>> From theCUBE studios in Palo Alto in Boston, connecting with thought leaders all around the world, this is a CUBEconversation. >> Hi brother, this is Dave Vellante and welcome to this CUBEconversation. We're going to talk about a topic that is obviously top of mind in a lot of people situations right now, which is ensuring business continuity, business resiliency. Given this work from home pivot is something that a lot of people are focused on. Many CIOs have told us that business resiliency was way too focused on disaster recovery. And we're going to talk about this in the context of VPNs. Now I've got a love-hate with VPNs. I mean, on the one hand they provide safeguards. They give us privacy, they give us protection, everything's encrypted, but they can bring forth performance problems. There could be service quality issues, video or audio. And so the problem with VPNs is a lot of times they're a black box. You don't know what's going on inside. There are different types of VPNs, and it's actually a pretty complicated situation and with me to talk about that is Paul Barrett, the CTO of Enterprise at Netscout, Paul, good to see you. >> Great to be here. >> Yeah, so what did you see with regard to the trends that hit with COVID? Obviously there was this very rapid work from home pivot, VPNs had to be deployed for remote workers who typically would come into the office, what did you see? >> So with Netscout, we service the largest, most complex organizations, both in the US and globally. But for many of these organizations, the VPN services they provided really was for quite a small subset of their workforce. People working on the road, maybe they had a small subset of their employees working from home. And as you say, obviously, as we all understand, almost overnight, everyone's found themselves struggling to work from home. And quite frankly, most organizations VPN configurations were just never architected to deal with this kind of situation. One of the perhaps most important distinctions between the different types of VPN is whether you have a so called full VPN service or a split VPN service, because that really impacted the ability of organizations to deliver VPN. >> So what does that mean full versus split? I know there's sometimes free VPNs. You kind of get what you pay for, what does that mean, split versus full? >> So with a full VPN connection, every thing that you connect to on the internet or any business service has to go over your VPN connection. You can't make any direct connections from your PC to the internet, has to go through your enterprise network. So if you think about it, if you suddenly moved tens of thousands of employees to working from home, every single communication activity performed by those employees goes through your VPN concentrators. With a split VPN, and for example, I use a split VPN, only when I need to connect to business services that are provided over my enterprise network do I actually go directly to my enterprise network over the VPN. If I'm just going to Google or any other regular internet resource, then I get a direct connection to that internet resource. And that really takes the pressure off the VPN concentrators. >> The split VPN gives you more flexibility. I can't tell you how many times I've sent a link to somebody and say, oh, I can't open it, it's got to be my VPN blocking it. You're saying it gives you this sort of you have your cake and eat it too, the split VPN. >> Well, right, yes. It just means that to say it's only the traffic that has to go into the corporate network, goes through the corporate VPNs. What we observe is, as I say, 'cause we deal with very large organizations, particularly regulated industries, such as financial services and healthcare. There was a as just a requirement that hey, everything's got to come over the VPN. We don't want any traffic kind of leaking directly onto the internet. We want to have full control, so everything goes through our security stack. So one of the things we're sort of seeing now with three months into the COVID situation, I would say most of our customers have got through the worst of it. But a lot of them would say they're still running very hot. And those of who were previously offering full VPN, are saying, "Well, can I transition "to offering a split VPN service." But it's not a trivial thing to do because especially if you're highly regulated, you've got the compliance requirements, you've got to make sure that the traffic that has to go through your security stack does so, and that you're comfortable with any traffic that's going direct, SaaS services like Office 365, you have to make sure that you're comfortable with that traffic is going direct over the internet. So let's say it's the transition from full VPN to split it's quite a challenge and it's not trivial. >> Well, and I would imagine, I mean, if I'm the compliance officer I'm saying, "Go full VPN and I don't care if there's a restriction "and some handcuffs placed on the users." If you're a line of business head, you're saying, "Hey, I want more flexibility." So the brute force approach, it's a two edged sword. So how do you help solve that problem? I know you're focused on providing visibility, but explain where Netscout fits in the value chain. >> So yeah, everything Netscout does is about analyzing the traffic flag on networks. And we do it for helping customers ensure that the applications and services are healthy, that they're available, we have products that allow people to protect their applications against DDoS attacks, but in the case of VPN, it's really about understanding how the service is being used. If you actually look at the traffic coming on the enterprise side of your VPN concentrator, so often it's been decrypted, I can see who's accessing which business services, I can see, if for example, it's a full VPN connection, how I got users going to unimportant services like YouTube, which really isn't helping the situation. I can see whether, I might actually, 'cause typically large organizations have multiple VPN concentrators around the country and even around the globe. And you get situations where one set of the VPN concentrators are sitting there under utilized, whereas I've got another set of VPN concentrators that are sort of overwhelmed. And by getting this visibility of that kind of usage, I can actually think about getting some of my user groups to maybe use a different VPN concentrator. And as I was talking about the migration to a split VPN, having visibility of what applications are being used. Hey, I have this particular sensitive application and I need all that traffic to come through my security stack, but actually it turns out I didn't configure my split VPN correctly and it's all leaking directly over the public internet. Then I have the visibility I need to detect that kind of situation and to remedy it. >> So is the primary reason why people use Netscout in this use case really to, obviously to provide that visibility, but to make them more secure, is there a performance aspect as well in terms of what you guys are doing? >> Yeah, one of the, I would say the facets of the move to working from home is increased emphasis on services, such as unified communications, voice and video, the use of collaboration services, has greatly increased. Those types of service, particularly voice and video, they're real time services, they're very susceptible to poor network transmission. Things like latency and packets being dropped. And as I say, people working from home are becoming much more reliant on these types of service than they are when they're in an office. And so it's critical to understand whether problems with, for example, voice and video quality are arising in your own network, because for example, you've saturated your VPN concentrator or whether they're coming from your SaaS provider. So, to give an example, I find using, one of the well known collaboration services, if I've got problems in my own network and I'm introducing packet loss into my voice feeds, if I send all of this, because of already corrupted traffic to the collaboration service, and then that gets reflected to all of my other users, everyone will go, "Oh, hey, there's a problem "with the collaboration service." And you're going to waste time pointing your thing at the collaboration service provider, who let's be honest at the moment has got much better things to do than to go chasing phantom problems. When if you have visibility inside your own network, you can actually understand that, oh, hey, no, this is a problem of my own making. So I'm not going to waste cycles, pointing the finger at the other guy, I can actually get on with isolating the problem in my own network, figure out what I need to do and then remediate it. >> So Netscout, you guys are doing some dirty work. You like Navy Seals going in, and going deep into the network. So talk a little bit about the intellectual property behind this. How does it work? What's the secret sauce that Netscout brings to the table? >> So, our CEO and co-founder Anil Singhal, over 30 years ago, the company is 35 years old, he recognized the growing importance of the computer network and he recognized the need to understand what's happening on these networks. And of course now it's almost impossible to do anything without it involving a network of some kind. So, he persevered and continue to refine and refine the technology of analyzing what happens on a network, but converting that raw traffic into actionable data, we call that the data we produce, the metadata, Adaptive Service Intelligence, and we sometimes refer to it as smart data. And of course there's an emerging trend in the industry, of AIOps saying, what can I do if I start to apply machine learning algorithms to all the data that's coming out of my environment. It's like the old garbage in, garbage out, you could only perform high quality analytics if you have a high quality data source to work with. So that's really, that's always been our focus. How can we take all of that complex traffic on a network and map it to a very simple but actionable set of high quality data? >> So it always comes back to the data, doesn't it? In these types of things, but I wonder what is the diversity and variety of the data set? Is it a fairly narrow and well understood data set or are there sort of conflicting data that you also have to rationalize? >> Well, data model has multiple levels. Everything from reduce all the raw packets, and we're intelligent how we do that. We have all the parts that you really need, and we store rich data relating to individual transactions. That's very useful for troubleshooting, but what we were also able to do, is to actually for most network protocols, we actually can map it to a common data model. And that's extremely powerful because it means that in a single pane of glass, I can get insight into all of the different applications and protocols running on my network. >> So you've sort of addressed the data quality problem in that way, I wonder, I mean, as a CTO, I would imagine you spend a fair amount of time with customers, are there any sort of examples that you can give? Either, name names or anonymous, just in terms of the 100 days, how you've helped customers, some of your favorite examples, perhaps? >> Well, as I say, I mean, a lot of energy has been put into providing that visibility around VPN services because quite honestly it was never seen as a particularly critical component of the overall enterprise. It was that, as I said earlier, it was that kind of, oh, that's just something to help the guys on the road. And all of a sudden it became the most important piece. And as I said, it's also not just been about, okay, let's give sufficient visibility for you to kind of keep the wheels on the truck, it's also helping the customers about thinking forward, about planning. We talked about planning a migration, split VPN, but also thinking about their future needs. I think a lot of customers are looking to over-provision and the ones that have already transitioned to virtualized infrastructure are actually in a stronger position because they've got a lot more flexibility and ability, for example, to split up more VPN resources, or more virtual desktop resources, for example. >> And of course you mentioned that you guys deal with many types of industries, but specifically a lot of regulated industries, financial services, healthcare, government, et cetera. And so I would imagine that, that those guys really had to tap your services over the past 100 days. >> Exactly, and as we mentioned earlier, those are the organizations that are much more likely to be using full VPN and have a lot more constraints on their ability. So even if they do move to split VPN, then there's going to be limits on how much of the traffic that they can truly allow direct over the internet. >> I wonder if we could end just sort of riffing on the whole notion of digital transformation and automation. I mean, prior to COVID, we talk a lot about automation, talk about digital transformation, but the reality is a lot of it was lip service. A lot of customers or companies would really kind of prioritize other initiatives, but overnight, if you weren't digital, you couldn't transact business and automation has really become imperative. People don't seem to be afraid of it anymore, they seem to be sort of glomming onto it. And really as a productivity driver, how do you see the nation in this post-isolation economy and what are the impacts to some of your customers? >> Well, as we all understand, digital transformation is all about trying to be agile, to be able to move as fast as possible, to be able to deploy new services quickly, to respond to disruption in the marketplace and new opportunities. The only way you can really achieve that as you mentioned, is through large scale automation. But I like to make two observations about automation. Automation is very good at taking a small building block and then replicating it and deploying it, many hundreds or thousands of times over. But if you've got a bug or a defect in that building block, when you go and replicate it, you go and replicate whatever that failure moment was or that bug. So if you don't have visibility, very quickly, you can find that a very small little area that was overlooked by the quality guys has got the huge implications. The other thing about wholesale automation, and as we build these increasingly complex systems where we have machines talking to machines, largely unobserved, I'm always reminded of the stock market crash of 1987, so called Black Monday on October the 19th. And this was one of the biggest crashes ever, something like a trillion dollars was wiped off the US markets alone. And although, a lot of people said a correction was due, when we look back, we see that the thing that was different about that crash is that it was the first time we really had automated trading algorithms in play. Now, I don't believe anybody who wrote one of those algorithms was deliberately trying to crash the markets, they were trying to make money. But what no one had thought about is how all of these different algorithms by different people would interact with each other when they were pushed sort of out of their comfort zone, if you like. And I think we have a very strong analogy with digital transformation. As I say, we continue to build increasingly complex systems with machines talking to machines. So for me to operate these kinds of environments without maximum visibility, it's almost terrifying. It's like driving a racing car without a safety harness. So, visibility is absolutely key as we move towards further automation. >> That's interesting, I mean, I wasn't around in the 1920s, but my understanding was that when stock market crash hit then, depression then it took hours and hours and hours to determine, what the market actually closed at. You actually saw that in the 60s as well. And then I remember, well, 1987, there were no, for you younger people in United States, there were no real time quotes then, unless you had like a Bloomberg Terminal, which we had one, actually, I was at IDC at the time. And it took like many, many minutes to actually get a quote back. I mean, the volume was so high and the infrastructure just really wasn't there. But now to your point, you see things happening today in the stock market, Paul and they chalk it up to a computer glitch, which essentially means they have no idea what happened. And to your point about the complexity and machines to machines, if you think about AI, a lot of AI is again, back to this black box. So are you suggesting that you guys can actually provide visibility? It's solves some of that black box problem? >> Well, absolutely, what we can do is we can provide a visibility into the interactions between all of these different systems. It's amazing how often in these large complex environments, there may be dependencies that people didn't even know existed. That can be that complex. So by looking at all of the traffic flowing between all of these different systems, we can help people understand what the dependencies are. Is a particular sub-component starting to fail? Is it becoming slow? Is it generating errors? And if things do go wrong, it's about troubleshooting as fast as possible. We need to get these systems back up and running. So the ability to rapidly isolate problems and to get away from the situation where different organizations in IT are pointing the finger at each other, 'cause nobody really knows where to start. And that's kind of human nature. It's like, well, it could be my responsibility, but it could be the other guy, so I'm pointing the finger at the other guy. What we do is we provide that information that first of all, isolates the location of the problem. So we can put the correct team working on it and the other guys can get back to their day jobs. And by providing evidence of a problem, you can actually allow someone to get to the bottom of a problem much faster. >> You got to have tooling, with all this public internet, the public cloud, now with IOT, it's just going to get more and more complicated. We'll probably look back on the 2010s and say that was nothing compared to what we're entering here. But Paul, thanks so much for coming to theCUBE it was a great conversation. Really appreciate your insights. >> Thank you, I enjoyed it's my pleasure. >> All right and thank you for watching everybody. This is Dave Vellante for theCUBE, we'll see you next time. (upbeat music)

>> Narrator: Live from New York City, It's theCUBE. Covering CyberConnect 2017. Brought to you by Centrify, and The Institute for Critical Infrastructure Technology. (synth music tag) >> And government industries together for the first time. A unique kind of collaboration unlike normal events, like black hat or RSA, that are mostly about hacks and really geeky sessions. There's a great place for that, but again, this is the first of its kind, and it's presented by Centrify's theCUBE as an exclusive partner here, I'm John Furrier, co-host of theCUBE, co-founder of SiliconANGLE, my co-founder, Dave Vellante here. Dave, I mean, Centrify really taking an industry proactive role, not having their own event. Instead, using their money to fund an industry event. This is the trend in digital media. Presented by Centrify, not 'sponsored by' or 'their event'. This, we've seen this in the big data space before where events are sponsored for the community. You know, cyber security, really a big topic. You know, General Keith Alexander, retired general, was on stage as the keynote. Really talking about the crisis in the United States and around the world, around cyber security, cyber war, a whole new reality. This is the thrust of the event. >> Well, they say content is king. Well, context is kind of the empire, and the context here is, the world is changing. And the seriousness of that change is significant. General Alexander, many people may not know, General Keith, former, retired General Keith Alexander, he was the first Head of Chief $of Cyber Security at U.S., appointed by Obama. John, he was appointed Director of the NSA in 2005. Now, you guys remember, I'm sure, Stuxnet was right around 2004, 2005 when it was developed, and it bridged the Bush to the Obama administration. So he had the, all the inside baseball. He didn't talk about Stuxnet, but that was, >> He did share some nice war stories. >> Yeah, but that was the first and most significant, the way they got into Natanz, and he was at the center of all that. And he did share some war stories. He talked about Snowden, he talked about collaboration with the FBI, he talked about saving lives. And basically he said, hey, I stood in front of the ACLU. They basically undressed him, right? And then came back and said, hey, this is one of the most ethical agencies, and law-abiding agencies I've ever, he's seen, so he read that note from the head of the ACLU, it was very proud of that. >> Yeah, and the Stuxnet, it was in the news obviously, just yesterday it was reported, actually the day before November 1st, November 2nd, that Stuxnet was highly underestimated. In fact, the digital certificates that were spoofed were, been hanging around, the malware's been out there. Then again, this is, this is an indictment of the problem that we have, which is, we've got to get the security. Now, the things that the General talked about, I want to get your reaction to, because certainly I honed in on a couple key things. "Foundational tech for common defense." So he talked a lot about the Constitution and the role of government, I did a tweet on that, but what is the role of the government? That's the common defense of the United States, citizens and business. One. Not just protect the Department of Defense. At the same time, he did kind of put a plug in that we need the civil liberties and privacy to be addressed. But this is the biggest crisis we have, and it's a problem that can only be solved by working together. And if you look at, Dave, the trends that we're following on theCUBE and SiliconANGLE and Wikibon, the common thread is community. If you look at blockchain and what's going on in that disruptive, decentralized world, the role of the community is critical. If you look at what's going on in security, it's the role of the community. If you look at open source, the biggest success story of our multiple generations and now impacting the younger generation in the computer science industry and the computer industry, open source software. Community. You're starting to see the role of communities where knowing your neighbor, knowing who's involved with things, is really critical, and you can't highlight it any more than this conference that Centrify's presenting with these gurus, because they're all saying the same thing. You've got to share the data. The community's got to work together. So, common defense, maintaining civil liberties and maintaining privacy at the same time, solving the biggest crisis of our time. >> Well the other big thing and, John, you actually made this prediction to me a couple weeks ago, was that government and industry are going to start working together. It's going, it has to happen. General Alexander basically said that, is it the government's role, job, to protect commercial industry? And it was an emphatic yes, and he pulled out his fake version of the Constitution, and said yes, and he got in front of Panetta, in front of the US Senate, and made the case for that. And I think there's no question about it. Industries control critical infrastructure. And industries aren't in a good position to protect that critical infrastructure. They need help from the government, and the government has some of the most advanced technologies in the world. >> And the other thing we've been hearing from this, the executive at Aetna, is attack, maintaining intelligence on the data and sharing is critical to resolve the problem, but his point was that most people spend time on an attack vector that's usually wrong. He said, quote, "You're better off having people be idle, than chasing down on an attack vector that's wrong." So his point is, report that to the agencies quickly, to, one, reverse-engineer the problem. Most likely you're going to get better intel on the attack, on the vector, then you can start working effectively. So he says a lot of problems that are being solved by unconventional means. >> Well, General Alexander said that when he was head of Cyber Command, his number one challenge was visibility, on the attacks, they could only respond to those attacks. So, my question to you, John, is how will data, big data, machine learning, AI, whatever you want to call it, how will that affect our ability as an industry to proactively identify threats and thwart them, as opposed to just being a response mechanism? >> I think it's going to be critical. I think if you look at the AI and machine learning, AI is basically machine learning on steroids, that's really kind of what it is now, but it hopefully will evolve into bigger things, is really going through the massive amounts of data. One of the points that General Alexander talked about was the speed and velocity of how things are changing, and that most IT departments can't even keep up with that right now, never mind security. So machine learning will allow things to happen that are different analysis faster, rather than relying on data lakes and all kinds of old modeling, it's just not fast enough, so speed. The other thing too is that, as you start looking at security, this decentralized approach, most attacks are coming in on state-sponsored but democratized attacks, meaning you don't have, you can use open source and public domain software to provide attacks. This is what he's been talking about. So the number one thing is the data. Sharing the data, being part of a community approach where companies can work in sectors, because there's a lot of trend data coming out that most attackers will come out, or state-sponsored attacks, will target specific things. First of all, the one problem that can be solved immediately is that there's no way any of the United States military and-or energy grid should be attached to the Internet. And you can mask out all foreign attacks just by saying only people in the US should be accessing. That's one network conventional thing you can do. But getting the data out there is critical, but working in sectors. Most attacks happen like on the financial services industry, so if you sit in there and trying to solve the problem and keeping it on the down-low, you're going to get fired anyway, you know? The business is probably going to get hurt. Report it early, with your peers in the community, share some data, anonymize that data, don't make it, you know, privacy breaching, but get it out there. Number one thing. >> Well, here's the problem is, 80 billion dollars is spent a year on security, and the vast majority of that is still spent on perimeter security, and we heard today that the number one problem is things like credential stuffing, and password, poor user behavior, and our response to that is education. Jim Routh talked about, that's a conventional response. We need unconventional responses. I mean, the bottom line is that there's no silver bullet to security. You talked about, critical infrastructure should not be connected to the internet, but even then, when you have an air gap, you go back to Stuxnet, Natanz had an air gap. Mossad got through the air gap. There's always a way to get through somehow. So there's no one silver bullet. It's a portfolio of approaches and practices, and education, and unconventional processes that you have to apply. And as we talked about, >> Well I mean, there's no silver bullet, but there are solutions. And I think that's what he's saying. He gave it, General Alexander gave specific examples, when he was in charge, of the NSA command center was, you know, terrorist attacks being thwarted. Those are actual secure problems on the terrorism front that were solved. There was a silver bullet for that, it's called technology. So as you generalize it, Dave, I can hear what you're saying, because IT guys want a silver bullet. I want to buy a product that solves my security problem. >> So here's the problem I have with that is, I used to read Art Coviello's, you know, memo every year, >> Yeah. >> It was like, he tried to do like the, and he still does. But I look back every year and I say, Do we feel safer and more secure than we were last year? And every year the answer is no. So we, despite all the technology, and we've talked about this on theCUBE with Pat Gelsinger, security is essentially a do-over. We do need unconventional new ways, >> No debate. >> Of attacking the problem. >> No debate. Well I noticed, I'm just highlighting the point, I mean if you look at it from an IT perspective, the old conventional wisdom was, I want to buy a product. Hey, vendor, sell me your security product. What General's kind of pointing out is, he's kind of pointing out and connecting the dots, is like, hey, what they learned in the NSA was, it's an ongoing iterative thing that's happening in real time. It's not an IT solution anymore. It's a more of a holistic problem. Meaning, if you don't under stand the problem space, you can't attack it. So when they talked about the terrorist attack, they had a phone record, and they had to give it to the FBI. The FBI had to get into it. They discovered the guy in basically 24 hours, and then it took a week to kind of vet the information. Luckily they caught it and saved a subway attack in New York City in 2008 that would have been devastating. Okay, still, they were successful, but, weeks. So machine learning, and to your point, is only going to accelerate those benefits. And again, the real counterpoint as General pointed out is, civil liberties and privacy. >> Well, talk- >> I mean, what do you want? You want subway attacks, or you want to have your email, and your email be clean, or you want to have people read your email, and no subway attacks? I mean, come on. >> Well, you and I have talked about this on theCUBE over a number of years, and talking about Snowden, and General Alexander brought it up, you know, basically saying, hey, he told he story and he was pretty emphatic as to, his job is to protect, not only the citizens of the United States, but the infrastructure, and basically saying that we couldn't have done it without the laws that allowed us to analyze the metadata. >> I think, I think, in my opinion, what I think's going to happen is, we're going to have a completely reimagined situation on government. If you look at the trends with GovCloud, what's going on with AWS, Amazon Web Services, in the federal area, is an acceleration of massive agility and change happening. You're going to see a reimagine of credentials. Reimagining of culture around hiring and firing people that are the right people. You know I said, and I always say, there should be a Navy SEALs for cyber, a West Point for cyber. So I think you're going to start to see a cultural shift from a new generation of leaders, and a new generation of citizens in the US, that are going to look at citizenship differently. So for instance, Centrify, which is putting on this event, has an identity solution. That's an easy solution. Take it out of IT's problem, no one should be patching 1200 different IT systems in the government. Screw it. It's like a driver's license. Here's your credential, you know? >> So, >> So there's new ways to think of it. Radical ways, progressive ways, whatever you want to call it, I think those are going to be coming fast. Blockchains is a solution. >> I was going to ask you about that. So, four out of five breaches are password related. From credential stuffing or just bad password behavior. Everybody uses the same password, because they can remember it, across all these sites. So four out of five of the breaches can be traced back to poor password behavior. So, will things like blockchain or single sign-on, really, the answer, that's about the wrong question. When will, and how will, things like blockchain come to front and center, to solve that problem? >> I don't know, Dave. I mean, all I know is in today's Wall Street Journal, Andy Kessler writes a story that if you want to predict the future, it's all about dodgeball. You've got to get in the game and get hit by a few balls to know what's kind of going on around you. >> Dave: So you've got to fail first. >> Everybody has an opinion, nobody actually knows the answer, this has been a premise in the tech business. In my opinion, my opinion is, to reimagine things, you've got to look at it differently. So if you look at Jim Routh, the CSO at Aetna said, he said, look, we're going to solve these problems in a way, and he said, I'm not even a computer science major, I'm a history major, and I'm running Aetna's security practice. And his point was, he's a history major, civilizations crumble when trust crumbles. Okay, so trust is a huge issue, so trust on the government, trust on the systems, trust with email, so that, so he's looking at it and saying, hey, I want systems that don't erode trust, because the civilization of the world will disintegrate. So trust is a big factor, these are the new things that the best minds have to solve. >> I think the other thing, that really important topic that came up is, is public policy, and there was a discussion on sort of the, you know, hacktivists versus state-sponsored terrorism, so the payload, or the signature of a hacktivist malware is dramatically different than that of a state-sponsored initiative. State-sponsored initiatives are much more sophisticated and much more dangerous. And so, Robert Gates, when he was on theCUBE, brought this up, and he said, listen, we have the best technology in the world. The best security in the world. And we apply that largely for defense, and he said, we could go on the offensive. He said the problem is, so can everyone else, and we have, as a nation, a lot more to lose. So when you, we talked about Stuxnet earlier, Stuxnet basically was your tax dollars at work, getting into the hands eventually of the bad guys, who then use that to come back and say, okay, we can attack critical infrastructure, US, so you better be careful. >> It's bigger than that, though, Dave. That's a one, that's an old point, which is a good point, but Stuxnet was the beginning of a movement that state-sponsored actors were doing. In the old days, a state-sponsored actor, in the Iran case, came from a state sponsor, they revealed their hands in their hack a little too early, and we could counter that. But when you look at the specific attacks over the past 15 years, if a state-sponsored attack on the US was happening, it was their, they had to show their hand. That's different now, with WikiLeaks and public domain, states can still remain anonymous and saying "It wasn't us!" And point to these organizations by democratizing hacker tools. So whether it's Stuxnet or something else, you're seeing state-sponsored actors, and I won't, China, Russia, whoever they are, they can actually enable other people who hate the US to attack us. Their signature's not even on it. So by democratizing the hacker tools, increases the number of people that could attack the US. And so the state sponsors aren't even doing anything. >> Well, so, Jim Routh talked about WannaCry and NotPetya, which were, you know, generally believed to be ransomware. He said no, they weren't ransomware. They only collected about 140 thousand from that in US dollars. They were really about state-sponsored political acts. I don't know, sending warnings. We're going to ask him about that when he comes in theCUBE. >> Alright. We've got a big day here. New York City here for CyberConnect 2017, this is the inaugural event presented by Centrify. All the top leaders in the industry and government are here solving the problem, the crisis of our generation's cyber attack security, both government and industry coming together. This is theCUBE, we'll be back, more live coverage after this short break.

>> Host: New York City, it's The Cube covering Cyber Connect 2017, brought to you by Centrify and the Institute for Critical Infrastructure Technology. >> Hey, welcome back, everyone. This the Cube's live coverage in New York City. This is the Cyber Connect 2017, presented by Centrify, underwritten by such a large industry event. I'm John Furrier, Dave Vellante. Our next guest is Byron Acohido who's the journalist at lastwatchdog.com. Thanks for joining us, welcome to The Cube. >> Thank you, pleasure to be here. >> So, seasoned journalist, there's a lot to report. Cyber is great, we heard a great talk this morning around the national issues around the government. But businesses are also struggling, too, that seems to be the theme of this event, inaugural event. >> It really is a terrific topic that touches everything that we're doing, the way we live our lives today. So, yeah, this is a terrific event where some of the smartest minds dealing with it come together to talk about the issues. >> What's the top level story in your mind in this industry right now? Chaos, is it data, civil liberties, common threats? How do you stack rank in level of importance, the most important story? >> You know, it really is all of the above. I had the privilege to sit at lunch with General Keith Alexander. I've seen him speak before at different security events. So it was a small group of the keynote speakers, and Tom Kemp, the CEO of Centrify. And he just nailed it. He basically, what resonated with me was he said basically we're kind of like where we were, where the world was at the start of World War I, where Russia and Germany and England, we're all kind of lining up, and Serbia was in the middle, and nobody really knew the significance of what lay ahead, and the US was on the sidelines. And all these things were just going to converge and create this huge chaos. That's what he compared it today, except we're in the digital space with that, because we're moving into cloud computing, mobile devices, destruction of privacy, and then now the nation states, Russia is lining up, North Korea, and Iran. We are doing it too, that was probably one of the most interesting things that came at you. >> His rhetoric was very high on the, hey, get our act together, country, attitude. Like, we got a lot to bring to the table, he highlighted a couple use cases and some war stories that the NSA's been involved in, but almost kind of teasing out, like we're kind of getting in our own way if we don't reimagine this. >> Yes, he is a very great advocate for the private sector industry, but not just industry, the different major verticals like especially the financial sector and the energy sector to put aside some of the competitive urges they have and recognize that this is going on. >> Okay, but I got to ask you, as a journalist, Last Watchdog, General Alexander definitely came down, when he sort of addressed privacy, and Snowden, and the whole story he told about the gentleman from the ACLU who came in a skeptic and left an advocate. As a journalist whose job is to be a skeptic, did you buy that? Does your community buy that? What's the counterpoint to that narrative that we heard this morning? >> Well, actually I think he hit it right on the head. As a journalist, why I got into this business and am still doing it after all these years is if I can do a little bit to shed a little bit of light on something that helps the public recognize what's going on, that's what I'm here to do. And this topic is just so rich and touches everything. We were talking just about the nation state level of it, but really it effects down to what we're doing as a society, what Google, and Facebook, and Twitter, how they're shaping our society and how that impacts privacy. >> We were talking last night, Dave, about the Twitter, and Facebook, and Alphabet in front of the Senate hearings last week, and how it means, in terms, he brought it up today. The common protection of America in this time, given the past election, that was the context of the Google thing, really has got a whole opportunity to reimagine how we work as a society in America, but also on the global stage. You got China, Russia, and the big actors. So, it's interesting, can we eventually reimagine, use this opportunity as the greatest crisis to transform the crap that's out there today. Divisiveness, no trust. We're living in an era now where, in my life time I can honestly say I've never seen it this shitty before. I mean, it's bad. I mean, it's like the younger generation looking at us, looking at, oh, Trump this, Trump that, I don't trust anybody. And the government has an opportunity. >> Alright, but wait a minute. So, I'm down the middle, as you know, but I'm going to play skeptic here a little bit. What I basically heard from General Alexander this morning was we got vetted by the ACLU, they threw sort of holy water on it, and we followed the law. And I believe everything he said, but I didn't know about that law until Snowden went public, and I agree with you, Snowden should be in jail. >> John: I didn't say that. >> You did, you said that a couple, few years ago on The Cube, you said that. Anyway, regardless. >> I'm going to go find the archive. >> Maybe I'm rewriting history, but those laws were enacted kind of in a clandestine manner, so I put it out to both of you guys. As a citizen, are you willing to say, okay, I'll give up maybe some of my privacy rights for protection? I know where I stand on that, but I'm just asking you guys. I mean, do all your readers sort of agree with that narrative? Do all of The Cube? >> If you look at the World War I example the general, he brought up at lunch, I wasn't there, but just me thinking about that, it brings up a good perspective. If you look at reinventing how society in America is done, what will you give up for safety? These are some of the questions. What does patriotizing mean for if industry's going to work together, what does it mean to be a patriot? What I heard from the general onstage today was, we're screwed if we don't figure this out, because the war, it's coming. It's happening at massive speeds. >> Again, I know where I stand on this. I'm a law-abiding citizen. >> - Byron, what do you think? >> Go ahead and snoop me, but I know people who would say no, that's violating my constitutional rights. I dunno, it's worth a debate, is all I'm saying. >> It's a core question to how we're living our lives today, especially here in the US. In terms of privacy, I think the horse has left the barn. Nobody cares about privacy if you just look at the way we live our lives. Google and Facebook have basically thrown the privacy model-- >> GPS. >> That came about because we went through World War I and World War II, and we wanted the right to be left alone and not have authoritative forces following us inside the door. But now we don't live in just a physical space, we live in a cyberspace. >> I think there's new rules. >> There is no privacy. >> Don't try and paint me into a corner here, I did maybe say some comments. Looking forward the new realities are, there are realities happening, and I think the general illuminated a lot of those today. I've been feeling that. However, I think when you you define what it means to be a patriot of the United States of America and freedom, that freedom has to be looked through the prism of the new realities. The new realities are, as the General illuminated, there are now open public domain tools for anyone to attack the United State, industry and government, he brought it up. Who do they protect, the banks? So, this ends up, I think will be a generational thing that the younger generation and others will have to figure out, but the leaders in industry will have to step up. And I think that to me is interesting. What does that look like? >> I think leadership is the whole key to this. I think there's a big thread about where the burden lies. I write about that a lot as a central theme, where is the burden? Well, each of us have a burden in this society to pay attention to our digital footprint, but it's moving and whirling so fast, and the speaker just now from US Bank said there is no such thing as unprecedented, it's all ridiculous the way things are happening. So, it has to be at the level of the leaders, a combination, and I think this is what the general was advocating, a combination of the government as we know it, as we've built it, by and for the people, and industry recognizing that if they don't do it, regulations are going to be pushed down, which is already happening here in New York. New York State Department of Financial Services now imposes rules on financial services companies to protect their data, have a CSO, check their third parties. That just went in effect in March. >> Let's unpack that, because I think that's what new. If they don't do this, they don't partner, governments and industry don't partner together, either collectively as a vertical or sector with the government, then the government will impose new mandates on them. That's kind of what you're getting at. That's what's happening. >> It'll be a push and shove. Now the push is because industry has not acted with enough urgency, and even though they were seeing them in the headlines. California's already led the way in terms of its Data Loss Disclosure law that now 47 states have, but it's a very, I mean, that's just the level the government can push, and then industry has to react to that. >> I got to say, I'm just being an observer in the industry, we do The Cube, and how many events will we hear the word digital transformation. If people think digital transformation is hard now, imagine if the government imposes all these restrictions. >> What about GDPR? >> Byron: That's a good question, yeah. >> You're trying to tell me the US government is going to be obliged to leak private information because of a socialist agenda, which GDPR has been called. >> No, that's another one of these catalysts or one of these drivers that are pushing. We're in a global society, right? >> Here's my take, I'll share my opinion on this, Dave, I brought it up earlier. What the general was pointing out is the terror states now have democratized tools that other big actors are democratizing through the public domain to allow any enemy of the United States to attack with zero consequences, because they're either anonymous. But let's just say they're not anonymous, let's just say they get caught. We can barely convert drug dealers, multiple jurisdictions in court and around the world. What court is out there that will actually solve the problem? So, the question is, if they get caught, what is the judicial process? >> Navy SEALs? >> I mean, obviously, I'm using the DEA and drug, when we've been fighting drug for multiple generations and we still have to have a process to multiple years to get that in a global court. I mean, it's hard. My point is, if we can't even figure it out for drug trade, generations of data, how fast are we going to get cyber criminals? >> Well, there is recognition of this, and there is work being done, but the gap is so large. Microsoft has done a big chunk of this in fighting botnets, right? So, they've taken a whole legal strategy that they've managed to impose in maybe a half-dozen cases the last few years, where they legally went and got legal power to shut down hosting services that were sources of these botnets. So, that's just one piece of it. >> So, this World War I analogy, let's just take it to the cloud wars. So, in a way, Dave, we asked Amazon early on, Amazon Web Services how their security was. And you questioned, maybe cloud has better security than on premise, at that time eight years ago. Oh my God, the cloud is so insecure. Now it looks like the cloud's more secure, so maybe it's a scale game. Cloud guys might actually be an answer, if you take your point to the next level. What do you think? >> Correct me if I'm wrong, you haven't seen these kind of massive Equifax-like breaches at Amazon and Google. >> That we know about. >> That we know about. >> What do you think? Don't they have to disclose? >> Cloud players have an opportunity? >> That we know about. >> That's what I was saying. The question on the table is, are the cloud guys in a better position to walk around and carry the heavy stick on cyber? >> Personally, I would say no question. There's homogeneity of the infrastructure, and standardization, and more automation. >> What do you think? What's your community think? >> I think you're right, first of all, but I think it's not the full answer. I think the full answer is what the general keeps hammering on, which is private, public, this needs to be leadership, we need to connect all these things where it makes sense to connect them, and realize that there's a bigger thing on the horizon that's already breathing down our necks, already blowing fire like a dragon at us. It's a piece of the, yeah. >> It's a community problem. The community has to solve the problem at leadership level for companies and industry, but also what the security industry has always been known for is sharing. The question is, can they get to a data sharing protocol of some sort? >> It's more than just data sharing. I mean, he talked about that, he talked about, at lunch he did, about the ISAC sharing. He said now it's more, ISACs are these informational sharing by industry, by financial industry, health industry, energy industry, they share information about they've been hacked. But he said, it's more than that. We have to get together at the table and recognize where these attacks are coming, and figure out what the smart things are doing, like at the ISP level. That's a big part of the funnel, crucial part of the funnel, is where traffic moves. That's where it needs to be done. >> What about the the balance of power in the cyber war, cyber warfare? I mean, US obviously, US military industrial complex, Russia, China, okay, we know what the balance of power is there. Is there much more of a level playing field in cyber warfare, do you think, or is it sort of mirror the size of the economy, or the sophistication of the technology? >> No, I think you're absolutely right. There is much more of a level playing field. I mean, North Korea can come in and do a, this is what we know about, or we think we know about, come in and do a WannaCry attack, develop a ransomware that actually moves on the internet of things to raise cash, right, for North Korea. So there, yeah, you're absolutely right. >> That's funding their Defense Department. >> As Robert Gates said when he was on The Cube, we have to be really careful with how much we go on the offense with cyber security, because we have more to lose than anybody with critical infrastructure, and the banking system, the electrical grid, nuclear facilities. >> I interviewed a cyber guy on The Cube in the studio from Vidder, Junaid Islam. He's like, we can look at geo and not have anyone outside the US access our grid. I mean, no one should attack our resources from outside the US, to start with. So, core network access has been a big problem. >> Here's something, I think I can share this because I think he said he wouldn't mind me sharing it. At the lunch today, to your point that we have more to lose is, the general said yeah, we have terrific offensive capability. Just like in the analog world, we have all the great bombers, more bombers than anybody else. But can we stop people from getting, we don't have the comparable level of stopping. >> The defense is weak. >> The defense, right. Same thing with cyber. He said somebody once asked him how many of your, what percentage of your offensive attacks are successful? 100%. You know, we do have, we saw some of that with leaks of the NSA's weapons that happened this year, that gone out. >> It's like Swiss cheese, the leaks are everywhere, and it's by the network itself. I ran into a guy who was running one of the big ports, I say the city to reveal who it was, but he's like, oh my God, these guys are coming in the maritime network, accessing the core internet, unvetted. Pure core access, his first job as CIO was shut down the core network, so he has to put a VPN out there and segment the network, and validate all the traffic coming through. But the predecessor had direct internet access to their core network. >> Yeah, I think the energy sector, there's a sponsor here, ICIT, that's in the industrial control space, that I think that's where a lot of attention is going to go in the next couple of years, because as we saw with these attacks of the Ukraine, getting in there and shutting down their power grid for half a day or whatever, or with our own alleged, US own involvement in something like Stuxnet where we get into the power grid in Iran, those controls are over here with a separate legacy. Once you get in, it's really easy to move around. I think that needs to be all cleaned up and locked down. >> They're already in there, the malware's sitting in there, it's idle. >> We're already over there probably, I don't know, but that's what I would guess and hope. >> I don't believe anything I read these days, except your stuff, of course, and ours. Being a journalist, what are you working on right now? Obviously you're out there reporting, what are the top things you're looking at that you're observing? What's your observation space relative to what you're feeding into your reports? >> This topic, security, I'm going to retire and be long gone on this. This is a terrific topic that means so much and connects to everything. >> A lot of runway on this topic, right? >> I think the whole area of what, right there, your mobile device and how it plugs into the cloud, and then what that portends for internet of things. We have this whole 10-year history of the laptops, and we're not even solving that, and the servers are now moving here to these mobile devices in the clouds and IOT. It's just, attack surface area is just, continues to get bigger. >> And the IT cameras. >> The other thing I noticed on AETNA's presentation this morning on the keynote, Jim was he said, a lot of times many people chase the wrong attack vector, because of not sharing, literally waste cycle times on innovation. So, it's just interesting market. Okay, final thoughts, Byron. This event, what's the significance of this event? Obviously there's Black Hat out there and other industry events. What is so significant about CyberConnect from your perspective? Obviously, our view is it's an industry conversation, it's up-leveled a bit. It's not competing with other events. Do you see it the same way? What is your perspective on this event? >> I think that it's properly named, Connect, and I think that is right at the center of all this, when you have people like Jim Ralph from AETNA, which is doing these fantastic things in terms of protecting their network and sharing that freely, and the US Bank guy that was just on, and Verizon is talking later today. They've been in this space a long time sharing terrific intelligence, and then somebody like the general, and Tom Kemp, the CEO of Centrify, talking about giving visibility to that, a real key piece that's not necessarily sexy, but by locking that down, that's accessing. >> How is the Centrify message being received in the DC circles? Obviously they're an enterprise, they're doing very well. I don't know their net revenue numbers because they're private, they don't really report those. Are they well-received in the DC and the cyber communities in terms of what they do? Identity obviously is a key piece of the kingdom, but it used to be kind of a fenced off area in enterprise software model. They seem to have more relevance now. Is that translating for them in the marketplace? >> I would think so, I mean, the company's growing. I was just talking to somebody. The story they have to tell is substantive and really simple. There's some smart people over there, and I think there are friendly ears out there to hear what they have to say. >> Yeah, anything with identity, know your customer's a big term, and you hear in blockchain and anti-money laundering, know your customer, big term, you're seeing more of that now. Certainly seeing Facebook, Twitter, and Alphabet in front of the Senate getting peppered, I thought that was interesting. We followed those guys pretty deeply. They got hammered, like what's going on, how could you let this happen? Not that it was national security, but it was a major FUD campaign going on on those platforms. That's data, right, so it wasn't necessarily hacked, per se. Great stuff, Byron, thanks for joining us here on The Cube, appreciate it. And your website is lastwatchdog.com. >> Yes. >> Okay, lastwatchdog.com. Byron Acohido here inside The Cube. I'm John Furrier, Dave Vellante, we'll be back with more live coverage after this short break.

(light orchestral music) >> Hello, everyone. Welcome to special CUBEConversation here in theCUBE studio in Palo Alto, California. I'm John Furrier, the co-founder of SiliconANGLE Media and also the co-host of theCUBE. We're here with Junaid Islam, who is the President and CTO of a company called Vidder. Also supports the public sector and the defense community. Teaches a class on cyber intelligence and cyber warfare. Junaid, thank you for coming in. >> Well, thanks for having me, it's great to be here. >> Now, you see, we've been doing a lot of coverage of cyber in context to one, the global landscape, obviously >> Yeah >> And in our area of enterprise and emerging tech you see the enterprises are all shaking in their boots. But you now have new tools like IoT which increases the service area of attacks. You're seeing AI being weaponized for bad actors. But in general, it's just that it's really a mess right now. >> Yeah >> And security is changing. So, I'd like to get your thoughts on it and also talk about some of the implications around the cyber warfare that's going on. Certainly the election's on everyone's mind, you see fake news. But really, it's a complete new generational shift that's happening. With all the good stuff going on, block chain and everything else, and AI, there's also bad actors. Fake news is not just fake content. There's an underlying infrastructure, a critical infrastructure, involved. >> Yeah, you're 100% right. And I think what you have hinted on is something that is only, now, people are getting awareness of. That is, as America becomes a more connected society, we become more vulnerable to cyber attacks. For the past few years, really, cyber attacks were driven by people looking to make twenty bucks, or whatever, but now you really have state actors moving into the cyber attack business. And actually subsidizing attackers with free information. And hoping to make them more lethal attackers against the United States. And this really is completely new territory. When we think about cyber threats almost all of the existing models, don't capture the risks involved here. And it affects every American. Everybody should be worried about what's going on. >> And, certainly, the landscape has changed in security and tech with cloud computing, but more importantly, we have Trump in the office and all this brouhaha over just that in itself. But in concern to that, you're seeing the Russians, we're seeing them involved in the election, you're seeing China putting blocks and everything, and changing how the rules, again. It's a whole global economy. So I got to ask you the question that's on everyone's mind is cyber war is real. We do not have a West Point, Navy SEALs for cyber yet. There's some stuff at Berkeley that's pretty interesting to me. That Michael Grimes at Morgan Stanley is involved with. A bunch of other folks as well. Where a new generation of attacks is happening. >> Junaid: Yeah. >> In the US of A right now. Could you comment and share your thoughts and reactions to what's happening now that's different in the US from a cyber attack standpoint and why the government is trying to move quickly why companies are moving quickly. What's different now? Why is the attacks so rampant? What's changed? >> I think the biggest difference we have now is what I would call direct state sponsorship of cyber attack tools. A great example of that is the Vault 7 disclosure on WikiLeaks. Typically, when you've had intelligence agencies steal one thing from another country, they would keep it a secret. And, basically, use those vulnerabilities during a time of an attack or a different operation. In this case, we saw something completely different. We think the Russians might have stolen, but we don't know. But whoever stole it, immediately puts it back into the public domain. And why do they do that? They want those vulnerabilities to be known by as many attackers as possible, who then, in turn, will attack the United States at across not only public sector organizations, but as private. And one of the interesting outcomes that you've seen is the malware attacks or cyber attacks we saw this year were much more lethal than ever before. If you look at the WannaCry attack and then the NotPetya attack. NotPetya attack started with the Russians attacking the Ukraine. But because of the way that they did the attack, they basically created malware that moved by itself. Within three days, computers in China that were 20 companies away from the original target were losing their data. And this level of lethality we've never seen. And it is a direct result of these state actors moving into the cyber warfare domain. Creating weapons that basically spread through the internet at very high velocity. And the reason this is so concerning for the United States is we are a truly connected society. All American companies have supply chain partners. All American companies have people working in Asia. So we can't undo this and what we've got to do, very quickly, is develop counter measures against this. Otherwise, the impacts will just get worse and worse. >> So in the old days, if I get this right, hey I attack you, I get to see a backdoor to the US. And spy on spy kind of thing. >> Junaid: Yeah. >> Right, so now, you're saying is, there's a force multiplier >> That's right out there with the crowd. So they're essentially democratizing the tools. We used to call it kiddie scripts. Now they're not kiddie scripts anymore, they're real weapons of cyber weaponry that's open to people who want to attack or motivated to attack the US. Is that kind of, am I getting that right? >> That's right. I mean, if you look at what happened in WannaCry, you had people looking for $200 payout, but they were using tools that could have easily wiped out a country. Now, the reason this works for America's enemies, as it were, or adversaries, is in the short run, they get to test out weapons. In the long run, they're really learning about how these attacks propagated. And make no mistake, if there's a political event and it's in their interest to be able to shut down US computers. It's just something we need to worry about and be very conscious of. Of specifically, these new type of attack vectors. >> Now to put my fear mongering hat on because as a computer scientist, myself, back in the day, I could only imagine how interesting this is to attack the United States. What is the government doing? What is the conversations that you're hearing? What are some of the things going on in the industry around? OK, we're seeing so sophisticated, so orchestrated. At many levels, state actors, democratizing the tools for the bad guys, if you will, but we've seen fraud and cyber theft be highly mafia driven or sophisticated groups of organized, black market companies. Forms, I mean, really well funded, well staffed. I mean, so the HBO hack just a couple weeks ago. I mean, it's shaking them down with ransomware. Again, many, many different things. This has got to scare the cyber security forces of the United States. What are they doing? >> So I think, one thing I think Americans should feel happy about is within the defense and intelligence community, this has become one of the top priorities. So they are implementing a huge set of resources and programs to mitigate this. Unfortunately, they will, they need to take care of themselves first. I think it's still still up to enterprises to secure their own systems against these new types of attacks. I think we can certainly get direction from the US government. And they've already begun outreach programs. For example, the FBI actually has a cyber security branch, and they actually assign officers to American companies who are targets. And typically that's actually, I think, started last year. >> John: Yeah. But they'll actually come meet you ahead of the attack and introduce themselves. So that's actually pretty good. And that's a fantastic program. I know some of the people there. But you still have to become aware. You still have to look at the big risks in your company and figure out how to protect them. That is something that no law enforcement person can help you at. Because that has to be pro-active. >> You know we everyone who watches my Silicon Valley podcast knows that I've been very much, talk a lot about Trump, and no one knows if I voted for him or not or actually, didn't vote for him, but that's a different point. We've been critical of Trump. But also at the same time, the whole wall thing is kind of funny, in itself, building wall is ridiculous, but that's take that to the firewall problem. >> Junaid: Yeah. >> Let's talk about tech. The old days, you have a firewall. Right? The United States really has no firewall because the perimeters or the borders, if you will, are not clear. So in the industry they call it "perimeter-less". There's no more moat, there's no more front door. There's a lot of access points into networks in companies. This is changing the security paradigm. Not only at the government level, but the companies who are creating value but also losing money on these attacks. >> Junaid: Yeah. >> So what is the security paradigm today? Is it people putting their head in the sand? Are there new approaches? >> Junaid: Well, yeah. >> Is there a do over, is there a reset? Security is the number one thing. >> So I >> What are companies and governments doing? >> So I think, well first of all, there's a lot of thinking going on but I think there's two things that need to happen. I think one, we certainly need new policies and laws. I think just on the legal side, whether you look at the most recent Equifax breach we need to update laws on people holding assets that they need to become liable. We also need more policies that people need to lock down national critical infrastructure. Like power systems. And then the third thing is the technical aspect. I'd bring it. We actually in the United States actually do have technologies that are counter measures to all of these attacks and we need to bring those online. And I think as daunting as it looks like protecting the country, actually, it's a solvable problem. For example, there's been a lot of press that you know foreign governments are scanning US power infrastructure. And, you know, from my perspective as a humble networking person, I've always wondered why do we allow basically connectivity from outside the United States to power plants which are inside the United States. I mean, you could easily filter those at the peering points. And I know some people might say that's controversial, you know, are we going to spy on >> John: And ports too. >> Yeah. >> Like, you know, ports of New Orleans. I was talking to the CTO there. He's saying maritimes are accessing the core network. >> Yeah, so from my perspective as a technical, I'm not a politician, but I >> (laughs) That's good, thank God! We need more of you out there. >> I would and I've worked on this problem a little bit I would certainly block in-bound flows from outside the United States to critical infrastructure. There is no value or reason, logical reason, you would give a why someone from an external country should be allowed to scan a US asset. And that is technically quite simple for us to do. It is something that I and others have talked about you know, publically and privately. I think that's a very simple step we could do. Another very simple step we could do across the board is basically authenticated access. That is, if you are accessing a US government website, you need to sign in and there will be an MFA step-up. And I think that makes >> What's an MFA step-up. >> Well like some kind of secondary >> OK. >> Say your accessing the IRS portal and you just want to check on something you know, that you're going to sign in and we're going to send a message to your phone to make sure you are you. I know a lot of people will feel, hey, this is an invasion of privacy. But you know, I'll tell you what's an invasion of privacy. Someone stealing 140 million IDs or your backgrounds, and having everything. >> John: That just happened. >> That's a bigger >> John: That's multifactor authentication. >> So I think that >> Unless they hack your cell phone which the bitcoin guys have already done. >> Yeah >> So, it's easy for hackers to hack one system. It's harder for hackers to hack multiple systems. So I think at the national security level, there are a number of simple things we can do that are actually not expensive. That I think we as a society have to really think about doing. Because having a really governments which are very anti-American destabilizing us by taking all of our data out doesn't really help anyone. So that's the biggest loss. >> And there's no risk for destabilizing America enemies out there. They what's the disincentive. Are they going to get put in jail? There's no real enforcement. >> Junaid: Yeah. I mean, cyber is a great leverage. >> So one of the things that I think that most people don't understand is the international laws on cyber attacks just don't exist anymore. They have a long way to catch up. Let me give a counter-example, which is drugs. There are already multilateral agreements on chasing drug traffickers as they go from country to country. And there's a number of institutions that monitor and enforce that. That actually works quite well. We also have new groups focusing on human trafficking. You know, it's slowly happening but in the area of cyber we haven't even started a legal framework on what would constitute a cyber attack. And, sadly, one of the reasons that it's not happening, is America's enemies don't want it to happen. But this is where I think, as a nation, first you have to take care of yourself. And then on a multi-lateral perspective the US should start pushing a cyber security framework world wide, so that if you start getting emails from that friendly prince, who's actually a friend of mine How about you know about putting in some we can actually go back to that country and say hey, you know, we don't want to send you any more money anymore. >> John: Yeah, yeah exactly. Everyone's going to make 18 million dollars if they give them their username, password and social security number. Alright, final question on this segment, around the cyber security piece. What's the action, going forward? I would say it's early days and hardcore days right now. It's really the underbelly of the internet. Globally is attacking, we see that. The government doesn't have enough legal framework yet in place. They need to do that. But there's a lot of momentum around creating a Navy SEALs. You need a version of land, air and sea. Or multidisciplinary combat. >> Junaid: Yeah. >> Efforts out there there's been conversations certainly in some of our networks that we talk about. What's the young generation. I mean, you've got a lot of gamers out there that would love to be part of a new game if you will called cyber defense. What's going on? Is there any vision around how to train young people. Is there an armed forces concept? Is there something like this happening? What's the next what do we need to do as a government? >> So you've actually touched on a very difficult issue. Because if you think about security in the United States it's really been driven by a compliance model. Which is here's these set of things to memorize and this is what you do to become secure. And all of our cyber security training courses are based on models. If there's one thing we learned about cyber attackers is that these people are creative and do something new every time. And go around the model. So, I think one of the most difficult things is actually to develop training courses that almost don't have any boundaries. Because the attackers don't confine themselves to a set of attack vectors. Yet we, in our training do, we say, this is what you need to do. And time and time again people just do something that's completely different. So that's one thing we have to understand. The other thing we have to understand, which is related to that, is that all of US's cyber security plans are public and conferences. All of our universities are open. So we actually have. >> John: The playbook is out there. >> We actually, so one of the things that does happen is if you go to any large security conference you see a lot of people from the countries that are attacking us showing up everywhere. Actually going to universities and learning the course. I think there are two things. One we really need to think deeper about just how attacks are being done which are unbounded. And, two, which is going to be a bit more difficult we have to rethink how we share information on a worldwide basis of our solutions. >> John: Mmm-hmm. >> So probably not the easy answer you wanted. But I think >> Well, it's complex and required unstructured thinking that's not tied up. It's like the classic frog in boiling water dies and you put a frog in boiling water and it jumps out. We're in this false sense of security with these rules. >> Junaid: Yeah. >> Thinking we're secure And we're, people are killing us with this security >> Yeah >> It's scary >> And like I say, it's even worse when we figure out a solution the first thing we do is we tell everybody including our enemies, giving them all a lot of chance to figure out how to attack us. So I think >> So don't telegraph, don't be so open Be somewhat secretive in a ways, is actually helpful. >> I think, sadly, I think we've come to the very unfortunate position now where I think we need to, especially in the area of cyber rethink our strategies because as an open society we just love telling everybody what we do. >> John: So the final question. Final, final question. Is just, again, to end this segment. So cyber security is real or not real. How real is this? Can you just share some color for the folks watching who might say hey, you know I think it's all smoke and mirrors. I don't believe the New York Times. I don't believe this. Trump's saying this. And is this real problem? And how big is it? >> I think it is real. I think we have this calendar year, twenty seventeen, we have moved from the classic, you know, kind of like cyber, attack you know like someone's being fished to really a, the beginning of a cyber warfare. And unlike kinetic warfare where someone blows something up this is a new face that's long and drawn out. And I think one of the things that makes us very vulnerable as a society is we are an open society, we're interlinked with every other global economy. And I think we have to think about this seriously because unfortunately there's a lot of people who don't want to see America succeed. They're just like that. Even though we're nice people >> John: Yeah >> But, it's pretty important. >> It requires some harmony, it requires some data sharing. Junaid Islam, President and CTO of Vidder. Talking about the cyber security cyber warfare dynamic that's happening. It's real. It's dangerous. And our countries and other countries need to get their act together. Certainly, I think, a digital West Point, a digital Navy SEALs needs to happen. And I think this is a great opportunity for us to kind of do some good here and keep an open society while maintaining security. Junaid, thanks for sharing your thoughts. I'm John Furrier with theCUBE, here in Palo Alto. Thanks for watching. (dramatic orchestral music)

(perky music) >> Hello everyone. Welcome to a special CUBE Conversation here in the CUBE studio in Palo Alto, California. I'm John Furrier the co-founder of SiliconANGLE Media and also the co-host of the CUBE. We're here with Junaid Islam who's the president and CEO of a company called Vidder. Also supports the public sector and the defense community, teaches a class on cyber intelligence and cyber warfare. Junaid thank you for coming in. >> Well thanks for having me. It's great to be here. >> Okay, you know we've been doing a lot of coverage of cyber in context to one, the global landscape obviously. >> Yeah. >> In our area of enterprise and emerging tech, you see the enterprises are all, you know, shaking in their boots. But you now have new tools like IOT which increases the service area of attacks. You're seeing AI being weaponized for bad actors. But in general it's just really a mess right now. >> Yeah. >> And security is changing, so I'd like to get your thoughts on and also talk about, you know, some of the implications around the cyber warfare that's going on. Certainly the election is on everyone's mind. You see fake news. But really it's a complete new generational shift that's happening. With all the good stuff going on, block chain and everything else and AI, there's also bad actors. You know, fake news is not just fake content. There's an underlying infrastructure, critical infrastructure involved. >> Yeah, you're 100% right and I think what you have hinted on is something that is only now people are getting awareness of. As that is as America becomes a more connected society we become more vulnerable to cyber attacks. For the past few years really cyber attacks were driven by people looking to make $20 or whatever, but now you really have state actors moving into the cyber attack business and actually subsidizing attackers with free information and hoping to make them more lethal attackers against the United States. And this really is completely new territory. When we think about cyber threats almost all of the existing models don't capture the risks involved here and it affects every American. Everybody should be worried about what's going on. >> And certainly the landscape has changed in security and tech (mumble) cloud computing, but more importantly we have Trump in the office and there's all this brouhaha over just that in itself, but in concert to that you're seeing the Russians, we're seeing them involved in the election, you're seeing, you know, China putting, you know, blocks on everything and changing how the rules (mumble). It's a whole global economy. So I got to ask the question that's on everyone's mind, is cyber war is real? We do not have a West Point, Navy Seals for cyber yet. I know there's some stuff at Berkeley that's pretty interesting to me that Michael Grimes at Morgan Stanley's involved in with a bunch of other folks as well, where a new generation of attacks is happening. >> Junaid Islam: Yeah. >> In the US of A right now. Could you comment and share your thoughts in reaction to what's happening now that's different in the US from a cyber attack standpoint and why the government is trying to move quickly, why companies are moving quickly, what's different now? Why is the attacks so rampant? What's changed? >> I think the biggest difference we have now is what I would call direct state sponsorship of cyber attack tools. A great example of that is the Vault 7 disclosure on WikiLeaks. Typically when you've had intelligence agencies steal one thing from another country they would keep it a secret and basically use those vulnerabilities during a time of an attack or a different operation. In this case we saw something completely different. We think the Russians might has stolen it but we don't know. But whoever stole it immediately puts it back into the public domain. And why do they do that? They want those vulnerabilities to be known by as many attackers as possible who then in turn will attack the United States at across not only a public sector organizations but as private, and one of the interesting outcomes you've seen is the malware attacks, or the cyber attacks we saw this year were much more lethal than ever before. If you look at the Wannacry attack and then the NotPetya attack. NotPetya started with the Russians attacking the Ukraine but because of the way they did the attack they basically created malware that moved by itself. Within three days computers in China that were 20 companies away from the original target were losing their data. And this level of lethality we've never seen and it is a direct result of these state actors moving into the cyber warfare domain, creating weapons that basically spread through the internet at very high velocity and the reason this is so concerning for the United States is we are a truly connected society. All American companies have supply chain partners. All American companies have people working in Asia. So we can't undo this and what we've got to do very quickly is develop counter-measures against this. Otherwise the impacts will just get worse and worse. >> So the old days, if I get this right, hey, I attack you, I get to see a back door to the US and spy on spy kind of thing- >> Junaid Islam: Yeah. >> So now you're saying is there's a force multiplier out there- >> That's right. >> John Furrier: With the crowd, so they're essentially democratizing the tools, not, we used to call it kiddie scripts. >> Junaid Islam: Yeah. Now they're not kiddie scripts any more. They're real weapons of cyber weaponry that's open to people who want to attack, or motivated to attack, the US. Is that kind of, am I getting that right? >> That's right. I mean if you look at what happened in WannaCry, you had people looking for a $200 payout but they were using tools that could have easily wiped out a country. Now the reason this works for America's enemies as it were, or adversaries, is in the short run they get to test out weapons. In the long run they're really learning about how these attacks propagated and, you know, make no mistake, if there's a political event and it's in their interests to be able to shut down US computers it's just something I think we need to worry about and be very conscious of specifically these new type of attack vectors. >> Now to put my fear mongering hat on, because, you know, as a computer scientist myself back in the day, I can only imagine how interesting this is to attack the United States. What is the government doing? What's the conversations that you're hearing? What are some of the things going on in the industry around okay, we're seeing something so sophisticated, so orchestrated at many levels. You know, state actors, democratizing the tools for the bad guys, if you will, but we've seen fraud and cyber theft be highly mafia-driven or sophisticated groups of organized, you know, under the, black market companies. Forms, I mean really well-funded, well-staffed, I mean so the HBO hack just a couple weeks ago, I mean, shaking them down with ransom-ware. Again there's many, many different things. This has got to scare the cyber security forces of the United States. What are they doing? >> So I think, one thing I think Americans should feel happy about is within the defense and intelligence community this has become one of the top priorities. So they are implementing a huge set of resources and programs to mitigate this. Unfortunately, you know, they need to take care of themselves first. I think it's still up to enterprises to secure their own systems against these new types of attacks. I mean I think we can certainly get direction from the US government and they've already begun outreach programs, for example, the FBI actually has a cyber security branch and they actually assign officers to American companies who are targets and typically that's actually, I think it started last year, but they'll actually come meet you ahead of the attack and introduce themselves so that's actually pretty good. And that's a fantastic program. I know some of the people there. But you still have to become aware. You still have to look at the big risks in your company and figure out how to protect them. That is something that no law enforcement person can help you at because that has to be proactive. >> You know everyone who watches my silicon valley podcast knows that I've been very much, talk a lot about Trump and no one knows if I voted for him or not. I actually didn't vote for him but that's a different point. We've been critical of Trump but also at the same time, you know, the whole wall thing's kind of funny in and of itself. I mean, building a wall's ridiculous. But let's take that to the firewall problem. >> Junaid Islam: Yeah. >> Let's talk about tech. The old days, you had a firewall, all right? The United States really has no firewall because the perimeters or the borders, if you will, are not clear. So in the industry they call it perimeter-less. There's no more mote. There's no more front door. There's a lot of access points into networks and companies. This is changing the security paradigm not only at the government level but the companies who are creating value but also losing money on these attacks. >> Junaid Islam: Yeah. >> So what is the security paradigm today? Is it people putting their head in the sand? Are there new approaches? >> Junaid Islam: Well, yeah. >> Is it a do-over? Is there a reset? Security is a number one thing. What are companies and governments doing? >> So I think, well first of all there's a lot of thinking going on, but I think there's two things that need to happen. I think one, we certainly need new policies and laws. I think just on the legal side, whether if you look at the most recent Equifax breach, we need to update laws on people holding assets that they need to become liable. We also need more policies that people need to lock down national, critical infrastructure like power systems and then the third thing is the technical aspect (mumble). We actually, in the United States we actually do have technologies that are counter measures to all of these attacks and we need to bring those online. And I think as daunting as it looks like protecting the country, actually it's a solvable problem. For example, there's been a lot of press that, you know, foreign governments are scanning US power infrastructure. And, you know, from my perspective as a humble networking person, I've always wondered why do we allow basically connectivity from outside the United States to power plants which are inside the United States? I mean, you could easily, you know, filter those at the peering points and I know some people might say that's controversial, you know. Are we going to spy on- >> John Furrier: Yeah, and ports, too. Like- >> Yeah. >> John Furrier: You know, ports of New Orleans. I was talking to the CTO there. He's saying maritimes are accessing the core network. >> Yeah and so from my perspective as a technical, I'm not a politician, but- >> That's good! Thank God! >> But I- >> We need more of you out there. >> And I've worked on this problem a little bit. I would certainly block inbound flows from outside the United States to critical infrastructure. There is no value or reason, logical reason, you would give of why someone from an external country should be allowed to scan a US asset. And that is technically quite simple for us to do. It is something that I and others have talked about, you know, publicly and privately. I think that's a very simple step we could do. Another very simple step we could do across the board is basically authenticated access. That is if you are accessing a US government website you need to sign in and there will be an MFA step up. And I think this makes sense- >> What's an MFA step up? >> Well like some kind of secondary- >> Okay, yeah. >> So say you're accessing the IRS portal and you want to just check on something, you know, that you're going to sign in and we're going to send a message to your phone to make sure you are you. I know a lot of people will feel, hey, this is an invasion of privacy but you know I tell you what's an invasion of privacy: someone stealing 140 million IDs or your backgrounds and having everything. >> John Furrier: Which just happened. >> That's a bigger- >> So MFA multi- >> That's right, factor. Yeah, yeah. >> John Furrier: Multifactor Authentication. >> Yeah, so I think, again- >> John Furrier: Unless they hack your cellphone which the BitCoin guys have already done. >> Yeah. But, so it's easier for hackers to hack one system. It's hard for hackers to hack multiple systems. So I think at the national security level there are a number of simple things we could do that are actually not expensive that I think we as a society have been, have to really think about doing because having really governments which are very anti-American destabilizing us by taking all of our data out doesn't really help anyone, so that's the biggest loss. >> And it's no risk for the destabilizing America enemies out there. What's the disincentive? They're going to get put in jail? There's no real enforcement, I mean, cyber is great leverage. >> So one of the things that I think most people don't understand is the international laws on cyber attacks just don't exist anymore. They have a long way to catch up. Let me give a counter example which is drugs. There are already multilateral agreements on chasing drug traffickers as they go from country to country. And there's a number of institutions that monitor, that enforce that. That actually works quite well. We also have new groups focusing on human trafficking. You know, slowly happening. But in the area of cyber, we haven't even started a legal framework on what would constitute a cyber attack and sadly one of the reasons it's not happening is America's enemies don't want it to happen. But this is where I think as a nation first you have to take care of yourself and then on a multilateral perspective the US should start pushing a cyber security framework worldwide so that if you start getting emails from that friendly prince who's actually a friend of mine about, you know, putting in some, you know, we can actually go back to that country and say, hey, you know, we don't want to send you any more money anymore. >> John Furrier: Yeah, yeah, exactly. Everyone's going to make $18 million if they give up their user name, password, social security number. >> Junaid Islam: Yeah. >> All right, final question on this segment around, you know, the cyber security piece. What's the action going forward? I would say it's early days and hardcore days right now. It's really the underbelly of the internet globally is attacking. We see that. The government is, doesn't have a legal framework yet in place. They need to do that. But there's a lot of momentum around creating a Navy Seals, you know, the version of land, air, and sea, or multi-disciplinary combat. >> Junaid Islam: Yeah. >> Efforts out there. There's been conversations certainly in some of our networks that we talk about. What's the young generation? I mean, you got a lot of gamers out there that would love to be part of a new game, if you will, called cyber defense. What's going on, I mean, is there any vision around how to train young people? Is there an armed forces concept? Is there something like this happening? What's the next, what do we need to do as a government? >> So you actually touched on a very difficult issue because if you think about security in the United States it's really been driven by a compliance model, which is here's the set of things to memorize and this is what you do to become secure. And all of our cyber security training courses are based on models. If there's one thing we've learned about cyber attackers is these people are creative and do something new every time. And go around the model. So I think one of the most difficult things is actually to develop training courses that almost don't have any boundaries. Because the attackers don't confine themselves to a set of attack vectors, yet we in our training do. We say, well this is what you need to do and time and time again people just do something that's completely different. So that's one thing we have to understand. The other thing we have to understand which is related to that is that all of US's cyber security plans are public in conferences. All of our universities are open so we actually have, there's been- >> John Furrier: The playbook is out there. >> We actually, so one of the things that does happen is if you go to any large security conference you see a lot of people from the countries that are attacking us showing up everywhere. Actually going to universities and learning the course, so I think there's two things. One, we really need to think deeper about just how attacks are being done which are unbounded. And two, which is going to be a little bit more difficult, we have to rethink how we share information on a worldwide basis of our solutions and so probably not the easy answer you wanted but I think- >> It's complex and requires unstructured thinking that's not tied up. I mean- >> Yeah. >> It's like the classic, you know, the frog in boiling water dies and they put a frog in boiling water it jumps out. We're in this false sense of security with these rules- >> Yeah. >> Thinking we're secure, and people are killing us with this. >> Junaid Islam: Yeah and like I say, it's even worse when we figure out a solution. The first thing we do is we tell everybody including our enemies. Giving them a lot of chance to- >> John Furrier: Yeah. >> Figure out how to attack us. So I think, you know, we do have some hard challenges. >> So don't telegraph, don't be so open. Be somewhat secretive in a way is actually helpful. >> I think sadly, I think we've come to the very unfortunate position now where I think we need to, especially in the area of cyber. Rethink our strategies because as an open society we just love telling everybody what we do. >> John Furrier: Yeah, well so the final question, final, final question is just to end the segment. So cyber security is real or not real, I mean, how real is this? Can you just share some color for the folks watching who might say, hey, you know, I think it's all smoke and mirrors? I don't believe The New York Times, I don't believe this, Trump's saying this and is this real problem and how big is it? >> I think it is real. I think we have this calendar year 2017, we have moved from the classic, you know, kind of like cyber attack, you know, like someone's being phished for too, really the beginning of the cyber warfare and unlike kinetic warfare where somebody blows something up, this is a new phase that's long and drawn out and I think one of the things that makes us very vulnerable as a society is we are an open society. We are interlinked with every other global economy. And I think we have to think about this seriously because unfortunately there's a lot of people who don't want to see America succeed. They're just like that. Even though we're nice people. >> John Furrier: Yeah. >> But and so it's pretty important. >> It requires some harmony, it requires some data sharing. Junaid Islam, president and CTO of Vidder talking about the cyber security, cyber warfare dynamic that's happening. It's real. It's dangerous. And our country and other countries need to get their act together. Certainly I think a digital West Point, a digital Navy Seals needs to happen and I think this is a great opportunity for us to kind of do some good here and keep an open society while maintaining security. Junaid thanks for sharing your thoughts. I'm John Furrier with the CUBE here in Palo Alto. Thanks for watching.

(theCUBE theme music) >> Narrator: Live from Washington D.C. It's theCUBE, covering AWS Public Sector Summit 2017. Brought to you by Amazon Web Services and its partner ecosystem. >> Welcome back here to the show floor at AWS Public Sector Summit 2017. Along with John Furrier, I'm John Walls. Glad to have you here on theCUBE as we continue our coverage here live from the nation's capital. Joining us now from Enlighten IT Consulting is John Eubank IV, Director of Program Management Office. John, thanks for joining us here on theCUBE, a CUBE rookie, I believe, is that correct? >> Yes, sir, yeah, thanks for the invite. >> Nice to break the maiden, good to have you aboard here. First off, tell us a little bit about your consulting firm for our viewers at home, to give an idea about your frame and why you're here at AWS. >> Absolutely, so we're a big data consulting company focused on cyber security solutions for the DOD IC community. What we jumped into about three years ago was a partnership with AWS. And seeing, just the volume, the velocity of data coming out of the DOD, that those on-premise server farms could not keep up, could not support it with the power, space and cooling needs. So we partnered with AWS and over the last three years we've been migrating our customers up to GovCloud, specifically. >> So what are you doing then for DOD specifically, then? When you said you solve problems, right? They've got reams and reams of data, trying to help them manage that process a little bit better, but, you know, drill down a little bit more specifically what you're doing for DOD. >> Absolutely, so we developed a proprietary technology called the Rapid Analytic Deployment and Management Framework, RADMF, it's available on RADMF.com, R A D M F dot com. >> John Walls: True marketer. >> Yeah, true marketer at heart. So that's our, sort of governance framework for DOD applications that want to move to the cloud. It automates the deployment process to get 'em out of their existing systems up to the cloud. One of the real problems inside the DOD that we've encountered is the disparate data sets to enable effective analytics when it comes to cyber security solutions. So, I like to think back to the day one conversation about, sort of the data swamp, not the data lake. That's exactly what we have inside the DOD. There's so many home-built sensors, paired with COT sensors, that it's created this absolute mess, or nightmare of data. That swamp needs to be drained. It needs to be, sort of refined in a way that we can call it a data lake, something understandable that people can-- >> I hate the term data lake, I, you've been listening, I, John knows I hate the term data lake. Love the term data swamp, because it illustrates exactly that, there is, if you don't watch the data, and don't share it, it's just stagnant, and it turns into a swamp. And I think, this is a huge issue. >> John Eubank IV: Absolutely correct. >> So I want you to just double down on that, just give some color. Is it the volume of the data, is it the lack of sharing, both? (laughs) >> It's really every, it's everything under the sun, there's, you know, sharing issues all across the federal government right now and who can see what data, Navy doesn't want to share with Army, inside the IC-- >> John Furrier: Well that'll never happen. >> Agencies don't want to share with each other. (laughs) I think we're, we're breaking down those walls. We're seeing that, when it comes to cyber security, no one person can defend an entire nation. No one agency can defend an entire nation on their own. It has to be a collaborative solution. It has to be a team effort. Navy, Army, Air Force, IC, etc., have to work together, in tendem, in partnership, if we're ever going to just, defend our nation from cyber hackers. >> I want to ask you a philosophical question, because, you know, as someone who's been online all my life, computer science, you've seen, there's always the notion of trolling, the notion of online message boards, back in the day when I was running, is now main stream now, >> John Eubank IV: Right. >> I mean people trolling each other on Twitter, for crying out loud, main stream. So, the culture of digital has an ethos, and open source is a big driver on that cyber security, there's a huge ethos of sharing, and it's kind of an honor among practitioners. >> John Eubank IV: Mm-hmm. 'cause they know how big the threat is. How is that evolving? Because this seems to highlight, your point about sharing, that it's, the digital world's different than the analog world, and some of the practices that are getting traction can be doubled-down on. So everyone's trying to figure out what's, what should be double-down on, and what are the good practices from the bad? Can you just share some cultural... >> Well, I think you hit the nail on the head with the open source model there. That is the key right here. It's not even within the government we need to share. It's industry and government, in partnership, need to approach these problem sets together and work on 'em as one cohesive body. So, for example, our company, our platform, it's entirely an open source platform. It's government-owned solution. We don't sell, it's the big data platform, it's provided by DISA right now. We don't sell that product. It's available to any government agency that wants it for free. We have 1500 different software developers and engineers from across the government community that collaborate together to evolve that platform. And that's really the only way we're going to make a significan difference right now. >> That creativity that could come out of this new process that you're referring to, I'm just kind of thinking out loud here on theCUBE, is interesting because you think about all those people on Twitch. >> John Eubank IV: Uh-huh. >> 34 million, I think, a day or whatever the big number, it's a huge number. Those idle gamers could be actually collaborating on a core problem that could be fun. So if you look at a crowd sourcing model of attacking data, this is kind of a whole new mindset of culture. To me, this is the kind of doors that open up when you start thinking like this model. Because the bad guys are already ahead of the game. I mean, so, how do you, how do you guys talk about that, 'cause you guys have to kind of keep some data masked, and you have to kind of, maybe not expose everything. How do you balance that secretive nature of it, and yet opening it up? >> That's a question that the DHS is struggling with, sort of day in and day out right now. They're going through a couple different iterations of different efforts. There was the ESSA program, there's the Automated Indicator Sharing program going on right now with DHS and some of the IC partners of what do we share with industry, because we're recognizing as a government we can't defend this nation on our own. We need an industry partnership. How do we open that up to the general public of the United States to do that crowd sourced mentality. Threat hunting is a lot of fun if you know what you're doing, and if somebody will guide you down the path, it's an endless world and a need for threat analysts to study the data sets that are out there. Indicators of compromise point you in a general direction, but they're a wide-open direction, and... >> They're already playing, it's like lagging in a video game, they're, gamers are already ahead of, the hackers are already ahead of you. Interesting point, Berkeley, University of California at Berkeley has a new program, they call it the quote Navy Seals of cyber. It's an integrated computer science and engineering and Haas business school program. And it's a four-year degree specifically for a special forces kind of thinking. Interdisciplinary, highly data driven, computer science, engineering and business so they can understand, again, hackers run a business model. These are organized units. This is kind of what we're up against. >> Absolutely agree. >> John Furrier: What are your thoughts on that? You think that's the, the right direction, we need more of it? >> We need more of it, absolutely. DOD is moving in the same direction with the cyber protection teams or CPTs. They're beginning to do sort of the same formal training models for the soldiers. Unfortunately, right now a lot of the cyber protection teams are just scavenged resources from other branches of the military. So you have guys in EOD that are now transitioning into cyber, and they're going from diffusing bombs to diffusing cyber threats. It's a totally different scenario and use case, and it's a tough struggle to transition into that when your background was diffusing a bomb. >> And you brought up the industry collaboration, talking about private, you know, private sector and public sector. I know, you know, personal experience in the wireless space, there was a lot of desire to share information, but yet there was a congressional reluctance. >> John Eubank IV: Mm-hmm. >> To allow that. For different concerns. Some we thought were very unwarranted at the time. So how do you deal with that, because that's another influence in this, is that you might have willing parties, but you've got another body over here that might not be on board. >> I think we're going to start seeing more of a shift as private industry acknowledges their need for government support and that government collaboration, so data breaches like the Target breach and massive credit card breaches that, you know, these private industries cannot keep up with defending their own network. They need government supoort for defending very large corporations. Walmart, Target, Home Depot, the list goes on of breaches. >> Final question as we wrap up here, but what's the coolest tech that you're seeing that's enabling you to be successful, whether it's cool tech that you're looking at, you're kicking the tires on. From software to Amazon, hardware, what are you seeing that's out there that's really moving the needle and getting people motivated? >> So a surprising thing there, I'm going to say the Snowball Edge. And people go, it's just a data hard drive. Well, not really. It's way more than a data hard drive. So when you come to Amazon you think enterprise solutions, enterprise capabilities. What the Snowball Edge provides is a deployable unit that has processing, compute, storage, etc., onboard that you can take into your local networks. They're putting it so you can run any VM you want on the Snowball Edge. What we're doing is we're taking that inside DOD tactical spaces that don't have connections to the internet. We're able to do computation analytics on threats facing that local regional onclave using a hard drive. It's really cool technology that hasn't been fully explored, but that's uh, that's where we're-- >> You can tell you're excited about it. Your eyes light up, you got a big smile on your face. >> Drove the new Ferrari that came out. >> Yeah, right. >> When I saw it, I just jumped all in. >> John Walls: You loved it, right. >> So, three months ago... >> You knew right away, too. >> Right. >> John Furrier: The big wheel. >> John, thank you for being with us. I think they're going to kick us out of the place, John. >> Hey, they got to unplug us. We're going to go until they unplug us. >> Alright, John, again thanks for being with us. >> Well, thank you guys for your time, much appreciated. >> Thank you for joining us here from Washington, for all of us here at theCUBE, we appreciate you being along for the ride at AWS Public Sector Summit 2017. (theCUBE theme music)