>> From Las Vegas, it's theCUBE. Covering Open Systems, the future is crystal clear with security and SD-WAN. Brought to you by Open Systems >> Hello everyone, welcome to theCUBE, We're here in Las Vegas again for another awesome set of conversations. CUBE coverage here at the Cosmopolitan hotel at the Chandelier Bar. We're here covering Open Systems having a special event in conjunction with a lot of the conference going on, Gardner has a big symposium, lot of things happening, we're here with M.K. Palmore whose the head of the FBI'S cyber security, San Francisco branch of the FBI, great to have you thanks for spending time. >> Thanks for having me, John. Much appreciated >> Chandelier Bar, everyone's having a good time, you guys had a lot of sessions today, conversations. You gave a speech today during a session around info sec and culture. >> Info sec risk and leadership. >> Okay talk about that, what will you, what was your main theme. >> Yeah, so I've over the past five years or so had the opportunity to go out and speak a lot about the cyber threat landscape. Going into this year, because the message is getting a little stayed and old, I think I want to concentrate on those issues that I think can help move the ball down the field a little bit. So, talking about cyber security risks as an enterprise risk, discussing it as a matter of an enterprises responsibility to address cyber securities as an enterprise risk is an important message to carry, and I like to add in topics and subjects about leadership, and tie all of those in because in my view, information security professionals have to be leaders as well, because we're all venturing into space that's not known to us. >> That's a great point, leadership also has to take into the new environment, your dealing with you know, a decentralized threat landscape, distributed, decentralized. >> Global. >> Back in the old days when I was in college, you get a pager, you get a new one, now you get flip phones and you can swap em out, now you're everywhere, you got social media, the ability to dodge the authorities, is easier, almost easier than ever before, requires you guys to be on your toes, to catch the bad guys, you need cutting edge technology, but you got to have a mindset in a management culture of leadership, to empower people at the edges. How are you guys thinking about, cause this is like one of the main cyber topics is, setting that system up to be nimble, reactive, used data, >> Right. >> What's your thoughts? >> Yeah so I mean, frankly the FBI is learning in new ways to approach this cyber security problem. We understand that we have to hire the right people with the right talent and that we as an organization we're used, frankly we're used to fighting you know, bad guys in the streets, are now taking this fight to the networked environment and we have to come up with new ways of tackling the problem. One of the biggest problems that we face and you touched on it, is that near 100% anonymity that criminals enjoy operating in the network environment, that ability to conduct transactions, that ability to essentially go unnoticed for long periods of time, without anyone knowing your true identity, creates a huge obstacle for law enforcement, but the good thing is that frankly it's something that we're very good at in terms of identifying whose on the other end of the keyboard, but it takes a lot of work. >> You know I'm old enough to have some friends that have graduated from you know, criminal justice majors when I was in college, I was a CS major, they went DEA, FBI, so a lot of friends and it's evolved a lot from having that branch office >> Yes. >> Focus, you now have digital, and one comment that always kind of resonated from my friends that were in the law enforcement area goes, John it's like putting the puzzle together, and you got to get the puzzle pieces to put it all together >> Right. >> Now you have a sea of puzzle pieces, it's almost like a three dimensional puzzle, because you have to get the data, you got to understand the landscape now and multiple dimensions >> Right. >> That you just mentioned. How do you guys keep up with putting that puzzle together, before it changes? >> We get a lot of help, right, so what we're used to doing is using the FBI'S special agent as the main tool of our investigations, in the cyber world we've had to add some pieces to that, not only is there specific training now for cyber agents, those agents that are charged with investigating intrusions, we have computer scientists, we have data analysts, we have folks that we bring to bear, in any one particular investigation, who add talents and tools that every, you know it's like, everyone is at the table on these investigations bringing different aspects of the investigation together and it is like you said, multiple data points and as any investigation is, lots of pieces being brought together to tell a story that we ultimately have to, you know convince the judge of, in terms of judge and a jury sometimes, of the validity of what it is that we've found. >> So timing is very important as well. >> Timing's huge, as we like to say, we want to be involved in intrusion matters as quickly, and as often as we can. Part of the challenge that we face is that there's a little bit of tug and pull between us and the private sector, and we aren't always brought in as early in a breach investigation as we would like to be, and those, it's valuable, valuable minutes, valuable days that are lost sometimes in that, in that transactional process. >> I interviewed Christine Halverson, I don't even, I'm sorry I didn't interview her, I watched her give a presentation amazon reinvent last week, she gave a key, one of the key notes during a public sector summit, Teresa Carlson's breakfast that she had, and she said something very fascinating she said, we are in a data crisis at the FBI, meaning that they have to put the puzzle pieces together and get it done quick, it was something along those lines, but she said that the FBI has been very progressive in adopting new technology, you guys are moving very very fast and she said she's excited by that but she said we need the data, whether that's being called in quickly, >> Right. >> And or getting access to other data bases, right, so it's like the data is out there, so you guys need access to that, how do you guys, how do you, how's the FBI evolving with that, architectural cloud and what not, and how are you enabling the tools for the field agents, and the people in the trenches? >> So the data analytics is an interesting area to dive deeply into, I mean we face the same challenges as any private organization, in terms of how we intake the data, how the data's organized, how it is that we then retrieve the data, look at it, how it relates to the different data points relate to one another, we face all of those same challenges and we have the added challenge, I think in the environment that we're in, in terms of how we're able to adopt private sector products that are out there that might meet our needs, I mean I've been in government now for over 30 years, it's a bit of a challenge being able to acquire the types of platforms and products that you, that you would want to have as quickly as you would like to have them, but eventually we do get down those roads, we do adopt platforms that are useful to us, and again like everyone else, we're trying to move as quickly as we possibly can in this environment to keep up with the bad guys. >> And you guys do a great job moving those antiquated inadequate systems to more real time, >> We try. >> State of the art. >> We try. >> So I interviewed General Keith Alexander once, and we talked about identity and private sector, public sector collaboration. Can you share your thoughts on that, because this is something that's become a bigger trend recently in the past five to 10 years, past three years in particular where it's a sharing culture it's not just, well I'm not going to call the FBI they're going to come in, it's no no we're going to bring them in early, whether it's a breach you think, or someone hiding, I mean the Marriot thing they didn't even know they were there! So, you guys are now spending more time collaborating with the enterprises and businesses, how has that changed your approach, your posture, how you look at the data, can you give some insight into that? >> Yeah so I mean a lot of it's about relationship building, I will tell you that, in the San Francisco division one of the priorities we have within our cyber branch, is to ensure that we have a certain level of rapport, not just with the big tech giants in the valley, but also with the medium size enterprises and the small enterprises, we spend a fair amount of time putting ourselves in front of the C-Suites, boards of directors and talking to them about one, what capabilities the FBI brings to the table, we open the lines of communication with them and we build a rapport, in such a way that it allows them the trust to then bring problems to us and we then begin an exchange of information. The point you made about, public, private collaboration, it's an absolute must, there's no way we get through this tough period that we're in, without both sides sitting down at the table, establishing some trust, and then moving together to solve these problems. >> The other thing I'd observe and you may or may not want to comment on this, love to see if you would comment, but the notion of agility, especially with data and systems and cloud computing. CIA, the Department of Defense, are moving to systems that can be as reactive and accurate as possible, and this is a changing of relationship to the suppliers! >> Right. >> You know, and the government, oh multiple suppliers, we got to do five different things, >> Right. >> But if the systems don't talk to each other, you guys can't be fast. This is seat change and the mindset. >> The whole government I think is beginning to understand that in this world, technology, we need to be much more agile in terms of our adoption of new products that will allow us to combat crime, and frankly the threat from the national security sector that we're responsible for responding to. So we understand that there's a certain level of agility historically not present, that we need to move the marker to get towards. >> Let me ask you a question, does the FBI have an app store? (John laughs) >> So what, we have secured telephones that we utilize and we certainly have an approved list of apps that we're allowed to have on our phones, so we do. The short answer to that is yes, it's a very truncated list of apps that we have available to us, but they're helpful. >> Well we were joking. Well we were joking at reinvent and all these cloud conferences because, the developer now, building a right new software apps is faster, so this whole dev ops ethos of cloud computing >> Secure DevOps yeah. >> And so secure DevOps is really interesting because now you don't have to, you can free up the data in the infrastructure and yes infrastructure is code, your going to see a renaissance of new applications, so the joke was, you know you made it when you have an app store inside the FBI, there's an app for that. Okay, final question for you, as you guys do your thing and I know you get called in a lot to mentor and also collaborate with enterprises, what's your advice on the info sec landscape? Do you talk to CSO's and CXO's, CSO's in particular are under a lot of pressure, >> Right. >> Board level kind of responsibility, not part of IT anymore they are now a critical piece of building out these teams, what's your advice to them in terms of either, whether there's observation's our best practice that you've seen, that they can think about? >> So a couple of the points that I typically hit on in my talks, that I hit on today, one is this idea of looking at cyber security as an enterprise risk which you just talked about. We need to get away from the old school thought process of cyber being an IT function, right? It's an enterprise risk, it needs to be talked about in terms of risk, the language of risk management, with the C-Suite, with the boards of directors, because when you talk in a language of the likelihood of an event happening, the impact to the organization and what that means in terms of, daily revenue, daily dollars to the business, that's a language that business owners and business leaders understand. So the oweness is on information security leaders to adopt this language, so that we can communicate our needs to our colleagues in the C-Suite and the boards of directors. It's a seat change for information security professionals because this is not a language that they are typically used to speaking. >> And they got to level up there too because this is the reality. >> Absolutely. >> Alright, final final question, what's the most exciting thing that you're working on and or you're seeing happening around you, that you get up in the morning and say, man I'm so excited to work on that. Or trend or technology. >> I'll tell you when you work for an organization like the FBI, which I've done for almost 22 years, at the end of the day it's getting exposure to people who are engaged in trying to achieve the FBI's mission on a day to day basis and at the end of the day, I don't care how much technology you have around you, I don't care how much policy you have in place, having the right people in place who are dedicated to what we're trying to accomplish, that's the thing I get the most juice out of on a day to day basis, we get to actually, in this portion of my career, really work with some of the most talented people that the FBI has. >> And their being empowered more than ever right now in this technology >> Absolutely. >> M.K. Palmore thanks for coming on theCUBE appreciate it. Head of the FBI cyber security in San Francisco. It's theCUBE here in Las Vegas at the Chandelier Bar in the Cosmopolitan, breaking it down. Part of Open Systems private event, they just had a lot of stuff going on with Gardner, lot of events happening here in Vegas, I'm John Furrier, thanks for watching. (modern music)