. I'm Lisa Martin pleased to be here in person. We are actually with AWS and its massive ecosystem of partners running. One of the industry's largest and most important hybrid tech events of the year. We've got two life sets over a hundred guests to remote studios. I'm pleased to welcome two guests from Laos here with me. Next, Derek is here, the VP and director of digital modernization and David chow, the director of cloud capabilities, Derek and David. Welcome to the program. Thanks for having us great to be here in person. Isn't it? >>Absolutely. Last year we missed out. So if we've got to get it all in this week. >>Exactly and well, this is day one and the amount of people that are in here, there's a lot of noise in the background. I'm sure the audience can hear it is, is really nice. AWS has done such a great job of getting us all in here. Nice and safely. So let's go ahead and start. Light is coming off a very strong Q3. When we look at the things that have happened, nearly all defense and classified customers are engaged in digital modernization efforts. We've seen so much acceleration of that in the last 20 months, but let's talk about some of the current challenges Derek that customers are facing across operations sustainment with respect to the need to modernize. >>Sure, sure thing. Um, so over the past two years, we spent a better part of all that time, trying to really figure out what are our customers' hardest problems. And, you know, that's across the health vertical, the DOD vertical, uh, the Intel vertical, uh, you name it. We spent a lot of time trying to figure it out. And we kept coming up on three reoccurring themes, one, which is the explosion of data. There's so much data being generated across our customer's environments. Um, there's not enough human brain power to deal with it. All right. So we need to be able to apply technology in a way that reduces the cognitive burden on operators who must do operations and sustainment to get to a business outcome. Uh, the second one and most importantly for us is advanced cyber threats. We've all heard about the colonial pipeline hack. >>We've heard about solar winds. The scary part about that is what about the hacks that we don't know about? Right. And that's something that here at lighthouse, we're really focused on applying technology, cyber AIML in a way that we can detect when someone's in our environments or in our customer environments. And then we can opt out, obviously, um, do some remediation and get them out of our environment. So mission operations are not compromised. And then lastly, customer environments are heterogeneous. You have cloud, you have on-premise infrastructure. Uh, you have edge devices, IOT devices. It's very difficult to be able to do management and orchestration over all these different devices, all the different platforms that are out there. So working in concert with AWS, we build a solution to be able to do just that, which we'll talk about a little later, David, anything else that you want to, >>We talked about the explosion of data, the cybersecurity landscape changing dramatically, and the customers needing to be able to modernize and leverage the power of technology. Yeah, >>So our customers, uh, we have basically three areas that we see our customers having challenges in. And one of them, once they get to the cloud, they don't have the transparency on cost and usage, right. Uh, when you get the engineers are excited, the mission is exploded with extra activities. Um, but our customers don't have a sense on where the cost is going and how that relates to their mission, right? So we help them figure out, okay, your, your cost is going up, which is fine because it's applying to your mission and it's helping you actually be more successful than before. Right? And the other area is, uh, they need, uh, a multi-platform strategy that doesn't impact their existing conditions, right? They don't have the practicality or the funding that's required to just rip and replace everything. And you can't do that. You have to maintain your mission. >>If you have to maintain about a lot of critical capability that they already have, but at the same time, figure out how am I going to add the extensions and the new capabilities, right? And we have certain ways that we can do that to allow them to start getting into the cloud, leveraging a lot of additional capability that they never had before, but maintaining the investment that they've done in the past years to maintain their mission success. Right. Uh, and then the third is skill up-skilling. So we found that a lot of people have a hard time. Once we move them into AWS, specifically their operational duties and things change. And there's a big gap there in terms of training, uh, getting familiar with how that impacts their process and methodology, and that that's where we helped them a lot, uh, modify that revolution and how they do that stuff. >>That's excellent. That upskilling is critical, as things are changing so dramatically, we have, you talked about data and the cybersecurity changes Derek. And you know, every company, every branch of the federal is probably a data company or data organization, or if it's not, it has to become one. But the cyber threats are crazy. The things that have been going on in the last 20 months, the acceleration of ransomware, ransomware as a service, you talked about colonial, like we only hear about the big ones, but how many it's no longer a will we get hit by ransomware? Or will we be hacked? It's when, talk to me about some of those, about those challenges and also the need to be able to deliver real-time data as real-time missions are going on in that real-time is now no longer a nice to have. >>Right? So, um, it's a great question. And one of the things that I'll say is there's some studies out there that said 75% of the computing, uh, that will be happening over the next 10 years will be at the edge, right? So we're not going to be able to go at the edge, collect all this data, ship it back to a centralized way to process it. We're not going to be able to do that. What we have to do is take capability that may have been clouded, able push that capability to the edge. Where did that be? AI ML. It could be your mission applications, and we need to be able to exploit data in near real time, um, to which allows us to make mission critical decisions at the point of need. There's not going to be enough time to collect a big swath of data, move it back across a bandwidth that is temporarily constrained. In many cases, we just can't do it that way. So I think moving as much capability to the edge as possible in order for us to be able to make an impact in near real time, that's what we need to do across all of our verticals, not just DOD, but on the healthcare side to the Intel side, you name it. We gotta be able to move capability as far forward as >>Possible. And where Derek with you for a minute, where are those verticals with respect to embracing that, adopting that being ready to be able to take on those technologies? Because culturally, I can imagine, you know, legacy his story, history organizations to change his heart >>Change is hard. Um, and one of the strategies that we've tried to implement within that context is that the legacy systems, the culture that is already out there, we're not just going to be able to turn all of that off, right. We're going to have to make sure that the new capabilities and the legacy systems co-exist. So that's one of the reasons that we have an approach where we use microservices, very much API driven, such that, uh, you know, a mission critical system that may have been online for the last 20 years. We're not just going to turn it off, but what we can do is start to build sidecar capabilities, microservices, to extend that capability of that system without rebuilding it, we can't build our way out of all the technical debt. What we can do is figure out how do we need to extend this capability to get to a mission need and build a microservices. That's very thin. That's very lightweight. And that's how you start to connect the dots between your mission applications, the data, the data centricity that we talked about and other capabilities that need access to data, to be able to effectuate a decision. >>You make it sound so easy. Derek, >>It's certainly not easy, but in working with AWS, we really have taken this forward and we're really deploying, uh, similar capabilities today. Um, so it's really the way that we have to modernize. We have to be able to do it step by step strangle out the old as we bring in the new right. >>So David, let's talk about the AWS partnership, what you guys are doing as the critical importance of being able to help the verticals modernize at speed at scale in real time. Talk to me about what Leidos and AWS are doing together. >>So we work with Adobe very closely, um, for every engagement we have with our customers, we have AWS as our side, we do the reviews of, of their architecture and their approach. We take, we take into account the data strategy of the organization as long along with their cloud, uh, because we found that you have to combine their cloud and their data strategy because of the volumes of data that Derrick talked about, right. That they needed to integrate. And so we come up with a custom strategy and a roadmap for them to adopt that without like Derek said, um, deprecating any old capabilities that currently have any extending it out into, into the cloud so that those areas are what we strive to get them through. And we talk about a lot about the digital enterprise and how that is for us from light of this point of view, we see that as building an API ecosystem for our customer, right? Because the API is really the key. And if you look at companies like Twilio that have an API first approach, that's, what's allowed them to integrate very old technology like telephones into the new cloud, right? So that approach is really the unique approach that was taken with our customers for to see the success that we've seen. >>Well, can you tell me, David's sticking with you for a minute about upscaling. I know that AWS has a big focus on that. It's got a restart program for helping folks that were unemployed during the pandemic or underemployed, but the upskilling, as we talked about during this interview is incredibly important. As things change are changing so quickly, is there any sort of upskilling kind of partnerships that you're doing with AWS that you, >>Uh, so as a partner, we ourselves get a lot of free upskilling and training, uh, as AWS from your partner. Um, but also with our customers, we're able to customize and build specific training plans and curriculums that is targeted specifically for the operators, right? They don't come from a technology background like we do, but they come from a mission background so we can modify and understand what they need to learn and what they don't really need to worry about so much and just target exactly what they need to do. So they can just do their day-to-day jobs and their duties for the mission. >>That's what it's all about. Derek, can you share an example that you think really speaks volumes to light us and AWS together to help customers modernize? >>One thing I like about AWS is that the partnership is what we describe as a deep technical partnership. It's not just transactional. It's not like, Hey, buy this X services and we'll, we'll do this. I have a great example of this year. We kicked off a pilot with an army customer and we actually leveraged AWS pro. So we were literally building a proof of concept together. So in 90 days, what we, what we did was get the customer to understand we're moving more to native AWS services, EMR, uh, to be more specific that you can save money on tons of licensing costs that you otherwise would have had to pay for it. After the pilot was over, we recognized that we will save the government $1.2 million and they have now said, yes, let's go AWS native, which is, uh, which is, uh, a methodology that we still want to stamp out and use continually because the more and more that you adopt that native services, you're going to be able to move faster. Because as soon as you deploy a system, it's already legacy. When you start to do the native services, as things more services come online, we're sort of their glue where to make sure those things that are coming, the services that are AWS are deploying out, we'd bring, we, we then bring that innovation into our customer environment. So saving a customer, the government $1.2 million at a big deal for us. >>It's huge. And I'm sure you there's, that's one of many examples of significant outcomes that you're helping the verticals achieve. Absolutely. >>Yeah. One of our >>Core focuses. That's excellent. And also to do it so quickly and 90 days to be able to show the army a significant savings is a, is a huge, uh, kudos to, to Linus and to AWS. David, talk to me a little bit about the, from a partnership perspective, how do you guys go into a joint organizations together? I imagine one of the most important things is that transparency from the verticals perspective, whether it's DOD or health or Intel, talk to me about that, that kind of unified partnership. And what is the customer and customer experience? I imagine one team. >>Yes. So we go into, we engage with our AWS counterparts at the very beginning of an engagement. So they have their dedicated teams. We have our dedicated teams and we are fully transparent with each other, what the customers are facing. And we both focus on the customer pain points, right? What was really going to drive the customer. Um, and that's how we sort of approach the customer. So the customer sees us as a single team. Uh, we do things like we'll build out what we call the well-architected framework or wafer for short, right. And that allows us to make sure that we're leveraging all the best practices from AWS, from their clients on the commercial side. And we can leverage that into the government, right. They can get a lot of learnings and lessons learned that they don't have to repeat because some of the commercial cupboard companies who are ahead of us have I've done the hard learning, right. And we can incorporate that into their mission and into their operations. >>That's critical because there isn't the time. Right? I think that's one of the things that Penn has taught us is that there isn't there, like we talked about real-time data, there is, it's no longer a nice to have, right. But even from a training and from a deployment perspective that needs to be done incredibly efficiently with, we're talking about probably large groups of people. I imagine with Leidos folks, AWS folks, and the verticals. So that coordination between, I imagine what are probably two fairly culturally aligned organizations is critical. No. >>Yeah. One of the things that we put in places, this idea of bachelors environment, so that means you could be a Leidos person. You could be an AWS person, there's no badge. We're just sitting there, we're here to do good work, to bring value to a customer. And that's something that's really fantastic about our relationship that we do have. So every week we are literally building things together and that's, that's what the government, that's what the public sector folks expect. No, one's not gonna own it all. You have to be able to work together to be able to bring value to our customers across all the verticals that >>I like. That badge list environment, that's critical for organizations to work together. Harmoniously given there's as the data explosion just continues as does the edge explosion and the IOT device explosion more and more complexity comes into the environment. So that Badger less environment I met David from your perspective is really critical to the success of every mission that you're working on. >>Yeah. I mean, I think the badge approaches is critical without it, the existing teams have a hard time building that trust and being, and feeling like we're part of that team, right? Trust is really important in, in mission success. And so when we enter a new arena, we try to get, build that trust as quickly as we can show them that, you know, we're there to help them with their mission. And we're not really there for anything else. So they feel comfortable to share, you know, the really deep pain points that they're not really sharing all the time. And that's what allows Leidos specifically to, to really be successful with them because they share all their skeletons and we don't judge them. Right. We've say, okay, here's your problems. Here's some solutions. And here are the pros and cons and we figure out a solution together, right. It's a really built together sort of mindset that makes us successful. Okay. >>Togetherness as key, last question, guys, what are some of the things that attendees can learn and feel and see, and smell from Leidos this week at reinvent? >>We want to take that one. >>Um, yeah. So with Leidos, um, we're around, we have, uh, various custom, uh, processes with AWS, uh, because of our peer partnership. We have the MSSP that we just got as a launch partner. So there's a lot of interaction that we have with AWS. Um, anytime that AWS sees that there is opportunity for us to talk to a customer and talk to potential vendor, they'll pull us in. So if you guys come by the booth and you need to talk to an SSI, they'll, they'll pull us in and we'll have those conversations. >>Excellent guys, thank you so much for joining me, talking about Leidos, AWS, what you guys are doing together and how you're helping transform government. You make it sound easy. Like I said, Derek, I know that it's not, but it's great to hear the transparency with which guys are all working. Thank you so much for your time. Thank you. Thank you. My pleasure for my guests. I'm Lisa Martin. You're watching the cube, the leader in global live tech coverage.

(innovative music) >> Welcome back to theCUBE's continuous coverage of AWS re:Invent 2021. My name is Dave Vellante, and we are running one of the industry's most important and largest hybrid tech events of the year. Hybrid as in physical, not a lot of that going on this year. But we're here with the AWS ecosystem, AWS, and special thanks to AMD for supporting this year's editorial coverage of the event. We've got two live sets, two remote studios, more than a hundred guests on the program. We're going really deep, as we enter the next decade of Cloud innovation. We're super excited to be joined by Danny Allan, who's the Chief Technology Officer at Veeam, and James Kirschner who's the Engineering Director for Amazon S3. Guys, great to see you. >> Great to see you as well, Dave. >> Thanks for having me. >> So let's kick things off. Veeam and AWS, you guys have been partnering for a long time. Danny, where's the focus at this point in time? What are customers telling you they want you to solve for? And then maybe James, you can weigh in on the problems that customers are facing, and the opportunities that they see ahead. But Danny, why don't you start us off? >> Sure. So we hear from our customers a lot that they certainly want the solutions that Veeam is bringing to market, in terms of data protection. But one of the things that we're hearing is they want to move to Cloud. And so there's a number of capabilities that they're asking us for help with. Things like S3, things like EC2, and RDS. And so over the last, I'll say four or five years, we've been doing more and more together with AWS in, I'll say, two big categories. One is, how do we help them send their data to the Cloud? And we've done that in a very significant way. We support obviously tiering data into S3, but not just S3. We support S3, and S3 Glacier, and S3 Glacier Deep Archive. And more importantly than ever, we do it with immutability because customers are asking for security. So a big category of what we're working on is making sure that we can store data and we can do it securely. Second big category that we get asked about is "Help us to protect the Cloud-Native Workloads." So they have workloads running in EC2 and RDS, and EFS, and EKS, and all these different services knowing Cloud-Native Data Protection. So we're very focused on solving those problems for our customers. >> You know, James, it's interesting. I was out at the 15th anniversary of S3 in Seattle, in September. I was talking to Mai-Lan. Remember we used to talk about gigabytes and terabytes, but things have changed quite dramatically, haven't they? What's your take on this topic? >> Well, they sure have. We've seen the exponential growth data worldwide and that's made managing backups more difficult than ever before. We're seeing traditional methods like tape libraries and secondary sites fall behind, and many organizations are moving more and more of their workloads to the Cloud. They're extending backup targets to the Cloud as well. AWS offers the most storage services, data transfer methods and networking options with unmatched durability, security and affordability. And customers who are moving their Veeam Backups to AWS, they get all those benefits with a cost-effective offsite storage platform. Providing physical separation from on-premises primary data with pay-as-you-go economics, no upfront fees or capital investments, and near zero overhead to manage. AWS and APM partners like Veeam are helping to build secure, efficient, cost-effective backup, and restore solutions using the products you know and trust with the scale and reliability of the AWS Cloud. >> So thank you for that. Danny, I remember I was way back in the old days, it was a VeeamON physical event. And I remember kicking around and seeing this company called Kasten. And I was really interested in like, "You protect the containers, aren't they ephemeral?" And we started to sort of chit-chat about how that's going to change and what their vision was. Well, back in 2020, you purchased Kasten, you formed the Veeam KBU- the Kubernetes Business Unit. What was the rationale behind that acquisition? And then James, I'm going to get you to talk a little bit about modern apps. But Danny, start with the rationale behind the Kasten acquisition. >> Well, one of the things that we certainly believe is that the next generation of infrastructure is going to be based on containers, and there's a whole number of reasons for that. Things like scalability and portability. And there's a number of significant value-adds. So back in October of last year in 2020, as you mentioned, we acquired Kasten. And since that time we've been working through Kasten and from Veeam to add more capabilities and services around AWS. For example, we supported the Bottlerocket launch they just did and actually EKS anywhere. And so we're very focused on making sure that our customers can protect their data no matter whether it's a Kubernetes cluster, or whether it's on-premises in a data center, or if it's running up in the Cloud in EC2. We give this consistent data management experience and including, of course, the next generation of infrastructure that we believe will be based on containers. >> Yeah. You know, James, I've always noted to our audience that, "Hey AWS, they provide rich set of primitives and API's that ISV's like Veeam can take advantage of it." But I wonder if you could talk about your perspective, maybe what you're seeing in the ecosystem, maybe comment on what Veeam's doing. Specifically containers, app modernization in the Cloud, the evolution of S3 to support all these trends. >> Yeah. Well, it's been great to see Veeam expands for more and more AWS services to help joint customers protect their data. Especially since Veeam stores their data in Amazon S3 storage classes. And over the last 15 years, S3 has helped companies around the world optimize their work, so I'd be happy to share some insights into that with you today. When you think about S3 well, you can find virtually every use case across all industries running on S3. That ranges from backup, to (indistinct) data, to machine learning models, the list goes on and on. And one of the reasons is because S3 provides industry leading scalability, availability, durability, security, and performance. Those are characteristics customers want. To give you some examples, S3 stores exabytes the data across millions of hard drives, trillions of objects around the world and regularly peaks at millions of requests per second. S3 can process in a single region over 60 terabytes a second. So in summary, it's a very powerful storage offering. >> Yeah, indeed. So you guys always talking about, you know, working backwards, the customer centricity. I think frankly that AWS sort of change the culture of the entire industry. So, let's talk about customers. Danny do you have an example of a joint customer? Maybe how you're partnering with AWS to try to address some of the challenges in data protection. What are customers is seeing today? >> Well, we're certainly seeing that migration towards the Cloud as James alluded today. And actually, if we're talking about Kubernetes, actually there's a customer that I know of right now, Leidos. They're a fortune 500 Information Technology Company. They deal in the engineering and technology services space, and focus on highly regulated industry. Things like defense and intelligence in the civil space. And healthcare in these very regulated industries. Anyway, they decided to make a big investment in continuous integration, continuous development. There's a segment of the industry called portable DevSecOps, and they wanted to build infrastructure as code that they could deploy services, not in days or weeks or months, but they literally wanted to deploy their services in hours. And so they came to us, and with Kasten K10 actually around Kubernetes, they created a service that could enable them to do that. So they could be fully compliant, and they could deliver the services in, like I say, hours, not days or months. And they did that all while delivering the same security that they need in a cost-effective way. So it's been a great partnership, and that's just one example. We see these all the time, customers who want to combine the power of Kubernetes with the scale of the Cloud from AWS, with the data protection that comes from Veeam. >> Yes, so James, you know at AWS you don't get dinner if you don't have a customer example. So maybe you could share one with us. >> Yeah. We do love working backwards from customers and Danny, I loved hearing that story. One customer leveraging Veeam and AWS is Maritz. Maritz provides business performance solutions that connect people to results, ensuring brands deliver on their customer promises and drive growth. Recently Maritz moved over a thousand VM's and petabytes of data into AWS, using Veeam. Veeam Backup for AWS enables Maritz to protect their Amazon EC2 instances with the backup of the data in the Amazon S3 for highly available, cost-effective, long-term storage. >> You know, one of the hallmarks of Cloud is strong ecosystem. I see a lot of companies doing sort of their own version of Cloud. I always ask "What's the partner ecosystem look like?" Because that is a fundamental requirement, in my view anyway, and attribute. And so, a big part of that, Danny, is channel partners. And you have a 100 percent channel model. And I wonder if we could talk about your strategy in that regard. Why is it important to be all channel? How to consulting partners fit into the strategy? And then James, I'm going to ask you what's the fit with the AWS ecosystem. But Danny, let's start with you. >> Sure, so one of the things that we've learned, we're 15 years old as well, actually. I think we're about two months older, or younger I should say than AWS. I think their birthday was in August, ours was in October. But over that 15 years, we've learned that our customers enjoy the services, and support, and expertise that comes from the channel. And so we've always been a 100 percent channel company. And so one of the things that we've done with AWS is to make sure that our customers can purchase both how and when they want through the AWS marketplace. They have a program called Consulting Partners Private Agreements, or CPPO, I think is what it's known as. And that allows our customers to consume through the channel, but with the terms and bill that they associate with AWS. And so it's a new route-to-market for us, but we continue to partner with AWS in the channel programs as well. >> Yeah. The marketplace is really impressive. James, I wonder if you could maybe add in a little bit. >> Yeah. I think Danny said it well, AWS marketplace is a sales channel for ISV's and consulting partners. It lets them sell their solutions to AWS customers. And we focus on making it really easy for customers to find, buy, deploy, and manage software solutions, including software as a service in just a matter of minutes. >> Danny, you mentioned you're 15 years old. The first time I mean, the name Veeam. The brilliance of tying it to virtualization and VMware. I was at a VMUG when I first met you guys and saw your ascendancy tied to virtualization. And now you're obviously leaning heavily into the Cloud. You and I have talked a lot about the difference between just wrapping your stack in a container and hosting it in the Cloud versus actually taking advantage of Cloud-Native Services to drive further innovation. So my question to you is, where does Veeam fit on that spectrum, and specifically what Cloud-Native Services are you leveraging on AWS? And maybe what have been some outcomes of those efforts, if in fact that's what you're doing? And then James, I have a follow-up for you. >> Sure. So the, the outcomes clearly are just more success, more scale, more security. All the things that James is alluding to, that's true for Veeam it's true for our customers. And so if you look at the Cloud-Native capabilities that we protect today, certainly it began with EC2. So we run things in the Cloud in EC2, and we wanted to protect that. But we've gone well beyond that today, we protect RDS, we protect EFS- Elastic File Services. We talked about EKS- Elastic Kubernetes Services, ECS. So there's a number of these different services that we protect, and we're going to continue to expand on that. But the interesting thing is in all of these, Dave, when we do data protection, we're sending it to S3, and we're doing all of that management, and tiering, and security that our customers know and love and expect from Veeam. And so you'll continue to see these types of capabilities coming from Veeam as we go forward. >> Thank you for that. So James, as we know S3- very first service offered in 2006 on the AWS' Cloud. As I said, theCUBE was out in Seattle, September. It was a great, you know, a little semi-hybrid event. But so over the decade and a half, you really expanded the offerings quite dramatically. Including a number of, you got on-premise services things, like Outposts. You got other services with "Wintery" names. How have you seen partners take advantage of those services? Is there anything you can highlight maybe that Veeam is doing that's notable? What can you share? >> Yeah, I think you're right to call out that growth. We have a very broad and rich set of features and services, and we keep growing that. Almost every day there's a new release coming out, so it can be hard to keep up with. And Veeam has really been listening and innovating to support our joint customers. Like Danny called out a number of the ways in which they've expanded their support. Within Amazon S3, I want to call out their support for our infrequent access, infrequent access One-Zone, Glacier, and Glacier Deep Archive Storage Classes. And they also support other AWS storage services like AWS Outposts, AWS Storage Gateway, AWS Snowball Edge, and the Cold-themed storage offerings. So absolutely a broad set of support there. >> Yeah. There's those, winter is coming. Okay, great guys, we're going to leave it there. Danny, James, thanks so much for coming to theCUBE. Really good to see you guys. >> Good to see you as well, thank you. >> All right >> Thanks for having us. >> You're very welcome. You're watching theCUBE's coverage of 2021 AWS re:Invent, keep it right there for more action on theCUBE, your leader in hybrid tech event coverage, right back. (uplifting music)

>>Fly from San Francisco. It's the cube covering RSA conference 2020 San Francisco brought to you by Silicon angled medias >>live in. Welcome to the cube coverage here in San Francisco at Moscone hall for RSA 2020 I'm John furrier, host of the cube. We're here breaking down all the actions in cyber security. I'll say three days of wall-to-wall cube coverage. You got two great guests here, experts in the cybersecurity enterprise security space. Over 25 years. We've got two gurus and experts. We've got Bob Mindell, executive vice president of North America cyber practice for cap Gemini and Joe McMahon, head of North America cyber strategy, even a practitioner in the intelligence community. Langley, you've been in the business for 25 years. You've seen the waves guys, welcome to the cube. Thank you John. Thanks for having us. So first let's just take a step back. A cyber certainly on the number one agenda kind of already kind of broken out of it in terms of status, board level conversation, every CSO, risk management and a lot of moving parts. >>Now, cyber is not just a segment in the industry. It is the industry. Bob, this is a big part of business challenge today. What's your view? What was going on? So John has a great point. It's actually a business challenge and that's one of the reasons why it's now the top challenge. It's been a tech challenge for a long time. It wasn't always a business challenge for you as was still considered an it challenge and once it started impacting business and got into a board level discussion, it's now top of mind as a business challenge and how it can really impact the business continuity. Joe is talking before we came on camera about you know CEOs can have good days here and there and bad days then but sees us all have bad days all the time because there's so much, it's so hard. You're on the operations side. >>You see a day to day in the trenches as well as the strategy. This is really an operations operationalizing model. As new technology comes out, the challenge is operationalizing them for not only a business benefit but business risk management. It's like changing an airplane engine out at 35,000 feet. It's really hard. What are you seeing as the core challenge? This is not easy. It's a really complex industry. I mean, you take the word cybersecurity, right? Ready? Cybersecurity conference. I see technology, I see a multitude of different challenges that are trying to be solved. It means something different to everybody, and that's part of the problem is it's a really broad ecosystem that we're in. If you meet one person that says, I know all of cyber, they're lying, right? It's just like saying, I know active directory and GRC and I know DNS and I know how to, how to code, right? >>Those people don't exist and cyber is a little bit the same way. So for me, it's just recognizing the intricacies. It's figuring out the complexities, how people processing technology really fit together and it's an operation. It is an ongoing, and during operation, this isn't a program that you can run. You run it for a year, you install and you're done. There's ebbs and flows. You talked about the CISOs and the bad days. There's wins and there's losses. Yeah. And I think part of that is just having the conversation with businesses. Just like in it, you have bad days and good days wins and losses. It's the same thing in cybersecurity and we've got to set that expectation. Yeah, you didn't bring up a good point. I've been saying this on the cube and we've been having conversations around this. It used to be security as part of it, right? >>But now that it's part of the business, the things that you're mentioning around people, process, technology, the class, that kind of transformational formula, it is business issues, organizational behavior. Not everyone's an expert specialism versus generalists. So this is like not just a secure thing, it's the business model of a company is changing. So that's clear. There's no doubt. And then you've got the completion of the cloud coming, public cloud, hybrid multi-cloud. Bob, this is a number one architectural challenge. So outside of the blocking and tackling basics, right, there's now the future business is at risk. What does cap Gemini do? And because you guys are well known, great brand, helping companies be successful, how do you guys go to customers and say, Hey, here's what you do. What's the, what's the cap Gemini story? >>So the cat termini stories is really about increasing your cybersecurity maturity, right? As Joe said, starting out at the basics. If you look at a lot of the breaches that have occurred today have occurred because we got away from the basics and the fundamentals, right? Shiny new ball syndrome. Really. Exactly exasperates that getting away from the basics. So the technology is an enabler, but it's not the be all and end all right, go into the cloud is absolutely a major issue. That's increasing the perimeter, right? We've gone through multiple ways as we talked about, right? So now cloud is is another way, cloud, mobile, social. How do you deal with those from on prem, off prem. But ultimately it's about increasing your cyber cyber security maturity and using the cloud as just increasing the perimeter, right? So you need to, you really need to understand, you have your first line defense and then your maturity is in place. Whether the data resides in your organization, in the cloud, on a mobile device, in a social media, you're responsible for it all. And if you don't have the basics, then you're, you're really, and you guys bring a playbook, is that what you guys come in and do? Correct. Correct. Right. So our goal is to coordinate people, process technology and leverage playbooks, leverage the run books that we had been using for many years. >>I want to get down to you on this one because of what happens when you take that to the, into the practitioner mode or at implementation. Customers want the best technology possible. They go for the shiny new choice. Bob just laid out. There's also risks too because it may or may not be big. So you've got to balance out. I got to get an edge technically because the perimeters becoming huge surface area now or some say has gone. Now you've got edge, just all one big exposed environment, surface area for vulnerabilities is massive. So I need better tech. How do you balance and obtain the best tech and making sure it works and it's in production and secure. So there's a couple of things, right, and this is not, it's not just our, and you'll hear it from other people that have been around a long time, but a lot of organizations that we see have built themselves so that their cybersecurity organization is supporting all these tools that we see. >>That's the wrong way to do it. The tools should support the mission of the organization, right? If my mission is to defend my enterprise, there are certain things that I need to do, right? There's questions I need to be able to ask and get answers to. There's data I need visibility into. There's protections and controls I need to be able to implement. If I can lay those out in some coordinated strategic fashion and say, here's all the things I'm trying to accomplish, here's who's going to do it. Here's my really good team, here's my skilled resources, here's my workflows, my processes, all that type of stuff. Then I can go find the right technology to put into that. And I can actually measure if that technology is effective in supporting my mission. But too often we start with the technology and then we hammer against it and we run into CISOs and they say, I bought all this stuff and it's not working and come hell yeah. >>And that's backing into it the wrong. So I've heard from CSOs, I'd like they buying all these tools. It's like a tool shed. Don't be the fool with the wrong tool as they I say. But that brings up the question of, okay, as you guys go to customers, what are some of the main pain points or issues that they're trying to overcome that that are opportunities that you guys are helping with? Uh, on the business side and on the technical side, what are some of the things? So on the business side, you know, one is depending on their level of maturity and the maturity of the organization and the board of directors and their belief in, in how they need to help fund this. We can start there. We can start by helping draw out the threat landscape within that organization where they are maturity-wise and where they need to go and help them craft that message to the board of directors and get executive sponsorship from the board down in order to take them from baby, a very immature organization or you know, a reactive organization to an adaptive organization, right. >>And really become defenders. So from a business perspective, we can help them there. From the technology perspective, Joe, uh, you know, or an implementation perspective. I think, you know, it's been a really interesting road like being in this a long time, you know, late two thousands when nation States were first really starting to become a thing. All the industries we were talking to, every customer is like, I want to be the best in my industry. I want to be the shining example. And boards in leadership were throwing money at it and everybody was on this really aggressive path to get there. The conversation is shifted a little bit with a lot of the leadership we talked to. It's, I just want to be good enough, maybe a little bit better than good enough, but my, my objective anymore is it to leave the industry. Cause that's really expensive and there's only one of those. >>My objective is to complete my mission maybe a little bit above and beyond, but I need the right size and right. So we spent a lot of time helping organizations, I would say optimize, right? It's what is the right level of people, what is the right amount of resources, what's the right spend, what's the right investment, the right allocation of technology and mix of everything, right? And sometimes it's finding the right partner. Sometimes it's doing certain things in house. It's, there's no one way to solve this problem, but you've got to go look at the business challenges. Look at the operational realities of the customer, their budgets, all those, their geographies mattered, right? Some places it's easy to hire talent. Some places it's not so easy to hire talent. And that's a good point, right? Some organizations, >>they just need to understand what does good look like and we can, we have so many years of experience. We have so many customers use skates is we've been there and we've done that. We can bring the band and show them this is what good looks like and this is sustainable >>of what good looks like. I want to get your reactions to, I was talking to Keith Alexander, general Keith Alexander, a former cyber command had last night and we were talking about officers, his defense and that kind of reaction. How the Sony hack was was just was just, they just went after him as an example. Everyone knows about that hack, but he really was getting at the idea of human efficiency, the human equation, which is if you have someone working on something that here, but their counterpart might be working on it maybe from a different company or in the same company, they're redundant. So there's a lot of burnout, a lot of people putting out fires. So reactive is clearly, I see as a big trend that the conversation's shifting towards let's be proactive, let's get more efficient in the collaboration as well as the technology. What you, how do you guys react to that? What's your view on that statement? So >>people is the number one issue, in my opinion. In this space, there's a shortage of people. The people that are in it are working very long hours. They're burnt out. So we constantly need to be training and bringing more people into the industry. Then there's the scenario around information sharing, right? Threat information sharing, and then what levels are you comfortable with as an organization to share that information? How can you share best practices? So that's where the ice sacks come into play. That's also where us as a practitioner and we have communities, we have customers, we bring them together to really information, share, share, best practice. It's in all of our best interests. We all have the same goal and the goal is to protect our assets, especially in the United States. We have to protect our assets. So we need, the good thing is that it's a pretty open community in that regards and sharing the information, training people, getting people more mature in their people, process technology, how they can go execute it. >>Yeah. What's your take on the whole human equation piece? Right? So sharing day, you probably heard a word and the word goes back to where I came from, from my heritage as well, but I'm sure general Alexander used the word mission at some point, right? So to me, that's the single biggest rallying point for all of the people in this. If you're in this for the right reasons, it's because you care about the mission. The mission is to defend us. Stop the bad guys from doing days, right? Whether you're defending the government, whether you're defending a commercial enterprise, whether you're defending the general public, right? Whatever the case is, if you're concerned, you know, if you believe in the mission, if you're committed to the mission, that's where the energy comes from. You know, there's a lot of, there's a lot of talk about the skill gap and the talent gap and all of those types of things. >>To me, it's more of a mindset issue than anything. Right? The skill sets can be taught. They can be picked up over time. I was a philosophy major. All right? Somehow I ended up here. I have no idea how, um, but it's because I cared about the mission and everybody has a part to play. If you build that peer network, uh, both at an individual level and at an organizational and a company level, that's really important in this. Nobody's, nobody's an expert at everything. Like we said, you brought a philosophy. I think one of the things I have observed in interviewing and talking to people is that the world's changed so much that you almost need those fresh perspectives because the problems are new problems, statements, technology is just a part of the problem set back to the culture. The customer problem, Bob, is that they got to get all this work done. >>And so what are some of the use cases that you guys are working on that that is a low hanging fruit in the industry or our customer base? How do you guys engage with customers? So our target market is fortune 500 global 1000 so the biggest of the big enterprises in the world, right? And because of that, we've seen a lot of a complex environments, multinational companies as our customers. Right? We don't go at it from a pure vertical base scenario or a vertical base solution. We believe that horizontal cybersecurity can it be applied to most verticals. Right. And there's some tweaking along the way. Like in financial services, there's regulars and FFIC that you need to be sure you adapt to. But for the most part the fundamentals are applicable. All right. With that said, you know, large multinational manufacturing organization, right? They have a major challenge in that they have manufacturing sites all over the world. >>They building something that is, you know, unique. It has significant IP to it, but it's not secure. Historically they would have said, well, nobody's really gonna just deal steal what we do because it's really not differentiated in the world, but it is differentiated and it's a large corporation making a lot of money. Unfortunately ransomware, that'd be a photographer. Ransomware immediately, right? Like exact down their operations and their network, right? So their network goes down. They can have, they can, they can not have zero downtown and their manufacturing plants around the world. So for us, we're implementing solutions and it's an SLA for them is less than six seconds downtime by two that help secure these global manufacturing environment. That's classic naive when they are it. Oh wow. We've got to think about security on a much broader level. I guess the question I have for you guys, Joe, you talk about when do you guys get called in? >>I mean what's your main value proposition that you guys, cause you guys got a broad view of the industry, that expertise. Why do, why are customers calling you guys and what do you guys deliver? They need something that actually works, right? It's, it's you mentioned earlier, I think when we were talking how important experiences, right? And it's, Bob said it too, having been there, done that I think is really important. The fact that we're not chasing hype, we're not selling widgets. That we have an idea of what good looks like and we can help an organization kind of, you know, navigate that path to get there is really important. So, uh, you know, one of our other customers, large logistics company, been operating for a very long time. You know, very, very mature in terms of their, it operations, those types of things. But they've also grown through merger and acquisition. >>That's a challenge, uh, cause you're taking on somebody else's problem set and they just realize, simply put that their existing security operations wasn't meeting their needs. So we didn't come in and do anything fancy necessarily. It's put a strategic plan in place, figure out where they are today, what are the gaps, what do they need to do to overcome those gaps? Let's go look at their daily operations, their concept of operations, their mission, their vision, all of that stuff down to the individual analysts. Like we talked about the mindset and skillset. But then frankly it's putting in the hard work, right? And nobody wants to put in the heart. I don't want to say nobody wants to put in the hard work. That's fun. There's a lot of words that's gets done I guess by the questions that you guys getting called in on from CSOs chief and Mason security officers. >>Guess who calls you? So usually we're in talking to the Cisco, right? We're having the strategic level conversation with the Cisco because the Cisco either has come in new or has been there. They may have had a breach. Then whatever that compelling event may be, they've come to the realization that they're not where they need to be from a maturity perspective and their cyber defense needs revamping. So that's our opportunity for us to help them really increase the maturity and help them become defenders. Guys, great for the insight. Thanks for coming on the cube. Really appreciate you sharing the insights. Guys. Give a quick plug for what you guys are doing. Cap Gemini, you guys are growing. What do you guys look to do? What are some of the things that's going on? Give the company plug. Thanks Sean show. It's been a very interesting journey. >>You know this business started out from Lockheed Martin to Leidos cyber. We were acquired by cap Gemini a year ago last week. It's a very exciting time. We're growing the business significantly. We have huge growth targets for 2020 and beyond, right? We're now over 800 practitioners in North America, over 2,500 practitioners globally, and we believe that we have some very unique differentiated skill sets that can help large enterprises increase their maturity and capabilities plug there. Yeah, I mean, look, nothing makes us happier than getting wins when we're working with an organization and we get to watch a mid level analyst brief the so that they just found this particular attack and Oh by the way, because we're mature and we're effective, that we were able to stop it and prevent any impact to the company. That's what makes me proud. That's what makes it so it makes it fun. >>Final question. We got a lot of CSOs in our community. They're watching. What's the pitch to the CSO? Why, why you guys, we'd love to come in to understand what are their goals, how can we help them, but ultimately where do they believe they think they are and where do they need to go and we can help them walk that journey. Whether it's six months, a year, three years, five years. We can take them along that journey and increase the cyber defense maturity. Joe, speak to the CSO. What are they getting? They're getting confidence. They're getting execution. They're getting commitment to delivery. They're getting basically a, a partner in this whole engagement. We're not a vendor. We're not a service provider. We are a partner. A trusted partner. Yeah, partnerships is key. Building out in real time. A lot new threats. Got to be on offense and defense going on. A lot of new tech to deal with. I mean, it's a board level for a long time. Guys, thanks for coming on. Cap Gemini here inside the cube, bringing their practices, cybersecurity, years of experience with big growth targets. Check them out. I'm John with the cube. Thanks for watching.