>> We're back at the ARIA Las Vegas. We're covering CrowdStrike's Fal.Con 22. First one since 2019. Dave Vellante and Dave Nicholson on theCUBE. Adam Meyers is here, he is the Senior Vice President of Intelligence at CrowdStrike. Adam, thanks for coming to theCUBE. >> Thanks for having me. >> Interesting times, isn't it? You're very welcome. Senior Vice President of Intelligence, tell us what your role is. >> So I run all of our intelligence offerings. All of our analysts, we have a couple hundred analysts that work at CrowdStrike tracking threat actors. There's 185 threat actors that we track today. We're constantly adding more of them and it requires us to really have that visibility and understand how they operate so that we can inform our other products: our XDR, our Cloud Workload Protections and really integrate all of this around the threat actor. >> So it's that threat hunting capability that CrowdStrike has. That's what you're sort of... >> Well, so think of it this way. When we launched the company 11 years ago yesterday, what we wanted to do was to tell customers, to tell people that, well, you don't have a malware problem, you have an adversary problem. There are humans that are out there conducting these attacks, and if you know who they are what they're up to, how they operate then you're better positioned to defend against them. And so that's really at the core, what CrowdStrike started with and all of our products are powered by intelligence. All of our services are our OverWatch and our Falcon complete, all powered by intelligence because we want to know who the threat actors are and what they're doing so we can stop them. >> So for instance like you can stop known malware. A lot of companies can stop known malware, but you also can stop unknown malware. And I infer that the intelligence is part of that equation, is that right? >> Absolutely. That that's the outcome. That's the output of the intelligence but I could also tell you who these threat actors are, where they're operating out of, show you pictures of some of them, that's the threat intel. We are tracking down to the individual persona in many cases, these various threats whether they be Chinese nation state, Russian threat actors, Iran, North Korea, we track as I said, quite a few of these threats. And over time, we develop a really robust deep knowledge about who they are and how they operate. >> Okay. And we're going to get into some of that, the big four and cyber. But before we do, I want to ask you about the eCrime index stats, the ECX you guys call it a little side joke for all your nerds out there. Maybe you could explain that Adam >> Assembly humor. >> Yeah right, right. So, but, what is that index? You guys, how often do you publish it? What are you learning from that? >> Yeah, so it was modeled off of the Dow Jones industrial average. So if you look at the Dow Jones it's a composite index that was started in the late 1800s. And they took a couple of different companies that were the industrial component of the economy back then, right. Textiles and railroads and coal and steel and things like that. And they use that to approximate the overall health of the economy. So if you take these different stocks together, swizzle 'em together, and figure out some sort of number you could say, look, it's up. The economy's doing good. It's down, not doing so good. So after World War II, everybody was exuberant and positive about the end of the war. The DGI goes up, the oil crisis in the seventies goes down, COVID hits goes up, sorry, goes down. And then everybody realizes that they can use Amazon still and they can still get the things they need goes back up with the eCrime index. We took that approach to say what is the health of the underground economy? When you read about any of these ransomware attacks or data extortion attacks there are criminal groups that are working together in order to get things spammed out or to buy credentials and things like that. And so what the eCrime index does is it takes 24 different observables, right? The price of a ransom, the number of ransom attacks, the fluctuation in cryptocurrency, how much stolen material is being sold for on the underground. And we're constantly computing this number to understand is the eCrime ecosystem healthy? Is it thriving or is it under pressure? And that lets us understand what's going on in the world and kind of contextualize it. Give an example, Microsoft on patch Tuesday releases 56 vulnerabilities. 11 of them are critical. Well guess what? After hack Tuesday. So after patch Tuesday is hack Wednesday. And so all of those 11 vulnerabilities are exploitable. And now you have threat actors that have a whole new array of weapons that they can deploy and bring to bear against their victims after that patch Tuesday. So that's hack Wednesday. Conversely we'll get something like the colonial pipeline. Colonial pipeline attack May of 21, I think it was, comes out and all of the various underground forums where these ransomware operators are doing their business. They freak out because they don't want law enforcement. President Biden is talking about them and he's putting pressure on them. They don't want this ransomware component of what they're doing to bring law enforcement, bring heat on them. So they deplatform them. They kick 'em off. And when they do that, the ransomware stops being as much of a factor at that point in time. And the eCrime index goes down. So we can look at holidays, and right around Thanksgiving, which is coming up pretty soon, it's going to go up because there's so much online commerce with cyber Monday and such, right? You're going to see this increase in online activity; eCrime actors want to take advantage of that. When Christmas comes, they take vacation too; they're going to spend time with their families, so it goes back down and it stays down till around the end of the Russian Orthodox Christmas, which you can probably extrapolate why that is. And then it goes back up. So as it's fluctuating, it gives us the ability to really just start tracking what that economy looks like. >> Realtime indicator of that crypto. >> I mean, you talked about, talked about hack Wednesday, and before that you mentioned, you know, the big four, and I think you said 185 threat actors that you're tracking, is 180, is number 185 on that list? Somebody living in their basement in their mom's basement or are the resources necessary to get on that list? Such that it's like, no, no, no, no. this is very, very organized, large groups of people. Hollywood would have you believe that it's guy with a laptop, hack Wednesday, (Dave Nicholson mimics keyboard clacking noises) and everything done. >> Right. >> Are there individuals who are doing things like that or are these typically very well organized? >> That's a great question. And I think it's an important one to ask and it's both it tends to be more, the bigger groups. There are some one-off ones where it's one or two people. Sometimes they get big. Sometimes they get small. One of the big challenges. Have you heard of ransomware as a service? >> Of course. Oh my God. Any knucklehead can be a ransomwarist. >> Exactly. So we don't track those knuckleheads as much unless they get onto our radar somehow, they're conducting a lot of operations against our customers or something like that. But what we do track is that ransomware as a service platform because the affiliates, the people that are using it they come, they go and, you know, it could be they're only there for a period of time. Sometimes they move between different ransomware services, right? They'll use the one that's most useful for them that that week or that month, they're getting the best rate because it's rev sharing. They get a percentage that platform gets percentage of the ransom. So, you know, they negotiate a better deal. They might move to a different ransomware platform. So that's really hard to track. And it's also, you know, I think more important for us to understand the platform and the technology that is being used than the individual that's doing it. >> Yeah. Makes sense. Alright, let's talk about the big four. China, Iran, North Korea, and Russia. Tell us about, you know, how you monitor these folks. Are there different signatures for each? Can you actually tell, you know based on the hack who's behind it? >> So yeah, it starts off, you know motivation is a huge factor. China conducts espionage, they do it for diplomatic purposes. They do it for military and political purposes. And they do it for economic espionage. All of these things map to known policies that they put out, the Five Year Plan, the Made in China 2025, the Belt and Road Initiative, it's all part of their efforts to become a regional and ultimately a global hegemon. >> They're not stealing nickels and dimes. >> No they're stealing intellectual property. They're stealing trade secrets. They're stealing negotiation points. When there's, you know a high speed rail or something like that. And they use a set of tools and they have a set of behaviors and they have a set of infrastructure and a set of targets that as we look at all of these things together we can derive who they are by motivation and the longer we observe them, the more data we get, the more we can get that attribution. I could tell you that there's X number of Chinese threat groups that we track under Panda, right? And they're associated with the Ministry of State Security. There's a whole other set. That's too associated with the People's Liberation Army Strategic Support Force. So, I mean, these are big operations. They're intelligence agencies that are operating out of China. Iran has a different set of targets. They have a different set of motives. They go after North American and Israeli businesses right now that's kind of their main operation. And they're doing something called hack and lock and leak. With a lock and leak, what they're doing is they're deploying ransomware. They don't care about getting a ransom payment. They're just doing it to disrupt the target. And then they're leaking information that they steal during that operation that brings embarrassment. It brings compliance, regulatory, legal impact for that particular entity. So it's disruptive >> The chaos creators that's.. >> Well, you know I think they're trying to create a they're trying to really impact the legitimacy of some of these targets and the trust that their customers and their partners and people have in them. And that is psychological warfare in a certain way. And it, you know is really part of their broader initiative. Look at some of the other things that they've done they've hacked into like the missile defense system in Israel, and they've turned on the sirens, right? Those are all things that they're doing for a specific purpose, and that's not China, right? Like as you start to look at this stuff, you can start to really understand what they're up to. Russia very much been busy targeting NATO and NATO countries and Ukraine. Obviously the conflict that started in February has been a huge focus for these threat actors. And then as we look at North Korea, totally different. They're doing, there was a major crypto attack today. They're going after these crypto platforms, they're going after DeFi platforms. They're going after all of this stuff that most people don't even understand and they're stealing the crypto currency and they're using it for revenue generation. These nuclear weapons don't pay for themselves, their research and development don't pay for themselves. And so they're using that cyber operation to either steal money or steal intelligence. >> They need the cash. Yeah. >> Yeah. And they also do economic targeting because Kim Jong Un had said back in 2016 that they need to improve the lives of North Koreans. They have this national economic development strategy. And that means that they need, you know, I think only 30% of North Korea has access to reliable power. So having access to clean energy sources and renewable energy sources, that's important to keep the people happy and stop them from rising up against the regime. So that's the type of economic espionage that they're conducting. >> Well, those are the big four. If there were big five or six, I would presume US and some Western European countries would be on there. Do you track, I mean, where United States obviously has you know, people that are capable of this we're out doing our thing, and- >> So I think- >> That defense or offense, where do we sit in this matrix? >> Well, I think the big five would probably include eCrime. We also track India, Pakistan. We track actors out of Columbia, out of Turkey, out of Syria. So there's a whole, you know this problem is getting worse over time. It's proliferating. And I think COVID was also, you know a driver there because so many of these countries couldn't move human assets around because everything was getting locked down. As machine learning and artificial intelligence and all of this makes its way into the cameras at border and transfer points, it's hard to get a human asset through there. And so cyber is a very attractive, cheap and deniable form of espionage and gives them operational capabilities, not, you know and to your question about US and other kind of five I friendly type countries we have not seen them targeting our customers. So we focus on the threats that target our customers. >> Right. >> And so, you know, if we were to find them at a customer environment sure. But you know, when you look at some of the public reporting that's out there, the malware that's associated with them is focused on, you know, real bad people, and it's, it's physically like crypted to their hard drive. So unless you have sensor on, you know, an Iranian or some other laptop that might be target or something like that. >> Well, like Stuxnet did. >> Yeah. >> Right so. >> You won't see it. Right. See, so yeah. >> Well Symantec saw it but way back when right? Back in the day. >> Well, I mean, if you want to go down that route I think it actually came from a company in the region that was doing the IR and they were working with Symantec. >> Oh, okay. So, okay. So it was a local >> Yeah. I think Crisis, I think was the company that first identified it. And then they worked with Symantec. >> It Was, they found it, I guess, a logic controller. I forget what it was. >> It was a long time ago, so I might not have that completely right. >> But it was a seminal moment in the industry. >> Oh. And it was a seminal moment for Iran because you know, that I think caused them to get into cyber operations. Right. When they realized that something like that could happen that bolstered, you know there was a lot of underground hacking forums in Iran. And, you know, after Stuxnet, we started seeing that those hackers were dropping their hacker names and they were starting businesses. They were starting to try to go after government contracts. And they were starting to build training offensive programs, things like that because, you know they realized that this is an opportunity there. >> Yeah. We were talking earlier about this with Shawn and, you know, in the nuclear war, you know the Cold War days, you had the mutually assured destruction. It's not as black and white in the cyber world. Right. Cause as, as Robert Gates told me, you know a few years ago, we have a lot more to lose. So we have to be somewhat, as the United States, careful as to how much of an offensive posture we take. >> Well here's a secret. So I have a background on political science. So mutually assured destruction, I think is a deterrent strategy where you have two kind of two, two entities that like they will destroy each other if they so they're disinclined to go down that route. >> Right. >> With cyber I really don't like that mutually assured destruction >> That doesn't fit right. >> I think it's deterrents by denial. Right? So raising the cost, if they were to conduct a cyber operation, raising that cost that they don't want to do it, they don't want to incur the impact of that. Right. And think about this in terms of a lot of people are asking about would China invade Taiwan. And so as you look at the cost that that would have on the Chinese military, the POA, the POA Navy et cetera, you know, that's that deterrents by denial, trying to, trying to make the costs so high that they don't want to do it. And I think that's a better fit for cyber to try to figure out how can we raise the cost to the adversary if they operate against our customers against our enterprises and that they'll go someplace else and do something else. >> Well, that's a retaliatory strike, isn't it? I mean, is that what you're saying? >> No, definitely not. >> It's more of reducing their return on investment essentially. >> Yeah. >> And incenting them- disincening them to do X and sending them off somewhere else. >> Right. And threat actors, whether they be criminals or nation states, you know, Bruce Lee had this great quote that was "be like water", right? Like take the path of least resistance, like water will. Threat actors do that too. So, I mean, unless you're super high value target that they absolutely have to get into by any means necessary, then if you become too hard of a target, they're going to move on to somebody that's a little easier. >> Makes sense. Awesome. Really appreciate your, I could, we'd love to have you back. >> Anytime. >> Go deeper. Adam Myers. We're here at Fal.Con 22, Dave Vellante, Dave Nicholson. We'll be right back right after this short break. (bouncy music plays)

>>Welcome back to the cubes coverage of AWS public sector summit live in Washington D. C. A face to face event were on the ground here is to keep coverage. I'm john Kerry, your hosts got two great guests. Both cuba alumni Shannon Kellogg VP of public policy for the Americas and john would ceo tell us congratulations on some announcement on stage and congressional john being a public company. Last time I saw you in person, you are private. Now your I. P. O. Congratulations >>totally virtually didn't meet one investor, lawyer, accountant or banker in person. It's all done over zoom. What's amazing. >>We'll go back to that and a great great to see you had great props here earlier. You guys got some good stuff going on in the policy side, a core max on stage talking about this Virginia deal. Give us the update. >>Yeah. Hey thanks john, it's great to be back. I always like to be on the cube. Uh, so we made an announcement today regarding our economic impact study, uh, for the commonwealth of Virginia. And this is around the amazon web services business and our presence in Virginia or a WS as we all, uh, call, uh, amazon web services. And um, basically the data that we released today shows over the last decade the magnitude of investment that we're making and I think reflects just the overall investments that are going into Virginia in the data center industry of which john and I have been very involved with over the years. But the numbers are quite um, uh, >>just clever. This is not part of the whole H. 20. H. Q. Or whatever they call HQ >>To HQ two. It's so Virginia Amazon is investing uh in Virginia as part of our HQ two initiative. And so Arlington Virginia will be the second headquarters in the U. S. In addition to that, AWS has been in Virginia for now many years, investing in both data center infrastructure and also other corporate facilities where we house AWS employees uh in other parts of Virginia, particularly out in what's known as the dullest technology corridor. But our data centers are actually spread throughout three counties in Fairfax County, Loudoun County in Prince William County. >>So this is the maxim now. So it wasn't anything any kind of course this is Virginia impact. What was, what did he what did he announce? What did he say? >>Yeah. So there were a few things that we highlighted in this economic impact study. One is that over the last decade, if you can believe it, we've invested $35 billion 2020 alone. The AWS investment in construction and these data centers. uh it was actually $1.3 billion 2020. And this has created over 13,500 jobs in the Commonwealth of Virginia. So it's a really great story of investment and job creation and many people don't know John in this Sort of came through in your question too about HQ two, But aws itself has over 8000 employees in Virginia today. Uh, and so we've had this very significant presence for a number of years now in Virginia over the last, you know, 15 years has become really the cloud capital of the country, if not the world. Uh, and you see all this data center infrastructure that's going in there, >>John What's your take on this? You've been very active in the county there. Um, you've been a legend in the area and tech, you've seen this many years, you've been doing so I think the longest running company doing cyber my 31st year, 31st year. So you've been on the ground. What does this all mean to you? >>Well, you know, it goes way back to, it was roughly 2005 when I served on the Economic Development Commission, Loudon County as the chairman. And at the time we were the fastest-growing county in America in Loudon County. But our residential real property taxes were going up stratospherically because when you look at it, every dollar real property tax that came into residential, we lose $2 because we had to fund schools and police and fire departments and so forth. And we realized for every dollar of commercial real property tax that came in, We made $97 in profit, but only 13% of the money that was coming into the county was coming in commercially. So a small group got together from within the county to try and figure out what were the assets that we had to offer to companies like Amazon and we realized we had a lot of land, we had water and then we had, you know this enormous amount of dark fiber, unused fibre optic. And so basically the county made it appealing to companies like amazon to come out to Loudon County and other places in northern Virginia and the rest is history. If you look today, we're Loudon County is Loudon County generates a couple $100 million surplus every year. It's real property taxes have come down in in real dollars and the percentage of revenue that comes from commercials like 33 34%. That's really largely driven by the data center ecosystem that my friend over here Shannon was talking. So >>the formula basically is look at the assets resources available that may align with the kind of commercial entities that good. How's their domicile there >>that could benefit. >>So what about power? Because the data centers need power, fiber fiber is great. The main, the main >>power you can build power but the main point is is water for cooling. So I think I think we had an abundance of water which allowed us to build power sources and allowed companies like amazon to build their own power sources. So I think it was really a sort of a uh uh better what do they say? Better lucky than good. So we had a bunch of assets come together that helps. Made us, made us pretty lucky as a, as a region. >>Thanks area too. >>It is nice and >>john, it's really interesting because the vision that john Wood and several of his colleagues had on that economic development board has truly come through and it was reaffirmed in the numbers that we released this week. Um, aws paid $220 million 2020 alone for our data centers in those three counties, including loud >>so amazon's contribution to >>The county. $220 million 2020 alone. And that actually makes up 20% of overall property tax revenues in these counties in 2020. So, you know, the vision that they had 15 years ago, 15, 16 years ago has really come true today. And that's just reaffirmed in these numbers. >>I mean, he's for the amazon. So I'll ask you the question. I mean, there's a lot of like for misinformation going around around corporate reputation. This is clearly an example of the corporation contributing to the, to the society. >>No, no doubt. And you think >>About it like that's some good numbers, 20 million, 30 >>$5 million dollar capital investment. You know, 10, it's, what is it? 8000 9000 >>Jobs. jobs, a W. S. jobs in the Commonwealth alone. >>And then you look at the economic impact on each of those counties financially. It really benefits everybody at the end of the day. >>It's good infrastructure across the board. How do you replicate that? Not everyone's an amazon though. So how do you take the formula? What's your take on best practice? How does this rollout? And that's the amazon will continue to grow, but that, you know, this one company, is there a lesson here for the rest of us? >>I think I think all the data center companies in the cloud companies out there see value in this region. That's why so much of the internet traffic comes through northern Virginia. I mean it's I've heard 70%, I've heard much higher than that too. So I think everybody realizes this is a strategic asset at a national level. But I think the main point to bring out is that every state across America should be thinking about investments from companies like amazon. There are, there are really significant benefits that helps the entire community. So it helps build schools, police departments, fire departments, etcetera, >>jobs opportunities. What's the what's the vision though? Beyond data center gets solar sustainability. >>We do. We have actually a number of renewable energy projects, which I want to talk about. But just one other quick on the data center industry. So I also serve on the data center coalition which is a national organization of data center and cloud providers. And we look at uh states all over this country were very active in multiple states and we work with governors and state governments as they put together different frameworks and policies to incent investment in their states and Virginia is doing it right. Virginia has historically been very forward looking, very forward thinking and how they're trying to attract these data center investments. They have the right uh tax incentives in place. Um and then you know, back to your point about renewable energy over the last several years, Virginia is also really made some statutory changes and other policy changes to drive forward renewable energy in Virginia. Six years ago this week, john I was in a coma at county in Virginia, which is the eastern shore. It's a very rural area where we helped build our first solar farm amazon solar farm in Virginia in 2015 is when we made this announcement with the governor six years ago this week, it was 88 megawatts, which basically at the time quadruple the virginias solar output in one project. So since that first project we at Amazon have gone from building that one facility, quadrupling at the time, the solar output in Virginia to now we're by the end of 2023 going to be 1430 MW of solar power in Virginia with 15 projects which is the equivalent of enough power to actually Enough electricity to power 225,000 households, which is the equivalent of Prince William county Virginia. So just to give you the scale of what we're doing here in Virginia on renewable energy. >>So to me, I mean this comes down to not to put my opinion out there because I never hold back on the cube. It's a posture, we >>count on that. It's a >>posture issue of how people approach business. I mean it's the two schools of thought on the extreme true business. The government pays for everything or business friendly. So this is called, this is a modern story about friendly business kind of collaborative posture. >>Yeah, it's putting money to very specific use which has a very specific return in this case. It's for everybody that lives in the northern Virginia region benefits everybody. >>And these policies have not just attracted companies like amazon and data center building builders and renewable energy investments. These policies are also leading to rapid growth in the cybersecurity industry in Virginia as well. You know john founded his company decades ago and you have all of these cybersecurity companies now located in Virginia. Many of them are partners like >>that. I know john and I both have contributed heavily to a lot of the systems in place in America here. So congratulations on that. But I got to ask you guys, well I got you for the last minute or two cybersecurity has become the big issue. I mean there's a lot of these policies all over the place. But cyber is super critical right now. I mean, where's the red line Shannon? Where's you know, things are happening? You guys bring security to the table, businesses are out there fending for themselves. There's no militia. Where's the, where's the, where's the support for the commercial businesses. People are nervous >>so you want to try it? >>Well, I'm happy to take the first shot because this is and then we'll leave john with the last word because he is the true cyber expert. But I had the privilege of hosting a panel this morning with the director of the cybersecurity and Infrastructure Security agency at the department, Homeland Security, Jenness easterly and the agency is relatively new and she laid out a number of initiatives that the DHS organization that she runs is working on with industry and so they're leaning in their partnering with industry and a number of areas including, you know, making sure that we have the right information sharing framework and tools in place, so the government and, and we in industry can act on information that we get in real time, making sure that we're investing for the future and the workforce development and cyber skills, but also as we enter national cybersecurity month, making sure that we're all doing our part in cyber security awareness and training, for example, one of the things that are amazon ceo Andy Jassy recently announced as he was participating in a White house summit, the president biden hosted in late august was that we were going to at amazon make a tool that we've developed for information and security awareness for our employees free, available to the public. And in addition to that we announced that we were going to provide free uh strong authentication tokens for AWS customers as part of that announcement going into national cybersecurity months. So what I like about what this administration is doing is they're reaching out there looking for ways to work with industry bringing us together in these summits but also looking for actionable things that we can do together to make a difference. >>So my, my perspective echoing on some of Shannon's points are really the following. Uh the key in general is automation and there are three components to automation that are important in today's environment. One is cyber hygiene and education is a piece of that. The second is around mis attribution meaning if the bad guy can't see you, you can't be hacked. And the third one is really more or less around what's called attribution, meaning I can figure out actually who the bad guy is and then report that bad guys actions to the appropriate law enforcement and military types and then they take it from there >>unless he's not attributed either. So >>well over the basic point is we can't as industry hat back, it's illegal, but what we can do is provide the tools and methods necessary to our government counterparts at that point about information sharing, where they can take the actions necessary and try and find those bad guys. >>I just feel like we're not moving fast enough. Businesses should be able to hack back. In my opinion. I'm a hawk on this one item. So like I believe that because if people dropped on our shores with troops, the government will protect us. >>So your your point is directly taken when cyber command was formed uh before that as airlines seeing space physical domains, each of those physical domains have about 100 and $50 billion they spend per year when cyber command was formed, it was spending less than Jpmorgan chase to defend the nation. So, you know, we do have a ways to go. I do agree with you that there needs to be more uh flexibility given the industry to help help with the fight. You know, in this case. Andy Jassy has offered a couple of tools which are, I think really good strong tokens training those >>are all really good. >>We've been working with amazon for a long time, you know, ever since, uh, really, ever since the CIA embrace the cloud, which was sort of the shot heard around the world for cloud computing. We do the security compliance automation for that air gap region for amazon as well as other aspects >>were all needs more. Tell us faster, keep cranking up that software because tell you right now people are getting hit >>and people are getting scared. You know, the colonial pipeline hack that affected everybody started going wait a minute, I can't get gas. >>But again in this area of the line and jenny easterly said this this morning here at the summit is that this truly has to be about industry working with government, making sure that we're working together, you know, government has a role, but so does the private sector and I've been working cyber issues for a long time to and you know, kind of seeing where we are this year in this recent cyber summit that the president held, I really see just a tremendous commitment coming from the private sector to be an effective partner in securing the nation this >>full circle to our original conversation around the Virginia data that you guys are looking at the Loudon County amazon contribution. The success former is really commercial public sector. I mean, the government has to recognize that technology is now lingua franca for all things everything society >>well. And one quick thing here that segues into the fact that Virginia is the cloud center of the nation. Um uh the president issued a cybersecurity executive order earlier this year that really emphasizes the migration of federal systems into cloud in the modernization that jOHN has worked on, johN had a group called the Alliance for Digital Innovation and they're very active in the I. T. Modernization world and we remember as well. Um but you know, the federal government is really emphasizing this, this migration to cloud and that was reiterated in that cybersecurity executive order >>from the, well we'll definitely get you guys back on the show, we're gonna say something. >>Just all I'd say about about the executive order is that I think one of the main reasons why the president thought was important is that the legacy systems that are out there are mainly written on kobol. There aren't a lot of kids graduating with degrees in COBOL. So COBOL was designed in 1955. I think so I think it's very imperative that we move has made these workloads as we can, >>they teach it anymore. >>They don't. So from a security point of view, the amount of threats and vulnerabilities are through the >>roof awesome. Well john I want to get you on the show our next cyber security event. You have you come into a fireside chat and unpack all the awesome stuff that you're doing. But also the challenges. Yes. And there are many, you have to keep up the good work on the policy. I still say we got to remove that red line and identified new rules of engagement relative to what's on our sovereign virtual land. So a whole nother Ballgame, thanks so much for coming. I appreciate it. Thank you appreciate it. Okay, cute coverage here at eight of public sector seven Washington john ferrier. Thanks for watching. Mhm. Mhm.

(upbeat music) >> Welcome to this CUBE Conversation, I'm Lisa Martin. I've got two guests from Fortinet with me next talking about an very interesting topic that's something that always piques my interest, cybersecurity, and some of the things going on with respect to that. Sandra Wheatley joins us the SVP of marketing, threat intelligence and influencer communications at Fortinet. Sandra, it's great to see you again. >> Thank you, Lisa. I'm delighted to be here today. >> Lisa: Good and Rob Rashotte is here as well, vice-president, global training and technical field enablement at Fortinet. Rob welcome to the program. >> Hi, great to meet you Lisa. Nice to be here. >> Likewise. So since I last saw Fortinet we've had such a challenging year as we all know, that's an understatement, but one of the things that happened so quickly was the distribution of the workforce. And there were already preexisting gaps in IT Visibility and teams being siloed, security teams being siloed as well exacerbated distinct cybersecurity skills gap. So Sandra I want to start with you. Talk to us about what's going on with the cybersecurity skills gap and how it's impacting organizations today. >> Thank you, Lisa. While the cybersecurity skills gap continues to be one of the biggest challenges facing security organizations today, as you know, the cybersecurity space is very dynamic. It's constantly changing and we saw this even through COVID with more people working from home or being educated from home. Cyber adversaries are using remote workers as a way into the enterprise network. And so security organizations today are facing a lot of complexity. They deal with billions of alerts that come in every day and a lot of these have to be managed manually and they just don't have the professionals to keep up with that. So it continues to be a big issue facing organizations. We have seen some progress about a year ago. It was estimated that we would need 4 million professionals come into the industry to close the gap. We are now at probably a little bit over 3 million. So there is progress being made but we still have a long way to go. >> Yeah, good progress there. But what I mean, one of the things that we saw so quickly was with the distribution center was suddenly, there were tons of trusted devices that were off the network perimeter where all these keep going, "Use your own device at home until we can get you something provisioned on the network." So huge challenge that was almost like a light switch for people in any industry. Rob, talk to me from your perspective the ongoing cybersecurity skills gap. What are some of the things that you were seeing through your lens? >> Yeah, well, I mean it has certainly changed our focus over the last year with the pandemic and the change in workforce and so on. And I think as a cybersecurity vendor, a lot of the times when we talk about training and the skills gap we often tend to think pretty quickly about engineers and technical training and like this has really opened up our eyes too. We need to really broaden our scope when we're talking about training and closing the skills gap, because it's a lot more than just engineers. So we've had to really focus more on really anyone sitting in front of a computer screen and ensure that programs are available for people that are working from home that need to understand, the fact that security is just as big an issue if you're working from home or working from the office. So it's really broadened our scope in terms of who we're delivering training to and within a number of our programs, actually, that has happened. When we're dealing with we have a lot of academic partners that we deliver training with them. And one thing that's happened there is we we've traditionally dealt with engineering schools within our academic partners but now we're starting to see a lot of business schools coming and talking to us about delivering training within MBA programs and so on. So that business leaders can start understand, the need to be addressing cybersecurity in the boardroom for example, not just within the it department. So it's I guess the one thing I would say is it's really broadened our scope in terms of who the audience is for cybersecurity and the skills gap is a, you know it impacts a lot of different areas in the organization. >> Yeah, you brought up a great point there that elevation of security to the board level is critical. As we saw like big spikes and things like Ransomware last year. Ransomware getting much more sophisticated kind of playing on people's concerns for buzzwords like COVID-19 for example, and I talked to a lot of organizations where security is at the board level but the talent gap is another challenge. Sandra talk to us about what Fortinet is doing from a partnership perspective to help shrink that gap. >> Well, it's interesting because if you were to do a survey of people about where the responsibility lies to train more professionals for the industry, you'll see a split about 40% of people feel like academia should be providing the training and the curriculum to bring more professionals into the industry. And then others feel like it's a mix between corporate private public partnerships. And that's something that Fortinet believes in. We are tackling this issue on multiple fronts. We recently launched our TAA initiative or our Training Advancement Agenda, and a lot of the pro programs that Rob manages are part of that agenda like our free NSE training, our security academies, but we're also working with a lot of global partners, corporate partners like Salesforce, and IBM. We're also working with the World Economic Forum on this initiative because we really believe it's a joint effort to really make a difference. And so, for example, with Salesforce we provide some of our curriculum and training for free on their training platform, the same with IBM. And we'll continue to scale these partnerships because with these partners, we can reach more people and accelerate the impact that we can have overall. >> Absolutely that ability to expand it especially as we saw such a change in the cyber threat landscape last year as you said, Sandra you've made great progress needing, you know, a deficit of 4 million folks down to 3 million, but also looking at the opportunity to try to find more folks leveraging partners and to rubs point elevating the conversation or expanding that scope. This isn't just a problem for IT and security folks. This is a challenge across the organization that the board needs to be focused on because we've seen in this rapidly changing last year organizations and enough peril in trying to pivot their businesses. And then you add on some of the cyber threats. Rob can you talk a little bit more about the TAA initiative? I know that about your Network Security Expert program NSE program, you guys also do FortiVet program. Tell us a little bit about some of those programs and maybe some of the things that you've done to broaden the scope during the last year. >> Yeah, it certainly can. I mean, there's a number of programs that make up the agenda and you know we've widened the scope in terms of the audiences that we're looking at. But also as Sandra mentioned, trying to expand our reach as ordinary, obviously we have a reach into our partners and our ecosystem, but the ecosystem of the IBM's and the world economic forums and so on go far beyond our reach. But one of the things that we were able to do as a company almost exactly a year ago, we made the conscious decision that the training curriculum that we've built, we wanted to make it available to as many people as we possibly could. So we we've made approximately 400 hours worth of cybersecurity training available to anyone that wants to sign up and take the training in self-paced format, where they want to take it, when they want to take it. So that was a big commitment on our part and that training continues to be free today and we'll keep it free until we start to see the skills gap closed but that that has resulted I guess it was about a month or two ago when we were tracking numbers that we've exceeded over a million registrations for that training, which really was validation to us that the demand for this training is massive. So that's helped us expand our reach but that training as well we're making it available for free, but we have all sorts of different types of partners who are taking that training and making it three free through their learning portals as well. So it's really expanded the reach in that way. You know, another area that we've really focused on is partnering with nonprofits who are representing underrepresented groups. So you mentioned the veterans program that's been a program we've had for quite a while now, but we've looked at that program and thought, well, you know, we can definitely replicate our efforts there and look at other groups as well and start to see how we can partner with different NGOs to really address the diversity and inclusion, within the cybersecurity industry. 'Cause, you know, I think one thing that's interesting here is because of the skill shortage, a lot of hiring managers have had to start to look at recruiting through non traditional streams. And that that can be, you know, looking at if we have policies that say, we must hire people with four year degrees. Well, maybe we want to take a look at that and see well is that really necessary for all the jobs that we're looking at? Maybe we could look at shorter programs even high school students but then also looking at underrepresented groups it is a great way for us to take a look at this skills gap in cybersecurity and align it with our diversity and inclusion initiatives, internally within our organizations and see how we can bring that to bear on problem and really start to have the same time, create a much more diverse workforce within cybersecurity while we're trying to close that skills gap. >> I love that what a great opportunity to expand upon that. I wanted to ask you just really quickly, Rob she said 400 hours of free cyber training available over a million registrations so far. You're right, that definitely shows the demand. I'm curious when we think of backgrounds we think are these, you know need to be IT folks. Is that curriculum broad enough so that somebody with a marketing degree or somebody that doesn't have a degree could kind of get in on level one and start learning their way up the security stack? >> Yeah, it is a very broad scope. When we look at the catalog, it is multiple levels. And in fact our network security expert program it's an eight level program. And the first couple of levels of that program are applicable to anyone that needs an awareness of cybersecurity and the issues. So, yeah, it's perfect. And `in fact the level one of that program is something that we've integrated into a new service offering which is our Cybersecurity Awareness Program that companies can implement internally to provide that base level of cybersecurity awareness to all of their employees. And then as you go up to level two, three, four and five, and so on, it gets more and more technical right up to the NSE level or we're talking about, you know, architects engineers are developing very large critical cyber security infrastructures. >> Lisa, you bring up a very important point that I'd like to make a comment on. There's this misconception that you need a degree in Computer Science or some other technical degree to be in cyber security. And that's absolutely not the case. In fact, half the people in cybersecurity don't have a degree in any Computer Science program, et cetera, but you know there's a lot of skillsets and backgrounds that really map well to cybersecurity. And it's a very broad industry. There was new roles coming all of the time. So I would encourage people to not let that be a barrier to getting into this industry. And in fact our Veteran's program has been extremely successful because people coming out of the defense forces have a lot of the skills that match very well to cyber security like attention to detail, situational awareness, the ability to work under pressure. So it's definitely a misconception that the industry needs to correct. >> I couldn't agree more, especially as the daughter of a Vietnam Combat Veteran and I love what you guys are doing with veterans but you're right. There's so many other skills that people have that are so transportable and transferable that, and it's such an exciting industry. I mean, we all have a million devices scattered around. I think with those new Apple tags that if I put one on my dog's collar, my dog's going to be a connected device. There's so many opportunities to learn but there's also more exposure. The more people that have different backgrounds I think just that with that thought diversity alone, organizations in any industry can benefit. Sandra talk to us about how partners are taking some of these programs and rolling them into their own to help kind of open that door wider as you say, to make sure that barrier isn't there and also get more folks aware of what they can learn. >> Yeah, the encouraging thing is I just see a lot more creativity around this issue. If you think about it, the lack of diversity in IT has been a challenge for everyone that the issue in cybersecurity is just a manifestation of that. And one of the reasons is that it's particularly cybersecurity. A lot of people don't understand how to get into the industry, or they have a lack of awareness about the different types of roles. And we see this in particular with women and young females as well as underserved minority groups. In fact, the veterans program is one way to bring more of that diversity into the industry. And if you think about it today, women make up about 24%. I think it's single digits for underrepresented groups. So we have a huge opportunity there. And I think somehow working with our partners we're doing a lot of different things. Not only are we providing our curriculum and our training and the technical support, but we're also done a lot of work around mapping roles and the steps you need to take to, to achieve those roles. So we've created that for different roles, and we've shared that with some of our training partners and they provide that information on their training platforms. We also regularly have done a lot of different podcasts and interviews with women and minorities have gone through the industry and been very successful talking about how they did that and how they got there. We're working with lots of nonprofits like Women in Cybersecurity speaking to people out there providing them the support. So it's a multi-phase approach. And I do think that private industry need to be doing things like creating entry level kinds of roles to bring more people in the industry and recruit differently. But the good news is there's a huge amount of awareness around this, and you definitely see companies doing a lot more, as well as our partners. >> Well if I could just touch on something there, well Sandra is talking about the different career roles and so on. The industry can get pretty complicated pretty quickly when we're talking about different roles. And there's a lot of buzzwords. And you know when people are looking at this and say, well, how do I even get into this industry? It sounds very technical complicated. And, you know, there are a number of different career patching tools that you can find out there around cyber security but when there's too many of those that even gets confusing. So the career paths that we've developed, we've done that in conjunction with NICE and there's an initiative called the NICE Framework which stands for National Initiative for Cyber Security Education. And so the pathways that we've developed map to that. So, you know, that's one thing I'd like to encourage other organizations to make sure that we're all following that framework so that as we're providing these career paths to people we're using the same terminology. We're using the same titles and career paths and so on. So it just makes it a little bit more understandable for people to pick a path that they want and then start their journey. >> I also think exposing students earlier in their education about cyber security is really important. In fact, we're just released a book called "Cyber Safe" and it's targeting elementary school children and their parents and making them more aware of cybersecurity, the risks, how they should behave online. It talks about cyber bullying and it also helps has guidance in there for parents. And this is a book that we're making freely available to underserved schools and it can easily be accessed online. We've had great reviews, but it's all part of our TAA efforts to educate and make people more aware about the opportunities on the industry overall. >> I love that, Sandra our SVP of marketing. Is there a URL that you can give our audience where they can find that free resource? >> Yes, you can find that I believe on our NSE training page. You can just go to fortinet.com NSE and or TAA and you will find information about how to get the book. >> Excellent so fortinet.com search TAA or NSE you'll find that information. I'm going to check that out myself 'cause maybe you know, for adult children of parents who also need some cybersecurity help I think I might check that out for myself. >> You can (indistinct) copy Lisa. >> Thank you, excellent. It's been great talking to you guys. This is such an interesting topic. I love the efforts that Fortinet is doing to close those gaps and also what you're doing to bridge that with the diversity and inclusion efforts brought out. That's a great effort, Sandra, Rob thank you for joining me today. >> Thank you, Lisa. >> Thank you, Lisa >> For Sandra Wheatley and Rob Rashotte. I'm Lisa Martin. You're watching this CUBE conversation with Fortinet. (gentle music)

>> Narrator: Live, from Washington DC, it's theCUBE. Covering AWS Public Sector Summit. Brought to you by Amazon Web Services. >> Welcome back everyone to theCUBE's live coverage of the AWS Public Sector Summit here in our nation's capital. I'm your host, Rebecca Knight. Co-hosting along side John Furrier. We are joined by Jamil Jaffer, he is the VP Strategy and Partnerships at IronNet. Thanks so much for coming on theCUBE. >> Thanks for having me Rebecca. >> Rebecca: I know you've been watching us for a long time so here you are, soon to be a CUBE alumn. >> I've always wanted to be in theCUBE, it's like being in the octagon but for computer journalists. (laughing) I'm pumped about it. >> I love it. Okay, why don't you start by telling our viewers a little bit about IronNet and about what you do there. >> Sure, so IronNet was started about 4 1/2 years ago, 5 years ago, by General Kieth Alexander, the former director of the NSA and founding commander of US Cyber command. And essentially what we do is, we do network traffic analytics and collective defense. Now I think a lot of people know what network traffic analytics are, you're looking for behavioral anomalies and network traffic, trying to identify the bad from the good. Getting past all the false positives, all the big data. What's really cool about what we do is collective defense. It's this idea that one company standing alone can't defend itself, it's got to work with multiple companies, it's got to work across industry sectors. Potentially even with the governments, and potentially across allied governments, really defending one another. And the way that works, the way we think about that, is we share all the anomalies we see across multiple companies to identify threat trends and correlations amongst that data, so you can find things before they happen to you. And so the really cool idea here is, that something may not happen to you, but it may happen to your colleague, you find about it, you're defended against it. And it takes a real commitment by our partners, our companies that we work with, to do this, but increasingly they're realizing the threat is so large, they have no choice but to work together, and we provide that platform that allows that to happen. >> And the premise is that sharing the data gives more observational space to have insights into that offense, correct? >> That's exactly right. It's as though, it's almost like you think about an air traffic control picture, or a radar picture, right? The idea being that if you want to know what's happening in the air space, you got to see all of it in real time at machine speed, and that allows you to get ahead of the threats rather than being reactive and talking about instant response, we're talking about getting ahead of the problems before they happen so you can stop them and prevent the damage ahead of time. >> So you're an expert, they're lucky to have you. Talk about what you've been doing before this. Obviously a lot of experience in security. Talk about some about some of the things you've done in the past. >> So I have to admit to being a recovering lawyer, but you have to forgive me because I did grow up with computers. I had a Tandy TRS-80 Color computer when I first started. 4K of all more RAM, we upgraded to 16K, it was the talk of the rainbow computer club, what are you doing, 16K of RAM? (laughing) I mean, it was-- >> Basic programming language, >> That's right. (laughing) Stored on cassette tapes. I remember when you used to have to punch a hole in the other side of a 5 1/4 floppy disc to make it double sided. >> Right, right. >> John: Glory days. >> Yeah, yeah. I paid my way through college running a network cable, but I'm a recovering lawyer, and so my job in the government, I worked at the House Intelligence Committee, the Senate Foreign Relations Committee and then the Bush administration on the Comprehensive National Cybersecurity Initiative, both the Justice Department and the White House. >> You've seen the arc, you've seen the trajectory, the progress we're making now seems to me slower than it should be, obviously a lot of inertia as Amy Chasity said today about these public sector government agencies, what not. But a real focus has been on it, we've been seeing activity. Where are we with the state of the union around the modernization of cyber and awareness to what's happening? How critical are people taking this threat seriously? >> Well I think I variety of things to say on that front. First, the government itself needs modernize its systems, right? We've seen that talked about in the Obama administration, we've seen President Trump put out an executive order on modernization of federal infrastructure. The need to move to the cloud, the need to move to shared services, make them more defensible, more resilient long-term. That's the right move. We've seen efforts at the Department of Defense and elsewhere. They aren't going as fast as the need to, more needs to happen on that front. IT modernization can really be accelerated by shifting to the cloud, and that's part of why that one of the things that IronNet's done really aggressively is make a move into the cloud space, putting all of our back end in the cloud and AWS. And also, ability, capability to do surveillance and monitoring. When I say surveillance I mean network threat detection not surveillance of the old kind. But network threat detection in the cloud, and in cloud-enabled instances too. So both are important, right? Classic data centers, but also in modern cloud infrastructure. >> Yeah, one of the things people want to know about is what your enemy looks like, and now with the democratization with open source, and democratization of tools, the enemies could be hiding through obscure groups. The states, the bad actors and the state actors can actually run covert activities through other groups, so this is kind of a dynamic that creates confusion. >> No, in fact, it's their actual mode of operating, right? It's exactly what they do, they use proxies, right? So you'll see the Russians operating, looking like a criminal hacker group operating out of the eastern Europe. In part because a lot of those Russian criminal rings, in actuality. You see a lot of patriotic hackers, right? I would tell most people, if you see a patriotic hacker there's probably a government behind that whole operation. And so the question becomes, how do you confront that threat, right? A lot of people say deterrence doesn't work in cyberspace. I don't believe that. I think deterrence can and does work in cyberspace, we just don't practice it. We don't talk about our capabilities, we don't talk our red lines, we don't talk about what'll happen if you cross our red lines, and when we do establish red lines and they're crossed, we don't really enforce them. So it's no surprise that our enemies, or advisories, are hitting us in cyberspace, are testing our boundaries. It's cause we haven't really give them a sense of where those lines are and what we're going to do if they cross them. >> Are we making an progress on doing anything here? What's the state of the market there? >> Well the government appears to have gotten more aggressive, right? We've seen efforts in congress to give the Department of Defense and the US Intelligence Committee more authorities. You can see the stand up of US Cyber Command. And we've seen more of a public discussion of these issues, right? So that's happening. Now, is it working? That's a harder question to know. But the real hard question is, what do you do on private sector defense? Because our tradition has been, in this country, that if it's a nation-state threat, the government defends you against it. We don't expect Target or Walmart or Amazon to have service to air missiles on the roof of your buildings to defend against Russian Bear bombers. We expect the government to do that. But in cyberspace, the idea's flipped on its head. We expect Amazon and every company in America, from a mom and pop shop, all the way up to the big players, to defend themselves against script kiddies, criminal hacker gangs, and nation-states. >> John: And randomware's been taking down cities, Baltimore, recent example, >> Exactly. >> John: multiple times. Hit that well many times. >> That's right, that's right. >> Talk about where the US compares. I mean, here as you said, the US, we are starting to have these conversations, there's more of an awareness of these cyber threats. But modernization has been slow, it does not quite have the momentum. How do we rate with other countries? >> Well I think in a lot of ways we have the best capabilities when it comes to identifying threats, identifying the adversary, the enemy, and taking action to respond, right? If we're not the top one, we're in the top two or three, right? And the question, though, becomes one of, how do you work with industry to help industry become that good? Now our industry is at the top of that game also, but when you're talking about a nation-state, which has virtually unlimited resources, virtually unlimited man-power to throw at a problem, it's not realistic to expect a single company to defend itself, and at the same time, we as a nation are prepared to say, "Oh, the Department of Defense should be sitting on "the boundaries of the US internet." As if you could identify them even, right? And we don't want that. So the question becomes, how does the government empower the private sector to do better defense for itself? What can the government do working with industry, and how can industry work with one another, to defend each other? We really got to do collective defense, not because it makes sense, which it does, but because there is no other option if you're going to confront nation-state or nation-state enabled actors. And that's another threat, we've seen the leakage of nation-state capabilities out to a lot broader of an audience now. That's a problem, even though that may be 2013 called and wants it's hack back, those things still work, right? What we saw in Baltimore was stuff that has been known for a long time. Microsoft has released patches long ago for that, and yet, still vulnerable. >> And the evolution of just cyber essential command, and Cyber Command, seems to be going slow, at least from my frame. Maybe I'm not in the know, but what is the imperative? I mean, there's a lot of problems to solve. How does the public sector, how does the government, solve these problems? Is cloud the answer? What are some of the things that people of this, the top minds, discussing? >> Well and I think cloud is clearly one part of the solution, right? There's no question that when you move to a cloud infrastructure, you have sort of a more bounded perimeter, right? And that provides that ability to also rapidly update, you could update systems in real time, and in mass. There's not going around and bringing your floppy disc and loading software, and it sounds like that's sort of a joke about an older era, but you look at what happened with NotPetya and you read this great Wired article about what happened with NotPetya, and you look at Maersk. And the way that Maersk brought its systems back up, was they had domain controller in Africa that had gone down due to a power surge, where they were able to recover the physical hard drive and re-image all their world-wide domain controls off of that one hard drive. You think about a major company that runs a huge percentage of the world's ports, right? And this is how they recovered, right? So we really are in that, take your disc and go to computers. In a cloud infrastructure you think about how you can do that in real time, or rapidly refresh, rapidly install patches, so there's a lot of that, that's like a huge part of it. It's not a complete solution, but it's an important part. >> Yeah, one of the things we talk about, a lot of tech guys, is that this debate's around complexity, versus simplicity. So if you store your data in one spot, it's easy to audit and better for governing compliance, but yet easier for hackers to penetrate. From an IQ standpoint, the more complex it is, distributed, harder. >> Yeah I think that's right. >> John: But what's the trade off there? How are people thinking about that kind of direction? >> No that's a great question, right? There's a lot of benefits to diversity of systems, there's a lot of benefit to spreading out your crown jewels, the heart of your enterprise. At the same time, there's real resilience in putting it in one place, having it well defended. Particularly when it's a shared responsibility and you have partial responsibility for the defense, but the provider to, I mean, Amazon, and all the other cloud providers, Microsoft and Google, all have it in their own self interest to really defend their cloud really well. Because whether or not you call it shared responsibility, it's your stock price that matters if you get hit, right? And so, instead of you, Amazon, and all the other cloud players have an incentive to do the right thing and do it really well. And so this shared responsibility can work to both side's benefits. That being said, there's an ongoing debate. A lot of folks want to do there stuff on-prem in a lot of ways. You know, a lot of us are old school, right? When you touch it, you feel it, you know it's there. And we're working through that conversation with folks, and I think that at the end of the day, the real efficiency gains and the power of having super computing power at your fingertips for analytics, for consumer purposes and the like. I really think there's no way to avoid moving to a cloud infrastructure in the long run. >> I know you said you were a recovering lawyer, but you are the founding director of the National Security Institute at the Antonin Scalia School of Law. How are you thinking about educating the next generation of lawyers who could indeed become policy makers or at least work on these committees, to think about these threats that we don't even know about yet? >> That's a great question. So one of the things we're doing, is we're working through the process with the state commission on establishing a new LLM and cyber intelligence national security law. That'll be a great opportunity for lawyers to actually get an advanced degree in these issues. But we're also training non-lawyers. One of the interesting things is, you know, One of the challenges DC has, is we make a lot of tech policy, a lot of it not great, because it's not informed by technologists, so we've got a great partnership with the Hewlett Foundation where we're bringing technologists from around the country, mid-career folks, anywhere from the age of 24 to 38. We're bringing them to DC and we're educating them on how to talk to policy makers. These are technologists, these are coders, data scientists, all the like, and it's a real opportunity for them to be able to be influential in the process of making laws, and know how to involve themselves and talk that speak. Cause, DC speak is a certain thing, right? (laughing) And it's not typically consistent with tech speak, so we're trying to bridge that gap and the Hewlett Foundation's been a great partner in that effort. >> On that point about this collaboration, Silicon Valley's been taking a lot of heat lately, obviously Zuckerberg and Facebook in the news again today, more issues around irresponsibility, but they were growing a rocket ship, I mean, company's only 15 years old roughly. So the impact's been significant, but tech has moved so fast. Tech companies usually hire policy folks in DC to speak the language, educate, a little bit different playbook. But now it's a forcing function between two worlds colliding. You got Washington DC, the Silicon Valley cultures have to blend now. What are some of the top minds thinking about this? What are some of the discussions happening? What's the topic of conversations? >> Well look, I mean, you've see it in the press, it's no surprise you're hearing this talk about breaking up big tech companies. I mean, it's astounding. We used to live in world in which being successful was the American way, right? And now, it seems like at least, without any evidence of anti-trust concerns, that we're talking about breaking up companies that have otherwise hugely successful, wildly innovative. It's sort of interesting to hear that conversation, it's not just one party, you're hearing this in a bipartisan fashion. And so it's a concern, and I think what it reveals to tech companies is, man, we haven't be paying a lot of attention to these guys in DC and they can cause real trouble. We need to get over there and starting talking to these folks and educating them on what we do. >> And the imperative for them is to do the right thing, because, I mean, the United States interest, breaking up, say, Facebook, and Google, and Apple, and Amazon, might look good on paper but China's not breaking up Alibaba anytime soon. >> To the contrary. They're giving them low-interest loans and helping them all to excel. It's crazy. >> Yeah, and they have no R&D by the way, so that's been- >> Jamil: Right, because they stole all of our IP. >> So the US invests in R&D that is easily moving out through theft, that's one issue. You have digital troops on our shores from foreign nations, some will argue, I would say yes. >> Jamil: Inside the border. >> Inside the border, inside the interior, with access to the power grids, our critical infrastructure, this is happening now. So is the government now aware of the bigger picture around what we have as capabilities and criticalities that were needed now for digital military? What is that conversation like? >> Well I think they're having this conversation, right? I think the government knows it's a problem, they know that actually in a lot of ways a partnership with tech is better than an adversary relationship. That doesn't change the fact that, for some reason, in the last three, four years, we really have seen what some people are calling a "techlash", right? A backlash against technology. It kind of strikes me as odd, because of course, the modern economy that we've so benefited from is literally built on the back of the innovations coming out of the Silicon Valley, out of the west coast, and out of the DC metro area, where a lot these tech companies are developing some of the most innovative new ideas. Now they're, frankly, helping government innovate. So Amazon's a key part of that effort, right? Here in the public sector. And so I'm hoping that education will help, I know that the arrival of tech companies here to really have that conversation in an open and sensible way, I hope will sort of waft back some of this. But I worry that for too long the tech and the policies have ignored on another. And now they're starting to intersect as you say, and it has the possibility of going wrong fast, and I'm hoping that doesn't happen. >> You know, one of the things that Rebecca and I were talking about was this talent gap between public sector and private sector. These agencies aren't going to go public anytime soon, so maybe they should get equity deals and get a financial incentive. (laughing) You know what I mean? Shrink down the cost, increase the value. But as you get the collaboration between the two parties, the cloud is attracting smart people, because it gives you an accelerant of value. So people can see some entry points to land, some value out of the gate, verus giving up and abandoning it through red tape, or in other processes. So you starting to see smart people get attracted to cloud as a tool for making change. How is that working? And how is that going to work? Cause this could be coming to the partnership side of it. People might not want to work for the government, but could work with the government. This is a dynamic that we see as real. What's your thoughts? >> I think that's exactly right. Having these cloud infrastructures gives the ability to one, leverage huge amounts of computing power, but also to leverage insights and knowledge from the private sector in ways that you never could have imagined. So I really do think the cloud is an opportunity to bring real benefits from private sector innovation into the public sector very rapidly, right? So, broad-clouded option. And that's part of why John Alexander, my boss, and I have been talking a lot about the need for broad-clouded option. It's not just innovative in technology, it's benefits to the war fighter, Right? I mean, these are real, tangible benefits pushing data in real time, the war fighter, You know John Alexander had one of the biggest innovations in modern war fighting, where he's able to take civil intelligence down from weeks and months, down to minutes and seconds, that the naval and our war fighters in Iraq and Afghanistan to really take the fight to the enemy. The cloud brings that power scaled up to a huge degree, right? By orders of magnitude. And so the government recognizes this and yet today we don't see them yet moving rapidly in that direction. So I think the EO was a good move, a good first step in that direction, now we got to see it implemented by the various agencies down below. >> Well we'll kep in touch, great to have you on. I know we're wrapping up the day here, they're breaking down, we're going to pull the plug literally. (laughing) We'll keep in touch and we'll keep progress on you. >> Thank you so much, I appreciate it. >> Rebecca: Jamil, you are now a CUBE alumn, >> I love it, thank you. >> Rebecca: So congrats, you've joined the club. >> I love it. >> I'm Rebecca Knight for John Furrier you have been watching theCUBE's live coverage of the AWS Public Sector Summit. (electronic music)

>> Host: Live from San Diego, California, it's the CUBE, covering Cisco Live US 2019. Brought to you by Cisco and its ecosystem partners. >> Hi, welcome back to the CUBE, Lisa Martin with Stu Miniman, covering day one of Cisco Live from sunny San Diego. We're pleased to welcome back a couple of our alumni. To my right Eric Herzog, CMO of IBM Storage. Eric it's always great to have you. >> Great. >> And you fashion choices on the CUBE. >> Always wear a Hawaiian shirt for the CUBE. >> I know, it's a thing. And we've also got Evaristus Mainsah, General Manager of IBM Cloud Private Ecosystem. Evaristus it's great to have you back on the program. >> Thank you very much, delighted to be here. >> So guys here we are, we're in the dove nut zone. Lots of collaboration, lots of conversations day one of Cisco Live. But this events been around for 30 years. Long time, I think Chuck Robins said this morning what also turned 30 this year is Tetris. Anybody a big fan of Tetris? So, so much progress, so much change. I know you've seen a lot of it. Eric lets start with you. The global economy, what are the impacts it's having on IT? >> Well I'd say the number one thing is everyone is recognized the most valuable asset is data. It's not gold, it's not silver, it's not plutonium and it definitely isn't oil, it's all about data. And whether it be a global Fortune 500, a midsize company or Herzogs Bar & Grill, data is your most valuable asset. So at IBM Storage, what we've done is making sure that our focus is on being data-driven. It's all about solutions, it's not about speeds and feeds. Of course, having done this for 35 years I could have whacked poetically on speeds and feeds. And even if you have some speeds and feeds that Stu may not even remember anymore. That said, it's really about data, it's not about storage speeds and feeds. How really storage is that critical foundation for applications, workloads and use cases. And that's what's most important. >> Yeah, so Eric, when they rolled out on stage this morning that 30 year old box with ribbon cable, yeah, that predated a little bit when I was looking at IT. But, I remember when I started in IT, when we talked about security, the main thing was lock the door of the cabinet that everything was in there, because it was kind of self-contained. Security's gone through a few changes in the last you know 20 25 years though. Maybe you could talk a little bit about that kind of security resiliency. Obviously, something that's impacted the network for a long time, something that IBM sees front and center. >> What I think the big deal is what most people think when they think of security, is I got to buy security software. So I got to call up IBM Security or RSA or the Intel Security Division and buy some security software. And while that's great the reality is as many people have written about, in fact Wikibon SiliconANGLE's written about it. Close to 98% of all enterprises, and I mean big enterprises now are going to get to be broken into. And you've seen this all over the news. So the key thing is once they're inside, storage can help you with a cyber resiliency play. And at IBM Storage whether that be data at rest encryption. Whether that be malware or ransomware protection. We put together a whole set of technology that when the bad guys in the house they can't steal the TV. Because we've locked it down. It's almost as if it was in a safe. Maybe it's almost like the cloak in science fiction where you can't even see the Romulan ship, because it's cloaked. Well guess what, that's what IBM storage can do for your data and it is your most valuable asset. So critical to cyber resiliency. >> So helping customers go from reactive to this expectation breach has happened very very frequently every few seconds to being proactive? >> Yeah, I mean. >> Eventually predictive? >> Well what we do is for example with our Spectrum Protect software. When there's a malware or ransomware attack, what happens is they always go after you're secondary data sets first. I know that sounds weird but they go after your backups, your snapshots and your replicas. 'Cause when they attack your primary data, if they've you can just recover from a backup they can't hold you for $10 million of ransom. So our Spectrum Protect software for example, when it sees anomalous activity in backup data sets, sends an email on a warning out to all the admins and says you have weird activity going on, you might want to check it out and that way you would know. Because secondarity is attacked first in a cyber resiliency strategy. >> You know, the other thing we're seeing a lot is just the scope of what's happening in IT. When you talk about things like scale and you talk about you know edge computing and so much change going on. There's got to be AI in there or machine learning to help us because humans alone can't keep up with what's going on here. Tell us a little bit about that Eric. >> So Big data and AI is like the hot topic right now. Cyber resiliency is important 'cause people obviously have been buying security software for a while. So it's more what we do is really an adjunct to that. In the case of Big data and AI, it's a brand new open field. Everyone is looking for solutions in both of those spaces. We have created a complete set of data infrastructure we've called the AI pipeline. It involves not only physical storage arrays but a whole bunch of software. In fact our Spectrum Discover software which allows you to create metadata catalogs about file and object data is being expanded. And we already publicly said this in the second half To include EMC and Netapp and AWS, not just IBM Storage. So it's a critical thing, you've got to make sure the other thing is when you're using AI. Let's say you're going to use AI to run a factory. If the storage goes down, those robots aren't working. So storage is that critical underlying foundation. A in a Big data network load to be able to have this pipeline to get the data. But if you don't have the resiliency, the performance and the availability of the underlying storage everything shuts down if the storage fails. 'Cause the AI software won't run. So that's how we see fitting in to their both the critical foundation also this AI data pipeline with all of our software. >> So before we get in to this Cisco partnership with Evaristus, it's one more question Eric for you. As Chief Marketing Officer, you talk about the customers all of the time. In that example that you just gave about the criticality of storage for AI where are you having conversations within customer organizations. Is it at the level of the storage girls and guys or has it gone up to lines of business to executives. >> Yeah so, from an AI perspective it runs a gamut. It could be sometimes the storage people. Sometimes the infrastructure people. A lot of times it's actually in the line of business or at the data scientist level. On the Big data side it's a little bit more mature so people know they need to do analytics versus AI. And so when you look at it from that perspective on that side it's often the storage guy but it's also the data scientist as well. So that's who we talk to to get things rolling. And it's not, we don't just talk to the storage admin for either of them, because they're both so new and they have such a big impact on the data scientists and the analytic engine committees inside of those giant enterprises. >> I can imagine eventually maybe question for you. Of that conversation elevating it up to the sweet sweet. Because if you can't access the data, if it can't be protected, what good is it? Right, it's really, to say it's the lifeblood is a silly thing, but we say it all the time. But it's critical, it's table stakes. >> Well one of the things that's interesting is I just got my Fortune 500 magazine at home, that had the Fortune 500 list in it. And there was an interesting article on AI and the enterprise. And they did a survey according to Fortune magazine, 50% of the CIO's that are in the Fortune 500 said they're using AI and Big data of some type. So it's sweeping the world. And it started of course in HPC in the academics. But now it's going into all enterprises of all types. >> Alright so we've talked a few years about the Versastack Partnership. But the last year or so we've really been talking about where Hybrid cloud and multi-cloud fit in to this. We talked a little bit at IBM Think. Evaristus we talked at another show about some of the IBM Cloud Private. Give us the update where we are with customers and how that fits, Eric lets start with you and Evaristus just go into the partnership. >> Sure from a storage version perspective, we've been talking about a Hybrid multi-cloud now for several years. And in fact I did a presentation two years ago at Cisco Live on Hybrid cloud using Versastack. Today I gave one on the data driven enterprise and why hybrid multi-cloud is important to use. So that was the 30 minutes presentation I did today. So I think the key thing is we make sure that we A our Hybrid it's not going to all public or all private. And we can move data seamlessly back and forth. And then also multi-cloud. When you look at enterprise shops, they're not just going to use IBM Cloud. I wish they would I'm an IBM shareholder but they're not. They use IBM, they're going to use ABS, they're going to use Amazon and in many cases they're going to use some smaller cloud provider. So we make sure that we can move data around across any multi-cloud of various different providers to accompany. But also Hybrid cloud as well. >> So the status talk to use about you know from a partnership Cisco IBM Cloud Private perspective, what's going on there Evaristus? >> Well Thank you very much. Well IBM and Cisco have been partners for a long long time. And what we are doing now is given the realities, the fact that those clients have found themselves in a multi-cloud environment, >> Hybrid multi-cloud environment. What we can do to help clients so they can develop they can test, they can manage the applications in a consistent manner, whether they are on prime or in the cloud. And there are a couple of initiatives that we are announcing. One of them is that IBM Cloud Private is going to run on Hyperflex, so Cisco's Hyperflex. As well as hyperflex, hyper-conversed infrastructure. What it means is a client who currently has hyperflex can have IBM Cloud Private on it. Which effectively means they have themselves a Private Cloud environment that also connects to other public cloud environments and allows you to really begin to work within a Hybrid cloud environment the way that most clients need to. The second initiative is that we will have ACI pods or V pods, virtual ACI, running in the IBM public cloud. Which basically means that again, Cisco customers, ACI Network customers who currently use the produce on Prime will be able to use exactly you know the same control pane to manage their deployments and to manage their security preferences on Prime as they do in the cloud. And this again surrounding the Public Cloud is running on bare metal on the IBM Cloud. >> Alright, Evaristus can you bring us inside a little bit the applications you know. Eric talked about you know data we know is so important. Really it's the applications that are driving that. It's where we're seeing the most change in customers, as to how they're moving or building new applications. And in Hyber cloud it's one of the biggest questions for customers is what do they do with that application portfolio? >> Yes so what we're seeing is clearly because you know. Clients have now lots of different Public clouds. They also have Private clouds to deal with them. They have lots of applications that are currently that need to move right. We believe 20% of those applications have moved, the remaining 80% are still on Prime. And so the trend that we are really seeing is applications moving to the cloud. And the two ways of doing it you could do this by simply lifting and shifting on VM, you get the contraction benefit of your stack right. So you can some cost impacts. But the really interesting way that you see lots of clients moving is modernizing the applications. Because the real valued driver with infinite cloud is not so much cost as innovation. And when you convert those applications into Microsoft this is the right and let me run them in containers it gives them plenty of flexibility. And wasting lots of clients that want to use IBM Cloud Private as a platform to enable that modernization journey. >> So as every industry is living in this Hybrid multi-cloud world for many reasons. But it sounds like to me is that the IBM Cisco relationship is deepening as a result to enable these organizations that are in these very amorphous environments. You know as we see the explosion of Edge and Mobile, that's what it sounds like to me. Is that this long standing partnership is getting deeper and maybe a stronger foundation. To help customers not just live in this Hybrid multi-cloud world but be successful so that their businesses gain competitive advantage. They can identify new products and services and revenue streams. >> Yeah, I think multi-cloud and Hybrid cloud actually requires partnerships. Because as Eric said later on of course you like everybody to be on the IBM Cloud and it's a great cloud. But we recognize that many clients who have a variety of different plights to deal with. They have a variety of different infrastructures. And that's why when you look at IBM Cloud Private which is you know our offering that really enables that Hybrid cloud. It is designed to managed that. So It is multi-model, so if you want to run it as a VM you can, you want to run your containers, you can run serverless, you can run them bare metal. But also, it supports a range of different infrastructure. So not only does it run on Z, it runs on power, it runs on Spectrum Storage. We announce running now on Hyperflex. It also runs on other peoples Public clouds. It runs on Azure, it runs on Amazon web services, it runs on Google Cloud platform, it runs on the IBM Cloud. And the intent here is to enable clients to basically manage and work with that infrastructure as if it was one. The way that Stu said in the data center where you locked everything up. Well it's not like that anymore. But the most that we can do is to enable clients to treat all of that infrastructure as one. And that's what sort of aim to do with our platforms. >> Alright, I guess last question I'd like to get both of your comments on. Is your advice for customers, you know, customers have that they have a lot of you know existing things that they have to deal with, that they're looking to modernize. What advice do you give them? Where do you start them you know I guess you know one of the things you're starting where they are. But you know what are some of the first steps and recommendations that you have for customers today? >> We have a process that works really well, which is called the IBM Garage. Which is effectively a way that we used to co-create with our clients to solve the immediate problems. So a client for example, who is looking at app modernization but isn't sure where to start, which app. What we do is we get their teams together with our teams line of business together with IT and our teams and we spend a couple of days in a design thinking workshop to identify a minimum viable product. Which is something that solves a problem not big enough that it will take forever, but big enough to matter. Then we get our teams to work side-by-side, we code it, we test it, we deploy it, we'll run it in the IBM Cloud. We manage it, at like in one week sprints. And then you spend another few days at the end of week four or five to do a see retrospective to see whether it solved the problem as you expected. And if it did, you pick the next piece of work to continue your journey. So before you know, five weeks in, you have your first application modernized. Or you have your first cloud negative ready. >> Now from a storage perspective it's a little bit easier. We supported storage on bare metal. We supported storage in all the virtual environments. KVM, OVM, obviously VM we're in Hyper V. And now, we've been supporting containers for over two years. So we say is leave no data behind. If certain data needs to stay on bare metal, that's fine we can support that. But we can also transparently migrate data back and forth between the various tiers of container-based virtualization-based or the old style bare metal. So from our perspective, we help them move data around where they need it. And if they're still running in a hybridized world in this case, containers, virtual and bare metal that's fine. If they just go containers that's fine. If they just go virtual it's fine. So for us, because of what we've been supporting now for several years, we can help them on that journey. And traverse from any one of those three layers, which is where data sits in today's data centers and cloud environments. >> So overall a lot of collaboration, a lot of customer choice. Gentlemen, Thank you for joining Stu and me the program this afternoon, great to have you back. >> Thank you >> Great, Thank you. Glad to be on the CUBE. >> Oooh our pleasure. For Stu Miniman, I am Lisa Martin. You're watching the CUBE, live from day one of our coverage on Cisco Live. Thanks for watching. (energetic music)

>> Narrator: Live from Orlando, Florida. It's theCUBE... covering Accelerate '19. (electronic music) Brought to you by Fortinet. >> Welcome back to theCUBE. We are at Fortinet Accelerate 2019 in Orlando, Florida. I'm Lisa Martin with Peter Burris. We've been here all day talking with Fortinet executives, with partners, really understanding the evolution of cybersecurity and how they are helping customers to combat those challenges to be successful. We're pleased to welcome back to theCUBE alumni John Bove, the VP of North America's channel for Fortinet. John welcome back to the program. >> Thanks for having me, great to see you both again. >> Likewise, so, so much going on today, some news coming out. The keynote this morning started with a lot of electricity around Fortinet's industry leadership, product leadership, there was a lot of growth numbers shared >> John: Yup >> There's also a lot of people here about close to four thousand. >> John: Close to four thousand people, yup. >> And you saying that a good percentage of that is partners, forty countries represented. What are some of the things from your perspective, that you've observed today, in terms of the reaction from the channel to all of this news coming out. >> Yeah so first off, the heritage of this event really was a partner conference going back to its infancy and you know as Fortinet continues to grow and our customer profile continues to you know, move up market, we've now invited customers. So it's really great the synergy that we have. We've got a number of partners with their customers coming to meetings and meeting with executives, and so it's just really fantastic. You know relative to the announcements about the partner program, we've seen really positive feedback. I think the program was introduced about a decade ago and it really was time for a refresh, and so, what we've done is, we want to bring a program to our partner community that, allows them to engage with us in how they see fit, and then we want to build the go to market that's a little bit more in tune with the market that exists here, as we're moving into the year 2020 and beyond. So we're really assimilating a reseller, MMSP and Cloud as types of partner go to markets, and organizing that all underneath the Fortinet partner program umbrella. We'll also be introducing a consultancy track because we want to insure that the assets within the network security expert program are available to those consultants that are working with customers on their journey to the Cloud, for instance, or through this digital transformation. And then finally we're introducing what we're calling a competency focus. So as Fortinet continues to grow as a company there's a number of competencies that we feel if we enable partners appropriately they're going to be able to benefit from. They're going to build a stronger business around the Fortinet Security Fabric. So, we're going to focus on SD-WAN, we're going to focus on Fabric, we're going to focus on Data Center, operational technologies and then S.A.C., because we do think, you know, S.A.C. operations, is an area, that cybersecurity and the number of tool sets are introduced, it's an area that we need to grow into as a company as well. >> Lots going on. >> Lot's going on, yes. >> So as you consider some of the challenges that your partners face, we talked a little bit about this with Patrice, partners, throughout the industry are hurting as they try to transition from a more traditional hardware to whatever's going to be the steady state, >> John: That's right >> with the Cloud and the Edge having such an impact. Education is crucial. You not just get your customers educated about how cybersecurity works, but your partners need to be increasingly educated so they can find those opportunities, niches, stay in business, help you engage, how's that playing out? >> My number one initiative as the channel leader is to drive partner competency and preference. And so, going back to competency, if we can build partner competencies, they're going to build a healthier, more margin rich business around the Security Fabric, which then, selfishly, is going to lead them to delivering more preference around Fortinet. But there's no doubt, it's a changing dynamics. Business models are changing on the fly. We're seeing evolution of VAR to MSP, and MSP to MSSP, and we are laser focused on capitalizing that. Our FortiSIEM technology for instance is, I really view as a Beachhead technology for us to go capitalize that MSP market in the mid-market. I think that the evolution of consumption to more of a consumption model away from a transactional acquisition, also lends itself to new and innovative programs that need to be delivered. In fact with our North American distributors, in the past six months, we've introduced hardware as a service, to reduce, you know, to position things as an operational expense, which may be more in tune with how customers are purchasing today, and we've introduced FortiSIEM for MSSP. The evolution of VAR to a service provider can be very capital intensive, and so one of the things that we've done with our hardware as a service and FortiSIEM for MSSP, we've really tried to reduce the cost of the entry point, and drive more day one margin opportunity for those partners. >> Let me build on that if I may Lisa, so Ken and Mike have done a pretty phenomenal job of steering Fortinet into the future and anticipating some of the big changes that have occurred. You guys have therefore pretty decent visibility into how things are going to play out, and are now large enough that your actually participating in making the future that >> Right >> Everybody else is thinking about. When you introduce a product, I mean, it takes a period of time for your partners to get educated, to up-skill, to really set themselves up to succeed in this dynamic world. Are you introducing educational regimens, competency tests, providing advice and council about the new competencies they're going to need, in anticipation to some of these, some of the roadmap of the, to the future that you see? >> Yeah, so two things I'll touch on there is you know, the NSC program has been wildly successful program for ... >> Peter: No what does NSE stand for? >> Network Security Expert so it's a training course where for a partner and you've got new team members coming on board, the NSE113 really enables them of how to position, you know, Fortinet, and what the challenges are in a network in a cybersecurity environment today. With the elements four through eight being more technical. We've seen over 200,000 certifications being adopted globally, so, I think, part of the visionary capabilities that Michael and Ken have, is they've incorporated the education piece of it, and so carrying that along, and so as we do introduce new products, it's built into the NSE modules. I'll point to one of the most successful things we did in 2018 was called Fast Tracks, and so we've basically taken the NSE content and put it into consumable two hour, hands on, technical labs for our partners and customers. We had a goal in 2018 to hit about a thousand people going through the Fast Track program, we hit over eight thousand people. So, we know that there is a thirst for knowledge out there and the company's done a really good job, through the NSE program, the Network Security Expert Program, through out Network Security Academy Program, and through our Fast Tracks to drive that necessary enablement. >> Peter: That's very exciting. >> Yeah I know absolutely, I mean, it's a fantastic time to be at Fortinet, its a fantastic time to be a Fortinet partner, and I think with the announcements that we made today, we're really trying to set our partners up for success, and help them build a all encompassing business around the Security Fabric. It's a very noisy industry out there. There's a lot of point based solutions that, that lack the integration and really you need an integrated set of solutions in this, you know, expanding digital footprint that customers are faced with. >> So when we talk about education and I'm glad that you guys brought that up, that was a big topic, it was a pillar that Ken talked about, that Patrice talked about as well, it was one of the core pillars that was talked about at the World Economic Forum that was just a couple of months ago. So as we talk about education and educating your partners, I'd like to kind of flip that and ask how are your partners educating you on, these are the trends and concerns and the issues that we're seeing in the market today, to help influence the direction of Fortinet's technology? >> Yup, you know it's funny that you say that, I've been in partner meetings all day today, and it's great I get to spend, I don't think I've ever been this popular and definitely not in high school or college, but in spending time with partners and understanding their challenges it's good to see that our focus on the competency and preference and providing consumption modeling, fits to exactly the challenges that they're faced with, because VARS will tell you that the transition from being a reseller to an MSP can be very, very expensive. And so, with FortiSIEM for MSSP and the as of service offerings, we're reducing that. And so, there are , they're resonating to that. But the other thing is, for the mid-market customer, the Security Fabric alleviates the need for the Cyber skills gap, right? We can't hire fast enough, and so, by depending upon the broad integrated and automated posture that this Fortinet Security Fabric allows, it really allows partners and customers to overcome some of the challenges, just from a head count standpoint. And I think that the NSE program also does a very good job of filling that gap as well. >> So the partner used to mean, these are the, for that group of customers, who our direct sales organization can't make money on, we will give them to partners, or the very, very large, for a very, very large company that's owned by Accenture or owned by Dimension Data, or something like that, >> Yup >> We'll work with them and deliver it. And that kind of middle was kind of lost. But even today, that Loewen, that idea of segmenting purely on the basis of how big they are, is problematic because there's a lot of small companies happening because of this digital transformation they're going to very rapidly grow into some very, very big footprints. >> Absolutely >> So how is that line between what Fortinet does, what the partner does, what the customer does, to achieve these outcomes, starting to shift? >> We're going to be introducing an ecosystem based approach. It's called Partner to Partner Connect, and it is to actually do that very thing. For those partners that may be in the mid-market, that need those expertise, we're going to allow partners to create almost a marketplace of service offerings so they can fill their gaps and they can build meaningful practices, leveraging what Fortinet is doing, but also leveraging somewhat some of our other partners are doing. We're seeing this immediately done with our distribution partners, in North America, and we're going to be introducing the Partner to Partner Connect later this year, and accessible through our Partner Portal. >> And those competencies that are associated with the NSE and the education, then become part of those Partner to Partner brands >> John: Absolutely >> Which makes it easy for those partners to be more trustworthy of whatever accommodations they put together to serve customers. >> Yup, I'll give you an example. So, we're also going to be announcing tomorrow afternoon in our North America breakout session, a Cloud Channel Initiative, and so our goal with this Cloud Channel Initiative, is to allow partners to build meaningful security and networking businesses in the public Cloud. We're going to utilize blueprints for reference architectures, we're going to align with education and certification, and then we're going to guide them through enablement to go to market. That's one of the things also we released this week was the NSE7 for public and private Cloud. So again, as we introduce new technologies and we introduce new opportunities, we're also aligning that to education as well, so the partners can be self service, because the better job a partner does is developing that competency , then the more services rich they're going to be able to deliver to the end customer themselves. >> What are some of your expectations in terms of FY19, I know this is a 20% year on your growth that Fortinet as a company achieved last year, I imagine a good amount of that was driven and influenced by the channel, but as this momentum continues to grow, as we saw this morning, and we've heard throughout this show today, what are some of your expectations about growing the number of partners in the programs that you talked about, like by the end of this year? >> Yes, we recognize, you know, first of all we appreciate our partners so much, and we want to ensure that we are enabling their business we're absolute in active recruitment mode. You know, we're currently going through recruitment and reactivation campaigns with partners that we want or maybe have done business with us before. We see we're coming off of a quarter in which we set a record for the most deal registrations and so that's really the metric in which we look for partner impact. They bring us an opportunity, we give them additional margin and we protect them. So, Q1, fiscal Q1 for us, was our largest deal registration quarter we've ever had. And in 2018 we saw a 52% increase in closed opportunities through our deal registration program. So the impact of the North American Channel is absolutely being felt and we're really excited about the new partner program and what it's going to allow us to do as we expand more into the MSP market, more into the Cloud market, and then hopefully go enable that whole consultancy layer that's out there as well, to help customers on their journey. >> So in terms of your session tomorrow, 'Transforming Your Profitability with Fortinet's Tailor Made Programs,' you mentioned some of the new announcements, what are like the top three take aways that attendees from that session are going to walk away with? >> Well it's going to be, we want to drive partner initiated revenue, we want to do that through competency development, through Widespace account penetration, and through meaningful investments that allow our partners to scale their business. >> Lisa: Lot of momentum, John thank you so much for visiting with Peter and me on theCUBE this afternoon, we can't wait to hear what great news you have next year. >> I look forward to it, thank you both. >> Excellent, our pleasure. For Peter Burris, I'm Lisa Martin, you're watching theCUBE. (electronic music)