>> We're back at the ARIA Las Vegas. We're covering CrowdStrike's Fal.Con 22. First one since 2019. Dave Vellante and Dave Nicholson on theCUBE. Adam Meyers is here, he is the Senior Vice President of Intelligence at CrowdStrike. Adam, thanks for coming to theCUBE. >> Thanks for having me. >> Interesting times, isn't it? You're very welcome. Senior Vice President of Intelligence, tell us what your role is. >> So I run all of our intelligence offerings. All of our analysts, we have a couple hundred analysts that work at CrowdStrike tracking threat actors. There's 185 threat actors that we track today. We're constantly adding more of them and it requires us to really have that visibility and understand how they operate so that we can inform our other products: our XDR, our Cloud Workload Protections and really integrate all of this around the threat actor. >> So it's that threat hunting capability that CrowdStrike has. That's what you're sort of... >> Well, so think of it this way. When we launched the company 11 years ago yesterday, what we wanted to do was to tell customers, to tell people that, well, you don't have a malware problem, you have an adversary problem. There are humans that are out there conducting these attacks, and if you know who they are what they're up to, how they operate then you're better positioned to defend against them. And so that's really at the core, what CrowdStrike started with and all of our products are powered by intelligence. All of our services are our OverWatch and our Falcon complete, all powered by intelligence because we want to know who the threat actors are and what they're doing so we can stop them. >> So for instance like you can stop known malware. A lot of companies can stop known malware, but you also can stop unknown malware. And I infer that the intelligence is part of that equation, is that right? >> Absolutely. That that's the outcome. That's the output of the intelligence but I could also tell you who these threat actors are, where they're operating out of, show you pictures of some of them, that's the threat intel. We are tracking down to the individual persona in many cases, these various threats whether they be Chinese nation state, Russian threat actors, Iran, North Korea, we track as I said, quite a few of these threats. And over time, we develop a really robust deep knowledge about who they are and how they operate. >> Okay. And we're going to get into some of that, the big four and cyber. But before we do, I want to ask you about the eCrime index stats, the ECX you guys call it a little side joke for all your nerds out there. Maybe you could explain that Adam >> Assembly humor. >> Yeah right, right. So, but, what is that index? You guys, how often do you publish it? What are you learning from that? >> Yeah, so it was modeled off of the Dow Jones industrial average. So if you look at the Dow Jones it's a composite index that was started in the late 1800s. And they took a couple of different companies that were the industrial component of the economy back then, right. Textiles and railroads and coal and steel and things like that. And they use that to approximate the overall health of the economy. So if you take these different stocks together, swizzle 'em together, and figure out some sort of number you could say, look, it's up. The economy's doing good. It's down, not doing so good. So after World War II, everybody was exuberant and positive about the end of the war. The DGI goes up, the oil crisis in the seventies goes down, COVID hits goes up, sorry, goes down. And then everybody realizes that they can use Amazon still and they can still get the things they need goes back up with the eCrime index. We took that approach to say what is the health of the underground economy? When you read about any of these ransomware attacks or data extortion attacks there are criminal groups that are working together in order to get things spammed out or to buy credentials and things like that. And so what the eCrime index does is it takes 24 different observables, right? The price of a ransom, the number of ransom attacks, the fluctuation in cryptocurrency, how much stolen material is being sold for on the underground. And we're constantly computing this number to understand is the eCrime ecosystem healthy? Is it thriving or is it under pressure? And that lets us understand what's going on in the world and kind of contextualize it. Give an example, Microsoft on patch Tuesday releases 56 vulnerabilities. 11 of them are critical. Well guess what? After hack Tuesday. So after patch Tuesday is hack Wednesday. And so all of those 11 vulnerabilities are exploitable. And now you have threat actors that have a whole new array of weapons that they can deploy and bring to bear against their victims after that patch Tuesday. So that's hack Wednesday. Conversely we'll get something like the colonial pipeline. Colonial pipeline attack May of 21, I think it was, comes out and all of the various underground forums where these ransomware operators are doing their business. They freak out because they don't want law enforcement. President Biden is talking about them and he's putting pressure on them. They don't want this ransomware component of what they're doing to bring law enforcement, bring heat on them. So they deplatform them. They kick 'em off. And when they do that, the ransomware stops being as much of a factor at that point in time. And the eCrime index goes down. So we can look at holidays, and right around Thanksgiving, which is coming up pretty soon, it's going to go up because there's so much online commerce with cyber Monday and such, right? You're going to see this increase in online activity; eCrime actors want to take advantage of that. When Christmas comes, they take vacation too; they're going to spend time with their families, so it goes back down and it stays down till around the end of the Russian Orthodox Christmas, which you can probably extrapolate why that is. And then it goes back up. So as it's fluctuating, it gives us the ability to really just start tracking what that economy looks like. >> Realtime indicator of that crypto. >> I mean, you talked about, talked about hack Wednesday, and before that you mentioned, you know, the big four, and I think you said 185 threat actors that you're tracking, is 180, is number 185 on that list? Somebody living in their basement in their mom's basement or are the resources necessary to get on that list? Such that it's like, no, no, no, no. this is very, very organized, large groups of people. Hollywood would have you believe that it's guy with a laptop, hack Wednesday, (Dave Nicholson mimics keyboard clacking noises) and everything done. >> Right. >> Are there individuals who are doing things like that or are these typically very well organized? >> That's a great question. And I think it's an important one to ask and it's both it tends to be more, the bigger groups. There are some one-off ones where it's one or two people. Sometimes they get big. Sometimes they get small. One of the big challenges. Have you heard of ransomware as a service? >> Of course. Oh my God. Any knucklehead can be a ransomwarist. >> Exactly. So we don't track those knuckleheads as much unless they get onto our radar somehow, they're conducting a lot of operations against our customers or something like that. But what we do track is that ransomware as a service platform because the affiliates, the people that are using it they come, they go and, you know, it could be they're only there for a period of time. Sometimes they move between different ransomware services, right? They'll use the one that's most useful for them that that week or that month, they're getting the best rate because it's rev sharing. They get a percentage that platform gets percentage of the ransom. So, you know, they negotiate a better deal. They might move to a different ransomware platform. So that's really hard to track. And it's also, you know, I think more important for us to understand the platform and the technology that is being used than the individual that's doing it. >> Yeah. Makes sense. Alright, let's talk about the big four. China, Iran, North Korea, and Russia. Tell us about, you know, how you monitor these folks. Are there different signatures for each? Can you actually tell, you know based on the hack who's behind it? >> So yeah, it starts off, you know motivation is a huge factor. China conducts espionage, they do it for diplomatic purposes. They do it for military and political purposes. And they do it for economic espionage. All of these things map to known policies that they put out, the Five Year Plan, the Made in China 2025, the Belt and Road Initiative, it's all part of their efforts to become a regional and ultimately a global hegemon. >> They're not stealing nickels and dimes. >> No they're stealing intellectual property. They're stealing trade secrets. They're stealing negotiation points. When there's, you know a high speed rail or something like that. And they use a set of tools and they have a set of behaviors and they have a set of infrastructure and a set of targets that as we look at all of these things together we can derive who they are by motivation and the longer we observe them, the more data we get, the more we can get that attribution. I could tell you that there's X number of Chinese threat groups that we track under Panda, right? And they're associated with the Ministry of State Security. There's a whole other set. That's too associated with the People's Liberation Army Strategic Support Force. So, I mean, these are big operations. They're intelligence agencies that are operating out of China. Iran has a different set of targets. They have a different set of motives. They go after North American and Israeli businesses right now that's kind of their main operation. And they're doing something called hack and lock and leak. With a lock and leak, what they're doing is they're deploying ransomware. They don't care about getting a ransom payment. They're just doing it to disrupt the target. And then they're leaking information that they steal during that operation that brings embarrassment. It brings compliance, regulatory, legal impact for that particular entity. So it's disruptive >> The chaos creators that's.. >> Well, you know I think they're trying to create a they're trying to really impact the legitimacy of some of these targets and the trust that their customers and their partners and people have in them. And that is psychological warfare in a certain way. And it, you know is really part of their broader initiative. Look at some of the other things that they've done they've hacked into like the missile defense system in Israel, and they've turned on the sirens, right? Those are all things that they're doing for a specific purpose, and that's not China, right? Like as you start to look at this stuff, you can start to really understand what they're up to. Russia very much been busy targeting NATO and NATO countries and Ukraine. Obviously the conflict that started in February has been a huge focus for these threat actors. And then as we look at North Korea, totally different. They're doing, there was a major crypto attack today. They're going after these crypto platforms, they're going after DeFi platforms. They're going after all of this stuff that most people don't even understand and they're stealing the crypto currency and they're using it for revenue generation. These nuclear weapons don't pay for themselves, their research and development don't pay for themselves. And so they're using that cyber operation to either steal money or steal intelligence. >> They need the cash. Yeah. >> Yeah. And they also do economic targeting because Kim Jong Un had said back in 2016 that they need to improve the lives of North Koreans. They have this national economic development strategy. And that means that they need, you know, I think only 30% of North Korea has access to reliable power. So having access to clean energy sources and renewable energy sources, that's important to keep the people happy and stop them from rising up against the regime. So that's the type of economic espionage that they're conducting. >> Well, those are the big four. If there were big five or six, I would presume US and some Western European countries would be on there. Do you track, I mean, where United States obviously has you know, people that are capable of this we're out doing our thing, and- >> So I think- >> That defense or offense, where do we sit in this matrix? >> Well, I think the big five would probably include eCrime. We also track India, Pakistan. We track actors out of Columbia, out of Turkey, out of Syria. So there's a whole, you know this problem is getting worse over time. It's proliferating. And I think COVID was also, you know a driver there because so many of these countries couldn't move human assets around because everything was getting locked down. As machine learning and artificial intelligence and all of this makes its way into the cameras at border and transfer points, it's hard to get a human asset through there. And so cyber is a very attractive, cheap and deniable form of espionage and gives them operational capabilities, not, you know and to your question about US and other kind of five I friendly type countries we have not seen them targeting our customers. So we focus on the threats that target our customers. >> Right. >> And so, you know, if we were to find them at a customer environment sure. But you know, when you look at some of the public reporting that's out there, the malware that's associated with them is focused on, you know, real bad people, and it's, it's physically like crypted to their hard drive. So unless you have sensor on, you know, an Iranian or some other laptop that might be target or something like that. >> Well, like Stuxnet did. >> Yeah. >> Right so. >> You won't see it. Right. See, so yeah. >> Well Symantec saw it but way back when right? Back in the day. >> Well, I mean, if you want to go down that route I think it actually came from a company in the region that was doing the IR and they were working with Symantec. >> Oh, okay. So, okay. So it was a local >> Yeah. I think Crisis, I think was the company that first identified it. And then they worked with Symantec. >> It Was, they found it, I guess, a logic controller. I forget what it was. >> It was a long time ago, so I might not have that completely right. >> But it was a seminal moment in the industry. >> Oh. And it was a seminal moment for Iran because you know, that I think caused them to get into cyber operations. Right. When they realized that something like that could happen that bolstered, you know there was a lot of underground hacking forums in Iran. And, you know, after Stuxnet, we started seeing that those hackers were dropping their hacker names and they were starting businesses. They were starting to try to go after government contracts. And they were starting to build training offensive programs, things like that because, you know they realized that this is an opportunity there. >> Yeah. We were talking earlier about this with Shawn and, you know, in the nuclear war, you know the Cold War days, you had the mutually assured destruction. It's not as black and white in the cyber world. Right. Cause as, as Robert Gates told me, you know a few years ago, we have a lot more to lose. So we have to be somewhat, as the United States, careful as to how much of an offensive posture we take. >> Well here's a secret. So I have a background on political science. So mutually assured destruction, I think is a deterrent strategy where you have two kind of two, two entities that like they will destroy each other if they so they're disinclined to go down that route. >> Right. >> With cyber I really don't like that mutually assured destruction >> That doesn't fit right. >> I think it's deterrents by denial. Right? So raising the cost, if they were to conduct a cyber operation, raising that cost that they don't want to do it, they don't want to incur the impact of that. Right. And think about this in terms of a lot of people are asking about would China invade Taiwan. And so as you look at the cost that that would have on the Chinese military, the POA, the POA Navy et cetera, you know, that's that deterrents by denial, trying to, trying to make the costs so high that they don't want to do it. And I think that's a better fit for cyber to try to figure out how can we raise the cost to the adversary if they operate against our customers against our enterprises and that they'll go someplace else and do something else. >> Well, that's a retaliatory strike, isn't it? I mean, is that what you're saying? >> No, definitely not. >> It's more of reducing their return on investment essentially. >> Yeah. >> And incenting them- disincening them to do X and sending them off somewhere else. >> Right. And threat actors, whether they be criminals or nation states, you know, Bruce Lee had this great quote that was "be like water", right? Like take the path of least resistance, like water will. Threat actors do that too. So, I mean, unless you're super high value target that they absolutely have to get into by any means necessary, then if you become too hard of a target, they're going to move on to somebody that's a little easier. >> Makes sense. Awesome. Really appreciate your, I could, we'd love to have you back. >> Anytime. >> Go deeper. Adam Myers. We're here at Fal.Con 22, Dave Vellante, Dave Nicholson. We'll be right back right after this short break. (bouncy music plays)

>>you welcome to the cubes, continuing coverage of Splunk dot com. 21 I'm lisa martin of a couple guests here with me. Next talking about Splunk H P E N. Deloitte, please welcome Casey Clark, Managing Director and chief architect at Deloitte and Elias Alanya Master Technologists Office of the North American C T O at H P E. Guys welcome to the program. Great to have you. >>Thank you lisa. It's great to be here. >>Thanks lisa >>Here we still are in this virtual world the last 18 months, so many challenges, some opportunities, some silver linings but some of the big challenges that organizations are facing this rapid shift to remote work. The rapid acceleration In digital transformation ran somewhere up nearly 11 x in the first half of this year alone. Solar winds talk to me about some of the challenges that organizations are facing and how you're helping them deal with that Casey >>we'll start with you So most of our clients as we move to virtual um have accelerated their adoption of multiple cloud platforms. You know, moving into a W S into Azure into google. And one of the biggest challenges is in this distributed environment, they still have significant workloads on prem Part of the workloads are in office 3 65. Part of them are in salesforce part of them they're moving into AWS or big data workloads into google. How do you make this all manageable from both. A security point of view and accelerating threats. Uh make that much worse but also from an operational point of view, you know, how do I do application performance management when I have workloads in the cloud calling. Api is back on prem into the mainframe. How do I make an operationally when I have tons of containers and virtual machines operating out there? So the importance of Splunk and good log management observe ability along with all the security management and the security logs and being able to monitor for your environment in this complex distributed environment is absolutely critical and it's just going to get more complex as we get more distributed. >>How can companies given the complexity? How can companies with these complicated I. T. Landscapes get ahead of some of these issues? >>One of the things that we really focused on making sure that you're getting ahead of those and you know we work with organizations like Splunk and Deloitte is how do we how do we collect all of the data? Not just a little bit of it, you know Splunk, help and Deloitte are helping us look across all of those places. We want to make sure that we can can really ingest everything that's out there and then let the tools like Splunk then use all of that data. We found a lot of organizations really struggle with that and with the retention of that data it's been a challenge. So those are things that we really worked hard on figuring out with organizations out there um how to how to ingest retain and then modernize how they do those things at the same time. >>I was reading the Splunk state of Security report which they surveyed over 500 security leaders I think it was over nine um global economies and they said 78% of security and I. T. Leaders worry 78% that they're going to be hit by something like solar winds. Um That style of attack Splunk saying security is a data problem but also looking at all this talk about being on the defensive and preventing attacks the threat landscape escaping companies also have to plan for growth. They have to plan for agility. How do you both help them accomplished? Both at the same time Casey will start with you. >>Well fundamentally on the security front you start with security by design. You're designing the logging the monitoring the defenses into the systems as they are being designed up front as opposed to adding them when you get to Um you know you 80 or production environment. So security by design much like devops and Fc cops is pushing that attitude towards security back earlier in the process so that each of the systems as we're developing them um have the defenses that are needed and have the logging that are embedded in them and the standards for logging so that you don't just get a lot of different kinds of data you get the data you actually need coming into the system and then setting up the correlation of that data so you can identify those threats early through a i through predictive analytics, you get to identify things more quickly. You know, it's all about reducing cycle times and getting better information by designing it in from the beginning, >>standing in from the beginning that shifting left Elias. What are your thoughts about this, enabling that defense, designing an upfront and also enabling organizations to have the agility to grow and expand? >>Yes, sort of reminded of something our friends with the Blue oval used to say in manufacturing quality isn't inspected, it's built in right and and two cases point you have to build it in. We've we've definitely worked with delight to do that and we've set up systems so that they have true agility. We've done things like container ice block with kubernetes uh you know, work with object storage. A lot of the new modern technologies that maybe organizations aren't quite accustomed to yet are still getting on board with. And so we wrap those up in our HP Green Lake managed services so that we can provide those things to organizations that aren't maybe aren't ready for them yet. But the threat landscape is such that you have to be able to do those things if you're not orchestrating these thousands and thousands of containers with something like kubernetes, it's just it becomes such a manual labor intensive process. And so that that labor intensive, non automated process. That's the thing that we're trying to remove. >>Well that's an inhibitor to growth, right number one there, let's go ahead and dig into the HP. Deloitte Splunk solution case. I'm going to go back over to, you talk to me about kind of the catalyst for developing the solution and then we'll dig into it in terms of what it's delivering. >>So Deloitte has had long term partnerships with both H B E and Splunk and we're very excited about working together with them on this solution. Um the HP Green Light, which is hardware by subscription, the flexibility of that platform, you know, the cost effectiveness of the platform. Be able to run workloads like Splunk on it that are constantly changing. You have peaks and valleys depending on, you know, how much work you're doing, how many logs are coming in and so being able to expand that environment quickly through containerized architecture, Oz Funk, which is what we worked on, um you know, with the HP Green Light team uh and and also with spunk so that we can Federated the workloads and everything that's going on on prem with workloads that are in the cloud and doing it very flexibly with the HP on prim platform as well as, you know, Splunk on google and Azure and Splunk cloud um and then having one pane of glass that goes across all of it has been very exciting. You know, we were getting lots of interest in the demo of what we've done on the Green light platform and the partnership has been going great, uh >>that single pane of glass is so critical. We talked about cloud complexity a few minutes ago, customers are dealing with so many different applications there now in this hybrid multi cloud world, it's probably only going to proliferate, Let's talk to me about H P. S perspective and how you're going to help reduce the cloud complexity that customers in every industry are facing. >>Yeah, so within the HP Green Lake umbrella of portfolio, we have set up our uh admiral container platform, for example, are Green Lake management services. We bring all these things together in a way that that really can accelerate applications uh that can make the magic that Deloitte does work underneath. And so when, when our friends at Deloitte go and build something, someone has to, has to bring that to life, has to run it for for our customers. And so that's what Hb Green Lake does, then we do that in a way that fundamentally aligns to the business cycles that go on. And so, uh you know, we think of cloud as an operating model, not necessarily just a physical destination. And so we work on prem Coehlo public hybrid Green Lake spans across all of those and can bring together in a way that really helps customers. We've seen so many times, they have these silos and islands of data. Um you know, you've got uh data being generated in the cloud. Well, you need Splunk in the cloud, you've got the energy generated in uh, Amelia, Well you've got spunk into me and so so Deloitte's really done some great things to help us put that together and then we, we underpin that with the, with the green like uh management services with our software and our infrastructure to make it all >>work. Yeah, Elias, one of the areas that you just mentioned is is one of the hottest trends that we've noticed out there. A lot of clients, you know, with the competition for skilled resources out there on the engineering side and operations are looking at managed services as an option to building, you know, their own technology, you know, hiring their own team, running it themselves and the work that we do with both on the security side as well as operations to provide managed services for our clients in collaboration with companies like HP E and running of the Green Lake platform platforms as well as one cloud, those combined services together and delivered as a managed service uh to our clients is an exciting trend out there that um, is increasingly seen as very cost effective for our clients >>saving cost is key case. I want to get your perspective on what you think differentiates this, this solution, the technology alliance, what are the differentiators in this from Deloitte's lens. >>So bringing the expertise of a company like HP and the flexibility and expand ability of the Green lake platform and the container ization that they've done with Israel, you know, it's, it's bringing that cloud like automation and virtual and flexibility to on uh, the on prem and the hybrid cloud solution combined with Splunk who is rapidly expanding not only what they do in the security space where the constantly changing security landscape out there, but also in observe ability application, performance management, um, Ai ops, um, you know, fully automated and integrated response to operational events that are out there. So HP is doing what they do really well and adapting to this new world. Splunk is constantly changing their products to make it easier for us to go after those operational issues. And Deloitte is coming in with both the industry and the technical experience to bring it all together, you know, how do you log the right things, you know, how do you identify, you know, the real signal versus the noise out there? You know, when you're collecting massive amounts of log data, you know, how do you make it actionable? How can you automate those actions? So by bringing together all three of these berms together, uh we can bring a much better, much, much more effective solutions to our clients in much shorter time frames, >>Shorter time frames are key given that one of the things we've learned in the last 18 months, is that real time is really business critical for companies in every industry unless I want to get your perspective from a technology lens, talk to me about the differentiators here, what this solution is three way alliance brings to your customers. >>Yeah, sure thing. We've done a lot of work with Deloitte and with Intel also on performance optimization, which is, is key for any application and that gets to what I mentioned earlier of bringing more data in some of the work that we've done with until we've able been able to accelerate Are the ingest rate of Splunk by about 17 times, which is pretty incredible. Uh, and that allows us to do more or do more with less and that can help reduce the cost. Also done a lot of work on the, on the setup side. So there's a lot of complexities in running a big enterprise application like Splunk. Um, it does a lot of great things but with that comes some complications for sure. And so, uh, a lot of the work that we've done is to help really make this production ready at scale disaster tolerance and bring all of those things together. And that >>requires a fair amount of >>work on the back end to make sure that we can, we can do that at scale and, and to be a, you know, to run, you know, in a way that businesses of significant size can take advantage of these things without having to worry about what happens if I lose a data center or what happens if I lose a region. Um And and to do those things with absolute assurance >>That's critical case you have a question for you. How will this solution help facilitate one of the positives that we've seen during the last 18 months and that is the strengthening of the IT security relationship. What are your thoughts there? >>I think one of the important things here is that the standardization and automation of what we're what we're bringing together you know so that security can monitor all the different things that are being configured because I can go in and look at the automation that it's creating them. So we have a very dynamic environment now with the new cloud based and virtualized environment so going in and manually configuring anything anymore. It's just not possible. Not when you're managing tens of thousands of servers out there. So security working together very closely with operations and collaborating on that automation so that the managed services are are configured right from the beginning as we talked about security about design. Operations by design in the beginning it's that early collaboration and that shift left that is giving us the very close collaboration that results in good telemetry, good visibility you know good reaction times on the other end. >>That collaboration is something that we've also seen is really a key theme that's emerged I think from all of us in every industry in the last 18 months. And I want to punt the last question to you and that's where can customers go to learn more information? How do they get started with this solution? >>A great way to get started is to reach out to our partners like Deloitte, they can help you on that journey. Hp. Es there, of course. Hp dot com. We have a number of white papers, collateral presentations, reference architecture is you name it, it's out there. But really every organization is unique. Every every challenge that we come up with always requires a little bit of hard thinking and and so that's why we have the partnership >>to be able to work with customers and collaborate. I'll say to really identify what their challenges are, how they help them in this very dynamic. No doubt continuing to be dynamic market. Thank you both so much for joining me talking to me about what Deloitte Splunk NHP are doing, how you're helping customers address that cloud complexity from the security lens, the operations lens. We appreciate your time. >>Thanks lisa. Thank you lisa tonight >>For my guests. I'm Lisa Martin, you're watching the cubes coverage of splunk.com 21. Yeah. Mhm

>>from around the globe. It's the Cube with digital coverage of AWS reinvent 2020 sponsored by Intel AWS and our community partners. Welcome to the cubes Coverage of AWS reinvent 2020. The digital version I'm Lisa Martin and I'm joined by a couple of guests from Unisys. Please welcome unprompted high BP and Cloud CTO on income. Great to have you on the program. Thanks for joining me today. >>Great to be here leader >>and a new pre or a new Ram Raj, VP of Cloud Services. A new welcome. Great to have you on a swell. Great >>to be here in this virtual AWS being that great. >>Thank you. Very socially Distance We're following all the guidelines here. A new Let's start with you. I'd love to get just kind of Ah, you know, a vision of the AWS Unisys partnership. I know you guys are advanced consulting partner MSP. Tell me about that partnership. >>Absolutely. Lisa, we see our clients on a cloud journey which we accelerate with Unisys Cloud Services and AWS partnership is a big piece of that again. Way thorough. We have bean rated in aws MSP partner Come out very, very highly from those msb audited our, uh and we're investing in multiple competencies across the boat as well. So and we work very closely with AWS in terms off innovating in sharing our platform cloud 44 world map In looking at what our customers looking around the corner, what services could be co developed. So we're looking at some potential I o T engagements to jointly with AWS is, well, eso you're always co inventing and it's a great partnership with a W s >>excellent. And you let's stick with you Following on hybrid Cloud Journey you mentioned the Cloud Forte platform. I wanted to understand what that platform is, how your co developing that with AWS and how your customers are benefiting >>absolutely s. Um, every year Unisys does a cloud barometer study across thousands of our clients and and we got some interesting takeaways from that. Essentially two thirds of her clients that have started this cloud journey believe they don't really realize the benefits out of that and up thio 53% off. The the respondents said they needed some help with cloud security. And this is where I believe that Unisys Cloud Services has a strong viewpoint and can find their AWS, um, journey, no matter where, what challenges they're facing, whether it's budgetary challenges on optimizing AWS and whether it's getting I t operations right when you move your applications to AWS. Um, and is it is it getting the that I have seen cops models established? So no matter where clients are in the A journey, we look to accelerate with our set of solutions and services, and we're very proud about the fact that we respond very me to make sure our clients can innovate and achieve the business outcomes that they need. For example, with California Stink City, we were able to work with them on the AWS. John Pretty set up a native other lake and analytics on top of it so we could actually predict and influence graduation rates with students. Our scores are higher than any off are coming because of the outcomes that we deliver for our clients. And it's really about business outcomes and 40 platform, which helps us drive those outcomes. I mean, probably do you want to add on without cloud 40 platform? >>Sure, I know eso, as as I knew was saying cloud for the platform provides AH set off capabilities that allows us to create an offer highly differentiated services with Unisys Pipe and, as was mentioned earlier, our cloud solutions are are able to help customers no matter where they are in their car, in their cloud journeys, whether it's ah Greenfield opportunity, where they where the customers are intending to move to the cloud, or if it's a brownfield opportunity where they already have adopted the cloud and are looking to manage and operate and optimize their deployments. Cloud Forte Platform and our Cloud Solutions are able to provide, uh, customized solution for that customer context to really deliver the solution that addresses some of the pain points that you talked about. The keeping points really relate to security to get secured. It also relates to cost optimization and then optimizing the cloud purse, a cloud deployment hybrid cloud deployment of the key requirement. So our cloud 40 platform health drives the key use cases. The key pain points that our customers are looking for through a combination off accelerators, the number of cloud photo accelerators that enable customers to rapidly prove it provisioned customers and to rapidly migrate to the cloud with God rails so that they're the secure, their compliant. And then we've got the the Cloud Cloud 40 Cloud management platform for ensuring provisioning onda management and operations, along with cost optimization capabilities and the eyelid operations. So it's a comprehensive suite off services and solutions that addresses the key business outcomes. There are customers are are looking for >>outcomes. Focused is absolutely critical, especially these days. I knew I wanted to go back to you for a second. You talked about the Unisys Barometer study, and I like the name of that. When was that done? And I'm just wondering if there are certain things that you saw this year from a customer. Cloud journey. Need perspective because of the pandemic that have really influenced that barometer >>Wait Question. Hey said and development is study. The last version of it was done late last year, and we're still waiting on the ones from this year. So, but we're starting to see some of the trends that were influenced by the pandemic. We saw rush to cloud when the pandemic hit because business adopt to to remote workers to do more digital selling and then seeing our CEO is kind of struggle with optimizing and maximizing the results off their cloud. Spend right, So So that's a unique challenge that that we're seeing based on our tryingto interaction. So the rush to the cloud and the ask for more spend optimization and in terms of spend optimization, that's an interesting facet because, uh, it cuts through my multiple angles. It's it's cuts through having the platforms around, being able to dio right predictions on where you spend is going, and then it also it's across collaborative effort. Finn ops. As we see it, we call it as a synopsis of is that we bring to our clients it's passing with multiple organizations, including finance, to sometimes figure out. Where will this business be? Where should you spend be? What should be the reserved instance buys right. So combining cloud knowledge with financial knowledge and organizational and business knowledge. And that's the service that we bring to our clients with our phenoms services. At least a great question about how how is I kind of making the current business climate affecting our operating models? Um, like we said, there's increased ask for Finn ops is an increase. Ask for security ops because security threats have only amplified. And then the entire cloud ups model. I think hybrid cloud operations its's prompted us to rethink a lot off. How do we do? I t operations and and we're investing a lot in terms of automation and then underpinning that by ai led operation. So, um, you talked about the client management platform making sure we've got the best automation and processes which are repeatable around all the way from just doing provisioning to data operations to optimization. Just making all of that robust and repeatable um, is such a value. Add to clients because then they can see SOS can sleep at night knowing that everything is taken care off and, uh, the CIA, the CEOs can be rest assured that hey, they're not going to get that AWS bill that's going to make them hit the roof. So making sure we've got the right checks and balances and approval flow is all a part of our child management platform. And at that point, I know you really passionate AI and the role that it plays in operations and the entire cloud management platform and cloud for day platform So your thoughts in the poem? >>Yes, sir. No, thank you. But so yeah, yeah, I led operations is really part off the bigger question and the pain point that customers are faced with, which is I've reached the cloud. Now, how do I optimized and get benefits from the cloud on the benefits is around. You know, uh, utility for on demand access to resource is, uh, this cost optimization potential and the security, uh, cloud security potential that, if not managed properly, can really blow up in the face. And unfortunately, you know that in the case on the AI ops led Operation Side, that's again a huge foretell area where Unisys Investor is investing a lot off a lot off i p and creating a lot of differentiation. And the objective there is to ask Customers adopt cloud for day as they adopt Unisys Cloud services. They're able to take advantage off cost optimization capabilities, which essentially looks at historical usage on predicts future usage, based on a number off a I artificial intelligence and machine learning technologies that that is able to give you predictions that otherwise very hard to hard to get and, uh, in the cloud environment because of the sheer velocity volume and variety of the data. Doing that in a manual fashion is very, very hard. So automated machine learning driven approach is very productive is very effective on, you know, some of the outcomes that we've achieved is is just amazing. We've been able to save up to 25% off infrastructure costs through the island operations. About 40% off infrastructure incidents have bean reduced due to root cause analysis. Eso onda up to 35% off meantime, to resolution improvements in time. So huge customer benefits driven by e I led operations. The I am a approaches to following the problem. >>Let me see him If I could stick with you for a second big numbers that you just talked about and we talked a few minutes ago about outcomes. It's all about outcomes right now with this rush to cloud as as a new set. And we talked about this on the Cuba all the time. We've seen that the last eight months there is an acceleration of this digital transformation. I'm just curious una come from your perspective as the VP and CTO cloud how are you? What are some of the things that you advise customers to do if they need to rush to the cloud 21 just, you know, move their business quickly and not have the stay on life support. What are some of the things that you advise them to do when they're in this? Maybe a few months ago, when they were in the beginning of this? >>Yeah, that's that's a very interesting question, and lot off our clients are faced with that question as they either they're already in the cloud or the deciding to migrate to the cloud on the whole journey. Customer journeys for either stepping on the cloud or managing and operating the optimizing the cloud deployments is very key. So if you look at the market research that's out there and what we hear from our customers, the key challenges are really, really around. How do I migrate to the cloud without facing a lot of bottlenecks and challenges, and how do I overcome them? So that's the keeping pain point and again cloud for the advisory services and the cloud services that we offer allows customers to take up uh, toe work with us, and we work with the customer to ensure that they're able to do that on and then rapidly migrating to the cloud, managing and operating their operations. The hybrid cloud operations in optimized fashion is a huge challenge. How do they migrate? How do they migrate with security and compliance not being compromised once they're in the cloud, ensuring cloud security is and compliance is is maintained. Ensuring that the cost structure is is optimized so that they're not being mawr wants to move to the cloud compared to on premises and and then taking advantage of the whole cloud. Deployments to ensure you're looking at data are nothing the data to derive meaningful business outcomes. So if the entire end to end customer journey that needs to be looked at optimized. And that's where Unisys comes in with a cloud for the platform where we work with the customers to enhance the journeys. And in this case I want to mention CSU, which is, uh, the California State University, where the approach Unisys to really work with them to deliver uh, cloud services by enhancing the the objective was to enhance the student learning experience to enable adoption off off the technology by the students but also to achieve better performance, better adoption cost savings on we were able to deliver about 30% better performance help realize about 30 33% savings on 40% plus growth in adoption. On this was for about half a million student bodies. The 50,000 plus faculty staff spread across 23 campuses. So deploying, optimizing on and managing the infrastructure is something that Unisys does. Does that. And this is an example of that. I know you want to add anything to that. >>Absolutely Any Permanente's really well and, >>uh, >>it Z also securing, making sure securities with the >>journey >>it Z O Keefe or hybrid cloud. Um, uh, at least I'm sure you're aware of the Unisys tagline is securing tomorrow. So who better s so we really, really take that really, really seriously in terms of making sure we seek clients cloud journeys, and >>you >>probably heard the statistic from her. About 80% off cloud breaches are due to mis configuration, and this could have bean prevented. And and it doesn't. There's an element of the human angle in there. You believe strongly that can automate using our platform. So we've got 2000 plus security policies, which makes sure which again enables our clients to be compliant as well. So no matter what compliant standards, we've got several off our clients, for example, in the financial sector that are hosted on AWS and that we managed and they have to, especially the US They have to comply with Y de f s, the New York Department of Financial Services and making sure that they compliant with all the standards out there, which is next plus plus in this case. So that's part of what we do and enabling those journeys and then just keeping up with the rate of change like on different was talking about the variety and velocity of the data and and the rate of change of the applications out there, especially as businesses react to the pandemic and have to cope with the changing business paradigms out there. They have to be quick. Um, so we've got a drugmaker, one of the most premium drug makers in the US, who is who is against it on AWS, and, uh, they're racing for the cure and they are always looking at How do they get drugs quicker to the market? And that means accelerating applications. And we know that based on research by the Dora study, that if you adopt develops paradigms, you can accelerate 200 times faster than if you didn't. But then you have to underpin backward security as well. So really helping this adopt deaths are cops in all their deployments to AWS so that they can really race for the cure. That's the kind of business outcomes that we really, uh, are really, really proud to drive for our clients. >>Excellent on a pound. Let's wrap this up with you. We've just got about 30 seconds left sticking on the security front. It's such a huge topic right now. It has been for a long time, but even more so during these unprecedented times when you're talking with customers, what makes Unisys unique from a security perspective? >>So first thing is to understand what it takes to solve the hybrid cloud security problem. Like you said earlier, that's the biggest pain point that we hear from customers from our clients on. It's all over the market research all the breaches that have happened, like the zoom breach that happened that compromised about half a million, you know, user log ins. And then there was also the the Marriott breach, where about half a billion users names and credential for legal legal. So it Zaveri easy for customers, potential customers to become like a headline. And our our job really are the companies to make sure that they're not the next capital one or the next Marriott, uh, showing up in the newspaper. So we kind of look at their customer deployments situation on. We put together a comprehensive into an hybrid cloud solution, hybrid cloud security and compliance solution that includes look, securing their cloud infrastructure, their cloud workloads in terms of applications that they might have secured, and also to look at securing their applications, which may or may not be running on the cloud. So we kind of take a very holistic approach, using our homegrown solutions and partner solutions to create a comprehensive, robust hybrid cloud solution that really fits the customer context and and so we we are essentially a trusted adviser for our for our clients to create the solution, which again, at the cloud 40 ashore, which is a cloud security posture management solution. We have a cloud worker protection solution on then stealth, which is a full stack security solution if combined together with the other cloud Forte platform components on. We wrap this up in a matter of security services offering that allows US customers to have complete peace of mind as we take care off assessment remediation monitoring on, then continues Posture, posture, management. I know. Do you want to add anything to that? >>If I'm think in terms of closing, I think like you covered it well, we've got platform competence and services that run the gamut off the off the life cycle from migrations to two transformations. And one thing that I think in terms of outcomes of these, uh, when the service built around it have really helped us. Dr is, um is kind of responding especially to our public sector clients, very passionate about enabling cloud journeys for our public sector clients. And we'll take the example of Georgia Technology s So this is the G t A. Is the technology agency for all services are 14 of the agencies in Georgia and many of these public sector agencies had to quickly adopt cloud to deal with the report workers. Whether it was v D I whether it was chatbots on cloud, um, it was it was, ah, brand new world out there, the new normal. And it was just using the cloud management platform that anyone was refering to. We were able to kind of take them from taking three months. Plus to be able to provision workloads Thio thio less than 30 minutes to provision workloads. And this is this is across hybrid cloud. So and this is >>a big outcome, especially in this time where things were changing so quickly. Well, I wish we had more time, guys because I could tell you have a lot more that you can share. You're just gonna have to come back. And I like that. The tagline securing tomorrow. Adding on to what Anu Pump said So your customers don't become the next headline. I think they would all appreciate that. Thank you both. So much for joining me on the Cube today and sharing what's the latest with Unisys. We appreciate your time. Thank you. Thank >>you for having us >>aren't my pleasure for my guests. I'm Lisa Martin. And you're watching the Cube? Yeah,

(radio calls) >> Announcer: From around the globe, its theCUBE covering Space & Cybersecurity Symposium 2020, hosted by Cal poly. Hello, welcome back to theCUBE virtual coverage with Cal Poly for the Space and Cybersecurity Symposium, a day four and the wrap up session, keynote session with the Lieutenant Governor of California, Eleni Kounalakis. She's here to deliver her keynote speech on the topic of California's role in supporting America's Cybersecurity future. Eleni, take it away. >> Thank you, John, for the introduction. I am Lieutenant Governor Eleni Kounalakis. It is an honor to be part of Cal Poly Space and Cybersecurity Symposium. As I speak kind of Pierre with the governor's office of business and economic development is available on the chat, too ready to answer any questions you might have. California and indeed the world are facing significant challenges right now. Every day we are faced with the ongoing COVID-19 pandemic and the economic downturn that is ensued. We have flattened the curve in California and are moving in the right direction but it is clear that we're not out of the woods yet. It is also impossible right now to escape the reality of climate change from the fire sparked by exceptionally rare, dry lightening events to extreme heat waves threatening public health and putting a strain on our electricity grid. We see that climate change is here now. And of course we've been recently confronted with a series of brutal examples of institutionalized racism that have created an awakening among people of all walks of life and compelled us into the streets to march and protest. In the context of all this, we cannot forget that we continue to be faced with other less visible but still very serious challenges. Cybersecurity threats are one of these. We have seen cities, companies and individuals paralyzed by attacks costing time and money and creating an atmosphere of uncertainty and insecurity. Our state agencies, local governments, police departments, utilities, news outlets and private companies from all industries are target. The threats around cybersecurity are serious but not unlike all the challenges we face in California. We have the tools and fortitude to address them. That is why this symposium is so important. Thank you, Cal Poly and all the participants for being here and for the important contributions you bring to this conference. I'd like to also say a few words about California's role in America's future in space. California has been at the forefront of the aerospace industry for more than a century through all the major innovations in aerospace from wooden aircraft, to World War II Bombers, to rockets and Mars rovers. California has played a pivotal role. Today, California is the number one state in total defense spending, defense contract spending and total number of personnel. It is estimated the Aerospace and Defense Industry, provides $168 billion in economic impact to our state. And America's best trained and most experienced aerospace and technology workforce lives here in California. The fact that the aerospace and defense sector, has had a strong history in California is no accident. California has always had strong innovation ecosystem and robust infrastructure that puts many sectors in a position to thrive. Of course, a big part of that infrastructure is a skilled workforce. And at the foundation of a skilled workforce is education. California has the strongest system of public higher education in the world. We're home to 10 university of California campuses, 23 California State university campuses and 116 California Community Colleges. All told nearly 3 million students are enrolled in public higher education. We also have world renowned private universities including the California Institute of Technology and Stanford University numbers one and three in the country for aerospace engineering. California also has four national laboratories and several NASA facilities. California possesses a strong spirit of innovation, risk taking and entrepreneurship. Half of all venture capital funding in the United States, goes to companies here in California. Lastly, but certainly no less critical to our success, California is a diverse state. 27% of all Californians are foreign born, 27% more than one in four of our population of 40 million people are immigrants from another country, Europe central and South America, India, Asia, everywhere. Our rich cultural diversity is our strength and helps drive our economy. As I look to the future of industries like cybersecurity and the growing commercial space industry, I know our state will need to work with those industries to make sure we continue to train our workforce for the demands of an evolving industry. The office of the lieutenant governor has a unique perspective on higher education and workforce development. I'm on the UC Board of Regents, the CSU Board of Trustees. And as of about two weeks ago, the Community Colleges Board of Governors. The office of the lieutenant governor is now the only office that is a member of every governing board, overseeing our public higher education system. Earlier in the symposium, we heard a rich discussion with Undersecretary Stewart Knox from the California Labor and Workforce Development Agency about what the state is doing to meet the needs of space and cybersecurity industries. As he mentioned, there are over 37,000 job vacancies in cybersecurity in our state. We need to address that gap. To do so, I see an important role for public private partnerships. We need input from industry and curriculum development. Some companies like Lockheed Martin, have very productive partnerships with universities and community colleges that train students with skills they need to enter aerospace and cyber industries. That type of collaboration will be key. We also need help from the industry to make sure students know that fields like cybersecurity even exist. People's early career interests are so often shaped by the jobs that members of their family have or what they see in popular culture. With such a young and evolving field like cybersecurity, many students are unaware of the job opportunities. I know for my visits to university campuses that students are hungry for STEM career paths where they see opportunities for good paying jobs. When I spoke with students at UC Merced, many of them were first generation college students who went through community college system before enrolling in a UC and they gravitated to STEM majors. With so many job opportunities available to STEM students, cybersecurity ought to be one that they are aware of and consider. Since this symposium is being hosted by Cal Poly, I wanted to highlight the tremendous work they're doing as leaders in the space and cybersecurity industry. Cal Poly California Cybersecurity Institute, does incredible work bringing together academia, industry and government training the next generation of cyber experts and researching emerging cybersecurity issues. As we heard from the President of Cal Poly, Jeff Armstrong the university is in the perfect location to contribute to a thriving space industry. It's close to Vandenberg Air Force Base and UC Santa Barbara and could be home to the future permanent headquarters of US Space Command. The state is also committed to supporting this space industry in the Central Coast. In July, the State of California, Cal poly US-based force and the others signed a memorandum of understanding to develop a commercial space port at Vandenberg Air Force Base and to develop a master plan to grow the commercial space industry in the region. Governor Newsom has made a commitment to lift up all regions of the state. And this strategy will position the Central Coast to be a global leader in the future of the space industry. I'd like to leave you with a few final thoughts, with everything we're facing. Fires, climate change, pandemic. It is easy to feel overwhelmed but I remain optimistic because I know that the people of the State of California are resilient, persistent, and determined to address our challenges and show a path toward a better future for ourselves and our families. The growth of the space industry and the economic development potential of projects like the Spaceport at Vandenberg Air Force Base, our great example of what we can look forward to. The potential for the commercial space industry to become a $3 trillion industry by mid century, as many experts predict is another. There are so many opportunities, new companies are going to emerge doing things we never could have dreamed of today. As Lieutenant General John Thompson said in the first session, the next few years of space and cyber innovation are not going to be a pony ride at the state fair, they're going to be a rodeo. We should all saddle up. Thank you. >> Okay, thank you very much, Eleni. I really appreciate it. Thank you for your participation and all your support to you and your staff. You guys doing a lot of work, a lot going on in California but cybersecurity and space as it comes together, California's playing a pivotal role in leading the world and the community. Thank you very much for your time. >> Okay, this session is going to continue with Bill Britton. Who's the vice president of technology and CIO at Cal Poly but more importantly, he's the director of the cyber institute located at Cal Poly. It's a global organization looking at the intersection of space and cybersecurity. Bill, let's wrap this up. Eleni had a great talk, talking about the future of cybersecurity in America and its future. The role California is playing, Cal Poly is right in the Central Coast. You're in the epicenter of it. We've had a great lineup here. Thanks for coming on. Let's put a capstone on this event. >> Thank you, John. But most importantly, thanks for being a great partner helping us get this to move forward and really changing the dynamic of this conversation. What an amazing time we're at, we had quite an unusual group but it's really kind of the focus and we've moved a lot of space around ourselves. And we've gone from Lieutenant General Thompson and the discussion of the opposition and space force and what things are going on in the future, the importance of cyber in space. And then we went on and moved on to the operations. And we had a private company who builds, we had the DOD, Department Of Defense and their context and NASA and theirs. And then we talked about public private partnerships from President Armstrong, Mr. Bhangu Mahad from the DOD and Mr. Steve Jacques from the National Security Space Association. It's been an amazing conference for one thing, I've heard repeatedly over and over and over, the reference to digital, the reference to cloud, the reference to the need for cybersecurity to be involved and really how important that is to start earlier than just at the employment level. To really go down into the system, the K through 12 and start there. And what an amazing time to be able to start there because we're returning to space in a larger capacity and it's now all around us. And the lieutenant governor really highlighted for us that California is intimately involved and we have to find a way to get our students involved at that same level. >> I want to ask you about this inflection point that was a big theme of this conference and symposium. It was throughout the interviews and throughout the conversations, both on the chat and also kind of on Twitter as well in the social web. Is that this new generation, it wasn't just space and government DOD, all the normal stuff you see, you saw JPL, the Hewlett Foundation, the Defense Innovation Unit, Amazon Web Services, NASA. Then you saw entrepreneurs come in, who were doing some stuff. And so you had this confluence of community. Of course, Cal Poly had participated in space. You guys does some great job, but it's not just the physical face-to-face show up, gets to hear some academic papers. This was a virtual event. We had over 300 organizations attend, different organizations around the world. Being a virtual event you had more range to get more people. This isn't digital. This symposium isn't about Central California anymore. It's global. >> No, it really has gone. >> What really happened to that? >> It's really kind of interesting because at first all of this was word of mouth for this symposium to take place. And it just started growing and growing and the more that we talk to organizations for support, the more we found how interconnected they were on an international scale. So much so that we've decided to take our cyber competition next year and take it globally as well. So if in fact as Major General Shaw said, this is about a multinational support force. Maybe it's time our students started interacting on that level to start with and not have to grow into it as they get older, but do it now and around space and around cybersecurity and around that digital environment and really kind of reduce the digital dividing space. >> Yeah, General Thompson mentioned this, 80 countries with programs. This is like the Olympics for space and we want to have these competitions. So I got great vision and I love that vision, but I know you have the number... Not number, the scores and from the competition this year that happened earlier in the week. Could you share the results of that challenge? >> Yeah, absolutely. We had 83 teams participate this year in the California Cyber Innovation Challenge. And again, it was based around a spacecraft scenario where a spacecraft, a commercial spacecraft was hacked and returned to earth. And the students had to do the forensics on the payload. And then they had to do downstream network analysis, using things like Wireshark and autopsy and other systems. It was a really tough competition. The students had to work hard and we had middle school and high school students participate. We had an intermediate league, new schools who had never done it before or even some who didn't even have STEM programs but were just signing up to really get involved in the experience. And we had our ultimate division which was those who had competed in several times before. And the winner of that competition was North Hollywood. They've been the winning team for four years in a row. Now it's a phenomenal program, they have their hats off to them for competing and winning again. Now what's really cool is not only did they have to show their technical prowess in the game but they also have to then brief and out-brief what they've learned to a panel of judges. And these are not pushovers. These are experts in the field of cybersecurity in space. We even had a couple of goons participating from DefCon and the teams present their findings. So not only are we talking technical, we're talking about presentation skills. The ability to speak and understand. And let me tell you, after reading all of their texts to each other over the weekend adds a whole new language they're using to interact with each other. It's amazing. And they are so more advanced and ready to understand space problems and virtual problems than we are. We have to challenge them even more. >> Well, it sounds like North Hollywood got the franchise. It's likethe Patriots, the Lakers, they've got a dynasty developing down there in North Hollywood. >> Well, what happens when there's a dynasty you have to look for other talent. So next year we're going global and we're going to have multiple states involved in the challenge and we're going to go international. So if North Hollywood pulls it off again next year, it's going to be because they've met the best in the world than defeated >> Okay, the gauntlet has been thrown down, got to take down North Hollywood from winning again next year. We'll be following that. Bill, great to get those results on the cyber challenge we'll keep track and we'll put a plug for it on our site. So we got to get some press on that. My question to you is now as we're going digital, other theme was that they want to hire digital natives into the space force. Okay, the DOD is looking at new skills. This was a big theme throughout the conference not just the commercial partnerships with government which I believe they had kind of put more research and personally, that's my personal opinion. They should be putting in way more research into academic and these environments to get more creative. But the skill sets was a big theme. What's your thoughts on how you saw some of the highlight moments there around skill sets? >> John, it's really interesting 'cause what we've noticed is in the past, everybody thinks skill sets for the engineering students. And it's way beyond that. It's all the students, it's all of them understanding what we call cyber cognizance. Understanding how cybersecurity works whatever career field they choose to be in. Space, there is no facet of supporting space that doesn't need that cyber cognizance. If you're in the back room doing the operations, you're doing the billing, you're doing the contracting. Those are still avenues by which cybersecurity attacks can be successful and disrupt your space mission. The fact that it's international, the connectivities, all of those things means that everyone in that system digitally has to be aware of what's going on around them. That's a whole new thought process. It's a whole new way of addressing a problem and dealing with space. And again it's virtual to everyone. >> That's awesome. Bill, great to have you on. Thank you for including theCUBE virtual, our CUBE event software platform that we're rolling out. We've been using it for the event and thank you for your partnership in this co-creation opening up your community, your symposium to the world, and we're so glad to be part of it. I want to thank you and Dustin and the team and the President of Cal Poly for including us. Thank you very much. >> Thank you, John. It's been an amazing partnership. We look forward to it in the future. >> Okay, that's it. That concludes the Space and Cybersecurity Symposium 2020. I'm John Furrier with theCUBE, your host with Cal Poly, who put on an amazing virtual presentation, brought all the guests together. And again, shout out to Bill Britton and Dustin DeBrum who did a great job as well as the President of Cal poly who endorsed and let them do it all. Great event. See you soon. (flash light sound)

>>from around the globe. It's the Cube covering >>space and cybersecurity. Symposium 2020 hosted by Cal Poly >>Over On Welcome to this Special virtual conference. The Space and Cybersecurity Symposium 2020 put on by Cal Poly with support from the Cube. I'm John for your host and master of ceremonies. Got a great topic today in this session. Really? The intersection of space and cybersecurity. This topic and this conversation is the cybersecurity workforce development through public and private partnerships. And we've got a great lineup. We have Jeff Armstrong's the president of California Polytechnic State University, also known as Cal Poly Jeffrey. Thanks for jumping on and Bang. Go ahead. The second director of C four s R Division. And he's joining us from the office of the Under Secretary of Defense for the acquisition Sustainment Department of Defense, D O D. And, of course, Steve Jake's executive director, founder, National Security Space Association and managing partner at Bello's. Gentlemen, thank you for joining me for this session. We got an hour conversation. Thanks for coming on. >>Thank you. >>So we got a virtual event here. We've got an hour, have a great conversation and love for you guys do? In opening statement on how you see the development through public and private partnerships around cybersecurity in space, Jeff will start with you. >>Well, thanks very much, John. It's great to be on with all of you. Uh, on behalf Cal Poly Welcome, everyone. Educating the workforce of tomorrow is our mission to Cal Poly. Whether that means traditional undergraduates, master students are increasingly mid career professionals looking toe up, skill or re skill. Our signature pedagogy is learn by doing, which means that our graduates arrive at employers ready Day one with practical skills and experience. We have long thought of ourselves is lucky to be on California's beautiful central Coast. But in recent years, as we have developed closer relationships with Vandenberg Air Force Base, hopefully the future permanent headquarters of the United States Space Command with Vandenberg and other regional partners, we have discovered that our location is even more advantages than we thought. We're just 50 miles away from Vandenberg, a little closer than u C. Santa Barbara, and the base represents the southern border of what we have come to think of as the central coast region. Cal Poly and Vandenberg Air force base have partner to support regional economic development to encourage the development of a commercial spaceport toe advocate for the space Command headquarters coming to Vandenberg and other ventures. These partnerships have been possible because because both parties stand to benefit Vandenberg by securing new streams of revenue, workforce and local supply chain and Cal Poly by helping to grow local jobs for graduates, internship opportunities for students, and research and entrepreneurship opportunities for faculty and staff. Crucially, what's good for Vandenberg Air Force Base and for Cal Poly is also good for the Central Coast and the US, creating new head of household jobs, infrastructure and opportunity. Our goal is that these new jobs bring more diversity and sustainability for the region. This regional economic development has taken on a life of its own, spawning a new nonprofit called Reach, which coordinates development efforts from Vandenberg Air Force Base in the South to camp to Camp Roberts in the North. Another factor that is facilitated our relationship with Vandenberg Air Force Base is that we have some of the same friends. For example, Northrop Grumman has has long been an important defense contractor, an important partner to Cal poly funding scholarships and facilities that have allowed us to stay current with technology in it to attract highly qualified students for whom Cal Poly's costs would otherwise be prohibitive. For almost 20 years north of grimness funded scholarships for Cal Poly students this year, their funding 64 scholarships, some directly in our College of Engineering and most through our Cal Poly Scholars program, Cal Poly Scholars, a support both incoming freshman is transfer students. These air especially important because it allows us to provide additional support and opportunities to a group of students who are mostly first generation, low income and underrepresented and who otherwise might not choose to attend Cal Poly. They also allow us to recruit from partner high schools with large populations of underrepresented minority students, including the Fortune High School in Elk Grove, which we developed a deep and lasting connection. We know that the best work is done by balanced teams that include multiple and diverse perspectives. These scholarships help us achieve that goal, and I'm sure you know Northrop Grumman was recently awarded a very large contract to modernized the U. S. I. C B M Armory with some of the work being done at Vandenberg Air Force Base, thus supporting the local economy and protecting protecting our efforts in space requires partnerships in the digital realm. How Polly is partnered with many private companies, such as AWS. Our partnerships with Amazon Web services has enabled us to train our students with next generation cloud engineering skills, in part through our jointly created digital transformation hub. Another partnership example is among Cal Poly's California Cybersecurity Institute, College of Engineering and the California National Guard. This partnership is focused on preparing a cyber ready workforce by providing faculty and students with a hands on research and learning environment, side by side with military, law enforcement professionals and cyber experts. We also have a long standing partnership with PG and E, most recently focused on workforce development and redevelopment. Many of our graduates do indeed go on to careers in aerospace and defense industry as a rough approximation. More than 4500 Cal Poly graduates list aerospace and defense as their employment sector on linked in, and it's not just our engineers and computer sciences. When I was speaking to our fellow Panelists not too long ago, >>are >>speaking to bang, we learned that Rachel sins, one of our liberal arts arts majors, is working in his office. So shout out to you, Rachel. And then finally, of course, some of our graduates sword extraordinary heights such as Commander Victor Glover, who will be heading to the International space station later this year as I close. All of which is to say that we're deeply committed the workforce, development and redevelopment that we understand the value of public private partnerships and that were eager to find new ways in which to benefit everyone from this further cooperation. So we're committed to the region, the state in the nation and our past efforts in space, cybersecurity and links to our partners at as I indicated, aerospace industry and governmental partners provides a unique position for us to move forward in the interface of space and cybersecurity. Thank you so much, John. >>President, I'm sure thank you very much for the comments and congratulations to Cal Poly for being on the forefront of innovation and really taking a unique progressive. You and wanna tip your hat to you guys over there. Thank you very much for those comments. Appreciate it. Bahng. Department of Defense. Exciting you gotta defend the nation spaces Global. Your opening statement. >>Yes, sir. Thanks, John. Appreciate that day. Thank you, everybody. I'm honored to be this panel along with President Armstrong, Cal Poly in my long longtime friend and colleague Steve Jakes of the National Security Space Association, to discuss a very important topic of cybersecurity workforce development, as President Armstrong alluded to, I'll tell you both of these organizations, Cal Poly and the N S. A have done and continue to do an exceptional job at finding talent, recruiting them in training current and future leaders and technical professionals that we vitally need for our nation's growing space programs. A swell Asare collective National security Earlier today, during Session three high, along with my colleague Chris Hansen discussed space, cyber Security and how the space domain is changing the landscape of future conflicts. I discussed the rapid emergence of commercial space with the proliferations of hundreds, if not thousands, of satellites providing a variety of services, including communications allowing for global Internet connectivity. S one example within the O. D. We continue to look at how we can leverage this opportunity. I'll tell you one of the enabling technologies eyes the use of small satellites, which are inherently cheaper and perhaps more flexible than the traditional bigger systems that we have historically used unemployed for the U. D. Certainly not lost on Me is the fact that Cal Poly Pioneer Cube SATs 2020 some years ago, and they set the standard for the use of these systems today. So they saw the valiant benefit gained way ahead of everybody else, it seems, and Cal Poly's focus on training and education is commendable. I especially impressed by the efforts of another of Steve's I colleague, current CEO Mr Bill Britain, with his high energy push to attract the next generation of innovators. Uh, earlier this year, I had planned on participating in this year's Cyber Innovation Challenge. In June works Cal Poly host California Mill and high school students and challenge them with situations to test their cyber knowledge. I tell you, I wish I had that kind of opportunity when I was a kid. Unfortunately, the pandemic change the plan. Why I truly look forward. Thio feature events such as these Thio participating. Now I want to recognize my good friend Steve Jakes, whom I've known for perhaps too long of a time here over two decades or so, who was in acknowledge space expert and personally, I truly applaud him for having the foresight of years back to form the National Security Space Association to help the entire space enterprise navigate through not only technology but Polly policy issues and challenges and paved the way for operational izing space. Space is our newest horrifying domain. That's not a secret anymore. Uh, and while it is a unique area, it shares a lot of common traits with the other domains such as land, air and sea, obviously all of strategically important to the defense of the United States. In conflict they will need to be. They will all be contested and therefore they all need to be defended. One domain alone will not win future conflicts in a joint operation. We must succeed. All to defending space is critical as critical is defending our other operational domains. Funny space is no longer the sanctuary available only to the government. Increasingly, as I discussed in the previous session, commercial space is taking the lead a lot of different areas, including R and D, A so called new space, so cyber security threat is even more demanding and even more challenging. Three US considers and federal access to and freedom to operate in space vital to advancing security, economic prosperity, prosperity and scientific knowledge of the country. That's making cyberspace an inseparable component. America's financial, social government and political life. We stood up US Space force ah, year ago or so as the newest military service is like the other services. Its mission is to organize, train and equip space forces in order to protect us and allied interest in space and to provide space capabilities to the joint force. Imagine combining that US space force with the U. S. Cyber Command to unify the direction of space and cyberspace operation strengthened U D capabilities and integrate and bolster d o d cyber experience. Now, of course, to enable all of this requires had trained and professional cadre of cyber security experts, combining a good mix of policy as well as high technical skill set much like we're seeing in stem, we need to attract more people to this growing field. Now the D. O. D. Is recognized the importance of the cybersecurity workforce, and we have implemented policies to encourage his growth Back in 2013 the deputy secretary of defense signed the D. O d cyberspace workforce strategy to create a comprehensive, well equipped cyber security team to respond to national security concerns. Now this strategy also created a program that encourages collaboration between the D. O. D and private sector employees. We call this the Cyber Information Technology Exchange program or site up. It's an exchange programs, which is very interesting, in which a private sector employees can naturally work for the D. O. D. In a cyber security position that spans across multiple mission critical areas are important to the d. O. D. A key responsibility of cybersecurity community is military leaders on the related threats and cyber security actions we need to have to defeat these threats. We talk about rapid that position, agile business processes and practices to speed up innovation. Likewise, cybersecurity must keep up with this challenge to cyber security. Needs to be right there with the challenges and changes, and this requires exceptional personnel. We need to attract talent investing the people now to grow a robust cybersecurity, workforce, streets, future. I look forward to the panel discussion, John. Thank you. >>Thank you so much bomb for those comments and you know, new challenges and new opportunities and new possibilities and free freedom Operating space. Critical. Thank you for those comments. Looking forward. Toa chatting further. Steve Jakes, executive director of N. S. S. A Europe opening statement. >>Thank you, John. And echoing bangs thanks to Cal Poly for pulling these this important event together and frankly, for allowing the National Security Space Association be a part of it. Likewise, we on behalf the association delighted and honored Thio be on this panel with President Armstrong along with my friend and colleague Bonneau Glue Mahad Something for you all to know about Bomb. He spent the 1st 20 years of his career in the Air Force doing space programs. He then went into industry for several years and then came back into government to serve. Very few people do that. So bang on behalf of the space community, we thank you for your long life long devotion to service to our nation. We really appreciate that and I also echo a bang shot out to that guy Bill Britain, who has been a long time co conspirator of ours for a long time and you're doing great work there in the cyber program at Cal Poly Bill, keep it up. But professor arms trying to keep a close eye on him. Uh, I would like to offer a little extra context to the great comments made by by President Armstrong and bahng. Uh, in our view, the timing of this conference really could not be any better. Um, we all recently reflected again on that tragic 9 11 surprise attack on our homeland. And it's an appropriate time, we think, to take pause while the percentage of you in the audience here weren't even born or babies then For the most of us, it still feels like yesterday. And moreover, a tragedy like 9 11 has taught us a lot to include to be more vigilant, always keep our collective eyes and ears open to include those quote eyes and ears from space, making sure nothing like this ever happens again. So this conference is a key aspect. Protecting our nation requires we work in a cybersecurity environment at all times. But, you know, the fascinating thing about space systems is we can't see him. No, sir, We see Space launches man there's nothing more invigorating than that. But after launch, they become invisible. So what are they really doing up there? What are they doing to enable our quality of life in the United States and in the world? Well, to illustrate, I'd like to paraphrase elements of an article in Forbes magazine by Bonds and my good friend Chuck Beans. Chuck. It's a space guy, actually had Bonds job a fuse in the Pentagon. He is now chairman and chief strategy officer at York Space Systems, and in his spare time he's chairman of the small satellites. Chuck speaks in words that everyone can understand. So I'd like to give you some of his words out of his article. Uh, they're afraid somewhat. So these are Chuck's words. Let's talk about average Joe and playing Jane. Before heading to the airport for a business trip to New York City, Joe checks the weather forecast informed by Noah's weather satellites to see what pack for the trip. He then calls an uber that space app. Everybody uses it matches riders with drivers via GPS to take into the airport, So Joe has lunch of the airport. Unbeknownst to him, his organic lunch is made with the help of precision farming made possible through optimized irrigation and fertilization, with remote spectral sensing coming from space and GPS on the plane, the pilot navigates around weather, aided by GPS and nose weather satellites. And Joe makes his meeting on time to join his New York colleagues in a video call with a key customer in Singapore made possible by telecommunication satellites. Around to his next meeting, Joe receives notice changing the location of the meeting to another to the other side of town. So he calmly tells Syria to adjust the destination, and his satellite guided Google maps redirects him to the new location. That evening, Joe watches the news broadcast via satellite. The report details a meeting among world leaders discussing the developing crisis in Syria. As it turns out, various forms of quote remotely sensed. Information collected from satellites indicate that yet another band, chemical weapon, may have been used on its own people. Before going to bed, Joe decides to call his parents and congratulate them for their wedding anniversary as they cruise across the Atlantic, made possible again by communications satellites and Joe's parents can enjoy the call without even wondering how it happened the next morning. Back home, Joe's wife, Jane, is involved in a car accident. Her vehicle skids off the road. She's knocked unconscious, but because of her satellite equipped on star system, the crash is detected immediately and first responders show up on the scene. In time, Joe receives the news books. An early trip home sends flowers to his wife as he orders another uber to the airport. Over that 24 hours, Joe and Jane used space system applications for nearly every part of their day. Imagine the consequences if at any point they were somehow denied these services, whether they be by natural causes or a foreign hostility. And each of these satellite applications used in this case were initially developed for military purposes and continue to be, but also have remarkable application on our way of life. Just many people just don't know that. So, ladies and gentlemen, now you know, thanks to chuck beans, well, the United States has a proud heritage being the world's leading space faring nation, dating back to the Eisenhower and Kennedy years. Today we have mature and robust systems operating from space, providing overhead reconnaissance to quote, wash and listen, provide missile warning, communications, positioning, navigation and timing from our GPS system. Much of what you heard in Lieutenant General J. T. Thompson earlier speech. These systems are not only integral to our national security, but also our also to our quality of life is Chuck told us. We simply no longer could live without these systems as a nation and for that matter, as a world. But over the years, adversary like adversaries like China, Russia and other countries have come to realize the value of space systems and are aggressively playing ketchup while also pursuing capabilities that will challenge our systems. As many of you know, in 2000 and seven, China demonstrated it's a set system by actually shooting down is one of its own satellites and has been aggressively developing counter space systems to disrupt hours. So in a heavily congested space environment, our systems are now being contested like never before and will continue to bay well as Bond mentioned, the United States has responded to these changing threats. In addition to adding ways to protect our system, the administration and in Congress recently created the United States Space Force and the operational you United States Space Command, the latter of which you heard President Armstrong and other Californians hope is going to be located. Vandenberg Air Force Base Combined with our intelligence community today, we have focused military and civilian leadership now in space. And that's a very, very good thing. Commence, really. On the industry side, we did create the National Security Space Association devoted solely to supporting the national security Space Enterprise. We're based here in the D C area, but we have arms and legs across the country, and we are loaded with extraordinary talent. In scores of Forman, former government executives, So S s a is joined at the hip with our government customers to serve and to support. We're busy with a multitude of activities underway ranging from a number of thought provoking policy. Papers are recurring space time Webcast supporting Congress's Space Power Caucus and other main serious efforts. Check us out at NSS. A space dot org's One of our strategic priorities in central to today's events is to actively promote and nurture the workforce development. Just like cow calling. We will work with our U. S. Government customers, industry leaders and academia to attract and recruit students to join the space world, whether in government or industry and two assistant mentoring and training as their careers. Progress on that point, we're delighted. Be delighted to be working with Cal Poly as we hopefully will undertake a new pilot program with him very soon. So students stay tuned something I can tell you Space is really cool. While our nation's satellite systems are technical and complex, our nation's government and industry work force is highly diverse, with a combination of engineers, physicists, method and mathematicians, but also with a large non technical expertise as well. Think about how government gets things thes systems designed, manufactured, launching into orbit and operating. They do this via contracts with our aerospace industry, requiring talents across the board from cost estimating cost analysis, budgeting, procurement, legal and many other support. Tasker Integral to the mission. Many thousands of people work in the space workforce tens of billions of dollars every year. This is really cool stuff, no matter what your education background, a great career to be part of. When summary as bang had mentioned Aziz, well, there is a great deal of exciting challenges ahead we will see a new renaissance in space in the years ahead, and in some cases it's already begun. Billionaires like Jeff Bezos, Elon Musk, Sir Richard Richard Branson are in the game, stimulating new ideas in business models, other private investors and start up companies. Space companies are now coming in from all angles. The exponential advancement of technology and microelectronics now allows the potential for a plethora of small SAT systems to possibly replace older satellites the size of a Greyhound bus. It's getting better by the day and central to this conference, cybersecurity is paramount to our nation's critical infrastructure in space. So once again, thanks very much, and I look forward to the further conversation. >>Steve, thank you very much. Space is cool. It's relevant. But it's important, as you pointed out, and you're awesome story about how it impacts our life every day. So I really appreciate that great story. I'm glad you took the time Thio share that you forgot the part about the drone coming over in the crime scene and, you know, mapping it out for you. But that would add that to the story later. Great stuff. My first question is let's get into the conversations because I think this is super important. President Armstrong like you to talk about some of the points that was teased out by Bang and Steve. One in particular is the comment around how military research was important in developing all these capabilities, which is impacting all of our lives. Through that story. It was the military research that has enabled a generation and generation of value for consumers. This is kind of this workforce conversation. There are opportunities now with with research and grants, and this is, ah, funding of innovation that it's highly accelerate. It's happening very quickly. Can you comment on how research and the partnerships to get that funding into the universities is critical? >>Yeah, I really appreciate that And appreciate the comments of my colleagues on it really boils down to me to partnerships, public private partnerships. You mentioned Northrop Grumman, but we have partnerships with Lockie Martin, Boeing, Raytheon Space six JPL, also member of organization called Business Higher Education Forum, which brings together university presidents and CEOs of companies. There's been focused on cybersecurity and data science, and I hope that we can spill into cybersecurity in space but those partnerships in the past have really brought a lot forward at Cal Poly Aziz mentioned we've been involved with Cube set. Uh, we've have some secure work and we want to plan to do more of that in the future. Uh, those partnerships are essential not only for getting the r and d done, but also the students, the faculty, whether masters or undergraduate, can be involved with that work. Uh, they get that real life experience, whether it's on campus or virtually now during Covic or at the location with the partner, whether it may be governmental or our industry. Uh, and then they're even better equipped, uh, to hit the ground running. And of course, we'd love to see even more of our students graduate with clearance so that they could do some of that a secure work as well. So these partnerships are absolutely critical, and it's also in the context of trying to bring the best and the brightest and all demographics of California and the US into this field, uh, to really be successful. So these partnerships are essential, and our goal is to grow them just like I know other colleagues and C. S u and the U C are planning to dio, >>you know, just as my age I've seen I grew up in the eighties, in college and during that systems generation and that the generation before me, they really kind of pioneered the space that spawned the computer revolution. I mean, you look at these key inflection points in our lives. They were really funded through these kinds of real deep research. Bond talk about that because, you know, we're living in an age of cloud. And Bezos was mentioned. Elon Musk. Sir Richard Branson. You got new ideas coming in from the outside. You have an accelerated clock now on terms of the innovation cycles, and so you got to react differently. You guys have programs to go outside >>of >>the Defense Department. How important is this? Because the workforce that air in schools and our folks re skilling are out there and you've been on both sides of the table. So share your thoughts. >>No, thanks, John. Thanks for the opportunity responded. And that's what you hit on the notes back in the eighties, R and D in space especially, was dominated by my government funding. Uh, contracts and so on. But things have changed. As Steve pointed out, A lot of these commercial entities funded by billionaires are coming out of the woodwork funding R and D. So they're taking the lead. So what we can do within the deal, the in government is truly take advantage of the work they've done on. Uh, since they're they're, you know, paving the way to new new approaches and new way of doing things. And I think we can We could certainly learn from that. And leverage off of that saves us money from an R and D standpoint while benefiting from from the product that they deliver, you know, within the O D Talking about workforce development Way have prioritized we have policies now to attract and retain talent. We need I I had the folks do some research and and looks like from a cybersecurity workforce standpoint. A recent study done, I think, last year in 2019 found that the cybersecurity workforce gap in the U. S. Is nearing half a million people, even though it is a growing industry. So the pipeline needs to be strengthened off getting people through, you know, starting young and through college, like assess a professor Armstrong indicated, because we're gonna need them to be in place. Uh, you know, in a period of about maybe a decade or so, Uh, on top of that, of course, is the continuing issue we have with the gap with with stamps students, we can't afford not to have expertise in place to support all the things we're doing within the with the not only deal with the but the commercial side as well. Thank you. >>How's the gap? Get? Get filled. I mean, this is the this is again. You got cybersecurity. I mean, with space. It's a whole another kind of surface area, if you will, in early surface area. But it is. It is an I o t. Device if you think about it. But it does have the same challenges. That's kind of current and and progressive with cybersecurity. Where's the gap Get filled, Steve Or President Armstrong? I mean, how do you solve the problem and address this gap in the workforce? What is some solutions and what approaches do we need to put in place? >>Steve, go ahead. I'll follow up. >>Okay. Thanks. I'll let you correct. May, uh, it's a really good question, and it's the way I would. The way I would approach it is to focus on it holistically and to acknowledge it up front. And it comes with our teaching, etcetera across the board and from from an industry perspective, I mean, we see it. We've gotta have secure systems with everything we do and promoting this and getting students at early ages and mentoring them and throwing internships at them. Eyes is so paramount to the whole the whole cycle, and and that's kind of and it really takes focused attention. And we continue to use the word focus from an NSS, a perspective. We know the challenges that are out there. There are such talented people in the workforce on the government side, but not nearly enough of them. And likewise on industry side. We could use Maura's well, but when you get down to it, you know we can connect dots. You know that the the aspect That's a Professor Armstrong talked about earlier toe where you continue to work partnerships as much as you possibly can. We hope to be a part of that. That network at that ecosystem the will of taking common objectives and working together to kind of make these things happen and to bring the power not just of one or two companies, but our our entire membership to help out >>President >>Trump. Yeah, I would. I would also add it again. It's back to partnerships that I talked about earlier. One of our partners is high schools and schools fortune Margaret Fortune, who worked in a couple of, uh, administrations in California across party lines and education. Their fifth graders all visit Cal Poly and visit our learned by doing lab and you, you've got to get students interested in stem at a early age. We also need the partnerships, the scholarships, the financial aid so the students can graduate with minimal to no debt to really hit the ground running. And that's exacerbated and really stress. Now, with this covert induced recession, California supports higher education at a higher rate than most states in the nation. But that is that has dropped this year or reasons. We all understand, uh, due to Kobe, and so our partnerships, our creativity on making sure that we help those that need the most help financially uh, that's really key, because the gaps air huge eyes. My colleagues indicated, you know, half of half a million jobs and you need to look at the the students that are in the pipeline. We've got to enhance that. Uh, it's the in the placement rates are amazing. Once the students get to a place like Cal Poly or some of our other amazing CSU and UC campuses, uh, placement rates are like 94%. >>Many of our >>engineers, they have jobs lined up a year before they graduate. So it's just gonna take key partnerships working together. Uh, and that continued partnership with government, local, of course, our state of CSU on partners like we have here today, both Stephen Bang So partnerships the thing >>e could add, you know, the collaboration with universities one that we, uh, put a lot of emphasis, and it may not be well known fact, but as an example of national security agencies, uh, National Centers of Academic Excellence in Cyber, the Fast works with over 270 colleges and universities across the United States to educate its 45 future cyber first responders as an example, so that Zatz vibrant and healthy and something that we ought Teoh Teik, banjo >>off. Well, I got the brain trust here on this topic. I want to get your thoughts on this one point. I'd like to define what is a public private partnership because the theme that's coming out of the symposium is the script has been flipped. It's a modern error. Things air accelerated get you got security. So you get all these things kind of happen is a modern approach and you're seeing a digital transformation play out all over the world in business. Andi in the public sector. So >>what is what >>is a modern public private partnership? What does it look like today? Because people are learning differently, Covert has pointed out, which was that we're seeing right now. How people the progressions of knowledge and learning truth. It's all changing. How do you guys view the modern version of public private partnership and some some examples and improve points? Can you can you guys share that? We'll start with the Professor Armstrong. >>Yeah. A zai indicated earlier. We've had on guy could give other examples, but Northup Grumman, uh, they helped us with cyber lab. Many years ago. That is maintained, uh, directly the software, the connection outside its its own unit so that students can learn the hack, they can learn to penetrate defenses, and I know that that has already had some considerations of space. But that's a benefit to both parties. So a good public private partnership has benefits to both entities. Uh, in the common factor for universities with a lot of these partnerships is the is the talent, the talent that is, that is needed, what we've been working on for years of the, you know, that undergraduate or master's or PhD programs. But now it's also spilling into Skilling and re Skilling. As you know, Jobs. Uh, you know, folks were in jobs today that didn't exist two years, three years, five years ago. But it also spills into other aspects that can expand even mawr. We're very fortunate. We have land, there's opportunities. We have one tech part project. We're expanding our tech park. I think we'll see opportunities for that, and it'll it'll be adjusted thio, due to the virtual world that we're all learning more and more about it, which we were in before Cove it. But I also think that that person to person is going to be important. Um, I wanna make sure that I'm driving across the bridge. Or or that that satellites being launched by the engineer that's had at least some in person training, uh, to do that and that experience, especially as a first time freshman coming on a campus, getting that experience expanding and as adult. And we're gonna need those public private partnerships in order to continue to fund those at a level that is at the excellence we need for these stem and engineering fields. >>It's interesting People in technology can work together in these partnerships in a new way. Bank Steve Reaction Thio the modern version of what a public, successful private partnership looks like. >>If I could jump in John, I think, you know, historically, Dodi's has have had, ah, high bar thio, uh, to overcome, if you will, in terms of getting rapid pulling in your company. This is the fault, if you will and not rely heavily in are the usual suspects of vendors and like and I think the deal is done a good job over the last couple of years off trying to reduce the burden on working with us. You know, the Air Force. I think they're pioneering this idea around pitch days where companies come in, do a two hour pitch and immediately notified of a wooden award without having to wait a long time. Thio get feedback on on the quality of the product and so on. So I think we're trying to do our best. Thio strengthen that partnership with companies outside the main group of people that we typically use. >>Steve, any reaction? Comment to add? >>Yeah, I would add a couple of these air. Very excellent thoughts. Uh, it zits about taking a little gamble by coming out of your comfort zone. You know, the world that Bond and Bond lives in and I used to live in in the past has been quite structured. It's really about we know what the threat is. We need to go fix it, will design it says we go make it happen, we'll fly it. Um, life is so much more complicated than that. And so it's it's really to me. I mean, you take you take an example of the pitch days of bond talks about I think I think taking a gamble by attempting to just do a lot of pilot programs, uh, work the trust factor between government folks and the industry folks in academia. Because we are all in this together in a lot of ways, for example. I mean, we just sent the paper to the White House of their requests about, you know, what would we do from a workforce development perspective? And we hope Thio embellish on this over time once the the initiative matures. But we have a piece of it, for example, is the thing we call clear for success getting back Thio Uh, President Armstrong's comments at the collegiate level. You know, high, high, high quality folks are in high demand. So why don't we put together a program they grabbed kids in their their underclass years identifies folks that are interested in doing something like this. Get them scholarships. Um, um, I have a job waiting for them that their contract ID for before they graduate, and when they graduate, they walk with S C I clearance. We believe that could be done so, and that's an example of ways in which the public private partnerships can happen to where you now have a talented kid ready to go on Day one. We think those kind of things can happen. It just gets back down to being focused on specific initiatives, give them giving them a chance and run as many pilot programs as you can like these days. >>That's a great point, E. President. >>I just want to jump in and echo both the bank and Steve's comments. But Steve, that you know your point of, you know, our graduates. We consider them ready Day one. Well, they need to be ready Day one and ready to go secure. We totally support that and and love to follow up offline with you on that. That's that's exciting, uh, and needed very much needed mawr of it. Some of it's happening, but way certainly have been thinking a lot about that and making some plans, >>and that's a great example of good Segway. My next question. This kind of reimagining sees work flows, eyes kind of breaking down the old the old way and bringing in kind of a new way accelerated all kind of new things. There are creative ways to address this workforce issue, and this is the next topic. How can we employ new creative solutions? Because, let's face it, you know, it's not the days of get your engineering degree and and go interview for a job and then get slotted in and get the intern. You know the programs you get you particularly through the system. This is this is multiple disciplines. Cybersecurity points at that. You could be smart and math and have, ah, degree in anthropology and even the best cyber talents on the planet. So this is a new new world. What are some creative approaches that >>you know, we're >>in the workforce >>is quite good, John. One of the things I think that za challenge to us is you know, we got somehow we got me working for with the government, sexy, right? The part of the challenge we have is attracting the right right level of skill sets and personnel. But, you know, we're competing oftentimes with the commercial side, the gaming industry as examples of a big deal. And those are the same talents. We need to support a lot of programs we have in the U. D. So somehow we have to do a better job to Steve's point off, making the work within the U. D within the government something that they would be interested early on. So I tracked him early. I kind of talked about Cal Poly's, uh, challenge program that they were gonna have in June inviting high school kid. We're excited about the whole idea of space and cyber security, and so on those air something. So I think we have to do it. Continue to do what were the course the next several years. >>Awesome. Any other creative approaches that you guys see working or might be on idea, or just a kind of stoked the ideation out their internship. So obviously internships are known, but like there's gotta be new ways. >>I think you can take what Steve was talking about earlier getting students in high school, uh, and aligning them sometimes. Uh, that intern first internship, not just between the freshman sophomore year, but before they inter cal poly per se. And they're they're involved s So I think that's, uh, absolutely key. Getting them involved many other ways. Um, we have an example of of up Skilling a redeveloped work redevelopment here in the Central Coast. PG and e Diablo nuclear plant as going to decommission in around 2020 24. And so we have a ongoing partnership toe work on reposition those employees for for the future. So that's, you know, engineering and beyond. Uh, but think about that just in the manner that you were talking about. So the up skilling and re Skilling uh, on I think that's where you know, we were talking about that Purdue University. Other California universities have been dealing with online programs before cove it and now with co vid uh, so many more faculty or were pushed into that area. There's going to be much more going and talk about workforce development and up Skilling and Re Skilling The amount of training and education of our faculty across the country, uh, in in virtual, uh, and delivery has been huge. So there's always a silver linings in the cloud. >>I want to get your guys thoughts on one final question as we in the in the segment. And we've seen on the commercial side with cloud computing on these highly accelerated environments where you know, SAS business model subscription. That's on the business side. But >>one of The >>things that's clear in this trend is technology, and people work together and technology augments the people components. So I'd love to get your thoughts as we look at the world now we're living in co vid um, Cal Poly. You guys have remote learning Right now. It's a infancy. It's a whole new disruption, if you will, but also an opportunity to enable new ways to collaborate, Right? So if you look at people and technology, can you guys share your view and vision on how communities can be developed? How these digital technologies and people can work together faster to get to the truth or make a discovery higher to build the workforce? These air opportunities? How do you guys view this new digital transformation? >>Well, I think there's there's a huge opportunities and just what we're doing with this symposium. We're filming this on one day, and it's going to stream live, and then the three of us, the four of us, can participate and chat with participants while it's going on. That's amazing. And I appreciate you, John, you bringing that to this this symposium, I think there's more and more that we can do from a Cal poly perspective with our pedagogy. So you know, linked to learn by doing in person will always be important to us. But we see virtual. We see partnerships like this can expand and enhance our ability and minimize the in person time, decrease the time to degree enhanced graduation rate, eliminate opportunity gaps or students that don't have the same advantages. S so I think the technological aspect of this is tremendous. Then on the up Skilling and Re Skilling, where employees air all over, they can be reached virtually then maybe they come to a location or really advanced technology allows them to get hands on virtually, or they come to that location and get it in a hybrid format. Eso I'm I'm very excited about the future and what we can do, and it's gonna be different with every university with every partnership. It's one. Size does not fit all. >>It's so many possibilities. Bond. I could almost imagine a social network that has a verified, you know, secure clearance. I can jump in, have a little cloak of secrecy and collaborate with the d o. D. Possibly in the future. But >>these are the >>kind of kind of crazy ideas that are needed. Are your thoughts on this whole digital transformation cross policy? >>I think technology is gonna be revolutionary here, John. You know, we're focusing lately on what we call digital engineering to quicken the pace off, delivering capability to warfighter. As an example, I think a I machine language all that's gonna have a major play and how we operate in the future. We're embracing five G technologies writing ability Thio zero latency or I o t More automation off the supply chain. That sort of thing, I think, uh, the future ahead of us is is very encouraging. Thing is gonna do a lot for for national defense on certainly the security of the country. >>Steve, your final thoughts. Space systems are systems, and they're connected to other systems that are connected to people. Your thoughts on this digital transformation opportunity >>Such a great question in such a fun, great challenge ahead of us. Um echoing are my colleague's sentiments. I would add to it. You know, a lot of this has I think we should do some focusing on campaigning so that people can feel comfortable to include the Congress to do things a little bit differently. Um, you know, we're not attuned to doing things fast. Uh, but the dramatic You know, the way technology is just going like crazy right now. I think it ties back Thio hoping Thio, convince some of our senior leaders on what I call both sides of the Potomac River that it's worth taking these gamble. We do need to take some of these things very way. And I'm very confident, confident and excited and comfortable. They're just gonna be a great time ahead and all for the better. >>You know, e talk about D. C. Because I'm not a lawyer, and I'm not a political person, but I always say less lawyers, more techies in Congress and Senate. So I was getting job when I say that. Sorry. Presidential. Go ahead. >>Yeah, I know. Just one other point. Uh, and and Steve's alluded to this in bonded as well. I mean, we've got to be less risk averse in these partnerships. That doesn't mean reckless, but we have to be less risk averse. And I would also I have a zoo. You talk about technology. I have to reflect on something that happened in, uh, you both talked a bit about Bill Britton and his impact on Cal Poly and what we're doing. But we were faced a few years ago of replacing a traditional data a data warehouse, data storage data center, and we partner with a W S. And thank goodness we had that in progress on it enhanced our bandwidth on our campus before Cove. It hit on with this partnership with the digital transformation hub. So there is a great example where, uh, we we had that going. That's not something we could have started. Oh, covitz hit. Let's flip that switch. And so we have to be proactive on. We also have thio not be risk averse and do some things differently. Eyes that that is really salvage the experience for for students. Right now, as things are flowing, well, we only have about 12% of our courses in person. Uh, those essential courses, uh, and just grateful for those partnerships that have talked about today. >>Yeah, and it's a shining example of how being agile, continuous operations, these air themes that expand into space and the next workforce needs to be built. Gentlemen, thank you. very much for sharing your insights. I know. Bang, You're gonna go into the defense side of space and your other sessions. Thank you, gentlemen, for your time for great session. Appreciate it. >>Thank you. Thank you. >>Thank you. >>Thank you. Thank you. Thank you all. >>I'm John Furry with the Cube here in Palo Alto, California Covering and hosting with Cal Poly The Space and Cybersecurity Symposium 2020. Thanks for watching.

>> Announcer: From around the globe, it's "theCUBE" covering Space and Cybersecurity Symposium 2020 hosted by Cal Poly. >> I want to welcome to theCUBE's coverage, we're here hosting with Cal Poly an amazing event, space and the intersection of cyber security. This session is Defending Satellite and Space Infrastructure from Cyber Threats. We've got two great guests. We've got Major General John Shaw of combined force space component commander, U.S. space command at Vandenberg Air Force Base in California and Roland Coelho, who's the CEO of Maverick Space Systems. Gentlemen, thank you for spending the time to come on to this session for the Cal Poly Space and Cybersecurity Symposium. Appreciate it. >> Absolutely. >> Guys defending satellites and space infrastructure is the new domain, obviously it's a war-fighting domain. It's also the future of the world. And this is an important topic because we rely on space now for our everyday life and it's becoming more and more critical. Everyone knows how their phones work and GPS, just small examples of all the impacts. I'd like to discuss with this hour, this topic with you guys. So if we can have you guys do an opening statement. General if you can start with your opening statement, we'll take it from there. >> Thanks John and greetings from Vandenberg Air Force Base. We are just down the road from Cal Poly here on the central coast of California, and very proud to be part of this effort and part of the partnership that we have with Cal Poly on a number of fronts. In my job here, I actually have two hats that I wear and it's I think, worth talking briefly about those to set the context for our discussion. You know, we had two major organizational events within our Department of Defense with regard to space last year in 2019. And probably the one that made the most headlines was the standup of the United States Space Force. That happened December 20th, last year, and again momentous, the first new branch in our military since 1947. And it's just over nine months old now, as we're makin' this recording. And already we're seein' a lot of change with regard to how we are approaching organizing, training, and equipping on a service side for space capabilities. And so, with regard to the Space Force, the hat I wear there is Commander of Space Operations Command. That was what was once 14th Air Force, when we were still part of the Air Force here at Vandenberg. And in that role, I'm responsible for the operational capabilities that we bring to the joint warfighter and to the world from a space perspective. Didn't make quite as many headlines, but another major change that happened last year was the reincarnation, I guess I would say, of United States Space Command. And that is a combatant command. It's how our Department of Defense organizes to actually conduct war-fighting operations. Most people are more familiar perhaps with Central Command, CENTCOM or Northern Command, NORTHCOM, or even Strategic Command, STRATCOM. Well, now we have a SPACECOM. We actually had one from 1985 until 2002, and then stood it down in the wake of the 9/11 attacks and a reorganization of Homeland Security. But we've now stood up a separate command again operationally, to conduct joint space operations. And in that organization, I wear a hat as a component commander, and that's the combined force-based component command working with other, all the additional capabilities that other services bring, as well as our allies. The combined in that title means that under certain circumstances, I would lead in an allied effort in space operations. And so it's actually a terrific job to have here on the central coast of California. Both working how we bring space capabilities to the fight on the Space Force side, and then how we actually operate those capabilities in support of joint warfighters around the world and national security interests. So that's the context. Now what also I should mention and you kind of alluded to John at your beginning, we're kind of in a changed situation than we were a number of years ago, in that we now see space as a war-fighting domain. For most of my career, goin' back a little ways, most of my focus in my jobs was making sure I could bring space capabilities to those that needed them. Bringing GPS to that special operations soldier on the ground somewhere in the world, bringing satellite communications for our nuclear command and control, bringing those capabilities for other uses. But I didn't have to worry in most of my career, about actually defending those space capabilities themselves. Well, now we do. We've actually gone to a point where we're are being threatened in space. We now are treating it more like any other domain, normalizing in that regard as a war-fighting domain. And so we're going through some relatively emergent efforts to protect and defend our capabilities in space, to design our capabilities to be defended, and perhaps most of all, to train our people for this new mission set. So it's a very exciting time, and I know we'll get into it, but you can't get very far into talking about all these space capabilities and how we want to protect and defend them and how we're going to continue their ability to deliver to warfighters around the globe, without talking about cyber, because they fit together very closely. So anyway, thanks for the chance to be here today. And I look forward to the discussion. >> General, thank you so much for that opening statement. And I would just say that not only is it historic with the Space Force, it's super exciting because it opens up so much more challenges and opportunities to do more and to do things differently. So I appreciate that statement. Roland in your opening statement. Your job is to put stuff in space, faster, cheaper, smaller, better, your opening statement, please. >> Yes, thank you, John. And yes, to General Shaw's point with the space domain and the need to protect it now is incredibly important. And I hope that we are more of a help than a thorn in your side in terms of building satellites smaller, faster, cheaper. Definitely looking forward to this discussion and figuring out ways where the entire space domain can work together, from industry to U.S. government, even to the academic environment as well. So first, I would like to say, and preface this by saying, I am not a cybersecurity expert. We build satellites and we launch them into orbit, but we are by no means cybersecurity experts. And that's why we like to partner with organizations like the California Cybersecurity Institute because they help us navigate these requirements. So I'm the CEO of Maverick Space Systems. We are a small aerospace business in San Luis Obispo, California. And we provide small satellite hardware and service solutions to a wide range of customers. All the way from the academic environment to the U.S. government and everything in between. We support customers through an entire program life cycle, from mission architecture and formulation, all the way to getting these customer satellites in orbit. And so what we try to do is provide hardware and services that basically make it easier for customers to get their satellites into orbit and to operate. So whether it be reducing mass or volume, creating greater launch opportunities, or providing the infrastructure and the technology to help those innovations mature in orbit, that's what we do. Our team has experience over the last 20 years, working with small satellites. And I'm definitely fortunate to be part of the team that invented the CubeSat standard by Cal Poly and Stanford back in 2000. And so, we are in VandenBerg's backyard. We came from Cal Poly San Luis Obispo and our hearts are fond of this area, and working with the local community. A lot of that success that we have had is directly attributable to the experiences that we learned as students, working on satellite programs from our professors and mentors. And that's all thanks to Cal Poly. So just wanted to tell a quick story. So back in 2000, just imagine a small group of undergraduate students, myself included, with the daunting task of launching multiple satellites from five different countries on a Russian launch vehicle. Many of us were only 18 or 19, not even at the legal age to drink yet, but as essentially teenagers we were managing million-dollar budgets. And we were coordinating groups from around the world. And we knew what we needed to accomplish, yet we didn't really know what we were doing when we first started. The university was extremely supportive and that's the Cal Poly learn-by-doing philosophy. I remember the first time we had a meeting with our university chief legal counsel, and we were discussing the need to register with the State Department for ITAR. Nobody really knew what ITAR was back then. And discussing this with the chief legal counsel, she was asking, "What is ITAR?" And we essentially had to explain, this is, launching satellites is part of the U.S. munitions list. And essentially we had a similar situation exporting munitions. We are in similar categories as weapons. And so, after that initial shock, everybody jumped in both feet forward, the university, our head legal counsel, professors, mentors, and the students knew we needed to tackle this problem because the need was there to launch these small satellites. And the reason this is important to capture the entire spectrum of users of the community, is that the technology and the innovation of the small satellite industry occurs at all levels, so we have academia, commercial, national governments. We even have high schools and middle schools getting involved and building satellite hardware. And the thing is the importance of cybersecurity is incredibly important because it touches all of these programs and it touches people at a very young age. And so, we hope to have a conversation today to figure out how do we create an environment where we allow these programs to thrive, but we also protect and keep their data safe as well. >> Thank you very much Roland. Appreciate that a story too as well. Thanks for your opening statement. Gentlemen, I mean I love this topic because defending the assets in space is obvious, if you look at it. But there's a bigger picture going on in our world right now. And general, you kind of pointed out the historic nature of Space Force and how it's changing already, operationally, training, skills, tools, all that stuff is evolving. You know in the tech world that I live in, change the world is a topic they use, gets thrown around a lot, you can change the world. A lot of young people, and we have other panels on this where we're talkin' about how to motivate young people, changing the world is what it's all about technology, for the better. Evolution is just an extension of another domain. In this case, space is just an extension of other domains, similar things are happening, but it's different. There's huge opportunity to change the world, so it's faster. There's an expanded commercial landscape out there. Certainly government space systems are moving and changing. How do we address the importance of cybersecurity in space? General, we'll start with you because this is real, it's exciting. If you're a young person, there's touch points of things to jump into, tech, building hardware, to changing laws, and everything in between is an opportunity, and it's exciting. And it is truly a chance to change the world. How does the commercial government space systems teams, address the importance of cybersecurity? >> So, John, I think it starts with the realization that as I like to say, that cyber and space are BFFs. There's nothing that we do on the cutting edge of space that isn't heavily reliant on the cutting edge of cyber. And frankly, there's probably nothing on the cutting edge of cyber that doesn't have a space application. And when you realize that and you see how closely those are intertwined as we need to move forward at speed, it becomes fundamental to answering your question. Let me give a couple examples. One of the biggest challenges I have on a daily basis is understanding what's going on in the space domain. Those on the surface of the planet talk about tyranny of distance across the oceans or across large land masses. And I talk about the tyranny of volume. And right now, we're looking out as far as the lunar sphere. There's activity that's extending out there. We expect NASA to be conducting perhaps human operations in the lunar environment in the next few years. So it extends out that far. When you do the math that's a huge volume. How do you do that? How do you understand what's happening in real time within that volume? It is a big data problem by the very definition of that kind of effort and that kind of challenge. And to do it successfully in the years ahead, it's going to require many, many sensors and the fusion of data of all kinds, to present a picture and then analytics and predictive analytics that are going to deliver an idea of what's going on in the space arena. And that's just if people are not up to mischief. Once you have threats introduced into that environment, it is even more challenging. So I'd say it's a big data problem that we'll enjoy tackling in the years ahead. Now, a second example is, if we had to take a vote of what were the most amazing robots that have ever been designed by humans, I think that spacecraft would have to be up there on the list. Whether it's the NASA spacecraft that explore other planets, or GPS satellites that amazingly provide a wonderful service to the entire globe and beyond. They are amazing technological machines. That's not going to stop. I mean, all the work that Roland talked about, even that we're doin' at the kind of the microsat level is putting cutting-edge technology into small a package as you can to get some sort of capability out of that. As we expand our activities further and further into space for national security purposes, or for exploration or commercial or civil, the cutting-edge technologies of artificial intelligence and machine-to-machine engagements and machine learning are going to be part of that design work moving forward. And then there's the threat piece. As we operate these capabilities, as these constellations grow, that's going to be done via networks. And as I've already pointed out space is a war-fighting domain. That means those networks will come under attack. We expect that they will and that may happen early on in a conflict. It may happen during peace time in the same way that we see cyber attacks all the time, everywhere in many sectors of activity. And so by painting that picture, we start to see how it's intertwined at the very, very most basic level, the cutting edge of cyber and cutting edge of space. With that then comes the need to, any cutting edge cybersecurity capability that we have is naturally going to be needed as we develop space capabilities. And we're going to have to bake that in from the very beginning. We haven't done that in the past as well as we should, but moving forward from this point on, it will be an essential ingredient that we work into all of our capability. >> Roland, we're talkin' about now, critical infrastructure. We're talkin' about new capabilities being addressed really fast. So, it's kind of chaotic now there's threats. So it's not as easy as just having capabilities, 'cause you've got to deal with the threats the general just pointed out. But now you've got critical infrastructure, which then will enable other things down the line. How do you protect it? How do we address this? How do you see this being addressed from a security standpoint? Because malware, these techniques can be mapped in, extended into space and takeovers, wartime, peace time, these things are all going to be under threat. That's pretty well understood, and I think people kind of get that. How do we address it? What's your take? >> Yeah, yeah, absolutely. And I couldn't agree more with General Shaw, with cybersecurity and space being so intertwined. And, I think with fast and rapid innovation comes the opportunity for threats, especially if you have bad actors that want to cause harm. And so, as a technology innovator and you're pushing the bounds, you kind of have a common goal of doing the best you can, and pushing the technology bounds, making it smaller, faster, cheaper. But a lot of times what entrepreneurs and small businesses and supply chains are doing, and don't realize it, is a lot of these components are dual use. I mean, you could have a very benign commercial application, but then a small modification to it, can turn it into a military application. And if you do have these bad actors, they can exploit that. And so, I think that the big thing is creating a organization that is non-biased, that just wants to kind of level the playing field for everybody to create a set standard for cybersecurity in space. I think one group that would be perfect for that is CCI. They understand both the cybersecurity side of things, and they also have at Cal Poly the small satellite group. And just having kind of a clearing house or an agency where can provide information that is free, you don't need a membership for. And to be able to kind of collect that, but also reach out to the entire value chain for a mission, and making them aware of what potential capabilities are and then how it might be potentially used as a weapon. And keeping them informed, because I think the vast majority of people in the space industry just want to do the right thing. And so, how do we get that information free flowing to the U.S. government so that they can take that information, create assessments, and be able to, not necessarily stop threats from occurring presently, but identify them long before that they would ever even happen. Yeah, that's- >> General, I want to follow up on that real quick before we move to the next top track. Critical infrastructure you mentioned, across the oceans long distance, volume. When you look at the physical world, you had power grids here in the United States, you had geography, you had perimeters, the notion of a perimeter and a moat, and then you had digital comes in. Then you have, we saw software open up, and essentially take down this idea of a perimeter, and from a defense standpoint, and everything changed. And we have to fortify those critical assets in the U.S. Space increases the same problem statement significantly, because you can't just have a perimeter, you can't have a moat, it's open, it's everywhere. Like what digital's done, and that's why we've seen a surge of cyber in the past two decades, attacks with software. So, this isn't going to go away. You need the critical infrastructure, you're putting it up there, you're formulating it, and you got to protect it. How do you view that? Because it's going to be an ongoing problem statement. What's the current thinking? >> Yeah, I think my sense is that a mindset that you can build a firewall, or a defense, or some other system that isn't dynamic in its own right, is probably not headed in the right direction. I think cybersecurity in the future, whether it's for space systems, or for other critical infrastructure is going to be a dynamic fight that happens at a machine-to-machine speed and dynamic. I don't think that it's too far off where we will have machines writing their own code in real time to fight off attacks that are coming at them. And by the way, the offense will probably be doing the same kind of thing. And so, I guess I would not want to think that the answer is something that you just build it and you leave it alone and it's good enough. It's probably going to be a constantly-evolving capability, constantly reacting to new threats and staying ahead of those threats. >> That's the kind of use case, you know as you were, kind of anecdotal example is the exciting new software opportunities for computer science majors. I mean, I tell my young kids and everyone, man it's more exciting now. I wish I was 18 again, it's so exciting with AI. Roland, I want to get your thoughts. We were joking on another panel with the DoD around space and the importance of it obviously, and we're going to have that here. And then we had a joke. It's like, oh software's defined everything. Software's everything, AI. And I said, "Well here in the United States, companies had data centers and then they went to the cloud." And then he said, "You can do break, fix, it's hard to do break, fix in space. You can't just send a tech up." I get that today, but soon maybe robotics. The general mentions robotics technologies, in referencing some of the accomplishments. Fixing things is almost impossible in space. But maybe form factors might get better. Certainly software will play a role. What's your thoughts on that landscape? >> Yeah, absolutely. You know, for software in orbit, there's a push for software-defined radios to basically go from hardware to software. And that's a critical link. If you can infiltrate that and a small satellite has propulsion on board, you could take control of that satellite and cause a lot of havoc. And so, creating standards and that kind of initial threshold of security, for let's say these radios, or communications and making that available to the entire supply chain, to the satellite builders, and operators is incredibly key. And that's again, one of the initiatives that CCI is tackling right now as well. >> General, I want to get your thoughts on best practices around cybersecurity, state-of-the-art today, and then some guiding principles, and kind of how the, if you shoot the trajectory forward, what might happen around supply chain? There's been many stories where, we outsource the chips and there's a little chip sittin' in a thing and it's built by someone else in China, and the software is written from someone in Europe, and the United States assembles it, it gets shipped and it's corrupt, and it has some cyber, I'm making it up, I'm oversimplifying the statement. But this is what when you have space systems that involve intellectual property from multiple partners, whether it's from software to creation and then deployment. You got supply chain tiers. What are some of best practices that you see involving, that don't stunt the innovation, but continues to innovate, but people can operate safely. What's your thoughts? >> Yeah, so on supply chain, I think the symposium here is going to get to hear from General JT Thompson from space and missile system center down in Los Angeles, and he's just down the road from us there on the coast. And his team is the one that we look to to really focus on, as he fires and develops to again bake in cybersecurity from the beginning and knowing where the components are coming from, and properly assessing those as you put together your space systems, is a key piece of what his team is focused on. So I expect, we'll hear him talk about that. When it talks to, I think, so you asked the question a little more deeply about how do the best practices in terms of how we now develop moving forward. Well, another way that we don't do it right, is if we take a long time to build something and then General JT Thompson's folks take a while to build something, and then they hand it over to me, and my team operate and then they go hands free. And then that's what I have for years to operate until the next thing comes along. That's a little old school. What we're going to have to do moving forward with our space capabilities, and with the cyber piece baked in is continually developing new capability sets as we go. We actually have partnership between General Thompson's team and mine here at Vandenberg on our ops floor, or our combined space operation center, that are actually working in real time together, better tools that we can use to understand what's going on in the space environment to better command and control our capabilities anywhere from military satellite communications, to space domain awareness, sensors, and such. And we're developing those capabilities in real time. And with the security pieces. So DevSecOps is we're practicing that in real time. I think that is probably the standard today that we're trying to live up to as we continue to evolve. But it has to be done again, in close partnership all the time. It's not a sequential, industrial-age process. While I'm on the subject of partnerships. So, General Thompson's team and mine have good partnerships. It's partnerships across the board are going to be another way that we are successful. And that it means with academia and some of the relationships that we have here with Cal Poly. It's with the commercial sector in ways that we haven't done before. The old style business was to work with just a few large companies that had a lot of space experience. Well, we need a lot of kinds of different experience and technologies now in order to really field good space capabilities. And I expect we'll see more and more non-traditional companies being part of, and organizations, being part of that partnership that will work goin' forward. I mentioned at the beginning that allies are important to us. So everything that Roland and I have been talking about I think you have to extrapolate out to allied partnerships. It doesn't help me as a combined force component commander, which is again, one of my jobs. It doesn't help me if the United States capabilities are cybersecure, but I'm tryin' to integrate them with capabilities from an ally that are not cybersecure. So that partnership has to be dynamic and continually evolving together. So again, close partnering, continually developing together from the acquisition to the operational sectors, with as many different sectors of our economy as possible, are the ingredients to success. >> General, I'd love to just follow up real quick. I was having just a quick reminder for a conversation I had with last year with General Keith Alexander, who does a lot of cybersecurity work, and he was talking about the need to share faster. And the new school is you got to share faster to get the data, you mentioned observability earlier, you need to see what everything's out there. He's a real passionate person around getting the data, getting it fast and having trusted partners. So that's not, it's kind of evolving as, I mean, sharing's a well known practice, but with cyber it's sensitive data potentially. So there's a trust relationship. There's now a new ecosystem. That's new for government. How do you view all that and your thoughts on that trend of the sharing piece of it on cyber? >> So, I don't know if it's necessarily new, but it's at a scale that we've never seen before. And by the way, it's vastly more complicated and complex when you overlay from a national security perspective, classification of data and information at various levels. And then that is again complicated by the fact you have different sharing relationships with different actors, whether it's commercial, academic, or allies. So it gets very, very complex web very quickly. So that's part of the challenge we're workin' through. How can we effectively share information at multiple classification levels with multiple partners in an optimal fashion? It is certainly not optimal today. It's very difficult, even with maybe one industry partner for me to be able to talk about data at an unclassified level, and then various other levels of classification to have the traditional networks in place to do that. I could see a solution in the future where our cybersecurity is good enough that maybe I only really need one network and the information that is allowed to flow to the players within the right security environment to make that all happen as quickly as possible. So you've actually, John you've hit on yet another big challenge that we have, is evolving our networks to properly share, with the right people, at the right clearance levels at the speed of war, which is what we're going to need. >> Yeah, and I wanted to call that out because this is an opportunity, again, this discussion here at Cal Poly and around the world is for new capabilities and new people to solve the problems. It's again, it's super exciting if you're geeking out on this. If you have a tech degree or you're interested in changin' the world, there's so many new things that could be applied right now. Roland, I want to get your thoughts on this, because one of the things in the tech trends we're seeing, and this is a massive shift, all the theaters of the tech industry are changing rapidly at the same time. And it affects policy law, but also deep tech. The startup communities are super important in all this too. We can't forget them. Obviously, the big trusted players that are partnering certainly on these initiatives, but your story about being in the dorm room. Now you've got the boardroom and now you got everything in between. You have startups out there that want to and can contribute. You know, what's an ITAR? I mean, I got all these acronym certifications. Is there a community motion to bring startups in, in a safe way, but also give them ability to contribute? Because you look at open source, that proved everyone wrong on software. That's happening now with this now open network concept, the general was kind of alluding to. Which is, it's a changing landscape. Your thoughts, I know you're passionate about this. >> Yeah, absolutely. And I think as General Shaw mentioned, we need to get information out there faster, more timely and to the right people, and involving not only just stakeholders in the U.S., but internationally as well. And as entrepreneurs, we have this very lofty vision or goal to change the world. And oftentimes, entrepreneurs, including myself, we put our heads down and we just run as fast as we can. And we don't necessarily always kind of take a breath and take a step back and kind of look at what we're doing and how it's touching other folks. And in terms of a community, I don't know of any formal community out there, it's mostly ad hoc. And, these ad hoc communities are folks who let's say was a student working on a satellite in college. And they loved that entrepreneurial spirit. And so they said, "Well, I'm going to start my own company." And so, a lot of these ad hoc networks are just from relationships that have been built over the last two decades from colleagues at the university. I do think formalizing this and creating kind of a clearing house to handle all of this is incredibly important. >> And there's going to be a lot of entrepreneurial activity, no doubt, I mean there's too many things to work on and not enough time. I mean this brings up the question that I'm going to, while we're on this topic, you got the remote work with COVID, everyone's workin' remotely, we're doin' this remote interview rather than being on stage. Work's changing, how people work and engage. Certainly physical will come back. But if you looked at historically the space industry and the talent, they're all clustered around the bases. And there's always been these areas where you're a space person. You kind of work in there and the job's there. And if you were cyber, you were generally in other areas. Over the past decade, there's been a cross-pollination of talent and location. As you see the intersection of space, general we'll start with you, first of all, central coast is a great place to live. I know that's where you guys live. But you can start to bring together these two cultures. Sometimes they're not the same. Maybe they're getting better. We know they're being integrated. So general, can you just share your thoughts because this is one of those topics that everyone's talkin' about, but no one's actually kind of addressed directly. >> Yeah, John, I think so. I think I want to answer this by talkin' about where I think the Space Force is going. Because I think if there was ever an opportunity or an inflection point in our Department of Defense to sort of change culture and try to bring in non-traditional kinds of thinking and really kind of change maybe some of the ways that the Department of Defense does things that are probably archaic, Space Force is an inflection point for that. General Raymond, our Chief of Space Operations, has said publicly for awhile now, he wants the U.S. Space Force to be the first truly digital service. And what we mean by that is we want the folks that are in the Space Force to be the ones that are the first adopters, the early adopters of technology. To be the ones most fluent in the cutting edge, technologic developments on space and cyber and other sectors of the economy that are technologically focused. And I think there's some, that can generate some excitement, I think. And it means that we'll probably ended up recruiting people into the Space Force that are not from the traditional recruiting areas that the rest of the Department of Defense looks to. And I think it allows us to bring in a diversity of thought and diversity of perspective and a new kind of motivation into the service, that I think is frankly really exciting. So if you put together everything I mentioned about how space and cyber are going to be best friends forever. And I think there's always been an excitement from the very beginning in the American psyche about space. You start to put all these ingredients together, and I think you see where I'm goin' with this. That this is a chance to really change that cultural mindset that you were describing. >> It's an exciting time for sure. And again, changing the world. And this is what you're seeing today. People do want to change the world. They want a modern world that's changing. Roland, I'll get your thoughts on this. I was having an interview a few years back with a technology entrepreneur, a techie, and we were joking, we were just kind of riffing. And I said, "Everything that's on "Star Trek" will be invented." And we're almost there actually, if you think about it, except for the transporter room. You got video, you got communicators. So, not to bring in the "Star Trek" reference with Space Force, this is digital. And you start thinking about some of the important trends, it's going to be up and down the stack, from hardware to software, to user experience, everything. Your thoughts and reaction. >> Yeah, absolutely. And so, what we're seeing is timelines shrinking dramatically because of the barrier to entry for new entrants and even your existing aerospace companies is incredibly low, right? So if you take previously where you had a technology on the ground and you wanted it in orbit, it would take years. Because you would test it on the ground. You would verify that it can operate in a space environment. And then you would go ahead and launch it. And we're talking tens, if not hundreds of millions of dollars to do that. Now, we've cut that down from years to months. When you have a prototype on the ground and you want to get it launched, you don't necessarily care if it fails on orbit the first time, because you're getting valuable data back. And so, we're seeing technology being developed for the first time on the ground and in orbit in a matter of a few months. And the whole kind of process that we're doing as a small business is trying to enable that. And so, allowing these entrepreneurs and small companies to get their technology in orbit at a price that is sometimes even cheaper than testing on the ground. >> You know this is a great point. I think this is really an important point to call out because we mentioned partnerships earlier, the economics and the business model of space is doable. I mean, you do a mission study. You get paid for that. You have technology that you get stuff up quickly, and there's a cost structure there. And again, the alternative was waterfall planning, years and millions. Now the form factors are doing, now, again, there may be different payloads involved, but you can standardize payloads. You've got robotic arms. This is all available. This brings up the congestion problem. This is going to be on the top of mind of the generals of course, but you've got the proliferation of these constellation systems. You're going to have more and more tech vectors. I mean, essentially that's malware. I mean, that's a probe. You throw something up in space that could cause some interference. Maybe a takeover. General, this is the real elephant in the room, the threat matrix from new stuff and new configurations. So general, how does the proliferation of constellation systems change the threat matrix? >> So I think the, you know I guess I'm going to be a little more optimistic John than I think you pitched that. I'm actually excited about these new mega constellations in LEO. I'm excited about the growing number of actors that are going into space for various reasons. And why is that? It's because we're starting to realize a new economic engine for the nation and for human society. So the question is, so I think we want that to happen. When we could go to almost any other domain in history and when air travel started to become much, much more commonplace with many kinds of actors from private pilots flying their small planes, all the way up to large airliners, there was a problem with congestion. There was a problem about, challenges about behavior, and are we going to be able to manage this? And yes we did. And it was for the great benefit of society. I could probably look to the maritime domain for similar kinds of things. And so this is actually exciting about space. We are just going to have to find the ways as a society, and it's not just the Department of Defense, it's going to be civil, it's going to be international, find the mechanisms to encourage this continued investment in the space domain. I do think that Space Force will play a role in providing security in the space environment, as we venture further out, as economic opportunities emerge, wherever they are in the lunar, Earth, lunar system, or even within the solar system. Space Force is going to play a role in that. But I'm actually really excited about those possibilities. Hey, by the way, I got to say, you made me think of this when you talked about "Star Trek" and Space Force and our technologies, I remember when I was younger watchin' the Next Generation series. I thought one of the coolest things, 'cause bein' a musician in my spare time, I thought one of the coolest things was when Commander Riker would walk into his quarters and say, "Computer play soft jazz." And there would just be, the computer would just play music. And this was an age when we had hard media. Like how will that, that is awesome. Man, I can't wait for the 23rd century when I can do that. And where we are today is so incredible on those lines. The things that I can ask Alexa or Siri to play. >> Well that's the thing, everything that's on "Star Trek," think about it, it's almost invented. I mean, you got the computers, you got, the only thing really is, holograms are startin' to come in, you got, now the transporter room. Now that's physics. We'll work on that. >> So there is this balance between physics and imagination, but we have not exhausted either. >> Well, firstly, everyone that knows me knows I'm a huge "Star Trek" fan, all the series. Of course, I'm an original purist, but at that level. But this is about economic incentive as well. Roland, I want to get your thoughts, 'cause the gloom and doom, we got to think about the bad stuff to make it good. If I put my glass half full on the table, this economic incentives, just like the example of the plane and the air traffic. There's more actors that are incented to have a secure system. What's your thoughts to general's comments around the optimism and the potential threat matrix that needs to be managed. >> Absolutely, so one of the things that we've seen over the years, as we build these small satellites is a lot of that technology that the General's talking about, voice recognition, miniaturized chips, and sensors, started on the ground. And I mean, you have your iPhone, that, about 15 years ago before the first iPhone came out, we were building small satellites in the lab and we were looking at cutting-edge, state-of-the-art magnetometers and sensors that we were putting in our satellites back then. We didn't know if they were going to work. And then a few years later, as these students graduate, they go off and they go out to other industries. And so, some of the technology that was first kind of put in these CubeSats in the early 2000s, kind of ended up in the first generation iPhone, smartphones. And so being able to take that technology, rapidly incorporate that into space and vice versa gives you an incredible economic advantage. Because not only are your costs going down because you're mass producing these types of terrestrial technologies, but then you can also increase revenue and profit by having smaller and cheaper systems. >> General, let's talk about that real quickly, that's a good point, I want to just shift it into the playbook. I mean, everyone talks about playbooks for management, for tech, for startups, for success. I mean, one of the playbooks that's clear from your history is investment in R&D around military and/or innovation that has a long view, spurs innovation, commercially. I mean, just there's a huge, many decades of history that shows that, hey we got to start thinking about these challenges. And next thing you know it's in an iPhone. This is history, this is not like a one off. And now with Space Force you're driving the main engine of innovation to be all digital. You know, we riff about "Star Trek" which is fun, the reality is you're going to be on the front lines of some really new, cool, mind-blowing things. Could you share your thoughts on how you sell that to the people who write the checks or recruit more talent? >> First, I totally agree with your thesis that national security, well, could probably go back an awful long way, hundreds to thousands of years, that security matters tend to drive an awful lot of innovation and creativity. You know I think probably the two things that drive people the most are probably an opportunity to make money, but beating that out are trying to stay alive. And so, I don't think that's going to go away. And I do think that Space Force can play a role as it pursues security structures, within the space domain to further encourage economic investment and to protect our space capabilities for national security purposes, are going to be at the cutting edge. This isn't the first time. I think we can point back to the origins of the internet, really started in the Department of Defense, with a partnership I should add, with academia. That's how the internet got started. That was the creativity in order to meet some needs there. Cryptography has its roots in security, in national security, but now we use it for economic reasons and a host of other kinds of reasons. And then space itself, I mean, we still look back to Apollo era as an inspiration for so many things that inspired people to either begin careers in technical areas or in space and so on. So I think in that same spirit, you're absolutely right. I guess I'm totally agreeing with your thesis. The Space Force will have a positive, inspirational influence in that way. And we need to realize that. So when we are asking for, when we're looking for how we need to meet capability needs, we need to spread that net very far, look for the most creative solutions and partner early and often with those that can work on those. >> When you're on the new frontier, you got to have a team sport, it's a team effort. And you mentioned the internet, just anecdotally I'm old enough to remember this 'cause I remember the days that it was goin' on, is that the policy decisions that the U.S. made at that time was to let it go a little bit invisible hand. They didn't try to commercialize it too fast. But there was some policy work that was done, that had a direct effect to the innovation. Versus take it over, and the next thing you know it's out of control. So I think there's this cross-disciplinary skillset becomes a big thing where you need to have more people involved. And that's one of the big themes of this symposium. So it's a great point. Thank you for sharing that. Roland, your thoughts on this because you got policy decisions. We all want to run faster. We want to be more innovative, but you got to have some ops view. Now, most of the ops view people want things very tight, very buttoned up, secure. The innovators want to go faster. It's the ying and yang. That's the world we live in. How's it all balance in your mind? >> Yeah, one of the things that may not be apparently obvious is that the U.S. government and Department of Defense is one of the biggest investors in technology in the aerospace sector. They're not the traditional venture capitalists, but they're the ones that are driving technology innovation because there's funding. And when companies see that the U.S. government is interested in something, businesses will revector to provide that capability. And, I would say the more recent years, we've had a huge influx of private equity, venture capital coming into the markets to kind of help augment the government investment. And I think having a good partnership and a relationship with these private equity, venture capitalists and the U.S. government is incredibly important because the two sides can help collaborate and kind of see a common goal. But then also too, on the other side there's that human element. And as General Shaw was saying, not only do companies obviously want to thrive and do really well, some companies just want to stay alive to see their technology kind of grow into what they've always dreamed of. And oftentimes entrepreneurs are put in a very difficult position because they have to make payroll, they have to keep the lights on. And so, sometimes they'll take investment from places where they may normally would not have, from potentially foreign investment that could potentially cause issues with the U.S. supply chain. >> Well, my final question is the best I wanted to save for last, because I love the idea of human space flight. I'd love to be on Mars. I'm not sure I'm able to make it someday, but how do you guys see the possible impacts of cybersecurity on expanding human space flight operations? I mean, general, this is your wheelhouse. This is your in command, putting humans in space and certainly robots will be there because they're easy to go 'cause they're not human. But humans in space. I mean, you startin' to see the momentum, the discussion, people are scratchin' that itch. What's your take on that? How do we see makin' this more possible? >> Well, I think we will see commercial space tourism in the future. I'm not sure how wide and large a scale it will become, but we will see that. And part of the, I think the mission of the Space Force is going to be probably to again, do what we're doin' today is have really good awareness of what's going on in the domain to ensure that that is done safely. And I think a lot of what we do today will end up in civil organizations to do space traffic management and safety in that arena. And, it is only a matter of time before we see humans going, even beyond the, NASA has their plan, the Artemis program to get back to the moon and the gateway initiative to establish a space station there. And that's going to be a NASA exploration initiative. But it is only a matter of time before we have private citizens or private corporations putting people in space and not only for tourism, but for economic activity. And so it'll be really exciting to watch. It'll be really exciting and Space Force will be a part of it. >> General, Roland, I want to thank you for your valuable time to come on this symposium. Really appreciate it. Final comment, I'd love you to spend a minute to share your personal thoughts on the importance of cybersecurity to space and we'll close it out. We'll start with you Roland. >> Yeah, so I think the biggest thing I would like to try to get out of this from my own personal perspective is creating that environment that allows the aerospace supply chain, small businesses like ourselves, be able to meet all the requirements to protect and safeguard our data, but also create a way that we can still thrive and it won't stifle innovation. I'm looking forward to comments and questions, from the audience to really kind of help, basically drive to that next step. >> General final thoughts, the importance of cybersecurity to space. >> I'll go back to how I started I think John and say that space and cyber are forever intertwined, they're BFFs. And whoever has my job 50 years from now, or a hundred years from now, I predict they're going to be sayin' the exact same thing. Cyber and space are intertwined for good. We will always need the cutting edge, cybersecurity capabilities that we develop as a nation or as a society to protect our space capabilities. And our cyber capabilities are going to need space capabilities in the future as well. >> General John Shaw, thank you very much. Roland Coelho, thank you very much for your great insight. Thank you to Cal Poly for puttin' this together. I want to shout out to the team over there. We couldn't be in-person, but we're doing a virtual remote event. I'm John Furrier with "theCUBE" and SiliconANGLE here in Silicon Valley, thanks for watching. (upbeat music)

>> Announcer: From around the globe, it's The Cube, covering Space and Cybersecurity Symposium 2020, hosted by Cal Poly. >> Everyone, welcome to this special virtual conference, the Space and Cybersecurity Symposium 2020 put on by Cal Poly with support from The Cube. I'm John Furey, your host and master of ceremony's got a great topic today, and this session is really the intersection of space and cybersecurity. This topic, and this conversation is a cybersecurity workforce development through public and private partnerships. And we've got a great lineup, we've Jeff Armstrong is the president of California Polytechnic State University, also known as Cal Poly. Jeffrey, thanks for jumping on and Bong Gumahad. The second, Director of C4ISR Division, and he's joining us from the Office of the Under Secretary of Defense for the acquisition and sustainment of Department of Defense, DOD, and of course Steve Jacques is Executive Director, founder National Security Space Association, and managing partner at Velos. Gentlemen, thank you for joining me for this session, we've got an hour of conversation, thanks for coming on. >> Thank you. >> So we've got a virtual event here, we've got an hour to have a great conversation, I'd love for you guys to do an opening statement on how you see the development through public and private partnerships around cybersecurity and space, Jeff, we'll start with you. >> Well, thanks very much, John, it's great to be on with all of you. On behalf of Cal Poly, welcome everyone. Educating the workforce of tomorrow is our mission at Cal Poly, whether that means traditional undergraduates, masters students, or increasingly, mid-career professionals looking to upskill or re-skill. Our signature pedagogy is learn by doing, which means that our graduates arrive at employers, ready day one with practical skills and experience. We have long thought of ourselves as lucky to be on California's beautiful central coast, but in recent years, as we've developed closer relationships with Vandenberg Air Force Base, hopefully the future permanent headquarters of the United States Space Command with Vandenberg and other regional partners, We have discovered that our location is even more advantageous than we thought. We're just 50 miles away from Vandenberg, a little closer than UC Santa Barbara and the base represents the Southern border of what we have come to think of as the central coast region. Cal Poly and Vandenberg Air Force Base have partnered to support regional economic development, to encourage the development of a commercial space port, to advocate for the space command headquarters coming to Vandenberg and other ventures. These partnerships have been possible because both parties stand to benefit. Vandenberg, by securing new streams of revenue, workforce, and local supply chain and Cal Poly by helping to grow local jobs for graduates, internship opportunities for students and research and entrepreneurship opportunities for faculty and staff. Crucially, what's good for Vandenberg Air Force Base and for Cal Poly is also good for the central coast and the U.S., creating new head of household jobs, infrastructure, and opportunity. Our goal is that these new jobs bring more diversity and sustainability for the region. This regional economic development has taken on a life of its own, spawning a new nonprofit called REACH which coordinates development efforts from Vandenberg Air Force Base in the South to Camp Roberts in the North. Another factor that has facilitated our relationship with Vandenberg Air Force Base is that we have some of the same friends. For example, Northrop Grumman has as long been an important defense contractor and an important partner to Cal Poly, funding scholarships in facilities that have allowed us to stay current with technology in it to attract highly qualified students for whom Cal Poly's costs would otherwise be prohibitive. For almost 20 years, Northrop Grumman has funded scholarships for Cal Poly students. This year, they're funding 64 scholarships, some directly in our College of Engineering and most through our Cal Poly Scholars Program. Cal Poly scholars support both incoming freshmen and transfer students. These are especially important, 'cause it allows us to provide additional support and opportunities to a group of students who are mostly first generation, low income and underrepresented, and who otherwise might not choose to attend Cal Poly. They also allow us to recruit from partner high schools with large populations of underrepresented minority students, including the Fortune High School in Elk Grove, which we developed a deep and lasting connection. We know that the best work is done by balanced teams that include multiple and diverse perspectives. These scholarships help us achieve that goal and I'm sure you know Northrop Grumman was recently awarded a very large contract to modernize the U.S. ICBM armory with some of the work being done at Vandenberg Air Force Base, thus supporting the local economy and protecting... Protecting our efforts in space requires partnerships in the digital realm. Cal Poly has partnered with many private companies such as AWS. Our partnerships with Amazon Web Services has enabled us to train our students with next generation cloud engineering skills, in part, through our jointly created digital transformation hub. Another partnership example is among Cal Poly's California Cyber Security Institute College of Engineering and the California National Guard. This partnership is focused on preparing a cyber-ready workforce, by providing faculty and students with a hands on research and learning environment side by side with military law enforcement professionals and cyber experts. We also have a long standing partnership with PG&E most recently focused on workforce development and redevelopment. Many of our graduates do indeed go on to careers in aerospace and defense industry. As a rough approximation, more than 4,500 Cal Poly graduates list aerospace or defense as their employment sector on LinkedIn. And it's not just our engineers in computer sciences. When I was speaking to our fellow panelists not too long ago, speaking to Bong, we learned that Rachel Sims, one of our liberal arts majors is working in his office, so shout out to you, Rachel. And then finally, of course, some of our graduates soar to extraordinary heights, such as Commander Victor Glover, who will be heading to the International Space Station later this year. As I close, all of which is to say that we're deeply committed to workforce development and redevelopment, that we understand the value of public-private partnerships, and that we're eager to find new ways in which to benefit everyone from this further cooperation. So we're committed to the region, the state and the nation, in our past efforts in space, cyber security and links to our partners at, as I indicated, aerospace industry and governmental partners provides a unique position for us to move forward in the interface of space and cyber security. Thank you so much, John. >> President Armstrong, thank you very much for the comments and congratulations to Cal Poly for being on the forefront of innovation and really taking a unique, progressive view and want to tip a hat to you guys over there, thank you very much for those comments, appreciate it. Bong, Department of Defense. Exciting, you've got to defend the nation, space is global, your opening statement. >> Yes, sir, thanks John, appreciate that. Thank you everybody, I'm honored to be in this panel along with Preston Armstrong of Cal Poly and my longtime friend and colleague Steve Jacques of the National Security Space Association to discuss a very important topic of a cybersecurity workforce development as President Armstrong alluded to. I'll tell you, both of these organizations, Cal Poly and the NSSA have done and continue to do an exceptional job at finding talent, recruiting them and training current and future leaders and technical professionals that we vitally need for our nation's growing space programs, as well as our collective national security. Earlier today, during session three, I, along with my colleague, Chris Samson discussed space cyber security and how the space domain is changing the landscape of future conflicts. I discussed the rapid emergence of commercial space with the proliferation of hundreds, if not thousands of satellites, providing a variety of services including communications, allowing for global internet connectivity, as one example. Within DOD, we continued to look at how we can leverage this opportunity. I'll tell you, one of the enabling technologies, is the use of small satellites, which are inherently cheaper and perhaps more flexible than the traditional bigger systems that we have historically used and employed for DOD. Certainly not lost on me is the fact that Cal Poly pioneered CubeSats 28, 27 years ago, and they set a standard for the use of these systems today. So they saw the value and benefit gained way ahead of everybody else it seems. And Cal Poly's focus on training and education is commendable. I'm especially impressed by the efforts of another of Steven's colleague, the current CIO, Mr. Bill Britton, with his high energy push to attract the next generation of innovators. Earlier this year, I had planned on participating in this year's cyber innovation challenge in June, Oops, Cal Poly hosts California middle, and high school students, and challenge them with situations to test their cyber knowledge. I tell you, I wish I had that kind of opportunity when I was a kid, unfortunately, the pandemic changed the plan, but I truly look forward to future events such as these, to participate in. Now, I want to recognize my good friend, Steve Jacques, whom I've known for perhaps too long of a time here, over two decades or so, who was an acknowledged space expert and personally I've truly applaud him for having the foresight a few years back to form the National Security Space Association to help the entire space enterprise navigate through not only technology, but policy issues and challenges and paved the way for operationalizing space. Space, it certainly was fortifying domain, it's not a secret anymore, and while it is a unique area, it shares a lot of common traits with the other domains, such as land, air, and sea, obviously all are strategically important to the defense of the United States. In conflict, they will all be contested and therefore they all need to be defended. One domain alone will not win future conflicts, and in a joint operation, we must succeed in all. So defending space is critical, as critical as to defending our other operational domains. Funny, space is the only sanctuary available only to the government. Increasingly as I discussed in a previous session, commercial space is taking the lead in a lot of different areas, including R&D, the so-called new space. So cybersecurity threat is even more demanding and even more challenging. The U.S. considers and futhered access to and freedom to operate in space, vital to advancing security, economic prosperity and scientific knowledge of the country, thus making cyberspace an inseparable component of America's financial, social government and political life. We stood up US Space Force a year ago or so as the newest military service. Like the other services, its mission is to organize, train and equip space forces in order to protect U.S. and allied interest in space and to provide spacecape builders who joined force. Imagine combining that U.S. Space Force with the U.S. Cyber Command to unify the direction of the space and cyberspace operation, strengthen DOD capabilities and integrate and bolster a DOD cyber experience. Now, of course, to enable all of this requires a trained and professional cadre of cyber security experts, combining a good mix of policy, as well as a high technical skill set. Much like we're seeing in STEM, we need to attract more people to this growing field. Now, the DOD has recognized the importance to the cybersecurity workforce, and we have implemented policies to encourage its growth. Back in 2013, the Deputy Secretary of Defense signed a DOD Cyberspace Workforce Strategy, to create a comprehensive, well-equipped cyber security team to respond to national security concerns. Now, this strategy also created a program that encourages collaboration between the DOD and private sector employees. We call this the Cyber Information Technology Exchange program, or CITE that it's an exchange program, which is very interesting in which a private sector employee can naturally work for the DOD in a cyber security position that spans across multiple mission critical areas, important to the DOD. A key responsibility of the cyber security community is military leaders, unrelated threats, and the cyber security actions we need to have to defeat these threats. We talked about rapid acquisition, agile business processes and practices to speed up innovation, likewise, cyber security must keep up with this challenge. So cyber security needs to be right there with the challenges and changes, and this requires exceptional personnel. We need to attract talent, invest in the people now to grow a robust cybersecurity workforce for the future. I look forward to the panel discussion, John, thank you. >> Thank you so much, Bob for those comments and, you know, new challenges or new opportunities and new possibilities and freedom to operate in space is critical, thank you for those comments, looking forward to chatting further. Steve Jacques, Executive Director of NSSA, you're up, opening statement. >> Thank you, John and echoing Bongs, thanks to Cal Poly for pulling this important event together and frankly, for allowing the National Security Space Association be a part of it. Likewise, on behalf of the association, I'm delighted and honored to be on this panel of President Armstrong, along with my friend and colleague, Bong Gumahad. Something for you all to know about Bong, he spent the first 20 years of his career in the Air Force doing space programs. He then went into industry for several years and then came back into government to serve, very few people do that. So Bong, on behalf of the space community, we thank you for your lifelong devotion to service to our nation, we really appreciate that. And I also echo a Bong shout out to that guy, Bill Britton. who's been a long time co-conspirator of ours for a long time, and you're doing great work there in the cyber program at Cal Poly, Bill, keep it up. But Professor Armstrong, keep a close eye on him. (laughter) I would like to offer a little extra context to the great comments made by President Armstrong and Bong. And in our view, the timing of this conference really could not be any better. We all recently reflected again on that tragic 9/11 surprise attack on our homeland and it's an appropriate time we think to take pause. While a percentage of you in the audience here weren't even born or were babies then, for the most of us, it still feels like yesterday. And moreover, a tragedy like 9/11 has taught us a lot to include, to be more vigilant, always keep our collective eyes and ears open, to include those "eyes and ears from space," making sure nothing like this ever happens again. So this conference is a key aspect, protecting our nation requires we work in a cyber secure environment at all times. But you know, the fascinating thing about space systems is we can't see 'em. Now sure, we see space launches, man, there's nothing more invigorating than that. But after launch they become invisible, so what are they really doing up there? What are they doing to enable our quality of life in the United States and in the world? Well to illustrate, I'd like to paraphrase elements of an article in Forbes magazine, by Bongs and my good friend, Chuck Beames, Chuck is a space guy, actually had Bongs job a few years in the Pentagon. He's now Chairman and Chief Strategy Officer at York Space Systems and in his spare time, he's Chairman of the Small Satellites. Chuck speaks in words that everyone can understand, so I'd like to give you some of his words out of his article, paraphrase somewhat, so these are Chuck's words. "Let's talk about average Joe and plain Jane. "Before heading to the airport for a business trip "to New York city, Joe checks the weather forecast, "informed by NOAA's weather satellites, "to see what to pack for the trip. "He then calls an Uber, that space app everybody uses, "it matches riders with drivers via GPS, "to take him to the airport. "So Joe has launched in the airport, "unbeknownst to him, his organic lunch is made "with the help of precision farming "made possible to optimize the irrigation and fertilization "with remote spectral sensing coming from space and GPS. "On the plane, the pilot navigates around weather, "aided by GPS and NOAA's weather satellites "and Joe makes his meeting on time "to join his New York colleagues in a video call "with a key customer in Singapore, "made possible by telecommunication satellites. "En route to his next meeting, "Joe receives notice changing the location of the meeting "to the other side of town. "So he calmly tells Siri to adjust the destination "and his satellite-guided Google maps redirect him "to the new location. "That evening, Joe watches the news broadcast via satellite, "report details of meeting among world leaders, "discussing the developing crisis in Syria. "As it turns out various forms of "'remotely sensed information' collected from satellites "indicate that yet another banned chemical weapon "may have been used on its own people. "Before going to bed, Joe decides to call his parents "and congratulate them for their wedding anniversary "as they cruise across the Atlantic, "made possible again by communication satellites "and Joe's parents can enjoy the call "without even wondering how it happened. "The next morning back home, "Joe's wife, Jane is involved in a car accident. "Her vehicle skids off the road, she's knocked unconscious, "but because of her satellite equipped OnStar system, "the crash is detected immediately, "and first responders show up on the scene in time. "Joe receives the news, books an early trip home, "sends flowers to his wife "as he orders another Uber to the airport. "Over that 24 hours, "Joe and Jane used space system applications "for nearly every part of their day. "Imagine the consequences if at any point "they were somehow denied these services, "whether they be by natural causes or a foreign hostility. "In each of these satellite applications used in this case, "were initially developed for military purposes "and continued to be, but also have remarkable application "on our way of life, just many people just don't know that." So ladies and gentlemen, now you know, thanks to Chuck Beames. Well, the United States has a proud heritage of being the world's leading space-faring nation. Dating back to the Eisenhower and Kennedy years, today, we have mature and robust systems operating from space, providing overhead reconnaissance to "watch and listen," provide missile warning, communications, positioning, navigation, and timing from our GPS system, much of which you heard in Lieutenant General JT Thomson's earlier speech. These systems are not only integral to our national security, but also to our quality of life. As Chuck told us, we simply no longer can live without these systems as a nation and for that matter, as a world. But over the years, adversaries like China, Russia and other countries have come to realize the value of space systems and are aggressively playing catch up while also pursuing capabilities that will challenge our systems. As many of you know, in 2007, China demonstrated its ASAT system by actually shooting down one of its own satellites and has been aggressively developing counterspace systems to disrupt ours. So in a heavily congested space environment, our systems are now being contested like never before and will continue to be. Well, as a Bong mentioned, the United States have responded to these changing threats. In addition to adding ways to protect our system, the administration and the Congress recently created the United States Space Force and the operational United States Space Command, the latter of which you heard President Armstrong and other Californians hope is going to be located at Vandenberg Air Force Base. Combined with our intelligence community, today we have focused military and civilian leadership now in space, and that's a very, very good thing. Commensurately on the industry side, we did create the National Security Space Association, devoted solely to supporting the National Security Space Enterprise. We're based here in the DC area, but we have arms and legs across the country and we are loaded with extraordinary talent in scores of former government executives. So NSSA is joined at the hip with our government customers to serve and to support. We're busy with a multitude of activities underway, ranging from a number of thought-provoking policy papers, our recurring spacetime webcasts, supporting Congress's space power caucus, and other main serious efforts. Check us out at nssaspace.org. One of our strategic priorities and central to today's events is to actively promote and nurture the workforce development, just like Cal-Poly. We will work with our U.S. government customers, industry leaders, and academia to attract and recruit students to join the space world, whether in government or industry, and to assist in mentoring and training as their careers progress. On that point, we're delighted to be working with Cal Poly as we hopefully will undertake a new pilot program with them very soon. So students stay tuned, something I can tell you, space is really cool. While our nation's satellite systems are technical and complex, our nation's government and industry workforce is highly diverse, with a combination of engineers, physicists and mathematicians, but also with a large non-technical expertise as well. Think about how government gets these systems designed, manufactured, launching into orbit and operating. They do this via contracts with our aerospace industry, requiring talents across the board, from cost estimating, cost analysis, budgeting, procurement, legal, and many other support tasks that are integral to the mission. Many thousands of people work in the space workforce, tens of billions of dollars every year. This is really cool stuff and no matter what your education background, a great career to be part of. In summary, as Bong had mentioned as well, there's a great deal of exciting challenges ahead. We will see a new renaissance in space in the years ahead and in some cases it's already begun. Billionaires like Jeff Bezos, Elon Musk, Sir Richard Branson, are in the game, stimulating new ideas and business models. Other private investors and startup companies, space companies are now coming in from all angles. The exponential advancement of technology and micro electronics now allows a potential for a plethora of small sat systems to possibly replace older satellites, the size of a Greyhound bus. It's getting better by the day and central to this conference, cybersecurity is paramount to our nation's critical infrastructure in space. So once again, thanks very much and I look forward to the further conversation. >> Steve, thank you very much. Space is cool, it's relevant, but it's important as you pointed out in your awesome story about how it impacts our life every day so I really appreciate that great story I'm glad you took the time to share that. You forgot the part about the drone coming over in the crime scene and, you know, mapping it out for you, but we'll add that to the story later, great stuff. My first question is, let's get into the conversations, because I think this is super important. President Armstrong, I'd like you to talk about some of the points that was teased out by Bong and Steve. One in particular is the comment around how military research was important in developing all these capabilities, which is impacting all of our lives through that story. It was the military research that has enabled a generation and generation of value for consumers. This is kind of this workforce conversation, there are opportunities now with research and grants, and this is a funding of innovation that is highly accelerated, it's happening very quickly. Can you comment on how research and the partnerships to get that funding into the universities is critical? >> Yeah, I really appreciate that and appreciate the comments of my colleagues. And it really boils down to me to partnerships, public-private partnerships, you have mentioned Northrop Grumman, but we have partnerships with Lockheed Martin, Boeing, Raytheon, Space X, JPL, also member of an organization called Business Higher Education Forum, which brings together university presidents and CEOs of companies. There's been focused on cybersecurity and data science and I hope that we can spill into cybersecurity and space. But those partnerships in the past have really brought a lot forward. At Cal Poly, as mentioned, we've been involved with CubeSat, we've have some secure work, and we want to plan to do more of that in the future. Those partnerships are essential, not only for getting the R&D done, but also the students, the faculty, whether they're master's or undergraduate can be involved with that work, they get that real life experience, whether it's on campus or virtually now during COVID or at the location with the partner, whether it may be governmental or industry, and then they're even better equipped to hit the ground running. And of course we'd love to see more of our students graduate with clearance so that they could do some of that secure work as well. So these partnerships are absolutely critical and it's also in the context of trying to bring the best and the brightest in all demographics of California and the U.S. into this field, to really be successful. So these partnerships are essential and our goal is to grow them just like I know our other colleagues in the CSU and the UC are planning to do. >> You know, just as my age I've seen, I grew up in the eighties and in college and they're in that system's generation and the generation before me, they really kind of pioneered the space that spawned the computer revolution. I mean, you look at these key inflection points in our lives, they were really funded through these kinds of real deep research. Bong, talk about that because, you know, we're living in an age of cloud and Bezos was mentioned, Elon Musk, Sir Richard Branson, you got new ideas coming in from the outside, you have an accelerated clock now in terms of the innovation cycles and so you got to react differently, you guys have programs to go outside of the defense department, how important is this because the workforce that are in schools and/or folks re-skilling are out there and you've been on both sides of the table, so share your thoughts. >> No, thanks Johnny, thanks for the opportunity to respond to, and that's what, you know, you hit on the nose back in the 80's, R&D and space especially was dominated by government funding, contracts and so on, but things have changed as Steve pointed out, allow these commercial entities funded by billionaires are coming out of the woodwork, funding R&D so they're taking the lead, so what we can do within the DOD in government is truly take advantage of the work they've done. And since they're, you know, paving the way to new approaches and new way of doing things and I think we can certainly learn from that and leverage off of that, saves us money from an R&D standpoint, while benefiting from the product that they deliver. You know, within DOD, talking about workforce development, you know, we have prioritized and we have policies now to attract and retain the talent we need. I had the folks do some research and it looks like from a cybersecurity or workforce standpoint, a recent study done, I think last year in 2019, found that the cyber security workforce gap in U.S. is nearing half a million people, even though it is a growing industry. So the pipeline needs to be strengthened, getting people through, you know, starting young and through college, like Professor Armstrong indicated because we're going to need them to be in place, you know, in a period of about maybe a decade or so. On top of that, of course, is the continuing issue we have with the gap with STEM students. We can't afford not have expertise in place to support all the things we're doing within DoD, not only DoD but the commercial side as well, thank you. >> How's the gap get filled, I mean, this is, again, you've got cybersecurity, I mean, with space it's a whole other kind of surface area if you will, it's not really surface area, but it is an IOT device if you think about it, but it does have the same challenges, that's kind of current and progressive with cybersecurity. Where's the gap get filled, Steve or President Armstrong, I mean, how do you solve the problem and address this gap in the workforce? What are some solutions and what approaches do we need to put in place? >> Steve, go ahead., I'll follow up. >> Okay, thanks, I'll let you correct me. (laughter) It's a really good question, and the way I would approach it is to focus on it holistically and to acknowledge it upfront and it comes with our teaching, et cetera, across the board. And from an industry perspective, I mean, we see it, we've got to have secure systems in everything we do, and promoting this and getting students at early ages and mentoring them and throwing internships at them is so paramount to the whole cycle. And that's kind of, it really takes a focused attention and we continue to use the word focus from an NSSA perspective. We know the challenges that are out there. There are such talented people in the workforce, on the government side, but not nearly enough of them and likewise on the industry side, we could use more as well, but when you get down to it, you know, we can connect dots, you know, the aspects that Professor Armstrong talked about earlier to where you continue to work partnerships as much as you possibly can. We hope to be a part of that network, that ecosystem if you will, of taking common objectives and working together to kind of make these things happen and to bring the power, not just of one or two companies, but of our entire membership thereabout. >> President Armstrong-- >> Yeah, I would also add it again, it's back to the partnerships that I talked about earlier, one of our partners is high schools and schools Fortune, Margaret Fortune, who worked in a couple of administrations in California across party lines and education, their fifth graders all visit Cal Poly, and visit our learned-by-doing lab. And you've got to get students interested in STEM at an early age. We also need the partnerships, the scholarships, the financial aid, so the students can graduate with minimal to no debt to really hit the ground running and that's exacerbated and really stress now with this COVID induced recession. California supports higher education at a higher rate than most states in the nation, but that has brought this year for reasons all understand due to COVID. And so our partnerships, our creativity, and making sure that we help those that need the most help financially, that's really key because the gaps are huge. As my colleagues indicated, you know, half a million jobs and I need you to look at the students that are in the pipeline, we've got to enhance that. And the placement rates are amazing once the students get to a place like Cal Poly or some of our other amazing CSU and UC campuses, placement rates are like 94%. Many of our engineers, they have jobs lined up a year before they graduate. So it's just going to take a key partnerships working together and that continued partnership with government local, of course, our state, the CSU, and partners like we have here today, both Steve and Bong so partnerships is the thing. >> You know, that's a great point-- >> I could add, >> Okay go ahead. >> All right, you know, the collaboration with universities is one that we put on lot of emphasis here, and it may not be well known fact, but just an example of national security, the AUC is a national centers of academic excellence in cyber defense works with over 270 colleges and universities across the United States to educate and certify future cyber first responders as an example. So that's vibrant and healthy and something that we ought to take advantage of. >> Well, I got the brain trust here on this topic. I want to get your thoughts on this one point, 'cause I'd like to define, you know, what is a public-private partnership because the theme that's coming out of the symposium is the script has been flipped, it's a modern era, things are accelerated, you've got security, so you've got all of these things kind of happenning it's a modern approach and you're seeing a digital transformation play out all over the world in business and in the public sector. So what is a modern public-private partnership and what does it look like today because people are learning differently. COVID has pointed out, which is that we're seeing right now, how people, the progressions of knowledge and learning, truth, it's all changing. How do you guys view the modern version of public-private partnership and some examples and some proof points, can you guys share that? We'll start with you, Professor Armstrong. >> Yeah, as I indicated earlier, we've had, and I could give other examples, but Northrop Grumman, they helped us with a cyber lab many years ago that is maintained directly, the software, the connection outside it's its own unit so the students can learn to hack, they can learn to penetrate defenses and I know that that has already had some considerations of space, but that's a benefit to both parties. So a good public-private partnership has benefits to both entities and the common factor for universities with a lot of these partnerships is the talent. The talent that is needed, what we've been working on for years of, you know, the undergraduate or master's or PhD programs, but now it's also spilling into upskilling and reskilling, as jobs, you know, folks who are in jobs today that didn't exist two years, three years, five years ago, but it also spills into other aspects that can expand even more. We're very fortunate we have land, there's opportunities, we have ONE Tech project. We are expanding our tech park, I think we'll see opportunities for that and it'll be adjusted due to the virtual world that we're all learning more and more about it, which we were in before COVID. But I also think that that person to person is going to be important, I want to make sure that I'm driving across a bridge or that satellite's being launched by the engineer that's had at least some in person training to do that in that experience, especially as a first time freshman coming on campus, getting that experience, expanding it as an adult, and we're going to need those public-private partnerships in order to continue to fund those at a level that is at the excellence we need for these STEM and engineering fields. >> It's interesting people and technology can work together and these partnerships are the new way. Bongs too with reaction to the modern version of what a public successful private partnership looks like. >> If I could jump in John, I think, you know, historically DOD's had a high bar to overcome if you will, in terms of getting rapid... pulling in new companies, miss the fall if you will, and not rely heavily on the usual suspects, of vendors and the like, and I think the DOD has done a good job over the last couple of years of trying to reduce that burden and working with us, you know, the Air Force, I think they're pioneering this idea around pitch days, where companies come in, do a two-hour pitch and immediately notified of, you know, of an a award, without having to wait a long time to get feedback on the quality of the product and so on. So I think we're trying to do our best to strengthen that partnership with companies outside of the main group of people that we typically use. >> Steve, any reaction, any comment to add? >> Yeah, I would add a couple and these are very excellent thoughts. It's about taking a little gamble by coming out of your comfort zone, you know, the world that Bong and I, Bong lives in and I used to live in the past, has been quite structured. It's really about, we know what the threat is, we need to go fix it, we'll design as if as we go make it happen, we'll fly it. Life is so much more complicated than that and so it's really, to me, I mean, you take an example of the pitch days of Bong talks about, I think taking a gamble by attempting to just do a lot of pilot programs, work the trust factor between government folks and the industry folks and academia, because we are all in this together in a lot of ways. For example, I mean, we just sent a paper to the white house at their request about, you know, what would we do from a workforce development perspective and we hope to embellish on this over time once the initiative matures, but we have a piece of it for example, is a thing we call "clear for success," getting back to president Armstrong's comments so at a collegiate level, you know, high, high, high quality folks are in high demand. So why don't we put together a program that grabs kids in their underclass years, identifies folks that are interested in doing something like this, get them scholarships, have a job waiting for them that they're contracted for before they graduate, and when they graduate, they walk with an SCI clearance. We believe that can be done, so that's an example of ways in which public-private partnerships can happen to where you now have a talented kid ready to go on day one. We think those kinds of things can happen, it just gets back down to being focused on specific initiatives, giving them a chance and run as many pilot programs as you can, like pitch days. >> That's a great point, it's a good segue. Go ahead, President Armstrong. >> I just want to jump in and echo both the Bong and Steve's comments, but Steve that, you know, your point of, you know our graduates, we consider them ready day one, well they need to be ready day one and ready to go secure. We totally support that and love to follow up offline with you on that. That's exciting and needed, very much needed more of it, some of it's happening, but we certainly have been thinking a lot about that and making some plans. >> And that's a great example, a good segue. My next question is kind of re-imagining these workflows is kind of breaking down the old way and bringing in kind of the new way, accelerate all kinds of new things. There are creative ways to address this workforce issue and this is the next topic, how can we employ new creative solutions because let's face it, you know, it's not the days of get your engineering degree and go interview for a job and then get slotted in and get the intern, you know, the programs and you'd matriculate through the system. This is multiple disciplines, cybersecurity points at that. You could be smart in math and have a degree in anthropology and be one of the best cyber talents on the planet. So this is a new, new world, what are some creative approaches that's going to work for you? >> Alright, good job, one of the things, I think that's a challenge to us is, you know, somehow we got me working for, with the government, sexy right? You know, part of the challenge we have is attracting the right level of skill sets and personnel but, you know, we're competing, oftentimes, with the commercial side, the gaming industry as examples is a big deal. And those are the same talents we need to support a lot of the programs that we have in DOD. So somehow we have do a better job to Steve's point about making the work within DOD, within the government, something that they would be interested early on. So attract them early, you know, I could not talk about Cal Poly's challenge program that they were going to have in June inviting high school kids really excited about the whole idea of space and cyber security and so on. Those are some of the things that I think we have to do and continue to do over the course of the next several years. >> Awesome, any other creative approaches that you guys see working or might be an idea, or just to kind of stoke the ideation out there? Internships, obviously internships are known, but like, there's got to be new ways. >> Alright, I think you can take what Steve was talking about earlier, getting students in high school and aligning them sometimes at first internship, not just between the freshman and sophomore year, but before they enter Cal Poly per se and they're involved. So I think that's absolutely key, getting them involved in many other ways. We have an example of upskilling or work redevelopment here in the central coast, PG&E Diablo nuclear plant that is going to decommission in around 2024. And so we have a ongoing partnership to work and reposition those employees for the future. So that's, you know, engineering and beyond but think about that just in the manner that you were talking about. So the upskilling and reskilling, and I think that's where, you know, we were talking about that Purdue University, other California universities have been dealing with online programs before COVID, and now with COVID so many more Faculty were pushed into that area, there's going to be a much more going and talk about workforce development in upskilling and reskilling, the amount of training and education of our faculty across the country in virtual and delivery has been huge. So there's always a silver linings in the cloud. >> I want to get your guys' thoughts on one final question as we end the segment, and we've seen on the commercial side with cloud computing on these highly accelerated environments where, you know, SAS business model subscription, and that's on the business side, but one of the things that's clear in this trend is technology and people work together and technology augments the people components. So I'd love to get your thoughts as we look at a world now, we're living in COVID, and Cal Poly, you guys have remote learning right now, it's at the infancy, it's a whole new disruption, if you will, but also an opportunity enable new ways to encollaborate, So if you look at people and technology, can you guys share your view and vision on how communities can be developed, how these digital technologies and people can work together faster to get to the truth or make a discovery, hire, develop the workforce, these are opportunities, how do you guys view this new digital transformation? >> Well, I think there's huge opportunities and just what we're doing with this symposium, we're filming this on Monday and it's going to stream live and then the three of us, the four of us can participate and chat with participants while it's going on. That's amazing and I appreciate you, John, you bringing that to this symposium. I think there's more and more that we can do. From a Cal Poly perspective, with our pedagogy so, you know, linked to learn by doing in-person will always be important to us, but we see virtual, we see partnerships like this, can expand and enhance our ability and minimize the in-person time, decrease the time to degree, enhance graduation rate, eliminate opportunity gaps for students that don't have the same advantages. So I think the technological aspect of this is tremendous. Then on the upskilling and reskilling, where employees are all over, they can re be reached virtually, and then maybe they come to a location or really advanced technology allows them to get hands on virtually, or they come to that location and get it in a hybrid format. So I'm very excited about the future and what we can do, and it's going to be different with every university, with every partnership. It's one size does not fit all, There's so many possibilities, Bong, I can almost imagine that social network that has a verified, you know, secure clearance. I can jump in, and have a little cloak of secrecy and collaborate with the DOD possibly in the future. But these are the kind of crazy ideas that are needed, your thoughts on this whole digital transformation cross-pollination. >> I think technology is going to be revolutionary here, John, you know, we're focusing lately on what we call visual engineering to quicken the pace of the delivery capability to warfighter as an example, I think AI, Machine Language, all that's going to have a major play in how we operate in the future. We're embracing 5G technologies, and the ability for zero latency, more IOT, more automation of the supply chain, that sort of thing, I think the future ahead of us is very encouraging, I think it's going to do a lot for national defense, and certainly the security of the country. >> Steve, your final thoughts, space systems are systems, and they're connected to other systems that are connected to people, your thoughts on this digital transformation opportunity. >> Such a great question and such a fun, great challenge ahead of us. Echoing my colleagues sentiments, I would add to it, you know, a lot of this has, I think we should do some focusing on campaigning so that people can feel comfortable to include the Congress to do things a little bit differently. You know, we're not attuned to doing things fast, but the dramatic, you know, the way technology is just going like crazy right now, I think it ties back to, hoping to convince some of our senior leaders and what I call both sides of the Potomac river, that it's worth taking this gamble, we do need to take some of these things you know, in a very proactive way. And I'm very confident and excited and comfortable that this is going to be a great time ahead and all for the better. >> You know, I always think of myself when I talk about DC 'cause I'm not a lawyer and I'm not a political person, but I always say less lawyers, more techies than in Congress and Senate, so (laughter)I always get in trouble when I say that. Sorry, President Armstrong, go ahead. >> Yeah, no, just one other point and Steve's alluded to this and Bong did as well, I mean, we've got to be less risk averse in these partnerships, that doesn't mean reckless, but we have to be less risk averse. And also, as you talk about technology, I have to reflect on something that happened and you both talked a bit about Bill Britton and his impact on Cal Poly and what we're doing. But we were faced a few years ago of replacing traditional data, a data warehouse, data storage, data center and we partnered with AWS and thank goodness, we had that in progress and it enhanced our bandwidth on our campus before COVID hit, and with this partnership with the digital transformation hub, so there's a great example where we had that going. That's not something we could have started, "Oh COVID hit, let's flip that switch." And so we have to be proactive and we also have to not be risk-averse and do some things differently. That has really salvaged the experience for our students right now, as things are flowing well. We only have about 12% of our courses in person, those essential courses and I'm just grateful for those partnerships that I have talked about today. >> And it's a shining example of how being agile, continuous operations, these are themes that expand the space and the next workforce needs to be built. Gentlemen, thank you very much for sharing your insights, I know Bong, you're going to go into the defense side of space in your other sessions. Thank you gentlemen, for your time, for a great session, I appreciate it. >> Thank you. >> Thank you gentlemen. >> Thank you. >> Thank you. >> Thank you, thank you all. I'm John Furey with The Cube here in Palo Alto, California covering and hosting with Cal Poly, the Space and Cybersecurity Symposium 2020, thanks for watching. (bright atmospheric music)

>>from around the globe. It's the Cube with coverage of Coop Con and Cloud, Native Con Europe 2020 Virtual brought to You by Red Hat, The Cloud Native Computing Foundation and its ecosystem Partners. Hi, I'm stupid, man. And this is the Cube's coverage of Cube con Cloud Native Con Europe event, which, of course, this year has gone virtual, really lets us be able to talk to those guests where they are around the globe. Really happy to welcome back to the program. Liz Rice. First of all, she is the vice president of Open Source Engineering at Aqua Security. She's also the chair of the Technical Oversight Committee has part of Ah CN cf. Liz, it is great to see you. Unfortunately, it's remote, but ah, great to catch up with you. Thanks for joining. >>Yeah, Thanks for having me. Nice to see you if you know across the ocean. >>So, uh, you know, one of the one of the big things? Of course, for the Cube Con show. It's the rallying point for the community. There are so many people participating. One of the things we always love to highlight its not only the the vendor ecosystem. But there is a very robust, engaged community of end users that participate in it. And as I mentioned, you're the chair of that technology oversight committee. So maybe just give our audience a little bit of, you know, in case they're not familiar with the TOC does. And let's talk about the latest pieces there. >>Yes, say the TOC is really hit. C can qualify the different projects that want to join the CNC F. So we're assessing whether or not they're cloud native. We're assessing whether they could joined at sandbox or incubation or graduation levels. Which of the different maturity levels that we have for for project within the CN CF yeah, we're really there, Teoh also provide it steering around the What does cloud native mean and what does it mean to be a project inside the CN CF community? We're also a voice for all of the projects. We're not the only voice, but, you know, part >>of our role >>really is to make sure the projects are getting what they need in order to be successful. So it's it's really around the technology and the projects that we call cloud native >>Yeah, and and obliges Cloud Native because when people first heard of the show, of course, Kubernetes and Cube Con was the big discussion point. But as you said, Cloud native, there's a lot of projects there. I just glanced at the sandbox page and I think there's over 30 in the sandbox category on and you know they move along their process until they're, you know, fully mature and reach that, you know, 1.0 state, which is the stamp of approval that, you know, this could be used in production. I understand there's been some updates for the sandbox process, so help us understand you know where that is and what's the new piece of that? >>Yeah. So it's really been because of the growth off cloud native in general, the popularity off the CN CF and so much innovation happening in our space. So there's been so many projects who want Teoh become hard off the CNC f family on and we used to have a sponsorship model where members of the TOC would essentially back projects that they wanted to see joining at the sandbox level. But we ran into a number of issues with that process on and also dealing with the scale, the number of applications that have come in. So we've revamped the process. We made it much easier for projects to apply as much simpler form where really not making so much judgment we're really saying is it's a cloud native project and we have some requirements in terms off some governance features that we need from a project. And it's worth mentioning that when a project joins the CN CF, they are donating the intellectual property and the trademark off that project into the foundation. So it's not something that people should take lightly. But we have tried to make it easier and therefore much smoother. We're able Teoh assess the applications much more quickly, which I think everyone, the community, the projects, those of us on the TOC We're all pretty happy that we can make that a much faster process. >>Yeah, I actually, it brings up An interesting point is so you know, I've got a little bit of background in standards committees. A swell as I've been involved in open source for a couple of decades now some people don't understand. You know, when you talk about bringing a project under a foundation. You talked about things like trademarks and the like. There are more than one foundation out there for CN CF Falls under the Linux Foundation. Google, of course, brought Kubernetes in fully to be supported. There's been some rumblings I've heard for the last couple of years about SDO and K Native and I know about a month before the show there was some changes along SDO and what Google was doing there may be without trying to pass too many judgments in getting into some of the political arguments, help us understand. You know what Google did and you know where that kind of comparison the projects that sit in the CN cf themselves. >>Yeah, So I e I guess two years ago around two years ago, Stu was very much the new kid in the cloud native block. So much excitement about the project. And it was actually when I was a program co chair that we had a lot of talks about sdo at Cube Con cloud native bomb, particularly in Copenhagen, I'm recalling. And, uh, I think everyone I just saw a natural fit between that project on the CN, CF and There was an assumption from a lot of people across the community that it would eventually become part of the CNC f. That was it's natural home. And one of the things that we saw in recent weeks was a very clear statement from IBM, who were one off the Uh huh, yeah, big contributing companies towards that project that that was also their expectation. They were very much under the impression that Stu would be donated to the CN CF at an appropriate point of maturity, and unfortunately, that didn't happen. From my point of view, I think that has sown a lot of confusion amongst the community because we've seen so much. It's very much a project of fits. Service mesh designed to work with kubernetes is it really does. You're fit naturally in with the other CN CF projects. So it's created confusion for end users who, many of whom assume that it was called the CN CF, and that it has the neutral governance that the other projects. It's part of the requirements that we have on those projects. They have to have an open governance that they're not controlled by a single vendor, Uh, and we've seen that you know that confusion, Andi. Frustration around that confusion being expressed by more and more end users as well as other people across the community. And yeah, the door is still open, you know, we would still love to see SDO join the community. Clearly there are different opinions within the SD wan maintainers. I will have to see what happens. >>Yeah, lets you bring up some really good points. You know, absolutely some of some of that confusion out there. Absolutely. I've heard from customers that if they're making a decision point, they might say, Hey, maybe I'm not going to go down that maybe choose something else because I'm concerned about that. Um, you know, I sdo front and center k native, another project currently under Google that has, you know, a number of other big vendors in the community that aiding in that So hopefully we will see some progress on that, you know, going forward. But, you know, back to you talked about, You know, the TOC doesn't make judgements as to you know which project and how they are. One of the really nice things out there in the CN CF, it's like the landscape just for you to help, understand? Okay, here's all of these projects. Here's the different categories they fit in. Here is where they are along that maturity. There's another tool that I read. Cheryl Hung blogged about the technology radar. I believe for continuous delivery is the first technology radar. Help us understand how that is, you know, not telling customers what to do but giving them a little guidance that you know where some of these projects projects fit. In a certain segment, >>Yeah, the technology radar is a really great initiative. I'm really excited about it because we have increasing numbers or end users who are using these different projects it both inside the CN CF and projects that are outside of the CNC F family. Your end users are building stacks. They're solving real problems in the real world and with the technology radar. What Cheryl's been able to facilitate is having the end you to the end user community share with us. What tools? They're actually using what they actually believe are the right hammers for specific nails. And, you know, it's it's one thing for us as it's more on the developer or vendor side Teoh look at different projects and say what we think are the better solutions for solving different problems. Actually hearing from the horse's mouth from the end users who are doing it in the real world is super valuable. And I think that is a really useful input to help us understand. What are the problems that the end user is still a challenge by what are the gaps that we still need to fail more input we can get from the end user community, the more will be solving real problems and no necessarily academic problems that we haven't sorry discovered in >>the real world. Alright, well is, you know, teeing up a discussion about challenges that users still have in the world. If we go to your primary jobs, Main hat is you live in the security world and you know, we know security is still something, you know, front and center. It is something that has never done lots of discussion about the shared responsibility model and how cloud native in security fit together and all that. So maybe I know there's some new projects there, but love to just give me a snap shot as where we are in the security space. As I said, Overall, it's been, you know, super important topic for years. This year, with a global pandemic going on, security seems to be raised even more. We've seen a couple of acquisitions in the space, of course. Aqua Security helping customers along their security journey. So what do you seeing out there in the marketplace today and hear from your custom? >>Yeah, I Every business this year has, you know, look at what's going on and you know, it's been crazy time for everyone, but we've been pleasantly surprised at how, you know, in relative terms, our business has been able to. It's been strong, you know. And I think you know what you're touching on the fact that people are working remotely. People are doing so many things online. Security is evermore online. Cloud security's evermore part off what people need to pay attention to. We're doing more and more business online. So, actually, for those of us in the security business, it has bean, you know that there have been some silver linings to this this pandemic cloud? Um, yes. So many times in technology. The open source projects and in particularly defaults in kubernetes. Things are improving its long Bina thing that I've you know, I wished for and talked about that. You know, some of the default settings has always been the most secure they could be. We've seen a lot of improvements over the last 23 years we're seeing continuing to see innovation in the open source world as well as you know, on the commercial side and products that vendors like Akwa, you know, we continue to innovate, continue to write you ways for customers to validate that the application workloads that they're going to run are going to run securely in the cloud. >>Alright and lives. There's a new project that I know. Ah, you know, you Aqua are participating in Tell us a little bit about Starbird. You know what's what's the problem? It's helping solve and you know where that budget >>Yes, So stockholders, one of our open source initiatives coming out of my team are equal on, and the idea is to take security reporting information and turn it into a kubernetes native, uh, resources custom resources. And then that means the security information, your current security status could be queried over the kubernetes AP I, as you're querying the status or the deployment, say you can also be clearing to see whether it's passing configuration audits or it's passing vulnerability scans for the application containers inside that deployment. So that information is available through the same AP eyes through the queue control interface through dashboards like Octane, which is a nice dashboard viewer for kubernetes. And starboard brings security information not just from acquittals but from other vendor tools as well front and center into that kubernetes experience. So I'm really excited about Star Border. It's gonna be a great way of getting security visibility, Teoh more kubernetes use it >>all right. And we were talking earlier about just the maturity of projects and how they get into the sandbox. Is is this still pretty sandbox for >>this? OK, we're still very much in the early phases and you know it. I think in the open source world, we have the ability to share what we're doing early so that we can get feedback. We can see how it resonates with with real users. We've had some great feedback from partners that we've worked with and some actual customers who actually collaborated with When we're going through the initial design, some great feedback. There's still lots of work to do. But, yeah, the initial feedback has been really positive. >>Yeah, is usually the event is one of those places where you can help try toe, recruit some other people that might have tools as well as educate customers about what's going on. So is that part of the call to action on this is, you know, what are you looking for for kind of the rest of 2020 when it when it comes to this project? >>Yeah, absolutely. So internally, we're working on an operator which will automate some of the work that's double does in the background in terms off getting more collaboration. We would love to see integrations from or security tooling. We're talking with some people across the community about the resource definition, so we've come up with some custom resource definitions, but we'd love them to be applicable it to a variety of different tools. So we want to get feedback on on those definitions of people are interested in collaborating on that absolutely do come and talk to me and my team are reluctant. >>Great. Listen, and I'll give you the final word. Obviously, we're getting the community together while we're part So you know any other you know, engagement opportunities, you get togethers. Things that you want people to know about the European show this year. >>Well, it's gonna be really you know, I'm on tenterhooks to see whether or not we can recreate the same atmosphere as we would have in Q con. I mean, it won't be exactly the same, but I really hope that people will engage online. Do come and, you know, ask questions of the speakers. Come and talk to the vendors, get into slack channels with the community. You know, this is an opportunity to pretend we're in the same room. Let's let's let's do what we can Teoh recreate as close as we can. That community experience that you keep corn is famous for >>Yeah, absolutely. That whole way track is something that is super challenging to recreate. And there's no way that I am getting the Indonesian food that I was so looking forward to in Amsterdam just such a great culinary and cultural city. So hopefully sometime in the future will be able to be back there. Liz Rice. Always pleasure catching up with you. Thanks so much for all the work you're doing on the TOC. And always a pleasure talking to you. >>Thanks for having me. >>All right, Lots more coverage from Cube Con Cloud, Native con the European 2020 show, Of course. Virtual I'm stew minimum. And thank you for watching the Cube. Yeah, yeah, yeah, yeah.

[Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] you [Music] [Applause] [Music] live from Barcelona Spain it's the cube covering Cisco live 2020 rot to you by Cisco and its ecosystem partners come back this is the cubes coverage of Cisco live 2020 here in Barcelona doing about three and a half days of wall-to-wall coverage here I'm Stu minim and my co-host for this segment is Dave Volante John furs also here scouring the floor and really happy to welcome to the program to first-time guests I believe so Ron Daris is the product manager of product marketing for cloud computing with Cisco and sitting to his left is Matt Ferguson who's director of product development also with the Cisco cloud group Dave and I are from Boston Matt is also from the Boston area yes and Costas is coming over from London so thanks so much for joining us thanks IBPS all right so obviously cloud computing something we've been talking about many years we've really found fascinating the relationship Cisco's had with its customers as well as through the partner ecosystem had many good discussions about some of the announcements this week maybe start a little bit you know Cisco's software journey and you know positioning in this cloud space right now yes oh so it's a it's a really interesting dynamic when we start transitioning to multi cloud and we actually deal with cloud and compute coming together and we've had whether you're looking at the infrastructure ops organization or whether you're looking at the apps operations or whether you're looking at you know your dev environment your security operations each organization has to deal with their angle at which they view you know multi cloud or they view how they actually operate within those the cloud computing context and so whether you're on the infrastructure side you're looking at compute you're looking at storage you're looking at resources if you're an app operator you're looking at performance you're looking at visibility assurance if you are in the security operations you're looking at maybe governance you're looking at policy and then when you're a developer you really sort of thinking about CI CD you're talking about agility and there's very few organizations like Cisco that actually is looking at from a product perspective all those various angles of multi-cloud yeah definitely a lot of piece of cost us maybe up level it for us a little bit there's there's so many pieces you know we talked for so long you know you don't talk to any company that doesn't have a cloud strategy doesn't mean that it's not going to change over time and it means every company's got at home positioning but talk about the relationship cisco has with its customer and really the advisory position that you want to have with them it's actually a very relevant question to what to what Matt is talking about because we talk a lot about multi cloud as a trend and hybrid clouds and this kind of relationship between the traditional view of looking at computing data centers and then expanding to different clouds you know public cloud providers have now amazing platform capabilities and if you think about it the the it goes back to what Matt said about IT ops and the development kind of efforts why is this happening really you know there's there's the study that we did with with an analyst and there was an amazing a shocking stat around how within the next three years organizations will have to support 50% more applications than they do now and we have been trying to test this stat our events that made customer meetings etc that is a lot of a lot of change for organizations so if you think about why are they use why do they need to basically what go and expand to those clouds is because they want to service IT Ops teams want ER servers with capabilities their developers faster right and this is where you have within the IT ops kind of theme organization you have the security kind of frame the compute frame the networking where you know Cisco has a traditional footprint how do you blend all this how do you bring all this together in a linear way to support individual unique application modernization efforts I think that's what are we hearing from customers in terms of the feedback and this is what influences our strategy to converts the different business units and engineering engineering efforts right couple years ago I have to admit I was kind of a multi cloud skeptic I always said I thought it was more of a symptom than actually a strategy a symptom of you know shadow IT and different workloads and so forth but now I'm kind of buying in because I think IT in particular has been brought in to clean up the crime scene I often say so I think it is becoming a strategy so if you could help us understand what you're hearing from customers in terms of their strategy toward the multi cloud and how Cisco that was mapping into that yeah so so when we talk to customers it comes back to the angle at which they're approaching the problem in like you said the shadow IT has been probably around for longer than anybody won't cares to admit because the people want to move faster organizations want to get their product out to market sooner and and so what what really is we're having conversations now about you know how do I get the visibility how do I get you know the policies and the governance so that I can actually understand either how much I'm spending in the cloud or whether I'm getting the actual performance that I'm looking for that I need the connectivity so I get the bandwidth and so these are the kinds of conversations that we have with customers is is is going I realize that this is going on now I actually have to now put some you know governance and controls around that is their products is their solutions is their you know they're looking to Cisco to help them through this journey because it is a journey because as much as we talk about cloud and you know companies that were born in the cloud cloud native there is a tremendous number of IT organizations that are just starting that journey that are just entering into this phase where they have to solve these problems yeah I agree and it's just starting the journey with a deliberate strategy as opposed to okay we got this this thing but if you think about the competitive landscape its kind of interesting and I want to try to understand where Cisco fits because again you you initially had companies that didn't know in a public cloud sort of pushing multi cloud and you'd say oh well okay so they have to do that but now you see anthos come out with Google you see Microsoft leaning in we think eventually AWS is going to lean in and then you say I'm kind of interested in working with someone whose cloud agnostic not trying to force now now Cisco a few years ago you didn't really think about Cisco as a player now so this goes right in the middle I have said often that Cisco's in a great position John Fourier as well to connect businesses and from a source of networking strength making a strong argument that we have the most cost-effective most secure highest performance network to connect clouds that seems to be a pretty fundamental strength of yours and does that essentially summarize your strategy and and how does that map into the actions that you're taking in terms of products and services that you're bringing to market I would say that I can I can I can take that ya know it's a chewy question for hours yeah so I I was thinking about a satellite in you mentioned this before and you're like okay that's you know the world is turning around completely because we we seem to talk about satellite e is something bad happening and now suddenly we completely forgot about it like let let free free up the developers gonna let them do whatever they want and basically that is what I think is happening out there in the market so all the solutions you mentioned in the go to market approaches and the architectures that the public cloud providers at least are offering out there certainly the big three have differences have their strengths and I think those strengths are closer to the developer environment basically you know if you're looking into something like a IML there's one provider that you go with if you're looking for a mobile development framework you're gonna go somewhere else if you're looking for a dr you're gonna go somewhere else maybe not a big cloud but your service provider that you've been dealing with all these all these times and you know that they have their accreditation that you're looking for so where does Cisco come in you know we're not a public cloud provider we offer products as a service from our data centers and our partners data centers but at the - at the way that the industry sees a cloud provider a public cloud like AWS a sure Google Oracle IBM etc we're not that we don't do that our mission is to enable organizations with software hardware products SAS products to be able to facilitate their connectivity security visibility observability and in doing business and in leveraging the best benefits from those clouds so we we kind of we kind of moved to a point where we flip around the question and the first question is who is your cloud provider what how many tell us the clouds you work with and we can give you the modular pieces you can put we can put together for you so there's so that you can make the best out of your plan it's been being able to do that across clouds we're in an environment that is consistent with policies that are consistent that represent the edicts of your organization no matter where your data lives that's sort of the the vision in the way this is translated into products into Cisco's product you naturally think about Cisco as the connectivity provider networking that's that's really sort of our you know go to in what we're also when we have a significant computing portfolio as well so connectivity is not only the connectivity of the actual wire between geographies point A to point B in the natural routing and switching world there's connectivity between applications between cute and so this week you know the announcements were significant in that space when you talk about the compute and the cloud coming together on a single platform that gives you not only the ability to look at your applications from a experience journey map so you can actually know where the problems might occur in the application domain you can actually then go that next level down into the infrastructure level and you can say okay maybe I'm running out of some sort of resource whether it's compute resource whether it's memory whether it's on your private cloud that you have enabled on Prem or whether it's in the public cloud that you have that application residing and then why candidly you have the actual hardware itself so inter-site it has an ability to control that entire stack so you can have that visibility all the way down to the hardware layer I'm glad you brought up some of the applications wonderful we can you know stay there for a moment and talk about some of the changing patterns for customers a lot of talk in the industry about cloud native often it gets conflated with you know microservices containerization and lots of the individual pieces there but you know one of our favorite things that been talked about this week is the software that really sits at the application layer and how that connects down through some of the infrastructure pieces so help us understand what you're hearing from customers and and where how you're helping them through this transition to constants as you were saying absolutely there's going to be lots of new applications more applications and they still have the the old stuff that they need to continue to manage because we know an IT nothing ever goes away that's that's definitely true I was I was thinking you know there's there's a vacuum at the moment and and there's things that Cisco is doing from from technology leadership perspective to fill that gap between the application what do you see when it comes to monitoring making sure your services are observable and how does that fit within the infrastructure stack you know everything upwards network the network layer base again that is changing dramatically some of the things that Matt touched upon with regards to you know being able to connect the the networking the security in the infrastructure the computer infrastructure that the developers basically are deploying on top so there's a lot of there's a lot of things on containerization there's a lot of in fact it's you know one part of the of the self-injure side of the stack that you mentioned and one of the big announcements you know that there's a lot of discussion in the industry around ok how does that abstract further the conversation on networking for example because that now what we're seeing is that you have huge monoliths enterprise applications that are being carved down into micro services ok they you know there's a big misunderstanding around what is cloud native is it related to containers different kind of things right but containers are naturally the infrastructure de facto currency for developers to deploy because of many many benefits but then what happens you know between the kubernetes layer which seems to be the standard and the application who's gonna be managing services talking to each other that are multiplying you know things like service mesh network service mess how is the network evolving to be able to create this immutable infrastructure for developers to deploy applications so there's so many things happening at the same time where cisco has actually a lot of taking a lot of the front seat this is where it gets really interesting you know it's sort of hard to squint through because you mentioned kubernetes is the de facto standard but it's a de-facto standard that's open everybody's playing with but historically this industry has been defined by you know a leader who comes out with a de facto standard kubernetes not a company right it's an open standard and so but there's so many other components than containers and so history would suggest that there's going to be another de facto standard or multiple standards that emerge and your point earlier is you you got to have the full stack you can't just do networking you can't just do certain few so you guys are attacking that whole pie so how do you think this thing will evolve I mean you guys are obviously intend to put out as Casta as wide a net as possible capture not only your existing install base but attractive attract others and you're going aggressively at it as are as are others how do you see it shaking out deep do you see you know four or five pockets do you see you know one leader emerging I mean customers would love all you guys to get together come up with standards that's not going to happen so we're it's jump ball right now well yeah and you think about you know to your point regarding kubernetes is not a company right it is it is a community driven I mean it was open source by a large company but it's but it's community driven now and that's the pace at which open source is sort of evolving there is so much coming at IT organizations from a new paradigm a new software something that's you know the new the shiny object that sort of everybody sort of has to jump on to and sort of say that is the way we're going to function so IT organizations have to struggle with this influx of just every coming at them and every angle and I think what's starting to happen is the management and the you know that stack who controls that or who is helping IT organizations to manage it for them so really what we're trying to say is there's elements that you have to put together that have to function and kubernetes is just one example docker the operating system that associated with it that runs all that stuff then you have the application that goes rides IDEs on top of it so now what we have to have is things like what we just announced this week HX ap the application platform for HX so you have the compute cluster but then you have the on top of that that's managed by an organization that's looking at the security that's looking at the the actual making opinions about what should go in the stock and managing that for you so you don't have to deal with that because you can just focus on the application development yeah I mean Cisco's in a strong position to do there's no question about it and to me it comes down to execution if you guys execute and deliver on the the products and services that you say you know your nouns for instance this week and previously and you continue on a roadmap you're gonna get a fair share of this marketplace I think there's no question so last topic before we let you go is love your viewpoint on customers what's separating kind of leaders from you know the followers in this space you know there's so much data out there you know I'm a big fan of the state of DevOps report yeah focus you know separate you know some but not the not here's the technology or the piece but the organizational and you know dynamics that you should do so it sounds like Matt you you like that that report also love them what are you hearing from customers how do you help guide them towards becoming leaders in the cloud space yeah the state of DevOps report was fascinating and I mean they've been doing that for what a number of years yeah exactly and really what it's sort of highlighting is two main factors that I think that are in this revolution or this this this paradigm shift or journey we're going through there's the technology side for sure and so that's getting more complex you have micro services you have application explosion you have a lot of things that are occurring just in technology that you're trying to keep up but then it's really about the human aspect that human elements the people about it and that's really I think what separates you know the the elites that are really sort of you know just charging forward in the head because they've been able to sort of break down the silos because really what you're talking about in cloud native DevOps is how you take the journey of that experience of the service from end to end from the development all the way to production and how do you actually sort of not have organizations that look at their domain their data set their operations and then have to translate that or have to sort of you know have another conversation with another organization that it doesn't look at that that has no experience of that so that is what we're talking about that end-to-end view is that in addition to all the things we've been talking about I think Security's a linchpin here now you guys are executing on security you got a big portfolio and you've seen a lot of M&A and a lot of companies now trying to get in and it's gonna be interesting to see how that plays out but that's going to be a key because organizations are going to start there from a strategy standpoint and then build out yeah absolutely if you follow the DevOps methodology its security gets baked in along the way so that you're not having to sit on after do anything Custis give you the final word I was just as follow-up with regard what what Mark was saying there's so many there's what's happening out there is this just democracy around standards which is driven by communities and we will love that in fact cisco is involved in many open-source community projects but you asked about customers and and just right before you were asking about you know who's gonna be the winner there's so many use cases there's so much depth in terms of you know what customers want to do with on top of kubernetes you know take AI ml for example something that we have we have some some offering the services around there's the customer that wants to do AML there their containers that their infrastructure will be so much different to someone else's doing something just hosting yeah and there's always gonna be a SAS provider that is niche servicing some oil and gas company you know which means that the company of that industry will go and follow that instead of just going to a public law provider that is more organized if there's a does that make sense yeah yeah this there's relationships that exist the archer is gonna get blown away that add value today and they're not gonna just throw them out so exactly right well thank you so much for helping us understand the updates where your customers are driving super exciting space look forward to keeping an eye on it thank you thank you so much all right there's still lots more coming here from Cisco live 20/20 in Barcelona people are standing watching all the developer events lots of going on the floor and we still have more so thank you for watching the cute [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] you [Music] live from Barcelona Spain it's the cube covering Cisco live 2020 rot to you by Cisco and its ecosystem partners welcome back over 17,000 in attendance here for Cisco live 2020 in Barcelona ops to Minh and my co-host is Dave Volante and to help us to dig into of course one of the most important topic of the day of course that security we're thrilled to have back a distinguished engineer Francisco one of our cube alumni TK Kia Nene TK thanks so much for joining us ideal man good good all right so TK it's 2020 it's a new decade we know the bad actors are still out there they're there the the question always is you know it used to be you know how do you keep ahead of them then I've here Dave say many times well you know it's not you know when it's it's not if it's when you know you probably already have been okay you know compromised before so it gives latest so you know what you're seeing out there what you're talking to customers about in this important space yeah it's uh it's kind of an innovation spiral you know we we innovate we make it harder for them and then they innovate they make it harder for us right and round and round we go that's been going on for for many years I think I think the most significant changes that have happened recently have to deal with not essentially their objectives but how they go about their objectives and Defenders topologies have changed greatly instead of just your standard enterprise you now have you know hybrid multi cloud and all these new technologies so while while all that innovation happens you know they get a little clever and they find weaknesses and round and round we go so we talked a lot about the sort of changing profile of the the threat actors going from hacktivists took criminals now is a huge business and nation-states even what's that profile look like today and how has that changed over the last decade or so you know that's pretty much stayed the same bad guys are bad guys at some point in time you know just how how they go about their business their techniques they're having to like I said innovate around you know we make it harder for them they you know on Monday we're safe on Tuesday we're not you know and then on Wednesday it switches again so so it talked about kind of this multi-cloud environment when we talk to customers it's like well I want the developer to be able to build their application and not really have to think too much underneath it that that has to have some unique challenges we know security we knew long ago well I just go to the cloud it doesn't mean they take care of it some things are there some things they're gonna remind you now you need to make sure you set certain things otherwise you could be there but how do we make sure that Security's baked in everywhere and is up as a practice that everybody's doing well I mean again some of the practices hold true no matter what the environment I think the big thing was cognitive is in back in the day when when you looked at an old legacy data center you were part sort of administrator in your part detective and most people don't even know what's running on there that's not true in cloud native environments some some llamó file some some declaration it's it's just exactly what productions should look like right and then the machines instantiate production so you're doing things that machine scale forces the human scale people to be explicit and and for me I mean that's that's a breath of fresh air because once you're explicit then you take the mystery out of what you're protecting how about in terms of how you detect threats right phishing for credentials has become a huge deal but not just you know kicking down the door or smashing a window using your your own credentials to get inside of your network so how is that affected the way in which you detect yeah it's it's a big deal you know a lot of a lot of great technology has a dual use and what I mean by that is network cryptology you know that that whole crypto on the network has made us safer for us to compute over insecure networks and unfortunately it works just as well for the bad guys so you know all of their malicious activity is now private to so it you know for us we just have to invent new ways of detecting direct inspection for instance I think it's a thing of the past I mean we just can't depend on it anymore we have to have tools of inference and not only that but it's it's gave rise in a lot of innovation on behavioral science and as you say you know it's it's not that the attacker is breaking into your network anymore they're logging in ok what do you do then right Alice Alice's account it's not gonna set off the triggers so you have to say you know when did Alice start to behave differently you know she's working in accounting why is she playing around with the source code repository that's that's a different thing right yes automation is such a big trend you know how do we make sure that automation doesn't leave us more vulnerable that's rarity because we need to be able automate we've gone beyond human scale for most of these configurations that's exactly right and and how do how do we I always say just with security automation in particular just because you can automate something doesn't mean you should and you really have to go back and have practices you know you could argue that that this thing is just a you know machine scale automation you could do math on a legal pad or you can use a computer to do it right what so apply that to production if you mechanized something like order entry or whatever you're you're you're automating part of your business use threat modeling you use the standard threaten modeling like you would your code the network is code now right and the storage is code and everything is code so you know just automate your testing do your threat modeling do all that stuff please do not automate for your attacker matrix is here I want to go back to the Alice problem because you're talking about before you have to use inference so Alice's is in the network and you're observing her moves every day and then okay something anomalous occurs maybe she's doing something that normally she wouldn't do so you've got to have her profile in her actions sort of observed documented stored the data has got to be there and at the same time you want to make sure it's always that balance of putting handcuffs on people you know versus allowing them to do their job and be productive at the same time as well you don't want to let the bad guys know that you know that alice is doing something that she didn't be doing is actually not Alice so all that complexity how are you dealing with it and what's the data model look like doing it machines help let's say that machines can help us you know you and I we have only so many sense organs and the cognitive brain can only store so many so much state machines really help us extend that and so you know looking at not three dimensions of change but 7000 dimensions have changed right something in the machine is going to say there's an outlier here that's interesting and you can get another machine to say that's that's interesting maybe I should focus on that and you build these analytical pipelines so that at the end of it you know they may argue with each other all the way to the end but at the end you have a very high fidelity indicator that might be at the protocol level it might be at the behavioral level it might be seven days back or thirty days back all these temporal and spatial dimensions it's really cheap to do it with a machine yeah and if we could stay on that for a second so it try to understand I know that's a high-level example but is it best practice to have the Machine take action or is it is it an augmentation and I know it depends on the use case but but how is that sort of playing out again you have to do all of this safely okay a lot of things that machines do don't return back to human scale stuff that returns back to human scale that humans understand that is as useful so for instance if machines you know find out all these types of in assertions even in medical you know right now if if you've got so much telemetry going into the medical field see the machine tells you you have three weeks to live I mean you better explain what the heck you know how you came about that assertion it's the same with security you know if I'm gonna say look we're gonna quarantine your machine or we're gonna readjust machine it's not I'm not like picking movies for you or the next song you might listen to this is high stakes and so when you do things like that your analytics needs to have what is called entailment you have to explain what it is how you got to that assertion that's become incredibly important in how we measure our effectiveness in in doing analytics that's interesting because because you're using a lot of machine intelligence to do this and in a lot of AI is blackbox you're saying you cannot endure that blackbox problem in security yeah that black boxes is is very dangerous you know I you know personally I feel that you know things that should be open sourced this type of technology it's so advanced that the developer needs to understand that the tester needs to understand that certainly the customer needs to understand it you need to publish papers and be very very transparent with this domain because if it is in fact you know black box and it's given the authority to automate something like you know shut down the power or do things like that that's when things really start to get dangerous so good TK what wondered you know give us the latest on stealthWatch there you know Cisco's positioning when it when it comes to everything we've been talking about here you know stealthWatch again is it's been in market for quite some time it's actually been in market since 2001 and when I when I look back and see how much has changed you know how we've had to keep up with the market and again it's not just the algorithms rewrite for detection it's the environments have changed right but when did when did multi-cloud happen so so operating again cusp it's not that stealthWatch wants to go their customers are going there and they want the stealthWatch function across their digital business and so you know we've had to make advancements on the changing topology we've had to make advancements because of things like dark data you know the the network's opaque now right we have to have a lot of inference so we've just you know kept up and stayed ahead of it you know we've been spending a lot of time talking to developer communities and there's a lot of open-source tooling out there that that's helping enable developers specifically in security space you were talking about open-source earlier how does what you've been doing the self watch intersect with that yeah that's always interesting too because there's been sort of a shift in let's call them the cool kids right the cool kids they want everything is code right so it's not about what's on glass or you know a single pane of glass anymore it's it's what stealth watches code right what's your router as code look at dev net right yeah yeah I mean definite is basically Cisco as code and it's beautiful because that is infrastructure as code I mean that is the future and so all the products not just stealthWatch have beautiful api's and that's that's really exciting I've been saying for a while now it's do you I think you agree is that that is a big differentiator for Cisco I think you you're one of the few if not the only large established player and the enterprise that has figured out that sort of infrastructure is code play others have tried and are sort of getting there but you know start/stop you use a term that really cool is like living off the land you know bear bear grylls like the guy who lives down so bad so and and and threat actors are doing that now they're using your own installed software and tooling to hack you and and steal from you how were you dealing with that problem yeah it's a tough one and like I said you know much respect the the adversary is talented and they're patient they're well funded okay that's that's where it starts and so you know why why bring why bring an interpreter to a host when there's already one there right why right all this complicated software distribution when I can just use yours and so that's that's where the the play the game starts and and the most advanced threats aren't leaving footprints because the footprints are already there you know they'll get on a machine and behaviorally they'll check the cache to see what's hot and what's hot in the cache means that behaviorally it's a path they can go they're not cutting a new trail most of the time right so living off the land is not only the tools that they're using the automation your automation they're using against you but it's also behavioral and so that that makes it you know it makes it harder it's it impossible no can we make it harder for them yes so yeah no I'm having fun and I've been doing this for over twenty five years every week it's something new well it's a hard problem you're attacking and you know Robert Herjavec who came on the cube sort of opened my eyes and you think about what are we securing we're securing everything I mean a critical infrastructure were essentially exerted securing the entire global economy and he said something that really struck me it's an 86 trillion dollar economy we spend point zero one four percent on securing that economy and it's nothing now of course he's an entrepreneur and he's pimping for his is his business but it's true we are barely scratching the surface of this problem yeah I'm and it's changing I mean it's changing it could it be better yes it is changing his board awareness you know twenty years ago then right me to a dinner party they you know what does your husband do I'd say you know cyber security or something they'd roll their eyes and change the subject now they asked me the same question so oh you know my computer's running really slow right these are not this is everyone I'm worried about a life hack yeah how do I protect myself or what about these coming off the bank I mean that's those guys a dinner table cover every party so now now you know I just make something up I don't do cybersecurity I just you know a tort or a jipner's you've been to this business forever I can't remember have I ever asked you the superhero question what is that your favorite superhero that's a tough one there's all the security guys I know they like it's always dreamed about saving the world [Laughter] you're my superhero man I love what you do I think you've a great asset for Cisco and Cisco's customers really thanks TK give us a final word if people want to you know find out more about about what Cisco's doing read more of what you're working on but what's some of the best resource I have to go do you know just drop by the web pages I mean everything's published out that like I said even even for the super nerdy you know we published all our our laurs security analytics papers I think we're over 50 papers published in the last 12 years TK thank you so much always a pleasure to catch alright yeah and a travels thank you so much for de Villante I'm Stu Mittleman John furrier is also in the house we will be back with lots more coverage here from Cisco live 20/20 in Barcelona thanks for watching the keys [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] live from Barcelona Spain it's the cube covering Cisco live 2020s brought to you by Cisco and its ecosystem partners hello and welcome back to the cubes live coverage it's our fourth day of four days of coverage here in Barcelona Spain for Cisco live 2020 I'm John Faria my co-host to many men to great guests here in the dev net studio where the cube is sitting all week long been packed with action mindy Whaley senior director developer experiences but dev net and partner a senior director welcome back to this cube good to see you guys glad to be here so we've had a lot of history with you guys what from day one yes watching def net from an idea of hey we should develop earthing you also have definite create yes separate more developer focused definite is Cisco's developer environment we've been here from the beginning what a progression congratulations on the success thank you thank you so much it's great to be here in Barcelona with everybody here you know learning in the workshops and we just love these times to connect with our community at Cisco live and it definitely ate what you mentioned which is coming up in March so it's right around the corner def net zone which we're in it's been really robust spins it's been the top of the show every year and it gets bigger and the sessions are packed because people are learning developers new developers as well as Cisco engineers who were certified coming in getting new skills as the modern cloud hybrid environments are new skills is a technology shift yeah exactly and what we have in the definite zone are different ways that the engineers and developers can engage with that technology shift so we have demos around IOT and security and showing how you know to prevent threats from attacking the Industrial routers and things like that we have coding workshops from you know beginning intro to Python intro to get all the way up through advanced like kubernetes topics and things like that so people can really dive in with what they're looking for and this year we're really excited because we have the new definite certifications with those exams coming out right around the corner in February so a lot of people are here saying I'm ready to skill up for those exams I'm starting to dive into this topic well Susie we was on she's the chief of deaf net among other things and she said there's gonna be a definite 500 the first 500 certifications of deaf net are gonna be kind of like the Hall of Fame or you know the inaugural or founder certifications so can you explain what this it means it's not a definite certification badge it's a series of write different sir can you deeper in then yeah just like we have our you know existing network certifications which are so respected and loved around the world people get CCIE tattoos and things just like there's an associate and professional and expert level on the networking truck there's now a definite associate a definite professional and coming soon definite expert and then there's also specialist badges which help you add specific skills like data center automation IOT WebEx so it's a whole new set of certifications that are more focused on the software so there are about 80 80 % software skills 20 percent knowledge of networking and then how you really connect up and down the stock so these are new certifications not replacing anything all the same stuff they're new they're part of the same program they have the same rigor the same kind of tests they actually have ways to enter weave with the existing networking certifications because we want people to do both skill paths right to build this new IT team of the future and so it's a completely new set of exams the exams are gonna be available to take February 24th and you can start signing up now so with the definite 500 you know that's gonna be a special recognition for the first 500 people who get dead note certifications it'll be a lifetime achievement they'll always be in the definite 500 right and I've had people coming up and telling me you know I'm signed up for the first day I'm taking my exams on the first day I'm trying to get into them you and I only always want to be on the lift so I think we might be on them and what's really great is with the certifications we've heard from people in the zone that they've been coming and taking classes and learning these skills but they didn't have a specific way to map that to their career path to get rewarded at work you know to have that sort of progression and so with the certifications they really will have that and it's also really important for our partners and par is doing a lot of work with certifications and partners yeah definitely that would love to hear a little bit we've interviewed on the cube over the years some of the definite partners from a technology standpoint of course the the channels ecosystem hugely important to Cisco's business gives the update as to you know definite partnering as well as what will these certifications mean to both the technology and go to market partners yeah the wonderful thing about this is it really demonstrates Cisco's embracement of software and making sure that we're providing that common language for software developers and networkers to bring the two together and what we've found is that our partners are at different levels of maturity along that progression of program ability and this new definite specialization which is anchored in the individuals that are now certified at that partner allow them to demonstrate from a go-to-market standpoint from a recognition standpoint that as a practice they have these skills and look at the end of the day it's all about delivering what our customers need and our customers are asking us for significant help in automation digital transformation they're trying to drive new business outcomes and this this will provide that recognition on on who to partner with in the market it's so important I remember when Cisco helped a lot of the partner ecosystem build data center practices went from the silos and now embracing you've got the hardware the software we're talking multi cloud it's the practice that is needed today going forward to help customers with where they're going it really is and and another benefit that we're finding and talking to our partners is we're packaging this up and rolling it out is not only will it help them from a recognition standpoint from a practice standpoint and from a competitive differentiation standpoint but it'll also help them attract challenge I mean it's no secret there is a talent shortage right now if you talk to any CEO that's top of mind and how these partners are able to attract these new skills and attract smart people smart people like working on smart things right and so this has really been a big traction point for them as well it's also giving ways to really specifically train for new job roles so some of the ways that you can combine the new definite certifications with the network engineering certifications we've looked at it and said you know there's there's a role of Network automation developer that's a new role everyone we ask in one of our sessions who needs that person on their team so many customers partners raise their hands like we want the network Automation developer on our team and you can combine you know your CCNP Enterprise with a definite certification and build up the skills to be that Network automation developer certainly has been great buzz I got to get your guys thoughts because certainly it's for careers and you guys are betting on the the people and the people are betting on Cisco mm-hmm yes this is what's going on submit surety of Devin it almost it's like a pinch me moment for you guys because you continue to grow I got to ask you what are some of the cool things that you're showing here as you mature you still have the start here session which is intro to Python and other things pretty elementary and then there's more advanced things what are some of the new things that's going on yeah that you could share so some of the new things we've got going on and one of my favorites is the IOT insecurity demonstration there's a an industrial robot arm that's picking and placing things and you can see how it's connected to the network and then something goes wrong with that robot alarm and then you can actually show how you can use the software and security tools to see was there code trying to access you know something that that robot was it was using it's getting in the way of it working so you could detect threats and move forward on that we also have a whole automation journey that starts from modeling your network to testing to how you would deploy automation to a deep dive on telemetry and then ends with multi domain automation so really helping engineers like look at that whole progression that's been that's been really popular Park talked about the specialization which ones are more popular or entry-level which ones are people coming into getting certified first network engineering automation first or what's the yeah so we're so the program is going to roll out with three different levels one is a specialized level the second is an advanced level and then we'll look to that third level again they're anchored in the in the individual certs and so as we look for that entry level it's really all about automation right I mean some things you take for granted but you still need these new skills to be able to automate and scale and have repeatable scalable benefits from that this the second tier will be more cross-domain and that's where we're really thinking that an additional skill set is needed to deliver dashboard experience compliance experiences and then that next level again we'll anchor towards the expert level that's coming out but one thing I want to point out is in addition to just having the certified people on staff they also have to demonstrate that they have a practice around it so it's not just enough to say I've passed an exam as we work with them to roll out the practice and they earn the badge they're demonstrating that they have the full methodology in place so that it really there's a lot behind it that means we can't be in the 500 list then even if a 500 list I don't know that the cube would end up being specialized its advertising no seriously all fun it's all fun it's Cisco live in Europe is there a difference between European and USD seeing any differences in geographic talent you know in the first couple years we did it I think there was a bigger difference it felt like there were different topics that were very popular in the US slightly different in Europe last year and this year I feel like they have converged it's it's the same focus on DevOps automation security as a huge focus in both places and it also feels like the the interest and level of the people attending has also converged it's really similar congratulations been fun to watch the rise and success of Devon it continues to be strong how see in the hub here and the definite zone behind us pact sessions yes what's the biggest surprise for you guys in terms of things that you didn't expect or some of the success what's what's jumped out yeah I think you know one of the points that I want to make sure we also cover and it has been an added benefit we're hoping it would happen we just didn't realize it would happen this soon we're attracting new companies new partners so the specialization won't just be available for our traditional bars this is also available for our non resale and we are finding different companies accessing definite resources and learning these skills so that's been a really great benefit of Deb net overall definitely my favorite surprises are when I show up at the community events and I hear from someone I met last year what the what they went back and did and the change that they drove and they come in their company and I think we're seeing those across the board of people who start a grassroots movement take back some new ideas really create change and then they come back and we get to hear about that from them those are my favorite surprises and I tell you we've known for years how important the developer is but I think the timing on this has been perfect because it is no longer just oh the developer has some tools that they like in the corner the developer connected to the business and driving things forward exactly so perfect timing congratulations on this certification their thing that's been great is that our at Cisco itself we now have API is across the whole portfolio and up and down the stock so that's been a wonderful thing to see come together because it opens up possibilities for all these developers so Cisco's API first company we are building it guys everywhere we can and and that the community is is taking them and finding creative things to build it's been fun to watch you guys change Cisco but also impact customers has been great to watch far many thanks for coming up yeah games live coverage here in Barcelona for Cisco live 20/20 I'm John Ford Dave Dave Alon face to many men we right back with more after this short break [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] you live from Barcelona Spain it's the cube covering Cisco live 2020 brought to you by Cisco and its ecosystem partners hello and welcome back to the cubes live coverage here at Cisco live 20/20 and partial into Spain I'm John first evening men cube coverage we've got a lot of stuff going on with Cisco multi-cloud and cloud technologies of clarification of Cisco's happening in real time is happening right now cloud is here here to stay we got two great guests to unpack what's going on in cloud native and networking and applications as the modern infrastructure and software evolves we got eugene kim global product marketing and compute storage at cisco global part of marketing manager and fabio corey senior director cloud solutions marketing guys great comeback great thanks for coming back appreciate it thanks very much great to see a lot of guys so probably we've had multiple conversations and usually even out from the sales force given kind of the that the discussion and the motivation cloud is big it's here it's here to stay it's changing Cisco API first we hear and all the products it's changing everything what's the story now what's going on I would say you know the reason why we're so excited about the launch here in Barcelona it's because this time it's all about the application experience I mean the last two years we've been announcing some really exciting stuff in the cloud space right think about all the announcements with the AWS the Google's the Azure so the world but this time it really boils down to making sure that is incredibly hyper distributed world well there is an application explosion ultimately we will help for the right operations tools and infrastructure management tools to ensure that the right application experience will be guaranteed for the end customer and that's incredibly important because at the end what really really matters is that you will ensure the best possible digital experience to your customer otherwise ultimately nothing is gonna work and of course you're going to lose your brand and your customers one of the main stories that we're covering is the transformation of the industry also Cisco and one of the highlights to me was the opening keynote you had app dynamics first not networking normally it's like what's under the hood the routers and the gear no it was about the applications this is the story we're seeing it's kind of a quiet unveiling it's not yet a launch but it's evolving very quickly can you share what's going on behind this all this absolutely it's exactly along the lines of what I was saying a second ago in the end that the reason why we're driving the announcement if you want from the application experience side of the house is because without dynamics we already have a very very powerful application performance measurement tool which it's evolving extremely rapidly first of all after Amex can correlate not just the application performance to some technology kpi's but to true actual business KPIs so AB dynamics can give you for instance the real-time visibility of say a marketing funnel conversion rates transactions that you're having in your in your business operation now we're introducing an incredibly powerful new capability that takes the bar to a whole new level and that's the dynamics experience journey Maps what are those it's actually the ability of focusing not so much on front-ends and backends and databases performances but really focusing on what the user is seeing in front of his or her screen and so what really matters is capturing the journey that a given user of your application is is being and understanding whether the experience is the one that you want to deliver oh you have like a sudden drop of somewhere and you know why that is important because in the end we've been talking about is it a problem of the application performance user performance well it could be a badly designed page how do you know and so this is a very precious information is that were giving to application developers not just to the IT ops guys that is incredibly precious to get this in so you just brought up that journey so that's part of the news so just break down real quick one minute yeah what the news is yeah so we have three components the first one as you as you correctly pointed out is really introduction the application journey Maps right the experience journey Maps that's very very important the second is we are actually integrating after am it's with the inter-site action inter-site optimization manager the workload team is a workload promisor and so because there is a change of data between the two now you are in a position to immediately understand whether you have an application problem we have a workload problem or infrastructure problem which is ultimate what you really need to do as quickly as you can and thirdly we have introduced a new version of our hyper flex platform which is hyper-converged flat G flat for Cisco with a fully containerized version we tax free if you want as well there is a great platform for containerized application of parameter so you teen when I've been talking to customers last few years when they go through their transformational journey there's the modernization they need to do the patterns I've seen most successful is first you modernize the platform often HCI is you know and often for that it really simplifies the environment you know reduces the silos and has more of that operational model that looks closer to what the cloud experience is and then if I've got a good platform then I can modernize the applications on top of it but often those two have been a little bit disconnected it feels like the announcements now that they are coming together what are you seeing what are you hearing how is your solution set solving this issue yeah exactly I mean as we've been talking to our customers love them are going through different application modernisations and kubernetes and containers is extremely important to them and to build a container cloud on Prem is extremely one of their needs and so there's three distinctive requirements that they've kind of talked to us about a lot of it has to be able to it's got to be very simple very turnkey and a fully integrated ready to turn on the other one is something that's very agile right very DevOps friendly and the third being a very economic container cloud on Prem as far we mentioned high flex application platform takes our hyper-converged system and builds on top of it a integrated kubernetes platform to deliver a container as a service type capability and it provides a full stack fully supported element platform for our customers and the one of the best great aspects of is that's all managed from inside from the physical infrastructure to the hyper-converged layer to all the way to the container management so it's very exciting to have that full stack management and insight as well yeah it's great to you know John and I have been following this kubernetes wave you know since the early early days Fabio mentioned integrations with the Amazons and Google's the world because you know a few years ago you talked to customers and they're like oh well I'm just gonna build my own urbanity right back nobody ever said that is easy now just delivering at his service seems to be the way most people wanted so if I'm doing it on Amazon or Google they've got their manage service that I could do that or that they're through partners they're working with so explain what you're doing to make it simpler in the data center environment because I'm tram absolutely is a piece of that hybrid equation the customers need yes so essentially from the customer experience perspective as I mentioned it's very fairly turnkey right from the hyper flicks application platform we're taking our hyper grew software we're integrating a application virtualization layer on top of it Linux KVM based and then on top of that we're integrating the kubernetes stack on top as well and so in essence right it's a fully curated kubernetes stack right it has all the different elements from the networking from the storage elements and and providing that in a very turnkey way and as I mentioned the inner site management is really providing that simplicity that customers need for that management ok Fabio this the previous announcement you've made with the public clouds yeah this just ties into those hybrid environments that's exactly you know a few years ago people like oh is there gonna be a distribution that wins in kubernetes we don't think that's the answer but still I can't just move between kubernetes you know seamlessly yet but this is moving towards that direction so a lot of customers want to have a very simple implementation at the same time they want of course a multi cloud approach and I really care about you know marking the difference between you know multi-cloud hybrid cloud there's been a lot of confusion but if you think about it multi cloud is really rooted into the business need of harnessing innovation from whatever it comes from you know the different clouds PV different things and you know what they do today tomorrow it could even change so people want option maladie so they want a very simple implementation that's integrated with public cloud providers that simplifies their life in terms of networking security and application of workload management and we've been executing towards that goal to fundamentally simplify the operations of these pretty complex kind of hybrid environments I want you to nail that operations on ibrid that's where multi cloud comes in absolutely just a connection point absolutely you're not a shitty mice no isn't a shit so in order to fulfill your business like your I know business needs you then you have a hybrid problem and you want to really kind of have a consistent production rate environment between fins on Prem that you own and control versus things that you use and you want to control better now of course there are different school of thoughts but most of the customers who are speaking with really want to expand their governance and technology model right to the cloud as opposed to absorb in different ways of doing things from each and every clock I want to unpack a little bit of what you said earlier about the knowing where the problem is because a lot of times it's a point the finger at the other first and where's it's the application problem isn't a problem so I want to get into that but first I want to understand the hyper flex application platform Eugene if you could just share the main problem that you guys saw what did some of the pain points that customers had what problems does the AP solve yeah as I mentioned it's really the platform for our customers to modernize their applications on right and it addresses those things that they're looking for as far as the economics right really the ability to provide a full stack container experience without having to you know but you know bringing any third party hypervisor licenses as well as support cost so that's fully integrated there you have your integrated hyper-converged storage capability you have the cloud-based management and that's really developing you providing that developer DevOps simplicity from the data Julie that they're looking for internally as well as for their product production environments and then the other aspect is its simplicity to be able to manage all this right in the entire lifecycle management as well so it's the operational side of the whole yeah uncovers Papio on the application side where the problem is because this is where I'm a little bit skeptical you know normally rightfully so but I can see in a problem where it's like whose fault is it gasification is problem or the network I mean it runs into more serious workloads the banking app that's having trouble how do you know where it what the problem is and how do you solve that problem what what's going on for that specific issue absolutely and you know the name of the game here is breaking down this operational side right and I love what our app dynamics VP GM Danny winoker said you know it has this terminology beast DevOps which you know may sound like an interesting acrobatics but it's absolutely true the business has to be part of this operational kind of innovation because as you said you know developer edges you know drops their containers and their code to the IET ops team but you don't really know whether the problem a certain point is gonna be in the code or in how the application is actually deployed or maybe a server that doesn't have enough CPU so in the end it boils down to one very important thing you have to have visibility inside and take action and every layer of the stack I mean instrumentation absolutely there are players that only do it in their software overlay domain the problem is very often these kind of players assume that underneath links are fine and very often they're not so in the end this visibility inside inaction is the loop that everybody is going after these days to really get to the next if you want generational operation where you gotta have a constant feedback loop and making it more faster and faster because in the end you can only win in the marketplace right regardless of your IT ops if you're faster than your competitor well still still was questioning the GM of AppDynamics running observability and he's like no it's not to feature it's everywhere so he his comment was yeah but serve abilities don't really talk about it because it's big din do you agree with that absolutely it has to be at every layer of the stack and only if you have visibility inside an action through the entire stack from the software all the way to the infrastructure level that you can solve the problem otherwise the finger-pointing quote-unquote will continue and you will not be able to gain the speed that you need okay so the question on my mind I want to get both of you guys can weigh in on this is that you look at Cisco as a company you got a lot going on I mean a guy's huge customer base core routers - no applications there's a lot going on a lot of a lot of complexity you got IOT security Ramirez talked about that you got the WebEx rooms got totally popular it's kind of got a lot of glam to it having the WebEx kind of you know I guess what virtual presence was yeah telepresence kind of model and then you get cloud is there a mind share within the company around how cloud is baked into everything because you can't do IOT edge without having some sort of cloud operational things so there's stuff you're talking about is not just a division it's kind of gonna it's kind of threads everywhere across Cisco what's the what's the mind share right now within the Cisco teams and also customers around clarification well I would say it's it's a couple of dimension the first one is the cloud is one of the critical domains of this multi domain architecture that of course is the cornerstone of Cisco's technology strategy right if you think about it it's all about connecting users to applications wherever they are and not just the user the applications themselves like if you look at the latest stats from IDC 58% of workloads is heading to the public cloud and to the edge it's like the data center is literally exploding in many different directions so you have this highly distributed kind of fabric guess what sits in between all these applications and microservices is a secure network and that's exactly what we're executing upon now that's the first kind of consideration the second is if you look at the other silver line most of the Cisco technology innovation is also going a direction of absorbing cloud as a simplified way of managing all the components or the infrastructure you look at the IP flex ap is actually managed by inter site which is a SAS kind of component this journey started a long time ago with Cisco Meraki and then of course we have SAS properties like WebEx everything else is kind of absolutely migrants reporter we've been reporting eugen that from years ago we saw the movement where api's are starting to come in when you go back five years ago not a lot of the gear and stuff at Cisco had api's now you got api's building into all the new products that's right you see the software shift with you know you know intent-based networking to AppDynamics it's interesting it's you're seeing kind of this agile mindset this is some of you and I talk about all the time but agile now is the new model is it ready for customers I mean the normal Enterprise is still got the infrastructure and application it's separated okay how do I bring it together what are you guys seeing the customer base what's going on with with not that not the early adopters heavy-duty hardcore pioneers out there but you know the the general mainstream enterprise are they there yet have they had that moment of awakening yeah I mean I think they they are there because fundamentally it's all about that ensuring that application experience and you can only ensure that application experience right by having your application teams and your structure teams work together and that's what's exciting you mentioned the API is and what we've done there with AppDynamics integrating with inter-site workload optimizer as Fabio mentioned it's all about visibility inside action and what app dynamics is provides providing that business and end-user application performance experience visibility inner sites giving you know visibility on the underlining workload and the resources whether it's on Prem in your you know drive data center environment or in different type of cloud providers so you get that full stack visibility right from the application all the way down to the bottom and then inner side local optimizer is then also optimizing the resources to proactively ensure that application experience so before you know if we talk about someone at a checkout and they're about to have abandonment because the functions not working we're able to proactively prevent that and take a look at all that so you know in the end I think it's all about ensuring that application experience and what we're providing with app dynamics is for the application team is kind of that horizontal visibility of how that application is performing and at the same time if there's an issue the infrastructure team could see exactly within the workload topology where the issue is and insert' aeneas lee whether it be manual intervention or even automatically there's or a ops capability go ahead and provide that action so the action could be you know scaling out the VMS it's on-prem or looking at a new different type of ec2 template in the cloud that's what's very exciting about this it's really the application experience is now driving and optimizing infrastructure in real time and let me flip your question like do you even have a choice John when you think about in the next two years 50% more applications if you're a large enterprise you have 5 to 7,000 apps you have another to 3,000 applications just coming into into the the frame and then 50% of the existing ones that are gonna be refactor lifted and shifted or replace or retired by SAS application it's just like it's tsunami that's that's coming on you and oh by the way because of again the micro service is kind of affect the number of dependencies between all these applications is growing incredibly rapidly like last year we were eight average interdependencies for applications now we are 20 so imaging imaging what happens as as you are literally flooded with the way the scanner really you have to ensure that your application infrastructure fundamentally will get tied up as quickly as you can still and I have been toilet for at least five years now if not longer the networking has been the key kind of last changeover - clarification and I would agree with you guys I think I've asked the question because I wanted to get your perspective but think about it it's 13 years since the iPhone so mobile has shown people that a mobile app can change business but now if you look at the pressure the network's bringing the pressure on the network or the pressure for the network to be better than programmable is the rise of video and data I mean so you got mobile check now you've got video I mean more people doing video now than ever before videos of consumer oil as streaming you got data these two things absolutely forced yeah the customers to deal with it but what really tipped the the balance John is is actually the SAS effect is the cloud effect because as you know it's in IT sort of inflection points nothing is linear right so once you reach a certain critical mass of cloud apps and we're absolutely there already all of a sudden you're traffic pattern on your network changes dramatically so why in the world are you continuing kind of you know concentrating all of your traffic in your data center and then going to the internet you have to absolutely open the floodgates at the branch level as close to the users as possible and that implies a radical change I would even add to that and I think you guys are right on where you guys are going it may be hard to kind of tease out with all the complexity with Cisco but in the keynote the business model shifts come from SAS so you got all this technical stuff going on now you have this Asif ocation or cloud that's changes the business models so new entrants can come in and existing players can get better so I think that whole business model conversation yeah never was discussed at Cisco live before yeah in depth as well hey run your business connect your hubs campus move packets around that was applications in business model yeah but also the fact that there is increasing number of software capabilities and so fundamental you want to simplify the life of your customers through subscription models that help the customer by now using what they really need right at any given point in time all the way to having enterprise agreements I also think that's about delivering these application experiences for your business small different type experience that's really what's differentiating you from your different competitors right and so I think that's a different type of shift as well well you guys are good got some good angle on this cloud I love it I got to ask you the question what can we expect next from Cisco more progression along clarification what's next well I would say we've been incredibly consistent I believe in the last few years in executing on our cloud strategy which again is centered around helping customers really gluon this mix set of data centers and clouds to make it work as one write as much as possible and so what we really deliver is networking security and application of performance management and we're integrating there's more and more on the two sides of the equation right the the designer side and the powerful outside and more more integrating in between all of these layers again to fundamentally give you this operational capability to get faster and faster we'll continue doing so and you set up before we came on camera that you were talking to the sales teams what are they what's their vibe with the sales team they get excited by this what's that oh yeah feedback oh yeah absolutely from the inner side were claw optimizer and they have dynamics that's very exciting for them especially the conversations they're having with their customers really from that application experience and proactively insuring it and on the hyper flex application platform side this is extremely exciting with providing a container cloud to our customers and you know what's coming down is more and more capabilities for our customers to modernize their applications on hyper flex you guys are riding some pretty big waves here at Cisco I get a cloud way to get the IOT Security wave it's pretty exciting pretty big stuff thanks for coming in thanks for sharing the insights Fabio I appreciate it thank you for having us your coverage here in Barcelona I'm John Force dude Minutemen be back with more coverage fourth day of four days of cube coverage we right back after this short break [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] why Trump Barcelona Spain it's the cube covering Cisco live 2020 rot to you by Cisco and its ecosystem partners welcome back to Barcelona everybody we're here at Cisco live and you're watching the cube the leader in live tech coverage we got to the events and extract the signal from the noise this is day one really we started a zero yesterday Eric Hertzog is here he's the CMO and vice president of storage channels probably been on the cube more than [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] live from Barcelona Spain it's the cube covering Cisco live 2020 rot to you by Cisco and its ecosystem partners welcome back everyone's two cubes live coverage day four of four days of wall-to-wall action here in Barcelona Spain Francisco live 2020 I'm John Ferrier with mykos Dave Volante with a very special guest here to wrap up Cisco live the president of Europe Middle East Africa and Russia Francisco Wendy Mars cube alumni great to see you thanks for coming on to kind of put a bookend to the show here thanks for joining us right there it's absolutely great to be here thank you so what a transformation as Cisco's business model of continues to evolve we've been saying brick by brick we still think is a big move coming I think there's more action I can sense the walls talking to us like let's just go live in the US and more technical announcements in the next 24 months you can see you can see where it's going it's cloud its apps yeah its policy based program ability it's really a whole nother business model shift for you and your customers the technology shift and the business model shift so I want to get your perspective of this year opening key no you let it off talking about the philosophy of the business model but also the first presenter was not a networking guy it was an application person yeah app dynamics yep this is a shift what's going on with Cisco what's happening what's the story well you know if you look for all of the work that we're doing is but is really driven by what we see from requirements from our customers the change that's happening in the market and it is all around you know if you think digital transformation is the driver organizations now are incredibly interested in how do they capture that opportunity how do they use technology to help them but you know if you look at it really there's the three items that are so important it's the business model evolution it's actually the business operations for for organisations plus their people there are people in the communities within that those three things working together and if you look at it with you know it's so exciting with application dynamics there because if you look for us within Cisco that linkage of the application layer through into the infrastructure into the network and bringing that linkage together is the most powerful thing because that's the insight and the value our customers are looking for you know we've been talking about the in the innovation sandwich you know you got you know date in the middle and you got technology and applications underneath that's kind of what's going on here but you I'm glad you brought up the year the part about business model business operations and people in communities because during your keno you had a slide that laid out three kind of pillars yes people in communities business model and business operations there was no 800 series in there there was no product discussions this is fundamentally the big shift that business models are changing I tweeted provocatively the killer app and digital the business model because you think about it the applications are the business and what's running under the covers is the technology but it's all shifting and changing so every single vertical every single business is impacted by this it's not like a certain secular thing in the industry this is a real change can you describe how those three things are operating with that constitute think if you look from you know so thinking through those three areas if you look at the actual business model itself our business models as organizations are fundamentally changing and they're changing towards as consumers we are all much more specific about what we want we have incredible choice in the market we are more informed than ever before but also we are interested in the values of the organizations that were getting the capability from as well as the products and the services that naturally we're looking to gain so if you look in that business model itself this is about you know organizations making sure they stay ahead from a competitive standpoint about the innovation of portfolio that they're able to bring but also that they have a strong strong focus around the experience that their customer gains from an application a touch standpoint that all comes through those different channels which is at the end of the day the application then if you look as to how do you deliver that capability through the systems the tools and the processes as we all evolve our businesses you have to change the dynamic within your organization to cope with that and then of course in driving any transformation the critical success factor is your people and your culture you need your teams with you the way teams operate now is incredibly different it's no longer command and control its agile capability coming together you need that to deliver on any transformation never never mind let it be smooth you know in the execution there so it's all three together what I like about that model and I have to say we this is you know ten years to do in the cube you you see that marketing in the vendor community often leads what actually happens not surprising as we entered the last decade it was a lot of talk about cloud well it kind of was a good predictor we heard a lot about digital transformations a lot of people roll their eyes and think it's a buzzword but we really are I feel like an exiting this cloud era into the digital era it feels real and there are companies that you know get it and are leaning in there are others that maybe you're complacent I'm wondering what you're seeing in in Europe just in terms of everybody talks digital yeah be CEO wants to get it right but there is complacency there when it's a services say well I'm doing pretty well not on my watch others say hey we want to be the disruptors and not get disrupted what are you seeing in the region in terms of that sentiment I would say across the region you know there will always be verticals and industries that are slightly more advanced than others but I would say that then the bulk of conversations that I'm engaged in independence of the industry or the country in which we're having that conversation in there is a acceptance of transfer digital transformation is here it is affecting my business i if I don't disrupt I myself will be disrupted and be challenged help me so I you know I'm not disputing the end state I need guidance and support to drive the transition and a risk mythic mitigated manner and they're looking for help in that and there's actually pressure in the boardroom now around a what are we doing within within organizations within that enterprise the service right of the public said to any type of style of company there's that pressure point in the boardroom of come on we need to move it speed now the other thing about your model is technology plays a role in contribute it's not the be-all end-all but plays a role in each of those the business model of business operations and developing and nurturing communities can you add more specifics what role do you see technology in terms of advancing those three spheres so I think you know if you look at it technology is fundamental to all of those spheres in regard to the innovation the differentiation technology can bring then the key challenges one of being able to reply us in a manner where you can really see differentiation of value within the business so in then the customers organization otherwise it's just technology for the sake of technology so we see very much a movement now to this conversation of talk about the use case the use cases the way by which that innovation can be used to deliver the value to the organization and also different ways by which a company will work look at the collaboration capability that we announced earlier this week of helping to bring to life that agility look at the app D discussion of helping to link the layer of the application into the infrastructure the network's to get to root cause identification quickly and to understand where you may have a problem before you thought it actually arises and causes downtime many many ways I think the agility message has always been a technical conversation a gel methodology technology software development no problem check that's ten years ago but business agility mmm it's moving from a buzzword to reality exactly that's what you're kind of getting in here and teams how teams operate how they work you know and being able to be quick efficient stand up stand down and operate in that way you know we were kind of thinking out loud on the cube and just riffing with Fabio gory on your team on Cisco's team about clarification with Eugene Kim around just just kind of real-time what was interesting is we're like okay it's been 13 years since the iPhone and so 13 years of mobile in your territory in Europe Middle East Africa mobilities been around before the iPhone so with in more advanced data privacy much more advanced in your region so you got you out you have a region that's pretty much I think the tell signs for what's going on in North America and around the world and so you think about that you say okay how is value created how the economics changing this is really the conversation about the business model is okay if the value activities are shifting and be more agile and the economics are changing with sass if someone's not on this bandwagon it's not an in-state discussion where it's done deal yeah it's but I think also there were some other conversation which which are very prevalent here is in in the region so around trust around privacy law understanding compliance you look at data where data resides portability of that data GDP are came from Europe you know and as ban is pushed out and those conversations will continue as we go over time and if I also look at you know the dialogue that you saw so you know within World Economic Forum around sustainability that is becoming a key discussion now within government here in Spain you know from a climate standpoint and many other areas as well Dave and I've been riffing around this whole where the innovation is coming from it's coming from Europe region not so much the u.s. I mean us discuss some crazy innovations but look at blockchain us is like don't touch it pretty progressive outside United States little bit dangerous to but that's where innovation is coming from and this is really the key that we're focused on I want to get your thoughts on how do you see it going next level the next level next-gen business model what's your what's your vision so I think there'll be lots of things if we look at things like with the introduction of artificial intelligence robotics capability 5g of course you know on the horizon we have Mobile World Congress here in Barcelona in a few weeks time and if you talked about with the iPhone the smartphone of course when 4G was introduced no one knew what the use case would that would be it was the smartphone which wasn't around at that time so with 5g in the capability there that will bring again yet more change to the business model for different organizations and the capability and what we can bring to market when we think about AI privacy data ownership becomes more important some of the things you were talking about before it's interesting what you're saying John and when the the GDP are set the standard and and you see in the u.s. there are stovepipes for that standard California is going to do one every state is going to have a different center that's going to slow things down that's going to slow down progress do you see sort of an extension of a GDP are like framework of being adopted across the region and that potentially you know accelerating some of these you know sticky issues and public policy issues that can actually move the market forward I think I think the will because I think there'll be more and more you know if you look at there's this terminology of data is the new oil what do you do with data how do you actually get value from that data and make intelligent business decisions around that so you know that's critical but yet if you look for all of ours we are extremely passionate about you know where is our data used again back to trust and privacy you need compliance you need regulation you know I think this is just the beginning of how we will see that evolve you know when do I get your thoughts does Dave and I have been riffing for 10 years around the death of storage long live storage and but data needs to be stored somewhere networking is the same kind of conversation just doesn't go away in fact there's more pressure now forget the smartphone that was 13 years ago before that mobility data and video now super important driver that's putting more pressure on you guys and so hey we're networking so it's kind of like Moore's law it's like more networking more networking so video and data are now big your thoughts on video and data video but if you look at the Internet of the future you know what so if you look for all of us now we are also demanding as individuals around capability and access to that and inter vetted the future the next phase we want even more so there'll be more and more - you know requirement for speed availability that reliability of service the way by which we engage and we communicate there's some fundamentals there so continuing to to grow which is which is so so exciting for us so you talk about digital transformation that's obviously in the mind of c-level executives I got to believe security is up there as a topic what other what's the conversation like in the corner office when you go visit your customers so I think that there's a huge excitement around the opportunity realizing the value of the of the opportunity you know if you look at top of mind conversations are around security around making sure that you can make tank maintain that fantastic customer experience because if you don't the custom will go elsewhere how do you do that how do you enrich at all times and also looking at markets adjacencies you know as you go in and you talk at senior levels within within organizations independent of the industry in which they're in there are a huge amount of commonalities that we see across those of consistent problems by which organizations are trying to solve and actually one of the big questions is what's the pace of change that I should operate at and when is it too fast and when is what am I too slow and trying to balance that is exciting but also a challenge for companies so you feel like sentiment is still strong even though we're 10 years into this this bull market you know you got Briggs it you get you know China tensions with the US u.s. elections but but generally you see Tennessee sentiment still pretty strong and demand so I would say that the the excitement around technology the opportunity that is there around technology in its broadest sense is greater than ever before and I think it's on all of us to be able to help organizations to understand how they can consume I see value from us but it's you know it's fantastic science it tastes trying to get some economic indicators but really the real thing I'm trying to get you is Minh set of the CEO the corner office right now is it is it we're gonna we're gonna grow short-term by cutting or do we do are we gonna be aggressive and go after this incremental opportunity and it's probably both you're seeing a lot of automation yeah and I think if you look fundamentally for organizations it's it's that the three things helped me to make money how me to save money keep me out of trouble you know so those are the pivots they all operate with and you know depending on where an organization is in its journey whether a start-up there you know in in the in the mid or the more mature and some of the different dynamics and the markets in which they operate in as well there's all different variables you know so it's it's it's mix Wendy thanks so much for spending the time to come on the cube really appreciate great keynote folks watching if you haven't seen the keynote opening sections that's a good section the business model I think it's really right on I think that's going to be a conversation it's going to continue thanks for sharing that before we look before we leave I want to just ask you a question around what you what's going on for you here at Barcelona as the show winds down you had all your activities take us in the day of the life of what you do customer meetings what were some of those conversations take us inside inside what what goes on for you here well I'd say it's been an amazing it's been an amazing few days so it's a combination of customer conversations around some of the themes we just talked about conversations with partners and there's investor companies that we invest in a Cisco that I've been spending some time with and also you know spending time with the teams as well the DEF net zone you know is amazing we have this afternoon the closing session where we've got a fantastic external guest who's coming in it's going to be really exciting as well and then of course the party tonight and we'll be announcing the next location which I'm not gonna reveal now later on today we kind of figured it out already because that's our job and there's the break news but we're not gonna break it for you you can have that hey thank you so much for coming on really appreciate Wendy Martin expecting the Europe Middle East Africa and Russia for Cisco she's got our hand on the pulse and the future is the business model that's what's going on fundamental radical change across the board in all areas this the cue bringing you all the action here in Barcelona thanks for watching [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music]

>> Announcer: Live from Barcelona, Spain it's theCUBE covering Cisco Live 2020, brought to you by Cisco and its ecosystem partners. >> Okay, welcome back everyone. It's theCUBE's live coverage here in Barcelona, Spain for Cisco Live 2020, I'm John Furrier host of theCUBE, My co Stu Miniman. We've been talking about the value of data for many, many years and privacy and today's Data Privacy Day, and super important we are here every year past couple years, and the routine at Cisco has some answers for us. Our next guest Robert Waitman Director, Data Privacy and Economic Security and Trust Organization at Cisco, Robert Cube alumni, welcome back, good to see you. Thanks for coming back on. >> Thank you. Great to see you again. >> John: So you know we've had great chats in the past. You knows my favorite topic, the value of data, the role of data, we all believe data driven organizations. You guys just put out your annual report, which is privacy to profit. We asked question here on theCUBE, what's the value of data? That's the Holy Grail. But you guys actually got some progress on this, and narrowly defining around privacy, what's it worth with privacy if you invest in privacy, there is an ROI. We've seen similar reports on diversity, investing in these areas that look like impact mission based items actually has economic value. You guys have new data on a return on investment of privacy, share us the results. >> Happy to do so. And we've been on this journey for three years to try to understand where the value is coming from from privacy, putting protections in place. We first saw that it was showing up in terms of better sales motions, we're having fewer sales delays because organizations put privacy in place. Last year, we started looking at some of the security benefits that those organizations that invested in privacy we're seeing fewer and less costly breaches for example, and less records exfiltrated. So the idea of getting your data house in order is translating into business value. This year, we've not only validated those results from the past two years, but we've now taken it to the next step to have an actually a return on investment on those privacy investments. So our survey this year, which we put out yesterday, was based on 2800 companies, 2500 of which knew about privacy at their organizations. And we asked them about their investments, we ask them about the benefits that they thought they were getting, some in tangible ways and also some intangible ways, like competitive advantage, or operational efficiency, things that are hard to quantify. Overall results on that the average organization spends $100 on privacy, they're getting $270 back, it is a great investment. I don't know how many investments they have to have that kind of return. But in this environment, and this is where we're seeing, the customers who want these kinds of protections, it's a great investment. >> It's an omni directional kind of forcing function if you think about it. I wanted to ask you, how do you see some of the categories because I can certainly see the benefit of just, people who are afraid of their privacy and their data. You see a lot of train wrecks in the industry, from Facebook to other things where users are in control, right? They want to be in control. That's the trend. So I can see the halo effect of saying, well, this company's got good privacy, I like that company. >> Robert: Right? >> It's almost a modern kind of table stakes, like going green or something like that. Is there areas that pop out in the survey, where the ROI was a must have, in terms of privacy or sort of categorical? >> Well, the this idea of building your loyalty and trust of your customers, is something that we had explored. If like, there's a companion piece that we just put out a few weeks ago, exactly on this issue of the consumer interest in having that available to them. And I would say, wouldn't take it for granted. Until recently, most people have said, privacy is dead, and I don't know who has access to my data, and I don't know what's controlling it. But the combination of GDPR, which swung the pendulum a little bit back so that users again had the ability to know what data companies had about them, and in some cases to modify or delete it, started that tread, the CCPA in California, carries out a little bit further. And what we saw in this companion survey around individuals was fascinating because we saw people that are more active. They're saying not only do I care about privacy, which most people will say that I will spend time and money, which many people may say that, but the real test was here that they've made a change, that they've changed a provider or someone that they work with over their data practices or data policies. And what that saying to us is, there's an active community, we're calling them privacy actives. It's a third of the population today, who are standing up to say, I now know that I have some control over how my data is used. Therefore, think about the companies and how they relate to that their customers are saying to them, I'm not going to work with you. And I'm not going to do business with you. And I want to only work with companies who I know how the data is being used. It's now become an important priority. It's part of the brand. It's part of the overall customer experience. So customers aren't going to-- >> John: I think you are understanding the numbers too. I think you I believe what you just said, is only going to be amplified because with social networking and what we've seen with virality and even just with fake news and disinformation. There's also information that could go viral, like, hey, this company, the buyer swing, the influence that these groups could have could be a force multiplier on impact negatively and positively. >> Robert: Right. And I think that actually, we would bear that out as well. So even though I described the third of people who already have made that change, there's another 30 plus percent, who said the first two, they just haven't made that change yet, maybe they aren't comfortable with doing it yet or they haven't had the opportunity. So again, this is something that all companies A need to pay attention to, and B it's going to be fundamentally part of the overall experience. If you don't have the privacy right, you're like not in business. And again, I think that's a positive trend, getting to the creating the conditions in the world that I think we all want to live in where, where when I share my information with somebody who uses it well, I'm happy with that. If I share it with somebody who misuses it, I don't want anything to do with them. And that's, I think, what we all think how it should work. >> Yeah, that's really fascinating and I love what you're saying about how the consumers are getting involved. I was a little bit concerned that things like GDPR and CCPA were going to be like the old, software accept it to use it. Nobody reads it, nobody pays any attention to it, I just opt in to anything. So, what advice do you have to users, how do you make sure that you're working with companies that are going to be using your data correctly and get involved, if they're not? >> Robert: Well, first thing they should do is be aware of the regulations and the rights that they have. I mean, the awareness even if GDPR in Europe runs under two thirds, right? So it's not something to take for granted that everybody knows about what they can do. So the first thing is know what you can do ask for the data if you're not sure. And ask the questions about how your data is being used. If the company is not completely upfront and transparent with how the data is being used, and I don't mean a 20 page consent document, which you can't figure out what they're doing, then you should be either not doing it or asking those questions and you should have comfort that there are a lot of other consumers out there that are doing the same. So make sure you're doing that. Cisco tries to work very hard to share with our customers exactly how data is using in all of our products that's why it published the data privacy maps and the data privacy sheets to kind of make that easy on our customers. But in any business, that's something that, a consumer should be asking, a customers should be asking and the company should explain, simply and transparency. The one number one complaint that individuals still have today is they don't understand what companies are doing with their data. >> Yeah. >> I mean, it's just mind boggling and that's, I think, again, the advice I give them is, you've got to get that right. >> How does Cisco do? What do you guys do? What do you offer people? I mean, let's just say people want to check. What was the mechanism that you guys are putting in place? Because I have no idea of WebEx my video is going to be facial recognition or my packets being routed through Cisco routers are being sniffed out, how do you guys put that transparency out there? >> Robert: Well, you like many customers ask those questions. And so we started creating and publishing these privacy data sheets, which were relatively streamlined, fairly short documents that you could go through and say, okay, I understand where the data is going. And we've done that on a whole bunch of the most requested products. We've taken another step to make them now very visual. I think we talked, we just launched that a year ago, where we tried to make them look like subway maps. Where you have sort of color coded ways the data flows through the system. And those are available. Anybody can come get them from trust.Cisco.com on the website, publicly available for customers who are interested in a product, don't have to go down the road and say well, it's just going to be my needs, they can get almost all of their questions answered through that. Yes, there may be some additional questions we want to answer later, like through the lawyers and through the conversations, but we least have a mechanism for giving the most of that information up front. >> Stu: Yeah, I love that trust was something that was front and center in the keynote this morning. I'm curious, Robert, with Cisco's position in the marketplace, the ecosystem you have is either something Cisco can lead or their industry considering to have kind of like a better business bureau. I shouldn't be able to go there and say, is this a reputable company? Am I okay, doing business with them? From a privacy standpoint, are there any initiatives in the works or is that something you might foresee going forward that I know oh, hey, this is somebody that it makes sense for me to work with. >> It's an interesting idea of, that could be created around that. I mean, I think where we are today is there's still a huge value of the government playing a role. I mean, the idea of GDPR and other regulations, if you have too much of it may not be helpful. But in today's environment, because the consumer can't always trust the company to do what they say they're going to do, you may not even be able to figure it out from the policy to begin with. But the government's role is to make sure that they're doing what they say they're going to do and therefore, consumers want government involved in that. So that again, there's a role to see fines and see penalties means that some of the guys are at least being-- >> Stu: Well, I wonder even you look at some of the fragmentation of the internet today, is there something that government or intergovernmental, kind of like the organization that runs the internet today, if there's there would be some room for them to be involved in something like that? I know it's a big audacious thing, but it is something that the general public companies, they don't trust most corporations with their information. >> Right. And it's a nice idea, especially in an environment where we want to avoid 50 different state legislative environments that companies are going to have to comply with. I mean, so far we go back to our study, we see this very positive return on privacy investment. If we get 50 more state laws that people have to comply with, that's very quickly going to get negative, right? So as although consumers are demanding more, it's more part of the brand. If we have too much regulation will start to see that around. So you're getting your idea of consolidation, having a single way is a very positive idea. >> Stu: In your report, I saw that GDPR and CCPA, oh, China's doing something, Brazil's doing something, it's going to be well it's from it's going to become onerous on the supplier and the consumer side if there isn't some commonality between them. >> Robert: Fully agree. That's right. >> John: Well, I got the report here folks, check it out. It is an amazing report. Every year, the team does an amazing job. This year it's about privacy ROI. This proves that good hiring works. Privacy, hiring practice, diversity inclusion, inclusion and diversity has pay off and this is the new modern era. I want to switch gears well on that note because Robert, we always love to talk about your role you're a data privacy and economics. So privacy economic, ROI, get that security and trust organization. The economic value is a big part of your study here. I think it's just scratching the surface. And I want to give you an example and I want you to react to it. Was having a conversation with a big time venture capitalist who just changed this job to start a fund for impact investing for profit. And one of his focus area is economics around self governing communities around policing some of these regulation issues. So there's so much regulation, business could get stunted. There's a trend going on now, Stu kind of lead it into it where communities are going to start to govern the brands as a check based on buyer behavior. So there's real signals that users are reacting to companies, policies, with data or whatever whether its environment whatever people are making purchasing decisions and organizing, that's going to change the economics, which is the top line impact, not just so much a cost structure to have certain regulatory policies. This is a venture capitalist. What's your reaction? He's investing in this direction. He thinks it's going to be big, your thoughts. >> Well, I think there's evidence for that, again, it's the idea that a company is more valuable because of some of the things that we're talking about was also we actually asked that question, did respondents think that their company was more valuable because they had progressed along the privacy dimension. Because you think about the loyalty and trust they built with their customers, aside from the operational benefits, and maybe the compliance benefits as well. So I would say, evidence for companies thinking that they themselves are further along, and those companies that have gone more than just the minimum that it's sort of becoming a little more mature, a little more accountable from their privacy programs are getting the best returns. We talked about that $270 on 100. If you're investing a little more and going up that curve, it's $310 on that 100. So again, better return on your investment, more loyalty and value and you see your company as being more valuable. So I think there's strong evidence for that happening again, you know how that actually works operationally another question, but there's something there. >> John: Stu and I were talking about how advertising and how social network and medium is all changing. And one of the things is you're driving at is that advertising used to be an attention game, get on TV, spread the message around, while you're teasing out and what Stu was talking about earlier in our other session is that influence and reputation is a new benchmark. So it's not so much, know my brand, my key rating or brand impression, its reputation, you're getting at something that's really interesting around reputation, which is swinging buying behavior. This is a new dynamic. >> Robert: Yeah, I think that reputational aspect is such an important part of the brand and even doing business and why this whole issue. I mean, the idea of privacy becoming a central tenet of the company and the brand and the overall experience is kind of what we're seeing as that pendulum swings back to the consumer and the ability to make those choices. It's becoming more and more important for the companies to get that right and have that be part of it. That's the value of the company, again, the value of the overall relationship. So I think that's a positive direction. >> John: We really appreciate you coming on. I want to get your thoughts, last question. What's your vision of where we are today in the world? You look around and you'll be happy with some of the things. You look at things like Facebook's going through a change, Jeff Bezos' phone was hacked via video on WhatsApp. You got the political environment, you have this entire trust equation. And it's just a dynamic time, your vision of how trust and data privacy and the economics and all your role. What do you see happening? What's your vision? >> I'm very optimistic about where it's going. I mean, I think we see ups and downs and we see setbacks. We see millions of records get exposed on users, and they get concerned about things. But I think we're trying to put the right processes and controls in place so that those controls and so the right things do happen with data, all trying to create that world that we all want to live in. That when our data is shared, it's used appropriately. So it's not going to be a smooth upward curve, but again, I think that idea of not only the legislative process where our governments are seeing that consumers need these protections that we can't go it alone, we need help with the companies that we work with, and the idea that they're willing to take it more into themselves. I mean, the fact that governments and companies who are concerned about the regulations and individuals themselves, would share the responsibility for creating all of those protections is, I mean, that makes me very positive about where it's going. >> John: And as politicians from all around the world, whether it's United States or other countries have to figure out how much regulation to put on the tech companies, this is a flashpoint of where industry could do their part and be part of the solution, not just be regulated, hopefully. Too much regulation kills entrepreneurship, in my opinion, but that's my opinion. >> Robert: It would kill our ROI right? >> ROI. >> Down the toilet. >> Okay, theCUBE comes bringing all the great conversations here at Barcelona, Data Privacy Day, this is a big part of our society now, and there's now evidence that it's worth investing in privacy thanks to Cisco's report. Good ROI. Of course great ROI of you stay with theCUBE for more action after this short break

>> Narrator: From Las Vegas, it's theCUBE, covering Qualys Security Conference 2019, brought to you by Qualys. >> Hey, welcome back, everybody. Jeff Rick here with theCUBE. We're in Las Vegas at the Bellagio at the Qualys Security Conference. They've been doing this for 19 years. They've been in this business for a long time, seen a lot of changes, so we're happy to be here. Our next guest works for Caterpillar. He is Brian Rossi, the senior security manager vulnerability management. Brian, great to see you. >> Thanks for having me. >> So I was so psyched, they had an interview, a gentleman from Caterpillar a few years ago, and it was fascinating to me how far along the autonomous vehicle route Caterpillar is. And I don't think most people understand, right? They see the Waymo cars driving around, and they read about all this stuff. But Caterpillar's been doing autonomous vehicles for a super long time. >> A really long time, a really long time, 25-plus years, pioneering a lot of the autonomous vehicle stuff that's out there. And we've actually, it's been cool, had an opportunity to do some security testing on some of the stuff that we're doing. So, even making it safer for the mines and the places that are using it today. >> Yeah, you don't want one of those big-giant dump-truck things to go rogue. (laughing) >> Off a cliff. Yeah, no, bad idea. >> Huge. Or into a bunch of people. All right, so let's jump into it. So, vulnerability management. What do you focus on, what does that mean exactly? >> So, for me, more on the traditional vulnerability management side. So I stay out of the application space, but my group is focused on identifying vulnerabilities for servers, workstations, endpoints that are out there, working with those IT operational teams to make sure they get those patched and reduce as many vulnerabilities as we can over the course of a year. >> So we've done some stuff with Forescout, and they're the kings of vulnerability sniffing-out. In fact, I think they have an integration with Qualys as well. So, is it always amazing as to how much stuff that gets attached to the network that you weren't really sure was there in the first place? >> Yes, absolutely. (laughs) And it's fun to be on the side that gets to see it all, and then tell people that it's there. I think with Qualys and with some of the other tools that we use, right? We're seeing these things before anybody else is seeing them and we're seeing the vulnerabilities that are associated with them, before anyone else sees them. So it's an interesting job, to tell people what's out there when they didn't even know. >> Right, so another really important integration is with ServiceNow, and you're giving a talk I believe tomorrow on how you use both Qualys and ServiceNow together. Give us kind of the overview of what you're going to be talking about. >> Absolutely, so the overview is really what our motto has been all year, right? Is put work where people work. So what we found was that with our vulnerability management program, we're doing scanning, we're running reports, we're trying to communicate with these IT operational teams to fix what's out there. But that's difficult when you're just sending spreadsheets around and you're trying to email people. There's organizational changes, people are moving around. They might not be responsible for those platforms anymore. And keeping track of all that is incredibly difficult in a global scale, with hundreds of thousands of assets that people are managing. And so we turned to ServiceNow and Qualys to really find a way to easily communicate, not just easily, but also timely, communicate those vulnerabilities to the teams that are responsible for doing it. >> Right, so you guys already had the ServiceNow implementation obviously, it was something that was heavily used. You're kind of implying that that was the screen that a lot of people had open on their desktop all the time. >> We lucked out that we were early in the implementation with ServiceNow. So, Caterpillar was moving from a previous IT service management solution to ServiceNow so we got in on the ground floor with the teams that were building out the configuration management database. We got in with the ground floor with the teams who were operationalizing, using ServiceNow to drive their work. We had the opportunities to just build relationships with them, take those relationships, ask them how they want that to work, and then go build it for them. >> Right, it's so funny because everyone likes to talk about single pane of glass, and to own that real estate that's on our screens that we sit and look at all day long, and it used to be emails. It's not so much email anymore, and ServiceNow is one of those types of apps that when you're in it, you're working it, that is your thing. And it's one thing to sniff out the vulnerabilities and find vulnerabilities, but you got to close the loop. >> Brian: You got to, absolutely. >> And that's really where the ServiceNow piece fits. >> And it's been great. We've seen a dramatic reduction in the number of vulnerabilities that are getting fixed over the course of a 30-day period. And I think it simply is because the visibility is finally there, and it's real-time visibility for these groups. They're not receiving data 50 days after we found it. We're getting them that data as soon as we find it, and they're able to operationalize it immediately. >> Right, and what are some of the actions that are the higher frequency that you've found, that you're triggering, that this process is helping you mitigate? >> I would say, actually, what it's really finding is some of our oldest vulnerabilities, a lot of stuff that people have just let fall off the plate. And they're isolated, right? They may have run patching for a specific vulnerability six months ago, but there was no view to tell them whether or not they got everything. Or maybe it was an asset that was off the network when they were patching, and now it's back on the network. So we're getting them the real-time visibility. Stuff that they may have missed, that they would have never seen before, without this integration. >> So I'd love to get your take on one of the top topics that came in the keynote this morning, both with Dick Clark as well as Philippe, was IoT-5G and the increasing surface-area, attack surface area, vulnerability surface area. You guys, Caterpillar's obviously well into internet of things. You've got a lot of connected devices. I'm sure you're excited about 5G, and I'm sure in a mining environment, or those types of environments are just prime 5G opportunities. Bad news is, your attack surface just grew exponentially. >> Yeah. >> So you're in charge of keeping track of vulnerabilities. How do you balance the opportunity, and what you see that's coming with 5G and connected devices and even a whole other rash of sensors, compared to the threat that you have to manage? >> Certainly in the IoT space it's unique. We can't do the things to those devices that we would do with normal laptops' assets, right? So I think figuring out unique ways to actually deal with them is going to be the hardest part. Finding vulnerabilities is always the easiest thing to do, but dealing with them is going to be the hard part. 5G is going to bring a whole new ballgame to a lot of the technology that we use. Our engineering groups are looking at those, and we're going to be partnering with them all the way through their journey on how to use 5G, how to use IoT to drive better services for our customers, and hopefully security will be with them the whole way. >> Right, the other piece that didn't get as much talk today, but it's a hot topic everywhere else we go is Edge, right? And this whole concept of, do you move the data, do you move the data to the computer or the computer to the data? I'm sure you guys are going to be leveraging Edge in a big way, when you're getting more of that horsepower closer to the sites. There's a lot of challenges with Edge. It's not a pristine data center. There are some nasty environmental conditions and you're limited in power, connectivity, and some of these other things. So when you think about Edge in your world, and maybe you're not thinking of it, but I bet you are, how are you seeing that, again, as an opportunity to bring more compute power closer to where you need it, closer to these vehicles? >> So I think, I wish I had our other security division here with me to talk about it. We're piloting a lot of those things, but that's been a big piece of our digital transformation at Caterpillar, is really leveraging data from those connected devices that are out in the field. And we actually, our Edge has to be brought closer to home. Our engineers pack so much into the little space they have on the devices that are out there, that they don't have room to actually calculate on that data that's out in the field, right? So we are actually bringing the Edge a little closer to home, in order for us to provide the best service for our customers. >> Right, so another take on digital transformation. You talked about Caterpillar's digital transformation. You've been there for five years now. Before that you were at State Farm. Checking on your LinkedIn, right? State Farm is the business of actuarial numbers, right? Caterpillar has got big heavy metal things, and yet you talk about digital transformation. How did you guys, how are you thinking about digital transformation in this heavy-equipment industry that's in construction? Probably not what most people think of as a digital enterprise, but in fact you guys are super aggressively moving in that direction. >> Yeah, and for us, from a securities perspective, it's been all about shift-left, right? We have to get embedded with these groups when they're designing these things. We have to be doing threat models. We have to be doing pen testing. We have to be doing that secure life cycle the entire way through the product. Because with our product line, unlike State Farm where we could easily just make a change to an application so that it was more secure, once we produce these vehicles, and once we roll them out and start selling them, they're out there. And we build our equipment to last, right? So there's not an expectation that a customer is going to come back and say, "I'm ready to buy a new truck two years from now," because of security vulnerability. >> Jeff: Right, right. >> So, yeah, it's a big thing for us to get as early in the development life cycle as possible and partner with those groups. >> I'm curious in terms of the role of the embedded software systems in these things now, compared to what it was five years ago, 10 years ago 'cause you do need to upgrade it. And we've seen with Teslas, right? You get patches and upgrades and all types of things. So I would imagine you're probably a lot more Tesla-like than the Caterpillar of 20 years ago. >> Moving in that direction, and that is the goal, right? We want to be able to get the best services and the most quality services to our customers as soon as possible. >> Right, very cool. Well, Brian, next time we talk, I want to do it on a big truck. >> Okay. >> A big, yellow truck. >> Let's do it. >> I don't want to do it here at the Bellagio. >> Let's do it, all right. >> Okay, excellent. Well, thanks for-- >> Thank you. >> For taking a few minutes, really appreciate it. >> Absolutely. >> All right, he's Brian, I'm Jeff, you're watching theCUBE. We're at the Bellagio in Las Vegas, not on a big yellow truck, out in the middle of nowhere digging up holes and moving big dirt around. Thanks for watching. We'll see you next time. (upbeat techno music)

>> From the SiliconANGLE Media office in Boston, Massachusetts, it's theCUBE. Now, here's your host, Dave Vellante. >> Hello, everyone, and welcome to this week's Cube Insights, powered by ETR. Today is November 8, 2019 and I'd like to address one of the most important topics in the minds of a lot of executives. I'm talking about CEOs, CIOs, Chief Information Security Officers, Boards of Directors, governments and virtually every business around the world. And that's the topic of cyber security. The state of cyber security has changed really dramatically over the last 10 years. I mean, as a cyber security observer I've always been obsessed with Stuxnet, which the broader community discovered the same year that theCUBE started in 2010. It was that milestone that opened my eyes. Think about this. It's estimated that Stuxnet cost a million dollars to create. That's it. Compare that to an F-35 fighter jet. It costs about $85-$100 million to build one. And that's on top of many billions of dollars in R&D. So Stuxnet, I mean, it hit me like a ton of bricks. That the future of war was all about cyber, not about tanks. And the barriers to entry were very, very low. Here's my point. We've gone from an era where thwarting hacktivists was our biggest cyber challenge to one where we're now fighting nation states and highly skilled organized criminals. And of course, cyber crime and monetary theft is the number one objective behind most of these security breaches that we see in the press everyday. It's estimated that by 2021 cyber crime is going to cost society $6 trillion in theft, lost productivity, recovery costs. I mean, that's just a staggeringly large number. It's even hard to fathom. Now, the other C-change is how organizations have had to respond to the bad guys. It used to be pretty simple. I got a castle and the queen is inside. We need to protect her, so what do we do? We built a mote, put it around the perimeter. Now, think of the queen as data. Well, what's happened? The queen has cloned herself a zillion times. She's left the castle. She's gone up to the sky with the clouds. She's gone to the edge of the kingdom and beyond. She's also making visits to machines and the factories and hanging out with the commoners. She's totally exposed. Listen, by 2020, there's going to be hundreds of billions of IP addresses. These are going to be endpoints and phones, TVs, cameras, tablets, automobiles, factory machines, and all these represent opportunities for the bad guys to infiltrate. This explosion of endpoints that I'm talking about is created massive exposures, and we're seeing it manifest itself in the form of phishing, malware, and of course the weaponization of social media. You know, if you think that 2016 was nuts, wait 'til you see how the 2020 presidential election plays out. And of course, there's always the threat of ransomware. It's on everybody's minds these days. So I want to try to put some of this in context and share with you some insights that we've learned from the experts on theCUBE. And then let's drill into some of the ETR data and assess the state of security, the spending patterns. We're going to try to identify some of those companies with momentum and maybe some of those that are a little bit exposed. Let me start with the macro and the challenged faced by organization and that's complexity. Here's Robert Herjavec on theCUBE. Now, you know him from the Shark Tank, but he's also a security industry executive. Herjavec told me in 2017 at the Splunk.com Conference that he thought the industry was overly complex. Let's take a look and listen. >> I think that the industry continues to be extremely complicated. There's a lot of vendors. There's a lot of products. The average Fortune 500 company has 72 security products. There's a stat that RSA this year, that there's 1500 new security start-ups every year. Every single year. How are they going to survive? And which ones do you have to buy because they're critical and provide valuable insights? And which ones are going to be around for a year or two and you're never going to hear about again? So it's a extremely challenging complex environment. >> So it's that complexity that had led people like Pat Gelsinger to say security is a do-over, and that cyber security is broken. He told me this years ago on theCUBE. And this past VM World we talked to Pat Gelsinger and remember, VMware bought Carbon Black, which is an endpoint security specialist, for $2.1 billion. And he said that he's basically creating a cloud security division to be run by Patrick Morley, who is the Carbon Black CEO. Now, many have sort of questioned and been skeptical about VMware's entrance into the space. But here's a clip that Pat Gelsinger shared with us on theCUBE this past VM World. Let's listen and we'll come back and talk about it. >> And this move in security, I am just passionate about this, and as I've said to my team, if this is the last I do in my career is I want to change security. We just not are satisfying our customers. They shouldn't put more stuff on our platforms. >> National defense issues, huge problems. >> It's just terrible. And I said, if it kills me, right, I'm going to get this done. And they says, "It might kill you, Pat." >> So this brings forth an interesting dynamic in the industry today. Specifically, Steven Smith, the CISO of AWS, at this year's Reinforce, which is their security conference, Amazon's big cloud security conference, said that this narrative that security is broken, it's just not true, he said. It's destructive and it's counterproductive. His and AWS's perspective is that the state of cloud security is actually strong. Kind of reminded me of a heavily messaged State of the Union address by the President of the United States. At the same time, in many ways, AWS is doing security over. It's coming at it from the standpoint of a clean slate called cloud and infrastructure as a surface. Here's my take. The state of security in this union is not good. Every year we spend more, we lose more, and we feel less safe. So why does AWS, the security czar, see if differently? Well, Amazon uses this notion of a shared responsibility security model. In other words, they secure the S3 buckets, maybe the EC2 infrastructure, not maybe, the EC2 infrastructure. But it's up to the customer to make sure that she is enforcing the policies and configuring systems that adhere to the EDIX of the corporation. So I think the shared security model is a bit misunderstood by a lot of people. What do I mean by that? I think sometimes people feel like well, my data's in the cloud, and AWS has better security than I do. Here I go, I'm good. Well, AWS probably does have better security than you do. Here's the problem with that. You still have all these endpoints and databases and file servers that you're managing, and that you have to make sure comply with your security policies. Even if you're all on the cloud, ultimately, you are responsible for securing your data. Let's take a listen to Katie Jenkins, the CISO of Liberty Mutual, on this topic and we'll come back. >> Yeah, so the shared responsibility model is, I think that's an important speaking point to this whole ecosystem. At the end of the day, Liberty Mutual, our duty is to protect policyholder data. It doesn't matter if it's in the cloud, if it's in our data centers, we have that duty to protect. >> It's on you. >> All right, so there you have it from a leading security practitioner. The cloud is not a silver bullet. Bad user behavior is going to trump good security every time. So unfortunately the battle goes on. And here's where it gets tricky. Security practitioners are drowning in a sea of incidents. They have to prioritize and respond to, and as you heard Robert Herjavec say, the average large company has 75 security products installed. Now, we recently talked to another CISO, Brian Lozada, and asked him what's the number one challenge for security pros. Here's what he said. >> Lack of talent. I mean, we're starving for talent. Cyber security's the only field in the world with negative unemployment. We just don't have the actual bodies to actually fill the gaps that we have. And in that lack of talent CISOs are starving. We're looking for the right things or tools to actually patch these holes and we just don't have it. Again, we have to force the industry to patch all of those resource gaps with innovation and automation. I think CISOs really need to start asking for more automation and innovation within their programs. >> So bottom line is we can't keep throwing humans at the problem. Can't keep throwing tools at the problem. Automation is the only way in which we're going to be able to keep up. All right, so let's pivot and dig in to some of the ETR data. First, I want to share with you what ETR is saying overall, what their narrative looks like around spending. So in the overall security space, it's pretty interesting what ETR says, and it dovetails into some of the macro trends that I've just shared with you. Let's talk about CIOs and CISOs. ETR is right on when they tell me that these executives no longer have a blank check to spend on security. They realize they can't keep throwing tools and people at the problem. They don't have the bodies, and as we heard from Brian Lozada. And so what you're seeing is a slowdown in the growth, somewhat of a slowdown, in security spending. It's still a priority. But there's less redundancy. In other words, less experimentation with new vendors and less running systems in parallel with legacy products. So there's a slowdown adoption of new tools and more replacement of legacy stuff is what we're seeing. As a result, ETR has identified this bifurcation between those vendors that are very well positioned and those that are losing wallet share. Let me just mention a few that have the momentum, and we're going to dig into this data in more detail. Palo Alto Networks, CrowdStrike, Okta, which does identity management, Cisco, who's coming at the problem from its networking strength. Microsoft, which recently announced Sentinel for Azure. These are the players, and some of them that are best positioned, I'll mention some others, from the standpoint spending momentum in the ETR dataset. Now, here's a few of those that are losing momentum. Checkpoint, SonicWall, ArcSight, Dell EMC, which is RSA, is kind of mixed. We'll talk about that a little bit. IBM, Symantec, even FireEye is seeing somewhat higher citations of decreased spending in the ETR surveys and dataset. So there's a little bit of a cause for concern. Now, let's remember the methodology here. Every quarter ETR asks are you green, meaning adopting this vendor as new or spending more? Are you neutral, which is gray, are you spending the same? Or are you red, meaning that you're spending less or retiring? You subtract the red from the green and you get what's called a net score. The higher the net score, the better. So here's a chart that shows a ranking of security players and their net scores. The bars show survey data from October '18, July '19, and October '19. In here, you see strength from CrowdStrike, Okta, Twistlock, which was acquired by Palo Alto Networks. You see Elastic, Microsoft, Illumio, the core, Palo Alto Classic, Splunk looking strong, Cisco, Fortinet, Zscaler is starting to show somewhat slowing net score momentum. Look at Carbon Black. Carbon Black is showing a meaningful drop in net score. So VMware has some work to do. But generally, the companies to the left are showing spending momentum in the ETR dataset. And I'll show another view on net score in a moment. But I want to show a chart here that shows replacement spending and decreased spending citations. Notice the yellow. That's the ETR October '19 survey of spending intentions. And the bigger the yellow bar, the more negative. So Sagar, the director of research at ETR, pointed this out to me, that, look at this. There are about a dozen companies where 20%, a fifth of the customer base is decreasing spend or ripping them out heading into the year end. So you can see SonicWall, CA, ArcSight, Symantec, Carbon Black, again, a big negative jump. IBM, same thing. Dell EMC, which is RSA, slight uptick. That's a bit of a concern. So you can see this bifurcation that ETR has been talking about for awhile. Now, here's a really interesting kind of net score. What I'm showing here is the ETR data sorted by net score, again, higher is better, and shared N, which is the number of shared accounts in the survey, essentially the number of mentions in that October survey with 1,336 IT buyers responded. So how many of that 1,300 identified these companies? So essentially it's a proxy for the size of the install base. So showing up on both charts is really good. So look, CrowdStrike has a 62% net score with a 133 shared account. So a fairly sizable install base and a very high net score. Okta, similar. Palo Alto Networks and Splunk, both large, continue to show strength. They got net scores of 44% and 313 shared N. Fortinet shows up in both. Proofpoint. Look at Microsoft and Cisco. With 521 and 385 respectively on the right hand side. So big install bases with very solid net scores. Now look at the flip side. Go down to the bottom right to IBM. 132 shared accounts with a 14.4% net score. That's very low. Check Point similarly. Same with Symantec. Again, bifurcation that ETR has been citing. Really stark in this chart. All right, so I want to wrap. In some respects from a practitioner perspective, the sky erectus is falling. You got increased attack surface. You've got exploding number of IP addresses. You got data distributed all over the place, tool creep. You got sloppy user behavior, overwork security op staff, and a scarcity of skills. And oh, by the way, we're all turning into a digital business, which is all about data. So it's a very, very dangerous time for companies. And it's somewhat chaotic. Now, chaos, of course, can mean cash for cyber security companies and investors. This is still a very vibrant space. So just by the way of comparison and looking at some of the ETR data, check this out. What I'm showing is companies in two sectors, security and storage, which I've said in previous episodes of breaking analysis, storage, and especially traditional storage disk arrays are on the back burner spending wise for many, many shops. This chart shows the number of companies in the ETR dataset with a net score greater than a specific target. So look, security has seven companies with a 49% net score or higher. Storage has one. Security has 18 above 39%. Storage has five. Security has 31 companies in the ETR dataset with a net score higher than 30%. Storage only has nine. And I like to think of 30% as kind of that the point at which you want to be above that 30%. So as you can see, relatively speaking, security is an extremely vibrant space. But in many ways it is broken. Pat Gelsinger called it a do-over and is affecting a strategy to fix it. Personally, I don't think one company can solve this problem. Certainly not VMware, or even AWS, or even Microsoft. It's too complicated, it's moving too fast. It's so lucrative for the bad guys with very low barriers to entry, as I mentioned, and as the saying goes, the good guys have to win every single day. The bad guys, they only have to win once. And those are just impossible odds. So in my view, Brian Lozada, the CISO that we interviewed, nailed it. The focus really has to be on automation. You know, we can't just keep using brute force and throwing tools at the problem. Machine intelligence and analytics are definitely going to be part of the answer. But the reality is AI is still really complicated too. How do you operationalize AI? Talk to companies trying to do that. It's very, very tricky. Talk about lack of skills, that's one area that is a real challenge. So I predict the more things change the more you're going to see this industry remain a game of perpetual whack a mole. There's certainly going to be continued consolidation, and unquestionably M&A is going to be robust in this space. So I would expect to see continued storage in the trade press of breaches. And you're going to hear scare tactics by the vendor community that want to take advantage of the train wrecks. Now, I wish I had better news for practitioners. But frankly, this is great news for investors if they can follow the trends and find the right opportunities. This is Dave Vellante for Cube Insights powered by ETR. Connect with me at David.Vellante@siliconangle.com, or @dvellante on Twitter, or please comment on what you're seeing in the marketplace in my LinkedIn post. Thanks for watching. Thank you for watching this breaking analysis. We'll see you next time. (energetic music)

>> From the Silicon Angle Media office, in Boston Massachusetts, it's the Cube. Now, here's your host, Dave Vellante. >> Hi everybody, welcome to this Cube Conversation here in our studios, outside of Boston. My name is Dave Vellante. I'm here with Matt Carroll, who's the CEO of Immuta. Matt, good to see ya. >> Good, nice to have me on. >> So we're going to talk about governance, how to automate governance, data privacy, but let me start with Immuta. What is Immuta, why did you guys start this company? >> Yeah, Immuta is an automated data governance platform. We started this company back in 2014 because we saw a gap in the market to be able to control data. What's happened in the market as changes is that every enterprise wants to leverage their data. Data's the new app. But, governments want to regulate it and consumers want to protect it. These were at odds with one another, so we saw a need of creating a platform that could meet the needs of everyone. To democratize access to data and in the enterprise, but at the same time, provide the necessary controls on the data to enforce any regulation, and ensure that there was transparency as to who is using it and why. >> So let's unpack that a little bit. Just try to dig into the problem here. So we all know about the data explosion, of course, and I often say data used to be a liability, now it's turned into an asset. People used to say get rid of the data, now everybody wants to mine it, and they want to take advantage of it, but that causes privacy concerns for individuals. We've seen this with Facebook and many others. Regulations now come into play, GDPR, different states applying different regulations, so you have all these competing forces. The business guys just want to go and get out to the market, but then the lawyers and the compliance officers and others. So are you attacking that problem? Maybe you could describe that problem a little further and talk about how you guys... >> Yeah, absolutely. As you described, there's over 150 privacy regulations being proposed over 25 states, just in 2019 alone. GDPR has created or opened the flood gates if you will, for people to start thinking about how do we want to insert our values into data? How should people use it? And so, the challenge now is, you're right, your most sensitive data in an enterprise is most likely going to give you the most insight into driving your business forward, creating new revenue channels, and be able to optimize your operational expenses. But the challenge is that consumers have awoken to, we're not exactly sure we're okay with that, right? We signed a YULU with you to just use our data for marketing, but now you're using it for other revenue channels? Why? And so, where Immuta is trying to play in there is how do we give the line of business the ability to access that instantaneously? But also give the CISO, the Chief Information Security Officer, and the governance seems the ability to take control back. So it's a delicate balance between speed and safety. And I think what's really happening in the market is we used to think about security from building firewalls, we invested in physical security controls around managing external adversaries from stealing our data. But now it's not necessarily someone trying to steal it, it's just potentially misusing it by accident in the enterprise. And the CISO is having to step in and provide that level of control. And it's also the collision of the cloud and these privacy regulations. Cause now, we have data everywhere, it's not just in our firewalls. And that's the big challenge. That's the opportunity at hand, democratization of data in the enterprise. The problem is data's not all in the enterprise. Data's in the cloud, data's in SaaS, data's in the infrastructure. >> It's distributed by it's very nature. All right, so there's a lot of things I want to follow up on. So first, there's GDPR. When GDPR came out of course, it was May of 2018 I think. It went into effect. It actually came out in 2017, but the penalties didn't take effect till '18. And I thought, okay, maybe this can be a framework for governments around the world and states. It sounds like yeah sort of, but not really. Maybe there's elements of GDPR that people are adopting, but then it sounds like they're putting in their own twists, which is going to be a nightmare for companies. So, are you not seeing a sort of, GDPR becoming this global standard? It sounds like, no. >> I don't think it's going to be necessarily global standard, but I do think the spirit of the GDPR, and at the core of it is, why are you using my data? What was the purpose? So traditionally, when we think about using data, we think about all right, who's the user, and what authorizations do they have, right? But now, there's a third question. Sure, you're authorized to see this data, depending on your role or organization right? But why are you using it? Are you using it for certain business use? Are you using it for personal use? Why are you using this? That's the spirit of GDPR that everyone is adopting across the board. And then of course, each state, or each federal organization is thinking about their unique lens on it, right? And so you're right. This is going to be incredibly complex. And the amount of policies being enforced at query time. I'm in my favorite, let's just say I'm in Tableau or Looker right? I'm just some simple analyst, I'm a young kid, I'm 22, my first job right? And I'm running these queries, I don't know where the data is, right? I don't know what I'm combining. And what we found is on average in these large enterprises, any query at any moment in time, might have over 500 thousand policies that need to be enforced in real time. >> Wow. >> And it's only getting worse. We have to automate it. No human can handle all those edge cases. We have to automate. >> So, I want to get into how you guys actually do that. Before I do, there seems to be... There's a lot of confusion in the marketplace. Take the word data management, data protection. All the backup guys are using that term, the database guys use that term, GOC folks use that term, so there's a lot of confusion there. You have all these adjacent markets coming together. You've got the whole governance risk and compliance space, you've got cyber security, there's privacy concerns, which is kind of two sides of the same coin. How do you see these adjacencies coming together? It seems like you sit in the middle of all that. >> Yeah, welcome to why my marketing budget is getting bigger and bigger. The challenge we're facing now is I think, who owns the problem right? The Chief Data Officer is taking on a much larger role in these organizations, the CISO is taking a much more larger role in reporting up to the board. You have the line of business who now is almost self-sustaining, they don't have to depend on IT as much any longer because of the cloud and because of the new compute layers to make it easier. So who owns it? At the end of the day, where we see it is we think there's a next generation of cyber tools that are coming out. We think that the CISO has to own this. And the reason is that the CISO's job is to protect the enterprise from cyber risk. And at the core of cyber risk is data. And they must own the data problem. The CDO must find the data, and explain what that data is, and make sure it's quality, but it is the CISO that must protect the enterprise from these threats. And so, I see us as part of this next wave of cyber tools that are coming out. There's other companies that are equally in our stratosphere, like BigID, we're seeing AWS with Macy doing sensitive data discovery, Google has their data loss prevention service. So the cloud players are starting to see, hey, we've got to identify sensitive data. There's other startups that are saying hey, we got to identify and catalog sensitive data. And for us, we're saying hey, we need to be able to consume all that cataloging, understand what's sensitive, and automatically apply policies to ensure that any regulation in that environment is met. >> I want to ask you about the cloud too. So much to talk to you about here, Matt. So, I also wanted to get your perspective on variances within industries. So you mentioned Chief Data Officers. The ascendancy of the Chief Data Officers started in financial services, healthcare, and government where we had highly regulation industries. And now it's sort of seeped into more commercial. But it terms of those regulated industries, take healthcare for example. There are specific nuances. Can you talk about what you're seeing in terms of industry variance. >> Yeah, it's a great point. Starting with like, healthcare. What does it mean to be HIPPA compliant anymore? There are different types of devices now where I can point it at your heartbeat from a distance away and I can have 99 percent accuracy of identifying you, right? It takes three data points in any data set to identify 87 percent of US citizens. If I have your age, sex, location, I can identify you. So, what does it mean anymore to be HIPPA compliant? So the challenge is how do we build guarantees of trust that we've de-identified these DESA's, cause we have to use it, right? No one's going to go into a hospital and say, "You know what, I don't want you to say my life. "Cause I want my data protected," right? No one's ever going to say that. So the challenges we face now across these regulated industries is the most sensitive data sets are critical for those businesses to operate. So there has to be a compromise. So, what we're trying to do in these organizations is help them leverage their data and build levels of proportionality, to access that right? So, the key isn't to stop people from using data. The key is to build the controls necessary to leverage a small bit of the data. Let's just say, we've made it indistinguishable. You can only ask Agriculture and Statistics the question. Well, you know what, we actually found some really interesting things there, we need to be a little bit more useful, it's this trade-off between privacy and utility. It's a pendulum that swings back and forth. As someone proves I need more of this, you can swing it, or just mask it. I need more of it? All right, we'll just redact some of the certain things. Nope, this is really important, it's going to save someone's life. Okay, completely unmasked, you have the raw data. But it's that control that's necessary in these environments, that's what's missing. You know, we came out of the US Intelligence community. We understood this better than anyone. Because highly regulated, very sensitive data, but we knew we needed the ability to rapidly control. Well is this just a hunch, or is this a 9-11 event? And you need the ability to switch like that. That's the difference and so, healthcare is going through a change of, we have all these new algorithms. Like Facebook the other day said, hey, we have machine learning algorithms that can look at MRI scans, and we're going to be better than anyone in the world at identifying these. Do you feel good about giving your data to Facebook? I don't know, but we can maybe provide guaranteed anonymization to them, to prove to the world they're going to do right. That's where we have to get to. >> Well, this is huge, especially for the consumer, cause you just gave several examples. Facebook's going to know a lot about me, a mobile device, a Fit Bit, and yet, if I want to get access to my own medical records, it's like Fort Knox to try to get, please, give this to my insurance company. You know, you got to go through all these forms. So, you've got those diverging objectives and so, as a consumer, I want to be able to trust that when I say yes you can use it, go, and I can get access to it, and other can get access to it. I want to understand exactly what it is that you guys do, what you sell. Is it software, is it SAS, and then let's get into how it works. So what is it? >> Yeah, so we're a software platform. We deploy into any infrastructure, but it is not multi-tenant so, we can deploy on any cloud, or on premises for any customer, and we do that with customers across the world. But if you think about at the core of what is Immuta, think of Immuta as a system of record for the CISO or the line of business where I can connect to any data, on any infrastructure, on any compute layer, and we connect into over 61 different storage platforms. We then have built a UI where lawyers... We actually have three lawyers as employees that act as product managers to help any lawyer of any stature take what's on paper, these regulations, these rules and policies, and they digitize it essentially, in active code. So they can build any policy they want on any data in the ecosystem, in the enterprise, and enforce it globally without having to write any code. And then because we're this plane where you can connect any tool to this data, and enforce any regulation because we're the man in the middle, we can audit who is using what data and why. In every action, in any change in policy. So, if you think about it, it's connect any tool to any data, control it, any regulation, and prove compliance in a court of law. >> So you can set the policy at the data set level? >> Correct. >> And so, how does one do that? Can you automate that on the creation of that data set? I mean you've got you know, dependencies. How does that all work? >> Yeah, what's a really interesting part of our secret sauce is that one, we could do that at the column level, we can do it at the row level, we can do it at the cell level. >> So very granular. >> Very, very granular. This is something again, we learned from the US Intelligence community, that we have to have very fine grained access to every little bit of the data. The reason is that, especially in the age of data, is people are going to combine many data sets together. The challenge isn't enforcing the policy on a static data set, the challenge is enforcing the policy across three data sets where you merge three pieces of data together, who have conflicting policies. What do you do then? That's the beauty of our system. We deal with that policy inheritance, we manage that lineage of the policy, and can tell you here's what the policy will be. >> In other words, you can manage to the highest common denominator as an example. >> Or we can automate it to the lowest common denominator, where you can work in projects together recognizing hey, we're going to bring someone into the project that's not going to have the level of access. Everyone else will automatically change it to the lowest common denominator. But then you share that work with another team and it'll automatically be brought to the highest common denominator. And we've built all these work flows in. That was what was missing and that's why I call it a system of record. It's really a symbiotic relationship between IT, the data owner, governance, the CISO, who are trying to protect the data, and the consumer, and all they want to do is access the data as fast as possible to make better, more informed decisions. >> So the other mega-trend you have is obviously, the super power of machine intelligence, or artificial intelligence, and then you've got edge devices and machine to machine communication, where it's just an explosion of IP addresses and data, and so, it sounds like you guys can attack that problem as well. >> Any of this data coming in on any system, the idea is that eventually it's going to land somewhere, right? And you got to protect it. We call that like rogue data, right? This is why I said earlier, when we talk about data, we have to start thinking about it as it's not in some building anymore. Data's everywhere. It's going to be on a cloud infrastructure, it's going to be on premises, and it's likely, in the future, going to be on many distributed data centers around the world cause business is global. And so, what's interesting to us is no matter where the data's sitting, we can protect it, we can connect to it, and we allow people to access it. And that's the key thing is not worrying about how to lock down your physical infrastructure, it's about logically separating it. And that's why what differentiates us from other people is one, we don't copy the data, right? That's the always the barrier for these types of platforms. We leave the data where it is. The second is we take all those regulations and we can actually, at query time, push it down to where that data is. So rather than bring it to us, we push the policy to the data. And what that does is that's what allows us, what differentiates us from everyone else is, it allows us to guarantee that protection, no matter where the data's living. >> So you're essentially virtualizing the data? >> Yeah, yeah. It's virtual views of data, but it's not all the data. What people have to realize is in the day of apps, we cared about storage. We put all the data into a database, we built some services on top of it and a UI, and it was controlled that way, right? You had all the nice business logic to control it. In the age of data, right? Data is the new app, right? We have all these automation tools, Data Robot, and H20, and Domino, and Tableau's building all these automation work flows. >> The robotic process automation. >> Yeah, RPA, UI Path, the Work Fusion, right? They're making it easier and easier for any user to connect to any data and then automate the process around it. They don't need an app to build a unique work flows, these new tools do that for them. The key is getting to the data. And the challenge with the supply chain of data is time to data is the most critical aspect of that. Cause, the time to insight is perishable. And so, what I always tell people, a little story, I came from the government, I worked in Baghdad, we had 42 minutes to know whether or not a bad guy in the environment, we could go after him. After that, that data was perishable, right? We didn't know where he was. It's the same thing in the real world. It's like imagine if Google told you, well, in 42 minutes it might be a good time to go 495. (laughter) It's not very useful, I need to know the information now. That's the key. What we see is policy enforcement and regulations are the key barrier of entry. So our ability to rapidly, with no latency, be able to connect anyone to that data and enforce those policies where the data lives, that's the critical nature. >> Okay, so you can apply the policies and you do it quickly, and so now you can help solve the problem. You mentioned a cloud before, or on prem. What is the strategy there with regard to various clouds and how do you approach multi-clouds? >> I think cloud is what used to be an infrastructure as a service game, is now becoming a compute game. I think large, regulated enterprises, government, healthcare, financial services, insurance, are all moving to cloud now in a different way. >> What do you mean by that? Cause people think infrastructure as service, they'll say oh that's compute storage and some networking. What do you mean by that? >> I think there's a whole new age of software that's being laid on top of the availability of compute and the availability of storage. That's companies like Databricks, companies like Snowflake, and what they're doing is dramatically changing how people interact with data. The availability zones, the different types of features, the ability to rip and replace legacy warehouses and main frames. It's changing the ability to not just access, but also the types of users that could even come on to leverage this data. And so these enterprises are now thinking through, "How do I move my entire infrastructure of data to them? "And what are these new capabilities "that I could get out of that?" Which, that is just happening now. A lot of people have been thinking, "Oh, this has been happening over the past five years," no, the compute game is now the new war. I used to think of like, Big Data, right? Big Data created, everyone started to understand, "Ah, if we've got our data assets together, "we can get value." Now they're thinking, "All right, let's move beyond that." The new cloud at our currents works is Snowflake and Databricks. What they're thinking about is, "How do I take all your meta-data "and allow anyone to connect any BI tool, "any data science tool, and provide highly performance, "and highly dependable compute services "to process petabytes of data?" It's pretty fantastic. >> And very cost efficient and being able to scale, compute independent of storage, from an architectural perspective. A lot of people claim they can do that, but it doesn't scale the same way. >> Yeah, when you're talking about... Cause that's the thing is you got to remember, these financial systems especially, they depend on these transactions. They cannot go down and they're processing petabytes of data. That's what the new war is over, is that data in the compute layer. >> And the opportunity for you is that data that can come from anywhere, it's not sitting in a God box, where you can enforce policies on that corpus. You don't know where it's coming from. >> We want to be invisible to that right? You're using Snowflake, it's just automatically enforced. You're using Databricks, it's automatically enforced. All these policies are enforced in flight. No one should even truly care about us. We just want to allow you to use the data the way you're used to using it. >> And you do this, this secret sauce you talked about is math, it's artificial intelligence? >> It's math. I wish I could say it was like super fancy, unsupervised neural nets or what not, it's 15 years of working in the most regulated, sticky environments. We learned about very simple novel ways of pushing it down. Great engineering's always simple. But what we've done is... At query time, what's really neat is we figured a way to take user attributes from identity management system and combine that with a purpose, and then what we do is we've built all these libraries to connect into all these dispert storage and compute systems, to push it in there. The nice thing about that is prior to this what people were doing, was making copies. They'd go to the data engineering team and they'd say hey, "I need to ETL this "and get a copy and it'll be anatomized." Think about that for a second. One, the load on your production systems, of all these copies, all the time, right? The second is CISO, the surface area. Now you've got all this data that in a snapshot in time, is legal and ethical, might change tomorrow. And so, now you've got an increase surface area of risk. Like that no-copy aspect. So the pushing it down and then the no-copy aspect really changed the game for enterprises. >> And you've got providence issues, like you say. You've got governance and compliance. >> And imagine trying, if someone said to you, imagine Congress said hey, "Any data source that you've processed "over the past five years, I want to know if "there was these three people in any of these data sources "and if there were, who touched that data "and why did they touch it?" >> Yeah and storage is cheap, but there's unintended consequences. People are, management isn't. >> We just don't have a unified way to look at all of the logs cross listed. >> So we started to talk about cloud and then I took you down a different path. But you offer your software on any cloud, is that right? >> Yeah, so right now, we are in production on Immuta's Marketplace. And that is a managed service, so you can go deploy in there, it'll go into your VPC, and we can manage the updates for you, we have no insight into your infrastructure, but we can push those updates, it'll automatically update, so you're getting our quarterly releases, we release every season. But yeah, we started with AWBS, and then we will grow out. We see cloud is just too ubiquitous. Currently, we still support though, Bigquery, Data Praq, we support Azure, Data Light Storage version two, as well as Azure Databricks. But you can get us through Immuta's Marketplace. We're also investing in ReInvent, we'll be out there in Vegas in a couple weeks. It's a big event for us just because obviously, the government has a very big stake in AWBS, but also commercial customers. It's been a massive endeavor to move. We've seen lots of infrastructure. Most of our deals now are on cloud infrastructure. >> Great, so tell us about the company. You've raised, I think in a Series B, about 28 million to date. Maybe you could give us the head count, and whatever you can share about momentum, maybe customer examples. >> Yeah, so we've raised 32 million to date. >> 32 million. >> From some great investors. The company's about 70 people now. So not too big, but not small anymore. Just this year, at this point, I haven't closed my fiscal year, so I don't want to give too much, but we've doubled our ARR and we've tripled our LOGO count this year alone and we've still got one more quarter here. We just started our fourth quarter. And some customer cases, the way I think about our business is I love healthcare, I love government, I love finance. To give you some examples is like, COGNO is a really great example. COGNO and what they're trying to solve is can they predict where a child is on the autism spectrum? And they're trying to use machine learning to be able to narrow these children down so that they can see patterns as to how a provider, a therapist is helping these families give these kids the skills to operate in the real world. And so it's like this symbiotic relationship utilizing software, surveys and video and what not, to help connect these kids that are in similar areas of the spectrum, to help say hey, this is a successful treatment, right? The problem with that is we need lots of training data. And this is children, one, two, this is healthcare, and so, how do you guarantee HIPPA compliance? How do you get through FDA trials, through third party, blind testing? And still continue to validate and retrain your models, while protecting the identity of these children? So we provide a platform where we can anonymize all the data for them, we can guarantee that there's blind studies, where the company doesn't have access to certain subsets of the data. We can also then connect providers to gain access to the HIPPA data as needed. We can automate the whole thing for them. And they're a startup too, there are 100 people. But imagine if you were a startup in this health-tech industry and you had to invest in the backend infrastructure to handle all of that. It's too expensive. What we're unlocking for them, I mean yes, it's great that they're HIPPA compliant and all that, that's what we want right? But the more important thing is like, we're providing a value add to innovate in areas utilizing machine learning, that regulations would've stymied, right? We're allowing startups in that ecosystem to really push us forward and help those families. >> Cause HIPPA compliance is table stay compulsory. But now you're talking about enabling new business models. >> Yeah, yeah exactly. >> How did you get into all this? You're CEO, you're business savvy, but it sounds like you're pretty technical as well. What's your background? >> Yeah I mean, so I worked in the intelligence community before this. And most of my focus was on how do we take data and be able to leverage it, either for counter-terrorism missions, to different non-kinetic operations. And so, where I kind of grew up in is in this age of, think about billions of dollars in Baghdad. Where I learned is that through the computing infrastructure there, everything changed. 2006 Baghdad created this boom of technology. We had drones, right? We had all these devices on our trucks that were collecting information in real time and telling us things. And then we started building computing infrastructure and it burst Hadoop. So, I kind of grew up in this era of Big Data. We were collecting it all, we had no idea what to do with it. We had nowhere to process it. And so, I kind of saw like, there's a problem here. If we can find the unique little, you know, nuggets of information out of that, we can make some really smart decisions and save lives. So once I left that community, I kind of dedicated myself to that. The birth of this company again, was spun out of the US Intelligence community and it was really a simple problem. It was, they had a bunch of data scientists that couldn't access data fast enough. So they couldn't solve problems at the speed they needed to. It took four to six months to get to data, the mission said they needed it in less than 72 hours. So it was orthogonal to one another, and so it was very clear we had to solve that problem fast. So that weird world of very secure, really sensitive, but also the success that we saw of using data. It was so obvious that we need to democratize access to data, but we need to do it securely and we need to be able to prove it. We work with more lawyers in the intelligence community than you could ever imagine, so the goal was always, how do we make a lawyer happy? If you figure that problem out, you have some success and I think we've done it. >> Well that's awesome in applying that example to the commercial business world. Scott McNeely's famous for saying there is no privacy in the internet, get over it. Well guess what, people aren't going to get over it. It's the individuals that are much more concerned with it after the whole Facebook and fake news debacle. And as well, organizations putting data in the cloud. They need to govern their data, they need that privacy. So Matt, thanks very much for sharing with us your perspectives on the market, and the best of luck with Immuta. >> Thanks so much, I appreciate it. Thanks for having me out. >> All right, you're welcome. All right and thank you everybody for watching this Cube Conversation. This is Dave Vellante, we'll see ya next time. (digital music)

>> from Seattle WASHINGTON. It's the Q covering AWS Imagine brought to you by Amazon Web service is >> Hey, welcome back already, Jeffrey. Here with the cue, we're in downtown Seattle at the AWS. Imagine, Edie, you event. It's a small conference. It's a second year, but it'll crow like a weed like everything else does the of us. And it's all about Amazon and a degree. As for education, and that's everything from K through 12 community college, higher education, retraining vets coming out of the service. It's a really big area. And we're really excited to have fresh off his keynote presentations where he changed his title on me from what it was >> this morning tow. It was the senator duties >> David Raymond, the director of what was the Virginia Cyber Range and now is the U. S. Cyber range. Virginia Tech. David, Great to see you. >> Yeah, Thank you. Thanks. So the Virginia cyber age actually will continue to exist in its current form. Okay, Well, it'll still serve faculty and students in the in the Commonwealth of Virginia, funded by the state of Virginia. Now the U. S. Cyber Angel fund will provide service to folks outside over, >> so we jumped ahead. So? So it's back up. A step ladder is the Virginia, >> So the Virginia Cyber Range provides courseware and infrastructure so students could do hands on cyber security, educational activities in Virginia, high schools and colleges so funded by the state of Virginia and, um provides this service at no charge to the schools >> and even in high school, >> even in high school. Yes, so now that there are now cybersecurity courses in the Virginia Department of Education course catalogue as of two years ago, and I mean they've grown like wildfire, >> I'm just so a ton of talk here about skills gap. And there's tremendous skills gap. Even the machine's gonna take everybody's job. There's a whole lot of jobs are filled, but what's interesting? I mean, it's the high school angle is really weird. I mean, how do you Most high school kids haven't even kind of clued in tow, privacy and security, opting in and opting out. It's gotta be a really interesting conversation when now you bring security into that a potential career into that and directly reflects on all those things that you do on your phone. >> Well, I would argue that that's exactly the problem. Students are not exposed to cyber security, you know. They don't want the curia potentials are they really don't understand what it is we talked about. We talked about teenagers being digital natives. Really? They know how to use smartphones. They know how to use computers, but they don't understand how they work. And they don't understand the security aspects that go along with using all this technology. And I would argue that by the time a student gets into college they have a plan, right? So I have a student in college. He's he's gonna be a doctor. He knows what a doctor is. He heard of that his whole life. And in high school, he was able to get certified as a nursing assistant. We need cyber security in that same realm, right? If we start students in high school and we and we expose them to cybersecurity courses, they're all elective courses. Some of the students will latch onto it, and I'll say, Hey, this is what I want to be when I grew up. And in Virginia, we have we have this dearth of cyber security expertise and this is true across the country. In Virginia, right now, we have over 30,000 cyber security jobs that are unfilled. That's about 1/3 of the cyber security jobs in this state. And I mean, that's a serious problem, not only in Virginia but nationwide. And one of the ways to fix that is to get high school students exposed to cybersecurity classes, give them some real hands on opportunities. So they're really doing it, not just learning the words and passing the test, and I mean really again in Virginia, this is this is grown like wildfire and really thinks revolutionized cybersecurity education in the state. >> And what are some of the topics that say, a high school level, where you know you're kind of getting versed on the vocabulary and the terminology vs when they go into into college and start to take those types, of course, is >> yeah, so in Virginia, there's actually cybersecurity courses across the C T E career pathways. And so SETI is the career and technical education curricula. And so there are courses like cyber security and health care, where students learn about personal health data and how to secure that specific specific kinds of data, they learn about the regulations behind that data. There's healthcare in manufacturing, where students learn about industrial control systems and you know how those things need to be secured and how they're different from a laptop or a phone. And the way those air secured and what feeds into all of those courses is an introductory course. Cyber security fundamentals, where students learn some of the very basics they learn the terminology. They learn things like the C I. A. Triad right, confidentiality, integrity and availability of the three basic components of security that you try to maintain for any system. So they start out learning the basics. But still they're doing that hands on. So they're so they're in a network environment where they see that you know that later on in the course during Capstone exercises, they might see someone trying to attack a computer that they're that they're tasked to defend and a defender of what does that look like? What are the things that I'm going to do? That computer? You know, I might install anti virus. I might have a firewall on the computer. And how do I set that up and etcetera etcetera. So high school start with the basics. As as students progressed through their high school years, there are opportunities to take further more advanced classes in the high schools. And then when they get to college, some of those students are gonna have latched onto cyber security as a potential career field. Now, now we've got him right way, get him into the right into the right majors and into the right courses. And our hope is that that's gonna sort of kick start this pipeline of students in Virginia colleges, >> right? And then I wonder if you could >> talk a little bit about the support at the state level. And it's pretty interesting that you had him from the state level we heard earlier today about supported the state level. And it was Louisiana for for another big initiative. So you know that the fact that the governor and the Legislature are basically branding this at the state level, not the individual school district level, is a pretty strong statement of the prioritization that they're putting on this >> that has been critical to our success. If we didn't have state level support, significant state level support, there's no way we could be where we are. So the previous governor of Virginia, Terry McAuliffe, he latched on to cyber security education as one of his signature initiatives. In fact, he was the president of the State Governors Association, and in that role he cybersecurity was one of his condition. So so he felt strongly about educating K 12 education college students feeding that cybersecurity pipeline Onda Cyberangels one of one of a handful of different initiatives. So they were veterans scholarships, and there were some community college scholarships and other other initiatives. Some of those are still ongoing so far are not. But but Cyber Range has been very successful. Funded by the state provides a service at no cost to high schools and colleges on Dad's Been >> critically, I can't help. We're at our say earlier this year, and I'm just thinking of all the CEOs that I was sitting with over the course of a couple of days that are probably looking for your phone number right now. Make introduction. But I'm curious. Are are the company's security companies. I mean, Arcee is a huge show. Amazon just had their first ever security conference means a lot of money being invested in this space. Are they behind it? Have you have you looked for in a kind of private company participation to help? Because they desperately need these employees? >> Definitely. So we've just started down that road, Really? I mean, our state funding has kept us strong to this point in our state funding is gonna continue into the foreseeable future. But you're right. There are definitely opportunities to work with industry. Certainly a DBS has been a very strong partner of our since the very beginning. They really I mean, without without the help of some, some of their cloud architects and other technical folks way could not have built what we built in the eight of us. Cloud. We've also been talking to Palo Alto about using some of their virtual appliances in our network environments. So yeah, so we're definitely going down the road of industry partners and that will continue to grow, I'm sure >> So then fast forward today to the keynote and your your announcement that now you taking it beyond just Virginia. So now it's the U. S. Cyber range. Have that come apart? Come about. What does that mean? >> Yes, So we've been We've been sharing the story of the Virginia cyber range for the last couple of years, and I goto national conferences and talk about it. And, um, just to just sort of inform other states, other other school systems what Virginia's doing. How could you? How could you potentially match what we're doing and what The question that I keep getting is I don't want to reinvent the wheel. How can I buy what you have? And that's been sort of a constant drumbeat over the last couple of years. So we decided fairly early on that we might want to try to expand beyond Virginia, and it just sort of the conditions were right about six months ago. So we set a mark on the wall, he said. In Summer of 2019 we're gonna make this available to folks outside of Virginia. And so, so again, the Virginia Cyberangels still exist. Funded by the Commonwealth of Virginia, the U. S cyber range is still part of Virginia Tech. So within Virginia Tech, but we will have to we will have to essentially recoup our costs so we'll have to spend money on cloud infrastructure and We'll have to spend salary money on folks who support this effort. And so we'll recoup costs from folks that are outside of Virginia using our service. But, um, we think the costs are gonna be very competitive compared to similar efforts. And we're looking forward to some successes here. >> And do you think you're you're kind of breakthrough will be at the high school level, the You know, that underground level, you know, where do you kind of see the opportunities? You've got the whole thing covered with state support in Virginia. How does that get started in California? How's that get started here? Yeah, that's a Washington state. >> That's a great question. So really, when we started this, I thought we were building a thing for higher ed. That's my experience. I've been teaching cyber security and higher ed for several years, and I knew I knew what I would want if I was using it, and I do use it. So I teach classes at Virginia Tech Graduate program. So I I used the Virginia side in my class, and, um, what has happened is that the high schools have latched onto this as I mentioned, and Most of our users are high schools. In Virginia, we have 180. Virginia High School is using the Virgin Cyber. That's almost >> 188 1 >> 180. That's almost half the high schools in the state using the Virginia cyber age. So we think. And if you think about, you know, higher. Ed has been teaching cybersecurity classes that the faculty members who have been teaching them a lot of them have set up their own network infrastructure. They have it set up the way they want it, and it ties into their existing courseware, and you know they're going to use that, At least for now. What we provide is is something that makes it so that a high school or a community college doesn't have to figure out how to fund or figure out how to actually put this network architecture together. They just come to us. They have the flexibility of the flexibility to use, just are very basic plug and play network environments, or they have flexibility to, um, make modifications depending on how sophisticated they themselves are with with, you know, manipulating systems and many playing the network so so Our expectation is that the biggest growth is going to be in the high school market, >> right? That's great, because when you say cyber range God, finally, Donna me use it like a target range. It's like a place to go practice >> where the name comes from, right? >> Absolutely. If I finally like okay, I get it. So because it's not only the curriculum and the course where and everything else but it's actually an environment, it depends on the stage things and do things exactly >> So students could d'oh offensive, offensive and defensive cybersecurity activities. And so early on, when we were teaching students howto hack essentially in colleges, you know, there were people who were concerned about that on the military case we make for that is you can't teach somebody how to defend unless they understand how they're gonna be attacked. The same is true in this case. So all of our all of our course, where has lots of ethics and no other legal and other other discussions embedded throughout. So students understand the implications of what their actions would be if they do it somewhere else. And, um, right, these are all isolated network environments their places where students can get hands on in a place where they can essentially do whatever they want without causing trouble on the school network or on the Internet. And it's very much akin to a rifle range, >> right? Like you said, you can have different scenarios. And I would imagine there's probably gonna be competitions of you think. Fact. You know what's going on in the robotics world for lots of all these things, right? Like white hat, black hat hacker. Well, very, very exciting. David, Congratulations. And it sounds like you're well on your way. Thanks. Great. Alright, >> He's David. I'm Jeff. You're watching The Cube were at Washington State Convention Centre just across the street at a W s. Imagine. Thanks for watching. We'll see you next time. >> Thanks.