>> Presenter: From downtown San Francisco, it's theCUBE, covering RSA North America 2018. >> Hey, welcome back, everybody. Jeff Frick here with the theCUBE. We're in downtown San Francisco with RSA North America 2018 40,000 plus professionals talking about security, enterprise security. It's a growing field, it's getting baked into everything. There's a whole lot of reasons that this needs to be better and more integrated into everything that we do, as opposed to just kind of a slap on at the end. And, who better to have on, who's investing at the cutting edge, keeping an eye on the startups than Sean Cunningham, our next guest. He's a managing director ForgePoint Capital, the newly named, so welcome to ForgePoint Capital, I guess. (Sean laughs) >> Thanks, Jeff, we're pretty excited about it. So, we were branded Trident Capital Cybersecurity. We're a 300 million dollar cybersecurity only fund, we closed the fund about a year and a half ago. We've invested in a dozen companies, and we decided that now is a great time to rebrand ForgePoint really tells more about what we're doing, we're forging ahead with our Series A, Series B funded companies, as well as a few growth equity. So, it made a lot of sense, but we're pretty excited about the market, and obviously RSA, with 1700 cybersecurity companies makes it interesting. >> Right, so you've been at this for a while. I wonder if you can speak to some of the macro trends as we've seen the growth of cloud, the growth of IoT will soon be more industrial IoT, enabled by 5G. We've got all these automated systems and financial services trading, and ad tech that we're going to see more and more of that automated transaction happening. You've got APIs and everything's connected to everything else to enable my application. So, really really exciting, and huge, growing threat surface if you will, but at the same, these are the technologies that are driving forward. So, what are you seeing from your, seat at the table some of the newer, more innovative startups? >> Jeff, I think you should probably tell me. You have all the answers there. >> I talked to a lot of smart people, that's the benefit of the job. >> I think the only two buzzwords you left off was Bitcoin and fraudulent payments. >> Oh, we can work a little blockchain in if you want. >> Yeah, but it is absolutely a bit of an interesting environment. I've been doing it since 2000 with Intel Capital for 15 years, but what's really changed, what hasn't changed is the fact that it's all about the hackers are able to monetize this. So, that's not going away. The biggest change are the, I guess, overt nation state attacks. So, between all of those things, the drivers are just continuing to force cybersecurity to become better and better. And, that's why the innovative startups are really, you're seeing these 1700, because the legacy companies can't fix these problems. And, you know, you talk about all these different paths for hackers to get in. It's absolutely the case and we are really big on areas, as you mentioned Jeff, the automation. It has to be about automating. It has to be about having a real solution for a real problem. You know, you look at, let's say 1500 of these security startups, a lot of them are about technology for the sake of technology. So, we're pretty excited about a couple of areas. One, is application security. If you think about the Equifax hack, you know, it's as simple as getting into the website and being able to hack into all of the PII data if you will. And, we've invested in a company called Prevoty and what they do is they make it easy for the application security folks to meet with the DevOps folks and inject the software into these applications. The reason why that's really interesting is, if you think about how long it takes for the DevOps guys to get all their new updates out, through that whole cycle, when you could automate that process and reduce that time to market, that's what it's really all about. >> So, what's your take on GDPR. You know, it's past a little while ago, the enforcement comes into place next month. It's weird what's going on with Facebook right now. I don't ever hear GDPR in the conversation of what's going on, and yet, it's just around the corner and it seems like it would be part of that conversation. DC is just king of a Y2K moment, where there's a lot of buzz and the date hits and we get past it and then we kind of move on with our lives, or is this really a fundamental shift in the way that companies are going to have to manage their data? >> Well, I can show you my scars from investigating compliance companies. I think the winners in that space, from a business standpoint are going to be the consultant companies, initially and at some point then, the legacy guys are going to be also involved, as well as some of the startups. But, clearly, until you see some of the large penalties happen, there's not going to be a lot of movement. There's going to be a lot of hand waving and consulting firms are trying to figure out what's your problem, how do we solve it. So, you're going to see, I'm sure, around the floor a lot of GDLP stuff, but we're being very cautious about where we invest there because, as you say, Y2K and a lot of this is going to be a lot fud. The legacy guys are going to say, oh we can handle that. Same as they did with cloud. Look how long it's taking cloud to get adopted, my God. I mean-- >> Right. >> GDRP is a big piece of that. We did investments in that space, around CASB, it's called. And, we invested in a company called Prelert. It had great traction, but then it just kind of topped out. So, it's going to be investable space and there's going to be a lot of money dumped in there because it's, you know, the Lemming effect. All VCs are going to follow that. >> Right. >> We'll see what happens. >> And then on the cloud, you know, with the growth of public cloud with Amazon and Azure and Google Cloud Platform, and they've got significant resources that they're investing into the security of their clouds and their infrastructure. And, yet, we still hear things happen all the time where there's some breach because somebody forgot to turn a switch from green to blue, or whatever. How did the startups, you know, kind of find their path within these huge public cloud spaces to find a vector that they can concentrate on, that's not already covered by some of these massive investments that the big public cloud people are making? >> Yeah, I think some of the, you know you point something out, I mean we got to think about cloud, you think about the public cloud, you think of private cloud and hybrid model and so on. I think that's really where things are going to to be for a while. The big guys, the big companies, enterprises are not putting a lot of their crown jewels out in the public clouds, yet. And, so the private clouds are equally important to them. And, so they have to be secured. And, the public cloud, you know, there's definitely they have some good security, but they quietly are implementing security from innovative companies also. They're not as public about it because they want to have they're already secure, so don't worry about me, but there's a lot of opportunity there. >> Okay, and then when CIOs are talking about security and thinking about security, ultimately they cannot be 100 percent secure, right, it's just you cannot be. >> It's called job security. >> Yeah, job security for us, right. But, I was thinking of this kind of as an insurance model. At some point, you get kind of the law of diminishing returns and you got to start making business trade-offs for the investment. How are these people thinking about this, at the same time, seeing their competitors and neighbors showing up on the cover of the Wall Street Journal breach after breach after breach? What's the right balance? How should they be thinking about managing risk, and thinking of a risk problem as opposed to kind of a castle problem? >> Yeah, and that's the biggest problem with CIOs and CSOs right now. It's all about what's good enough. Where do I reach that threshold? And, so there is definitely buyer fatigue. And, I think it's a matter, there are companies out there that look at the risk profile and are actually giving ratings of, what is your environment look like. We just invested in a spin out from, we helped spin out a company called CyberCube out of Symantec, and it's insurance. And, they're looking at, from a cyber insurance perspective, of what's your risk profile within your organization and selling and that data from Symantec as well as the data they have and going back to the insurance, the under buyer and saying, hey, we can show you the risk profile of this company and you can properly price your cyber insurance now. We all know how large the cyber insurance market is, so there's a lot of opportunities in that space to really look at the risk factors. >> Alright, well before I let you go, to go visit all the 117 startups, which will be looking for your cheque, I'm sure. >> Human ATM. >> What is one or two things that you think about in some of the more progressive startups that you talk about that still hasn't kind of hit the public eye yet. That they should be thinking about, or that we're going to be talking about in a couple years that's still kind of below the radar? >> Yeah, you know, if I told you then everyone else would be-- >> That's true. >> So, I have to be a little careful. You know, I think the interesting thing is, you know, a bit of a contrarian view. Is, if you think about consumer space, people don't really want to invest. Investors don't want to put money in the consumer, but you think about Symantec again, LifeLock. Identity protection, 2.3 billion dollars Symantec paid to get LifeLock. That's a lot of money. But, if you think about five years ago, how many consumers would pull out their Visa card to buy security. So, we think that there's really a potential opportunity on the consumer side. Now, AV is pretty well scorched earth. A lot of places, a lot of these endpoint things are scorched earth, but consumer might be an interesting place to be able to take these enterprise applications and, what I call, the consumerization of security, and take some of those interesting application and solutions and bring them down to the consumer in a bundle type of environment. >> Yeah, well certainly with all the stuff going on with Facebook now, people's kind of reawakening at the consumer level of what's really happening would certainly be fuel for that fire. >> We have an investment in a company called IDEXPERTS, which does breach remediation and our goal right now is we're continuing to add products from that space to be able to give the consumers a very robust offering. >> Alright, Sean, well thanks for taking a few minutes out of your day from prospecting. >> Yeah, pleasure. >> Over on the floor, he's Sean Cunningham, I'm Jeff Frick. You're watching theCUBE from RSA North America 2018 in downtown San Francisco. Thanks for watching, I'll see you next time. (upbeat music)

(upbeat music) >> Announcer: Live from Los Angeles, it's theCUBE covering Open Source Summit, North America 2017, brought to you by the Linux Foundation, and the Red Hat. >> Okay, welcome back everyone. Live here in Los Angeles, is theCUBE's exclusive coverage of the Open Source Summit, North America. I'm John Furrier, your host, with my cohost, Stu Miniman with Wikibon. Our next guest is Ross Turk, Director of Evangelism at Red Hat. Welcome to theCUBE, good to see you again. >> Good to see you. >> So, evangelizing is now going to be super more important as Open Source Summit, formerly called The Linux Con, Linux kernel. So, Linux is really now the foundation. So, now all these new products are emerging, hence the new name Open Source Summit. You guys are in the middle of it. >> Ross: Mm-hmm. >> What's the themes that you guys are pumping out there right now from an evangelist standpoint? Give me the order of operations in terms of priorities. >> Well, gosh, we're trying to tell stories about how people operate infrastructure in today's modern world, right, which is a lot about making sure that, you know, dealing with ephemeral infrastructure, dealing with containerized applications, and that sort of thing. It gives a lot more flexibility to people who are doing modern operations. It's about applications that spill over across multiple machines and doing so in a way that doesn't require a lot of heavy lifting or wiring things up by hand. So, there's this whole modern operations experience thing we talk about, but we also talk about a modern developer experience. What does it mean to build applications today? And, of course, you combine those together it turns into Dev Ops, right. But, the large companies still work in these two separate worlds. But, people are building technology differently than they ever did in the past, and they're deploying it differently than they did in the past. So, there's lots of stories that can come out of that. >> Well, let's start with the story that we love. Stu and I were talking about the server list at the beginning because you have the Dev Ops movement certainly is going mainstream. You're seeing a lot of enterprises looking at that as viable. Now, they're operationalizing it, and they need to have that industrial strength Red Hat, Linux. But, now Kubernetes and Servalist, the younger developers, they just want an infrastructure as code. >> That seems to be a very hot story here, and Kubernetes server list is kind of in the hallway conversations. How do you guys bring that to bear? >> Well, I think that what Red Hat does is we give an operating environment that can sit underneath all of it with Rail and everything else we build that is stable and secure and reliable. And, you need that in order to have all of this chaos happening above it with developers deploying microservices and moving things around, and demands changing and all these other things, you need to have something really stable and reliable underneath that, something that you know can be if the applications and virtual machines and containers aren't long running, what sits underneath of them is long running, and it still needs to be stable and reliable. So, a lot of the work we've been doing for the past 20 years around Linux Engineering, I think, contributes to making this stable environment for a modern developer. >> Yeah, Ross, one of the challenges in scaling is usually I've got to worry things like storage. You know, state is there, you know data gravity is something we need to be concerned about. It's great to say ephemeral and I want everything anywhere, and, I can put it in this cloud or use it in that application, but at the end of the day it's tough to build some of these pieces. How's Red Hat helping there as containerization and scale, how does that fit into kind of this storage discussion moving on? >> It's a real struggle right, because you can talk to people and they say oh, every single one of the microservices held over and they scale out, and all this, and they talk about this really elaborate infrastructure like well, where is all your data being stored? Oh, it's sitting in Oracle, you know, so you find this sort of like dissonance between how data is managed and how applications are managed. At Red Hat, we believe that storage should be another microservice alongside all the other microservices make up and application. So, that's why we put a lot of engineering effort into making things like Ceph and Red Hat Gluster Storage work well alongside Open Shift so that a developer can provision storage as needed without having to go to an ops person, and that when that storage gets provisioned it's in containers alongside other containers that are providing the other things that your application needs. >> Software defined storage was the answer, it's the Holy Grail. We've heard software defined data center. We've been covering this also in the VM world, heard an awful lot about that. But, that still is a key part of the software, and now you have hardware stacks, so IOT and Cloud are opening up these new use cases for enterprises where whoa, we actually kind of didn't test that hardware with that software, so it's kind of interesting dynamic because software defined is still super important. What's your view on software defined storage, in particular, is that an answer, is it stable, what's your thoughts? >> Well, I think it's an answer, but it depends on what the question is, just to be kind of-- >> What is software defined storage? Let's start with that one. >> Well, so, what is software defined storage? Software defined storage is, okay, so I'll say it in more like what it isn't. >> The traditional storage, traditional storage solutions get deployed as appliances, which are vertically integrated hardware and software solutions that are built to do one thing, and to do that one thing well. And, that one thing is to store data. They're kind of like big refrigerator-sized things that you bring into your data center with a forklift and it's a big oepration, and then they provide storage for any number of applications. What software defined storage does is it implements those same services and those same capabilities, but it does it entirely in software. So, instead of being this vertically integrated software, hardware solution, you end up with software that lets you build it on any hardware, and that hardware can be physical hardware so you can build a storage cluster made up of 1,000 bare metal servers, or you could build that same cluster on a thousand VMs inside of a public cloud. So, in making storage no longer a hardware problem, like it used to be, I mean fundamentally it's a hardware problem, you get down bits are stored somewhere, but, the management of storage is no longer a hardware concern, it's a software concern, now, and that means it's a little bit more flexible. You can containerize it. You can deploy it in the public cloud. You can deploy it in VMs. You can deploy it on bare metal. So, that's what software defined storage is doing is it's changing things around, but it requires different skills. >> Come on Ross, I want a storageless environment, can we get on that? >> A storageless environment? Sure, I guess. Storage has become somebody else's problem at that point. >> Absolutely, how about, how is containers changing that whole discussion? You know, it took us like a decade to kind of get storage working in a virtualized environment, networking seems to be really tackling the container piece, storage seems a little further behind, you know, what're you seeing some of the big challenges there and how are we looking to solve that? >> Well, here there's when you look at containers and storage, there are really two things to consider. The first is how do you make storage such that a containerized environment can consume it easily, right. This is what at Red Hat we call container ready. So, we call a storage solution container ready, what it means that your container platform knows how to consume it. Most storage is container ready, all it takes is a Kubernetes volume driver to be container ready, and that's one half of it, and that's really, really important. It's the same kind of thing we had to do with virtualization, making sure every hypervisor could talk to every storage system. Now, we're making sure every container platform can talk to every storage system. That's important, but it's only half the puzzle, 'cause the other half is now that you have storage as a software thing, a distributed software thing, you can actually deploy that storage inside the same containers that you're using, that are driving the demand for that storage. So, it's this kind of weird, you know, snake eating it's own tail thing where you as a developer, let's say I'm deploying an application, I need a database, I need a web server, blah, blah, and a bunch of other things, and I need a scale out storage system, I can deploy that in containers just alongside everything else, and it uses the local storage of each of the container hosts to build that shared storage that then is used to provide services to other containerized applications. So, it's the ability to have storage in containers Which is really strange. We call that container native storage. >> It's interesting the markets going pretty crazy, so if you kind of take the Dev Ops and say assume for a minute infrastructure is programmable. >> Mm-hmm. >> But, then you look at the developer action right now on the App side, we've seen all kinds of new stuff Apple has their announcement today with the new iPhone 8. We've been covering that on siliconangle.com. Forbes has got great stories as well. New AR kit, so augmented reality is a huge deal, virtual reality obviously still hyped up, is still promised, those are going to require new chips. That's going to require consumer behavior change, so, the developers are staring at a different market than worrying about provisioning storage, right. So, but, these are now new pressures. New hardware, new opportunities, as a developer, advocate, and evangelist, and an industry participant, and user, how do you look at that, and how is that impacting the developer market because Androids got good stuff coming down, too, not just Apple, Samsung? >> Ross: Yeah. >> It's all multimedia, I mean. >> Well, what's interesting about AR kit is that if you go just back five years that same capability required a very, very particular type of phone, you know, like the project Tango stuff required all these depth cameras and like connect style stuff to do the AR kit, and Apple was able to solve a lot of that in software just using two cameras, right, and in software. And, I think that's really-- >> John: On a phone? >> On a phone, on a phone no less, and I think what's amazing about that is all of the capabilities that we walk around with in our pocket now were really hard to get a long time ago. >> Well, this is interesting, your point, let's stay on this because this really illustrates the point. AR kit, for example is proving that the iPhone now is smart enough and with software, enough horsepower to do that kind of thing, but that's replicable across all devices now as an IOT device. The Internet of Things is going to be a freight train coming down the tracks, security, endpoint security, whether it's, I mean all kinds of coolness, but yet threats are there. So, software has to do all this, right. So, how's that going to impact the cloud game, your business, you guys you have to move faster on hardening things, be more organic on the innovation side, not business-wise, but technical strategy. >> Well, I think a lot of it is enabling developers to work more quickly and build features more quickly, also, educating developers on the security and privacy ramifications of the things that they build because it's really easy to just go out in front and advance and innovate and forget about all of that stuff. So, it's about changing developer culture so that you consider security and privacy first, as opposed to later. And, also, maybe you want to consider storage as well if you're talking about machine learning or IOT and all of these types of things, you're -- >> Videos, I mean this is video, software rendering. That's a storage nightmare. >> It's all got to live somewhere, and once you put it in that place where it lives, it's really hard to move it. So, this is a thing you want to plan from the very beginning. >> And, I think that's what's cool about AI, too, and self-driving cars it's a consumer, you know, flashy, coolness that can say hey, this is happening. I mean how fast is happening, but the developer is now bringing it to the businesses and say, okay, we don't have an AR virtual reality strategy for our retail, for instance, you potentially could be out of business. So, these are the kind of thoughts that are going at the C-level that now are going into what used to be IT, but all of IT, how do you handle this? This is an architectural question, so your thoughts on that, because that seems to be a conversation we see a lot. Architectural that's going to solve problems today, not foreclose future opportunities. >> Well, it's cultural, too, inside of the company, like everywhere inside of a company there used to be Internet teams in companies, remember. We used to be like oh, go talk to the Internet team because something's wrong with the Web or whatever, now, there's no Internet team, everybody's the Internet team, Every single team in an organization is thinking about how to leverage the Internet to make their job more effective. The same is going to be true for everything that we're talking about, you know. Security, interestingly enough, so many people always thought security was somebody else's problem. but just this week, we were reminded that it's everybody's problem, hundreds of millions of people's problem, security. So, I think that as these things kind of advance-- >> John: Security first, and privacy first is critical. >> It is absolutely critical, and there used to be, I mean, I think at some point maybe there won't be a security team inside of a company because everybody's going to be the security team, but it's like everybody's the Internet team now, and I always felt the same way about open source communities. I thought there would never, you know, always everybody-- >> Well, people are ruling their own security now. You have these LifeLock or whatever they call them, these services for a password protection because you can't trust even all these databases that are out there. You have block chain with immutability, yeah, certainly the wallets are not yet, but I mean certainly this is where it might be a future scenario. >> Yeah, and I think for all of these things agility is going to be key. The ability to go down a path a certain distance and realize whoa I've run into a privacy problem, back up a little bit, continue down another path. I think that the faster we can make the development process, I think the less risky we make going into all these new frontiers. >> Yeah, Ross, one of the things we've really liked watching the last kind of five years or so is storage turning into a discussion of data and how can we leverage that data, real-time data, you know, decisions at the edge, analytics, what's exciting you the most about kind of the storage world these days? >> Oh boy. Well, you know, I just spent about five years in the storage infrastructure world, so a lot of what kind of kept me going day and night was saving people money, making things faster, making things easier, but also, giving storage platforms that were elastic enough to handle all of this really interesting stuff that happens on top of them. So, there's all kinds of new big data stacks that I find particularly interesting, a lot of the real time analysis stuff like Apache Spark and things like that. There's so much going into visualization right now, as well, how you handle large amounts of time series data and that sort of thing. There's been a lot of advancements in exactly that. Personally, I'm really excited lately in all the data of this stuff, all the ways you can extract meaning from all this data, you know, the ways that you can give it a business context that allows you to make better decisions with it. >> Not a lot of data conversations here at this conference as is open source software, but I mean data I mean I've said and I wrote a blog post in 2008 Dave always, Dave Olantho always jokes with me because I always reference it, I said data is the new development kit, meaning data is going to be part of the software development model, and it actually is with big data, but, you're not hearing a lot of it here because most people are talking about their communities, their projects, but the role of data is fundamental at the edge. >> Ross: Absolutely. >> And, so, how is that going to change some of these conversations and can data be developed on, and is data now part of the software development life cycle that's coming to fruition in the new way. >> Interesting, I think that's an interesting observation that as we see sort of Dev and Ops coming together, right, the world of the operator and the world of the developer coming together, I think we'll probably, at some point, see the world of the developer come together with the world of the data scientist because as I kind of wrack my brain I'm thinking okay, what type of future developer wouldn't have to be dealing with large amounts of data wouldn't have to have that kind of skill to be able to deal with it. So, I think we're going to start to see more software developers getting more involved in big data, machine learning, data analytics, and things like that for sure. >> Well, either way, this open source growth that's coming is going to be exponential. Data is already there. I mean we have a joke in our office software is eating the world as Mark Andreasen would say years ago, but, data is eating software. So, in terms of how you look at it someone's eating somebody, but, this becomes interesting for the IOT developer, or the industrial developer. Those systems were never connected to IT in the past. It was like they ran their own stuff from their own terminals. >> And, there's this idea that everybody's heard that data has gravity, right. And, I actually was talking to somebody about this and they said, well, actually the data has inertia, and I'm like, no, that's not really it 'cause once it's moving it's not hard to stop it. The idea that data has gravity means that let's say I'm putting together this new IOT application, or whatever, I'm gathering data from a bunch of sensors or whatever, and I've got the data in that place. Now, having all that data in that place is more meaningful to me than most of the software that I wrote. You know, it's like that is the value, the kernel of the data is there, and data having gravity means that it's hard to move once it's in a certain place, but, it also means that it attracts workloads to it, right. So, it used to be that software was king, and software created data and managed data, and now data is king, and it brings software to it, I think. >> I totally agree with you, and I think they might even call this the open data summit soon, but it's beyond open source. Now, this is going to be great. They work hand in hand. Software and data are going to be great. Stu what's your thoughts on the role that data's not being talked much here? >> Yeah, John at Amazon weighed in last year. When we talked to Andy Jassy it was the customers were the flywheel, and I think data's going to be that next flywheel of really feeding into that data gravity discussion that you were having, Ross. You know, when Hadoop came out it was like oh, we're going to bring the code to the data. Well, we know if I'm going to have more data I'm going to have my data sources, I'm going to have third party data sources that I want to be able to work and interact with those, so, data absolutely huge opportunities there, and the companies that can leverage that and get more value out of it is going to be a-- >> Well, we already see it's a competitive advantage, no doubt, but it's the privacy issue still the big debate like we know in our immediate businesses. Look at Facebook, I've got a free App I get to see all my friends' photos, their vacations, everyone's living a great life on Facebook, but, then all of a sudden I give my data away for free for the privilege to use that App, but all the sudden they start injecting fake news at me. I don't want that anymore, and you're still making money off of my data, so that's interesting. Facebook makes money off of my data. >> Yeah, that's-- >> That's my contract with them. >> Yeah, If you ask what their asset is, one person might think it's traffic, you know, or eyeballs, but, I think it's data. >> So, they're using data, I might not like it, so that might be an opportunity for somebody else so your point Stu, so if you start thinking about it differently, data decisions are going to be an architectural challenge. >> Yeah, absolutely. I think enterprise architecture thinking, even today, you're seeing enterprise architects thinking more and more and more about data than they have in the past. >> Ross, what do you think about the show, final word in the segment, what's going on Open Source Summit, share with the folks that are watching? >> The vibe here, it's now a new name, but it's still the same game, multiple events come together. >> Yeah, multiple events together. I like Open Source Summit as a name. I think it's a good name. It's properly named for what's going on here. It's been an interesting experience for me because I've been in this community for a really long time. So, I come here and I run into all kinds of old friends, the hallway track's always a good track for me. The content is fantastic, but the hallway track is always really good, and I can't think of anywhere else where you can go and get this selection of people, right. You have people who're working on all layers of the problem, and they can all come together and talk. So, I don't know-- >> It's really a cross-fertilization, cross-pollination, whatever word you want to use. I think this event's going to be in the 30,000 pretty quickly. I mean this is going to be. Well, if you look at the growth, the numbers, you know, presented on stage, Jim Zemlon, was pointing out the growth, by 2026, 400 million libraries. I mean people still think that's underestimated. >> Yeah. >> So, that's a lot of growth. >> I think it could get there, and I think these folks organize great shows, so I look forward to seeing them scale up to 30,000. >> Ross, thanks for your commentary, appreciate the perspective, and the insight here on theCUBE. >> Thank you. >> Thanks for joining us. This is theCUBE live coverage from Open Source Summit, North America. I'm John, for Stu Miniman, back with more after this short break. (upbeat music)

(clicking) >> Hey welcome back everybody, Jeff Frick here with theCUBE. We're at PagerDuty Summit in San Francisco at Pier 27, I got to look at it. I've never been here before. It's a cool facility right on the water, between Pier 39 and the Bay Bridge. We're really excited to have back, I can't believe it's been like three years. To have Sheila Jordan, she's a CIO of Symantec and last we saw you was, I looked it up it was Service Now Knowledge 2014. >> Yes that's correct. >> Sheila, great to see you. >> Sheila: Nice to see you. Thanks for being here. >> Absolutely. So I think when we first talked you were just starting in your role in Symantec and now you're three years into it, you just got off a panel about leading digital transformation, so just give us kind of a general view of what you've been up to and how has that journey been progressing? >> Right, well it's been quite a journey and I would say that it's been really a transformational journey. So the vision for Symantec really is to become the largest cyber security company in the world. And that vision really started two, two and half years ago and I'd say that today it's a reality. When I was hired, I was actually hired to in source IT, so we completed that and then when we went through the Veritas separation, so we separated the company with Veritas which was a pretty significant separation. And then subsequently we've acquired four or five companies, we've recently acquired the Blue Coat company, which with that acquisition, we get our CEO Greg Clark. And then we've also acquired some other companies on the consumer side so the LifeLock business is really tied to our consumer digital safety. So we've been very busy and now we've just announced a small divestiture on our website security business. So lots of acquisitions, lots of change, lots of transformation, that really would been bringing into the organization. >> Jeff: Right and you talked on the panel your job is you got to keep the lights on and keep things moving. Then you've got this acquisition and in your case big, the split the divestiture. But then you still want to innovate and you've talked about looking at new applications, and I thought a really interesting comment you made was about shadow IT. >> Right >> And shadow IT is not all bad. There's a reason that somebody decided to take that action. And really they're trying to understand why? And what was the application requirement? And not just throw it out as unauthorized use. Pretty interesting lesson. >> Sheila: Well a couple things on that. Working in an engineering organization you can't ignore when there's apps being used and come up, because there's a need. Obviously there's a need that the IT organization isn't providing and so what it that need? And what is that capability that the organization is looking for? Now the cool thing is we have technology called CASB which is the Cloud Access Security Broker. That allows us to look at the entire environment of what both cloud applications of who's using what. So for example, we are sanctioned and our standard is box, but I can look across the organization and see what cloud applications we're using and if Drop Box appears, that's a question to say no that doesn't make sense, our standard's box. But the reality is is that all other applications that might be coming out of the engineering organization's using, we should be asking ourselves why? What capability are we not delivering? And how do we bring that into the IT arsenal? >> Jeff: Right, right. And essentially you bring up the box example because another thing you talked about on the stage was your cloud adoption. So kind of you threw out a number, 62%. So I'm not exactly sure what 62% is. But where was it when you got there? What is 62%? What are you measuring? And there's conversations about direct ROI but it's a much more complicated formula than just a simple ROI. >> Yes it really is, and I would say that first of all, from an IT perspective, I think any CIO has the obligation to help the organization run, change, and grow. And forward thinking CEOs really understand that technology can be used to not only run the company, that's kind of old school legacy total cost of ownership costs. Really super important, but it's not only run, but how do you use the technology to change and grow? So when you have opportunities like Saas, that allow the CIOs to have, reduce our total cost of ownership, be more agile, have the Saas providers update their products and solutions and all of that, that's kind of on the Saas providers. It makes our job a little easier or different I'd say. What I mean by that is the role of the CIO hasn't changed. Our job is to protect the company's assets. All of our company's assets and our data whether that's customer data, employee data, partner data. And yet five or seven years ago, it was these monolithic applications it was a private data center. on-prem physical data center. It was massive or monolithic geopcs. All of that has changed. So the role hasn't changed but now we've got to think about Saas applications. Cloud, infrastructure as a service. Public cloud on the infrastructure side. We think about all the applications that are coming in on our mobile devices. We think about IOT, we think about structured and unstructured data. Our role is the same, but how we have to manage that complexity to help our companies and enable our companies run, change, and grow; it's just very different. >> Jeff: And then you get involved in kind of investigating how the second order impacts? Kind of the law of unintended positive consequences by going to a Saas application, for instance. Or going to some of these platforms that doesn't show up in the simple ROI analysis. >> No, I agree with that. But I also think it's total cost of ownership but it's also as important today, as a agility. Everyone wants to get to market faster. Everyone wants to feel to be more productive. So it's really the combination of both total cost of ownership and agility. >> Yeah you said an interesting thing too. "Speed is a habit." Which is a really interesting quote. Because everybody wants speed. >> Absolutely >> And we just had another guest who talked about speed actually does correlate to better software. Because it forces you to do that. But everybody wants speed. You got to have it. So the other, you were all over, I got notes. We could go on all day. I won't go on all day, but somebody talked about what are the limits? What are the limits of applications? As you made a really interesting comment that at the end of the day, it's just about the data flow, and having a horizontal view from your seat. You may find that there's other ways to skin that cat based on what other people are doing. >> Sheila: Right, so I would say one of the reasons I love being in IT, is we see horizontally. There's many functions in the company that see in those silos, but we get to see horizontally which means we see the redundancies in an organization and some of the gaps. And so and as the world changes, that it's less about these monolithic, huge applications, but more about cloud and Saas. It really becomes important about the data flow. Where is the data? Not only is it in that say sales force application, but how does that sales force application move to a box? And how does that content move from box to say some of the collaboration tools in technology and how does that move and flow? Our role has to be about, one: Understanding the data flow and really where that exists. And how do we enable the entire business? Every function to be even more productive. But also how we protect and secure that. So, I think it's so exciting that not only are we doing, our view in IT is to deliver that unified, end to end experience. And it all comes down to the reference architecture approach. But the other part why I'm so excited about Symantec is because we're moving into the notion and the vision of having an integrated cyber defense platform. And I'll explain that for one second. Because historically, the security business has been really fragmented. Point solutions to protect every layer of your architecture. So whether you had a point solution in infrastructure, or end points, or data, or at the web gateway layer. Whatever that was, and what happened is, over time, our recent report would suggest that a large enterprise has anywhere between 65 and 85 security products in there enterprise. Large, large enterprise. >> 65 to 85. >> Security products >> Point solutions. >> In their enterprise. (Jeff chuckles) Yeah and so >> Tough to manage. >> It becomes, yeah it really does. One of the visions that Greg Clark and Mike Fey have for our company, is why can't we be, and deliver this integrated, cyber defense platform? Because it's really connected. We then have products that will live at each layer of the architecture but connected. And so the really super cool thing about that, is that the white spaces between those fragmented products, really are breeding grounds for the bad guys to come in and stay awhile and sit and watch and observe. If you have all that legacy technology and legacy applications, it just becomes a breeding ground. And when you have an integrated cyber trends platform that actually allows it to be much more integrated and really reduce some of the risks and all for our CEOs and customers, a better opportunity to effectively manage their environment. >> Right and you guys are a security company, but also you're a CIO of trying to protect stuff. So you're in a really good spot. Cause the other thing that's happening is this radical increase in the tax services. Especially as we go beyond cloud and APIs to edge economy and IOT devices. As you kind of look at the future of both for protecting your own stuff but also helping to deliver the products for your customers, if the security space is really really rapidly evolving. >> Rapidly evolving and becoming even more important. Because again, the flow of data from your sales force application to your mobile device to IOT back to a content solution. Back to some of the collaboration. The flow of data, is now app to app, or Saas to Saas. Saas to device, device to infrastructure as a service, so it really is the flow of data is so dynamic, and so security becomes just super critical to make sure we're securing that data in motion. >> Right, Right. Yeah it's crazy. And even if you have the most secure systems, you might have lapses in protocol which we hear like some of the CAWS breaches, where somebody didn't configure something right. Alright so, I could keep you here all day (Sheila chuckles) But I won't. But I want to give you that last word. What's next? And there was a little bit of conversation on the panel, so I want to open that up again. As you kind of look forward or, the cloud thing's kind of done, the API thing is kind of done as you look forward, what's kind of the next ... Never say five years in this business. Next couple years, you're excited about the move in the industry forward. >> Sheila: Well I actually think, and I know it might be an overused term, but I really think that we're just scratching the surface on AI artificial intelligence and machine learning. We're using a lot of that in our products today and how we're building our security products. But when I think about corporate IT, and I think about how we deliver statistics and information about our business. So transactional reporting on bookings and revenue and forecast and expenses, there needs to be a better, more predictive way of analyzing that data and understanding it in a much more sophisticated AI. Machine learning that we get our customer insights. And we really start to use those insights into building out that kind of knowledge as we move forward. I look forward to really beginning to really really have some strategies on AI and machine learning in corporate IT. >> Alright, well Sheila Jordan it was great to see you. Hopefully it won't be >> Nice to see you! >> Three years >> Three years till we see you again! CIO of Symantec. I'm Jeff Frick. You're watching theCUBE from PagerDuty Summit San Francisco. Thanks for watching. >> Sheila: Thank you so much. (upbeat electronic music)

(upbeat music) >> From Phoenix, Arizona, the CUBE, at Catalyst Conference. Here's your host, Jeff Frick. >> Hey welcome back everybody. Jeff Frick here with the CUBE. We're in Phoenix, Arizona at the Girls in Tech Catalyst Conference. There's a lot of catalyst conference, but there's only one Girls in Tech Catalyst Conference. It's their fourth year, about 400 people they're going to be back in San Francisco next year. Wanted to come down and see what's going on. And we're really excited with our next guest. Actually part of my prep, I went and watched our last interview and we knocked it out of the park, I have to say. Jennifer Tejada, former President and the CEO of Keynote. Welcome back. >> Thank you, thanks so much for having me. It's great to see you again. >> Absolutely, so just to set the record straight, 'cause there's little bits on the internet, you're no longer the CEO of Keynote. >> I am no longer the CEO of Keynote. Keynote was acquired by a company called Compuware. It was merged with a business within Compuware called Dynatrace. Following that integration last year, I stepped out of the business and have been spending my time making some investments, pursuing the growth arena in Tech, and also spending a lot of time on boards and helping other women establish themselves in the community of boards and the technology industry. >> Okay, so if they weren't ringing off the hook already, now your phones will begin to ring off the hook. >> (laughs) >> You couldn't get a better CEO than Jennifer. >> Oh, thank you. >> But let's jump in. So you've been spending your time too, helping at conferences like this. So you had a session here. >> Yeah, I'm speaking today about operations. >> That's right, coming up. >> My presentation's called "Ops Chops". It's a subject that's very dear to my heart because of the pragmatism of operations, and how underrepresented I think it is at conferences like this. You know, we've seen many inspiring speakers in the last two days, talking about their paths to success, and to leadership, and giving the women in the room a lot of great advice on how to manage everything, from your career development, to work-life balance, to conflict, to challenges, how to really navigate the tech industry. Which, you know if someone could send me the book on that, that would be great. But no-one's really talking about, I think, where the rubber meets the road, which is operations. I believe operations is the bridge between strategy and the execution of great results. And there's a lot of math in operations. In the tech industry right now, we're hearing a lot of storytelling, and narratives about great new companies, new products, and the vision for how we're going to change the world, et cetera. But at the end of the day, if you want to be successful, you have to set goals that are helpfully aspirational, but realistic, and then you've got to nail your delivery. Because if you miss a beat, you don't have a lot of time to make up for that miss. And you've got investors, you've got shareholders, you have employees that expect you to deliver. And so operations I think is a great mix between art and science. The math of really measuring your business, the rigor of measuring your progress, really understanding the underlying financial drivers in your business, and then orienting your culture, and your people around the best possible execution that gives your strategy the most potential to be successful >> Right, and ops kind of gets a bad rap all the time. Everyone's talking about strategy and strategy, and we're all about strategy. At the end of the day, strategy with no execution, it's just a nice PowerPoint slide, right? But it's not like you on this. >> Exactly, exactly. And I think, you know I've been around for a little while. I've seen the market cycles in the technology industry. And we're certainly seeing a connection now. And a lot of businesses that marked themselves and measured themselves on how much money they've raised, or how much money they've spent, are now trying to figure out how to generate cash flow, and how to survive over a longer period of time if the market does soften. So I have a lot of respect for people who know how to generate cash flow, and deliver results, and deliver revenue, and measure their business on the basis of growth. Customers that vote with their dollars, right? >> Right. >> And so, yeah, I think operations, it's the unsung hero. When it comes to business outcomes. And so we're going to spend some time today talking about what I think is the quiet achiever in leadership. >> The other thing that's kind of interesting, cause we've got all these big data shows, right? Big data, cloud, probably two of the biggest topics right now, internet of things, of course being right there. But this kind of nirvana picture that gets painted, where there's going to be all this automation, and I'm just going to throw it in a big Hadoop cluster, and voila, everything happens. >> Boom, I'll have the answer. >> It doesn't really work that way. >> Not yet. I do think that machine learning, and artificial intelligence is progressing rapidly. And I think we're moving away from the automation of process to the automation of getting to the answer. I think analytics without action, though, leaves you kind of empty-handed. >> Right >> Like, so great, I have a lot of information, I have all this big data. I need the small data. I need data in the context of problems that I'm trying to solve. Whether, I'm thinking about it from consumer perspective, or a business perspective. So I see a real convergence between analytics and applications coming. You know, I think LifeLock has a funny commercial where they talk about alerting. And you know, don't just point to the fire. Like help me put the fire out. Help me figure out how the thing caught fire. And I think that's where machine learning and artificial intelligence can be super helpful. I also think that we're a long way away from really being able to leverage the true power of all this data. If you think about digital health, for example, and all the proprietary data stacks, that are being built through your FitBit, or your iPhone. You know, the way we're sensoring our personal health and fitness. But where's all that data going? Is it really contributing to research to solve, you know, health epidemics, right? No, because those stacks are all proprietary. No one wants to share them. >> Right >> So we need to get to a universal language, or a universal technology platform, that enables the researchers of the world to get a hold of that data, and do something super meaningful with it. So I think with progress, you'll also create open-ended questions. >> Absolutely >> And I think it's all positive. But I think we still have a long way to go, to see that big data environment really deliver great results. >> Right. So let's shift gears a little bit to leadership. >> Yeah. >> Another kind of softer topic. Not a big data topic. And when we talked last time, you came from Procter & Gamble When I graduated from undergrad, one of the great training programs was the Macy training program. May Company had one. So there were kind of these established things. IBM was always famous for their kind of training. It's a process where you went into a program, and it was kind of like extended school, just in a business context. You don't see that as much any more. Those programs aren't as plentiful. And so many people with the startup bug, so you see like in Iberia, they jump right in. I think you're mentioning off-air, one of the companies you're involved with, the guy's never had another job. So how do you see that kind of playing out? Kind of the lack of these kind of formal leadership opportunities, and what's that going to look like down the road. As the people who haven't had the benefit of this kind of training, or maybe it wasn't a benefit, get into these more senior positions. >> For sure. Look, leadership development is a topic that is of real interest to me. I was so fortunate and am so grateful for the opportunity that I had at Proctor & Gamble. I spent nearly six years there. And a big chunk of my time was spent in a leadership rotation program. Where you got to participate in a number of different projects and jobs, but you had mentorship, structured training and education, around what it takes to be, not just a good manager, but an effective leader. How you build a culture. How you engender people's commitments and dedication. How you really make the best of the resources that you have. How you manage your management. Whether that's board, or that's a CEO, or that's your shareholders. How you think about those things. And really tactically, what works and what doesn't. And being surrounded by people who are experts in their field. That was a long time ago, Jeff. And I don't see as many companies in the tech industry investing in that kind of leadership. And for kids coming out of college today, they're not rolling into structured leadership training programs. And so if you fast forward 20 years, what does that mean for the boards of the future? What does that mean for the Global 1000, and how those businesses are run? The good news is there's technology, there are plenty of amazing, inspirational founders out there, that have figured out how to build businesses on their own. And there's plenty of people like me, who actually want to mentor and help to build out the skill sets of these founders and these executives. But I do think that like many other areas of training and education which have been democratized in the industry, there's an opportunity to democratize leadership development and leadership training. And so that's something I'm spending a little bit of time on now. >> Good. And one of the great points you talked about. Again, go back and look at the other interview. Just Google Jennifer Tejada the Cube. Was really about as a leader, how you worked with exchanging value with your employees, right? And to quote you, you know, they're doing things that, they're not doing things that they might rather be doing. Spending time with their family on vacation, et cetera. And how you manage that as a leader of the company, to make them happy that they're there working, and to give them a meaningful place to be. And to spend that time that they're not spending on things that they might like more. >> I think culture is so important to the success of a business. You know, there are some investors that think culture is like an afterthought. It's one of those soft topics that they really don't need to care about. But for employees today, culture is everything. If you are going to spend a disproportionate amount of your waking hours with a group of people, it better be on a mission that's meaningful to you. And you'd better be working alongside of people that you think you can learn from, that inspire you, that stretch you to do more than you thought you could do. And so for me, it's about creating a culture of innovation, of performance, of collaboration. A real orientation around goals that everybody in the organization understands. In a way that is meaningful to them, within their role in the business. And that it's fun. Like, I won't do anything if it's not fun. I don't want to work with people who aren't fun. I was really excited. Two of the women who were on my leadership team at Keynote Flew here just to join me today, and support me as I'm giving a talk. But also to go out and have a drink. Because that's what we used to do after a long day at work. >> Right, right. >> And I think you have to be able to create a fire in someone by making sure that they, that they are being stretched. That they're learning and developing in that process. That they're part of something bigger than them. And that they can look back after a week, after a month, after a year in that business with you, and realize that they made an impact. That they made a difference. But that they also gained something from it, too. And I don't think we can ever underestimate the value of recognition, right? Not just money, but are you really recognizing someone for their commitment. For their emotional commitment to the business. For the time that they're spending and for what they've delivered for you, for the business, for your shareholder, for your customers. >> Jennifer, I could go with you all day long. >> (laughs) >> I'm going to get to one more before I let you go. Cause we're out of time, unfortunately. But you're now on some boards. There's a lot of talk. It feels like kind of the last plateau. Not that we've conquered the other ones. Because the last plateau is to get more women on boards. And we hear it's a matching problem, it's not so much of a pipeline problem. From your perspective, what can you advise? How can you help either people looking for qualified women, such as yourself, to be on boards. For qualified women who want to get on boards, to find them? >> That's a great question. I am very fortunate that there are people within my network that have spent time working with me, and can identify pieces of my experience that they think could be useful within their investment portfolio or within their companies. I'm part of a board called Puppet. It's an infrastructure software company based out of Portland. Super talented founder and team. Fast growing business in a really important space, software automation. Great board. I mean, I joined that board because every single person on the board, to a fault, is an amazing, accomplished executive, in and of themselves. Whether they're an investor, or a career CFO, or a career sales leader from the big technology side of the industry. So for me, it's such a great opportunity to collaborate with those people, and also take my experience, and lend what I know, and the pattern recognition that I have from running businesses, to loop the founder into his team. But I tell you, I wish that, and I hope that, the market starts to really think about diversity at the board level from a longer-term perspective. It's not just about how you find the women now. And by the way, there aren't that many female CEOs. But those of us who have sort of ticked that box and had that experience, we are available. And there are places where it's easy to find us. The Boardlist, for instance, is one of them. The Athena Alliance. Coco, the founder of that business is here. Women in Tech. I mean, it's out there. It's not that hard to find us. The challenge, I think, is the depth, the bench strength. Like who are the next female leaders that are coming up? That have functional expertise. You may need someone who's a marketing expert. You may need someone who's a product expert. You may need somebody who functionally knows consumer software, right? And it's really being willing, as a recruiter, as a recruiting executive, as a board member on the governance and nomination committee to say to your recruiters, to say to your investors, we want women on the short list. Or we want diversity on the short list. Like gender diversity, age diversity, racial diversity. A diverse board makes better decisions, full stop. Delivers better results. And I think we have to be demanding about that effort. We have to, the recruiting industry needs to hear that over and over again. And then on the flip side, we've got to develop these women. Help them build the skills. I mean, when I talk to women who want to be on boards, I say tell everybody, you want to be on a board. Be specific about the help that you need, right? Find the people that are connected in that network. Because once you're on one board, you meet board members there, they're on other boards. It does snowball. And in fact then you have to really choose the board wisely. Because it's not a two year commitment. You're in it for the long haul. So when you make that decision to choose a board, make sure it's a business that you have a real affinity to. That these are people that you want to spend time with over several years, right? And that you're willing to see that business through thick and thin. You don't get to leave the board if things go badly. That's when they need you the most. >> Right. >> So my hope is that we become much more open minded and demanding about diversity at the board level. And equally that we invest in developing women, men, people of different ages and bringing them to the board level. You don't have to be a CEO to be an effective board member, either. If you have functional, visional, regional expertise, that is a fit to that business, then you're going to be a very effective board member. >> All right, Jennifer, we have to let you go unfortunately. Thank you so much for stopping by and sharing your insight. No longer keynote, so now we can just use all our tags. Great Cube alumni, and tech athlete. So again, thanks for stopping by. >> Awesome, thank you so much for having me. >> Absolutely. Jennifer Tejada, I'm Jeff Frick. We are in Phoenix, Arizona at the Girls in Tech Catalyst Conference. Thanks for watching, we'll be right back. (upbeat music)