(upbeat music) >> TheCUBE presents UiPath Forward 5. Brought to you by UiPath. >> Hello and welcome back to TheCUBE's coverage of UiPath Forward 5. We're here in Las Vegas at the Venetian Convention Center. This is day two. We're wrapping up Dave Nicholson and Dave Vellante. This is the fourth time theCUBE has been at UiPath Forward. And we've seen the transformation of the company from, essentially, what was a really interesting and easy to adopt point product to now one through acquisitions, IPO, has made a number of enhancements to its platform. David Cardenas is here. Deputy Director of Operations for County of Los Angeles, the Department of Public Health. David, good to see you. Thanks for coming on theCUBE. >> Thanks for having me on guys. Appreciate it. >> So what is your role? What does it have to do with automation? >> So I had been, actually started off in the IT space within the public health. Had served as a CIO previously, but now been moving into broader operations. And I basically manage all of the back office operations for the department, HR, IT, finance, all that. >> So you've had a wild ride in the last couple of years. >> Yeah, I think, like I've been talking earlier, it's just been, the last two years have just been horrendous. It's been a really difficult experience for us. >> Yeah, and I mean, the scars are there, and maybe permanently. But it also had major effects on organizations, on operations that, again, seem to be permanent. How would you describe the situation in your organization? >> So I think it, the urgency that came along with the pandemic response, kind of required us to look at things, you know, differently. We had to be, realize we had to be a lot more nimble than when we were and try to figure out how to enhance our operations. But really look at the core of what we're doing and figure out how it is to be more efficient. So I think we've kind of seen it as an opportunity to really examine ourselves a little bit more deeply and see what things we need to do to kind of, to fix our operations and get things on a better path. >> You know, I think a lot of organizations we talked to say that. But I want to understand how you handle this is, you didn't have time to sit back in the middle of the pandemic. >> Yeah. >> And then as you exit, what I call the isolation economy, people are so burned out, you know? So how do you deal with that organizational trauma? Say, okay now, let's sit back and think about this. Do people, are they eager to do so? Do they have the appetite for it? What's that dynamic like? >> So I think certainly there's a level of exhaustion inside the organization. I can't say that there isn't because it's just been, you know, two years of 24/7/365 kind of work. And that's tough on any organization. But I think what we realize is that there's, you know, we need to move into action quickly 'cause we don't know what's going to come next, right? And we're expecting that this is just a sign of what's to come and that we're just at the start of that stage of, we're just going to see a lot more outbreaks, we're going to see a lot more conditions kind of hitting us. And if we're not prepared for that, we're not going to be able to respond for the, and preserve the health and safety of our citizens, right? So I think we're taking a very active, like, look at these opportunities and see what we've done and say how do we now make the changes that we made in response to the pandemic permanent so that the next time this comes at us, we won't have to be struggling the way that we were to try to figure things out because we'll have such a better foundation in place to be able to move things forward. >> I mean, I've never served in the military, but I imagine that when you're in the military, you're always prepared for some kind of, you know, in your world, code red, right? >> Yeah. >> So it's like this code red culture. And that seems to have carried through, right? People are, you know, constantly aware that, wow. We got caught off guard and we don't want that to happen again. Because that was a big part of the trauma was just the unknown- >> Right. >> and the lack of preparedness. So thinking about technology and its role in helping you to prepare for that type of uncertainty. Can you describe how you're applying technology to prepare for the next unknown? >> So I think, so that first part of what you said, I think the difficulty we've always had in the public health side is that there's the, generally the approach to healthcare is very reactionary, right? Your first interface with the healthcare system is, "I'm going to go see my doctor; I'm going to go to the hospital." The work that we do in public health is to try to do everything we can to keep you out of that, right? So it's broad-based messaging, social media now is going to put us out there. But also, to be able to surveil disease in a different way. And so the holy grail for us in healthcare has always been, at least on the public health side, has been to try to see how can we tap in more actively that when you go see the doctor or when you go to the hospital, how can I get access to that information very, very quickly so that I know, and can see, and surveil my entire county in my jurisdiction and know, oh, there's an outbreak of disease happening in this section of the county. We're 10 million people with, you know, hundreds of square miles inside of LA. There are places where we can see very, you know, specific targets that we know we have to hit. But the data's a little stale and we find out several months after. We need to figure out a way to do that more actively. Technology's going to be our path to be able to capture that information more actively and come up on something a little bit, so we can track things faster and be able to respond more quickly. So that's our focus for all our technology implementations, automation like UiPath has offered us and other things, is around how to gather that information more quickly and put that into action so we can do quick interventions. >> People have notoriously short memories. Please tell me (chuckles) any of the friction that you may have experienced in years past before the pandemic. That those friction points where people are thinking, "Eh, what are the odds?" >> Yeah. "Eh, I've got finite budget, I think I'm going to spend it on this thing over here." Do you, are you able to still ride sort of the wave of mind share at this point when putting programs together for the future? >> So whatever friction was there during the pandemic wiped away. I mean, we had amazing collaboration with the medical provider community, our hospital partners. The healthcare system in LA was working very closely with us to make sure that we were responding. And there is that wave that we are trying to make sure that we use this as an opportunity to kind of ride it so that we can implement all the things that we want. 'Cause we don't know how long that's going to last us. The last time that I saw anything this large was after the anthrax attacks and the bioterrorism attacks that we had after 9/11. >> How interesting. >> Public health was really in lens at that point. And we had a huge infusion of funding, a lot of support from stakeholders, both politically and within the healthcare system. And we were able to make some large steps in movement at that point. This feels the same but in a larger scale because now it touched every part of the infrastructure. And we saw how society really had to react to what was going on in a different way than anyone has ever prepared for. And so now is we think is a time where we know that people are making more investments. And our success is going to be their success in the longterm. >> And you have to know that expectations are now set- >> Extremely high. >> at a completely different level, right? >> Yes, absolutely. >> There is no, "Oh, we don't have enough PPE." >> Correct. >> Right? >> David: Correct. >> The the expectation level is, hey, you should have learned from all of- >> We should have it; we can deliver it, We'll have it at the ready when we need to provide it. Yes, absolutely. >> Okay, so I sort of mentioned, we're, David cubed on theCUBE (all laughing). So three Daves. You spoke today at the conference? >> Actually I'm speaking later actually in the session in an hour or so. >> Oh Okay. My understanding is that you've got this concept of putting humans at the center of the automation. What does that mean? Why is that important? Help us understand that. >> So I think what we found in the crisis is that the high demand for information was something we hadn't seen before, right? We're one of the largest media markets in the United States. And what we really had trouble with is trying to figure out how to serve the residents, to provide them the information that we needed to provide to them. And so what we had traditionally done is press releases, you know, just general marketing campaigns, billboards, trying to send our message out. And when you're talking about a pandemic where on a daily basis, hour-by-hour people wanted to know what was going on in their local communities. Like, we had to change the way that we focused on. So we started thinking about, what is the information that the residents of our county need? And how can we set up an infrastructure to sustain the feeding of that? Because if we can provide more information, people will make their own personal decisions around their personal risk, their personal safety measures they need to take, and do so more actively. More so than, you know, one of us going on camera to say, "This is what you should do." They can look for themselves and look at the data that's in front of them and be able to make those choices for themselves, right? And so we needed to make sure that everything that we were doing wasn't built around feeding it to our political stakeholders, which are important stakeholders. We needed to make sure that they're aware and are messaging out, and our leadership are aware. But it's what could we give the public to be able to make them have access to information that we were collecting on an every single day basis to be able to make the decisions for their lives. And so the automation was key to that. We were at the beginning of the pandemic just had tons and tons of resources that we were throwing at the problem that was, our systems were slow, we didn't have good ability to move data back and forth between our systems, and we needed a stop-gap solution to really fill that need and be able to make the data cycles to meet the data cycles. We had basically every day had to deliver reports and analytics and dashboards by like 10 o'clock in the morning because we knew that the 12 an hour and the five-hour news cycles were going to hit and the press were going to then take those and message out. And the public started to kind of come in at that same time and look at 10 and 11 o'clock and 12 o'clock. >> Yeah. >> We could see it from how many hits were hitting our website, looking for that information. So when we failed and had a cycle where that data cycle didn't work and we couldn't deliver, the public would let us know, the press would let us know, the stakeholders would let us know. We had never experienced anything like that before, right. Where people had like this voracious appetite for the information. So we needed to have a very bulletproof process to make sure that every single 24 hours we were delivering that data, making it available at the ready. >> Software robots enabled that. >> Exactly. >> Okay. And so how were you able to implement that so quickly within such a traumatic environment? >> So I think, I guess necessity is always the mother of invention. It kind of drove us to go real quickly to look at what we had. We had data entry operations set up where we had dozens and dozens of people whose sole job in life on a 24-hour cycle was to receive medical reports that we we're getting, interview data that's coming from our case interviews, hospitalization data that was coming in through all these different channels. And it was all coming in in various forms. And they were entering that into our systems of record. And that's what we were using, extracts from that system of record, what was using to generate the data analyses in our systems and our dashboards. And so we couldn't rely on those after a while because the data was coming in at such high volume. There wasn't enough data entry staff to be able to fit the need, right? And so we needed to replace those humans and take them out of that data entry cycle, pop in the bots. And so what we started to look at is, let's pick off the, where it is that that data entry cycle starts and see what we could do to kind of replace that cycle. And we started off with a very discreet workload that was focused on some of our case interview data that was being turned into PDFs that somebody was using to enter into our systems. And we said, "Well before you do that," since we can't import into the systems 'cause it wasn't working, the import utilities weren't working. We got 'em into simple Excel spreadsheets, mapped those to the fields in our systems and let the bots do that over and over again. And we just started off with that one-use case and just tuned it and went cycle after cycle. The bots just got better and better to the point where we had almost like 95% success rates on each submission of data transactions that we did every day. >> Okay, and you applied that automation, I don't know, how many bots was it roughly? >> We're now at like 30; we started with about five. >> Okay, oh, interesting. So you started with five and you applied 'em to this specific use case to handle the velocity and volume of data- >> Correct. >> that was coming in. But that's obviously dynamic and it's changed. >> Absolutely. >> I presume it's shifted to other areas now. So how did you take what you learned there and then apply it to other use cases in other parts of the organization? >> So, fortunately for us, the process that was being used to capture the information to generate the dashboards and the analyses for the case interview data, which is what we started with- >> Yeah. >> Was essentially being used the same for the hospitalization data that we were getting and for tracking deaths as they were coming in as well. And so the bots essentially were just, we just took one process, take the same bots, copy them over essentially, and had them follow the very same process. We didn't try to introduce any different workflow than what was being done for the first one so we could replicate quickly. So I think it was lucky for us a lot- >> Dave V.: I was going to say, was that luck or by design? >> It was the same people doing the same analyses, right? So in the end they were thinking about how to be efficient themselves. So they kind of had coalesced around a similar process. And so it was kind of like fortunate, but it was by design in terms of how they- >> Dave V.: It was logical to them. >> Logical to them to make it. >> Interesting. >> So for us to be able to insert the bots became pretty easy on the front end. It's just now as we're trying to now expand to other areas that were now encountering like unique processes that we just can't replicate that quickly. We're having to like now dig into. >> So how are you handling that? First of all, how are you determining which processes? Is it sort of process driven? Is it data driven? How do you determine that? >> So obviously right now the focus still is COVID. So the the priorities scale that we've set internally for analyzing those opportunities really is centered around, you know, which things are really going to help our pandemic response, right? We're expecting another surge that's going to happen probably in the next couple of weeks. That'll probably take us through December. Hopefully, at that point, things start to calm down. But that means high-data volume again; these same process. So we're looking at optimizing the processes that we have, what can we do to make those cycles better, faster, you know, what else can we add? The data teams haven't stopped to try to figure out how else can they turn out new data reports, new data analysis, to give us a different perspective on the new variants and the new different outbreaks and hotspots that are popping up. And so we also have to kind of keep up with where they're going on these data dashboards. So they're adding more data into these reports so we know we have to optimize that. And then there's these kind of tangential work. So for example, COVID brought about, unfortunately, a lot of domestic violence reports. And so we have a lot of domestic violence agencies that we work with and that we have interactions with and to monitor their work, we have certain processes. So that's kind of like COVID-adjacent. But it's because it's such a very critical task, we're looking at how we can kind of help in those processes and areas. Same thing in like in our substance abuse area. We have substance use disorder treatment services that we provide. And we're delivering those at a higher rate because COVID kind of created more of a crisis than we would've liked. And so that's how we're prioritizing. It's really about what is the social need, what does the community need, and how can we put the technology work in those areas? >> So how do you envision the future of automation in your organization and the future of your organization? What does that look like? Paint a picture for us. >> So I'm hoping that it really does, you know, so we're going to take everything that's COVID related in the disease control areas, both in terms of our laboratory operations, in terms of our clinic operations, the way we respond, vaccination campaigns, things of that nature. And we're going to look at it to see what can efficiencies can we do there because it's a natural outgrowth of everything we've done on COVID up to this point. So, you know, it's almost like it's as simple as you're just replicating it with another disease. The disease might have different characteristics, but the work process that we follow is very similar. It's not like we're going to change everything and do something completely different for a respiratory condition as we would for some other type of foodborne condition or something else that might happen. So we certainly see very easy opportunities to just to grow out what we've already done in terms of the processes is to do that. So that's wave one, is really focus on that grow out. The second piece I think is to look at these kind of other general kind of community-based type of operations and see what operations we can do there to kind of implement some improvements there. And then I'm certainly in my new role of, in Deputy Director of Operation, I'm a CIO before. Now that I'm in this operations role, I have access to the full administrative apparatus for the department. And believe me, there's enough to keep me busy there. (Dave V. Laughing) And so that's going to be kind of my third prong is to kind of look at the implement there. >> Awesome. Go ahead, Dave. >> Yeah, so, this is going to be taking a step back, kind of a higher level view. If we could direct the same level of rigor and attention towards some other thing that we've directed towards COVID, if you could snap your fingers and make that happen, what would that thing be in the arena of public health in LA County in particular, or if you want California, United States. What is something that you feel maybe needs more attention that it's getting right now? >> So I think I touched on it a little bit earlier, but I think it's the thing we've been always been trying to get to is how to really become just very intentional about how we share data more actively, right? I don't have to know everything about you, but there are certain things I care about when you go to the doctor for that doctor and that physician to tell me. Our physicians, our healthcare system as you know, is always under a lot of pressure. Doctors don't have the time to sit down and write a form out for me and tell me everything that's going on. During COVID they did because they were, they cared about their patients so much and knew, I need to know what's going on at every single moment. And if I don't tell you what's going on in my office, you'll never know and can't tell us what's going on in the community. So they had a vested interest in telling us. But on a normal day-to-day, they don't have the time for that. I got to replace that. We got to make sure that when we get to, not me only, but everyone in this public health community has to be focused and working with our healthcare partners to automate the dissemination and the distribution of information so that I have the information at my fingers, that I can then tell you, "Here's what's going on in your local community," down to your neighborhood, down to your zip code, your census tracked, down to your neighbors' homes. We'll be able to tell you, "This is your risk. Here are the things that are going on. This is what you have to watch out for." And the more that we can be more that focused and laser-focused on meeting that goal, we will be able to do our job more effectively. >> And you can do that while preserving people's privacy. >> Privacy, absolutely. >> Yeah, absolutely. But if people are informed then they can make their own decisions. >> Correct. >> And they're not frustrated at the systems. David, we got to wrap. >> Sure. >> But maybe you can help us. What's your impression of the, first of all, is this your first Forward? You've been to others? >> This is my first time. >> Okay. >> My first time. >> What's your sort of takeaway when you go back to the office or home and people say, "Hey, how was the show? What, what'd you learn?" What are you going to say? >> Well, from just seeing all the partners here and kind of seeing all the different events I've been able to go to and the sessions there's, you don't know many times I've gone to and say, "We've got to be doing that." And so there's certainly these opportunities for, you know, more AI, more automation opportunities that we have not, we just haven't even touched on really. I think that we really need to do that. I have to be able to, as a public institution at some point our budgets get capped. We only have so much that we're going to receive. Even riding this wave, there's only so much we're going to be able to get. So we have to be very efficient and use our resources more. There's a lot more that we can do with AI, a lot more with the tools that we saw, some of the work product that are coming out at this conference that we think we can directly apply to kind of take the humans out of that, their traditional roles, get them doing higher level work so I can get the most out of them and have this other more mundane type of work, just have the systems just do it. I don't need anybody doing that necessarily, that work. I need to be able to leverage them for other higher level capabilities. >> Well thank you for that. Thanks for coming on theCUBE and really appreciate. Dave- >> It's been great talking to you guys, thank you. >> Dave, you know, I love software shows because the business impact is so enormous and I especially love cool software shows. You know, this first of all, the venue. 3,500 people here. Very cool venue. I like the fact that it's not like booth in your face, booth competition. I mean I love VMware, VMworld, VMware Explore. But it's like, "My booth is bigger than your booth." This is really nice and clean, and it's all about the experience. >> A lot of steak, not as much sizzle. >> Yeah, definitely. >> A lot of steak. >> And the customer content at the UiPath events is always outstanding. But we are entering a new era for UiPath, and we're talking. We heard a lot about the Enterprise platform. You know, the big thing is this company's been in this quarterly shock-lock since last April when it went public. And it hasn't all been pretty. And so new co-CEO comes in, they've got, you know, resetting priorities around financials, go to market, they've got to have profitable growth. So watching that that closely. But also product innovation so the co-CEOs will be able to split that up, split their duties up. Daniel Dines the product visionary, product guru. Rob Enslin, you know- making the operations work. >> Operations execution business, yeah. >> We heard that Carl Eschenbach did the introduction. Carl's a major operator, wanted that DNA into the company. 'Cause they got to keep product innovation. And I want to, I want to see R&D spending, stay relatively high. >> Product innovation, but under the heading of platform. And that's the key thing is just not being that tool set. The positioning has been, I think, accurate that, you know, over history, we started with these RPA tools and now we've moved into business process automation and now we're moving into new frontiers where, where truly, AI and ML are being leveraged. I love the re-infer story about going in and using natural national (chuckles) national, natural language processing. I can't even say it, to go through messaging. That's sort of a next-level of intelligence to be able to automate things that couldn't be automated before. So that whole platform story is key. And they seem to have made a pretty good case for their journey into platform as far as I'm concerned. >> Well, yeah, to me again. So it's always about the customers, want to come to an event like this, you listen to what they say in the keynotes and then you listen to what the customers say. And there's a very strong alignment in the UiPath community between, you know, the marketing and the actual implementation. You know, marketing's always going to be ahead. But, we saw this a couple of years ago with platform. And now we're seeing it, you know, throughout the customer base, 10,000+ customers. I think this company could have, you know, easily double, tripled, maybe even 10x that. All right, we got to wrap. Dave Nicholson, thank you. Two weeks in a row. Good job. And let's see. Check out siliconangle.com for all the news. Check out thecube.net; wikibon.com has the research. We'll be on the road as usual. theCUBE, you can follow us. UiPath Forward 5, Dave Vellante for Dave Nicholson. We're out and we'll see you next time. Thanks for watching. (gentle music)

>> From the Amazon Meeting Center in downtown Seattle, it's theCUBE. Covering: Imagine A Better World, A Global Education Conference. Sponsored by Amazon Web Services. >> Hey welcome back everybody, Jeff Frick here with theCUBE. We're in downtown Seattle at the AWS IMAGINE education event, first time ever, 900 people registered, over 20 countries represented, Teresa gave the keynote, a lot of exciting stuff. And one of the big announcements is some of the work that's happening down in Los Angeles with all the community colleges there. We're excited to have, right off the keynote stage, he's Bill Allen, the CEO of the LA Economic Development Corporation, who's been instrumental in getting this thing off the ground. Bill, good to see you. >> Jeff, it's great to be with you today. This is an exciting moment for us, rolling out this very successful pilot program to all 19 colleges that are part of the LA Regional Consortium. >> So let's jump in, it's called the CA Cloud Workforce Project. >> Yeah, the California Cloud Workforce Project. We have obviously millions of businesses in California, in our own region 250,000 business with employees that are looking to convert to the cloud, take advantage of the exciting tools and resources available to them in the cloud, but they need the skilled workers in these firms to help migrate this transition and that's what our community colleges are stepping up to provide with the help of Amazon Web Services and AWS Educate. >> So it's really interesting cause you know it's a special role that community colleges play within the whole education system, and we could have a whole long debate over adult beverages on a Friday about the state of the education system but specifically here, there is a huge gap and people think technology's taking jobs away. They're taking some jobs away, but they're opening up a ton of new jobs and go no further than looking at the jobs open recs, there's lots and lots and lots of jobs to fill. So how did it come to be to tie that back directly to real skills, that you can actually have real kids take real jobs? >> Well we see these transitions happening all across the industry sectors in Los Angeles and we have a broad array: aerospace, entertainment, digital media, life sciences, transportation logistics. >> It's the little technology, right. >> Advanced transportation. they're all undergoing significant changes and they're all becoming more technology enabled, more technology dependent. And the opportunity exists to train workers for these technology enabled jobs that provide good wages and good benefits, and help our businesses compete globally and take advantage, fully leverage all these advances and innovations. We formed a center for a competitive workforce with all of our 19 colleges, using their labeled market researcher economists and our own economists in the institute for applied economics at the LAEDC, to study the evolving demand for labor and skills in the various occupations in these industry sectors and compare that against the supply side of our labor market. >> Right, right. >> To enhance our talent development pipeline, and its led to new programs such as this. This was one of the clear areas of opportunity was cloud computing skills. The first program we launched at Santa Monica College, had two sections they rapidly sold out, we had to expand it to seven sections. More than 300 students participated in the first year of courses. 230 are signed up for this Fall 2018. And it's an extraordinarily successful program, but now the other 18 community college presidents have all stepped up and said we're going to roll this out on our campuses beginning this August at East Los Angeles college and historic East LA, part of our community which, speaks to the diversity opportunities. >> Right. >> We have a very diverse population in Los Angeles and many of our communities have been underrepresented historically in the technology fields. They are really interested in accessing the skills and opportunities, and they are really taking up these courses with enthusiasm from our local high schools to our community colleges. And I think it's going to help us in Los Angeles really diversity our technology workforce, and that helps our companies expand globally. >> Right, so I'm just curious, what are some of the skills when you did the research that popped up in terms of specific types of jobs? Because we've all see the pictures of data centers, they are usually pretty clean, there's not a lot of people walking around. But there are people that really need to make it go. So what were some of those kind of job titles and job skills that leapt out that have such demand, and field demand. >> There's so much need for data scientist, there's so much need for machine learning capabilities, there's so much need for basic cloud computing, cyber security, really all of these advanced technologies that are data dependent, data analytic, data science, really are emerging as important components of each and every industry sector that I mentioned earlier that exists in our community and throughout the world. And so our job is to try and share that knowledge with our community colleges, our state universities, our four year public and private institutions, and even our k-12 institutions so they can begin to adjust their curriculum to ensure that they're creating pathways of learning at the earliest ages, and then specific coursework in these emerging opportunities throughout the career ladder, throughout the career development pipeline in the LA area. >> So I want to touch base on the k-12 because I think an interesting component of this program is each community college is paired up with at least one, I don't know if there's more than one high school in their area. And it's always been kind of interesting to me that it's been so hard to get kind of CS baked into kind of the standard high school curriculum. You've got kind of the standard math track with trig and Calc, and Algebra I and Algebra II, you've got kind of the standard science track with Physics, and Bio, and Chem. But it's been really hard to wedge CS into that. So are you finding with programs like this, kind of the adoption or the embracing of the CS curriculum at these lower, lower levels is finally getting some steam? >> We are, interestingly our students have often been ahead of our institutions in understanding the demand and the opportunity, and they've been clamoring for these kinds of opportunities. And our industries are becoming more aware of the roll that they can play in helping our schools develop the curriculum, purchase, acquire, maintain the equipment associated with this. Whether it's hardware, or software. And these partnerships that are emerging originally around some theme based academies in our schools, both charter schools and traditional public schools have been helping the broader school districts engage more deeply in the development of curriculum to prepare a more technologically literate workforce for the future. >> Right, now what if you could speak a little to the public private partnership. You're with the economic development corporation, you mentioned LA chamber of commerce's involved and now you've got a big company like AWS, there's a lot of resources to bring to bare and also a lot of open job recs. How does that work, and how have they helped you partner with Amazon AWS kind of move your initiative forward? >> So Amazon and the AWS platform have been terrific partners and specifically the AWS education initiative, have been terrific partners and are really shining the way, lighting the path for other major employers in our region. The students who graduate with this program will not only be valuable to Amazon itself but so many of its customers who are migrating to the cloud platform. But we have companies like Northrop Grumman who are partnering with community colleges to develop talent for their joint strike fighter program in the North end of our county, and hiring people for well paying jobs. Amazon has premier partners in their AWS educate partner program like Anaca who are providing internships for the graduates of this program. So the public and private sector are working closely together, that's why the LAEDC and the LA chamber were asked to get involved in this so we can bring employers to the table, who are really forward looking in their approaches to developing their future talent pipeline. And really desirous of developing the more diverse talent base that is in Los Angeles to fill the needs as so many of the workers in these industries are aging out of the workforce. We need a significant number of newly skilled young people in our communities to take on the future of each of these industries. >> Right, so we're both big fans of Teresa Carlson she kicked things off today. If we come back a year from today, which I assume we will, what are we going to be talking about? How do you see kind of the next year? What are your kind of short term goals and more medium term goals? I won't even ask you about long term goals. >> As I mentioned we had a few hundred students sign up for this so much so that we had to expand the sections from two to seven, I think you're going to see thousands of students taking advantage of this across our region. We have 300,000 students in our community colleges in this LA regional consortium. >> 300 thousand? >> 300 thousand students. >> Make a big impact. >> And I think a significant number of them are going to want to avail themselves of these types of opportunities. We're projecting through our center for competitive workforce, thousands of job openings in this area and so we have a ways to go of scaling this up to the thousands of students who should be taking these courses, and preparing themselves for the well paying jobs in these careers in Los Angeles and the broader Southern California mega region for which our community colleges train such a healthy percentage of our workforce. >> Alright Bill, well sounds like you're off and running, and wish you nothing but the best. >> Jeff, thanks so much, great talking to you. >> Alright, he's Bill, I'm Jeff. You're watching theCUBE! We're at AWS Imagine education in Seattle. Thanks for watching. (upbeat music)

>> From the Amazon Meeting Center in Downtown Seattle, it's the theCUBE. Covering, Imagine: A Better World, a global education conference, sponsored by Amazon Web Services. >> Hey welcome back everybody. Jeff Rick here with theCUBE. We're in Downtown Seattle Washington at the AWS Imagine Education Conference. First one they've ever done about 900 registrants. People from over 20 countries are here. Theresa Carlson gave the kickoff and it's a pretty exciting event. We've seen this movie before with Amazon. They get involved in a project, and it grows and grows and grows. So this is all about education. It's about education institutions. It's about students obviously, which are the core of education, and we're really excited to have our next guest. It was a big announcement that happened today. He's Marvin Martinez, the President of East Los Angeles College. Marvin great to see you. >> Thank you, pleasure to be here. >> So you're getting ready to go up on stage. it's a big announcement so tell about what it is. It's called the California Cloud... >> Computing. >> Computing Initiative. >> So this is what we've done. We've been developing for the last year a certificate where students can take a number of classes, which is basically a total of 15 units, and they're able to earn at the end of 15 units, a certificate in cloud computing. And the goal is to get them trained quickly to get them out to work quickly. Eventually we hope that the certificate evolves into a degree program, so then we're hoping that the students come back and they get their associate of our certificate and they're able to get even a better job, which is really the goal of this program is we want to get them started, want to get them excited, get them into an entry-level type of job, then they will know they like it. They're going to come back. They'll get that degree, you know do even better right. >> So let me, I just want to make sure I get this. This is a California Cloud Workforce Project. So it's really about the workforce and giving these kids the skills. So it's funny though Marvin where everybody says technology is taking away jobs. They forget yeah they take away some jobs, but there's new jobs created. >> All the time. >> All the time, there's a ton of openings especially in the engineering field and in the cloud, but so what are some of the cloud skills specifically that that kids are taking to get the certificate? >> Well you know the skills they're taking specifically so they could eventually work with some of the major industries in our area. Obviously from Amazon and other similar industries and similar businesses, and there's many of them. Los Angeles you know quickly is becoming the new Silicon Valley. So a lot of industries are moving. They call us all the time, they call me all the time, and say that you have trained students. We will hire them right now and we'll pay them a good salary. So no doubt it's a motivation for us because that's who we are as community colleges. We are here to serve students. We are here to get them trained, get them up there quickly and respond to the needs of industry, that area. >> So it's a really interesting planning that it's the community colleges that you guys have all come together. I think the number's 19 as part of this. So A, you know that you're doing it as a unified effort. So kids at a broad area can take advantage, and also you're also partnering with individual high schools. Each Community College is partners with an individual high school. So how does that work? How does that kind of come into fruition? >> Well you know, one thing that we want to do is that as we work with high schools, high schools today are also under pressure to ensure that their students are being trained well and that if they just get a high school diploma they can go and work somewhere. But also today high schools are getting smart. They're saying hey how do we work with a local college so that when students graduate, they graduate with a high school diploma and a degree from a college. So and why are they doing that because they know in order to be competitive, a young person needs to have these degrees. Today if you want to be competitive a high school diploma may not be enough. So we notice that motivation there. Secondly we're able to get students on a college campus, get them developed get them, they're mature, get them to take a college-level course and then they're able to go out and obviously and work once they complete this program. So the relationship is a natural one. It's one that high schools are seeking from us, which is great. That has not been the case all the time. Usually we've gone to them, but now they're coming to us and saying we need you help us out. >> The part I like about it too is the kids are smart. And they're like why am I taking philosophy? How am I going to use philosophy in my job, that or why am I taking this or why am I taking that? These are really concrete skills that A, they can go look in the newspaper today or I guess I don't know if they look in newspaper for jobs because couldn't find a newspaper if you threw it at them, but they could go seek the job listings at the Amazon sites and also they are working with this technology, they live in this technology, so it's not something foreign or something new. It's something they experience every day. So it's got to be a pretty easy sell I would imagine. >> It's an easy sell. Young people today are different than the way that we grew up. I grew up at a time where there were no cell phones, there was no bottled water. It was a whole different time. Young people today as you're seeing grow up with these technologies. It's part of the who they are. They more than just embraced it. So they welcome to use it in any way they can. So when we propose programs like these, guess what happens? They enroll en masse and that's because they understand it. They identify with it. Will they be willing to enroll in a Shakespeare class? They might but not as much as a class like this one. So no doubt the population today has changed, so part of my job is to introduce programs on the campus that I know will generate that kind of enrollment and interest. So we know that a program like this will do that and we just need to recognize the fact that the world has changed. Let me just add that we don't do that world's education institutions. As institutions we're some of the most conservative institutions in the history of this country. So for us to change it takes quite a lot. So what's forcing us to change, what was forcing us to change is that enrollment is down and not just in many of our colleges in LA but throughout the country. Enrollment is-- >> In Community colleges generally or colleges in general? Community colleges. >> Community colleges throughout the nation enrollment is down. And enrollment is down for a number of reasons. There's more jobs out there, so students are looking to go out and work, but also enrollment is down because of the curriculum and the courses that we have are just not interesting to them. So I think a program like this will help the campus. A program like this will get more students to come and take advantage of an incredible education that they can get at our campuses. >> I was just curious kind of what were the drivers of enrollment before that have kind of fallen away? Was it a particular type of skill set? Was it just that they don't want it generic anymore? They got to go get a job? I'm just curious if there was something that you had before that was appealing that you have now that's just not appealing anymore? >> Good questions. So the last time our economy was in bad shape when the employment was down. That was back around 2008-2009. Well guess what happened in our campuses? Enrollment was up. So when the economy is in bad shape people come back to school. When the economy is in great shape like it is today where there is a lot of jobs, enrollment is down. So we don't see the economy going down at all in a number of years. >> Anytime soon. >> So we have to develop programs that we think will be of interest to students first. Secondly we have to respond to the needs of the new economy. The new economy is now being dominated by these new technologies. We know about it, young people know about it. So when we develop a program like this and we know that it will generate interest. It will generate enrollment. And in many ways that's what drives the funding for a college. We're funded on the basis of how many people we enroll. So if we don't enroll a lot people, we have less money, so no doubt there's a motivation for us, a motivation for the entire system, to really partner with Amazon. And figure out a way for us to really get students train and to get them, hopefully get them a good job. >> So you segued perfectly. My last question was going to be kind of the role of Amazon in AWS, in terms of being a partner. I mean they obviously you know are thinking about things. Theresa's fantastic. She just talked about being from an education family, but at the same time you know they have their own reasons to do it. They need workers right? They need people to fill these jobs to fulfill Amazon's own growth beyond their ecosystem, their partners and customers etcetera. So what does it mean for you as an educator and part of this consortium of community colleges to have somebody like AWS come in and really help you codevelop and drive these types of new programs? >> Well it means everything. Number one we know that Amazon is a major employer. We know that the jobs that they have available are good-paying jobs. They have a career path and so we know it's a good direction for young people to take. So part of my job as an educator is many ways it's like a parent. You want to take care of your family, you want to take care of the kids and put them in the right path so they have the most success possible. Amazon offers that kind of path. So for us to partner with someone like Amazon is great. Secondly, students know who Amazon is. I don't have to sell them. They know who they are, and they know what Amazon can do and they know that it's a great career path for them. So now that I think it could be a great partnership for us but also it's an opportunity for Amazon to even continue further developing that workforce in Los Angeles in California. >> Alright Marvin, well thank you so much for spending a few minutes and I wish you nothing but the best with this California Cloud Workforce Project. Make sure I get it right? >> It's right. Thank you so much, I appreciate it. >> Thank you, alright he's Marvin, I'm Jeff. You're watching theCUBE. We're in Seattle at the Amazon Imagine Education event. First time ever, keep watching. It's going to grow and grow and grow. Thanks for watching. (electronic music)

(bright upbeat music) >> Greetings, brilliant community and thank you so much for tuning in to theCUBE here for the last three days where we've been live from Detroit, Michigan. I've had the pleasure of spending this week with Lisa Martin and John Furrier. Thank you both so much for hanging out, for inviting me into the CUBE family. It's our first show together, it's been wonderful. >> Thank you. >> You nailed it. >> Oh thanks, sweetheart. >> Great job. Great job team, well done. Free wall to wall coverage, it's what we do. We stay till everyone else-- >> Savannah: 100 percent. >> Everyone else leaves, till they pull the plug. >> Lisa: Till they turn the lights out. We're still there. >> Literally. >> Literally last night. >> Still broadcasting. >> Whatever takes to get the stories and get 'em out there at scale. >> Yeah. >> Great time. >> 33. 33 different segments too. Very impressive. John, I'm curious, you're a trend watcher and you've been at every single KubeCon. >> Yep. >> What are the trends this year? Give us the breakdown. >> I think CNCF does this, it's a hard job to balance all the stakeholders. So one, congratulations to the CNCF for another great KubeCon and CloudNativeCon. It is really hard to balance bringing in the experts who, as time goes by, seven years we've been all of, as you said, you get experts, you get seniority, and people who can be mentors, 60% new people. You have vendors who are sponsoring and there's always people complaining and bitching and moaning. They want this, they want that. It's always hard and they always do a good job of balancing it. We're lucky that we get to scale the stories with CUBE and that's been great. We had some great stories here, but it's a great community and again, they're inclusive. As I've said before, we've talked about it. This year though is an inflection point in my opinion, because you're seeing the developer ecosystem growing so fast. It's global. You're seeing events pop up, you're seeing derivative events. CNCF is at the center point and they have to maintain the culture of developer experts, maintainers, while balancing the newbies. And that's going to be >> Savannah: Mm-hmm. really hard. And they've done a great job. We had a great conversation with them. So great job. And I think it's going to continue. I think the attendance metric is a little bit of a false positive. There's a lot of online people who didn't come to Detroit this year. And I think maybe the combination of the venue, the city, or just Covid preferences may not look good on paper, on the numbers 'cause it's not a major step up in attendance. It's still bigger, but the community, I think, is going to continue to grow. I'm bullish on it. >> Yeah, I mean at least we did see double the number of people that we had in Los Angeles. Very curious. I think Amsterdam, where we'll be next with CNCF in the spring, in April. I think that's actually going to be a better pulse check. We'll be in Europe, we'll see what's going on. >> John: Totally. >> I mean, who doesn't like Amsterdam in the springtime? Lisa, what have been some of your observations? >> Oh, so many observations. The evolution of the conference, the hallway track conversations really shifting towards adjusting to the enterprise. The enterprise momentum that we saw here as well. We had on the show, Ford. >> Savannah: Yes. We had MassMutual, we had ING, that was today. Home Depot is here. We are seeing all these big companies that we know and love, become software companies right before our eyes. >> Yeah. Well, and I think we forget that software powers our entire world. And so of course they're going to have to be here. So much running on Kubernetes. It's on-prem, it's at the edge, it's everywhere. It's exciting. Woo, I'm excited. John, what do you think is the number one story? This is your question. I love asking you this question. What is the number one story out KubeCon? >> Well, I think the top story is a combination of two things. One is the evolution of Cloud Native. We're starting to see web assembly. That's a big hyped up area. It got a lot of attention. >> Savannah: Yeah. That's kind of teething out the future. >> Savannah: Rightfully so. The future of this kind of lightweight. You got the heavy duty VMs, you got Kubernetes and containers, and now this web assembly, shows a trajectory of apps, server-like environment. And then the big story is security. Software supply chain is, to me, was the number one consistent theme. At almost all the interviews, in the containers, and the workflows, >> Savannah: Very hot. software supply chain is real. The CD Foundation mentioned >> Savannah: Mm-hmm. >> they had 16,000 vulnerabilities identified in their code base. They were going to automate that. So again, >> Savannah: That was wild. >> That's the top story. The growth of open source exposes potential vulnerabilities with security. So software supply chain gets my vote. >> Did you hear anything that surprised you? You guys did this great preview of what you thought we were going to hear and see and feel and touch at KubeCon, CloudNativeCon 2022. You talked about, for example, the, you know, healthcare financial services being early adopters of this. Anything surprise either one of you in terms of what you predicted versus what we saw? Savannah, let's start with you. >> You know what really surprised me, and this is ironic, so I'm a community gal by trade. But I was really just impressed by the energy that everyone brought here and the desire to help. The thing about the open source community that always strikes me is, I mean 187 different countries participating. You've got, I believe it's something like 175,000 people contributing to the 140 projects plus that CNCF is working on. But that culture of collaboration extends far beyond just the CNCF projects. Everyone here is keen to help each other. We had the conversation just before about the teaching and the learnings that are going on here. They brought in Detroit's students to come and learn, which is just the most heartwarming story out of this entire thing. And I think it's just the authenticity of everyone in this community and their passion. Even though I know it's here, it still surprises me to see it in the flesh. Especially in a place like Detroit. >> It's nice. >> Yeah. >> It's so nice to see it. And you bring up a good point. It's very authentic. >> Savannah: It's super authentic. >> I mean, what surprised me is one, the Wasm, or web assembly. I didn't see that coming at the scale of the conversation. It sucked a lot of options out of the room in my opinion, still hyped up. But this looks like it's got a good trajectory. I like that. The other thing that surprised me that was a learning was my interview with Solo.io, Idit, and Brian Gracely, because he's a CUBE alumni and former host of theCUBE, and analyst at Wikibon, was how their go-to-market was an example of a modern company in Covid with a clean sheet of paper and smart people, they're just doing things different. They're in Slack with their customers. And I walked away with, "Wow that's like a playbook that's not, was never, in the go-to-market VC-backed company playbook." I thought that was, for me, a personal walk away saying that's important. I like how they did that. And there's a lot of companies I think could learn from that. Especially as the recession comes where partnering with customers has always been a top priority. And how they did that was very clever, very effective, very efficient. So I walked away with that saying, "I think that's going to be a standard." So that was a pleasant surprise. >> That was a great surprise. Also, that's a female-founded company, which is obviously not super common. And the growth that they've experienced, to your point, really being catalyzed by Covid, is incredibly impressive. I mean they have some massive brand name customers, Amex, BMW for example. >> Savannah: Yeah. >> Great point. >> And I interviewed her years ago and I remember saying to myself, "Wow, she's impressive." I liked her. She's a player. A player for sure. And she's got confidence. Even on the interview she said, "We're just better, we have better product." And I just like the point of view. Very customer-focused but confident. And I just took, that's again, a great company. And again, I'm not surprised that Brian Gracely left Red Hat to go work there. So yeah, great, great call there. And of course other things that weren't surprising that I predicted, Red Hat continued to invest. They continue to bring people on theCUBE, they support theCUBE but more importantly they have a good strategy. They're in that multicloud positioning. They're going to have an opportunity to get a bite at the apple. And I what I call the supercloud. As enterprises try to go and be mainstream, Cloud Native, they're going to need some help. And Red Hat is always has the large enterprise customers. >> Savannah: What surprised you, Lisa? >> Oh my gosh, so many things. I think some of the memorable conversations that we had. I love talking with some of the enterprises that we mentioned, ING Bank for example. You know, or institutions that have been around for 100 plus years. >> Savannah: Oh, yeah. To see not only how much they've innovated and stayed relevant to meet the demands of the consumer, which are only increasing, but they're doing so while fostering a culture of innovation and a culture that allows these technology leaders to really grow within the organization. That was a really refreshing conversation that I think we had. 'Cause you can kind of >> Savannah: Absolutely. think about these old stodgy companies. Nah, of course they're going to digitize. >> Thinking about working for the bank, I think it's boring. >> Right? >> Yeah. And they were talking about, in fact, those great t-shirts that they had on, >> Yeah, yeah, yeah, yeah. were all about getting more people to understand how fun it is to work in tech for ING Bank in different industries. You don't just have to work for the big tech companies to be doing really cool stuff in technology. >> What I really liked about this show is we had two female hosts. >> Savannah: Yeah. >> How about that? Come on. >> Hey, well done, well done on your recruitment there, champ. >> Yes, thank you boss. (John laughs) >> And not to mention we have a really all-star production team. I do just want to give them a little shout out. To all the wonderful folks behind the lines here. (people clapping) >> John: Brendan. Good job. >> Yeah. Without Brendan, Anderson, Noah, and Andrew, we would be-- >> Of course Frank Faye holding it back there too. >> Yeah, >> Of course, Frank. >> I mean, without the business development wheels on the ship we'd really be in an unfortunate spot. I almost just swore on television. We're not going to do that. >> It's okay. No one's regulating. >> Yeah. (all laugh) >> Elon Musk just took over Twitter. >> It was a close call. >> That's right! >> It's going to be a hellscape. >> Yeah, I mean it's, shit's on fire. So we'll just see what happens next. I do, I really want to talk about this because I think it's really special. It's an ethos and some magic has happened here. Let's talk about Detroit. Let's talk about what it means to be here. We saw so many, and I can't stress this enough, but I think it really matters. There was a commitment to celebrating place here. Lisa, did you notice this too? >> Absolutely. And it surprised me because we just don't see that at conferences. >> Yeah. We're so used to going to the same places. >> Right. >> Vegas. Vegas, Vegas. More Vegas. >> Your tone-- >> San Francisco >> (both laugh) sums up my feelings. Yes. >> Right? >> Yeah. And, well, it's almost robotic but, and the fact that we're like, oh Detroit, really? But there was so much love for this city and recognizing and supporting its residents that we just don't see at conferences. You uncovered a lot of that with your swag-savvy segments, >> Savannah: Yeah. >> And you got more of that to talk about today. >> Don't worry, it's coming. Yeah. (laughs) >> What about you? Have you enjoyed Detroit? I know you hadn't been here in a long time, when we did our intro session. >> I think it's a bold move for the CNCF to come here and celebrate. What they did, from teaching the kids in the city some tech, they had a session. I thought that was good. >> Savannah: Loved that. I think it was a risky move because a lot of people, like, weren't sure if they were going to fly to Detroit. So some say it might impact the attendance. I thought they did a good job. Their theme, Road Ahead. Nice tie in. >> Savannah: Yeah. And so I think I enjoyed Detroit. The weather was great. It didn't rain. Nice breeze outside. >> Yeah. >> The weather was great, the restaurants are phenomenal. So Detroit's a good city. I missed some hockey games. I'd love to see the Red Wings play. Missed that game. But we always come back. >> I think it's really special. I mean, every time I talked to a company about their swag, that had sourced it locally, there was a real reason for this story. I mean even with Kasten in that last segment when I noticed that they had done Carhartt beanies, Carhartt being a Michigan company. They said, "I'm so glad you noticed. That's why we did it." And I think that type of, the community commitment to place, it all comes back to community. One of the bigger themes of the show. But that passion and that support, we need more of that. >> Lisa: Yeah. >> And the thing about the guests we've had this past three days have been phenomenal. We had a diverse set of companies, individuals come on theCUBE, you know, from Scott Johnston at Docker. A really one on one. We had a great intense conversation. >> Savannah: Great way to kick it off. >> We shared a lot of inside baseball, about Docker, super important company. You know, impressed with companies like Platform9 it's been around since the OpenStack days who are now in a relevant position. Rafi Systems, hot startup, they don't have a lot of resources, a lot of guerilla marketing going on. So I love to see the mix of startups really contributing. The big players are here. So it's a real great mix of companies. And I thought the interviews were phenomenal, like you said, Ford. We had, Kubia launched on theCUBE. >> Savannah: Yes. >> That's-- >> We snooped the location for KubeCon North America. >> You did? >> Chicago, everyone. In case you missed it, Bianca was nice enough to share that with us. >> We had Sarbjeet Johal, CUBE analyst came on, Keith Townsend, yesterday with you guys. >> We had like analyst speed dating last night. (all laugh) >> How'd that go? (laughs) >> It was actually great. One of the things that they-- >> Did they hug and kiss at the end? >> Here's the funny thing is that they were debating the size of the CNC app. One thinks it's too big, one thinks it's too small. And I thought, is John Goldilocks? (John laughs) >> Savannah: Yeah. >> What is John going to think about that? >> Well I loved that segment. I thought, 'cause Keith and Sarbjeet argue with each other on Twitter all the time. And I heard Keith say before, he went, "Yeah let's have it out on theCUBE." So that was fun to watch. >> Thank you for creating this forum for us to have that kind of discourse. >> Lisa: Yes, thank you. >> Well, it wouldn't be possible without the sponsors. Want to thank the CNCF. >> Absolutely. >> And all the ecosystem partners and sponsors that make theCUBE possible. We love doing this. We love getting the stories. No story's too small for theCUBE. We'll go with it. Do whatever it takes. And if it wasn't for the sponsors, the community wouldn't get all the great knowledge. So, and thank you guys. >> Hey. Yeah, we're, we're happy to be here. Speaking of sponsors and vendors, should we talk a little swag? >> Yeah. >> What do you guys think? All right. Okay. So now this is becoming a tradition on theCUBE so I'm very delighted, the savvy swag segment. I do think it's interesting though. I mean, it's not, this isn't just me shouting out folks and showing off t-shirts and socks. It's about standing out from the noise. There's a lot of players in this space. We got a lot of CNCF projects and one of the ways to catch the attention of people walking the show floor is to have interesting swag. So we looked for the most unique swag on Wednesday and I hadn't found this yet, but I do just want to bring it up. Oops, I think I might have just dropped it. This is cute. Is, most random swag of the entire show goes to this toothbrush. I don't really have more in terms of the pitch there because this is just random. (Lisa laughs) >> But so, everyone needs that. >> John: So what's their tagline? >> And you forget these. >> Yeah, so the idea was to brush your cloud bills. So I think they're reducing the cost of-- >> Kind of a hygiene angle. >> Yeah, yeah. Very much a hygiene angle, which I found a little ironic in this crowd to be completely honest with you. >> John: Don't leave the lights on theCUBE. That's what they say. >> Yeah. >> I mean we are theCUBE so it would be unjust of me not to show you a Rubik's cube. This is actually one of those speed cubes. I'm not going to be able to solve this for you with one hand on camera, but apparently someone did it in 17 seconds at the booth. Knowing this audience, not surprising to me at all. Today we are, and yesterday, was the t-shirt contest. Best t-shirt contest. Today we really dove into the socks. So this is, I noticed this trend at KubeCon in Los Angeles last year. Lots of different socks, clouds obviously a theme for the cloud. I'm just going to lay these out. Lots of gamers in the house. Not surprising. Here on this one. >> John: Level up. >> Got to level up. I love these 'cause they say, "It's not a bug." And anyone who's coded has obviously had to deal with that. We've got, so Star Wars is a huge theme here. There's Lego sets. >> John: I think it's Star Trek. But. >> That's Star Trek? >> John: That's okay. >> Could be both. (Lisa laughs) >> John: Nevermind, I don't want to. >> You can flex your nerd and geek with us anytime you want, John. I don't mind getting corrected. I'm all about, I'm all about the truth. >> Star Trek. Star Wars. Okay, we're all the same. Okay, go ahead. >> Yeah, no, no, this is great. Slim.ai was nice enough to host us for dinner on Tuesday night. These are their lovely cloud socks. You can see Cloud Native, obviously Cloud Native Foundation, cloud socks, whole theme here. But if we're going to narrow it down to some champions, I love these little bee elephants from Raft. And when I went up to these guys, I actually probably would've called these my personal winner. They said, again, so community focused and humble here at CNCF, they said that Wiz was actually the champion according to the community. These unicorn socks are pretty excellent. And I have to say the branding is flawless. So we'll go ahead and give Wiz the win on the best sock contest. >> John: For the win. >> Yeah, Wiz for the win. However, the thing that I am probably going to use the most is this really dope Detroit snapback from Kasten. So I'm going to be rocking this from now on for the rest of the segment as well. And I feel great about this snapback. >> Looks great. Looks good on you. >> Yeah. >> Thanks John. (John laughs) >> So what are we expecting between now and KubeCon in Amsterdam? >> Well, I think it's going to be great to see how they, the European side, it's a chill show. It's great. Brings in the European audience from the global perspective. I always love the EU shows because one, it's a great destination. Amsterdam's going to be a great location. >> Savannah: I'm pumped. >> The American crowd loves going over there. All the event cities that they choose are always awesome. I missed Valencia cause I got Covid. I'm really bummed about that. But I love the European shows. It's just a little bit, it's high intensity, but it's the European chill. They got a little bit more of that siesta vibe going on. >> Yeah. >> And it's just awesome. >> Yeah, >> And I think that the mojo that carried throughout this week, it's really challenging to not only have a show that's five days, >> but to go through all week, >> Savannah: Seriously. >> to a Friday at 4:00 PM Eastern Time, and still have the people here, the energy and all the collaboration. >> Savannah: Yeah. >> The conversations that are still happening. I think we're going to see a lot more innovation come spring 2023. >> Savannah: Mm-hmm. >> Yeah. >> So should we do a bet, somebody's got to buy dinner? Who, well, I guess the folks who lose this will buy dinner for the other one. How many attendees do you think we'll see in Amsterdam? So we had 4,000, >> Oh, I'm going to lose this one. >> roughly in Los Angeles. Priyanka was nice enough to share with us, there was 8,000 here in Detroit. And I'm talking in person, we're not going to meddle this with the online. >> 6500. >> Lisa: I was going to say six, six K. >> I'm going 12,000. >> Ooh! >> I'm going to go ahead and go big I'm going to go opposite Price Is Right. >> One dollar. >> Yeah. (all laugh) That's exactly where I was driving with it. I'm going, I'm going absolutely all in. I think the momentum here is building. I think if we look at the numbers from-- >> John: You could go Family Feud >> Yeah, yeah, exactly. And they mentioned that they had 11,000 people who have taken their Kubernetes course in that first year. If that's a benchmark and an indicator, we've got the veteran players here. But I do think that, I personally think that the hype of Kubernetes has actually preceded adoption. If you look at the data and now we're finally tipping over. I think the last two years we were on the fringe and right now we're there. It's great. (voice blares loudly on loudspeaker) >> Well, on that note (all laugh) On that note, actually, on that note, as we are talking, so I got to give cred to my cohosts. We deal with a lot of background noise here on theCUBE. It is a live show floor. There's literally someone on an e-scooter behind me. There's been Pong going on in the background. The sound will haunt the three of us for the rest of our lives, as well as the production crew. (Lisa laughs) And, and just as we're sitting here doing this segment last night, they turned the lights off on us, today they're letting everyone know that the event is over. So on that note, I just want to say, Lisa, thank you so much. Such a warm welcome to the team. >> Thank you. >> John, what would we do without you? >> You did an amazing job. First CUBE, three days. It's a big show. You got staying power, I got to say. >> Lisa: Absolutely. >> Look at that. Not bad. >> You said it on camera now. >> Not bad. >> So you all are stuck with me. (all laugh) >> A plus. Great job to the team. Again, we do so much flow here. Brandon, Team, Andrew, Noah, Anderson, Frank. >> They're doing our hair, they're touching up makeup. They're helping me clean my teeth, staying hydrated. >> We look good because of you. >> And the guests. Thanks for coming on and spending time with us. And of course the sponsors, again, we can't do it without the sponsors. If you're watching this and you're a sponsor, support theCUBE, it helps people get what they need. And also we're do a lot more segments around community and a lot more educational stuff. >> Savannah: Yeah. So we're going to do a lot more in the EU and beyond. So thank you. >> Yeah, thank you. And thank you to everyone. Thank you to the community, thank you to theCUBE community and thank you for tuning in, making it possible for us to have somebody to talk to on the other side of the camera. My name is Savannah Peterson for the last time in Detroit, Michigan. Thanks for tuning into theCUBE. >> Okay, we're done. (bright upbeat music)

(gentle upbeat music) >> Hello everyone, and welcome back to KubeCon CloudNativeCon here in Detroit, Michigan. My name is Savannah Peterson, joined with John Furrier. John, we are in the meat of the conference. >> It's really in crunch time, day two of three days of wall-to-wall coverage and this next guest is running the show at CNCF, the OG and been in the community doing a great job. I'm looking forward to this segment. >> Me too. I'm even wearing... You may notice, I am in my CNCF tee, and I actually brought my tee from last year for those of you. And the reason I brought it, actually, I want to use this to help introduce our next guest is the theme last year was resistance realized, and I think that KubeCon this year is an illustration of that resistance realized. Please welcome Priyanka Sharma to the show. Priyanka, thank you so much for being here with us. >> Thank you for having me. >> This is your show. How are you feeling right now? What does it feel like to be here? >> It's all of our show. I am just another participant, but I am so happy to be here. I think this is our third hybrid in person back event. And the whole ecosystem, we seem to have gotten into the groove now. You know, the first one we did, was in LA >> Savannah: Yes. >> Where you have that shirt from. Then we went to Valencia, and now here in Detroit I could sense the ease in the attendees. I can sense that it just feels great for everyone to be here. >> Savannah: Yeah. >> And you guys, who were face to face in LA, but this is really kind of back face to face, somewhat normalized, right? >> Priyanka: Yeah. >> And so that's a lot of feedback there. What's your reaction? Because the community's changed so much in three years, >> Savannah: Yes. >> Even two years, even last year. Where do you see it now? Because there's so much more work to do, but it feels like it's just getting started, but also at the same time it feels like people are celebrating at the same time. >> Yeah. >> Kubernetes is mainstream, CloudNative at scale. >> Savannah: That feels like a celebration. >> People are talking about developer... more developers coming on board, more traction, more scale, more interoperability, just a lot of action. What's your thoughts? >> I think you're absolutely right that we are just getting started. I've been part of many open source movements and communities. This is... I think this is something special where we have our flagship project considered mainstream, but yet so much to be done right over there. I mean, you've seen announcements around more and more vendors coming to support the project in, you know, the boring but essential ways that happened I think this week, just today, I think. And so Kubernetes continues to garner support and energy, which is unique in the ecosystem, right? Because once something becomes mainstream, normally, it's like, "Okay, boring." (John laughs) But that's happening. And I think the reason for that is CloudNative. It's built upon Kubernetes and so much more than Kubernetes. >> We have 140 plus projects >> Absolutely. >> and folks have a choice to contribute to something totally cutting edge or something that's, you know, used by everyone. So, the diversity of options and room for innovation at the same time means this is just the beginning. >> And also projects are coming together too. >> Priyanka: Yes. >> You're starting to see formation, you're starting to see some defacto alignment. >> Priyanka: Yes. >> You're starting to see the- >> Priyanka: Clustering. >> Some visibility into how the big moves are being playing out, almost the harvesting of that hard work. >> Priyanka: Yes, I do think there is consolidation, but I would definitely say that there's consolidation and innovation. >> John: Yeah. >> And that is something... I genuinely have not seen this before. I think there are definitely areas we're all really focusing on. I talked a lot about security in my keynote because it continues to gain importance in CloudNative, whether that is through projects or through practices. The same, I did not mention this in my keynote, but around like, you know, continuous delivery generally the software delivery cycle, there's a lot coming together happening there. And, you know, >> John: Yeah. >> many other spaces. So, absolutely right. >> Let's dig in a little bit actually, because I'm curious. You get to see these 140 plus projects. >> Yes. >> What are some of the other trends that you're seeing, especially now, as we're feeling this momentum around Kubernetes? The excitement is back in the ecosystem. >> Yes. So, so much happening. But I would definitely say that like the underlying basis of all these projects, right? I brought that up in my keynote, is the maintainers. And I think the maintainer group, is the talent keeps thriving and growing, the load on them is very heavy though. >> Savannah: Yeah. >> And I do think there's a lot more we all company, the companies around us need to do to support these people, because the innovation they're bringing is unprecedented. Besides Kubernetes, which has its own cool stuff all the time. I think I'm particularly excited about the Argo projects. >> Savannah: Yeah. >> So, they're the quadruplets as I like to call them. Right? Because there's four of them within the Argo banner. I had Yuan from Argo on my keynote actually. >> Savannah: Oh, nice. >> Alongside Hiba from Kubernetes. And we talked about their maintainer journey. And it's interesting. Totally different projects. Same asks, you know, which is more support and time from employers, more ways to build up contributors and ultimately they love the CNCF marketing supports. >> That Argo project's really in a great umbrella. There are a lot of action going on. Arlon, I saw that. Got some traction. A lot of great stuff. The question I want to ask you, and I want to get your reaction to this, you know, we always go to a lot of events with theCUBE and you can always tell the vibrant of the ecosystem when you see developers doing stuff, projects going on. But when you start seeing the commercialization >> Priyanka: Yes. >> The news briefings coming out of this show feels a lot like reinvent, like it's like a tsunami. I've never seen this much news. Everyone's got a story, they got announcing products. >> Savannah: That was a lot of news. That's a great point, John. >> There was a lot of flow even from the CNCF. >> Yeah. >> What's your reaction to that? I mean like to me it's a tell sign of activity, certainly, >> Right. >> And engagement. >> Right. >> But there's real proof coming out, real visibility into the value propositions, >> Priyanka: Yes. >> rendering itself with real products. What's your reaction to the news flow? >> Absolutely. I think it's market proof, like you said, right? >> Savannah: Yeah. >> That we have awesome technologies that are useful to lots of people around the world. And I think that, I hope this continues to increase. And with the bite basket of project portfolios that's what I hope to see. CNCF itself will continue supporting the maintainers with things like conformance programs which are really essential when you are... when you have people building products on top of your projects and other initiatives so that the technological integrity remains solid while innovation keeps happening. >> I know from a little birdie, Brendan, good friend of mine that you had a board meeting today. >> Priyanka: Yes. >> And I am curious because I hope I'm not going out about an assumption I imagine that room is full of passionate people. >> Priyanka: Absolutely. >> CNCF board would be a wild one. (Priyanka laughs) What are the priorities for the board between now and KubeCon next year? >> Sure. So the CNCF governing board is an over... It's like an oversight body. And their focus is on working with us on the executive team to make sure that we have the right game plan for the foundation. They tend to focus on the business decisions, things such as how do we manage our budget, how do we deploy it, and what are the initiatives? And that's always their priority. But because this is CloudNative and we are all technologists who love our projects, >> Savannah: Yeah. >> we also engage closely with the technical oversight committee who was in the said meeting that we just talked about. And so lots of discussions are around project health, sustainability. How do we keep moving? Because as you said, Kubernetes is going mainstream but it's still cool. There are all these other cool things. It's a lot going on, right? >> Savannah: Yeah. You got a lot of balls in the air. It's complex decision making and balancing of priorities. >> Priyanka: Yes. >> John: And demands, stakeholders. You have how many stakeholders? Every project, every person, every company. >> Everyone's a stakeholder. You're a stakeholder, too. >> And a hundred... I mean, I love how community focused you are. Obviously we're here to talk about the community. You have contributors from 187 different countries. >> Priyanka: It's one of the things I'm the most proud of. >> Savannah: It's... Yeah. It gives me all the feels as a community builder as well. >> Priyanka: Yeah. >> What an accomplishment and supporting community members in those different environments must be so dynamic for you and the team. >> Absolutely, and it behooves us to think globally in how we solve problems. Even when we introduce programs. My first question is, are we by accident being, let's say, default U.S. or are we being default Europe, whatever it may be because we really got to think about the whole world. >> John: It's global culture, it's a global village. >> Priyanka: Yes. >> And I think global now more than ever is so important. And, the Ukraine >> Priyanka: Yes. >> discussion on the main stage was awesome. I love how you guys did that because this is impacting the technology. We need the diverse input. Now I made a comment yesterday that it's going to make... it might slow things down. I meant as is more diversity, there's more conversations. >> Priyanka: Yes. >> But once people get aligned and committed, that's where the magic happens. Share your thoughts on the global diversity, why it's important, how things are made, how decisions are made. What's the philosophy? Because there's more to get your arms around. >> Yes, absolutely. It may seem harder or slower or whatever but once it gets done, aligned and committed, the product's better, everything's better. >> Priyanka: Yes, absolutely. I think the more people involved, the better it is for sure. Especially from a robustness resilience perspective. Because you know, as they say, sunlight makes bugs shallow. That's because the more eyes on something the faster people will solve problems, fix bugs and make, you know, look for security, vulnerability, solve all that. So especially in those areas, I think, where you want to be more resilient, the more the people, the better it is. A hundred percent. And then when it comes to direct technical direction and choosing a path, I think that's where, you know it's the role of the maintainers. And as I was saying there's only a thousand audit maintainers for 140 plus projects, right? So they are catering- >> Wow, they have a lot of responsibility. >> Right. >> Serious amount of responsibility. >> It's crazy. I know. And we have to do everything we can for those people because they are the ones who set the vision, set the direction, and then 176,000 plus contributors follow their lead. So we have... I think, the bright mechanisms of contribution and collaboration in a global way are in place. And we keep chugging along and doing better and better each year. >> What's next for you guys? You got the EU of show coming out, >> Priyanka: Correct, Amsterdam. the economy looking, I don't see your recession for technology, but that's me. I'm Polish on tech. Yeah, there's some layoffs going on, some cleaning up, overinflated expectations on valuations of startups, but I don't see this stopping or slowing down. But what's your take? >> Priyanka: Yeah, I mean, as I said in my keynote, right? Open source usage soars in times of turmoil and financial turmoil is one example of that. So we are expecting growth and heavy growth this year, next year and onwards. And in fact, going back to the whole maintainer journey, now is a time there's even more pressure on them and companies as they manage their, you know, workforces and prioritization, they really need to remember they're building products off of open source. They are... This is open sources on which what their business realize, whether they're a vendor or end user and give maintainers a space time to work on what they need to work on. >> Yeah. They need a little work-life balance. I mean the self-care there, I can't even imagine the complexity of the decision matrix in their mind. Speaking of that, and obviously you... Culture must be a huge part of how you lead these teams. How do you approach that as leader? >> I think the number one... So the foundation is a very small set of staff, just so you know. >> Savannah: I was actually... Let's tell the audience, how many people are on the team? >> Priyanka: You know, it's actually a difficult question because we have folks who like spin up and down and we have matrix support from the Linux Foundation, but about 30 people in total are dedicated to CNCF at any given time. >> Savannah: Wow. >> But compared... >> Savannah: You all do hard work. >> Yes. >> Savannah: You're doing great. I am impressed. >> It's a flat organization. >> It's pretty flat. >> Seriously, it's beautiful. >> It's actually in some ways very similar to the projects and there the, you know, contribution communities there where it's like everyone kind of like steps up and does what needs to be done, which is wonderful and beautiful, but with the responsibility on our shoulders, it's definitely a balancing act. So first off, it is, I ask everyone to have some grace for the staff. They are in a startup land with no IPO on the other side of the rainbow. They're doing it because they love love, love this community and technology so much. >> John: Yeah. Yeah, and then also they're acknowledging that nobody in open source wants to see a bureaucracy. >> Priyanka: Right. >> I mean, everyone see lean, efficient. >> Savannah: Yeah, absolutely John. It's great. It's a great point. And and I think that it's just... It's amazing what passionate people can do if given the opportunity. Let's talk a little bit about the literal event that we're at right now. >> Priyanka: Yes. >> Theme today, building for the road ahead. >> Priyanka: Yes. >> What was the inspiration for that? >> Detroit. (group laughs) We're in Detroit, people drive here. >> Savannah: In case you didn't know, cars have been made in this city. >> Motor city. >> It's everywhere being here in this city, which is awesome. >> But you know, it did... There was of course a geographical element but it also aligns with where we're at, right? >> Savannah: Yeah. >> We're building for the road ahead, which frankly given the changes going on in the world is a bumpy road. So it's important to talk about it. And that's what the theme was. >> And how many folks have shown up... This is a totally different energy from Los Angeles last year. I'm sure we can both agree. Everyone was excited last year, but this is an order of magnitude. >> Yes. >> How many folks do you think are milling around? >> Yeah, it's much more than double of Los Angeles. We are close to 8,000. >> Savannah: That's amazing. And it's so... You're absolutely right. The energy is just... >> Savannah: Way up. >> It's so good. People are enjoying themselves. It's been lovely. >> That's great. So you're feeling good? You're riding the high? >> Congratulations. >> Awesome. >> Yeah, thank you. I mean, I'm a little bit of a zombie right now. (group laughs) >> You don't look it, we wouldn't know. Nobody knows. They don't know. >> If you want to take a break, We got 12 interviews tomorrow. (Savannah and Priyanka laughing) You can co-host with us. We'd love to have you. >> Exactly. You're welcome anytime. Welcome anytime, Priyanka. >> Well thank you. But no, it's been such a wonderful show and you folks are part of the reason you say everybody here is contributing to the awesomeness. >> John: Yep. >> You're part of it. Look at your smiley faces. >> John: And Lisa Marty is over there. Lisa's over there. >> Yes! >> Say hi to Lisa and team. >> Yes, the team is awesome. >> Guys, thank you for your support for theCUBE. We really appreciate it. We enjoy it a lot. And we love the community. Thank you. >> Yes. Thank you for your support for CloudNative. >> Thank you. >> One last thing I just want to point out, because it's not always it happens in this industry. The women outnumber the men on this stage right now. >> John: Proud of that? >> And I know the diversity and inclusion is a priority for CNCF. >> Priyanka: Top priority. >> Yeah. Can you tell us a little bit more about that? >> Yes. It is something at the forefront of my mind, no matter what we do. And it's because I have such great role models. You know, when I was just a participant in the ecosystem, Dan Conn was leading the foundation and he took it so seriously to always try to uplift people from a diverse backgrounds and bring those faces into CloudNative. >> Savannah: Yes. >> And he made a serious lasting impact. >> John: Yes. >> And I am not going to let that go to waste. It's not going to be me who drops the ball. (group laughs) >> We're behind you all the way. >> Right? >> We see improvement over here. >> We got your back. >> I mean, even from an attendance perspective on stage I feel like you've done just an outstanding job with the curation and representation. I don't say that lightly. It really matters to me. But even in the audience looking around, it's so refreshing. Even it sounds silly. The shirts are more fitted. >> It's not silly. >> There's different types of shirts, and I mean, you know how it is. We've been in this industry long enough. >> It's a shirt you want to wear. >> Savannah: Exactly. And that's the whole point. I absolutely love it. Have we announced a location for KubeCon North America 2023, yet? >> It's Chicago. >> Savannah: Exciting! >> Yes. >> Savannah: All right. So we'll be seeing you >> Midwest. >> not that far away. >> This is the first time I've said this publicly, I just realized, It's Chicago, people. >> The scoop, yay! >> Oh, I feel so lucky we got to break the scoop. I was learning from John's lead there and I'm very excited. Amsterdam, Chicago. It's going to be absolutely >> I'll get my hotel now. >> Fantastic. >> Yes. >> Smart move. Everybody listen to him. >> Yeah, right? Especially after Detroit. It's actually not a... It's not a bad move. Priyanka, is there anything else you'd like to say to folks? Maybe they're thinking about coming or contributing to the ecosystem? >> Priyanka: Yes. Anyone and everyone can and should contribute and join us. The maintainers are holding us all up. Let's rally to support them. We have more and more programs to do that. As you know, we did ContribFest here this week which was the first time. So we will help you get involved so you're not on your own. So that's my number one message, which is anyone and everyone, you're welcome here. We'll make sure you have a good time. So just come. >> Okay. Please do it. >> I can tell you that Priyanka is not blowing smoke. I feel very welcome here. This community has welcomed me as a non-technical, so I think you're absolutely preaching the truth. Priyanka, thank you so much for being here with us today on the show, for helping herd the cats and wrangle the brilliant minds that make CNCF possible. And honestly for just bringing your energy and joy to the entire experience. John, thank you for hanging out with me. >> I'm glad I can contribute in a small way. >> I was going to say... I was going to say thank you for founding theCUBE so that we could be here in this little marriage and collaboration can be possible. And thank all of you for tuning in to theCUBE here, live from Detroit, Michigan. My name is Savannah Peterson. I am thrilled to be sharing this content with you today and I hope to see you for the rest of our interviews this afternoon. (gentle upbeat music)

>>Good morning and welcome back to the Cube where we are excited to be broadcasting live all week from Detroit to Michigan at Cuban slash cloud Native con. Depending on who you're asking, Lisa, it's day two things are buzzing. How are you feeling? >>Good, excited. Ready for day two, ready to have more great conversations to see how this community is expanding, how it's evolving, and how it's really supporting it itself. >>Yeah, Yeah. This is a very supportive community. Something we talked a lot about. And speaking of community, we've got some very bold and brave folks over here. We've got this CTO and the head of product from Storm Forge, and they are on a mission to automate Kubernetes. Now automatic and Kubernetes are not words that go in the same sentence very often, so please welcome Patrick and Yasmin. Thank you both for being here. Hello. How you doing? >>Thanks for having us. >>Thanks for having us. >>Talk about what you guys are doing. Cause as you said, Kubernetes auto spelling is anything but auto. >>Yeah. >>The, what are some of the challenges? How do you help >>Eliminate this? Yeah, so the mission at Storm Forge is primarily automatic resource configuration and optimization essentially. So we started as a machine learning company first. And it's kind of an interesting story cuz we're one of those startups that has pivoted a few times. And so we were running our machine learning workloads. Most >>Have, I think, >>Right? Yeah. Yeah. We were, we started out running our machine learning workloads and moving them into Kubernetes. And then we weren't quite sure how to correctly adjust and size our containers. And so our ML team, we've got three PhDs and applied mathematics. They said, Well, hang on, we could write an algorithm for that. And so they did. And then, Oh, I love this. Yeah. And then we said, Well holy cow, that's actually really useful. I wonder if other people would like that. And that's kind of where we got our start. >>You solved your own problem and then you built a business >>Around it. Yeah, exactly. >>That is fantastic. Is, is that driving product development at Storm Forge still? That kind of attitude? >>I mean that kind of attitude definitely drives product development, but we're, you know, balancing that with what the users are, the challenges that they have, especially at large scale. We deal with a lot of large enterprises and for us as a startup, we can relate to the problems that come with Kubernetes when you're trying to scale it. But when you're talking about the scale of some of these larger enterprises, it's just a different mentality. So we're trying to balance that of how we take that input into how we build our product. Talk >>About that, like the, the end user input and how you're taking that in, because of course it's only going to be a, you know, more of a symbiotic relationship when that customer feedback is taken and >>Acted on. Yeah, totally. And for us, because we use machine learning, it's a lot of building confidence with our users. So making sure that they understand how we look at the data, how we come up with the recommendations, and actually deploy those changes in their environment. There's a lot of trust that needs to be built there. So being able to go back to our users and say, Okay, we're presenting you this type of data, give us your feedback and building it alongside them has helped a lot in these >>Relationships. Absolutely. You said the word trust, and that's something that we talk about at every >>Show. I was gonna jump on that too. It's >>Not, Yeah, it's not a buzzword. It's not, It shouldn't be. Yeah. It really should be, I wanna say lived and breathed, but that's probably grammatically incorrect. >>We're not a gram show. It's okay darling. Yeah, thank >>You. It should be truly embodied. >>Yeah. And I, I think it's, it's not even unique to just what we do, but across tech in general, right? Like when I talk about SRE and building SRE teams, one of the things I mentioned is you have to build that trust first. And with machine learning, I think it can be really difficult too for a couple different reasons. Like one, it tends to be a black box if it's actually true machine learning. Totally. Which ours is. But the other piece that we run into. Yeah. And the other piece we run into though is, is what I was an executive at United Health Group before I joined Storm Forge. And I would get companies that would come to me and try to sell me machine learning and I would kind of look at it and say, Well no, that's just a basic decision tree. Or like, that's a super basic whole winter forecast, right? Like that's not actually machine learning. And that's one of the things that we actually find ourselves kind of battling a little bit when we talk about what we do in building that trust. >>Talk a little bit about the latest release as you guys had a very active September. Here we are. And towards the, I think end of October. Yeah. What are some of the, the new things that have come out? New integrations, new partnerships. Give us a scoop on that. >>Yeah, well I guess I'll start and then I'll probably hand it over to you. But like the, the big thing for us is we talked about automating Kubernetes in the very beginning, right? Like Kubernetes has got a vpa it's >>A wild sentence anyway. Yeah, yeah. >>It it >>Has. We're not gonna get over at the whole show. Yeah. >>It as a VPA built in, it has an HPA built in and, and when you look at the data and even when you read the documentation from Google, it explicitly says never the two should meet. Right. Because you'll end up thrashing and they'll fight each other. Well the big release we just announced is with our machine learning, we can now do both. And so we vertically scale your pods to the correct up. Yeah. >>Follow status. I love that. >>Yeah, we can, we can scale your pods to the correct size and still allow you to enable the HPA and we'll make recommendations for your scaling points and your thresholds on the HPA as well so that they can work together to really truly maximize your efficiency that without sacrificing your performance and your reliability of the applications that you're running. That >>Sounds like a massive differentiator for >>Storm launch, which I would say it is. Yeah. I think as far as I know, we're the first in the industry that can do this. Yeah. >>And >>From very singularity vibes too. You know, the machines are learning, teaching themselves and doing it all automatically. Yep. Gets me very >>Excited. >>Yeah, absolutely. And from a customer demand perspective, what's the feedback been? Yeah, it's been a few >>Weeks. Yeah, it's been really great actually. And a lot of why we went down this path was user driven because they're doing horizontal scale and they want to be able to vertically size as they're scaling. So if you put yourself in the shoes of someone that's configuring Kubernetes, you're usually guessing on what you're setting your CPU requests and limits do. But horizontal scale makes sense. You're either adding more things or removing more things. And so once they actually are scaled out as a large environment and they have to rethink, how am I gonna resize this now? It's just not possible. It's so many thousands of settings across all the different environments and you're only thinking about CPU memory, You're not thinking about a lot of things. It's just, but once you scale that out, it's a big challenge. So they came to us and said, Okay, you're doing, cuz we were doing vertical scaling before and now we enable vertical and horizontal. And so they came to us and said, I love what you're doing about right sizing, but we wanna be able to do this while also horizontally scaling. And so the way that our software works is we give you the recommendations for what the setting should be and then allow Kubernetes to continue to add and remove replicas as needed. So it's not like we're going in and making changes to Kubernetes, but we make changes to the configuration settings so that it's the most optimal from a resource perspective. >>Efficiency has been a real big theme of the show. Yeah. And it's clear that that's a focus for you. Everyone here wants to do more faster Of course. And innovation, that's the thing to do that sometimes we need partners. You just announced an integration with Datadog. Tell us about that. Yeah, >>Absolutely. Yeah. So the way our platform works is we need data of course, right? So they're, they're a great partner for us and we use them both as an input and an output. So we pull in metrics from Datadog to provide recommendations and we'll actually display all those within the Datadog portal. Cause we have a lot of users that are like, Look, Datadog's my single pane of glass and I hate using that word, but they get all their insights there. They can see their recommendations and then actually go deploy those. Whether they wanna automatically have the recommendations deployed or go in and actually push a button. >>So give me an example of a customer that is using the, the new release and some of the business outcomes they're achieving. I imagine one of the things that you're enabling is just closing that ES skills gap. But from a business level perspective, how are they gaining like competitive advantages to be able to get products to market faster, for example? >>Yeah, so one of the customers that was actually part of our press release and launch and spoke about us at a webinar, they are a SaaS product and deal with really bursty workloads. And so their cloud costs have been growing 40% year over year. And their platform engineering team is basically enabled to provide the automation for developers and in their environment, but also to reduce those costs. So they want to, it's that trade off of resiliency and cost performance. And so they came to us and said, Look, we know we're over provisioned, but we don't know how to tackle that problem without throwing tons of humans at the problem. And so we worked with them and just on a single app found 60% savings and we're working now to kind of deploy that across their entire production workload. But that allows them to then go back and get more out of the, the budget that they already have and they can kind of reallocate that in other areas, >>Right? So there can be chop line and bottom >>Line impact. Yeah. And I, I think there's some really direct impact to the carbon emissions of an organization as well. That's a good point. When you can reduce your compute consumption by 60%. >>I love this. We haven't talked about this at all during the show. Yeah. And I'm really glad that you brought this up. All of the things that power this use energy. Yeah. >>What is it like seven to 8% of all electricity in the world is consumed by data centers. Like it's crazy. Yeah. Yeah. And so like that's wild. Yeah. Yeah. So being able to make a reduction in impact there too, especially with organizations that are trying to sign green pledges and everything else. >>It's hard. Yeah. ESG initiatives are huge. >>Absolut, >>It's >>A whole lot. A lot of companies have ESG initiatives where they can't even go out and do an RFP with a business, Right. If they don't have an actual active starting, impactful ESG program. Yes. Yeah. >>And the RFPs that we have to fill out, we have to tell them how they'll help. >>Yeah. Yes. It's so, yeah, I mean I was really struck when I looked on your website and I saw 54% average cost reduction for Yeah. For your cloud operations. I hadn't even thought about it from a power perspective. Yeah. I mean, imagine if we cut that to 3% of the world's power grid. That is just, that is very compelling. Speaking of compelling and exciting future things, talk to us about what's next? What's got you pumped for 2023 and and what lies >>Ahead? Oh man. Well that seems like a product conversation for sure. >>Well, we're super excited about extending what we do to other platforms, other metrics. So we optimize a lot right now around CPU and memory, but we can also give people insights into, you know, limiting kills, limiting CPU throttling, so extending the metrics. And when you look at hba and horizontal scale today, most of it is done with cpu, but there are some organizations out there that are scaling on custom metrics. So being able to take in more data to provide more recommendations and kind of extend what we can do from an optimization standpoint. >>That's, yeah, that's cool. And what house you most excited on the show floor? Anything? Anything that you've seen? Any keynotes? >>There's, Well, I haven't had a lot of time to go to the keynotes unfortunately, but it's, >>Well, I'm shock you've been busy or something, right? Much your time here. >>I can't imagine why. But no, there's, it's really interesting to see all the vendors that are popping up around Kubernetes focus specifically with security is always something that's really interesting to me. And automating CICD and how they continue to dive into that automation devs, SEC ops continues to be a big thing for a lot of organizations. Yeah. Yeah. >>I I do, I think it's interesting when we marry, Were you guys here last year? >>I was not here. >>No. So at, at the smaller version of this in Los Angeles. Yeah. I, I was really struck because there was still a conversation of whether or not we were all in on Kubernetes as, as kind of a community and a society this year. And I'm curious if you feel this way too. Everyone feels committed. Yeah. Yeah. I I I feel like there's no question that Kubernetes is the tool that we are gonna be using. >>Yeah. I I think so. And I think a lot of that is actually being unlocked by some of these vendors that are being partners and helping people get the most outta Kubernetes, you know, especially at the larger enterprise organizations. Like they want to do it, but the skills gap is a very real problem. Right. And so figuring out, like Jasmine talked about figuring out how do we, you know, optimize or set up the correct settings without throwing thousands of humans at it. Never mind the fact you'll never find a thousand people that wanna do that all day every day. >>I was gonna, It's a fold endeavor for those >>People study, right? Yeah. And, and being able to close some of those gaps, whether it's optimization, security, DevOps, C I C D. As we get more of those partners like I just talked about on the floor, then you see more and more enterprises being more open to leaning into Kubernetes a little bit. >>Yeah. Yeah. We've seen, we've had some great conversations the last day and, and today as well with organizations that are history companies like Ford Motor Companies for >>Example. Yeah. Right. >>Just right behind us. One of their EVs and, and it's, they're becoming technology companies that happen to do cars or home >>Here. I had a nice job with 'em this morning. Yes. With that storyline, honestly. >>Yes. That when we now have such a different lens into these organizations, how they're using technologies, advanced technologies, Kubernetes, et cetera, to really become data companies. Yeah. Because they have to be, well the consumers on the other end expect a Home Depot or a Ford or whomever or your bank Yeah. To know who you are. I want the information right here whenever I need it so I can do the transaction I need and I want you to also deliver me information that is relevant to me. Yeah. Because there, there's no patience anymore. Yeah. >>And we partner with a lot of big FinTech companies and it's, it's very much that. It's like how do we continue to optimize? But then as they look at transitioning off of older organizations and capabilities, whether that's, they have a physical data center that's racked to the gills and they can't do anything about that, so they wanna move to cloud or they're just dipping their toe into even private cloud with Kubernetes in their own instances. A lot of it is how do we do this right? Like how do we lean in and, Yeah. >>Yeah. Well I think you said it really well that the debate seems to be over in terms of do we go in on Kubernetes? That that was a theme that I think we felt that yesterday, even on on day one of the keynotes. The community seems to be just craving more. I think that was another thing that we felt yesterday was all of the contributors and the collaborators, people want to be able to help drive this community forward because it's, it's a flywheel of symbiosis for all of the vendors here. The maintainers and, and really businesses in any industry can benefit. >>Yeah. It's super validating. I mean if you just look at the floor, there's like 20 different booths that talk about cost reporting for Kubernetes. So not only have people moved, but now they're dealing with those challenges at scale. And I think for us it's very validating because there's so many vendors that are looking into the reporting of this and showing you the problem that you have. And then where we can help is, okay, now you know, you have a problem, here's how we can fix it for you. >>Yeah. Yeah. That, that sort of dealing with challenges at scale that you set, I think that's also what we're hearing. Yeah. And seeing and feeling on the show floor. >>Yeah, absolutely. >>What can folks see and, and touch and feel in your booth? >>We have some demos there you can play around with the product. We're giving away a Lego set so we've let >>Gotta gets >>Are right now we're gonna have to get some Lego, We do a swag segment at the end of the day every day. Now we've >>Some cool socks. >>Yep. Socks are hot. Let's, let's actually talk about scale internally as our closing question. What's going on at Storm Forge? If someone's watching right now, they're excited. Are you hiring? We are hiring. Yeah. How can they stalk you? What's the >>School? Absolutely. So you can check us out on Storm forge.io. We're certainly hiring across the engineering organization. We're hiring across the UX a product organization. We're dealing, like I said, we've got some really big customers that we're, we're working through with some really fun challenges. And we're looking to continue to build on what we do and do new innovative things like especially cuz like I said, we are a machine learning organization first. And so for me it's like how do I collect all the data that I can and then let's find out what's interesting in there that we can help people with. Whether that's cpu, memory, custom metrics, like as said, preventing kills, driving availability, reliability, What can we do to, to kind of make a little bit more transparent the stuff that's going on underneath the covers in Kubernetes for the decision makers in these organizations. >>Yes. Transparency is a goal of >>Many. >>Yeah, absolutely. Well, and you mentioned fun. If this conversation is any representation, it would be very fun to be working on both of your teams. We, we have a lot of fun Ya. Patrick, thank you so much for joining. Thanks for having us, Lisa, As usual, thanks for being here with me. My pleasure. And thank you to all of you for turning into the Cubes live show from Detroit. My name's Savannah Peterson and we'll be back in a few.

(upbeat techno music) >> Hello, everyone. Welcome to theCUBE here live in Detroit for KubeCon + CloudNativeCon 2022. I'm John Furrier, host of theCUBE. This is our seventh consecutive KubeCon + CloudNativeCon. Since inception, theCube's been there every year. And of course, theCUBE continues to grow. So does the community as well as our host roster. I'm here with my co-host, Lisa Martin. Lisa, great to see you. And our new theCube host, Savannah Peterson. Savannah, welcome to theCUBE. >> Thanks, John. >> Welcome. >> Welcome to the team. >> Thanks, team. It's so wonderful to be here. I met you all last KubeCon and to be sitting on this stage in your company is honestly an honor. >> Well, great to have you. Lisa and I have done a lot of shows together and it's great to have more cadence around. You know, more fluid around the content, and also the people. And I would like you to take a minute to tell people your background. You know the community here. What's the roots? You know the Cloud Native world pretty well. >> I know it as well as someone my age can. As we know, the tools and the tech is always changing. So hello, everyone. I'm Savannah Peterson. You can find me on the internet @SavIsSavvy. Would love to hear from you during the show. Big fan of this space and very passionate about DevOps. I've been working in the Silicon Valley and the Silicon Alley for a long time, helping companies scale internationally as a community builder as well as a international public speaker. And honestly, this is just such a fun evolution for my career and I'm grateful to be here with you both. >> We're looking forward to having you on theCUBE. Appreciate it. Lisa? >> Yes. >> KubeCon. Amazing again this year. Just keeps growing bigger and bigger. >> Yes. >> Keynote review, you were in there. >> Yup. >> I had a chance to peek in a little bit, but you were there and got most of the news. What was the action? >> You know, the action was really a big focus around the maintainers, what they're doing, giving them the props and the kudos and the support that they deserve. Not just physically, but mentally as well. That was a really big focus. It was also a big focus on mentoring and really encouraging more people- >> Love that. >> I did, too. I thought that was fantastic to get involved to help others. And then they showed some folks that had great experiences, really kind of growing up within the community. Probably half of the keynote focus this morning was on that. And then looking at some of the other projects that have graduated from CNCF, some of these successful projects, what they're doing, what folks are doing. Cruise, one of the ones that was featured. You've probably seen their driverless cars around San Francisco. So it was great to see that, the successes that they've had and where that's going. >> Yeah. Lisa, we've done how many shows? Hundreds of shows together. When you see a show like this grow and continue to mature, what's your observation? You've seen many shows we've hosted together. What jumps out this year? Is it just that level of maturization? What's your take on this? >> The maturization of the community and the collaboration of the community. I think those two things jumped out at me even more than last year. Last year, obviously a little bit smaller event in North America. It was Los Angeles. This year you got a much stronger sense of the community, the support that they have for each other. There were a lot of standing ovations particularly when the community came out and talked about what they were doing in Ukraine to support fellow community members in Ukraine and also to support other Ukrainians in terms of getting in to tech. Lot of standing ovations. Lot of- >> Savannah: Love that, yeah. >> Real authenticity around the community. >> Yeah, Savannah, we talked on our intro prior to the event about how inclusive this community is. They are really all in on inclusivity. And the Ukraine highlight, this community is together and they're open. They're open to everybody. >> Absolutely. >> And they're also focused on growing the educational knowledge. >> Yeah, I think there's a real celebration of curiosity within this community that we don't find in certain other sectors. And we saw it at dinner last night. I mean, I was struck just like you Lisa walking in today. The energy in that room is palpably different from last year. I saw on Twitter this morning, people are very excited. Many people, their first KubeCon. And I'm sure we're going to be feeding off of that, that kind of energy and that... Just a general enthusiasm and excitement to be here in Detroit all week. It's a treat. >> Yeah, I even saw Stu Miniman earlier, former theCube host. He's at Red Hat. We were talking on the way in and he made an observation I thought was interesting I'll bring up because this show, it's a lot "What is this show? What isn't this show?" And I think this show is about developers. What it isn't is not a business show. It's not about business. It's not about industry kind of posturing or marketing. All the heavy hitters on the dev side are here and you don't see the big execs. I mean, you got the CEOs of startups here but not the CEOs of the big public companies. We see the doers. So, I mean, I think my take is this show's about creating products for builders and creating products that people can consume. And I think that is the Cloud Native lanes that are starting to form. You're either creating something for builders to build stuff with or you're creating stuff that could be consumed. And that seems for applications. So the whole app side and services seem to be huge. >> They also did a great job this morning of showcasing some of the big companies that we all know and love. Spotify. Obviously, I don't think a day goes by where I don't turn on Spotify. And what it's done- >> Me neither. >> What it's done for the community... Same with Intuit, I'm a user of both. Intuit was given an End User Award this morning during the keynote for their contributions, what they're doing. But it was nice to see some just everyday companies, Cloud Native companies that we all know and love, and to understand their contributions to the community and how those contributions are affecting all of us as end users. >> Yeah, and I think those companies like Intuit... Argo's been popular, Arlo now new, seeing those services, and even enterprises are contributing. You know, Lyft is always here, popular with Envoy. The community isn't just vendors and that's the interesting thing. >> I think that's why it works. To me, this event is really about the celebration of developer relations. I mean, every DevRel from every single one of these companies is here. Like you said, in lieu of the executive, that's essentially who we're attracting. And if you look out over the show floor here, I mean, we've probably got, I don't know, three to four extra vendors that we had last year. It totally is a different tone. This community doesn't like to be sold to. This community likes to be collaborative. They like to learn and they like to help. And I think we see that within the ecosystem inside the room today. >> It's not a top down sales pitch. It's really consensus. >> No. >> Do it out in the open transparency. Don't sell me stuff. And I think the other thing I like about this community is that we're starting to see that... And then we've said this in theCube before. We'll say it again. Maybe be more controversial. Digital transformation is about the developer, right? And I think the power is going to shift in every company to the developer because if you take digital transformation to completion, everything happens the way it's happening, the company is the application. It's not IT who serves the organization- >> I love thinking about it like that. That's a great point, John. >> The old phase was IT was a department that served the business. Well, the business is IT now. So that means developer community is going to grow like crazy and they're going to be in the front lines driving all the change. In my opinion, you going to see this developer community grow like crazy and then the business side on industry will match up with that. I think that's what's going to happen. >> So, the developers are becoming the influencers? >> Developers are the power source for all companies. They're in charge. They're going to dictate terms to how businesses will run because that's going to be natural 'cause digital transformation's about the app and the business is the app. So that mean it has to be coded. So I think you're going to see a lot of innovation around app server-like experiences where the the apps are just being developed faster than the infrastructures enabling that completely invisible. And I think you're going to see this kind of architecture-less, I'll put it out there that term architecture-less, environment where you don't need an architecture. It's just you code away. >> Yeah, yeah. We saw GitHub's mentioned in the keynote this morning. And I mean, low code, no code. I think your fingers right on the pulse there. >> Yeah. What did you guys see? Anything else you see? >> I think just the overall... To your point, Savannah, the energy. Definitely higher than last year. When I saw those standing ovations, people really come in together around the sense of community and what they've accomplished especially in the last two plus years of being remote. They did a great job of involving a lot of folks, some of whom are going to be on the program with us this week that did remote parts of the keynote. One of our guests on today from Vitess was talking about the successes and the graduation of their program so that the sense of community, but also not just the sense of it, the actual demonstration of it was also quite palpable this morning, and I think that's something that I'm excited for us to hear about with our guests on the program this week. >> Yeah, and I think the big story coming out so far as the show starts is the developers are in charge. They're going to set the pace for all the ops, data ops, security ops, all operations. And then the co-located events that were held Monday and Tuesday prior to kickoff today. You saw WebAssembly's come out of the woodwork as it got a lot of attention. Two startups got funded heavily on Series A. You're starting to see that project really work well. That's going to be an additional to the container market. So, interesting to see how Docker reacts to that. Red Hat's doing great. ServiceMeshCon was phenomenal. I saw Solo.iOS got massive traction with those guys. So like Service Mesh, WebAssembly, you can start to see the dots connecting. You're starting to see this layer below Kubernetes and then a layer above Kubernetes developing. So I think it's going to be great for applications and great for the infrastructure. I think we'll see how it comes out and all these companies we have on here are all about faster, more integrated, some very, very interesting to see. So far, so good. >> You guys talked about in your highlight session last week or so. Excited to hear about the end users, the customer stories. That's what I'm interested in understanding as well. It's why it resonates with me when I see brands that I recognize. Well, I use it every day. How are they using containers and Kubernetes? How are they actually not just using it to deploy their app, their technologies, that we all expect are going to be up 24/7, but how are they also contributing to the development of it? So I'm really excited to hear those end users. >> We're going to have Lockheed Martin. And we wrote a story on SiliconANGLE, the Red Hat, Lockheed Martin, real innovation on the edge. You're starting to see educate with the edge. It's really the industrial edge coming to be big. It'd be very interesting to see. >> Absolutely, we got Ford Motor Company coming on as well. I always loved stories, Savannah, that are history of companies. Ford's been around since 1903. How is a company that- >> Well, we're in the home of Ford- as well here. >> We are. How they evolved digitally? What are they doing to enable the developers to be those influencers that John says? It's going to be them. >> They're a great example of a company that's always been on the forefront, too. I mean, they had a head of VRs 25 years ago when most people didn't even know what VR was going to stand for. So, I can't wait for that one. You tease the Docker interview coming up very well, John. I'm excited for that one. One last thing I want to bring up that I think is really refreshing and it's reflected right here on this stage is you talked about the inclusion. I think there's a real commitment to diversity here. You can see the diversity stats on CNCF's website. It's right there on KubeCon. At the bottom, there's a link in every email I've gotten highlighting that. We've got two women on this stage all week which is very exciting. And the opening keynote was a woman. So quite frankly, I am happy as a female in this industry to see a bit more representation. And I do appreciate just on the note of being inclusive, it's not just about gender or age, it's also about the way that CNCF thinks about your experience since we're in this kind of pandemic transitional period. They've got little pins. Last year, we had bracelets depending on your level of comfort. Equivocally like a stoplight which is... I just think it's really nice and sensitive and that attention to detail makes people feel comfortable. Which is why we have the community energy that we have. >> Yeah, and being 12 years in the business... With theCUBE, we've been 12 years in the business, seven years with KubeCon and Cloud Native, I really appreciate the Linux Foundation including me as I get older. (Lisa and Savannah laugh) >> Savannah: That's a good point. >> Ageism were, "Hey!" Thank you. >> There was a lot of representation. You talked about females and so often we go to shows and there's very few females. Some companies are excellent at it. But from an optics perspective, to me it stands out. There was great representation across. There was disabled people on stage, people of color, women, men of all ages. It was very well-orchestrated. >> On the demographic- >> And sincere. >> Yeah, yeah. >> And the demographics, too. On the age side, it's lower too. You're starting to see younger... I mean, high school, college representation. I saw a lot of college students last night. I saw on the agenda sessions targeting universities. I mean, I'm telling you this is reaching down. Open source now is so great. It's growing so fast. It's continuing to thunder away. And with success, it's just getting better and better. In fact, we were talking last night about at some point we might not have to write code. Just glue it together. And that's why I think the supply chain and security thing is an issue. But this is why it's so great. Anyone can code and I think there's a lot of learning to have. So, I think we'll continue to do our job to extract the signal from the noise. So, thanks for the kickoff. Good commentary. Thank you. All right. >> Of course. >> Let's get started. Day one of three days of live coverage here at KubeCon + CloudNativeCon. I'm John Furrier with Lisa Martin, and Savannah Peterson. Be back with more coverage starting right now. (gentle upbeat music)

(soft upbeat music) >> The past two and a half years have seen a dramatic change in the security posture of virtually all organizations. By accelerating the digital business mandate, the isolation economy catalyzed a move toward cloud computing to support remote workers. This, we know. This had several ripple effects on CISO and CIO strategies that were highly visible at the board of directors level. Now, the first major change was to recognize that the perimeter had suddenly been vaporized. Protection, as a result, moved away from things like perimeter-based firewalls toward more distributed endpoints, cloud security, and modern identity management. The second major change was a heightened awareness of the realities of ransomware. Ransomware as a service, for example, emerged as a major threat where virtually anyone with access to critical data and criminal intentions could monetize corporate security exposures. The third major change was a much more acute understanding of how data protection needed to become a fundamental component of cyber security strategies. And more specifically, CIOs quickly realized that their business resilient strategies were too narrowly DR-focused, that their DR approach was not cost efficient and needed to be modernized, and that new approaches to operational resilience were needed to reflect the architectural and business realities of this new environment. Hello and welcome to Why Ransomware isn't your Only Problem, a service of theCUBE made possible by Druva, and in collaboration with IDC. I'm your host, Dave Vellante, and today we're presenting a three-part program. We'll start with the data. IDC recently conducted a global survey of 500 business technology practitioners across 20 industries to understand the degree to which organizations are aware of and prepared for the threats they face in today's new world. IDC Research Vice President, Phil Goodwin is here to share the highlights of the study and summarize the findings from a recent research report on the topic. After that, we're going to hear from Curtis Preston, who's the Chief Technical Evangelist at Druva. I've known Curtis for decades. He's one of the world's foremost experts on backup and recovery, specifically in data protection generally. Curtis will help us understand how the survey data presented by IDC aligns with the real world findings from the field, from his point of view. And he'll discuss why so many organizations have failed to successfully recover from an attack without major pains and big costs, and how to avoid such operational disruptions and disasters. And then finally, we'll hear from the technical experts at Druva, Stephen Manley and Anjan Srinivas. Stephen is a 10-time (indistinct) and chief technology officer at Druva. And Anjan is vice president and general manager of product management at the company. And these individuals will specifically address how Druva is closing the gaps presented in the IDC survey through their product innovation. Right now I'm going to toss it to Lisa Martin, another one of the hosts, for today's program. Lisa, over to you. (soft upbeat music) >> Phil Goodwin joins me next, the VP of research at IDC. We're going to be breaking down what's going on in the threat landscape. Phil, welcome to the program. It's great to have you back on theCUBE. >> Hey, Lisa, it's great to be here with you. >> So talk to me about the state of the global IT landscape as we see cyber attacks massively increasing, the threat landscape changing so much, what is IDC seeing? >> You really hit the top topic that we find from IT organizations as well as business organizations. And really it's that digital resilience that ransomware that has everybody's attention. And it has the attention not just of the IT people, but of the business people alike, because it really does have profound effects across the organization. The other thing that we're seeing, Lisa, is really a move towards cloud. And I think part of that is driven by the economics of cloud, which fundamentally changed the way that we can approach disaster recovery, but also was accelerated during the pandemic for all the reasons that people have talked about in terms of work from home and so on. And then really the third thing is the economic uncertainty. And this is relatively new for 2022. But within IDC we've been doing a lot of research around what are those impacts going to be. And what we find people doing is they want greater flexibility, they want more cost certainty, and they really want to be able to leverage those cloud economics to be have the scale up or scale down on demand nature of cloud. So those are in a nutshell kind of the three things that people are looking at. >> You mentioned ransomware. It's a topic we've been talking about a lot. It's a household word these days. It's now, Phil, no longer if we're going to get attacked, it's when, it's how often, it's the severity. Talk about ransomware as a priority all the way up the stack to the C-suite. And what are they trying to do to become resilient against it? >> Well, what some of the research that we did is we found that about 77% of organizations have digital resilience as a top priority within their organization. And so what you're seeing is organizations trying to leverage things to become more resilient, more digitally resilient, and to be able to really hone in on those kinds of issues that are keeping them awake at night, quite honestly. If you think about digital resilience, it really is foundational to the organization, whether it's through digital transformation or whether it's simply data availability, whatever it might happen to be. Digital resilience is really a large umbrella term that we use to describe that function that is aimed at avoiding data loss, assuring data availability, and helping the organization to extract value from their data. >> And digital resilience, data resilience, as every company these days has to be a data company to be competitive. Digital resilience, data resilience, are you using those terms interchangeably or is data resilience defined as something a little bit different? >> Well, sometimes yeah, that we do get caught using them when one is the other. But data resilience is really a part of digital resilience, if you think about the data itself in the context of of IT computing. So it really is a subset of that. But it is foundational to IT resilience. You can't have it resilience without data resilience. So that's where we're coming from on it >> Inextricably linked. And it's becoming a corporate initiative, but there's some factors that can complicate digital resilience, data resilience, for organizations. What are some of those complications that organizations need to be aware of? >> Well, one of the biggest is what you mentioned at the top of the segment, and that is the area of ransomware. The research that we found is about 46% of organizations have been hit within the last three years. It's kind of interesting how it's changed over the years. Originally, being hit by ransomware had a real stigma attached to it. Organizations didn't want to admit it, and they really avoided confronting that. Nowadays, so many people have been hit by it, that that stigma has gone. And so really it is becoming more of a community kind of effort as people try to defend against these ransomwares. The other thing about it is, it's really a lot like Whack-A-Mole. They attack us in one area, and we defend against it, so they attack us in another area, and we defend against it. And in fact, I had an individual come up to me at a show not long ago and said, "You know, one of these days we're going to get pretty well defended against ransomware and it's going to go away." And I responded, "I don't think so, because we're constantly introducing new systems, new software, and introducing new vulnerabilities. And the fact is ransomware is so profitable the bad guys aren't going to just fade into the night without giving it a lot of fight." So I really think that ransomware is one of those things that is here for the long term, and something that we have to address and have to get proactive about. >> You mentioned some stats there, and recently IDC and Druva did a white paper together that really revealed some quite shocking results. Talk to me about some of the things. Let's talk a little bit about the demographics of the survey and then talk about what was the biggest finding there, especially where it's concerning ransomware. >> Yeah, this was in a worldwide study, it was sponsored by Druva and conducted by IDC as an independent study. And what we did, we surveyed 500, is a little over 500 different individuals across the globe, in North America, select countries in Western Europe as well as several in Asia-Pacific. And we did it across industries where 20 different industries represented. They're all evenly represented. We had surveys that included IT practitioners, primarily CIOs, CTOs, VP of infrastructure, managers of data centers, things like that. And the biggest finding that we had in this, Lisa, was really finding that there is a huge disconnect, I believe, between how people think they are ready and what the actual results are when they get attacked. Some of the statistics that we learned from this, Lisa, include 83% of organizations believe, or told us that they have a playbook that they have for ransomware. I think 93% said that they have a high degree, or a high or very high degree of confidence in their recovery tools and are fully automated. And yet when you look at the actual results, I told you a moment ago, 46% have been attack successfully. I can also tell you that in separate research, fewer than a third of organizations were able to fully recover their data without paying the ransom. And some two thirds actually had to pay the ransom. And even when they did, they didn't necessarily achieve their full recovery. The bad guys aren't necessarily to be trusted. And so the software that they provide sometimes is fully recovered, sometimes it's not. So you look at that and you go, "Wow." On the one hand, people think they're really prepared, and on the other hand, the results are absolutely horrible. Two thirds of people having to pay the ransom. So you start to ask yourself, "Well, what's going on there?" And I believe that a lot of it comes down to... kind of reminds me of the old quote from Mike Tyson. "Everybody has a plan until they get punched in the mouth." And I think that's kind of what happens with ransomware. You think you know what you're doing, you think you're ready, based on the information you have, and these people are smart people and they're professionals, but oftentimes you don't know what you don't know. And like I say, the bad guys are always dreaming up new ways to attack us. And so I think for that reason a lot of these have been successful. So that was kind of the key finding to me in kind of the "aha" moment, really, in this whole thing, Lisa. >> That's a massive disconnect, with the vast majority saying, "We have a cyber recovery playbook," yet, nearly half being the victims of ransomware in the last three years, and then half of them experiencing data loss. What is it then that organizations in this situation across any industry can do to truly enable cyber resilience, data resilience, as we said, this is a matter of this is going to happen, just a matter of when and how often? >> It is a matter, yeah, as you said, it's not if when or how often, it's really how badly. So I think what organizations are really doing now is starting to turn more to cloud-based services. Finding professionals who know what they're doing, who have that breadth of experience, and who have seen the kinds of necessary steps that it takes to do a recovery. And the fact of the matter is a disaster recovery and a cyber recovery are really not the same thing. And so organizations need to be able to plan the kinds of recovery associated with cyber recovery in terms of forensics, in terms of scanning, in terms of analysis, and so forth. So they're turning to professionals in the cloud much more in order to get that breadth of experience and to take advantage of cloud-based services that are out there. >> Talk to me about some of the key advantages of cloud-based services for data resilience versus traditional legacy on-prem equipment. What are some of the advantages? Why is IDC seeing this big shift to cloud where data resilience is concerned? >> Well, the first and foremost is the economics of it. You can have on-demand resources. And in the old days when we had disaster recoveries where there we had two different data centers and a failover and so forth, you had double the infrastructure if your financial services, it might even be triple the infrastructure. It was very complicated, very difficult. By going to the cloud, organizations can subscribe to disaster recovery as a service. And increasingly what we see is a new market of cyber recovery as a service. So being able to leverage those resources to be able to have the forensic analysis available to them, to be able to have the other resources available that are on-demand, and to have that plan in place to have those resources in place. I think what happens in a number of situations, Lisa, is that organizations think they're ready, but then all of a sudden they get hit, and all of a sudden they have to engage with outside consultants, or they have to bring in other experts. And that extends the time to recover that they have, and it also complicates it. So if they have those resources in place, then they can simply turn them on, engage them, and get that recover going as quickly as possible. >> So what do you think the big issue here is? Is it that these IT practitioners, over 500 that you surveyed across 20 industries, this a global survey, do they not know what they don't know? What's the overlying issue here? >> Yeah, I think that's right. It's you don't know what you don't know and until you get into a specific attack... there are so many different ways that organizations can be attacked. And in fact, from this research that we found, is that in many cases, data exfiltration exceeds data corruption by about 50%. And when you think about that, the issue is, once I have your data, what are you going to do? I mean, there's no amount of recovery that is going to help. So organizations are either faced with paying the ransom to keep the data from perhaps being used on the dark web or whatever, or simply saying no and taking their chances. So best practice things like encryption, immutability, things like that that organizations can put into place. Certainly air gaps, having a solid backup foundation to where data is, you have a high probability of recovery, things like that, those are the kinds of things that organizations have to put into place, really is a baseline to assure that they can recover as fast as possible and not lose data in the event of a ransomware attack. >> Given some of the disconnect that you articulated, the stats that show so many think, "We are prepared, we've got a playbook," yet so many are are being attacked, the vulnerabilities as the landscape, threat landscape, just gets more and more amorphous, what do you recommend organizations? Do you talk to the IT practitioners, but does this go all the way up to the board level in terms of, "Hey guys, across every industry we are vulnerable, this is going to happen, we've got to make sure that we are truly resilient and proactive"? >> Yes, and in fact, what we found from this research is in more than half of cases, the CEO is directly involved in the recovery. So this is very much a C-suite issue. And if you look at the the consequences of ransomware it's not just the ransom, it's the lost productivity, it's the loss of revenue, it's the loss of customer faith and goodwill. And organizations that have been attacked have suffered those consequences, and many of them are permanent. So people at the board level, whether it's the CEO, the CFO, the CIO, the CISO, whoever it is, they're extremely concerned about this. And I can tell you they are fully engaged in addressing these issues within their organization. >> So all the way at the top critically important, business critical for any industry. I imagine some industries may be a little bit more vulnerable than others, financial services, healthcare, education, we've just seen big attack in Los Angeles County. But in terms of establishing data resilience, you mentioned ransomware isn't going anywhere, it's a big business, it's very profitable, but what is IDC's prediction where ransomware is concerned? Do you think that organizations, if they truly adopt cloud and status-based technologies, can they get to a place where the C-suite doesn't have to be involved to the point where they really actually have a functioning playbook? >> I don't know if we'll ever get to the point where the C-suite is not involved. It's probably very important to have that level of executive sponsorship. But what we are seeing is, in fact, we predict predict that by 2025, 55% of organizations will have shifted to a cloud-centric strategy for their data resilience. And the reason we say that is workloads on premises aren't going away, so that's the core. We have an increasing number of workloads in the cloud and at the edge, and that's really where the growth is. So being able to take that cloud-centric model and take advantage of cloud resources, like immutable storage, being able to move data from region to region inexpensively and easily, and to be able to take that cloud-centric perspective and apply it on premises as well as in the cloud and at the edge, is really where we believe that organizations are shifting their focus. >> Got it. We're just cracking the surface here, Phil. I wish we had more time. But I had a chance to read the Druva-sponsored IDC white paper. Fascinating finds. I encourage all of you to download that. Take a read. You're going to learn some very interesting statistics and recommendations for how you can really truly deploy data resilience in your organization. Phil, it's been a pleasure to have you on the program. Thank you for joining me. >> No problem. Thank you, Lisa. (gentle music)

>> The past 2 1/2 years have seen a dramatic change in the security posture of virtually all organizations. By accelerating the digital business mandate, the isolation economy catalyzed a move toward cloud computing to support remote workers. This we know. This had several ripple effects on CSO and CIO strategies that were highly visible at the Board of Directors' level. Now, the first major change was to recognize that the perimeter had suddenly been vaporized. Protection, as a result, moved away from things like perimeter-based firewalls toward more distributed endpoints, cloud security, and modern identity management. The second major change was a heightened awareness of the realities of ransomware. Ransomware as a service, for example, emerged as a major threat where virtually anyone with access to critical data and criminal intentions could monetize corporate security exposures. The third major change was a much more acute understanding of how data protection needed to become a fundamental component of cybersecurity strategies, and more specifically, CIOs quickly realized that their business resilience strategies were too narrowly DR-focused, that their DR approach was not cost efficient and needed to be modernized, and that new approaches to operational resilience were needed to reflect the architectural and business realities of this new environment. Hello, and welcome to "Why Ransomware isn't Your Only Problem," a service of theCUBE made possible by Druva, and in collaboration with IDC. I'm your host, Dave Vellante, and today, we're presenting a three-part program. We'll start with the data. IDC recently conducted a global survey of 500 business technology practitioners across 20 industries to understand the degree to which organizations are aware of and prepared for the threats they face in today's new world. IDC Research Vice President Phil Goodwin is here to share the highlights of the study and to summarize the findings from a recent research report on the topic. After that, we're going to hear from Curtis Preston, who's the Chief Technical Evangelist at Druva. I've known Curtis for decades. He's one of the world's foremost experts on backup and recovery, specifically, and data protection, generally. Curtis will help us understand how the survey data presented by IDC aligns with the real world findings from the field from his point of view. And he'll discuss why so many organizations have failed to successfully recover from an attack without major pains and big costs, and how to avoid such operational disruptions and disasters. And then finally, we'll hear from the technical experts at Druva, Stephen Manley and Anjan Srinivas. Stephen is a 10-time CUBE alum and Chief Technology Officer at Druva, and Anjan is Vice President and General Manager of Product Management at the company. And these individuals will specifically address how Druva is closing the gaps presented in the IDC survey through their product innovation. But right now I'm going to toss it to Lisa Martin, another one of the hosts for today's program. Lisa, over to you. (upbeat music) >> Bill Goodwin joins me next, the VP of Research at IDC. We're going to be breaking down what's going on in the threat landscape. Phil, welcome to the program. It's great to have you back on theCUBE. >> Hey, Lisa, it's great to be here with you. >> So talk to me about the state of the global IT landscape as we see cyberattacks massively increasing, the threat landscape changing so much. What is IDC seeing? >> You know, you really hit the top topic that we find from IT organizations as well as business organizations. And really, it's that digital resilience, that ransomware that has everybody's attention, and it has the attention, not just of the IT people, but of the business people alike, because it really does have profound effects across the organization. The other thing that we're seeing, Lisa, is really a move towards cloud. And I think part of that is driven by the economics of cloud, which fundamentally changed the way that we can approach disaster recovery, but also has accelerated during the pandemic for all the reasons that people have talked about in terms of work from home and so on. And then really the third thing is the economic uncertainty, and this is relatively new for 2022, but within IDC we've been doing a lot of research around what are those impacts going to be? And what we find people doing is they want greater flexibility, they want more cost certainty, and they really want to be able to leverage those cloud economics to have the scale up or scale down on demand nature of cloud. So those are, in a nutshell, kind of the three things that people are looking at. >> You mentioned ransomware. It's a topic we've been talking about a lot. It's a household word these days. It's now, Phil, no longer if we're going to get attacked, it's when, it's how often, it's the severity. Talk about ransomware as a priority all the way up the stack to the C-suite, and what are they trying to do to become resilient against it? >> Well, what some of the research that we did is we found that about 77% of organizations have digital resilience as a top priority within their organization. And so what you're seeing is organizations trying to leverage things to become more resilient, more digitally resilient, and to be able to really hone in on those kinds of issues that are keeping them awake at night, quite honestly. If you think about digital resilience, it really is foundational to the organization, whether it's through digital transformation or whether it's simply data availability, whatever it might happen to be. Digital resilience is really a large umbrella term that we use to describe that function that is aimed at avoiding data loss, assuring data availability, and helping the organization to extract value from their data. >> And digital resilience, data resilience, as every company these days has to be a data company to be competitive. Digital resilience, data resilience, are you using those terms interchangeably or is data resilience defined as something a little bit different? >> Well, sometimes yeah, we do get caught using them when one is the other. But data resilience is really a part of digital resilience, if you think about the data itself in the context of IT computing. So it really is a subset of that, but it is foundational to IT resilience. You can't have IT resilience without data resilience. So that's where we're coming from on it. >> Inextricably linked, and it's becoming a corporate initiative, but there's some factors that can complicate digital resilience, data resilience for organizations. What are some of those complications that organizations need to be aware of? >> Well, one of the biggest is what you mentioned at the top of the segment, and that is the area of ransomware. The research that we found is about 46% of organizations have been hit within the last three years. You know, it's kind of interesting how it's changed over the years. Originally, being hit by ransomware had a real stigma attached to it. Organizations didn't want to admit it, and they really avoided confronting that. Nowadays, so many people have been hit by it that that stigma has gone. And so really it is becoming more of a community kind of effort as people try to defend against these ransomers. The other thing about it is it's really a lot like Whac-A-Mole, you know. They attack us in one area and we defend against it so they attack us in another area, and we defend against it. And in fact, I had an individual come up to me at a show not long ago and said, "You know, one of these days we're going to get pretty well defended against ransomware and it's going to go away." And I responded I don't think so because we're constantly introducing new systems, new software, and introducing new vulnerabilities. And the fact is ransomware is so profitable, the bad guys aren't going to just fade into the night without giving it a a lot of fight. So I really think that ransomware is one of those things that is here for the long term and something that we have to address and have to get proactive about. >> You mentioned some stats there, and recently IDC and Druva did a white paper together that really revealed some quite shocking results. Talk to me about some of the things. Let's talk a little bit about the demographics of the survey and then talk about what was the biggest finding there, especially where it's concerning ransomware? >> Yeah, this was a worldwide study. It was sponsored by Druva and conducted by IDC as an independent study. And what we did, we surveyed 500, it was a little over 500 different individuals across the globe in North America, select countries in Western Europe, as well as several in Asia Pacific. And we did it across industries there were 20 different industries represented, they're all evenly represented. We had surveys that included IT practitioners, primarily CIOs, CTOs, VP of infrastructure, you know, managers of data centers, things like that. And the biggest finding that we had in this, Lisa, was really finding that there is a huge disconnect, I believe, between how people think they are ready and what the actual results are when they get attacked. Some of the statistics that we learned from this, Lisa, include 83% of organizations believe, or told us that they have a playbook that they have for ransomware. I think 93% said that they have a high degree, or a high or very high degree of confidence in their recovery tools and are fully automated. And yet, when you look at the actual results, you know, I told you a moment ago, 46% have been attacked successfully. I can also tell you that in separate research, fewer than 1/3 of organizations were able to fully recover their data without paying the ransom, and some 2/3 actually had to pay the ransom. And even when they did, they didn't necessarily achieve their full recovery. You know, the bad guys aren't necessarily to be trusted, and so the software that they provide sometimes is fully recovered, sometimes it's not. So you look at that and you go, wow. On the one hand, people think they're really, really prepared, and on the other hand, the results are absolutely horrible. You know, 2/3 of people having to pay the ransom. So you start to ask yourself, well, what's going on there? And I believe that a lot of it comes down to, kind of reminds me of the old quote from Mike Tyson. "Everybody has a plan until they get punched in the mouth." And I think that's kind of what happens with ransomware. You think you know what you're doing. You think you're ready, based on the information you have. And these people are smart people, and they're professionals, but oftentimes, you don't know what you don't know. And like I said, the bad guys are always dreaming up new ways to attack us. And so, I think, for that reason, a lot of these have been successful. So that was kind of the key finding to me and kind of the aha moment really in this whole thing, Lisa. >> That's a massive disconnect with the vast majority saying, "We have a cyber recovery playbook," yet nearly 1/2 being the victims of ransomware in the last three years, and then 1/2 of them experiencing data loss. What is it then that organizations in this situation across any industry can do to truly enable cyber resilience, data resilience? As we said, this is a matter of this is going to happen, just a matter of when and how often. >> It is a matter, yeah, as you said, it's not if, when, or how often, it's really how badly. So I think what organizations are really doing now is starting to turn more to cloud-based services, you know, finding professionals who know what they're doing, who have that breadth of experience and who have seen the kinds of necessary steps that it takes to do a recovery. And the fact of the matter is a disaster recovery and a cyber recovery are really not the same thing. And so organizations need to be able to plan the kinds of recovery associated with cyber recovery in terms of forensics, in terms of scanning, in terms of analysis, and so forth. So they're turning to professionals in the cloud much more, in order to get that breadth of experience, and to take advantage of cloud-based services that are out there. >> Talk to me about some of the key advantages of cloud-based services for data resilience versus traditional legacy on-prem equipment. What are some of the advantages? Why is IDC seeing this big shift to cloud where data resilience is concerned? >> Well, the first and foremost is the economics of it. You know, you can have on-demand resources. In the old days, when we had disaster recoveries where we had two different data centers and a failover and so forth, you know, you had double the infrastructure. If you're financial services, it might even be triple the infrastructure. It was very complicated, very difficult. By going to the cloud, organizations can subscribe to disaster recovery as a service. And increasingly what we see is a new market of cyber recovery as a service. So being able to leverage those resources, to be able to have the forensic analysis available to them, to be able to have the other resources available that are on demand, and to have that plan in place to have those resources in place. I think what happens in a number of situations, Lisa, is that organizations think they're ready, but then all of a sudden they get hit, and all of a sudden they have to engage with outside consultants, or they have to bring in other experts, and that extends the time to recover that they have and it also complicates it. So if they have those resources in place, then they can simply turn them on, engage them, and get that recovery going as quickly as possible. >> So what do you think the big issue here is? Is it that these IPT practitioners, over 500 that you surveyed across 20 industries, this a global survey, do they they not know what they don't know? What's the overlying issue here? >> Yeah, I think that's right. You don't know what you don't know, and until you get into a specific attack, you know, there are so many different ways that organizations can be attacked. And, in fact, from this research that we found is that, in many cases, data exfiltration exceeds data corruption by about 50%. But when you think about that, the issue is, once I have your data, what are you going to do? I mean, there's no amount of recovery that is going to help. So organizations are either faced with paying the ransom to keep the data from perhaps being used on the dark web, or whatever, or simply saying no, and taking their chances. So best practice things like encryption, immutability, things like that that organizations can put into place. Certainly air gaps, having a solid backup foundation to where data is, you have a high recovery, high probability of recovery, things like that. Those are the kinds of things that organizations have to put into place, really as a baseline to assure that they can recover as fast as possible and not lose data in the event of a ransomware attack. >> Given some of the disconnect that you articulated, the stats that show so many think we are prepared, we've got a playbook, yet so many are being attacked, the vulnerabilities as the landscape, threat landscape, just gets more and more amorphous. What do you recommend organizations do? You talked to the IT practitioners, but does this go all the way up to the board level in terms of, hey guys, across every industry, we are vulnerable, this is going to happen. We've got to make sure that we are truly resilient and proactive? >> Yes, and in fact, what we found from this research is in more than 1/2 of cases, the CEO is directly involved in the recovery. So this is very much a C-suite issue. And if you look at the consequences of ransomware, it's not just the ransom, it's the lost productivity, it's the loss of revenue. It's the loss of customer faith and goodwill, and organizations that have been attacked have suffered those consequences, and many of them are permanent. So people at the board level, whether it's the CEO, the CFO, the CIO, the CSO, you know, whoever it is, they're extremely concerned about these. And I can tell you, they are fully engaged in addressing those issues within their organization. >> So all the way at the top, and critically important, business critical for any industry. I imagine some industries may be a little bit more vulnerable than others, financial services, healthcare, education. We've just seen a big attack in Los Angeles County. But in terms of establishing data resilience, you mentioned ransomware isn't going anywhere, it's a big business, it's very profitable. But what is IDC's prediction where ransomware is concerned? Do you think that organizations, if they truly adopt cloud and SaaS-based technologies, can they get to a place where the C-suite doesn't have to be involved to the point where they really actually have a functioning playbook? >> I don't know if we'll ever get to the point where the C-suite is not involved. It's probably very important to have that level of executive sponsorship. But what we are seeing is, in fact, we predict that by 2025, 55% of organizations will have shifted to a cloud-centric strategy for their data resilience. And the reason we say that is, you know, workloads on premises aren't going away. So that's the core. We have an increasing number of workloads in the cloud and at the edge, and that's really where the growth is. So being able to take that cloud-centric model and take advantage of cloud resources like immutable storage, being able to move data from region to region inexpensively and easily, and to be able to take that cloud-centric perspective and apply it on premises as well as in the cloud and at the edge is really where we believe that organizations are shifting their focus. >> Got it, we're just cracking the surface here, Phil. I wish we had more time, but I had a chance to read the Druva-sponsored IDC white paper. Fascinating finds. I encourage all of you to download that, take a read. You're going to learn some very interesting statistics and recommendations for how you can really truly deploy data resilience in your organization. Phil, it's been a pleasure to have you on the program. Thank you for joining me. >> No problem. Thank you, Lisa. >> In a moment, John Furrier will be here with his next guest. For right now, I'm Lisa Martin, and you are watching theCUBE, the leader in live tech coverage. >> We live in a world of infinite data. Sprawling, dispersed, valuable, but also vulnerable. So how do organizations achieve data resiliency when faced with ever expanding workloads, increasing security threats, and intensified regulations? Unfortunately, the answer often boils down to what flavor of complexity do you like best? The common patchwork approaches are expensive, convoluted, and difficult to manage. There's multiple software and hardware vendors to worry about, different deployments for workloads running on-premises or in the cloud. And an inconsistent security framework resulting in enterprises maintaining four to five copies of the same data, increasing costs and risk, building to an incoherent mess of complications. Now, imagine a world free from these complexities. Welcome to the the Druva Data Resiliency Cloud, where full data protection and beautiful simplicity converge. No hardware, no upgrades, no management, just total data resilience. With just a few clicks, you can get started integrating all of your data resiliency workflows in minutes. Through a true cloud experience built on Amazon Web Services, the Druva platform automates and manages critical daily tasks, giving you time to focus on your business. In other words, get simplicity, scalability, and security instantly. With the Druva Data Resiliency Cloud, your data isn't just backed up, it's ready to be used 24/7 to meet compliance needs and to extract critical insights. You can archive data for long-term retention, be protected against device failure and natural disasters, and recover from ransomware lightning fast. Druva is trusted with billions of backups annually by thousands of enterprises, including more than 60 of the Fortune 500, costing up to 50% less than the convoluted hardware, software, and appliance solutions. As data grows and becomes more critical to your business advantage, a data resiliency plan is vital, but it shouldn't be complicated. Druva makes it simple. (upbeat music) (mouse clicks) >> Welcome back, everyone, to theCUBE and the Druva special presentation of "Why Ransomware isn't Your Only Problem." I'm John Furrier, host of theCUBE. We're here with W Curtis Preston, Curtis Preston, as he's known in the industry, Chief Technical Evangelist at Druva. Curtis, great to see you. We're here at "Why Ransomware isn't Your Only Problem." Great to see you, thanks for coming on. >> Happy to be here. >> So we always see each other at events now events are back. So it's great to have you here for this special presentation. The white paper from IDC really talks about this in detail. I'd like to get your thoughts, and I'd like you to reflect on the analysis that we've been covering here in this survey data, how it lines up with the real world that you're seeing out there. >> Yeah, I think it's, the survey results really, I'd like to say, I'd like to say that they surprised me, but unfortunately, they didn't. The data protection world has been this way for a while where there's this difference in belief, or difference between the belief and the reality. And what we see is that there are a number of organizations that have been hit, successfully hit by ransomware, paid the ransom and/or lost data, and yet the same people that were surveyed, they had high degrees of confidence in their backup system. And, you know, I could probably go on for an hour as to the various reasons why that would be the case, but I think that this long running problem that as long as I've been associated with backups, which, you know, has been a while, it's that problem of, you know, nobody wants to be the backup person. And people often just, they don't want to have anything to do with the backup system, and so it sort of exists in this vacuum. And so then management is like, "Oh, the backup system's great," because the backup person often, you know, might say that it's great because maybe it's their job to say so. But the reality has always been very, very different. >> It's funny, you know. "We're good, boss, we got this covered." >> Yeah, it's all good, it's all good. >> And the fingers crossed, right? So again, this is the reality, and as it becomes backup and recovery, which we've talked about many times on theCUBE, certainly we have with you before, but now with ransomware, also, the other thing is people get ransomware hit multiple times. So it's not only like they get hit once, so, you know, this is a constant chasing the tail on some ends, but there are some tools out there, You guys have a solution, and so let's get into that. You know, you have had hands-on backup experience. What are the points that surprise you the most about what's going on in this world and the realities of how people should be going forward? What's your take? >> Well, I would say that the one part in the survey that surprised me the most was people that had a huge, you know, there was a huge percentage of people that said that they had, you know, a ransomware response, you know, and readiness program. And you look at that, and how could you be, you know, that high a percentage of people be comfortable with their ransomware readiness program, which includes a number of things, right? There's the cyberattack aspect of responding to a ransomware attack, and then there's the recovery aspect. And so you believe that your company was ready for that, and then you go, and I think it was 67% of the people in the survey paid the ransom, which as a person who, you know, has spent my entire career trying to help people successfully recover their data, that number, I think, just hurt me the most is that because, you talked about re-infections. The surest way to guarantee that you get re-attacked and reinfected is to pay the ransom. This goes back all the way to ransom since the beginning of time, right? Everyone knows if you pay the blackmail, all you're telling people is that you pay blackmail. >> You're in business, you're a good customer >> Yeah, yeah, exactly. >> for ransomware. >> Yeah, so the fact that, you know, 60, what, 2/3 of the people that were attacked by ransomware paid the ransom. That one statistic just hurt my heart. >> Yeah, and I think this is the reality. I mean, we go back, and even the psychology of the practitioners was, you know, it's super important to get backup and recovery, and that's been around for a long time, but now that's an attack vector, okay? And there's dollars involved, like I said, I'm joking, but there's recurring revenue for the bad guys if they know you're paying up and if you're stupid enough not to change your tooling. So again, it works both ways. So I got to ask you, why do you think so many owners are unable to successfully respond after an attack? Is it because, they know it's coming, I mean, they're not that dumb. I mean, they have to know it's coming. Why aren't they responding successfully to this? >> I think it's a litany of things, starting with that aspect that I mentioned before, that nobody wants to have anything to do with the backup system, right? So nobody wants to be the one to raise their hand because if you're the one that raises their hand, "You know, that's a good idea, Curtis, why don't you look into that?" Nobody wants to be- >> Where's that guy now? He doesn't work here anymore. Yeah, I hear where you coming from. >> Exactly. >> It's psychology (indistinct) >> Yeah, so there's that. But then the second is that because of that, no one's looking at the fact that backups are the attack vector. They become the attack vector. And so because they're the attack vector, they have to be protected as much, if not more than the rest of the environment. The rest of the environment can live off of Active Directory and, you know, and things like Okta, so that you can have SSO and things like that. The backup environment has to be segregated in a very special way. Backups have to be stored completely separate from your environment. The login and authentication and authorization system needs to be completely separate from your typical environment. Why? Because if that production environment is compromised, now knowing that the attacks or that the backup systems are a significant portion of the attack vector, then if the production system is compromised, then the backup system is compromised. So you've got to segregate all of that. And I just don't think that people are thinking about that. You know, and they're using the same backup techniques that they've used for many, many years. >> So what you're saying is that the attack vectors and the attackers are getting smarter. They're saying, "Hey, we'll just take out the backup first so they can't backup. So we got the ransomware." It makes sense. >> Yeah, exactly. The largest ransomware group out there, the Conti ransomware group, they are specifically targeting specific backup vendors. They know how to recognize the backup servers. They know how to recognize where the backups are stored, and they are exfiltrating the backups first, and then deleting them, and then letting you know you have ransom. >> Okay, so you guys have a lot of customers. They all kind of have the same problem. What's the patterns that you're seeing? How are they evolving? What are some of the things that they're implementing? What is the best practice? >> Well, again, you've got to fully segregate that data, and everything about how that data is stored and everything about how that data's created and accessed, there are ways to do that with other, you know, with other commercial products. You can take a standard product and put a number of layers of defense on top of it, or you can switch to the way Druva does things, which is a SaaS offering that stores your data completely in the cloud in our account, right? So your account could be completely compromised. That has nothing to do with our account. It's a completely different authentication and authorization system. You've got multiple layers of defense between your computing environment and where we store your backups. So basically, what you get by default with the way Druva stores your backups is the best you can get after doing many, many layers of defense on the other side and having to do all that work. With us, you just log in and you get all of that. >> I guess, how do you break the laws of physics? I guess that's the question here. >> Well, because that's the other thing is that by storing the data in the cloud, and I've said this a few times, you get to break the laws of physics, and the only way to do that is time travel. (both laughing) So yes, so Druva has time travel. And this is a Curtisism, by the way, I don't think this is our official position, but the idea is that the only way to restore data as fast as possible is to restore it before you actually need it, and that's kind of what I mean by time travel, in that you, basically, you configure your DR, your disaster recovery environment in Druva one time, and then we are pre-restoring your data as often as you tell us to do, to bring your DR environment up to the, you know, the current environment as quickly as we can so that in a disaster recovery scenario, which is part of your ransomware response, right? Again, there are many different parts, but when you get to actually restoring the data, you should be able to just push a button and go. The data should already be restored. And that's the way that you break the laws of physics is you break the laws of time. >> (laughs) Well, all right, everyone wants to know the next question, and this is a real big question is, are you from the future? >> (laughs) Yeah. Very much the future. >> What's it like in the future, backup, recovery? How does it restore? Is it air gapping everything? >> Yeah, well, it's a world where people don't have to worry about their backups. I like to use the phrase get out of the backup business, just get into the restore business. You know, I'm a grandfather now, and I love having a granddaughter, and I often make the joke that if I'd have known how great grandkids were, I would've skipped straight to them, right? Not possible. Just like this. Recoveries are great. Backups are really hard. So in the future, if you use a SaaS data protection system and data resiliency system, you can just do recoveries and not have to worry about backups. >> Yeah, and what's great about your background is you've got a lot of historical perspective. You've seen that, the waves of innovation. Now it really is about the recovery and real time. So a lot of good stuff going on. And got to think automated, things got to be rocking and rolling. >> Absolutely. Yeah. I do remember, again, having worked so hard with many clients over the years, back then, we worked so hard just to get the backup done. There was very little time to work on the recovery. And I really, I kid you not, that our customers don't have to do all of those things that all of our competitors have to do to, you know, to break, to try to break the laws of physics, I've been fighting the laws of physics my entire career, to get the backup done in the first place, then to secure all the data, and to air gap it and make sure that a ransomware attack isn't going to attack it. Our customers get to get straight to a fully automated disaster recovery environment that they get to test as often as possible and they get to do a full test by simply pressing a single button. And you know, I wish everybody had that ability. >> Yeah, I mean, security's a big part of it. Data's in the middle of it all. This is now mainstream, front lines, great stuff. Curtis, great to have you on, bring that perspective, and thanks for the insight. Really appreciate it. >> Always happy to talk about my favorite subject. >> All right, we'll be back in a moment. We'll have Stephen Manley, the CTO, and Anjan Srinivas, the GM and VP of Product Management will join me. You're watching theCUBE, the leader in high tech enterprise coverage. >> Ransomware is top of mind for everyone. Attacks are becoming more frequent and more sophisticated. It's a problem you can't solve alone anymore. Ransomware is built to exploit weaknesses in your backup solution, destroying data, and your last line of defense. With many vendors, it can take a lot of effort and configuration to ensure your backup environment is secure. Criminals also know that it's easy to fall behind on best practices like vulnerability scans, patches, and updates. In fact, 42% of vulnerabilities are exploited after a patch has been released. After an attack, recovery can be a long and manual process that still may not restore clean or complete data. The good news is that you can keep your data safe and recover faster with the Druva Data Resiliency Cloud on your side. The Druva platform functions completely in the cloud with no hardware, software, operating system, or complex configurations, which means there are none of the weaknesses that ransomware commonly uses to attack backups. Our software as a service model delivers 24/7/365 fully managed security operations for your backup environment. We handle all the vulnerability scans, patches, and upgrades for you. Druva also makes zero trust security easy with built-in multifactor authentication, single sign-on, and role-based access controls. In the event of an attack, Druva helps you stop the spread of ransomware and quickly understand what went wrong with built-in access insights and anomaly detection. Then you can use industry first tools and services to automate the recovery of clean, unencrypted data from the entire timeframe of the attack. Cyberattacks are a major threat, but you can make protection and recovery easy with Druva. (electronic music) (upbeat music) (mouse clicks) >> Welcome back, everyone, to theCUBE's special presentation with Druva on "Why Ransomware isn't Your Only Problem." I'm John Furrier, host of theCUBE. Our next guests are Stephen Manley, Chief Technology Officer of Druva, and Anjan Srinivas, who is the General Manager and Vice President of Product Management at Druva. Gentlemen, you got the keys to the kingdom, the technology, ransomware, data resilience. This is the topic. The IDC white paper that you guys put together with IDC really kind of nails it out. I want to get into it right away. Welcome to this segment. I really appreciate it. Thanks for coming on. >> Great to be here, John. >> So what's your thoughts on the survey's conclusion? Obviously, the resilience is huge. Ransomware continues to thunder away at businesses and causes a lot of problems, disruption. I mean, it's endless ransomware problems. What's your thoughts on the conclusion? >> So I'll say the thing that pops out to me is, on the one hand, everybody who sees the survey and reads it is going to say, "Well, that's obvious." Of course, ransomware continues to be a problem. Cyber resilience is an issue that's plaguing everybody. But I think when you dig deeper and there's a lot of subtleties to look into, but one of the things that I hear on a daily basis from the customers is, it's because the problem keeps evolving. It's not as if the threat was a static thing to just be solved and you're done. Because the threat keeps evolving, it remains top of mind for everybody because it's so hard to keep up with what's happening in terms of the attacks. >> And I think the other important thing to note, John, is that people are grappling with this ransomware attack all of a sudden where they were still grappling with a lot of legacy in their own environment. So they were not prepared for the advanced techniques that these ransomware attackers were bringing to market. It's almost like these ransomware attackers had a huge leg up in terms of technology that they had in their favor while keeping the lights on was keeping IT away from all the tooling that they needed to do. A lot of people are even still wondering, when that happens next time, what do I even do? So clearly not very surprising. Clearly, I think it's here to stay, and I think as long as people don't retool for a modern era of data management, this is going to to stay this way. >> Yeah, I hear this all the time in our CUBE conversations with practitioners. It's kind of like the security pro, give me more tools, I'll buy anything that comes in the market, I'm desperate. There's definitely attention, but it doesn't seem like people are satisfied with the tooling that they have. Can you guys share kind of your insights into what's going on in the product side? Because, you know, people claim that they have tools at crime points of recovery opportunities, but they can't get there. So it seems to be that there's a confidence problem here in the market. How do you guys see that? 'cause I think this is where the rubber meets the road with ransomware 'cause it is a moving train, it's always changing, but it doesn't seem there's confidence. Can you guys talk about that? What's your reaction? >> Yeah, let me jump in first, and Stephen can add to it. What happens is, I think this is a panic buying and they have accumulated this tooling now just because somebody said they could solve your problem, but they haven't had a chance to take a real look from a ground up perspective to see where are the bottlenecks? Where are the vulnerabilities? And which tooling set needs to lie where? Where does the logic need to reside? And what, in Druva, we are watching people do and people do it successfully, is that as they have adopted Druva technology, which is ground up built for the cloud, and really built in a way which is, you know, driven at a data insight level where we have people even monitoring our service for anomalies and activities that are suspicious. We know where we need to play a role in really kind of mitigating this ransomware, and then there's a whole plethora of ecosystem players that kind of combine to really finish the story, so to say, right? So I think this has been a panic buying situation. This is like, "Get me any help you can give me." And I think as this settles down and people really understand that longer term as they really build out a true defense mechanism, they need to think really ground up. They will start to really see the value of technologies like Druva, and try to identify the right set of ecosystem to really bring together to solve it meaningfully. >> Yes, Stephen? >> I was going to say, I mean, one of the the really interesting things in the survey for me, and for a moment, a little more than a moment, it made me think was that the large number of respondents who said, "I've got a really efficient, well-run back environment," who, then, on basically the next question said, "And I have no confidence that I can recover from a ransomware attack." And you scratch your head and you think, "Well, if your backup environment is so good, why do you have such low confidence?" And I think that's the moment when we dug deeper and we realized, if you've got a traditional architecture, and let's face it, the disk-based architecture's been around for almost two decades now, in terms of disk-based backup, you can have that tuned to the hilt. That can be running as efficiently as you want it, but it was built before the ransomware attacks, before all these cyber issues, you know, really start hitting companies. And so I have this really well-run traditional backup environment that is not at all built for these modern threat vectors. And so that's really why customers are saying, "I'm doing the best I can," but as Anjan pointed out, the architecture, the tooling isn't there to support what problems I need to solve today. >> Yeah, great point. >> And so, yeah. >> Well, that's a great point. Before we get into the customer side I want to get to in second, you know, I interviewed Jaspreet, the founder and CEO many years ago, even before the pandemic, and you mentioned modern. You guys have always had the cloud with Druva. This is huge. Now that you're past the pandemic, what is that modern cloud edge that you guys have? 'Cause that's a great point. A lot of stuff was built kind of backup and recovery bolted on, not really kind of designed into the current state of the infrastructure and the cloud native application modern environment we're seeing right now. It's a huge issue. >> I think, to me there's three things that come up over and over and over again as we talk to people in terms of, you know, being built in cloud, being cloud native, why is it an advantage? The first one is security and ransomware. And we can go deeper, but the most obvious one that always comes up is every single backup you do with Druva is air gapped, offsite, managed under a separate administrative domain so that you're not retrofitting any sort of air gap network and buying another appliance or setting up your own cloud environment to manage this. Every backup is ransomware protected, guaranteed. The second advantage is the scalability. And you know, this certainly plays into account as your business grows, or, in some cases, as you shrink or repurpose workloads, you're only paying for what you use. But it also plays a big role, again, when you start thinking of ransomware recoveries because we can scale your recovery in cloud, on premises as much or as little as you want. And then I think the third one is we're seeing, basically, things evolving, new workloads, data sprawl, new threat vectors. And one of the nice parts of being a SaaS service in the cloud is we're able to roll out new functionality every two weeks and there's no upgrade cycle, there's no waiting. The customer doesn't have to say, "Wow, I needed six months in the lab before I upgrade it and it's an 18-month, 24-month cycle before the functionality releases. You're getting it every two weeks, and it's backed by Druva to make sure it works. >> Anjan, you know, you got the product side, you know, it's a challenging job 'cause you have so many customers asking for things, probably on the roadmap, you probably can go an hour for that one, but I want to get your thoughts on what you're hearing and seeing from customers. We just reviewed the IDC with Phil. How are you guys responding to your customer's needs? Because it seems that it's highly accelerated, probably on the feature requests, but also structurally as ransomware continues to evolve. What are you hearing? What's the key customer need? How are you guys responding? >> Yeah, actually, I have two things that I hear very clearly when I talk to customers. One, I think, after listening to their security problems and their vulnerability challenges, because we see customers and help customers who are getting challenged by ransomware on a weekly basis. And what I find that this problem is not just a technology problem, it's an operating model problem. So in order to really secure themselves, they need a security operating model and a lot of them haven't figured out that security operating model in totality. Now where we come in, as Druva, is that we are providing them the cloud operating model and a data protection operating model, combined with a data insights operating model which all fit into their overall security operating model that they are really owning and they need to manage and operate, because this is not just about a piece of technology. On top of that, I think our customers are getting challenged by all the same challenges of not just spending time on keeping the lights on, but innovating faster with less. And that has been this age old problem, do more with less. But in this whole, they're like trying to innovate in the middle of the war, so to say. The war is happening, they're getting attacked, but there's also net new shadow IT challenges that's forcing them to make sure that they can manage all the new applications that are getting developed in the cloud. There is thousands of SaaS applications that they're consuming, not knowing which data is critical to their success and which ones to protect and govern and secure. So all of these things are coming at them at 100 miles per hour, while they're just trying to live one day at a time. And unless they really develop this overall security operating model, helped by cloud native technologies like Druva that really providing them a true cloud native model of really giving like a touchless and an invisible protection infrastructure. Not just beyond backups, beyond just the data protection that we all know of into this mindset of kind of being able to look at where each of those functionalities need to lie. That's where I think they're grappling with. Now Druva is clearly helping them with keep up to pace with the public cloud innovations that they need to do and how to protect data. We just launched our EC2 offering to protect EC2 virtual machines back in AWS, and we are going to be continuing to evolve that to further the many services that public cloud software 'cause our customers are really kind of consuming them at breakneck speed. >> So new workloads, new security capabilities. Love that. Good call out there. Stephen, there's still the issue of the disruption side of it. You guys have a guarantee. There's a cost of ownership as you get more tools. Can you talk about that angle of it? You got new workloads, you got the new security needs, what's the disruption impact? 'Cause you want to avoid that. How much is it going to cost you? And you guys have this guarantee, can you explain that? >> Yeah, absolutely. So Druva launched our $10 million data resiliency guarantee. And for us, there were really two key parts to this. The first obviously is $10 million means that, you know, again, we're willing to put our money where our mouth is, and that's a big deal, right? That we're willing to back this with the guarantee. But then the second part, and this is the part that I think reflects that sort of model that Anjan was talking about. We sort of look at this and we say the goal of Druva is to do the job of protecting and securing your data for you so that you, as a customer, don't have to do it anymore. And so the guarantee actually protects you against multiple types of risks, all with SLAs. So everything from your data's going to be recoverable in the case of a ransomware attack. Okay, that's good. Of course, for it to be recoverable, we're also guaranteeing your backup success rate. We're also guaranteeing the availability of the service. We're guaranteeing that the data that we're storing for you can't be compromised or leaked externally, and we're guaranteeing the long-term durability of the data so that if you backup with us today and you need to recover 30 years from now, that data's going to be recovered. So we wanted to really attack the end-to-end risks that affect our customers. Cybersecurity is a big deal, but it is not the only problem out there, and the only way for this to work is to have a service that can provide you SLAs across all of the risks, because that means, as a SaaS vendor, we're doing the job for you so you're buying results as opposed to technology. >> That's great. Great point. Ransomware isn't the only problem. That's the title of this presentation, but it's a big one. (laughs) People are concerned about it, so great stuff. In the last five minutes, guys, if you don't mind, I'd love to have you share what's on the horizon for Druva? You mentioned the new workloads, Anjan. You mentioned this new security. You're going to shift left. DevOps is now the developer model. They're running IT. Get data and security teams now stepping in and trying to be as high velocity as possible for the developers and enterprises. What's on the horizon for Druva? What trends is the company watching, and how are you guys putting that together to stay ahead in the marketplace and the competition? >> Yeah, I think, listening to our customers, what we realize is they need help with the public cloud, number one. I think that's a big wave of consumption. People are consolidating their data centers, moving to the public cloud. They need help in expanding data protection, which becomes the basis of a lot of the security operating model that I talked about. They need that first, from Druva, before they can start to get into much more advanced level of insights and analytics around that data to protect themselves and secure themselves and do interesting things with that data. So we are expanding our coverage on multiple fronts there. The second key thing is to really bring together a very insightful presentation layer, which, I think, is very unique to Druva because only we can look at multiple tenants, multiple customers because we are a SaaS vendor, and look at insights and give them best practices and guidances and analytics that nobody else can give. There's no silo anymore because we are able to take a good big vision view and now help our customers with insights that otherwise that information map is completely missing. So we are able to guide them down a path where they can optimize which workloads need what kind of protection, and then how to secure them. So that is the second level of insights and analytics that we are building. And there's a whole plethora of security offerings that we are going to build, all the way from a feature level where we have things like (audio distorts) that's already available to our customers today to prevent any anomalous behavior and attacks that would delete their backups and then they still have a way to recover from it, but also things to curate and get back to that point in time where it is safe to recover and help them with a sandbox which they can recover confidently knowing it's not going to jeopardize them again and reinfect the whole environment again. So there's a whole bunch of things coming, but the key themes are public cloud, data insights, and security, and that's where my focus is, to go and get those features delivered, and Stephen can add a few more things around services that Stephen is looking to build and launch. >> Sure, so, yeah, so John, I think one of the other areas that we see just an enormous groundswell of interest. So public cloud is important, but there are more and more organizations that are running hundreds, if not thousands of SaaS applications, and a lot of those SaaS applications have data. So there's the obvious things, like Microsoft 365, Google Workspace, but we're also seeing a lot of interest in protecting Salesforce because, if you think about it, if someone you know deletes some really important records in Salesforce, that's actually kind of the record of your business. And so, we're looking at more and more SaaS application protection, and really getting deep in that application awareness. It's not just about backup and recovery when you look at something like a Salesforce, or something like Microsoft 365. You do want to look into sandboxing, you want to look into long-term archival, because this is the new record of the business. What used to be in your on-premises databases, that all lives in cloud and SaaS applications now. So that's a really big area of investment for us. The second one, just to echo what Anjan said is, one of the great things of being a SaaS provider is I have metadata that spans across thousands of customers and tens of billions of backups a year. I'm tracking all sorts of interesting information that is going to enable us to do things like make backups more autonomous so that customers, again, I want to do the job for them. We'll do all the tuning, we'll do all the management for them to be able to better detect ransomware attacks, better respond to ransomware attacks, because we're seeing across the globe. And then, of course, being able to give them more insight into what's happening in their data environment so they can get a better security posture before any attack happens. Because, let's face it, if you can set your data up more cleanly, you're going to be a lot less worried and a lot less exposed when that attack happens. So we want to be able to, again, cover those SaaS applications in addition to the public cloud, and then we want to be able to use our metadata and use our analytics and use this massive pipeline we've got to deliver value to our customers. Not just charts and graphs, but actual services that enable them to focus their attention on other parts of the business. >> That's great stuff. >> And remember, John, I think all this while keeping things really easy to consume, consumer grade UI, APIs, and then really the power of SaaS as a service, simplicity to kind of continue on, amongst kind of keeping these complex technologies together. >> Anjan, that's a great callout. I was going to mention ease of use and self-service. Big part of the developer and IT experience. Expected. It's the table stakes. Love the analytic angle, I think that brings the scale to the table, and faster time to value to get to learn best practices. But at the end of the day, automation, cross-cloud protection and security to protect and recover. This is huge, and this is a big part of not only just protecting against ransomware and other things, but really being fast and being agile. So really appreciate the insights. Thanks for sharing on this segment, really under the hood and really kind of the value of the product. Thanks for coming on, appreciate it. >> Thank you very much. >> Okay, there it is. You have the experts talk about under the hood, the product, the value, the future of what's going on with Druva, and the future of cloud native protecting and recovering. This is what it's all about. It's not just ransomware they have to worry about. In a moment, Dave Vellante will give you some closing thoughts on the subject here. You're watching theCUBE, the leader in high tech enterprise coverage. >> As organizations migrate their business processes to multi-cloud environments, they still face numerous threats and risks of data loss. With a growing number of cloud platforms and fragmented applications, it leads to an increase in data silos, sprawl, and management complexity. As workloads become more diverse, it's challenging to effectively manage data growth, infrastructure, and resource costs across multiple cloud deployments. Using numerous backup vendor solutions for multiple cloud platforms can lead to management complexity. More importantly, the lack of centralized visibility and control can leave you exposed to security vulnerabilities, including ransomware that can cripple your business. The Druva Data Resiliency Cloud is the only 100% SaaS data resiliency platform that provides centralized, secure, air gapped, and immutable backup and recovery. With Druva, your data is safe with multiple layers of protection and is ready for fast recovery from cyberattacks, data corruption, or accidental data loss. Through a simple, easy to manage platform, you can seamlessly protect fragmented, diverse data at scale, across public clouds, and your business critical SaaS applications. Druva is the only 100% SaaS vendor that can manage, govern, and protect data across multiple clouds and business critical SaaS applications. It supports not just backup and recovery, but also data resiliency across high value use cases, such as e-discovery, sensitive data governance, ransomware, and security. No other vendor can match Druva for customer experience, infinite scale, storage optimization, data immutability, and ransomware protection. The Druva Data Resiliency Cloud, your data, always safe, always ready. Visit druva.com today to schedule a free demo. (upbeat music) >> One of the big takeaways from today's program is that in the scramble to keep business flowing over the past 2+ years, a lot of good technology practices have been put into place, but there's much more work to be done, specifically, because the frequency of attacks is on the rise and the severity of lost, stolen, or inaccessible data is so much higher today, business resilience must be designed into architectures and solutions from the start. It cannot be an afterthought. Well, actually it can be, but you won't be happy with the results. Now, part of the answer is finding the right partners, of course, but it also means taking a system's view of your business, understanding the vulnerabilities and deploying solutions that can balance cost efficiency with appropriately high levels of protection, flexibility, and speed slash accuracy of recovery. Here we hope you found today's program useful and informative. Remember, this session is available on demand in both its full format and the individual guest segments. All you got to do is go to thecube.net, and you'll see all the content, or you can go to druva.com. There are tons of resources available, including analyst reports, customer stories. There's this cool TCO calculator. You can find out what pricing looks like and lots more. Thanks for watching "Why Ransomware isn't Your Only Problem," made possible by Druva, in collaboration with IDC and presented by theCUBE, your leader in enterprise and emerging tech coverage. (upbeat music)

>>Hey everyone, welcome to this cube conversation. I'm your host Lisa Martin, and I have the pleasure of welcoming back our most prolific guest on the cube in its history, the CMO of Fin Ad, Eric Herzog. Eric, it's great to see you. Welcome back, >>Lisa. It's great to be here. Love being on the cube. I think this might be number 55 or 56. Been doing 'em a long time with the Cube. You guys are great. >>You, you have, and we always recognize you lately with the Hawaiian shirts. It's your brand that's, that's the Eric Hizo brand. We love it. But I like the pin, the infin nut pin on brand. Thank you. >>Yeah. Oh, gotta be on brand. >>Exactly. So talk about the current IT landscape. So much change we've seen in the last couple of years. Specifically, what are some of the big challenges that you are talking with enterprise customers and cloud service providers? About what, what are some of those major things on their minds? >>So there's a couple things. First of all is obviously with the Rocky economy and even before covid, just for storage in particular, CIOs hate storage. I've been doing this now since 1986. I have never, ever, ever met a CIO at any company I've bid with. And I've been with four of the biggest storage companies on this planet. Never met a cio. Used to be a storage guy. So they know they need it, but boy, they really don't like it. So the storage admins have to manage more and more storage. Exabytes, exabytes, it just ballooning for what a storage admin has to do. Then you then have the covid and is it recession? No. Is it a growth? And then clearly what's happened in the last year with what's going on in Europe and the, is it a recession, the inflation. So they're always looking to, how do we cut money on storage yet still get what we need for our applications, workloads, and use cases. So that's definitely the biggest, the first topic. >>So never met a CIO that was a storage admin or as a fan, but as you point out, they need it. And we've seen needs changing in customer landscapes, especially as the threat landscape has changed so dramatically the last couple of years. Ransomware, you've said it before, I say it too. It's no longer if it's when it's how often. It's the frequency. We've gotta be able to recover. Backups are being targeted. Talk to me about some of, in that landscape, some of the evolutions of customer challenges and maybe those CIOs going, We've gotta make sure that our, our storage data is protected. >>So it's starting to change. However, historically with the cio and then when they started hiring CISOs or security directors, whatever they had, depending on the company size, it was very much about protecting the edge. Okay, if you will, the moat and the wall of the castle. Then it was the network in between. So keep the streets inside the castle clean. Then it was tracking down the bad guy. So if they did get over, the issue is, if I remember correctly, the sheriff of Nottingham never really caught Robinhood. So the problem is the dwell time where the ransomware malware's hidden on storage could be as much as 200 days. So I think they're starting to realize at the security level now, forget, forget the guys on the storage side, the security guys, the cso, the CIO, are starting to realize that if you're gonna have a comprehensive cybersecurity strategy, must include storage. And that is new >>That, well, that's promising then. That's new. I mean obviously promising given the, the challenges and the circumstances. So then from a storage perspective, customers that are in this multi-cloud hybrid cloud environment, you talked about the the edge cloud on-prem. What are some of the key things from a storage perspective that customers have to achieve these days to be secure as data volumes continue to grow and spread? >>So what we've done is implement on both primary storage and secondary storage and technology called infin safe. So Infin Safe has the four legs of the storage cyber security stool. So first of all is creating an air gap. In this case, a logical air gap can be local or remote. We create an immutable snapshot, which means it can't be changed, it can't be altered, so you can't change it. We have a fenced forensic environment to check out the storage because you don't wanna recover. Again, malware and rans square can is hidden. So you could be making amenable snapshots of actually malware, ransomware, and never know you're doing it right. So you have to check it out. Then you need to do a rapid recovery. The most important thing if you have an attack is how fast can you be up and going with recovery? So we have actually instituted now a number of cyber storage security guarantees. >>We will guarantee the SLAs on a, the snapshot is absolutely immutable. So they know that what they're getting is what they were supposed to be getting. And then also we are guaranteeing recovery times on primary storage. We're guaranteeing recovery of under one minute. We'll make the snapshot available under one minute and on secondary storage under 20 minutes. So those are things you gotta look for from a security perspective. And then the other thing you gotta practice, in my world, ransomware, malware, cyber tech is basically a disaster. So yes, you got the hurricane, yes, you got the flood, yes, you got the earthquake. Yes, you got the fire in the building. Yes you got whatever it may be. But if you don't practice malware, ransomware, recoveries and protection, then it might as well be a hurricane or earthquake. It will take your data, >>It will take your data on the numbers of customers that pay ransom is pretty high, isn't it? And and not necessarily able to recover their data. So it's a huge risk. >>So if you think about it, the government documented that last year, roughly $6 trillion was spent either protecting against ransomware and malware or paying ransomware attacks. And there's been several famous ones. There was one in Korea, 72 million ransom. It was one of the Korea's largest companies. So, and those are only the ones that make the news. Most of 'em don't make the news. Right. >>So talk to me then, speaking and making the news. Nobody wants to do that. We, we know every industry is vulnerable to this. Some of the ones that might be more vulnerable, healthcare, government, public sector education. I think the Los Angeles Unified School district was just hit as well in September. They >>Were >>What, talk to me about how infin out is helping customers really dial down the risk when the threat actors are becoming more and more sophisticated? >>Well, there's a couple things. First of all, our infin safe software comes free on our main product. So we have a product called infin Guard for Secondary Storage and it comes for free on that. And then our primary storage product's called the Infin Box. It also comes for free. So they don't have to use it, but we embed it. And then we have reference architectures that we give them our ses, our solutions architects and our technical advisors all up to speed on why they should do it, how they should do it. We have a number of customers doing it. You know, we're heavily concentrated the global Fortune 2000, for example, we publicly announced that 26% of the Fortune 50 use our technology, even though we're a small company. So we go to extra lengths to a B, educated on our own front, our own teams, and then B, make sure they portray that to the end users and our channel partners. But the end users don't pay a dime for the software that does what I just described, it's free, it's included when you get you're Infin box or you're ingar, it's included at no charge. >>That's pretty differentiating from a competitive standpoint. I might, I would guess >>It is. And also the guarantee. So for example, on primary storage, okay, whether you'd put your Oracle or put your SAP or I Mongo or your sequel or your highly transactional workloads, right? Your business finance workload, all your business critical stuff. We are the first and only storage company that offers a primary guarantee on cyber storage resilience. And we offer two of them on primary storage. No other vendor offers a guarantee, which we do on primary storage. Whether you the first and right now as of here we are sitting in the middle of October. We are still the only vendor that offers anything on primary storage from a guaranteed SLA on primary storage for cyber storage resilience. >>Let's talk about those guarantees. Walk me through what you just announced. There's been a a very, a lot of productivity at Infin DAT in 2022. A lot of things that you've announced but on crack some of the things you're announcing. Sure. Talk to me specifically about those guarantees and what's in it for me as a customer. It sounds pretty obvious, but I'd love to hear it from you. >>Okay, so we've done really three different types of guarantees. The first one is we have a hundred percent availability guarantee on our primary storage. And we've actually had that for the last, since 2019. So it's a hundred percent availability. We're guaranteed no downtime, a hundred percent availability, which for our customer base being heavily concentrated, the global Fortune 2000 large government enterprises, big universities and even smaller companies, we do a lot of business with CSPs and MSPs. In fact, at the Flash Memory Summit are Infin Box ssa All Flash was named the best product for hyperscaler deployment. Hyperscaler basically means cloud servers provider. So they need a hundred percent availability. So we have a guarantee on that. Second guarantee we have is a performance guarantee. We'll do an analysis, we look at all their workloads and then we will guarantee in writing what the performance should be based on which, which of our products they want to buy are Infin Box or Infin Box ssa, which is all flash. >>Then we have the third one is all about cyber resilience. So we have two on our Infin box, our Infin box SSA for primary storage, which is a one the immutability of the snapshot and immediately means you can't erase the data. Right? Camp tamper with it. Second one is on the recovery time, which is under a minute. We just announced in the middle of October that we are doing a similar cyber storage resilience guarantee on our ARD secondary product, which is designed for backup recovery, et cetera. We will also offer the immutably snapshot guarantee and also one on the recoverability of that data in under 20 minutes. In fact, we just did a demo at our live launch earlier this week and we demoed 20 petabytes of Veeam backup data recovered in 12 minutes. 12 >>Minutes 2012. >>20 petabytes In >>12 bytes in 12 minutes. Yes. That's massive. That's massively differentiating. But that's essential for customers cuz you know, in terms of backups and protecting the data, it's all about recovery >>A and once they've had the attack, it's how fast you get back online, right? That that's what happens if they've, if they can't stop the attack, can't stop the threat and it happens. They need to get that back as fast as they can. So we have the speed of recovery on primary stores, the first in the industry and we have speed on the backup software and we'll do the same thing for a backup data set recovery as well. Talk >>To me about the, the what's in it for me, For the cloud service providers, they're obviously the ones that you work with are competing with the hyperscalers. How does the guarantees and the differentiators that Fin out is bringing to market? How do you help those cloud SPS dial up their competitiveness against the big cheeses? >>Well, what we do is we provide that underlying infrastructure. We, first of all, we only sell things that are petabyte in scale. That's like always sell. So for example, on our in fitter guard product, the raw capacity is over four petabytes. And the effective capacity, cuz you do data reduction is over 85 petabytes on our newest announced product, on our primary storage product, we now can do up to 17 petabytes of effective capacity in a single rack. So the value to the service rider is they can save on what slots? Power and floor. A greener data center. Yeah, right. Which by the way is not just about environmentals, but guess what? It also translate into operational expense. >>Exactly. CapEx office, >>With a lot of these very large systems that we offer, you can consolidate multiple products from our competitors. So for example, with one of the competitors, we had a deal that we did last quarter 18 competitive arrays into one of ours. So talk about saving, not just on all of the operational expense, including operational manpower, but actually dramatically on the CapEx. In fact, one of our Fortune 500 customers in the telco space over the last five years have told us on CapEx alone, we've saved them $104 million on CapEx by consolidating smaller technology into our larger systems. And one of the key things we do is everything is automated. So we call it autonomous automation use AI based technology. So once you install it, we've got several public references who said, I haven't touched this thing in three or four years. It automatically configures itself. It automatically adjusts to changes in performance and new apps. When I put in point a new app at it automatically. So in the old days the storage admin would optimize performance for a new application. We don't do that, we automatically do it and autonomously the admin doesn't even click a button. We just sense there's new applications and we automate ourselves and configure ourselves without the admin having to do anything. So that's about saving operational expense as well as operational manpower. >>Absolutely. I was, one of the things that was ringing in my ear was workforce productivity and obviously those storage admins being able to to focus on more strategic projects. Can't believe the CIOs aren't coming around yet. But you said there's, there's a change, there's a wave coming. But if we think about the the, the what's in it for me as a customer, the positive business outcomes that I'm hearing, lower tco, your greener it, which is key. So many customers that we talk to are so focused on sustainability and becoming greener, especially with an on-prem footprint, workforce productivity. Talk about some of the other key business outcomes that you're helping customers achieve and how it helps them to be more competitive. >>Sure. So we've got a, a couple different things. First of all, storage can't go down. When the storage goes down, everyone gets blamed. Mission. When an app goes down, no one really thinks about it. It's always the storage guy's fault. So you want to be a hundred percent available. And that's today's businesses, and I'd actually argue it's been this way for 20 years are 24 by seven by 365. So that's one thing that we deliver. Second thing is performance. So we have public references talk about their SAP workload that used to take two hours, now takes 20 minutes, okay? We have another customer that was doing SAP queries. They improved their performance three times, Not 3%, not 3%, three times. So 300% better performance just by using our storages. They didn't touch the sap, they didn't touch the servers. All they do is to put our storage in there. >>So performance relates basically to applications, workloads and use cases and productivity beyond it. So think the productivity of supply chain guys, logistics guys, the shipping guys, the finance guys, right? All these applications that run today's enterprises. So we can automate all that. And then clearly the cyber threat. Yeah, that is a huge issue. And every CIO is concerned about the cyber threat. And in fact, it was interesting, Fortune magazine did a survey of CEOs, and this was last May, the number one concern, 66% in that may survey was cyber security number one concern. So this is not just a CIO thing, this is a CEO thing and a board level >>Thing. I was gonna say it's at at the board level that the cyber security threats are so real, they're so common. No one wants to be the next headline, like the colonial pipeline, right? Or the school districts or whatnot. And everybody is at risk. So then what you're enabling with what you've just announced, the all the guarantees on the SLAs, the massively fast recovery times, which is critical in cyber recovery. Obviously resilience is is key there. Modern data protection it sounds like to me. How do you define that and and what are customers looking for with respect to modern cyber resilience versus data protection? >>Yeah, so we've got normal data protection because we work with all the backup vendors. Our in ARD is what's known as a purpose built backup appliance. So that allows you to back at a much faster rate. And we work all the big back backup vendors, IBM spectrum Protect, we work with veritas vem com vault, oracle arm, anybody who does backup. So that's more about the regular side, the traditional backup. But the other part of modern data protection is infusing that with the cyber resilience. Cuz cyber resilience is a new thing. Yes, from a storage guy perspective, it hasn't been around a long time. Many of our competitors have almost nothing. One or two of our competitors have a pretty robust, but they don't guarantee it the way we guarantee it. So they're pretty good at it. But the fact that we're willing to put our money where our mouth is, we think says we price stand above and then most of the other guys in the storage industry are just starting to get on the bandwagon of having cyber resilience. >>So that changes what you do from data protection, what would call modern data protection is a combination of traditional backup recovery, et cetera. Now with this influence and this infusion of cybersecurity cyber resilience into a storage environment. And then of course we've also happened to add it on primary storage as well. So whether it's primary storage or backup and archive storage, we make sure you have that right cyber resilience to make it, if you will, modern data protection and diff different from what it, you know, the old backup of your grandfather, father, son backup in tape or however you used to do it. We're well beyond that now we adding this cyber resilience aspect. Well, >>From a cyber resilience perspective, ransomware, malware, cyber attacks are, that's a disaster, right? But traditional disaster recovery tools aren't really built to be able to pull back that data as quickly as it sounds like in Trinidad is able to facilitate. >>Yeah. So one of the things we do is in our reference architectures and written documentation as well as when we do the training, we'd sell the customers you need to practice, if you practice when there's a fire, a flood, a hurricane, an earthquake or whatever is the natural disaster you're practicing that you need to practice malware and ran somewhere. And because our recovery is so rapid and the case of our ingar, our fenced environment to do the testing is actually embedded in it. Several of our competitors, if you want the fenced environment, you have to buy a second product with us. It's all embedded in the one item. So A, that makes it more effective from a CapEx and opex perspective, but it also makes it easier. So we recommend that they do the practice recoveries monthly. Now whether they do it or not separate issue, but at least that's what we're recommending and say, you should be doing this on a monthly basis just like you would practice a disaster, like a hurricane or fire or a flood or an earthquake. Need to be practicing. And I think people are starting to hear it, but they don't still think more about, you know, the flood. Yeah. Or about >>The H, the hurricane. >>Yeah. That's what they think about. They not yet thinking about cybersecurity as really a disaster model. And it is. >>Absolutely. It is. Is is the theme of cyber resilience, as you said, this is a new concept, A lot of folks are talking about it, applying it differently. Is that gonna help dial up those folks just really being much more prepared for that type of cyber disaster? >>Well, we've made it so it's automated. Once you set up the immutable snapshots, it just does its thing. You don't set it and forget it. We create the logical air back. Once you do it, same thing. Set it and forget it. The fence forensic environment, easy to deploy. You do have to just configure it once and then obviously the recovery is almost instantaneous. It's under a minute guaranteed on primary storage and under 20 minutes, like I told you when we did our launch this week, we did 20 petabytes of Veeam backup data in 12 minutes. So that's pretty incredible. That's a lot of data to have recovered in 12 minutes. So the more automated we make it, which is what our real forte is, is this autonomous automation and automating as much as possible and make it easy to configure when you do have to configure. That's what differentiates what we do from our perspective. But overall in the storage industry, it's the recognition finally by the CISOs and the CIOs that, wait a second, maybe storage might be an essential part of my corporate cybersecurity strategy. Yes. Which it has not been historically, >>But you're seeing that change. Yes. >>We're starting to see that change. >>Excellent. So talk to me a little bit before we wrap here about the go to market one. Can folks get their hands on the updates to in kindergar and Finn and Safe and Penta box? >>So all these are available right now. They're available now either through our teams or through our, our channel partners globally. We do about 80% of our business globally through the channel. So whether you talk to us or talk to our channel partners, we're there to help. And again, we put our money where your mouth is with those guarantees, make sure we stand behind our products. >>That's awesome. Eric, thank you so much for joining me on the program. Congratulations on the launch. The the year of productivity just continues for infinit out is basically what I'm hearing. But you're really going in the extra mile for customers to help them ensure that the inevitable cyber attacks, that they, that they're complete storage environment on prem will be protected and more importantly, recoverable Very quickly. We appreciate your insights and your input. >>Great. Absolutely love being on the cube. Thank you very much for having us. Of >>Course. It's great to have you back. We appreciate it. For Eric Herzog, I'm Lisa Martin. You're watching this cube conversation live from Palo Alto.

foreign [Music] my name is Savannah Peterson and I am very excited to be coming to you today from the cube in Palo Alto we're going to be talking about kubecon giving a little preview of the hype and what you might be able to expect in Detroit with the one and only co-founder and CEO of the cube and siliconangle John ferriere John hello how are you today thanks for hosting and doing the preview with me my goodness a pleasure I we got acquainted this time last year how do you think the ecosystem has changed are you excited well first of all I missed kubecon Valencia because I had covid I was so excited to be there this big trip plan and then couldn't make it but so much has gone on I mean we've been at every kubecon the cube was there at the beginning when openstack was still going on kubernetes just started came out of Google we were there having beers with Lou Tucker and a bunch of The Luminaries when it all kind of came together and then watch it year by year progress through and how it's changed the industry and mainly how open source has been really the wave behind it combining with the Linux foundation and then cncf and then open source movement and good kubernetes has been amazing and under it all containers has been the real driver and all this so you know Docker containers Docker was a well-funded company they had to Pivot and were restructured now they're pure open source so containers have gone Supernova on top of that kubernetes and with that's a complete ecosystem of opportunity to create the next operating system in in software development so to me kubecon is at the center of software software 2030 what do you want to call it super cloud it's that it's really action it's not where the old school is it's where the new school is excellent so what has you most excited this year what's the biggest change from this time last year and now well two things I'm looking at this year uh carefully both from an editorial lens and also from a sponsorship lenses where is the funding going on the sponsorships because again a very diverse ecosystem of Builders but also vendors so I'm going to see how that Dynamics going on but also on the software side a lot of white space going on in the stack or in the map if you will you know the run times you've got observability you got a lot of competition maybe projects might be growing some Rising some falling maybe merge together I'm going to see how that but there's a lot of white spaces developing so I'm curious to see what's new on that area and then service meshes is a big deal this year so I'm looking for what's going on so it's been kind of a I won't say cold war but kind of like uh you know where is this going to go and because it's a super important part of of the of the orchestration and managing containers and so be very interested to see how service mesh does istio and other versions out there have been around for a while so that and also the other controversy is the number of stars on GitHub a project may have so sometimes that carries a lot of weight but we're going to look at which ones are rising which ones are falling again um which ones are getting the most votes by the developers vote with their code yeah absolutely well we did definitely miss you down in Los Angeles but it will be great to be in Detroit what has you most excited do you think that we're going to see the number of people in person that we have in the past I know you've seen it since the beginning so I think this year is going to be explosive from that psychology angle because I think it was really weird because La was on they were a bold to make that move we're all there is first conference back it was a lot a lot of like badges don't touch me only handshakes fist pumps but it was at the beginning of the covid second wave right so it was kind of still not yet released where everyone's was not worried about it so I think it's in the past year in the past eight months I mean I've been places with no masks people have no masks Vegas other places so I think it's going to be a year where it will be a lot more people in person because the growth and the opportunities are so big it's going to drive a lot of people in person just like Amazon reinvent those yeah absolutely and as the most important and prominent event in the kubernetes space I think everyone's very excited to to get back together when we think about this space do you think there that anyone's the clear winner yet or do you think it's still a bit of a open territory in terms of the companies and Partnerships I think Red Hat has done a great job and they're you know I think they're going to see how well they can turn this into gold for them because they've positioned themselves very well open shift years ago was kind of waffling I won't say it in a bad way but like but once they got view on containers and kubernetes red has done an exceptional job in how they position their company being bought by ibms can be very interesting to see how that influences change so if Red Hat can stay red hat I think IBM will win I think customers that's one company I like the startups we're seeing companies like platform nine Rafi systems young companies coming out in the kubernetes as a service space because I think whoever can make kubernetes easier because I think that's the hard part right now even though that the show is called kubecon is a lot more than kubernetes I think the container layer what docker's doing has been exceptional that's the real action the question is how does that impact the kubernetes layers so kubernetes is not a done deal yet I think it hasn't really crossed the chasm yet it's certainly popular but not every company is adopting it so we're starting to see that we need to see more adoption of kubernetes seeing that happen it's going to decide who the winners are totally agree with that if you look at the data a lot of companies are and people are excited about kubernetes but they haven't taken the plunge to shifting over their stack or fully embracing it because of that complexity so I'm very curious to see what we learn this week about who those players might be moving forward how does it feel to be in Detroit when was the last time you were here I was there in 2007 was the last time I was in that town so uh we'll see what's like wow yeah but things have changed yeah the lions are good this year they've got great hockey goalies there so you know all right you've heard that sports fans let John know what you're thinking your Sports predictions for this season I love that who do you hope to get to meet while we're at the show I want to meet more end user customers we're gonna have Envoy again on the cube I think Red Hat was going to be a big sponsor this year they've been great um we're looking for end user project most looking for some editorial super cloud like um commentary because the cncf is kind of the developer Tech Community that's powering in my opinion this next wave of software development Cloud native devops is now Cloud native developers devops is kind of going away that's killed I.T in my opinion data and security Ops is the new kind of Ops the new it so it's good to see how devops turns into more of a software engineering meet supercloud so I think you're going to start to see the infrastructure become more programmable it's infrastructure as code so I think if anything I'm more excited to hear more stories about how infrastructure as code is now the new standard so if when that truly happens the super cloud model be kicking into high gear I love that let's you touched on it a little bit right there but I want to dig in a bit since you've been around since the beginning what is it that you appreciate or enjoy so much about the kubernetes community and the people around this I think there are authentic people and I think they're they're building they're also Progressive they're very diverse um they're open and inclusive they try stuff and um they can be critical but they're not jerks about it so when people try something um they're open-minded of a failure so it's a classic startup mentality I think that is embodied throughout the Linux Foundation but CNC in particular has to bridge the entrepreneurial and corporate Vibe so they've done an exceptional job doing that and that's what I like about this money making involved but there's also a lot of development and Innovation that comes out of it so the next big name and startup could come out of this community and that's what I hope to see coming out here is that next brand that no one's heard of that just comes out of nowhere and just takes a big position in the marketplace so that's going to be interesting to see hopefully we have on our stage there yeah that's the goal we're going to interview them all a year from now when we're sitting here again what do you hope to be able to say about this space or this event that we might not be able to say today I think it's going to be more of clarity around um the new modern software development techniques software next gen using AI more faster silicon chips you see Amazon with what they're doing the custom silicon more processing but I think Hardware matters we've been talking a lot about that I think I think it's we're going to shift from what's been innovative and what's changed I think I think if you look at what's been going on in the industry outside of crypto the infrastructure hasn't really changed much except for AWS what they've done so I'm expecting to see more Innovations at the physics level way down in the chips and then that lower end of the stack is going to be dominated by either one of the three clouds probably AWS and then the middle layer is going to be this where the abstraction is around making infrastructure as code really happen I think that's going to be Clarity coming out of this year next year we should have some visibility into the vertical applications and of the AI and machine learning absolutely digging in on that actually even more because I like what you're saying a lot what verticals do you think that kubernetes is going to impact the most looking even further out than say a year I mean I think that hot ones Healthcare fintech are obvious to get the most money they're spending I think they're the ones who are already kind of creating these super cloud models where they're actually changed over their their spending from capex to Opex and they're driving top line revenue as part of that so you're seeing companies that wants customers of the I.T vendors are now becoming the providers that's a big super cloud Trend we see the other verticals are going to be served by a lot of men in Surprise oil and gas you know all the classic versus Healthcare I mentioned that one those are the classic verticals retail is going to I think be massively huge as you get more into the internet of things that's truly internet based you're going to start to see a lot more Edge use cases so Telecom I think it's going to be completely disrupted by new brands so I think once that you see see how that plays out but all verticals are going to be disrupted just a casual statement to say yeah yeah no doubt in my mind that's great I'm personally really excited about the edge applications that are possible here and can't wait to see can't wait to see what happens next I'm curious as to your thoughts how based given your history here and we don't have to say number of years that you've been participating in in Cape Cod but give them your history what's the evolution looked like from that Community perspective when you were all just starting out having that first drink did you anticipate that we would be here with thousands of people in Detroit you know I knew the moment was happening around um 2017-2018 Dan Coney no longer with us he passed away I ran into him randomly in China and it was like what are you doing here he was with a bunch of Docker guys so they were already investing in so I knew that the cncf was a great Steward for this community because they were already doing the work Dan led a great team at that time and then they were they were they were kicking ass and they were just really setting the foundation they dig in they set the architecture perfectly so I knew that that was a moment that was going to be pretty powerful at the early days when we were talking about kubernetes before it even started we were always always talking about if this this could be the tcpip of of cloud then we could have kind of a de facto interoperability and Lou Tucker was working for Cisco at the time and we were called it interclouding inter-networking what that did during the the revolution Cloud yeah the revolution of the client server and PC Revolution was about connectivity and so tcpip was the disruptive enable that created massive amounts of wealth created a lot of companies created a whole generation of companies so I think this next inflection point is kind of happening right now I think kubernetes is one step of this abstraction layer but you start to see companies like snowflake who's built on AWS and then moved to multiple clouds Goldman Sachs Capital One you're going to see insurance companies so we believe that the rise of the super cloud is here that's going to be Cloud 3.0 that's software 3.0 it's software three what do you want to call it it's not yesterday's Cloud lift and shift and run a SAS application it's a true Enterprise digital digital transformation so that's that's kind of the trend that we see riding in now and so you know if you're not on that side of the street you're going to get washed away from that wave so it's going to be interesting to see how how it all plays out so it's fun to watch who's on the wrong side it is very fun I hope you all are listening to this really powerful advice from John he's dropping some serious knowledge bombs on us well holding the back for kubecon because we've got we got all the great guests coming on and that's where all the content comes from I mean the best part of the community is that they're sharing yeah absolutely so just for old time's sake and it's because it's how I met your fabulous team last year Define kubernetes for the audience kubernetes is like what someone said it was a magical Christmas I heard that was a well good explanation with that when I heard that one um you mean the technical definition or like the business definition or maybe both you can give us an interpretive dance if you'd like I mean the simplest way to describe kubernetes is an orchestration layer that orchestrates containers that are containing applications and it's a way to keep things running and runtime assembly of like the of the data so if you've got you're running containers you can containerize applications kubernetes gives you that capability to run applications at scale which feeds into uh the development uh cycle of the pipelining of apps so if you're writing applications and you want to scale up it's a fast way to stand up massive amounts of scale using containers and kubernetes so a variety of other things that are in the in the in the system too so that was pretty good there's a lot more under the hood but that's the oversimplified version I think that's what we were going for I think it's actually I mean it's harder to oversimplify it sometimes in this case it connects it connects well it's the connective tissue between all the container applications yes last question for you John we are here at the cube we're very excited to be headed to Detroit very soon what can people expect from the cube at coupon this year so we'll be broadcasting Wednesday Thursday and Friday we'll be there early I'll be there Monday and Tuesday we'll do our normal kind of hanging around getting some scoop on the on the ground floor you'll see us there Monday and Tuesday probably in the in the lounge too um come up and say hi to us um again we're looking for more stories this year we believe this is the year that you're going to hear a lot more storytelling coming out of this community as people get more proof points so come up to us share your email your your handle give us yours give us your story we'll publish it we think we think this is going to be the year that cloud native developers start showing the signs of the of the rise of the supercloud that's going to come out of this this community so you know if you got something to say you know we're open to share stories so we're here all that speaking of John how can people say hi to you and the team on Twitter at Furrier at siliconangle at thecube thecube.net siliconangle.com LinkedIn Dave vellantis they were open on all channels all right signal Instagram WhatsApp perfect well pick your channel we really hope to hear from you John thank you so much for joining us for this preview session and thank you for tuning in my name is Savannah Peterson here in Palo Alto at thecube Studios looking forward to Detroit we can't wait to hear your thoughts do let us know in the comments and let us know if you're headed to Michigan cheers [Music] thank you

>>The past two and a half years have seen a dramatic change in the security posture of virtually all organizations. By accelerating the digital business mandate, the isolation economy catalyzed a move toward cloud computing to support remote workers. This, we know this had several ripple effects on CISO and CIO strategies that were highly visible at the board of directors level. Now, the first major change was to recognize that the perimeter had suddenly been vaporized protection. As a result moved away from things like perimeter based firewalls toward more distributed endpoints, cloud security, and modern identity management. The second major change was a heightened awareness of the realities of ransomware. Ransomware as a service, for example, emerges a major threat where virtually anyone with access to critical data and criminal intentions could monetize corporate security exposures. The third major change was a much more acute understanding of how data protection needed to become a fundamental component of cybersecurity strategies. >>And more specifically, CIOs quickly realized that their business resilient strategies were too narrowly DR focused that their DR approach was not cost efficient and needed to be modernized. And that new approaches to operational resilience were needed to reflect the architectural and business realities of this new environment. Hello, and welcome to Why Ransomware isn't your Only Problem, a service of the Cube made possible by dva. And in collaboration with idc. I'm your host, Dave Ante, and today we're present a three part program. We'll start with the data. IDC recently conducted a global survey of 500 business technology practitioners across 20 industries to understand the degree to which organizations are aware of and prepared for the threats they face. In today's new world, IDC Research Vice President Phil Goodwin is here to share the highlights of the study and summarize the findings from a recent research report on the topic. >>After that, we're gonna hear from Curtis Preston, who's the Chief Technical Evangelist at Druva. I've known Curtis for decades. He's one of the world's foremost experts on backup and recovery, specifically in data protection. Generally. Curtis will help us understand how the survey data presented by IDC aligns with the real world findings from the field, from his point of view. And he'll discuss why so many organizations have failed to successfully recover from an attack without major pains and big costs, and how to avoid such operational disruptions and disasters. And then finally, we'll hear from the technical experts at dva, Steven Manly and Anja Serenas. Steven is a 10 time cubo and Chief technology officer at dva. And Anjan is vice president and general manager of product management at the company. And these individuals will specifically address how DVA is closing the gaps presented in the IDC survey through their product innovation. Or right now I'm gonna toss it to Lisa Martin, another one of the hosts for today's program. Lisa, over to you. >>Bill Goodwin joins me next, the VP of research at idc. We're gonna be breaking down what's going on in the threat landscape. Phil, welcome to the program. It's great to have you back on the cube. >>Hey, Lisa, it's great to be here with you. >>So talk to me about the state of the global IT landscape as we see cyber attacks massively increasing, the threat landscape changing so much, what is IDC seeing? >>You know, you, you really hit the, the top topic that we find from IT organizations as well as business organizations. And really it's that digital resilience that that ransomware that has everybody's attention, and it has the attention not just of the IT people, but of the business people alike, because it really does have profound effects across the organization. The other thing that we're seeing, Lisa, is really a move towards cloud. And I think part of that is driven by the economics of cloud, which fundamentally changed the way that we can approach disaster recovery, but also is accelerated during the pandemic for all the reasons that people have talked about in terms of work from home and so on. And then really the third thing is the economic uncertainty. And this is relatively new for 2022, but within idc we've been doing a lot of research around what are those impacts going to be. And what we find people doing is they want greater flexibility, they want more cost certainty, and they really want to be able to leverage those cloud economics to be, have the scale, upper scale, down on demand nature of cloud. So those are in a nutshell, kind of the three things that people are looking at. >>You mentioned ransomware, it's a topic we've been talking about a lot. It's a household word these days. It's now Phil, no longer if we're gonna get attacked. It's when it's how often it's the severity. Talk about ransomware as a priority all the way up the stack to the C-suite. And what are they trying to do to become resilient against it? >>Well, what, what some of the research that we did is we found that about 77% of organizations have digital resilience as a, as a top priority within their organization. And so what you're seeing is organizations trying to leverage things to become more, more resilient, more digitally resilient, and to be able to really hone in on those kinds of issues that are keeping keeping them awake at night. Quite honestly, if you think about digital resilience, it really is foundational to the organization, whether it's through digital transformation or whether it's simply data availability, whatever it might happen to be. Digital resilience is really a, a large umbrella term that we use to describe that function that is aimed at avoiding data loss, assuring data availability, and helping the organization to extract value from their data >>And digital resilience, data resilience as every company these days has to be a data company to be competitive, digital resilience, data resilience. Are you using those terms interchangeably or data resilience to find as something a little bit different? >>Well, sometimes yeah, that we do get caught using them when, when one is the other. But data resilience is really a part of digital resilience, if you think about the data itself and the context of of IT computing. So it really is a subset of that, but it is foundational to IT resilience. You, you really, you can't have it resilience about data resilience. So that, that's where we're coming from on it >>Inextricably linked and it's becoming a corporate initiative, but there's some factors that can complicate digital resilience, data resilience for organizations. What are some of those complications that organizations need to be aware of? >>Well, one of the biggest is what, what you mentioned at the, at the top of the segment. And, and that is the, the area of ransomware, the research that we found is about 46% of organizations have been hit within the last three years. You know, it's kind of interesting how it's changed over the years. Originally being hit by ransomware had a real stigma attached to it. Organizations didn't want to admit it, and they really avoided confronting that. Nowadays, so many people have been hit by it, that that stigma has gone. And so really it is becoming more of a community kind of effort as people try to, to defend against these ransoms. The other thing about it is it's really a lot like whackamole. You know, they attack us in one area and and, and we defend against it. They, so they attack us in another area and we defend against it. >>And in fact, I had a, an individual come up to me at a show not long ago and said, You know, one of these days we're gonna get pretty well defended against ransomware and it's gonna go away. And I responded, I don't think so because we're constantly introducing new systems, new software, and introducing new vulnerabilities. And the fact is ransomware is so profitable, the bad guys aren't gonna just fade into the night without giving it a a lot of fight. So I really think that ransomware is one of those things that here is here for the long term and something that we, we have to address and have to get proactive about. >>You mentioned some stats there and, and recently IDC and DVA did a white paper together that really revealed some quite shocking results. Talk to me about some of the things. Let, let's talk a little bit about the demographics of the survey and then talk about what was the biggest finding there, especially where it's concern concerning ransomware. >>Yeah, this, this was a worldwide study. It was sponsored by DVA and conducted by IDC as an independent study. And what we did, we surveyed 500 is a little over 500 different individuals across the globe in North America select countries in in western Europe, as well as several in, in Asia Pacific. And we did it across industries with our 20 different industries represented. They're all evenly represented. We had surveys that included IT practitioners, primarily CIOs, CTOs, VP of of infrastructure, you know, managers of data centers, things like that. And the, and the biggest finding that we had in this, Lisa, was really finding that there is a huge disconnect, I believe, between how people think they are ready and what the actual results are when they, when they get attacked. Some of the, some of the statistics that we learned from this, Lisa, include 83% of organizations believe or tell, told us that they have a, a playbook that, that they have for ransomware. >>I think 93% said that they have a high degree or a high or very high degree of confidence in their recovery tools and, and are fully automated. And yet when you look at the actual results, you know, I told you a moment ago, 46% have been attacked successfully. I can also tell you that in separate research, fewer than a third of organizations were able to fully recover their data without paying the ransom. And some two thirds actually had to pay the ransom. And even when they did, they didn't necessarily achieve their full recovery. You know, the bad guys aren't, aren't necessarily to be trusted. And, and so the software that they provide sometimes is, is fully recovered. Sometimes it's not. So you look at that and you go, Wow. On, on the one hand, people think they're really, really prepared, and on the other hand, the results are, are absolutely horrible. >>You know, two thirds of people having, having to pay their ransom. So you start to ask yourself, well, well, what is, what's going on there? And I believe that a lot of it comes down to, kind of reminds me of the old quote from Mike Tyson. Everybody has a plan until they get punched in the mouth. And I think that's kind of what happens with ransomware. You, you think you know what you're, you're doing, you think you're ready based on the information you have. And these people are smart people and, and they're professionals, but oftentimes you don't know what you don't know. And like I say, the bad guys are always dreaming up new ways to attack us. And so I think for that reason, a lot of these have been successful. So that was kind of the key finding to me in kind of the aha moment really in this whole thing. Lisa, >>That's a massive disconnect with the vast majority saying we have a cyber recovery playbook, yet nearly half being the victims of ransomware in the last three years, and then half of them experiencing data loss. What is it then that organizations in this situation across any industry can do to truly enable cyber resilience data resilience as it's, as we said, this is a matter of this is gonna happen just a matter of when and how often >>It it is a matter, Yeah, as you said, it's not if when or, or how often. It's really how badly. So I think what organizations are really do doing now is starting to turn more to cloud-based services. You know, finding professionals who know what they're doing, who have that breadth of experience and who have seen the kinds of, of necessary steps that it takes to do a recovery. And the fact of the matter is a disaster recovery and a cyber recovery are really not the same thing. And so organizations need to be able to, to plan the kinds of recovery associated with cyber recovery in terms of forensics, in terms of, of scanning, in terms of analysis and so forth. So they're, they're turning to professionals in the cloud much more in order to get that breadth of experience and, and to take advantage of cloud based services that are out there. >>Talk to me about some of the key advantages of cloud-based services for data resilience versus traditional legacy on-prem equipment. What are some of the advantages? Why are is IDC seeing this big shift to cloud where, where data resilience is concerned? >>Well, the first and foremost is the economics of it. You know, you can, you can have on demand resources. And in the old days when we had disaster recoveries where there we had two different data centers and a failover and so forth, you know, you had double the infrastructure. If your financial services, it might even be triple, the infrastructure is very complicated, very difficult by going to the cloud. Organizations can subscribe to disaster recovery as a service. It increasingly what we see is a new market of cyber recovery as a service. So being able to leverage those resources to be able to have the forensic analysis available to them, to be able to have the other resources available that are on demand, and to have that plan in place to have those resources in place. I think what happens in a number of situations, Lisa, is that that organizations think they're ready, but then all of a sudden they get hit and all of a sudden they have to engage with outside consultants or they have to bring in other experts and that, and that extends the time to recover that they have and it also complicates it. >>So if they have those resources in place, then they can simply turn them on, engage them, and get that recover going as quickly as possible. >>So what do you think the big issue here is, is it that these, these I p T practitioners over 500 that you surveyed across 20 industries is a global survey? Do they not know what they don't know? What's the the overlying issue here? >>Yeah, I think that's right. It's, you don't know what you don't know and until you get into a specific attack, you know, there, there are so many different ways that, that organizations can be attacked. And in fact, from this research that we found is that in many cases, data exfiltration exceeds data corruption by about 50%. And when you think about that, the, the issue is, once I have your data, what are you gonna do? I mean, there's no amount of recovery that is gonna help. So organizations are either faced with paying the ransom to keep the data from perhaps being used on the dark web or whatever, or simply saying no and, and taking their chances. So best practice things like encryption, immutability, you know, things like that that organizations can put into place. Certainly air gaps. Having a, a solid backup foundation to, to where data is you have a high recovery, high probability of recovery, things like that. Those are the kinds of things that organizations have to put into place really is a baseline to assure that they can recover as fast as possible and not lose data in the event of a ransomware attack. >>Given some of the, the, the disconnect that you articulated, the, the stats that show so many think we are prepared, we've got a playbook, yet so many are being, are being attacked. The vulnerabilities and the, and the, as the, the landscape threat landscape just gets more and more amorphous. Why, what do you recommend organizations? Do you talk to the IT practitioners, but does this go all the way up to the board level in terms of, hey guys, across every industry, we are vulnerable, this is gonna happen, we've gotta make sure that we are truly resilient and proactive? >>Yes, and in fact, what we found from this research is in more than half of cases, the CEO is directly involved in the recovery. So this is very much a C-suite issue. And if you look at the, the, the consequences of ransom where it's not just the ransom, it's the loss productivity, it's, it's the loss of, of revenue. It's, it's the loss of, of customer faith and, and, and goodwill and organizations that have been attacked have, have suffered those consequences. And, and many of them are permanent. So people at the board level where it's, whether it's the ceo, the cfo, the cio, the c cso, you know, whoever it is, they're extremely concerned about these. And I can tell you they are fully engaged in addressing these issues within their organization. >>So all the way at the top critically important, business critical for any industry. I imagine some industries may be a little bit more vulnerable than others, financial services, healthcare, education, we've just seen big attack in Los Angeles County. But in terms of establishing data resilience, you mentioned ransomware isn't going anywhere, It's a big business business, it's very profitable. But what is IDCs prediction where ransomware is concerned? Do you think that organizations, if they truly adopt cloud and status based technologies, can they get to a place where the C-suite doesn't have to be involved to the point where they're, they really actually have i i functioning playbook? >>I i, I don't know if we'll ever get to the point where the CCC C suite is not involved. It's probably very important to have that, that level of executive sponsorship. But, but what we are seeing is, in fact, we predicted by 20 25, 50 5% of organizations we'll have shifted to a cloud centric strategy for their data resilience. And the reason we say that is, you know, workloads on premises aren't going away. So that's the core. We have an increasing number of workloads in the cloud and, and at the edge, and that's really where the growth is. So being able to take that cloud centric model and take advantage of, of cloud resources like immutable storage, being able to move data from region to region inexpensively and easily and, and to be able to take that cloud centric perspective and apply it on premises as well as in the cloud and at the edge is really where we believe that organizations are shifting their focus. >>Got it. We're just cracking the surface here. Phil, I wish we had more time, but I had a chance to read the Juba sponsored IDC White paper. Fascinating finds. I encourage all of you to download that, Take a read, you're gonna learn some very interesting statistics and recommendations for how you can really truly deploy data resilience in your organization. Phil, it's been a pleasure to have you on the program. Thank you for joining >>Me. No problem. Thank you, Lisa. >>In a moment, John Furrier will be here with his next guest. For right now, I'm Lisa Martin and you are watching the Cube, the leader in live tech coverage. >>We live in a world of infinite data, sprawling, dispersed valuable, but also vulnerable. So how do organizations achieve data resiliency when faced with ever expanding workloads, increasing security threats and intensified regulations? Unfortunately, the answer often boils down to what flavor of complexity do you like best? The common patchwork approaches are expensive, convoluted, and difficult to manage. There's multiple software and hardware vendors to worry about different deployments for workloads running on premises or in the cloud. And an inconsistent security framework resulting in enterprises maintaining four of five copies of the same data, increasing costs and risk building to an incoherent mess of complications. Now imagine a world free from these complexities. Welcome to the dr. A data resiliency cloud where full data protection and beautiful simplicity converge. No hardware, no upgrades, no management, just total data resili. With just a few clicks, you can get started integrating all of your data resiliency workflows in minutes. >>Through a true cloud experience built on Amazon web services, the DR A platform automates and manages critical daily tasks giving you time to focus on your business. In other words, get simplicity, scalability, and security instantly with the dr A data resiliency cloud, your data isn't just backed up, it's ready to be used 24 7 to meet compliance needs and to extract critical insights. You can archive data for long term retention, be protected against device failure and natural disasters, and recover from ransomware lightning fast. DVA is trusted with billions of backups annually by thousands of enterprises, including more than 60 of the Fortune 500 costing up to 50% less in the convoluted hardware, software, and appliance solutions. As data grows and becomes more critical to your business advantage, a data resiliency plan is vital, but it shouldn't be complicated. Dr. A makes it simple. >>Welcome back everyone to the cube and the drew of a special presentation of why ransomware isn't your only problem. I'm John Furrier, host of the Cube. We're here with w Curtis Preston. Curtis Preston, he known in the industry Chief Technical Evangelist at Druva. Curtis, great to see you. We're here at why ransomware isn't your only problem. Great to see you. Thanks for coming on. >>Happy to be here. >>So we always see each other events now events are back. So it's great to have you here for this special presentation. The white paper from IDC really talks about this in detail. I to get your thoughts and I'd like you to reflect on the analysis that we've been covering here and the survey data, how it lines up with the real world that you're seeing out there. >>Yeah, I think it's the, the survey results really, I'd like to say, I'd like to say that they surprised me, but unfortunately they didn't. The, the, the, the data protection world has been this way for a while where there's this, this difference in belief or difference between the belief and the reality. And what we see is that there are a number of organizations that have been hit successfully, hit by ransomware, paid the ransom and, and, and or lost data. And yet the same people that were surveyed, they had to high degrees of confidence in their backup system. And I, you know, I, I could, I could probably go on for an hour as to the various reasons why that would be the case, but I, I think that this long running problem that as long as I've been associated with backups, which you know, has been a while, it's that problem of, you know, nobody wants to be the backup person. And, and people often just, they, they, they don't wanna have anything to do with the backup system. And so it sort of exists in this vacuum. And so then management is like, oh, the backup system's great, because the backup person often, you know, might say that it's great because maybe it's their job to say so. But the reality has always been very, very different. >>It's funny, you know, we're good boss, we got this covered. Good, >>It's all good, it's all good, >>You know, and the fingers crossed, right? So again, this is the reality and, and, and as it becomes backup and recovery, which we've talked about many times on the cube, certainly we have with you before, but now with ransomware also, the other thing is people get ransomware hit multiple times. So it's not, not only like they get hit once, so, you know, this is a constant chasing the tail on some ends, but there are some tools out there, You guys have a solution. And so let's get into that. You know, you have had hands on backup experience. What are the points that surprised you the most about what's going on in this world and the realities of how people should be going forward? What's your take? >>Well, I would say that the, the, the one part in the survey that surprised me the most was people that had a huge, you know, that there, there was a huge percentage of people that said that they had a, a, a, you know, a a a ransomware response, you know, in readiness program. And you look at that and you, how could you be, you know, that high percentage of people be comfortable with their ransomware readiness program and a, you know, which includes a number of things, right? There's the cyber attack aspect of responding to a ransomware attack, and then there's the recovery aspect. And so your, you believe that your company was ready for that, and then you go, and I, I think it was 67% of the people in the survey paid the ransom, which as, as a person who, you know, has spent my entire career trying to help people successfully recover their data, that number I think just hurt me the most is that because you, you talked about re infections, the surest way to guarantee that you get rein attacked and reinfected is to pay the ransom. This goes back all the way ransom since the beginning of time, right? Everyone knows if you pay the blackmail, all you're telling people is that you pay blackmail and >>You're in business, you're a good customer arr for ransomware. >>Yeah. So the, the fact that, you know, 60 what two thirds of the people that were attacked by ransomware paid the ransom. That one statistic just, just hurt my heart. >>Yeah. And I think this is the reality. I mean, we go back and even the psychology of the practitioners was, you know, it's super important to get back in recovery and that's been around for a long time, but now that's an attack vector, okay? And there's dollars involved, like I said, the arr joking, but there's recurring revenue for the, for the bad guys if they know you're paying up and if you're stupid enough not to change, you're tooling, right? So, so again, it works both ways. So I gotta ask you, why do you think so many are unable to successfully respond after an attack? Is it because they know it's coming? I mean, I mean, they're not that dumb. I mean, they have to know it's coming. Why aren't they responding and successfully to this? >>I I think it's a, it's a litany of thing starting with the, that aspect that I mentioned before, that nobody wants to have anything to do with the backup system, right? So nobody wants to be the one to raise their hand because if, if you're the one that raises their hand, you know what, that's a good idea, Curtis, why don't you look into that? Right. Nobody, nobody wants to be, Where's >>That guy now? He doesn't work here anymore. Yeah, but I I I hear where you come from exactly. Psychology. >>Yeah. So there, there's that. But then the second is that because of that, no one's looking at the fact that backups are the attack vector. They, they, they become the attack vector. And so because they're the attack vector, they have to be protected as much, if not more than the rest of the environment. The rest of the environment can live off of active directory and, you know, and things like Okta, so that you can have SSO and things like that. The backup environment has to be segregated in a very special way. Backups have to be stored completely separate for from your environment. The login and authentication and authorization system needs to be completely separate from your typical environment. Why? Because if you, if that production environment is compromised now knowing that the attacks or that the backup systems are a significant portion of the attack vector, then you've, if, if the production system is compromised, then the backup system is compromised. So you've got to segregate all of that. And I, and I just don't think that people are thinking about that. Yeah. You know, and they're using the same backup techniques that they've used for many, many years. >>So what you're saying is that the attack vectors and the attackers are getting smarter. They're saying, Hey, we'll just take out the backup first so they can backup. So we got the ransomware it >>Makes Yeah, exactly. The the largest ransomware group out there, the KTI ransomware group, they are specifically targeting specific backup vendors. They know how to recognize the backup servers. They know how to recognize where the backups are stored, and they are exfiltrating the backups first and then deleting them and then letting you know you have ransom. >>Okay, so you guys have a lot of customers, they all kind of have the same this problem. What's the patterns that you're seeing? How are they evolving? What are some of the things that they're implementing? What is the best practice? >>Well, again, you, you've got to fully segregate that data. There are, and, and everything about how that data is stored and everything about how that data's created and accessed. There are ways to do that with other, you know, with other commercial products, you can take a, a, a standard product and put a number of layers of defense on top of it, or you can switch to the, the way Druva does things, which is a SAS offering that stores your data completely in the cloud in our account, right? So your account could be completely compromised. That has nothing to do with our account. And the, the, it's a completely different authentication and authorization system. You've got multiple layers of defense between your computing environment and where we store your backups. So basically what you get by default with the, the way juva stores your backups is the best you can get after doing many, many layers of defense on the other side and having to do all that work with us. You just log in and you get all of that. >>I guess how do, how do you break the laws of physics? I guess that's the question here. >>Well, when, because that's the other thing is that by storing the data in the cloud, we, we do, and I've said this a few times, that you get to break the laws of physics and the, the only way to do that is to, is time travel and what, that's what it, so yeah, so Druva has time travel. What, and this is a criticism by the way. I don't think this is our official position, but Yeah. But the, the idea is that the only way to restore data as fast as possible is to restore it before you actually need it. And that's what kind of what I mean by time travel in that you basically, you configure your dr your disaster recovery environment in, in DVA one time. And then we are pre restoring your data as often as you tell us to do, to bring your DR environment up to the, you know, the, the current environment as quickly as we can so that in a disaster recovery scenario, which is part of your ransomware response, right? Again, there are many different parts, but when you get to actually restoring the data, you should be able to just push a button and go the, the data should already be restored. And that's the, i that's the way that you break the laws of physics is you break the laws of time. >>Well, I, everyone wants to know the next question, and this is the real big question, is, are you from the future? >>Yeah. Very much the future. >>What's it like in the future? Backup recovery as a restore, Is it air gaping? Everything? >>Yeah. It, it, it, Well it's a world where people don't have to worry about their backups. I I like to use the phrase, get outta the backup business. Just get into the ReSTOR business. I I, you know, I'm, I'm a grandfather now and I, and I love having a granddaughter and I often make the joke that if I don't, if I'd have known how great grandkids were, I would've skipped straight to them, right? Not possible. Just like this. Recoveries are great. Backups are really hard. So in the future, if you use a SAS data protection system and data resiliency system, you can just do recoveries and not have to worry about >>Backups. Yeah. And what's great about your background is you've got a lot of historical perspective. You've seen that been in the ways of innovation now it's really is about the recovery and real time. So a lot of good stuff going on. And God think automated thingss gotta be rocking and rolling. >>Absolutely. Yeah. I do remember, again, having worked so hard with many clients over the years, back then, we worked so hard just to get the backup done. There was very little time to work on the recovery. And I really, I kid you not that our customers don't have to do all of those things that all of our competitors have to do to, you know, to, to break, to try to break the laws of physics. I've been fighting the laws of physics my entire career to get the backup done in the first place. Then to secure all the data, right to air gap it and make sure that a ransomware attack isn't going to attack it. Our customers get to get straight to a fully automated disaster recovery environment that they get to test as often as possible and they get to do a full test by simply pressing a single button. And you know, I, I wish that, I wish everybody had that ability. >>Yeah, I mean, security's a big part of it. Data's in the middle of it all. This is now mainstream front lines. Great stuff Chris, great to have you on, bring that perspective and thanks for the insight. Really >>Appreciate it. Always happy to talk about my favorite subject. >>All right, we'll be back in a moment. We'll have Steven Manley, the cto and on John Shva, the GM and VP of Product Manage will join me. You're watching the cube, the leader in high tech enterprise coverage. >>Ransomware is top of mind for everyone. Attacks are becoming more frequent and more sophisticated. It's a problem you can't solve alone anymore. Ransomware is built to exploit weaknesses in your backup solution, destroying data and your last line of defense. With many vendors, it can take a lot of effort and configuration to ensure your backup environment is secure. Criminals also know that it's easy to fall behind on best practices like vulnerability, scans, patches and updates. In fact, 42% of vulnerabilities are exploited after a patch has been released after an attack. Recovery can be a long and manual process that still may not restore clean or complete data. The good news is that you can keep your data safe and recover faster with the DR A data resiliency cloud on your side. The DR A platform functions completely in the cloud with no hardware, software, operating system, or complex configurations, which means there are none of the weaknesses that ransomware commonly uses to attack backups. >>Our software as a service model delivers 24 7 365 fully managed security operations for your backup environment. We handle all the vulnerability scans, patches and upgrades for you. DVA also makes zero trust security easy with builtin multifactor authentication, single sign-on and role-based access controls in the event of an attack. Druva helps you stop the spread of ransomware and quickly understand what went wrong. With builtin access insights and anomaly detection, then you can use industry first tools and services to automate the recovery of clean unencrypted data from the entire timeframe of the attack. Cyber attacks are a major threat, but you can make protection and recovery easy with dva. >>Welcome back everyone to the Cubes special presentation with DVA on why ransomware isn't your only problem. I'm John er, host of the Cube. Our next guest are Steven Manley, Chief Technology Officer of dva and I, John Trini VAs, who is the general manager and vice president of product management and Druva. Gentleman, you got the keys to the kingdom, the technology, ransomware, data resilience. This is the topic, the IDC white paper that you guys put together with IDC really kind of nails it out. I want to get into it right away. Welcome to this segment. I really appreciate it. Thanks for coming on. >>Great to be here John. >>So what's your thoughts on the survey's conclusion? I've obviously the resilience is huge. Ransomware is continues to thunder away at businesses and causes a lot of problems. Disruption, I mean just it's endless ransomware problems. What's your thoughts on the con conclusion? >>So I'll say the, the thing that pops out to me is, is on the one hand, everybody who sees the survey, who reads, it's gonna say, well that's obvious. Of course ransomware continues to be a problem. Cyber resilience is an issue that's plaguing everybody. But, but I think when you dig deeper and there and there's a lot of subtleties to look into, but, but one of the things that, that I hear on a daily basis from the customers is it's because the problem keeps evolving. It, it's not as if the threat was a static thing to just be solved and you're done because the threat keeps evolving. It remains top of mind for everybody because it's so hard to keep up with with what's happening in terms of the attacks. >>And I think the other important thing to note, John, is that people are grappling with this ransomware attack all of a sudden where they were still grappling with a lot of legacy in their own environment. So they were not prepared for the advanced techniques that these ransomware attackers were bringing to market. It's almost like these ransomware attackers had a huge leg up in terms of technology that they had in their favor while keeping the lights on was keeping it away from all the tooling that needed to do. A lot of people are even still wondering when that happens next time, what do I even do? So clearly not very surprising. Clearly I think it's here to stay and I think as long as people don't retool for a modern era of data management, this is going to stay this >>Way. Yeah, I mean I hear this whole time and our cube conversations with practitioners, you know there, it's kind of like the security pro give me more tools, I'll buy anything that comes in the market. I'm desperate. There's definitely attention but it doesn't seem like people are satisfied with the tooling that they have. Can you guys share kind of your insights into what's going on in the product side? Because you know, people claim that they have tools at fine points of, of recovery opportunities but they can't get there. So it seems to be that there's a confidence problem here in the market. What, how do you guys see that? Cuz I think this is where the rubber meets the road with ransomware cuz it's, it is a moving train, it's always changing but it doesn't seem as confidence. Can you guys talk about that? What's your reaction? >>Yeah, let me jump in first and Steven can add to it. What happens is I think this is a panic buying and they have accumulated this tooling now just because somebody said could solve your problem, but they haven't had a chance to take a re-look from a ground up perspective to see where are the bottlenecks, where are the vulnerabilities and which tooling set needs to lie? Where, where does the logic need to recite and what in Drew we are watching people do and people do it successfully, is that as they have adopted through our technology, which is ground up built for the cloud and really built in a way which is, you know, driven at a data insight level where we have people even monitoring our service for anomalies and activities that are suspicious. We know where we need to play a role in really kind of mitigating this ransomware. >>And then there's a whole plethora of ecosystem players that kind of combine to really really finish the story so to say, right? So I think this has been a panic buying situation. This is like, get me any help you can give me. And I think as this settles down and people really understand that longer term as they really build out a true defense mechanism, they need to think really ground up. They will start to really see the value of technologies like Druva and tried to identify the right set of ecosystem to really bring together to solve it meaningfully. >>Steven, >>I was gonna say, I mean one, one of the, one of the really interesting things in the survey for me and, and, and for a moment, little more than a moment, it made me think was that the large number of respondents who said I've got a really efficient well run backup environment, who then on basically the next question said, and I have no confidence that I can recover from a ransomware attack. And you scratch your head and you think, well if your backup environment is so good, why do you have such low confidence? And, and, and I think that's the moment when we, we dug deeper and we realized, you know, if you've got a traditional architecture and let's face the dis base architecture's been around for almost two decades now in terms of dis based backup, you can have that tune to the help that can be running as efficiently, efficiently as you want it, but it was built before the ransomware attacks before, before all these cyber issues, you know, really start hitting companies. And so I have this really well run traditional backup environment that is not at all built for these modern threat vectors. And so that's really why customers are saying I'm doing the best I can, but as Angen pointed out, the architecture, the tooling isn't there to support what, what problems I need to solve today. Yeah, >>Great point. And so yeah, well that's a great point. Before we get into the customer side, I wanna get to in second, you know, I interviewed Jare, the the founder CEO many years ago, even before the pandemic. You mentioned modern, you guys have always had the cloud, which r this is huge. Now that you're past the pandemic, what is that modern cloud edge you guys have? Cuz that's a great point. A lot of stuff was built kind of Beckham recovery bolted on, not really kind of designed into the, the current state of the infrastructure and the cloud native application modern environment we're seeing. Right? Now's a huge issue >>I think. I think it's, it's to me there's, there's three things that come up over and over and over again as, as we talk to people in terms of, you know, being built in cloud, being cloud native, why is an advantage? The first one is, is security and ransomware. And, and, and we can go deeper, but the most obvious one that always comes up is every single backup you do with DVA is air gap offsite managed under a separate administrative domain so that you're not retrofitting any sort of air gap network and buying another appliance or setting up your own cloud environment to manage this. Every backup is ransomware protected, guaranteed. I think the second advantage is the scalability. And you know this, this certainly plays into account as your, your business grows or in some cases as you shrink or repurpose workloads, you're only paying for what you use. >>But it also plays a a big role again when you start thinking of ransomware recoveries because we can scale your recovery in cloud on premises as much or as little as you want. And then I think the third one is we're seeing a basically things evolving new workloads, data sprawl, new threat vectors. And one of the nice parts of being a SA service in the cloud is you're able to roll out new functionality every two weeks and there's no upgrade cycle, there's no waiting, you know, the customer doesn't have to say, Wow, I need it six months in the lab before I upgrade it and it's an 18 month, 24 month cycle before the functionality releases. You're getting it every two weeks and it's backed by Druva to make sure it works. >>That says on John, you know, you got the, the product side, you know, it's challenging job cuz you have so many customers asking for things probably on the roadmap you probably go hour for that one. But I wanna get your thoughts on what you're hearing and seeing from customers. You know, we just reviewed the IDC with Phil. How are you guys responding to your customer's needs? Because it seems that it's highly accelerated on the, probably on the feature request, but also structurally as as ransomware continues to evolve. What are you hearing, what's the key customer need? How are you guys responding? >>Yeah, actually I have two things that I hear very clearly when I talk to customers. One, I think after listening to their security problems and their vulnerability challenges because we see customers and help customers who are getting challenge by ransomware on a weekly basis. And what I find that this problem is not just a technology problem, it's an operating model problem. So in order to really secure themselves, they need a security operating model and a lot of them haven't figured out that security operating model in totality. Now where we come in as rua is that we are providing them the cloud operating model and a data protection operating model combined with a data insights operating model which all fit into their overall security operating model that they are really owning and they need to manage and operate because this is just not about a piece of technology. >>On top of that, I think our customers are getting challenged by all the same challenges of not just spending time on keeping the lights on but innovating faster with faster, with less. And that has been this age old problem, do more with less. But in this, in this whole, they're like trying to innovate in the middle of the war so to say, right, the war is happening, they're getting attacked, but there's also net new shadow IT challenges that's forcing them to make sure that they can manage all the new applications that are getting developed in the cloud. There is thousands of SaaS applications that they're consuming not knowing which data is critical to their success and which ones to protect and govern and secure. So all of these things are coming at them at a hundred miles per hour while they're just, you know, trying to live one day at a time. >>And unless they really develop this overall security operating model helped by cloud native technologies like Druva that really providing them a true cloud native model of really giving like a touchless and an invisible protection infrastructure. Not just beyond backups, beyond just the data protection that we all know of into this kind of this mindset of kind of being able to look at where each of those functionalities need to lie. That's where I think they're grappling with now. Drew is clearly helping them with keep up to pace with the public cloud innovations that they need to do and how to protect data. We just launched our EC two offering to protect EC two virtual machines back in aws and we are gonna be continuing to evolve that to further many services that public cloud software cuz our customers are really kind of consuming them at breakneck speed. >>So the new workloads, the new security capabilities. Love that. Good, good call out there. Steven, this still the issue of the disruption side of it, you guys have a guarantee there's a cost of ownership as you get more tools. Can you talk about that angle of it? Because this is, you got new workloads, you got the new security needs, what's the disruption impact? Cause you know, you won't avoid that. How much is it gonna cost you? And you guys have this guarantee, can you explain that? >>Yeah, absolutely. So, so Dr launched our 10 million data resiliency guarantee. And, and for us, you know, there were, there were really two key parts to this. The first obviously is 10 million means that, you know, again we're, we're we're willing to put our money where our mouth is and, and that's a big deal, right? That that, that we're willing to back this with the guarantee. But then the second part, and, and, and this is the part that I think reflects that, that sort of model that Angen was talking about, we, we sort of look at this and we say the goal of DVA is to do the job of protecting and securing your data for you so that you as a customer don't have to do it anymore. And so the guarantee actually protects you against multiple types of risks all with SLAs. So everything from, you know, your data's gonna be recoverable in the case of a ransomware attack. >>Okay, that's good. Of course for it to be recoverable, we're also guaranteeing, you know, your backup, your backup success rate. We're also guaranteeing the availability of the service. You know, we're, we're guaranteeing that the data that we're storing for you can't be compromised or leaked externally and you know, we're guaranteeing the long term durability of the data so that if you back up with us today and you need to recover 30 years from now, that data's gonna be recovered. So we wanted to really attack the end to end, you know, risks that, that, that affect our customers. Cybersecurity is a big deal, but it is not the only problem out there and the only way for this to work is to have a service that can provide you SLAs across all of the risks because that means, again, as a SAS vendor, we're doing the job for you so you're buying results as opposed to technology. >>That's great. Great point. Ransomware isn't the only problem that's the title of this presentation, but is a big one. People concerned about it. So great stuff. In the last five minutes guys, if you don't mind, I'd love to have you share what's on the horizon for dva. You mentioned the new workloads on John, you mentioned this new security hearing shift left DevOps is now the developer model, they're running it get data and security teams now stepping in and trying to be as vo high velocity as possible for the developers and enterprises. What's on the horizon, Ava? What trends is the company watching and how are you guys putting that together to stay ahead in the marketplace and the competition? >>Yeah, I think listening to our customers, what we realize is they need help with the public cloud. Number one. I think that's a big wave of consumption. People are consolidating their data centers, moving to the public cloud. They need help in expanding data protection, which becomes the basis of a lot of the security operating model that I talked about. They need that first from before they can start to get into much more advanced level of insights and analytics on that data to protect themselves and secure themselves and do interesting things with that data. So we are expanding our coverage on multiple fronts there. The second key thing is to really bring together a very insightful presentation layer, which I think is very unique to thwa because only we can look at multiple tenants, multiple customers because we are a SAS vendor and look at insights and give them best practices and guidances and analytics that nobody else can give. >>There's no silo anymore because we are able to take a good big vision view and now help our customers with insights that otherwise that information map is completely missing. So we are able to guide them down a path where they can optimize which workloads need, what kind of protection, and then how to secure them. So that is the second level of insights and analytics that we are building. And there's a whole plethora of security offerings that we are gonna build all the way from a feature level where we have things like recycle bin that's already available to our customers today to prevent any anomalous behavior and attacks that would delete their backups and then they still have a way to recover from it, but also things to curate and get back to that point in time where it is safe to recover and help them with a sandbox which they can recover confidently knowing it's not going to jeopardize them again and reinfect the whole environment again. So there's a whole bunch of things coming, but the key themes are public cloud, data insights and security and that's where my focus is to go and get those features delivered and Steven can add a few more things around services that Steven is looking to build in launch. >>Sure. So, so yeah, so, so John, I think one of the other areas that we see just an enormous groundswell of interest. So, so public cloud is important, but there are more and more organizations that are running hundreds if not thousands of SaaS applications and a lot of those SaaS applications have data. So there's the obvious things like Microsoft 365 Google workspace, but we're also seeing a lot of interest in protecting Salesforce because if you think about it, you know, if you, if if someone you know deletes some really important records in Salesforce, that's, that's actually actually kind of the record of your business. And so, you know, we're looking at more and more SaaS application protection and, and really getting deep in that application awareness. It's not just about backup and recovery. When you look at something like, like a sales force or something like Microsoft 365, you do wanna look into sandboxing, you wanna, you wanna look into long term archival because again, this is the new record of the business, what used to be in your on premises databases that all lives in cloud and SaaS applications now. >>So that's a really big area of investment for us. The second one, just to echo what, what engine said is, you know, one of the great things of being a SaaS provider is I have metadata that spans across thousands of customers and tens of billions of backups a year. And I'm tracking all sorts of interesting information that is going to enable us to do things like make backups more autonomous so that customers, again, I want to do the job for them, will do all the tuning, we'll do all the management for them to be able to better detect ransomware attacks, better respond to ransomware attacks because we're seeing across the globe. And then of course being able to give them more insight into what's happening in their data environment so they can get a better security posture before any attack happens. Because let's face it, if you can set your, your data up more cleanly, you're gonna be a lot less worried and a lot less exposed from that attack happens. So we want to be able to again, cover those SaaS applications in addition to the public cloud. And then we want to be able to use our metadata and use our analytics and use this massive pipeline. We've got to deliver value to our customers, not just charts and graphs, but actual services that enable them to focus their attention on other parts of the business. >>That's great stuff. Run John. >>And remember John, I think all this while keeping things really easy to consume consumer grade UI APIs and the, the really, the power of SaaS as a service simplicity to kind of continue on amongst kind of keeping these complex technologies together. >>Aj, that's a great call out. I was gonna mention ease of use is and self-service, big part of the developer and IT experience expected, it's the table stakes, love the analytic angle. I think that brings the scale to the table and faster time to value to get to learn best practices. But the end of the day automation, cross cloud protection and security to protect and recover. This is huge and this is big part of not only just protecting against ransomware and other things, but really being fast and being agile. So really appreciate the insights. Thanks for sharing on this segment, really under the hood and really kind of the value of of the product. Thanks for coming on. Appreciate it. >>Thank you very much. >>Okay, there it is. You got the experts talking about under the hood, the product, the value, the future of what's going on with Druva and the future of cloud native protecting and recovering. This is what it's all about. It's not just ransomware they have to worry about. In a moment, Dave Ante will give you some closing thoughts on the subject here you're watching the cube, the leader in high tech enterprise coverage. >>As organizations migrate their business processes to multi-cloud environments, they still face numerous threats and risks of data loss. With a growing number of cloud platforms and fragmented applications, it leads to an increase in data silos, sprawl, and management complexity. As workloads become more diverse, it's challenging to effectively manage data growth infrastructure, and resource costs across multiple cloud deployments. Using numerous backup vendor solutions for multiple cloud platforms can lead to management complexity. More importantly, the lack of centralized visibility and control can leave you exposed to security vulnerabilities, including ransomware that can cripple your business. The dr. A Data Resiliency Cloud is the only 100% SAS data resiliency platform that provides centralized, secure air gapped and immutable backup and recovery. With dva, your data is safe with multiple layers of protection and is ready for fast recovery from cyber attack, data corruption, or accidental data loss. Through a simple, easy to manage platform, you can seamlessly protect fragmented, diverse data at scale, across public clouds and your business critical SaaS applications. Druva is the only 100% SAS fender that can manage, govern, and protect data across multiple clouds and business critical SAS applications. It supports not just backup and recovery, but also data resiliency across high value use cases such as e-discovery, sensitive data governance, ransomware, and security. No other vendor can match Druva for customer experience, infinite scale storage optimization, data immutability and ransomware protection. The DVA data resiliency cloud your data always safe, always ready. Visit druva.com today to schedule a free demo. >>One of the big takeaways from today's program is that in the scramble to keep business flowing over the past two plus years, a lot of good technology practices have been put into place, but there's much more work to be done specifically because the frequency of attacks is on the rise and the severity of lost, stolen, or inaccessible data is so much higher. Today, business resilience must be designed into architectures and solutions from the start. It cannot be an afterthought. Well, actually it can be, but you won't be happy with the results. Now, part of the answer is finding the right partners, of course, but it also means taking a systems' view of your business, understanding the vulnerabilities and deploying solutions that can balance cost efficiency with appropriately high levels of protection, flexibility, and speed slash accuracy of recovery. You know, we hope you found today's program useful and informative. Remember, this session is available on demand in both its full format and the individual guest segments. All you gotta do is go to the cube.net and you'll see all the content, or you can go to druva.com. There are tons of resources available, including analyst reports, customer stories. There's this cool TCO calculator. You can find out what pricing looks like and lots more. Thanks for watching why Ransomware isn't your only problem Made possible by dva, a collaboration with IDC and presented by the Cube, your leader in enterprise and emerging tech coverage.

>>The past two and a half years have seen a dramatic change in the security posture of virtually all organizations. By accelerating the digital business mandate, the isolation economy catalyzed a move toward cloud computing to support remote workers. This, we know this had several ripple effects on CISO and CIO strategies that were highly visible at the board of directors level. Now, the first major change was to recognize that the perimeter had suddenly been vaporized protection. As a result moved away from things like perimeter based firewalls toward more distributed endpoints, cloud security, and modern identity management. The second major change was a heightened awareness of the realities of ransomware. Ransomware as a service, for example, emerges a major threat where virtually anyone with access to critical data and criminal intentions could monetize corporate security exposures. The third major change was a much more acute understanding of how data protection needed to become a fundamental component of cybersecurity strategies. >>And more specifically, CIOs quickly realized that their business resilient strategies were too narrowly DR focused that their DR approach was not cost efficient and needed to be modernized. And that new approaches to operational resilience were needed to reflect the architectural and business realities of this new environment. Hello and welcome to Why Ransomware isn't your Only Problem, a service of the Cube made possible by dva. And in collaboration with idc. I'm your host, Dave Ante, and today we're present a three part program. We'll start with the data. IDC recently conducted a global survey of 500 business technology practitioners across 20 industries to understand the degree to which organizations are aware of and prepared for the threats they face. In today's new world, IDC Research Vice President Phil Goodwin is here to share the highlights of the study and summarize the findings from a recent research report on the topic. >>After that, we're gonna hear from Curtis Preston, who's the Chief Technical Evangelist at Druva. I've known Curtis for decades. He's one of the world's foremost experts on backup and recovery, specifically in data protection. Generally. Curtis will help us understand how the survey data presented by IDC aligns with the real world findings from the field, from his point of view. And he'll discuss why so many organizations have failed to successfully recover from an attack without major pains and big costs, and how to avoid such operational disruptions and disasters. And then finally, we'll hear from the technical experts at dva, Steven Manly and Anja Serenas. Steven is a 10 time cubo and Chief technology officer at dva, and Anjan is vice president and general manager of product management at the company. And these individuals will specifically address how DVA is closing the gaps presented in the IDC survey through their product innovation. Or right now I'm gonna toss it to Lisa Martin, another one of the hosts for today's program. Lisa, over to you. >>Bill Goodwin joins me next, the VP of research at idc. We're gonna be breaking down what's going on in the threat landscape. Phil, welcome to the program. It's great to have you back on the cube. >>Hey, Lisa, it's great to be here with you. >>So talk to me about the state of the global IT landscape as we see cyber attacks massively increasing, the threat landscape changing so much, what is IDC seeing? >>You know, you, you really hit the, the top topic that we find from IT organizations as well as business organizations. And really it's that digital resilience that that ransomware that has everybody's attention and it has the attention not just of the IT people, but of the business people alike, because it really does have profound effects across the organization. The other thing that we're seeing, Lisa, is really a move towards cloud. And I think part of that is driven by the economics of cloud, which fundamentally changed the way that we can approach disaster recovery, but also is accelerated during the pandemic for all the reasons that people have talked about in terms of work from home and so on. And then really the third thing is the economic uncertainty. And this is relatively new for 2022, but within idc we've been doing a lot of research around what are those impacts going to be. And what we find people doing is they want greater flexibility, they want more cost certainty, and they really want to be able to leverage those cloud economics to be, have the scale, upper scale, down on demand nature of cloud. So those are in a nutshell, kind of the three things that people are looking at. >>You mentioned ransomware, it's a topic we've been talking about a lot. It's a household word these days. It's now Phil, no longer if we're gonna get attacked. It's when it's how often it's the severity. Talk about ransomware as a priority all the way up the stack to the C-suite. And what are they trying to do to become resilient against it? >>Well, what, what some of the research that we did is we found that about 77% of organizations have digital resilience as a, as a top priority within their organization. And so what you're seeing is organizations trying to leverage things to become more, more resilient, more digitally resilient, and to be able to really hone in on those kinds of issues that are keeping keeping them awake at night. Quite honestly, if you think about digital resilience, it really is foundational to the organization, whether it's through digital transformation or whether it's simply data availability, whatever it might happen to be. Digital resilience is really a, a large umbrella term that we use to describe that function that is aimed at avoiding data loss, assuring data availability, and helping the organization to extract value from their data >>And digital resilience, data resilience as every company these days has to be a data company to be competitive, digital resilience, data resilience. Are you using those terms interchangeably or data resilience to find as something a little bit different? >>Well, sometimes yeah, that we do get caught using them when, when one is the other. But data resilience is really a part of digital resilience, if you think about the data itself and the context of of IT computing. So it really is a subset of that, but it is foundational to IT resilience. You, you really, you can't have it resilience about data resilience. So that, that's where we're coming from on it >>Inextricably linked and it's becoming a corporate initiative, but there's some factors that can complicate digital resilience, data resilience for organizations. What are some of those complications that organizations need to be aware of? >>Well, one of the biggest is what, what you mentioned at the, at the top of the segment and, and that is the, the area of ransomware, the research that we found is about 46% of organizations have been hit within the last three years. You know, it's kind of interesting how it's changed over the years. Originally being hit by ransomware had a real stigma attached to it. Organizations didn't want to admit it, and they really avoided confronting that. Nowadays, so many people have been hit by it, that that stigma has gone. And so really it is becoming more of a community kind of effort as people try to, to defend against these ransoms. The other thing about it is it's really a lot like whackamole. You know, they attack us in one area and and, and we defend against it. They, so they attack us in another area and we defend against it. >>And in fact, I had a, an individual come up to me at a show not long ago and said, You know, one of these days we're gonna get pretty well defended against ransomware and it's gonna go away. And I responded, I don't think so because we're constantly introducing new systems, new software, and introducing new vulnerabilities. And the fact is ransomware is so profitable, the bad guys aren't gonna just fade into the night without giving it a a lot of fight. So I really think that ransomware is one of those things that here is here for the long term and something that we, we have to address and have to get proactive about. >>You mentioned some stats there and, and recently IDC and DVA did a white paper together that really revealed some quite shocking results. Talk to me about some of the things. Let, let's talk a little bit about the demographics of the survey and then talk about what was the biggest finding there, especially where it's concern concerning ransomware. >>Yeah, this, this was a worldwide study. It was sponsored by DVA and conducted by IDC as an independent study. And what we did, we surveyed 500 is a little over 500 different individuals across the globe in North America select countries in in western Europe, as well as several in, in Asia Pacific. And we did it across industries with our 20 different industries represented. They're all evenly represented. We had surveys that included IT practitioners, primarily CIOs, CTOs, VP of of infrastructure, you know, managers of data centers, things like that. And the, and the biggest finding that we had in this, Lisa, was really finding that there is a huge disconnect, I believe, between how people think they are ready and what the actual results are when they, when they get attacked. Some of the, some of the statistics that we learned from this, Lisa, include 83% of organizations believe or tell, told us that they have a, a playbook that, that they have for ransomware. >>I think 93% said that they have a high degree or a high or very high degree of confidence in their recovery tools and, and are fully automated. And yet when you look at the actual results, you know, I told you a moment ago, 46% have been attacked successfully. I can also tell you that in separate research, fewer than a third of organizations were able to fully recover their data without paying the ransom. And some two thirds actually had to pay the ransom. And even when they did, they didn't necessarily achieve their full recovery. You know, the bad guys aren't, aren't necessarily to be trusted. And, and so the software that they provide sometimes is, is fully recovered, sometimes it's not. So you look at that and you go, Wow. On, on the one hand people think they're really, really prepared and on the other hand the results are, are absolutely horrible. >>You know, two thirds of people having, having to pay their ransom. So you start to ask yourself, well, well, what is, what's going on there? And I believe that a lot of it comes down to, kind of reminds me of the old quote from Mike Tyson. Everybody has a plan until they get punched in the mouth. And I think that's kind of what happens with ransomware. You, you think you know what you're, you're doing, you think you're ready based on the information you have. And these people are smart people and, and they're professionals, but oftentimes you don't know what you don't know. And like I say, the bad guys are always dreaming up new ways to attack us. And so I think for that reason, a lot of these have been successful. So that was kind of the key finding to me in kind of the aha moment really in this whole thing. Lisa, >>That's a massive disconnect with the vast majority saying we have a cyber recovery playbook, yet nearly half being the victims of ransomware in the last three years and then half of them experiencing data loss. What is it then that organizations in this situation across any industry can do to truly enable cyber resilience data resilience as it's, as we said, this is a matter of this is gonna happen just a matter of when and how often >>It it is a matter, Yeah, as you said, it's not if when or, or how often. It's really how badly. So I think what organizations are really do doing now is starting to turn more to cloud-based services. You know, finding professionals who know what they're doing, who have that breadth of experience and who have seen the kinds of, of necessary steps that it takes to do a recovery. And the fact of the matter is a disaster recovery and a cyber recovery are really not the same thing. And so organizations need to be able to, to plan the kinds of recovery associated with cyber recovery in terms of forensics, in terms of, of scanning, in terms of analysis and so forth. So they're, they're turning to professionals in the cloud much more in order to get that breadth of experience and, and to take advantage of cloud based services that are out there. >>Talk to me about some of the key advantages of cloud-based services for data resilience versus traditional legacy on-prem equipment. What are some of the advantages? Why are is IDC seeing this big shift to cloud where, where data resilience is concerned? >>Well, the first and foremost is the economics of it. You know, you can, you can have on demand resources. And in the old days when we had disaster recoveries where there we had two different data centers and a failover and so forth, you know, you had double the infrastructure. If your financial services, it might even be triple, the infrastructure is very complicated, very difficult by going to the cloud. Organizations can subscribe to disaster recovery as a service. It increasingly what we see is a new market of cyber recovery as a service. So being able to leverage those resources to be able to have the forensic analysis available to them, to be able to have the other resources available that are on demand, and to have that plan in place to have those resources in place. I think what happens in a number of situations, Lisa, is that that organizations think they're ready, but then all of a sudden they get hit and all of a sudden they have to engage with outside consultants or they have to bring in other experts and that, and that extends the time to recover that they have and it also complicates it. >>So if they have those resources in place, then they can simply turn them on, engage them, and get that recover going as quickly as possible. >>So what do you think the big issue here is, is it that these, these I p T practitioners over 500 that you surveyed across 20 industries is a global survey? Do they not know what they don't know? What's the the overlying issue here? >>Yeah, I think that's right. It's, you don't know what you don't know and until you get into a specific attack, you know, there, there are so many different ways that, that organizations can be attacked. And in fact, from this research that we found is that in many cases, data exfiltration exceeds data corruption by about 50%. And when you think about that, the, the issue is, once I have your data, what are you gonna do? I mean, there's no amount of recovery that is gonna help. So organizations are either faced with paying the ransom to keep the data from perhaps being used on the dark web or whatever, or simply saying no and, and taking their chances. So best practice things like encryption, immutability, you know, things like that that organizations can put into place. Certainly air gaps. Having a, a solid backup foundation to, to where data is you have a high recovery, high probability of recovery, things like that. Those are the kinds of things that organizations have to put into place really is a baseline to assure that they can recover as fast as possible and not lose data in the event of a ransomware attack. >>Given some of the, the, the disconnect that you articulated, the, the stats that show so many think we are prepared, we've got a playbook, yet so many are being, are being attacked. The vulnerabilities and the, and the, as the, the landscape threat landscape just gets more and more amorphous. Why, what do you recommend organizations? Do you talk to the IT practitioners, but does this go all the way up to the board level in terms of, hey guys, across every industry we are vulnerable, this is gonna happen, we've gotta make sure that we are truly resilient and proactive? >>Yes, and in fact, what we found from this research is in more than half of cases, the CEO is directly involved in the recovery. So this is very much a C-suite issue. And if you look at the, the, the consequences of ransom where it's not just the ransom, it's the loss productivity, it's, it's the loss of, of revenue, it's, it's the loss of, of customer faith and, and, and goodwill and organizations that have been attacked have, have suffered those consequences. And, and many of them are permanent. So people at the board level where it's, whether it's the ceo, the cfo, the cio, the c cso, you know, whoever it is, they're extremely concerned about these. And I can tell you they are fully engaged in addressing these issues within their organization. >>So all the way at the top critically important, business critical for any industry. I imagine some industries may be a little bit more vulnerable than others, financial services, healthcare, education, we've just seen big attack in Los Angeles County. But in terms of establishing data resilience, you mentioned ransomware isn't going anywhere, it's a big business business, it's very profitable. But what is IDCs prediction where ransomware is concerned? Do you think that organizations, if they truly adopt cloud and status based technologies, can they get to a place where the C-suite doesn't have to be involved to the point where they're, they really actually have i i functioning playbook? >>I i, I don't know if we'll ever get to the point where the CCC C suite is not involved. It's probably very important to have that, that level of executive sponsorship. But, but what we are seeing is, in fact we predicted by 20 25, 50 5% of organizations we'll have shifted to a cloud centric strategy for their data resilience. And the reason we say that is, you know, workloads on premises aren't going away. So that's the core. We have an increasing number of workloads in the cloud and, and at the edge, and that's really where the growth is. So being able to take that cloud centric model and take advantage of, of cloud resources like immutable storage, being able to move data from region to region inexpensively and easily and, and to be able to take that cloud centric perspective and apply it on premises as well as in the cloud and at the edge is really where we believe that organizations are shifting their focus. >>Got it. We're just cracking the surface here. Phil, I wish we had more time, but I had a chance to read the Juba sponsored IDC White paper. Fascinating finds. I encourage all of you to download that. Take a read, you're gonna learn some very interesting statistics and recommendations for how you can really truly deploy data resilience in your organization. Phil, it's been a pleasure to have you on the program. Thank you for joining >>Me. No problem. Thank you, Lisa. >>In a moment, John Furrier will be here with his next guest. For right now, I'm Lisa Martin and you are watching The Cube, the leader in live tech coverage.

(upbeat music) >> Hey everyone, Lisa Martin for theCUBE here. Phil Goodwin joins me next, the VP of research at IDC. We're going to be breaking down what's going on in the threat landscape. Phil, welcome to the program. It's great to have you back on theCUBE. >> Hey, Lisa, it's great to be here with you. >> So talk to me about the state of the global IT landscape, as we see cyber attacks massively increasing, the threat landscape changing so much, what is IDC seeing? >> You really hit the top topic that we find from IT organizations, as well as business organizations, and really it's that digital resilience, that ransomware that has everybody's attention. And it has the attention, not just of the IT people, but of the business people alike, because it really does have profound effects across the organization. The other thing that we're seeing, Lisa, is really a move towards cloud. And I think part of that is driven by the economics of cloud, which fundamentally changed the way that we can approach disaster recovery, but also is accelerated during the pandemic for all the reasons that people have talked about in terms of work from home and so on. And then really the third thing is the economic uncertainty. And this is relatively new for 2022. But within IDC, we've been doing a lot of research around what are those impacts going to be? And what we find people doing is they want greater flexibility, they want more cost certainty, and they really want to be able to leverage those cloud economics to be have the scale up or scale down on demand nature of cloud. So those are in a nutshell kind of the three things that people are looking at. >> You mentioned ransomware, it's a topic we've been talking about a lot. It's a household word these days. It's now, Phil, no longer if we're going to get attacked, it's when, it's how often, it's the severity. Talk about ransomware as a priority all the way up the stack to the C-suite, and what are they trying to do to become resilient against it? >> Well, what some of the research that we did is what we found that about 77% of organizations have digital resilience as a top priority within their organization. And so what you're seeing is organizations trying to leverage things to become more resilient, more digitally resilient. And to be able to really hone in on those kinds of issues that are keeping them awake at night, quite honestly. If you think about digital resilience, it really is foundational to the organization. Whether it's through digital transformation, or whether it's simply data availability, whatever it might happen to be, digital resilience is really a large umbrella term that we use to describe that function that is aimed at avoiding data loss, assuring data availability, and helping the organization to extract value from their data. >> And digital resilience, data resilience, as every company These days has to be a data company to be competitive. Digital resilience, data resilience, are you using those terms interchangeably? Or is data resilience to find as something a little bit different? >> Well, sometimes, yeah, that we do get caught using them when one as the other, but data resilience is really a part of digital resilience if you think about the data itself and the context of IT computing. So it really is a subset of that. But it is foundational to IT resilience. You can't have it resilience without data resilience. So that's where we're coming from on it. >> Inextricably linked. And it's becoming a corporate initiative. But there's some factors that can complicate digital resilience, data resilience for organizations. What are some of those complications that organizations need to be aware of? >> Well, one of the biggest is what you mentioned at the top of the segment, and that is the area of ransomware. The research that we found is about 46% of organizations have been hit within the last three years. It's kind of interesting how it's changed over the years. Originally, being hit by ransomware had a real stigma attached to it. Organizations didn't want to admit it. And they really avoided confronting that. Nowadays, so many people have been hit by it, that stigma has gone. And so really it is becoming more of a community kind of effort, as people try to defend against these ransomwares. The other thing about it is it's really a lot like Whac-A-Mole. They attack us in one area and we defend against it, so they attack us in another area and we defend against it. And in fact, I had an individual come up to me at a show not long ago and said, "One of these days, we're going to get pretty well defended against ransomware, and it's going to go away." And I responded, "I don't think so because we're constantly introducing new systems, new software, and introducing new vulnerabilities." And the fact is ransomware is so profitable, the bad guys aren't going to just fade into the night without giving it a lot of fight. So I really think that ransomware is one of those things that is here for the long-term, and something that we we have to address and have to get proactive about. >> You mentioned some stats there. And recently, IDC and Druva did a white paper together that really revealed some quite shocking results. Talk to me about some of the things, let's talk a little bit about the demographics of the survey, and then talk about what was the biggest finding there, especially where it's concerning ransomware. >> Yeah, this was a worldwide study. It was sponsored by Druva and conducted by IDC as an independent study. And what we did, we surveyed 500, it's a little over 500 different individuals across the globe, in North America, select countries in Western Europe, as well as several in Asia Pacific. And we did it across industries where 20 different industries represented. They're all evenly represented. We had surveys that included IT practitioners, primarily CIOs, CTOs, BPO of infrastructure, managers of data centers, things like that. And the biggest finding that we had in this, Lisa, was really finding that there is a huge disconnect, I believe, between how people think they are ready and what the actual results are when they get attacked. Some of the statistics that we learned from this, Lisa, include 83% of organizations believe or told us that they have a playbook that they have for ransomware. I think 93% said that they have a high degree, or a high, or very high degree of confidence in their recovery tools, and are fully automated. And yet when you look at the actual results, I told you a moment ago, 46% have been attacked successfully. I can also tell you that in separate research, fewer than a 1/3 of organizations were able to fully recover their data without paying the ransom. And some 2/3 actually had to pay the ransom. And even when they did, they didn't necessarily achieve their full recovery. The bad guys aren't aren't necessarily to be trusted. And so the software that they provide, sometimes is fully recovered, sometimes it's not. So you look at that and you go, "Wow." On the one hand, people think they're really prepared. And on the other hand, the results are absolutely horrible. 2/3 of people having to pay the ransom. So you start to ask yourself, "Well, what's going on there?" And I believe that a lot of it comes down to, kind of reminds me of the old quote from Mike Tyson, "Everybody has a plan until they get punched in the mouth." And I think that's kind of what happens with ransomware. You think you know what you're doing, you think you're ready based on the information you have. And these people are smart people, and they're professionals. But oftentimes, you don't know what you don't know. And like I say, the bad guys are always dreaming up new ways to attack us. And so I think for that reason, a lot of these have been successful. So that was kind of the key finding to me, and kind of the aha moment, really, in this whole thing, Lisa. >> That's a massive disconnect with the vast majority saying, "We have a cyber recovery playbook," yet nearly half being the victims of ransomware in the last three years. And then half of them experiencing data loss. What is it then that organizations in this situation across any industry can do to truly enable cyber resilience, data resilience? As we said, this is a matter of this is going to happen. Just a matter of when and how often. >> It is a matter. Yeah, as you said, it's not if when or how often, it's really how badly. So I think what organizations are really doing now is starting to turn more to cloud based services. Finding professionals who know what they're doing, who have that breadth of experience, and who have seen the kinds of of necessary steps that it takes to do a recovery. And the fact of the matter is a disaster recovery and a cyber recovery are really not the same thing. And so organizations need to be able to plan the kinds of recovery associated with cyber recovery in terms of forensics, in terms of scanning, in terms of analysis, and so forth. So they're turning to professionals in the cloud much more in order to get that breadth of experience, and to take advantage of cloud-based services that are out there. >> Talk to me about some of the key advantages of cloud-based services for data resilience versus traditional legacy on-prem equipment. What are some of the advantages? Why is IDC seeing this big shift to cloud, where data resilience is concerned? >> Well, the first and foremost is the economics of it. You can have on demand resources. And in the old days when we had disaster recoveries, where there we had two different data centers and the failover and so forth, you have double the infrastructure. If your financial services, it might even be triple the infrastructure. It's very complicated, very difficult. By going to the cloud, organizations can subscribe to disaster recovery as a service. And increasingly, what we see is a new market of cyber recovery as a service. So being able to leverage those resources, to be able to have the forensic analysis available to them, to be able to have the other resources available that are on demand, and to have that plan in place, to have those resources in place. I think what happens in a number of situations, Lisa, is that that organizations think they're ready, but then all of a sudden they get hit. And all of a sudden, they have to engage with outside consultants, or they have to bring in other experts. And that extends the time to recover that they have. And it also complicates it. So if they have those resources in place, then they can simply turn them on, engage them, and get that recovery going as quickly as possible. >> So what do you think the big issue here? Is it that these IT practitioners over 500 that you surveyed across 20 industries, as a global survey, do they not know what they don't know? What's the overlying issue here? >> Yeah, I think that's right. It's you don't know what you don't know. And until you get into a specific attack, there are so many different ways that organizations can be attacked. And in fact, from this research that we found is that in many cases, data exfiltration exceeds data corruption by about 50%. And when you think about that, the issue is, once I have your data, what are you going to do? I mean, there's no amount of recovery that is going to help. So organizations are either faced with paying the ransom to keep the data from perhaps being used on the dark web, or whatever, or simply saying no, and taking their chances. So best practice, things like encryption, immutability, things like that that organizations can put into place. Certainly, air gaps, having a solid backup foundation to where data is, you have a high probability recovery, things like that. Those are the kinds of things that organizations have to put into place, really, is a baseline to assure that they can recover as fast as possible, and not lose data in the event of our ransomware attack. >> Given some of the disconnect that you articulated, the stats that show so many think we are prepared, we've got a playbook, yet so many are being attacked, the vulnerabilities, and as the threat landscape just gets more and more amorphous, what do you recommend organizations? Do you talk to the IT practitioners? But does this go all the way up to the board level in terms of, " Hey guys across every industry, we are vulnerable. This is going to happen. We've got to make sure that we are truly resilient and proactive." >> Yes, and in fact, what we found from this research is in more than half of cases, the CEO is directly involved in the recovery. So this is very much a C-suite issue. And if you look at the consequences of ransomware, it's not just the ransom, it's the loss productivity, it's the loss of revenue, it's the loss of customer faith and goodwill. And organizations that have been attacked have suffered those consequences, and many of them are permanent. So people at the board level, whether it's the CEO, the CFO, the CIO, the CSO, whoever it is, they're extremely concerned about these. And I can tell you, they are fully engaged in addressing these issues within their organization. >> So all the way at the top, business critical for any industry. I imagine some industries may be a little bit more vulnerable than others, financial services, healthcare, education. We've just seen big attack in Los Angeles County. But in terms of establishing data resilience, you mentioned, ransomware isn't going anywhere, it's a big business, it's very profitable, but what is IDC's prediction where ransomware is concerned? Do you think that organizations, if they truly adopt cloud and SaaS-based technologies, can they get to a place where the C-suite doesn't have to be involved? To the point where they really actually have a functioning playbook? >> I don't know if we'll ever get to the point where the C-suite is not involved. It's probably very important to have that level of executive sponsorship. But what we are seeing is, in fact, we predict that by 2025, 55% of organizations will have shifted to a cloud-centric strategy for their data resilience. And the reason we say that is workloads on-premises aren't going away. So that's the core. We have an increasing number of workloads in the cloud and at the edge, and that's really where the growth is. So being able to take that cloud-centric model and take advantage of cloud resources, like immutable storage, being able to move data from region to region inexpensively and easily, and and to be able to take that cloud-centric perspective and apply it on-premises, as well as in the cloud and at the edge is really where we believe that organizations are shifting their focus. >> Got it. We're just cracking the surface here. Phil, I wish we had more time, but I had a chance to read the Druva sponsored IDC white paper, fascinating finds. I encourage all of you to download that. Take a read. You're going to learn some very interesting statistics and recommendations for how you can really truly deploy data resilience in your organization. Phil, it's been a pleasure to have you on the program. Thank you for joining me. >> No problem. Thank you, Lisa. >> I'm, Lisa Martin. You're watching theCUBE, the leader in live tech coverage. (upbeat music)

>>Hey everyone. It's the cube live at VMware Explorer, 2022. We're at Mascone center and lovely, beautiful San Francisco. Dave Volante is with me, Lisa Martin. Beautiful weather here today. >>It is beautiful. I couldn't have missed this one because you know, the orange and the pure and VA right. Are history together. I had a, I had a switch sets. You >>Did. You were gonna have FOMO without a guest. Who's back. One of our longtime alumni V Stewart, VP of global technology alliances partners at pure storage one. It's great to have you back on the program, seeing you in 3d >>It's. It's so great to be here and we get a guest interviewer. So this >>Is >>Fantastic. Fly by. Fantastic. >>So talk to us, what's going on at pure. It's been a while since we had a chance to talk, >>Right. Well, well, besides the fact that it's great to see in person and to be back at a conference and see all of our customers, partners and prospects, you know, pure storage has just been on a tear just for your audience. Many, those who don't follow pure, right? We finished our last year with our Q4 being 41% year over year growth. And in the year, just under 2.2 billion, and then we come outta the gates this year, close our Q1 at 50% year over year, quarter quarterly growth. Have you ever seen a storage company or an infrastructure partner at 2 billion grow at that rate? >>Well, the thing was, was striking was that the acceleration of growth, because, you know, I mean, COVID, there were supply chain issues and you know, you saw that. And then, and we've seen this before at cloud companies, we see actually AWS as accelerated growth. So this is my premise here is you guys are actually becoming a cloud-like company building on top of, of infrastructure going from on-prem to cloud. But we're gonna talk about that. >>This is very much that super cloud premise. Well, >>It is. And, and, but I think it's it's one of the characteristics is you can actually, it, you know, we used to see companies, they go, they'd come out of escape velocity, and then they'd they'd growth would slow. I used to be at IDC. We'd see it. We'd see it. Okay. Down then it'd be single digits. You guys are seeing the opposite. >>It's it's not just our bookings. And by the way, I would be remiss if I didn't remind your audience that our second quarter earnings call is tomorrow. So we'll see how this philosophy and momentum keeps going. See, right. But besides the growth, right? All the external metrics around our business are increasing as well. So our net promoter score increased right at 85.2. We are the gold standard, not just in storage in infrastructure period. Like there's no one close to us, >>85. I mean, that's like, that's a, like apple, >>It's higher than apple than apple. It's apple higher than Tesla. It's higher than AWS shopping. And if you look in like our review of our products, flash rate is the leader in the gardener magic quadrant for, for storage array. It's been there for eight years. Port works is the leader in the GIGO OME radar for native Kubernetes storage three years in a row. Like just, it's great to be at a company that's hitting on all cylinders. You know, particularly at a time that's just got so much change going on in our >>Industry. Yeah. Tremendous amount of change. Talk about the, the VMware partnership from a momentum of velocity perspective what's going on there. And some of the things that you're accelerating. >>Absolutely. So VMware is, is the, the oldest or the longest tenured technology partner that we've had. I'm about to start my 10th year at pure storage. It feels like it was yesterday. When I joined, they were a, an Alliance partner before I joined. And so not to make that about me, but that's just like we built some of the key aspects around our first product, the flash array with VMware workloads in mind. And so we are a, a co-development partner. We've worked with them on a number of projects over years of, of late things that are top of mind is like the evolution of vials, the NV support for NVMe over fabric storage, more recently SRM support for automating Dr. With Viv a deployments, you know, and, and, and then our work around VMware ex extends to not just with VMware, they're really the catalyst for a lot of three way partnerships. So partnerships into our investments in data protection partners. Well, you gotta support V ADP for backing up the VMware space, our partnership within Nvidia, well, you gotta support NVA. I, so they can accelerate bringing those technologies into the enterprise. And so it's it, it's not just a, a, a, you know, unilateral partnership. It's a bidirectional piece because for a lot of customers, VMware's kind of like a touchpoint for managing the infrastructure. >>So how is that changing? Because you you've mentioned, you know, all the, the, the previous days, it was like, okay, let's get, make storage work. Let's do the integration. Let's do the hard work. It was kind of a race for the engineering teams to get there. All the storage companies would compete. And it was actually really good for the industry. Yeah, yeah. Right. Because it, it went from, you know, really complex, to much, much simpler. And now with the port works acquisition, it brings you closer to the whole DevOps scene. And you're seeing now VMware it's with its multi-cloud initiatives, really focusing on, you know, the applications and that, and that layer. So how does that dynamic evolve in terms of the partnership and, and where the focus is? >>So there's always in the last decade or so, right. There's always been some amount of overlap or competing with your partnerships, right. Something in their portfolios they're expanding maybe, or you expand you encroach on them. I think, I think two parts to how I would want to answer your question. The retrospective look V VMware is our number one ISV from a, a partner that we, we turn transactions with. The booking's growth that I shared with you, you could almost say is a direct reflection of how we're growing within that, that VMware marketplace. We are bringing a platform that I think customers feel services their workloads well today and gives them the flexibility of what might come in their cloud tomorrow. So you look at programs like our evergreen one subscription model, where you can deploy a consumption based subscription model. So very cloud-like only pay for what you use on-prem and turn that dial as you need to dial it into a, a cloud or, or multiple clouds. >>That's just one example. Looking forward, look, port works is probably the platform that VMware should have bought because when you look at today's story, right, when kit Culbert shared a, a cross cloud services, right, it was, it was the modern version of what VMware used to say, which was, here's a software defined data center. We're gonna standardize all your dissimilar hardware, another saying software defined management to standardize all your dissimilar clouds. We do that for Kubernetes. We talk about accelerating customers' adoption of Kubernetes by, by allowing developers, just to turn on an enable features, be its security, backup high availability, but we don't do it mono in a, you know, in a, in a homogeneous environment, we allow customers to do it heterogeneously so I can deploy VMware Tansu and connect it to Amazon EKS. I can switch one of those over to red head OpenShift, non disruptively, if I need to. >>Right? So as customers are going on this journey, particularly the enterprise customers, and they're not sure where they're going, we're giving them a platform that standardizes where they want to go. On-prem in the cloud and anywhere in between. And what's really interesting is our latest feature within the port works portfolio is called port works data services, and allows customers to deploy databases on demand. Like, install it, download the binaries. You have a cus there, you got a database, you got a database. You want Cassandra, you want Mongo, right? Yeah. You know, and, and for a lot of enterprise customers, who've kind of not, not know where to don't know where to start with port works. We found that to be a great place where they're like, I have this need side of my infrastructure. You can help me reduce cost time. Right. And deliver databases to teams. And that's how they kick off their Tansu journey. For example. >>It's interesting. So port works was the enabler you mentioned maybe VMware should above. Of course they had to get the value out of, out of pivotal. >>Understood. >>So, okay. Okay. So that, so how subsequent to the port works acquisition, how has it changed the way that you guys think about storage and how your customers are actually deploying and managing storage? >>Sure. So you touched base earlier on what was really great about the cloud and VMware was this evolution of simplifying storage technologies, usually operational functions, right? Making things simpler, more API driven, right. So they could be automated. I think what we're seeing customers do to today is first off, there's a tremendous rise in everyone wanting to do every customer, not every customer, a large portion of the customer bases, wanting to acquire technology on as OPEX. And it, I think it's really driven by like eliminate technical debt. I sign a short term agreement, our short, our shortest commitment's nine months. If we don't deliver around what we say, you walk away from us in nine months. Like you, you couldn't do that historically. Furthermore, I think customers are looking for the flexibility for our subscriptions, you know, more from between on-prem and cloud, as I shared earlier, is, is been a, a, a big driver in that space. >>And, and lastly, I would, would probably touch on our environmental and sustainability efforts. You saw this morning, Ragu in the keynote touch on what was it? Zero carbon consumption initiative, or ZCI my apologies to the veer folks. If I missed VO, you know, we've had, we've had sustainability into our products since day one. I don't know if you saw our inaugural ESG report that came out about 60 days ago, but the bottom line is, is, is our portfolio reduces the, the power directly consumed by storage race by up to 80%. And another aspect to look at is that 97% of all of the products that we sold in the last six years are still in the market today. They're not being put into, you know, into, to recycle bins and whatnot, pure storage's goal by the end of this decade is to further drive the efficiency of our platforms by another 66%. And so, you know, it's an ambitious goal, but we believe it's >>Important. Yeah. I was at HQ earlier this month, so I actually did see it. So, >>Yeah. And where is sustainability from a differentiation perspective, but also from a customer requirements perspective, I'm talking to a lot of customers that are putting that requirement when they're doing RFPs and whatnot on the vendors. >>I think we would like to all, and this is a free form VO comment here. So my apologies, but I think we'd all like to, to believe that we can reduce the energy consumption in the planet through these efforts. And in some ways maybe we can, what I fear in the technology space that I think we've all and, and many of your viewers have seen is there's always more tomorrow, right? There's more apps, more vendors, more offerings, more, more, more data to store. And so I think it's really just an imperative is you've gotta continue to be able to provide more services or store more data in this in yesterday's footprint tomorrow. A and part of the way they get to is through a sustainability effort, whether it's in chip design, you know, storage technologies, et cetera. And, and unfortunately it's, it's, it's something that organizations need to adopt today. And, and we've had a number of wins where customers have said, I thought I had to evacuate this data center. Your technology comes in and now it buys me more years of time in this in infrastructure. And so it can be very strategic to a lot of vendors who think their only option is like data center evacuation. >>So I don't want to, I, I don't wanna set you up, but I do want to have the super cloud conversation. And so let's go, and you, can you, you been around a long time, your, your technical, or you're more technical than I am, so we can at least sort of try to figure it out together when I first saw you guys. I think Lisa, so you and I were at, was it, when did you announce a block storage for AWS? The, was that 2019 >>Cloud block store? I believe block four years >>Ago. Okay. So 20 18, 20 18, 20 18. Okay. So we were there at, at accelerate at accelerate and I said, oh, that's interesting. So basically if I, if I go back there, it was, it was a hybrid model. You, you connecting your on-prem, you were, you were using, I think, priority E C two, you know, infrastructure to get high performance and connecting the two. And it was a singular experience yeah. Between on-prem and AWS in a pure customer saw pure. Right. Okay. So that was the first time I started to think about Supercloud. I mean, I think thought about it in different forms years ago, but that was the first actual instantiation. So my, my I'm interested in how that's evolved, how it's evolving, how it's going across clouds. Can you talk just conceptually about how that architecture is, is morphing? >>Sure. I just to set the expectations appropriately, right? We've got, we've got a lot of engineering work that that's going on right now. There's a bunch of stuff that I would love to share with you that I feel is right around the corner. And so hopefully we'll get across the line where we're at today, where we're at today. So the connective DNA of, of flash array, OnPrem cloud block store in the cloud, we can set up for, for, you know, what we call active. Dr. So, so again, customers are looking at these arrays is a, is a, is a pair that allows workloads to be put into the, put into the cloud or, or transferred between the cloud. That's kind of like your basic building, you know, blocking tackling 1 0 1. Like what do I do for Dr. Example, right? Or, or gimme an easy button to, to evacuate a data center where we've seen a, a lot of growth is around cloud block store and cloud block store really was released as like a software version of our hardware, Ray on-prem and it's been, and, and it hasn't been making the news, but it's been continually evolving. >>And so today the way you would look at cloud block store is, is really bringing enterprise data services to like EBS for, for AWS customers or to like, you know, is Azure premium disc for Azure users. And what do I mean by enterprise data services? It's, it's the, the, the way that large scale applications are managed, on-prem not just their performance and their avail availability considerations. How do I stage the, the development team, the sandbox team before they patch? You know, what's my cyber protection, not just data protection, how, how am I protected from a cyber hack? We bring all those capabilities to those storage platforms. And the, the best result is because of our data reduction technologies, which was critical in reducing the cost of flash 10 years ago, reduces the cost of the cloud by 50% or more and pays for the, for pays more than pays for our software of cloud block store to enable these enterprise data services, to give all these rapid capabilities like instant database, clones, instant, you know, recovery from cyber tech, things of that nature. >>Do customers. We heard today that cloud chaos are, are customers saying so, okay, you can run an Azure, you can run an AWS fine. Are customers saying, Hey, we want to connect those islands. Are you hearing that from customers or is it still sort of still too early? >>I think it's still too early. It doesn't mean we don't have customers who are very much in let's buy, let me buy some software that will monitor the price of my cloud. And I might move stuff around, but there's also a cost to moving, right? The, the egress charges can add up, particularly if you're at scale. So I don't know how much I seen. And even through the cloud days, how much I saw the, the notion of workloads moving, like kind of in the early days, like VMO, we thought there might be like a, is there gonna be a fall of the moon computing, you know, surge here, like, you know, have your workload run where power costs are lower. We didn't really see that coming to fruition. So I think there is a, is a desire for customers to have standardization because they gain the benefits of that from an operational perspective. Right. Whether they put that in motion to move workloads back and forth. I think >>So let's say, let's say to be determined, let let's say they let's say they don't move them because your point you knows too expensive, but, but, but, but you just, I think touched on it is they do want some kind of standard in terms of the workflow. Yep. You you're saying you're, you're starting to see demand >>Standard operating practices. Okay. >>Yeah. SOPs. And if they're, if they're big into pure, why wouldn't they want that? If assuming they have, you know, multiple clouds, which a lot of customers do. >>I, I, I I'll assure with you one thing that the going back to like basic primitives and I touched it touched on it a minute ago with data reduction. You have customers look at their, their storage bills in the cloud and say, we're gonna reduce that by half or more. You have a conversation >>Because they can bring your stack yeah. Into the cloud. And it's got more maturity than what you'd find from a cloud company, cloud >>Vendor. Yeah. Just data. Reduction's not part of block storage today in the cloud. So we've got an advantage there that we, we bring to bear. Yeah. >>So here we are at, at VMware Explorer, the first one of this name, and I love the theme, the center of the multi-cloud universe. Doesn't that sound like a Marvel movie. I feel like there should be superheroes walking around here. At some point >>We got Mr. Fantastic. Right here. We do >>Gone for, I dunno it >>Is. But a lot of, a lot of news this morning in the keynote, you were in the keynote, what are some of the things that you're hearing from VMware and what excites you about this continued evolution of the partnership with pure >>Yeah. Great point. So I, I think I touched on the, the two things that really caught my attention. Obviously, you know, we've got a lot of investment in V realize it was now kind of rebranded as ay, that, you know, I think we're really eager to see if we can help drive that consumption a bit higher, cuz we believe that plays into our favor as a vendor. We've we've we have over a hundred templates for the area platform right now to, you know, automation templates, whether it's, you know, levels set your platform, you know, automatically move workloads, deploy on demand. Like just so, so again, I think the focus there is very exciting for us, obviously when they've got a new release, like vSphere eight, that's gonna drive a lot of channel behaviors. So we've gotta get our, you know, we're a hundred percent channel company. And so we've gotta go get our channel ready because with about half of the updates of vSphere is, is hardware refresh. And so, you know, we've gotta be, be prepared for that. So, you know, some of the excitements about just being how to find more points in the market to do more business together. >>All right. Exciting cover the grounds. Right. I mean, so, okay. You guys announce earnings tomorrow, so we can't obviously quiet period, but of course you're not gonna divulge that anyway. So we'll be looking for that. What other catalysts are out there that we should be paying attention to? You know, we got, we got reinvent coming up in yep. In November, you guys are obviously gonna be there in, in a big way. Accelerate was back this year. How was accelerate >>Accelerate in was in Los Angeles this year? Mm. We had great weather. It was a phenomenal venue, great event, great partner event to kick it off. We happened to, to share the facility with the president and a bunch of international delegates. So that did make for a little bit of some logistic securities. >>It was like the summit of the Americas. I, I believe I'm recalling that correctly, but it was fantastic. Right. You, you get, you get to bring the customers out. You get to put a bunch of the engineers on display for the products that we're building. You know, one of the high, you know, two of the highlights there were, we, we announced our new flash blade S so, you know, higher, more performant, more scalable version of our, our scale and object and file platform with that. We also announced the, the next generation of our a I R I, which is our AI ready, AI ready infrastructure within video. So think of it like converged infrastructure for AI workloads. We're seeing tremendous growth in that unstructured space. And so, you know, we obviously pure was funded around block storage, a lot around virtual machines. The data growth is in unstructured, right? >>We're just seeing, we're seeing, you know, just tons of machine learning, you know, opportunities, a lot of opportunities, whether we're looking at health, life sciences, genome sequencing, medical imaging, we're seeing a lot of, of velocity in the federal space. You know, things, I can't talk about a lot of velocity in the automotive space. And so just, you know, from a completeness of platform, you know, flat flash blade is, is really addressing a need really kind of changing the market from NAS as like tier two storage or object is tier three to like both as a tier one performance candidate. And now you see applications that are supporting running on top of object, right? All your analytics platforms are on an object today, Absolut. So it's a, it's a whole new world. >>Awesome. And Pierce also what I see on the website, a tech Fest going on, you guys are gonna be in Seoul, Mexico city in Singapore in the next week alone. So customers get the chance to be able to in person talk with those execs once again. >>Yeah. We've been doing the accelerate tech tech fests, sorry about that around the globe. And if one of those align with your schedule, or you can free your schedule to join us, I would encourage you. The whole list of events dates are on pure storage.com. >>I'm looking at it right now. Vaon thank you so much for joining Dave and me. I got to sit between two dapper dudes, great conversation about what's going on at pure pure with VMware better together and the, and the CATA, the cat catalysis that's going on on both sides. I think that's an actual word I should. Now I have a degree biology for Vaughn Stewart and Dave Valante I'm Lisa Martin. You're watching the cube live from VMware Explorer, 22. We'll be right back with our next guest. So keep it here.