(upbeat music) >> Hello, everyone and welcome to this CUBE Conversation. I'm Lisa Martin. I'm excited to be joined by one of our CUBE alumni, John Maddison, the EVP of Products and the Chief Marketing Officer at Fortinet. John, welcome back to the program. Good to see you. >> Hi, Lisa. Good to be here again. >> So we last saw you at the Fortinet Championship back in September, a few months ago, but we've had the opportunity to speak a number of times this year. I've also had the chance to talk with Derek Manky, at FortiGuard Labs. There's been so much going on. Let's kind of break down some of the main challenges that enterprises are facing still. And there's four of them here that you're going to address as we wrap up 2021 head into 2022. And then let's also talk about what Fortinet sees as the solution, the cybersecurity mesh architecture. Let's go ahead and kick off with some of those challenges as we know so much has gone on throughout landscape that work from anywhere is so persistent, but what are some of the main things enterprises are facing still? >> Yeah, there's a lot, it's very dynamic right now. And you know, I've been in cybersecurity almost 20 years now and there's always been these three drivers around the infrastructure changes the threat landscape and regulatory. And I think when you look at the infrastructure changes, this work from anywhere, which is, you know, kind of the hybrid mode where I'm in the office today, it could be hopefully in the future, traveling and home. That's going to be here for some time, it seems. And so, you know, enterprises are now saying, I need a longer term strategy around that. I can't just say flip on the VPN and a bit of endpoint security. So that definitely enterprises are thinking that's going to be here for at least another couple of years. I think they're still running very fast to get the digital infrastructure in place. And so, and you're seeing network security and the application journey continuing and securing all those things. And then there's, you know, there's the threat landscape, which, you know, we've said, I think back at the PGA, we're seeing this huge increase in ransomware. And yes, there's still activity going on and trying to breach data and intellectual property and identity and credit cards. But just about every industry now is seeing attacks and it could be financial, it could be manufacturing, ransomware attacks that's continues. And then I think there's the, there's a couple of other things. There's the supply chain things which are also happening, but we're definitely I was just speaking to a customer a minute ago and they were finding a very hard to find the right skilled professionals around cybersecurity. And it kind of, it's like a hierarchy. I need to find somebody, it's hard to find somebody in IT. It's hard to find somebody in cybersecurity and IT. Is hard to find somebody in IT, cybersecurity and container. And so, you know, the more you go in depth, the harder it becomes and it's not even finding people, just retaining people as well. And so, you know, recently Fortinet committed to training another million. We've already trained to 750,000, but training another million people by 2025 in cybersecurity. >> That's outstanding. We've talked about that skills gap before in a number of conversations about all the work that 40 minutes doing, including with veterans, which is something near and dear to my heart, but the work from anywhere I wanted to talk with you about that because that presents a lot of challenges for organizations. And I was reading some stats that a significant percentage of enterprises expect that this is going to increase in 2022. How can it increase from where it is now? What are some of the things that you're seeing and how can Fortinet help customers address this persistent challenge? >> Yeah, well, I think it's increased or it's just the ratio between home and at work and travel might be changing. And again as I said, I think a lot of companies said, well, let's just put something in place now and it's going to go away. Well, it isn't going away. And so what Fortinet are looking to do, and I think it's not just one point product. It is a combination of technologies. It could be end point security. We're even looking at you know, at home networking through our own devices or our partnership with Linksys. It is looking at that zero trust architecture. It is looking at more network security, whether it be in the data center or in a cloud. I think what's important though, is two things. One is that no matter if you're on the network, off the network or traveling per se, then you need the user experience to be the same or simple. I can't just change the way I work because I'm at home versus travel versus you know, in the office. And the security needs to be consistent on those three places as well. So our goal, when we bring some of those solutions together, zero trust and endpoint and network security and policy and identity is to give the same user experience, a simple user experience and the high level of enterprise security, no matter, you know, if you're on and off the network. And those are the key. And I think today customers kind of struggle because they probably got four or five vendors in those different areas and they're trying to make them to work and it's very hard. And so that's why we, you know, we put forward a more of a platform approach per use case with doing that. >> Let's talk about some of those key use cases. And you mentioned ransomware a minute ago, and I just as of a couple of days ago, Kronos is, you know, the latest big name organization to be hit. A lot of folks concerned so many big companies and small companies rely on them. It's not going to affect, you know, the last paycheck in December, but that's a use case that Fortinet has been covering for a long time. I think when we spoke a few months ago, 2020 to 2021 ransomware was up nearly 11 fold. What are some of the things going on there and how are you guys working with customers to address that as we enter 2022? >> Yeah. Well, I definitely think you also saw the, you know, the recent vulnerability, the Log4j and that sits in a lot of systems. Now that sits in a lot of customer systems. It sits in a lot of security systems as well, by the way. So we come back to this, you know, supply chain issue. And so customers kind of accepting that this is going to be as this attack surface of the network and cloud and devices and users and whether or not the network you know, keeps continuing to expand. They're going to accept that these zero days are going to come along. They're going to, they also understand the sophistication of the threats. We're seeing a lot of activity of the threats in the reconnaissance space, and they're looking at your external attack surface and working out how they can get in. And so, I think customers are accepting that this is just getting more sophistication, there's a bigger attack surface. And so what they're looking at is to deploy some more detection capabilities, more just training of people, not to click on stuff, but you know, building infrastructure so it's segmented, long-term though the only way to defend against these ransomware attacks is to usually platform that then allows you to build automation that long-term allows you to build some contextual engine. Why, when, where, what are you doing, otherwise it's just going to be too hard, just trying to bolt together, you know, 10 or 15 products from vendors that don't get on well, none the best of times. So yeah, that's, it's long, it's a longterm architecture is the only thing that's going to work for customers. >> And for a long time, I think probably since I've known you John, Fortinet has been talking about the security fabric. Now Gartner is talking about the cybersecurity mesh architecture. Talk to me about those two. How similar is that? How leading edge was Fortinet and describe what a cybersecurity mesh architecture is? >> Well, it always takes a while for Gartner to catch up with us, but they, if I'm in a joking Gartner please except the apologies. That, you know, I think they've started to talking about this cybersecurity mesh architecture mesh. And what the saying is that, you know, these products need to talk to each other. And yes you can send things off into a central location for SIM or operational management, but really need to talk to each other and transfer exchange, threat intelligence. They need to be able to exchange policy long. They also need to be able to build automation. You know, a really good example is if our EDR system detects that your laptop has got a virus or a vulnerability, then I can, the EDR system will tell the zero trust policy manager don't allow access application. Or it could if you're on the network, you could tell the Wi-Fi, take off, take them off the network. So this automation is integration is the real long-term goal of the Gartner mesh. It's always been the long-term goal of Fortinet. Yes, we do individual products. You can buy them, but the real power long-term is to get that automation built into the platform. And as I said, even longer term start applying contextual rules, which will be super powerful in stopping, you know, attacks and breaches. >> Tremendous amount of power and capabilities that that context will provide. I was looking at some stats from Gartner and they said that by 2024, which is we're two years basically away from that organizations that do adopt this cybersecurity mesh architecture to integrate security tools, to work as a collaborative ecosystem, significant reduction in the financial impact of security incidents by 90%. That's huge and I know that you guys also have integrations with over 450 third-party technology partners as part of the security fabric. So you're ahead of the game. >> Well, it's not saying, you know, just buy from Fortinet, that's what you need to do, but it's not saying that at all. What, I think what Gartner is saying, and what we've been saying is that take a use case like work from anywhere and then build your platform, a platform for that use case. Now, what we are saying is, again, it's not saying you go from 30 products down to one, you go from 30 products down to maybe five or six platforms, but those platforms need to work together. They also need to exchange threat intelligence and policy and build automation. And so I think the platform approach, every CSO I speak to is just tired of buying another product, another product. They just want to get something that works and is automated long-term. And so the platform and the Gartner mesh. It's a slightly different concept, but something else we call convergence. Okay. So consolidation is consolidation of the vendors, but you may still have the same number of products. You still may have an end point in a zero trust and an email. Convergence is different where we bring it together and eliminating individual products. A really good example of that is SD-WAN that brings together security and application routing. And that goes back to a concept that Fortinet had since our beginning 20 years ago. And that is the original internet that we still use a lot today really has no idea who you are, what device are you using, where are you going, what application, what's the content, no clue, it just connects you. And so that leads to a lot of security being bolted on afterwards in different places. And so this convergence, we call it security different networking, where you start to integrate the security, which may be contextual, it maybe identity, maybe application running like SD-WAN, maybe content like next gen firewall. You bring those together. Now, when you do that, you face some compute challenges. And we've been one of the pioneers and building asics that allow this acceleration to bring this convergence together. But that's another area that's happening as well. It's different from consolidation, but it's bringing together that security and networking so you're not bolting things together as you go forward. >> Different from consolidation, but incredibly important to be able to reduce those silos as businesses are facing some of the challenges that you talked about, the persistence of work from anywhere, the threat landscape, the cybersecurity skills gap. >> Yeah. And you can do this convergence in different places. So you can do it at the cloud edge because you can throw a lot of compute at it. At the one edge, you probably need a asic approach, data center edge, a 5G edge. There's the LAN edge, which is the connectivity. Cause I sometimes have people go, well, let's just put all the security in the cloud, but now yes, you do need security in the cloud. You needs security from the cloud before the cloud, but there's also security needed these ages. And there's also another area that's been under huge attack now is operational technologies. So manufacturers, energy, gas, everyone is really got some physical infrastructure. Even a branch you can consider to be operational technology and they got cameras and other capabilities. So that, especially for the traditional operational technology, that's hard to open up. Because you need access, you need remote access and what's a seeing a huge amount of attacks there. In that world, you know, you've got to put the security there, physically with it to make sure you secure those components. >> What about the, from a challenge perspective John, we talked a lot in the last year, 18, 20, 22 months, I'm losing count of the acceleration of digital. What are some of the security opportunities there that provides Fortinet to help customers solve that if the acceleration is happening faster than the, some of the, you know, that their security infrastructure can keep pace. What are some of the opportunities there for you guys to help customers address that problem? >> Well, this is always been a battle between security and networking. You know, networking is gone from this 400 times faster than it was before. Security is still a lot of it's software. And so, you know, what you don't want to do is and the security team saying is say no all the time. No, don't do that project, it's too insecure. Stop doing that. No slow down on that. And that's, you know, always been an issue for security in that people think of it as a tax or a burden that slows things down. That's why I come back to this convergence. When you're building a network, the security should be inside that. Should be built and integrated. So if I'm building my one edge, which connects my building to a cloud or whatever, when I put that connectivity in there to an SD-WAN device, it should have security integrated inside it. The same effect I found building, you know, a data center or a cloud capability. So I think, you know, customers are you know, security teams can't stop the business from moving forward and building these applications wherever they may be in retail or manufacturing or healthcare. And so they just need to take a different approach to enable that speed of acceleration and to our minds having it totally integrated and converge is the only way you're going to be able to achieve the speed and the security at the same time. >> And that speed is critical as is a security. But let's talk about that cybersecurity skills gap. Something that I think I read recently is in its fifth year, we've talked about this before, but as you alluded to at the beginning of our conversation, Fortinet is very dedicated to training, lots of individuals. Talk to me about that skills gap. And you talked that it also affects people, companies being able to retain talent. How are you guys helping to address? >> Yeah, we did actually a survey a few months ago, a 2500 cybersecurity professionals. And, you know, one really revealing fact was about, I think it was about 70% said they'd had an incident because of the lack of training. Now that could be people who are just clicking on things. Okay. Versus somebody who doesn't, is not trained enough to see a threat. So I think, you know, the question going to go, but either way, the 70% of that, you know, is attributed to that breach. And so it's so, so important. And right from the start Fortinet has provided training. We provide free training to our partners, free training to our customers. I have a quite a large team that's building on the curriculum. So we supply curriculum and gear to over 450 universities and colleges. You mentioned the re-skilling of the veterans as well, over 2000. And to us, it's very important. So this commitment to get people trained because in the end there's, yeah, there's always a people part of this problem, whether it be people clicking on things or whether it be people not understanding and configuring crying, and then people having passwords of one two three or whatever. All these things, all these human things need to get, you know, we need to get educated and trained on it. So we'll continue that. I think a million's probably not enough. It's probably should be two million, but we'll try our best to get people trained as much as possible. And the other thing that I also saw in the survey was that once certified employees thought that was extremely important. It does take a lot of time. So, you know, one of our NSE 4 courses on our firewalls takes a week. It does a lot of things to learn. So one thing we're going to try and do is try and modularize a bit more so we can break it up a bit. But there's going to be a problem. It's kind of like the supply chain, the supply is not there, the people, this is right. The chips, they're not there. They're not there, you've got to try and fix it and expand the training and education of people. >> And I think that's fantastic that Fortinet has been dedicated to that for so long. Look forward to hearing how you guys, the progress that you make on that training 1 million folks. Will we see you at Accelerate in 2022? >> Yeah. Well, so Accelerate 22 is going to be a hybrid, of course. I'm actually, you can't really see here cause I've got my great office here. But in front of me is the window. I can actually see the Apple campus just over there. And this is our new campus in Sunnyvale, Silicon valley. We've got a pretty expensive training center and executive briefing center. So we're going to probably do in the morning of Accelerate 22, a live broadcast of some of the execs and some of our partners and customers, and then have some online stuff. So hybrid probably this year again. But a bit of physical presence. But yeah, we're expecting quite a few partners to, a few partners to be here, live and a few partners, obviously a lot of partners to tune in to the live broadcast. >> That's fantastic. I look forward to that hybrid event. John, great to see you as always. Thank you so much for the update and sharing what enterprises, the battles that they're facing, how Fortinet and the cybersecurity mesh can help. We look forward to seeing you in 2022. >> Thank you Lisa. Thank you. >> For John Maddison, I'm Lisa Martin. You've been watching this CUBE conversation. We'll see you next time. (lively music)

>>Welcome to this cube conversation with 40 net. I'm your host. Lisa Martin, Derek Minky is back. He's the chief security insights and global threat alliances at 40 minutes, 40 guard labs, Derek. Welcome back to the program. >>Likewise, we've talked a lot this year. And of course, when I saw that there are, uh, you guys have predictions from 40 guard labs, global threat intelligence and research team about the cyber threat landscape for 2022. I thought it was going to be a lot to talk about with Derek here. So let's go ahead and dig. Right in. First of all, one of the things that caught my attention was the title of the press release about the predictions that was just revealed. The press release says 40 guard labs, predict cyber attacks aimed at everything from crypto wallets to satellite internet, nothing. There is no surface that is safe anymore. Talk to me about some of the key challenges that organizations in every industry are facing. >>Yeah, absolutely. So this is a, as you said, you, you had the keyword there surface, right? That, and that attack surface is, is open for attack. That's the attack surface that we talk about it is literally be pushed out from the edge to space, like a lot of these places that had no connection before, particularly in OT environments off grid, we're talking about, uh, you know, um, uh, critical infrastructure, oil and gas, as an example, there's a lot of these remote units that were living out there that relied on field engineers to go in and, uh, you know, plug into them. They were air gapped, those such low. Those are the things that are going to be accessible by Elio's low earth orbit satellites. And there are 4,000 of those out there right now. There's going to be over 30,000. We're talking Starlink, we're talking at least four or five other competitors entering this space, no pun intended. And, um, and that's a big deal because that it's a gateway. It opens the door for cyber criminals to be able to have accessibility to these networks. And so security has to come, you know, from, uh, friends of mine there, right. >>It absolutely does. We've got this fragmented perimeter tools that are siloed, the expand and very expanded attack surface, as you just mentioned, but some of the other targets, the 5g enabled edge, the core network, of course, the home environment where many of us still are. >>Yeah, yeah, definitely. So that home environment like the edge, it is a, uh, it's, it's the smart edge, right? So we have things called edge access Trojans. These are Trojans that will actually impact and infect edge devices. And if you think about these edge devices, we're talking things that have machine learning and, and auto automation built into them a lot of privilege because they're actually processing commands and acting on those commands in a lot of cases, right? Everything from smart office, smart home option, even until the OT environment that we're talking about. And that is a juicy target for attackers, right? Because these devices naturally have more privileged. They have APIs and connectivity to a lot of these things where they could definitely do some serious damage and be used as these pivot within the network from the edge. Right. And that's, that's a key point there. >>Let's talk about the digital wallet that we all walk around with. You know, we think out so easy, we can do quick, simple transactions with apple wallet, Google smart tab, Venmo, what have you, but that's another growing source of that, where we need to be concerned, right? >>Yeah. So I, I I've, I've worn my cyber security hat for over 20 years and 10 years ago, even we were talking all about online banking Trojans. That was a big threat, right? Because a lot of financial institutions, they hadn't late ruled out things like multifactor authentication. It was fairly easy to get someone's bank credentials go in siphoned fans out of an account. That's a lot harder nowadays. And so cyber criminals are shifting tactics to go after the low hanging fruit, which are these digital wallets and often cryptocurrency, right? We've actually seen this already in 40 guard labs. Some of this is already starting to happen right now. I expect this to happen a lot more in 20, 22 and beyond. And it's because, you know, these wallets are, um, hold a lot of whole lot of value right now, right. With the crypto. And they can be transferred easily without having to do a, like a, you know, EFT is a Meijer transfers and all those sorts of things that includes actually a lot of paperwork from the financial institutions. And, you know, we saw something where they were actually hijacking these wallets, right. Just intercepting a copy and paste command because it takes, you know, it's a 54 character address people aren't typing that in all the time. So when they're sending or receiving funds, they're asking what we've actually seen in malware today is they're taking that, intercepting it and replacing it with the attackers. Well, it's simple as that bypassing all the, you know, authentication measures and so forth. >>And is that happening for the rest of us that don't have a crypto wallet. So is that happening for folks with apple wallets? And is that a growing threat concern that people need to be? It is >>Absolutely. Yeah. So crypto wallets is, is the majority of overseeing, but yeah, no, no digital wallet is it's unpatched here. Absolutely. These are all valid targets and we are starting to see activity in. I am, >>I'm sure going after those stored credentials, that's probably low-hanging fruit for the attackers. Another thing that was interesting that the 2022 predictions threat landscape, uh, highlighted was the e-sports industry and the vulnerabilities there. Talk to me about that. That was something that I found surprising. I didn't realize it was a billion dollar revenue, a year industry, a lot of money, >>A lot of money, a lot of money. And these are our full-blown platforms that have been developed. This is a business, this isn't, you know, again, going back to what we've seen and we still do see the online gaming itself. We've seen Trojans written for that. And oftentimes it's just trying to get into, and user's gaming account so that they can steal virtual equipment and current, you know, there there's virtual currencies as well. So there was some monetization happening, but not on a grand scale. This is about a shift attackers going after a business, just like any organization, big business, right. To be able to hold that hostage effectively in terms of DDoSs threats, in terms of vulnerabilities, in terms of also, you know, crippling these systems with ransomware, like we've already seen starting to hit OT, this is just another big target. Right. Um, and if you think about it, these are live platforms that rely on low latency. So very quick connections, anything that interrupts that think about the Olympics, right on sports environment, it's a big deal to them. And there's a lot of revenue that could be lost in cybercriminals fully realizes. And this is why, you know, we're predicting that e-sports is going to be a, um, a big target for them moving forward. >>Got it. And tell, let's talk about what's going on with brands. So when you and I spoke a few months ago, I think it was ransomware was up nearly 11 X in the first half of a calendar year, 2021. What are you seeing from an evolution perspective, uh, in the actual ransomware, um, actions themselves as well as what the, what the cyber criminals are evolving to. >>Yeah. So to where it's aggressive, destructive, not good words, right. But, but this is what we're seeing with ransomware. Now, again, they're not just going after data as the currency, we're seeing, um, destructive capabilities put into ransomware, including wiper malware. So this used to be just in the realm of, uh, APTT nation state attacks. We saw that with should moon. We saw that with dark soil back in 2013, so destructive threats, but in the world of apt and nation state, now we're seeing this in cyber crime. We're seeing it with ransomware and this, I expect to be a full-blown tactic for cyber criminals simply because they have the, the threat, right. They've already leveraged a lot of extortion and double extortion schemes. We've talked about that. Now they're going to be onboarding this as a new threat, basically planting these time bombs. He's ticking time bombs, holding systems for, for, for ransom saying, and probably crippling a couple of, to show that they mean business and saying, unless you pay us within a day or two, we're going to take all of these systems offline. We're not just going to take them offline. We're going to destroy them, right. That's a big incentive for people to, to, to pay up. So they're really playing on that fear element. That's what I mean about aggressive, right? They're going to be really shifting tactics, >>Aggressive and destructive, or two things you don't want in a cybersecurity environment or to be called by your employer. Just wanted to point that out. Talk to me about wiper malware. Is this new emerging, or is this something that's seeing a resurgence because this came up at the Olympics in the summer, right? >>Absolutely. So a resurgence in, in a sort of different way. Right. So, as I said, we have seen it before, but it's been not too prevalent. It's been very, uh, it's, it's been a niche area for them, right. It's specifically for these very highly targeted attack. So yes, the Olympics, in fact, two times at the Olympics in Tokyo, but also in the last summer Olympics as well. We also saw it with, as I mentioned in South Korea at dark school in 2013, we saw it an OT environment with the moon as an example, but we're talking handfuls here. Uh, unfortunately we have blogged about three of these in the last month to month and a half. Right. And that, and you know, this is starting to be married with ransomware, which is particularly a very dangerous cause it's not just my wiper malware, but couple that with the ransom tactics. >>And that's what we're starting to see is this new, this resurgent. Yes. But a completely new form that's taking place. Uh, even to the point I think in the future that it could, it could severely a great, now what we're seeing is it's not too critical in a sense that it's not completely destroying the system. You can recover the system still we're talking to master boot records, those sorts of things, but in the future, I think they're going to be going after the formal firmware themselves, essentially turning some of these devices into paperweights and that's going to be a very big problem. >>Wow. That's a very scary thought that getting to the firmware and turning those devices into paperweights. One of the things also that the report talked about that that was really interesting. Was that more attacks against the supply chain and Linux, particularly talk to us about that. What did you find there? What does it mean? What's the threat for organizations? >>Yeah. So we're seeing a diversification in terms of the platforms that cyber criminals are going after. Again, it's that attack surface, um, lower hanging fruit in a sense, uh, because they've, you know, for a fully patched versions of windows, 10 windows 11, it's harder, right. For cyber criminals than it was five or 10 years ago to get into those systems. If we look at the, uh, just the prevalence, the amount of devices that are out there in IOT and OT environments, these are running on Linux, a lot of different flavors and forms of Linux, therefore this different security holes that come up with that. And that's, that's a big patch management issue as an example too. And so this is what we, you know, we've already seen it with them or I bought net and this was in our threat landscape report, or I was the number one threat that we saw. And that's a Linux-based bot net. Now, uh, Microsoft has rolled out something called WSL, which is a windows subsystem for Linux and windows 10 and windows 11, meaning that windows supports Linux now. So that all the code that's being written for botnets, for malware, all that stuff is able to run on, on new windows platforms effectively. So this is how they're trying to expand their, uh, attack surface. And, um, that ultimately gets into the supply chain because again, a lot of these devices in manufacturing and operational technology environments rely quite heavily actually on Linux. >>Well, and with all the supply chain issues that we've been facing during the pandemic, how can organizations protect themselves against this? >>Yeah. So this, this is a big thing, right? And we talked about also the weaponization of artificial intelligence, automation and all of these, there's a lot going on as you know, right from the threats a lot to get visibility on a lot, to be able to act quickly on that's a big key metric. There is how quick you can detect these and respond to them for that. You need good threat intelligence, of course, but you also truly need to enable, uh, uh, automation, things like SD wan, a mesh architecture as well, or having a security fabric that can actually integrate devices that talk to each other and can detect these threats and respond to them quickly. That's a very important piece because if you don't stop these attacks well, they're in that movement through the attack chain. So the kill chain concept we talk about, um, the risk is very high nowadays where, you know, everything we just talked about from a ransomware and destructive capabilities. So having those approaches is very important. Also having, um, you know, education and a workforce trained up is, is equally as important to, to be, you know, um, uh, to, to be aware of these threats. >>I'm glad you brought up that education piece and the training, and that's something that 49 is very dedicated to doing, but also brings up the cybersecurity skills gap. I know when I talked with Kenzie, uh, just a couple months ago at the, um, PGA tournament, it was talking about, you know, big investments in what 40 guard, 40, 40 net is doing to help reduce that gap. But the gap is still there. How do I teach teams not get overloaded with the expanding service? It seems like the surface, the surface has just, there is no limit anymore. So how does, how does it teams that are lean and small help themselves in the fact that the threat is landscape is, is expanding. The criminals are getting smarter or using AI intelligent automation, what our it teams do >>Like fire with fire. You got to use two of the same tools that they're using on their side, and you need to be able to use in your toolkit. We're talking about a security operation center perspective to have tools like, again, this comes to the threat intelligence to get visibility on these things. We're talking Simmons, sor uh, we have, you know, 40 AI out now, uh, deception products, all these sorts of things. These are all tools that need that, that, uh, can help, um, those people. So you don't have to have a, you know, uh, hire 40 or 50 people in your sock, right? It's more about how you can work together with the tools and technology to get, have escalation paths to do more people, process procedure, as we talk about to be able to educate and train on those, to be able to have incident response planning. >>So what do you do like, because inevitably you're going to be targeted, probably interacts where attack, what do you do? Um, playing out those scenarios, doing breach and attack simulation, all of those things that comes down to the skills gaps. So it's a lot about that education and awareness, not having to do that. The stuff that can be handled by automation and AI and, and training is you're absolutely right. We've dedicated a lot with our NSC program at 49. We also have our 40 net security academy. Uh, you know, we're integrating with those secondary so we can have the skillsets ready, uh, for, for new graduates. As an example, there's a lot of progress being made towards that. We've even created a new powered by 40 guard labs. There is a 40 guard labs play in our NSC seven as an example, it's, uh, you know, for, um, uh, threat hunting and offensive security as an example, understanding really how attackers are launching their, their campaigns and, um, all those things come together. But that's the good news actually, is that we've come a long way. We actually did our first machine learning and AI models over 10 years ago, Lisa, this isn't something new to us. So the technology has gone a long way. It's just a matter of how we can collaborate and obviously integrate with that for the, on the skills gap. >>And one more question on the actual threat landscape, were there any industries that came up in particular, as we talked about e-sports we talked about OT and any industries that came up in particular as, as really big hotspots that companies and organizations really need to be aware of. >>Yeah. So also, uh, this is part of OT about ICS critical infrastructure. That's a big one. Uh, absolutely there we're seeing, uh, also cyber-criminals offering more crime services now on dark web. So CAS, which is crime as a service, because it used to be a, again, a very specialized area that maybe only a handful of organized criminal organizations could actually, um, you know, launch attacks and, and impact to those targets where they're going after those targets. Now they're offering services right on to other coming cyber criminals, to be able to try to monetize that as well. Again, we're seeing this, we actually call it advanced persistent cybercrime APC instead of an apt, because they're trying to take cyber crime to these targets like ICS, critical infrastructure, um, healthcare as well is another one, again, usually in the realm of APMT, but now being targeted more by cybercriminals in ransomware, >>I've heard of ransomware as a service, is that a subcategory of crime as a service? >>Absolutely. Yeah. It is phishing as a service ransomware as, and service DDoSs as a service, but not as, as many of these subcategories, but a ransomware as a service. That's a, another big problem as well, because this is an affiliate model, right. Where they hire partners and pay them commission, uh, if they actually get payments of ransom, right? So they have literally a middle layer in this network that they're pushing out to scale their attacks, >>You know, and I think that's the last time we talked about ransomware, we talked about it's a matter of, and I talk to customers all the time who say, yes, it's a matter of when, not, if, is, is this the same sentiment? And you think for crime as a service in general, the attacks on e-sports on home networks, on, uh, internet satellites in space, is this just a matter of when, not if across the board? >>Well, yeah, absolutely. Um, you know, but the good news is it doesn't have to be a, you know, when it happens, it doesn't have to be a catastrophic situation. Again, that's the whole point about preparedness and planning and all the things I talked about, the filling the skills gap in education and having the proper, proper tools in place that will mitigate that risk. Right. And that's, and that's perfectly acceptable. And that's the way we should handle this from the industry, because we process we've talked about this, people are over a hundred billion threats a day in 40 guard labs. The volume is just going to continue to grow. It's very noisy out there. And there's a lot of automated threats, a lot of attempts knocking on organizations, doors, and networks, and, you know, um, phishing emails being sent out and all that. So it's something that we just need to be prepared for just like you do for a natural disaster planning and all these sorts of other things in the physical world. >>That's a good point. It doesn't have to be aggressive and destructive, but last question for you, how can, how is 4d guard helping companies in every industry get aggressive and disruptive against the threats? >>Yeah. Great, great, great question. So this is something I'm very passionate about, uh, as you know, uh, where, you know, we, we don't stop just with customer protection. Of course, that is as a security vendor, that's our, our primary and foremost objective is to protect and mitigate risk to the customers. That's how we're doing. You know, this is why we have 24 7, 365 operations at 40 guy labs. Then we're helping to find the latest and greatest on threat intelligence and hunting, but we don't stop there. We're actually working in the industry. Um, so I mentioned this before the cyber threat Alliance to, to collaborate and share intelligence on threats all the way down to disrupt cybercrime. This is what big target of ours is, how we can work together to disrupt cyber crime. Because unfortunately they've made a lot of money, a lot of profits, and we need to reduce that. We need to send a message back and fight that aggressiveness and we're we're on it, right? So we're working with Interpol or project gateway with the world economic forum, the partnership against cyber crime. It's a lot of initiatives with other, uh, you know, uh, the, uh, the who's who of cyber security in the industry to work together and tackle this collaboratively. Um, the good news is there's been some steps of success to that. There's a lot more, we're doing the scale of the efforts. >>Excellent. Well, Derek as always great and very informative conversation with you. I always look forward to these seeing what's going on with the threat landscape, the challenges, the increasing challenges, but also the good news, the opportunities in it, and what 40 guard is doing 40 left 40 net, excuse me, I can't speak today to help customers address that. And we always appreciate your insights and your time we look forward to talking to you and unveiling the next predictions in 2022. >>All right. Sounds good. Thanks, Lisa. >>My pleasure for Derek manky. I'm Lisa Martin. You're watching this cube conversation with 40 net. Thanks for watching.

>>Hello and welcome today's cube presentation of eight of us startup showcase. I'm john for your host highlighting the hottest companies and devops data analytics and cloud management lisa martin and David want are here to kick it off. We've got a great program for you again. This is our, our new community event model where we're doing every quarter, we have every new episode, this is quarter three this year or episode three, season one of the hottest cloud startups and we're gonna be featured. Then we're gonna do a keynote package and then 15 countries will present their story, Go check them out and then have a closing keynote with a practitioner and we've got some great lineups, lisa Dave, great to see you. Thanks for joining me. >>Hey guys, >>great to be here. So David got to ask you, you know, back in events last night we're at the 14 it's event where they had the golf PGA championship with the cube Now we got the hybrid model, This is the new normal. We're in, we got these great companies were showcasing them. What's your take? >>Well, you're right. I mean, I think there's a combination of things. We're seeing some live shows. We saw what we did with at mobile world Congress. We did the show with AWS storage day where it was, we were at the spheres, there was no, there was a live audience, but they weren't there physically. It was just virtual and yeah, so, and I just got pained about reinvent. Hey Dave, you gotta make your flights. So I'm making my flights >>were gonna be at the amazon web services, public sector summit next week. At least a lot, a lot of cloud convergence going on here. We got many companies being featured here that we spoke with the Ceo and their top people cloud management, devops data, nelson security. Really cutting edge companies, >>yes, cutting edge companies who are all focused on acceleration. We've talked about the acceleration of digital transformation the last 18 months and we've seen a tremendous amount of acceleration in innovation with what these startups are doing. We've talked to like you said, there's, there's C suite, we've also talked to their customers about how they are innovating so quickly with this hybrid environment, this remote work and we've talked a lot about security in the last week or so. You mentioned that we were at Fortinet cybersecurity skills gap. What some of these companies are doing with automation for example, to help shorten that gap, which is a big opportunity >>for the job market. Great stuff. Dave so the format of this event, you're going to have a fireside chat with the practitioner, we'd like to end these programs with a great experienced practitioner cutting edge in data february. The beginning lisa are gonna be kicking off with of course Jeff bar to give us the update on what's going on AWS and then a special presentation from Emily Freeman who is the author of devops for dummies, she's introducing new content. The revolution in devops devops two point oh and of course jerry Chen from Greylock cube alumni is going to come on and talk about his new thesis castles in the cloud creating moats at cloud scale. We've got a great lineup of people and so the front ends can be great. Dave give us a little preview of what people can expect at the end of the fireside chat. >>Well at the highest level john I've always said we're entering that sort of third great wave of cloud. First wave was experimentation. The second big wave was migration. The third wave of integration, Deep business integration and what you're >>going to hear from >>Hello Fresh today is how they like many companies that started early last decade. They started with an on prem Hadoop system and then of course we all know what happened is S three essentially took the knees out from, from the on prem Hadoop market lowered costs, brought things into the cloud and what Hello Fresh is doing is they're transforming from that legacy Hadoop system into its running on AWS but into a data mess, you know, it's a passionate topic of mine. Hello Fresh was scaling they realized that they couldn't keep up so they had to rethink their entire data architecture and they built it around data mesh Clements key and christoph Soewandi gonna explain how they actually did that are on a journey or decentralized data >>measure it and your posts have been awesome on data measure. We get a lot of traction. Certainly you're breaking analysis for the folks watching check out David Landes, Breaking analysis every week, highlighting the cutting edge trends in tech Dave. We're gonna see you later, lisa and I are gonna be here in the morning talking about with Emily. We got Jeff Barr teed up. Dave. Thanks for coming on. Looking forward to fireside chat lisa. We'll see you when Emily comes back on. But we're gonna go to Jeff bar right now for Dave and I are gonna interview Jeff. Mm >>Hey Jeff, >>here he is. Hey, how are you? How's it going really well. So I gotta ask you, the reinvent is on, everyone wants to know that's happening right. We're good with Reinvent. >>Reinvent is happening. I've got my hotel and actually listening today, if I just remembered, I still need to actually book my flights. I've got my to do list on my desk and I do need to get my >>flights. Uh, >>really looking forward >>to it. I can't wait to see the all the announcements and blog posts. We're gonna, we're gonna hear from jerry Chen later. I love the after on our next event. Get your reaction to this castle and castles in the cloud where competitive advantages can be built in the cloud. We're seeing examples of that. But first I gotta ask you give us an update of what's going on. The ap and ecosystem has been an incredible uh, celebration these past couple weeks, >>so, so a lot of different things happening and the interesting thing to me is that as part of my job, I often think that I'm effectively living in the future because I get to see all this really cool stuff that we're building just a little bit before our customers get to, and so I'm always thinking okay, here I am now, and what's the world going to be like in a couple of weeks to a month or two when these launches? I'm working on actually get out the door and that, that's always really, really fun, just kind of getting that, that little edge into where we're going, but this year was a little interesting because we had to really significant birthdays, we had the 15 year anniversary of both EC two and S three and we're so focused on innovating and moving forward, that it's actually pretty rare for us at Aws to look back and say, wow, we've actually done all these amazing things in in the last 15 years, >>you know, it's kind of cool Jeff, if I may is is, you know, of course in the early days everybody said, well, a place for startup is a W. S and now the great thing about the startup showcases, we're seeing the startups that >>are >>very near, or some of them have even reached escape velocity, so they're not, they're not tiny little companies anymore, they're in their transforming their respective industries, >>they really are and I think that as they start ups grow, they really start to lean into the power of the cloud. They as they start to think, okay, we've we've got our basic infrastructure in place, we've got, we were serving data, we're serving up a few customers, everything is actually working pretty well for us. We've got our fundamental model proven out now, we can invest in publicity and marketing and scaling and but they don't have to think about what's happening behind the scenes. They just if they've got their auto scaling or if they're survivalists, the infrastructure simply grows to meet their demand and it's it's just a lot less things that they have to worry about. They can focus on the fun part of their business which is actually listening to customers and building up an awesome business >>Jeff as you guys are putting together all the big pre reinvented, knows a lot of stuff that goes on prior as well and they say all the big good stuff to reinvent. But you start to see some themes emerged this year. One of them is modernization of applications, the speed of application development in the cloud with the cloud scale devops personas, whatever persona you want to talk about but basically speed the speed of of the app developers where other departments have been slowing things down, I won't say name names, but security group and I t I mean I shouldn't have said that but only kidding but no but seriously people want in minutes and seconds now not days or weeks. You know whether it's policy. What are some of the trends that you're seeing around this this year as we get into some of the new stuff coming out >>So Dave customers really do want speed and for we've actually encapsulate this for a long time in amazon in what we call the bias for action leadership principle >>where >>we just need to jump in and move forward and and make things happen. A lot of customers look at that and they say yes this is great. We need to have the same bias fraction. Some do. Some are still trying to figure out exactly how to put it into play. And they absolutely for sure need to pay attention to security. They need to respect the past and make sure that whatever they're doing is in line with I. T. But they do want to move forward. And the interesting thing that I see time and time again is it's not simply about let's adopt a new technology. It's how do we >>how do we keep our workforce >>engaged? How do we make sure that they've got the right training? How do we bring our our I. T. Team along for this. Hopefully new and fun and exciting journey where they get to learn some interesting new technologies they've got all this very much accumulated business knowledge they still want to put to use, maybe they're a little bit apprehensive about something brand new and they hear about the cloud, but there by and large, they really want to move forward. They just need a little bit of >>help to make it happen >>real good guys. One of the things you're gonna hear today, we're talking about speed traditionally going fast. Oftentimes you meant you have to sacrifice some things on quality and what you're going to hear from some of the startups today is how they're addressing that to automation and modern devoPS technologies and sort of rethinking that whole application development approach. That's something I'm really excited to see organization is beginning to adopt so they don't have to make that tradeoff anymore. >>Yeah, I would >>never want to see someone >>sacrifice quality, >>but I do think that iterating very quickly and using the best of devoPS principles to be able to iterate incredibly quickly and get that first launch out there and then listen with both ears just >>as much >>as you can, Everything. You hear iterate really quickly to meet those needs in, in hours and days, not months, quarters or years. >>Great stuff. Chef and a lot of the companies were featuring here in the startup showcase represent that new kind of thinking, um, systems thinking as well as you know, the cloud scale and again and it's finally here, the revolution of deVOps is going to the next generation and uh, we're excited to have Emily Freeman who's going to come on and give a little preview for her new talk on this revolution. So Jeff, thank you for coming on, appreciate you sharing the update here on the cube. Happy >>to be. I'm actually really looking forward to hearing from Emily. >>Yeah, it's great. Great. Looking forward to the talk. Brand new Premier, Okay, uh, lisa martin, Emily Freeman is here. She's ready to come in and we're going to preview her lightning talk Emily. Um, thanks for coming on, we really appreciate you coming on really, this is about to talk around deVOPS next gen and I think lisa this is one of those things we've been, we've been discussing with all the companies. It's a new kind of thinking it's a revolution, it's a systems mindset, you're starting to see the connections there she is. Emily, Thanks for coming. I appreciate it. >>Thank you for having me. So your teaser video >>was amazing. Um, you know, that little secret radical idea, something completely different. Um, you gotta talk coming up, what's the premise behind this revolution, you know, these tying together architecture, development, automation deployment, operating altogether. >>Yes, well, we have traditionally always used the sclc, which is the software delivery life cycle. Um, and it is a straight linear process that has actually been around since the sixties, which is wild to me um, and really originated in manufacturing. Um, and as much as I love the Toyota production system and how much it has shown up in devops as a sort of inspiration on how to run things better. We are not making cars, we are making software and I think we have to use different approaches and create a sort of model that better reflects our modern software development process. >>It's a bold idea and looking forward to the talk and as motivation. I went into my basement and dusted off all my books from college in the 80s and the sea estimates it was waterfall. It was software development life cycle. They trained us to think this way and it came from the mainframe people. It was like, it's old school, like really, really old and it really hasn't been updated. Where's the motivation? I actually cloud is kind of converging everything together. We see that, but you kind of hit on this persona thing. Where did that come from this persona? Because you know, people want to put people in buckets release engineer. I mean, where's that motivation coming from? >>Yes, you're absolutely right that it came from the mainframes. I think, you know, waterfall is necessary when you're using a punch card or mag tape to load things onto a mainframe, but we don't exist in that world anymore. Thank goodness. And um, yes, so we, we use personas all the time in tech, you know, even to register, well not actually to register for this event, but a lot events. A lot of events, you have to click that drop down. Right. Are you a developer? Are you a manager, whatever? And the thing is personas are immutable in my opinion. I was a developer. I will always identify as a developer despite playing a lot of different roles and doing a lot of different jobs. Uh, and this can vary throughout the day. Right. You might have someone who has a title of software architect who ends up helping someone pair program or develop or test or deploy. Um, and so we wear a lot of hats day to day and I think our discussions around roles would be a better, um, certainly a better approach than personas >>lease. And I've been discussing with many of these companies around the roles and we're hearing from them directly and they're finding out that people have, they're mixing and matching on teams. So you're, you're an S R E on one team and you're doing something on another team where the workflows and the workloads defined the team formation. So this is a cultural discussion. >>It absolutely is. Yes. I think it is a cultural discussion and it really comes to the heart of devops, right? It's people process. And then tools deVOps has always been about culture and making sure that developers have all the tools they need to be productive and honestly happy. What good is all of this? If developing software isn't a joyful experience. Well, >>I got to ask you, I got you here obviously with server list and functions just starting to see this kind of this next gen. And we're gonna hear from jerry Chen, who's a Greylock VC who's going to talk about castles in the clouds, where he's discussing the moats that could be created with a competitive advantage in cloud scale. And I think he points to the snowflakes of the world. You're starting to see this new thing happening. This is devops 2.0, this is the revolution. Is this kind of where you see the same vision of your talk? >>Yes, so DeVOps created 2000 and 8, 2000 and nine, totally different ecosystem in the world we were living in, you know, we didn't have things like surveillance and containers, we didn't have this sort of default distributed nature, certainly not the cloud. Uh and so I'm very excited for jerry's talk. I'm curious to hear more about these moz. I think it's fascinating. Um but yeah, you're seeing different companies use different tools and processes to accelerate their delivery and that is the competitive advantage. How can we figure out how to utilize these tools in the most efficient way possible. >>Thank you for coming and giving us a preview. Let's now go to your lightning keynote talk. Fresh content. Premier of this revolution in Devops and the Freemans Talk, we'll go there now. >>Hi, I'm Emily Freeman, I'm the author of devops for dummies and the curator of 97 things every cloud engineer should know. I am thrilled to be here with you all today. I am really excited to share with you a kind of a wild idea, a complete re imagining of the S DLC and I want to be clear, I need your feedback. I want to know what you think of this. You can always find me on twitter at editing. Emily, most of my work centers around deVOps and I really can't overstate what an impact the concept of deVOPS has had on this industry in many ways it built on the foundation of Agile to become a default a standard we all reach for in our everyday work. When devops surfaced as an idea in 2008, the tech industry was in a vastly different space. AWS was an infancy offering only a handful of services. Azure and G C P didn't exist yet. The majority's majority of companies maintained their own infrastructure. Developers wrote code and relied on sys admins to deploy new code at scheduled intervals. Sometimes months apart, container technology hadn't been invented applications adhered to a monolithic architecture, databases were almost exclusively relational and serverless wasn't even a concept. Everything from the application to the engineers was centralized. Our current ecosystem couldn't be more different. Software is still hard, don't get me wrong, but we continue to find novel solutions to consistently difficult, persistent problems. Now, some of these end up being a sort of rebranding of old ideas, but others are a unique and clever take to abstracting complexity or automating toil or perhaps most important, rethinking challenging the very premises we have accepted as Cannon for years, if not decades. In the years since deVOps attempted to answer the critical conflict between developers and operations, engineers, deVOps has become a catch all term and there have been a number of derivative works. Devops has come to mean 5000 different things to 5000 different people. For some, it can be distilled to continuous integration and continuous delivery or C I C D. For others, it's simply deploying code more frequently, perhaps adding a smattering of tests for others. Still, its organizational, they've added a platform team, perhaps even a questionably named DEVOPS team or have created an engineering structure that focuses on a separation of concerns. Leaving feature teams to manage the development, deployment, security and maintenance of their siloed services, say, whatever the interpretation, what's important is that there isn't a universally accepted standard. Well, what deVOPS is or what it looks like an execution, it's a philosophy more than anything else. A framework people can utilize to configure and customize their specific circumstances to modern development practices. The characteristic of deVOPS that I think we can all agree on though, is that an attempted to capture the challenges of the entire software development process. It's that broad umbrella, that holistic view that I think we need to breathe life into again, The challenge we face is that DeVOps isn't increasingly outmoded solution to a previous problem developers now face. Cultural and technical challenge is far greater than how to more quickly deploy a monolithic application. Cloud native is the future the next collection of default development decisions and one the deVOPS story can't absorb in its current form. I believe the era of deVOPS is waning and in this moment as the sun sets on deVOPS, we have a unique opportunity to rethink rebuild free platform. Even now, I don't have a crystal ball. That would be very handy. I'm not completely certain with the next decade of tech looks like and I can't write this story alone. I need you but I have some ideas that can get the conversation started, I believe to build on what was we have to throw away assumptions that we've taken for granted all this time in order to move forward. We must first step back. Mhm. The software or systems development life cycle, what we call the S. D. L. C. has been in use since the 1960s and it's remained more or less the same since before color television and the touch tone phone. Over the last 60 or so odd years we've made tweaks, slight adjustments, massaged it. The stages or steps are always a little different with agile and deVOps we sort of looped it into a circle and then an infinity loop we've added pretty colors. But the sclc is more or less the same and it has become an assumption. We don't even think about it anymore, universally adopted constructs like the sclc have an unspoken permanence. They feel as if they have always been and always will be. I think the impact of that is even more potent. If you were born after a construct was popularized. Nearly everything around us is a construct, a model, an artifact of a human idea. The chair you're sitting in the desk, you work at the mug from which you drink coffee or sometimes wine, buildings, toilets, plumbing, roads, cars, art, computers, everything. The sclc is a remnant an artifact of a previous era and I think we should throw it away or perhaps more accurately replace it, replace it with something that better reflects the actual nature of our work. A linear, single threaded model designed for the manufacturer of material goods cannot possibly capture the distributed complexity of modern socio technical systems. It just can't. Mhm. And these two ideas aren't mutually exclusive that the sclc was industry changing, valuable and extraordinarily impactful and that it's time for something new. I believe we are strong enough to hold these two ideas at the same time, showing respect for the past while envisioning the future. Now, I don't know about you, I've never had a software project goes smoothly in one go. No matter how small. Even if I'm the only person working on it and committing directly to master software development is chaos. It's a study and entropy and it is not getting any more simple. The model with which we think and talk about software development must capture the multithreaded, non sequential nature of our work. It should embody the roles engineers take on and the considerations they make along the way. It should build on the foundations of agile and devops and represent the iterative nature of continuous innovation. Now, when I was thinking about this, I was inspired by ideas like extreme programming and the spiral model. I I wanted something that would have layers, threads, even a way of visually representing multiple processes happening in parallel. And what I settled on is the revolution model. I believe the visualization of revolution is capable of capturing the pivotal moments of any software scenario. And I'm going to dive into all the discrete elements. But I want to give you a moment to have a first impression, to absorb my idea. I call it revolution because well for one it revolves, it's circular shape reflects the continuous and iterative nature of our work, but also because it is revolutionary. I am challenging a 60 year old model that is embedded into our daily language. I don't expect Gartner to build a magic quadrant around this tomorrow, but that would be super cool. And you should call me my mission with. This is to challenge the status quo to create a model that I think more accurately reflects the complexity of modern cloud native software development. The revolution model is constructed of five concentric circles describing the critical roles of software development architect. Ng development, automating, deploying and operating intersecting each loop are six spokes that describe the production considerations every engineer has to consider throughout any engineering work and that's test, ability, secure ability, reliability, observe ability, flexibility and scalability. The considerations listed are not all encompassing. There are of course things not explicitly included. I figured if I put 20 spokes, some of us, including myself, might feel a little overwhelmed. So let's dive into each element in this model. We have long used personas as the default way to do divide audiences and tailor messages to group people. Every company in the world right now is repeating the mantra of developers, developers, developers but personas have always bugged me a bit because this approach typically either oversimplifies someone's career are needlessly complicated. Few people fit cleanly and completely into persona based buckets like developers and operations anymore. The lines have gotten fuzzy on the other hand, I don't think we need to specifically tailor messages as to call out the difference between a devops engineer and a release engineer or a security administrator versus a security engineer but perhaps most critically, I believe personas are immutable. A persona is wholly dependent on how someone identifies themselves. It's intrinsic not extrinsic. Their titles may change their jobs may differ, but they're probably still selecting the same persona on that ubiquitous drop down. We all have to choose from when registering for an event. Probably this one too. I I was a developer and I will always identify as a developer despite doing a ton of work in areas like devops and Ai Ops and Deverell in my heart. I'm a developer I think about problems from that perspective. First it influences my thinking and my approach roles are very different. Roles are temporary, inconsistent, constantly fluctuating. If I were an actress, the parts I would play would be lengthy and varied, but the persona I would identify as would remain an actress and artist lesbian. Your work isn't confined to a single set of skills. It may have been a decade ago, but it is not today in any given week or sprint, you may play the role of an architect. Thinking about how to design a feature or service, developer building out code or fixing a bug and on automation engineer, looking at how to improve manual processes. We often refer to as soil release engineer, deploying code to different environments or releasing it to customers or in operations. Engineer ensuring an application functions inconsistent expected ways and no matter what role we play. We have to consider a number of issues. The first is test ability. All software systems require testing to assure architects that designs work developers, the code works operators, that infrastructure is running as expected and engineers of all disciplines that code changes won't bring down the whole system testing in its many forms is what enables systems to be durable and have longevity. It's what reassures engineers that changes won't impact current functionality. A system without tests is a disaster waiting to happen, which is why test ability is first among equals at this particular roundtable. Security is everyone's responsibility. But if you understand how to design and execute secure systems, I struggle with this security incidents for the most part are high impact, low probability events. The really big disasters, the one that the ones that end up on the news and get us all free credit reporting for a year. They don't happen super frequently and then goodness because you know that there are endless small vulnerabilities lurking in our systems. Security is something we all know we should dedicate time to but often don't make time for. And let's be honest, it's hard and complicated and a little scary def sec apps. The first derivative of deVOPS asked engineers to move security left this approach. Mint security was a consideration early in the process, not something that would block release at the last moment. This is also the consideration under which I'm putting compliance and governance well not perfectly aligned. I figure all the things you have to call lawyers for should just live together. I'm kidding. But in all seriousness, these three concepts are really about risk management, identity, data, authorization. It doesn't really matter what specific issue you're speaking about, the question is who has access to what win and how and that is everyone's responsibility at every stage site reliability engineering or sorry, is a discipline job and approach for good reason. It is absolutely critical that applications and services work as expected. Most of the time. That said, availability is often mistakenly treated as a synonym for reliability. Instead, it's a single aspect of the concept if a system is available but customer data is inaccurate or out of sync. The system is not reliable, reliability has five key components, availability, latency, throughput. Fidelity and durability, reliability is the end result. But resiliency for me is the journey the action engineers can take to improve reliability, observe ability is the ability to have insight into an application or system. It's the combination of telemetry and monitoring and alerting available to engineers and leadership. There's an aspect of observe ability that overlaps with reliability, but the purpose of observe ability isn't just to maintain a reliable system though, that is of course important. It is the capacity for engineers working on a system to have visibility into the inner workings of that system. The concept of observe ability actually originates and linear dynamic systems. It's defined as how well internal states of a system can be understood based on information about its external outputs. If it is critical when companies move systems to the cloud or utilize managed services that they don't lose visibility and confidence in their systems. The shared responsibility model of cloud storage compute and managed services require that engineering teams be able to quickly be alerted to identify and remediate issues as they arise. Flexible systems are capable of adapting to meet the ever changing needs of the customer and the market segment, flexible code bases absorb new code smoothly. Embody a clean separation of concerns. Are partitioned into small components or classes and architected to enable the now as well as the next inflexible systems. Change dependencies are reduced or eliminated. Database schemas accommodate change well components, communicate via a standardized and well documented A. P. I. The only thing constant in our industry is change and every role we play, creating flexibility and solutions that can be flexible that will grow as the applications grow is absolutely critical. Finally, scalability scalability refers to more than a system's ability to scale for additional load. It implies growth scalability and the revolution model carries the continuous innovation of a team and the byproducts of that growth within a system. For me, scalability is the most human of the considerations. It requires each of us in our various roles to consider everyone around us, our customers who use the system or rely on its services, our colleagues current and future with whom we collaborate and even our future selves. Mhm. Software development isn't a straight line, nor is it a perfect loop. It is an ever changing complex dance. There are twirls and pivots and difficult spins forward and backward. Engineers move in parallel, creating truly magnificent pieces of art. We need a modern model for this modern era and I believe this is just the revolution to get us started. Thank you so much for having me. >>Hey, we're back here. Live in the keynote studio. I'm john for your host here with lisa martin. David lot is getting ready for the fireside chat ending keynote with the practitioner. Hello! Fresh without data mesh lisa Emily is amazing. The funky artwork there. She's amazing with the talk. I was mesmerized. It was impressive. >>The revolution of devops and the creative element was a really nice surprise there. But I love what she's doing. She's challenging the status quo. If we've learned nothing in the last year and a half, We need to challenge the status quo. A model from the 1960s that is no longer linear. What she's doing is revolutionary. >>And we hear this all the time. All the cube interviews we do is that you're seeing the leaders, the SVP's of engineering or these departments where there's new new people coming in that are engineering or developers, they're playing multiple roles. It's almost a multidisciplinary aspect where you know, it's like going into in and out burger in the fryer later and then you're doing the grill, you're doing the cashier, people are changing roles or an architect, their test release all in one no longer departmental, slow siloed groups. >>She brought up a great point about persona is that we no longer fit into these buckets. That the changing roles. It's really the driver of how we should be looking at this. >>I think I'm really impressed, really bold idea, no brainer as far as I'm concerned, I think one of the things and then the comments were off the charts in a lot of young people come from discord servers. We had a good traction over there but they're all like learning. Then you have the experience, people saying this is definitely has happened and happening. The dominoes are falling and they're falling in the direction of modernization. That's the key trend speed. >>Absolutely with speed. But the way that Emily is presenting it is not in a brash bold, but it's in a way that makes great sense. The way that she creatively visually lined out what she was talking about Is amenable to the folks that have been doing this for since the 60s and the new folks now to really look at this from a different >>lens and I think she's a great setup on that lightning top of the 15 companies we got because you think about sis dig harness. I white sourced flamingo hacker one send out, I oh, okay. Thought spot rock set Sarah Ops ramp and Ops Monte cloud apps, sani all are doing modern stuff and we talked to them and they're all on this new wave, this monster wave coming. What's your observation when you talk to these companies? >>They are, it was great. I got to talk with eight of the 15 and the amount of acceleration of innovation that they've done in the last 18 months is phenomenal obviously with the power and the fuel and the brand reputation of aws but really what they're all facilitating cultural shift when we think of devoPS and the security folks. Um, there's a lot of work going on with ai to an automation to really kind of enabled to develop the develops folks to be in control of the process and not have to be security experts but ensuring that the security is baked in shifting >>left. We saw that the chat room was really active on the security side and one of the things I noticed was not just shift left but the other groups, the security groups and the theme of cultural, I won't say war but collision cultural shift that's happening between the groups is interesting because you have this new devops persona has been around Emily put it out for a while. But now it's going to the next level. There's new revolutions about a mindset, a systems mindset. It's a thinking and you start to see the new young companies coming out being funded by the gray locks of the world who are now like not going to be given the we lost the top three clouds one, everything. there's new business models and new technical architecture in the cloud and that's gonna be jerry Chen talk coming up next is going to be castles in the clouds because jerry chant always talked about moats, competitive advantage and how moats are key to success to guard the castle. And then we always joke, there's no more moz because the cloud has killed all the boats. But now the motor in the cloud, the castles are in the cloud, not on the ground. So very interesting thought provoking. But he's got data and if you look at the successful companies like the snowflakes of the world, you're starting to see these new formations of this new layer of innovation where companies are growing rapidly, 98 unicorns now in the cloud. Unbelievable, >>wow, that's a lot. One of the things you mentioned, there's competitive advantage and these startups are all fueled by that they know that there are other companies in the rear view mirror right behind them. If they're not able to work as quickly and as flexibly as a competitor, they have to have that speed that time to market that time to value. It was absolutely critical. And that's one of the things I think thematically that I saw along the eighth sort of that I talked to is that time to value is absolutely table stakes. >>Well, I'm looking forward to talking to jerry chan because we've talked on the queue before about this whole idea of What happens when winner takes most would mean the top 3, 4 cloud players. What happens? And we were talking about that and saying, if you have a model where an ecosystem can develop, what does that look like and back in 2013, 2014, 2015, no one really had an answer. Jerry was the only BC. He really nailed it with this castles in the cloud. He nailed the idea that this is going to happen. And so I think, you know, we'll look back at the tape or the videos from the cube, we'll find those cuts. But we were talking about this then we were pontificating and riffing on the fact that there's going to be new winners and they're gonna look different as Andy Jassy always says in the cube you have to be misunderstood if you're really going to make something happen. Most of the most successful companies are misunderstood. Not anymore. The cloud scales there. And that's what's exciting about all this. >>It is exciting that the scale is there, the appetite is there the appetite to challenge the status quo, which is right now in this economic and dynamic market that we're living in is there's nothing better. >>One of the things that's come up and and that's just real quick before we bring jerry in is automation has been insecurity, absolutely security's been in every conversation, but automation is now so hot in the sense of it's real and it's becoming part of all the design decisions. How can we automate can we automate faster where the keys to automation? Is that having the right data, What data is available? So I think the idea of automation and Ai are driving all the change and that's to me is what these new companies represent this modern error where AI is built into the outcome and the apps and all that infrastructure. So it's super exciting. Um, let's check in, we got jerry Chen line at least a great. We're gonna come back after jerry and then kick off the day. Let's bring in jerry Chen from Greylock is he here? Let's bring him in there. He is. >>Hey john good to see you. >>Hey, congratulations on an amazing talk and thesis on the castles on the cloud. Thanks for coming on. >>All right, Well thanks for reading it. Um, always were being put a piece of workout out either. Not sure what the responses, but it seemed to resonate with a bunch of developers, founders, investors and folks like yourself. So smart people seem to gravitate to us. So thank you very much. >>Well, one of the benefits of doing the Cube for 11 years, Jerry's we have videotape of many, many people talking about what the future will hold. You kind of are on this early, it wasn't called castles in the cloud, but you were all I was, we had many conversations were kind of connecting the dots in real time. But you've been on this for a while. It's great to see the work. I really think you nailed this. I think you're absolutely on point here. So let's get into it. What is castles in the cloud? New research to come out from Greylock that you spearheaded? It's collaborative effort, but you've got data behind it. Give a quick overview of what is castle the cloud, the new modes of competitive advantage for companies. >>Yeah, it's as a group project that our team put together but basically john the question is, how do you win in the cloud? Remember the conversation we had eight years ago when amazon re event was holy cow, Like can you compete with them? Like is it a winner? Take all? Winner take most And if it is winner take most, where are the white spaces for Some starts to to emerge and clearly the past eight years in the cloud this journey, we've seen big companies, data breaks, snowflakes, elastic Mongo data robot. And so um they spotted the question is, you know, why are the castles in the cloud? The big three cloud providers, Amazon google and Azure winning. You know, what advantage do they have? And then given their modes of scale network effects, how can you as a startup win? And so look, there are 500 plus services between all three cloud vendors, but there are like 500 plus um startups competing gets a cloud vendors and there's like almost 100 unicorn of private companies competing successfully against the cloud vendors, including public companies. So like Alaska, Mongo Snowflake. No data breaks. Not public yet. Hashtag or not public yet. These are some examples of the names that I think are winning and watch this space because you see more of these guys storm the castle if you will. >>Yeah. And you know one of the things that's a funny metaphor because it has many different implications. One, as we talk about security, the perimeter of the gates, the moats being on land. But now you're in the cloud, you have also different security paradigm. You have a different um, new kinds of services that are coming on board faster than ever before. Not just from the cloud players but From companies contributing into the ecosystem. So the combination of the big three making the market the main markets you, I think you call 31 markets that we know of that probably maybe more. And then you have this notion of a sub market, which means that there's like we used to call it white space back in the day, remember how many whites? Where's the white space? I mean if you're in the cloud, there's like a zillion white spaces. So talk about this sub market dynamic between markets and that are being enabled by the cloud players and how these sub markets play into it. >>Sure. So first, the first problem was what we did. We downloaded all the services for the big three clowns. Right? And you know what as recalls a database or database service like a document DB and amazon is like Cosmo dB and Azure. So first thing first is we had to like look at all three cloud providers and you? Re categorize all the services almost 500 Apples, Apples, Apples # one number two is you look at all these markets or sub markets and said, okay, how can we cluster these services into things that you know you and I can rock right. That's what amazon Azure and google think about. It is very different and the beauty of the cloud is this kind of fat long tail of services for developers. So instead of like oracle is a single database for all your needs. They're like 20 or 30 different databases from time series um analytics, databases. We're talking rocks at later today. Right. Um uh, document databases like Mongo search database like elastic. And so what happens is there's not one giant market like databases, there's a database market And 30, 40 sub markets that serve the needs developers. So the Great News is cloud has reduced the cost and create something that new for developers. Um also the good news is for a start up you can find plenty of white speeds solving a pain point, very specific to a different type of problem >>and you can sequence up to power law to this. I love the power of a metaphor, you know, used to be a very thin neck note no torso and then a long tail. But now as you're pointing out this expansion of the fat tail of services, but also there's big tam's and markets available at the top of the power law where you see coming like snowflake essentially take on the data warehousing market by basically sitting on amazon re factoring with new services and then getting a flywheel completely changing the economic unit economics completely changing the consumption model completely changing the value proposition >>literally you >>get Snowflake has created like a storm, create a hole, that mode or that castle wall against red shift. Then companies like rock set do your real time analytics is Russian right behind snowflakes saying, hey snowflake is great for data warehouse but it's not fast enough for real time analytics. Let me give you something new to your, to your parallel argument. Even the big optic snowflake have created kind of a wake behind them that created even more white space for Gaza rock set. So that's exciting for guys like me and >>you. And then also as we were talking about our last episode two or quarter two of our showcase. Um, from a VC came on, it's like the old shelf where you didn't know if a company's successful until they had to return the inventory now with cloud you if you're not successful, you know it right away. It's like there's no debate. Like, I mean you're either winning or not. This is like that's so instrumented so a company can have a good better mousetrap and win and fill the white space and then move up. >>It goes both ways. The cloud vendor, the big three amazon google and Azure for sure. They instrument their own class. They know john which ecosystem partners doing well in which ecosystems doing poorly and they hear from the customers exactly what they want. So it goes both ways they can weaponize that. And just as well as you started to weaponize that info >>and that's the big argument of do that snowflake still pays the amazon bills. They're still there. So again, repatriation comes back, That's a big conversation that's come up. What's your quick take on that? Because if you're gonna have a castle in the cloud, then you're gonna bring it back to land. I mean, what's that dynamic? Where do you see that compete? Because on one hand is innovation. The other ones maybe cost efficiency. Is that a growth indicator slow down? What's your view on the movement from and to the cloud? >>I think there's probably three forces you're finding here. One is the cost advantage in the scale advantage of cloud so that I think has been going for the past eight years, there's a repatriation movement for a certain subset of customers, I think for cost purposes makes sense. I think that's a tiny handful that believe they can actually run things better than a cloud. The third thing we're seeing around repatriation is not necessary against cloud, but you're gonna see more decentralized clouds and things pushed to the edge. Right? So you look at companies like Cloudflare Fastly or a company that we're investing in Cato networks. All ideas focus on secure access at the edge. And so I think that's not the repatriation of my own data center, which is kind of a disaggregated of cloud from one giant monolithic cloud, like AWS east or like a google region in europe to multiple smaller clouds for governance purposes, security purposes or legacy purposes. >>So I'm looking at my notes here, looking down on the screen here for this to read this because it's uh to cut and paste from your thesis on the cloud. The excellent cloud. The of the $38 billion invested this quarter. Um Ai and ml number one, um analytics. Number two, security number three. Actually, security number one. But you can see the bubbles here. So all those are data problems I need to ask you. I see data is hot data as intellectual property. How do you look at that? Because we've been reporting on this and we just started the cube conversation around workflows as intellectual property. If you have scale and your motives in the cloud. You could argue that data and the workflows around those data streams is intellectual property. It's a protocol >>I believe both are. And they just kind of go hand in hand like peanut butter and jelly. Right? So data for sure. I. P. So if you know people talk about days in the oil, the new resource. That's largely true because of powers a bunch. But the workflow to your point john is sticky because every company is a unique snowflake right? Like the process used to run the cube and your business different how we run our business. So if you can build a workflow that leverages the data, that's super sticky. So in terms of switching costs, if my work is very bespoke to your business, then I think that's competitive advantage. >>Well certainly your workflow is a lot different than the cube. You guys just a lot of billions of dollars in capital. We're talking to all the people out here jerry. Great to have you on final thought on your thesis. Where does it go from here? What's been the reaction? Uh No, you put it out there. Great love the restart. Think you're on point on this one. Where did we go from here? >>We have to follow pieces um in the near term one around, you know, deep diver on open source. So look out for that pretty soon and how that's been a powerful strategy a second. Is this kind of just aggregation of the cloud be a Blockchain and you know, decentralized apps, be edge applications. So that's in the near term two more pieces of, of deep dive we're doing. And then the goal here is to update this on a quarterly and annual basis. So we're getting submissions from founders that wanted to say, hey, you missed us or he screwed up here. We got the big cloud vendors saying, Hey jerry, we just lost his new things. So our goal here is to update this every single year and then probably do look back saying, okay, uh, where were we wrong? We're right. And then let's say the castle clouds 2022. We'll see the difference were the more unicorns were there more services were the IPO's happening. So look for some short term work from us on analytics, like around open source and clouds. And then next year we hope that all of this forward saying, Hey, you have two year, what's happening? What's changing? >>Great stuff and, and congratulations on the southern news. You guys put another half a billion dollars into early, early stage, which is your roots. Are you still doing a lot of great investments in a lot of unicorns. Congratulations that. Great luck on the team. Thanks for coming on and congratulations you nailed this one. I think I'm gonna look back and say that this is a pretty seminal piece of work here. Thanks for sharing. >>Thanks john thanks for having us. >>Okay. Okay. This is the cube here and 81 startup showcase. We're about to get going in on all the hot companies closing out the kino lisa uh, see jerry Chen cube alumni. He was right from day one. We've been riffing on this, but he nails it here. I think Greylock is lucky to have him as a general partner. He's done great deals, but I think he's hitting the next wave big. This is, this is huge. >>I was listening to you guys talking thinking if if you had a crystal ball back in 2013, some of the things Jerry saying now his narrative now, what did he have a crystal >>ball? He did. I mean he could be a cuBA host and I could be a venture capital. We were both right. I think so. We could have been, you know, doing that together now and all serious now. He was right. I mean, we talked off camera about who's the next amazon who's going to challenge amazon and Andy Jassy was quoted many times in the queue by saying, you know, he was surprised that it took so long for people to figure out what they were doing. Okay, jerry was that VM where he had visibility into the cloud. He saw amazon right away like we did like this is a winning formula and so he was really out front on this one. >>Well in the investments that they're making in these unicorns is exciting. They have this, this lens that they're able to see the opportunities there almost before anybody else can. And finding more white space where we didn't even know there was any. >>Yeah. And what's interesting about the report I'm gonna dig into and I want to get to him while he's on camera because it's a great report, but He says it's like 500 services I think Amazon has 5000. So how you define services as an interesting thing and a lot of amazon services that they have as your doesn't have and vice versa, they do call that out. So I find the report interesting. It's gonna be a feature game in the future between clouds the big three. They're gonna say we do this, you're starting to see the formation, Google's much more developer oriented. Amazon is much more stronger in the governance area with data obviously as he pointed out, they have such experience Microsoft, not so much their developer cloud and more office, not so much on the government's side. So that that's an indicator of my, my opinion of kind of where they rank. So including the number one is still amazon web services as your long second place, way behind google, right behind Azure. So we'll see how the horses come in, >>right. And it's also kind of speaks to the hybrid world in which we're living the hybrid multi cloud world in which many companies are living as companies to not just survive in the last year and a half, but to thrive and really have to become data companies and leverage that data as a competitive advantage to be able to unlock the value of it. And a lot of these startups that we talked to in the showcase are talking about how they're helping organizations unlock that data value. As jerry said, it is the new oil, it's the new gold. Not unless you can unlock that value faster than your competition. >>Yeah, well, I'm just super excited. We got a great day ahead of us with with all the cots startups. And then at the end day, Volonte is gonna interview, hello, fresh practitioners, We're gonna close it out every episode now, we're going to do with the closing practitioner. We try to get jpmorgan chase data measures. The hottest area right now in the enterprise data is new competitive advantage. We know that data workflows are now intellectual property. You're starting to see data really factoring into these applications now as a key aspect of the competitive advantage and the value creation. So companies that are smart are investing heavily in that and the ones that are kind of slow on the uptake are lagging the market and just trying to figure it out. So you start to see that transition and you're starting to see people fall away now from the fact that they're not gonna make it right, You're starting to, you know, you can look at look at any happens saying how much ai is really in there. Real ai what's their data strategy and you almost squint through that and go, okay, that's gonna be losing application. >>Well the winners are making it a board level conversation >>And security isn't built in. Great to have you on this morning kicking it off. Thanks John Okay, we're going to go into the next set of the program at 10:00 we're going to move into the breakouts. Check out the companies is three tracks in there. We have an awesome track on devops pure devops. We've got the data and analytics and we got the cloud management and just to run down real quick check out the sis dig harness. Io system is doing great, securing devops harness. IO modern software delivery platform, White Source. They're preventing and remediating the rest of the internet for them for the company's that's a really interesting and lumbago, effortless acres land and monitoring functions, server list super hot. And of course hacker one is always great doing a lot of great missions and and bounties you see those success continue to send i O there in Palo alto changing the game on data engineering and data pipe lining. Okay. Data driven another new platform, horizontally scalable and of course thought spot ai driven kind of a search paradigm and of course rock set jerry Chen's companies here and press are all doing great in the analytics and then the cloud management cost side 80 operations day to operate. Ops ramps and ops multi cloud are all there and sunny, all all going to present. So check them out. This is the Cubes Adria's startup showcase episode three.

>>Hello and welcome today's cube presentation of eight of us startup showcase. I'm john for your host highlighting the hottest companies and devops data analytics and cloud management lisa martin and David want are here to kick it off. We've got a great program for you again. This is our, our new community event model where we're doing every quarter, we have every new episode, this is quarter three this year or episode three, season one of the hottest cloud startups and we're gonna be featured. Then we're gonna do a keynote package and then 15 countries will present their story, Go check them out and then have a closing keynote with a practitioner and we've got some great lineups, lisa Dave, great to see you. Thanks for joining me. Hey >>guys, great to be here. >>So David got to ask you, you know, back in events last night we're at the 14 it's event where they had the golf PGA championship with the cube Now we got the hybrid model, This is the new normal. We're in, we got these great companies were showcasing them. What's your take? >>Well, you're right. I mean, I think there's a combination of things. We're seeing some live shows. We saw what we did with at mobile world Congress. We did the show with AWS storage day where it was, we were at the spheres, there was no, there was a live audience, but they weren't there physically. It was just virtual and yeah, so, and I just got pained about reinvent. Hey Dave, you gotta make your flights. So I'm making my flights >>were gonna be at the amazon web services, public sector summit next week. At least a lot, a lot of cloud convergence going on here. We got many companies being featured here that we spoke with the Ceo and their top people cloud management, devops data, nelson security. Really cutting edge companies, >>yes, cutting edge companies who are all focused on acceleration. We've talked about the acceleration of digital transformation the last 18 months and we've seen a tremendous amount of acceleration in innovation with what these startups are doing. We've talked to like you said, there's, there's C suite, we've also talked to their customers about how they are innovating so quickly with this hybrid environment, this remote work and we've talked a lot about security in the last week or so. You mentioned that we were at Fortinet cybersecurity skills gap. What some of these companies are doing with automation for example, to help shorten that gap, which is a big opportunity for the >>job market. Great stuff. Dave so the format of this event, you're going to have a fireside chat with the practitioner, we'd like to end these programs with a great experienced practitioner cutting edge in data february. The beginning lisa are gonna be kicking off with of course Jeff bar to give us the update on what's going on AWS and then a special presentation from Emily Freeman who is the author of devops for dummies, she's introducing new content. The revolution in devops devops two point oh and of course jerry Chen from Greylock cube alumni is going to come on and talk about his new thesis castles in the cloud creating moats at cloud scale. We've got a great lineup of people and so the front ends can be great. Dave give us a little preview of what people can expect at the end of the fireside chat. >>Well at the highest level john I've always said we're entering that sort of third great wave of cloud. First wave was experimentation. The second big wave was migration. The third wave of integration, Deep business integration and what you're going to hear from Hello Fresh today is how they like many companies that started early last decade. They started with an on prem Hadoop system and then of course we all know what happened is S three essentially took the knees out from, from the on prem Hadoop market lowered costs, brought things into the cloud and what Hello Fresh is doing is they're transforming from that legacy Hadoop system into its running on AWS but into a data mess, you know, it's a passionate topic of mine. Hello Fresh was scaling they realized that they couldn't keep up so they had to rethink their entire data architecture and they built it around data mesh Clements key and christoph Soewandi gonna explain how they actually did that are on a journey or decentralized data measure >>it and your posts have been awesome on data measure. We get a lot of traction. Certainly you're breaking analysis for the folks watching check out David Landes, Breaking analysis every week, highlighting the cutting edge trends in tech Dave. We're gonna see you later, lisa and I are gonna be here in the morning talking about with Emily. We got Jeff Barr teed up. Dave. Thanks for coming on. Looking forward to fireside chat lisa. We'll see you when Emily comes back on. But we're gonna go to Jeff bar right now for Dave and I are gonna interview Jeff. Mm >>Hey Jeff, >>here he is. Hey, how are you? How's it >>going really well. >>So I gotta ask you, the reinvent is on, everyone wants to know that's happening right. We're good with Reinvent. >>Reinvent is happening. I've got my hotel and actually listening today, if I just remembered, I still need to actually book my flights. I've got my to do list on my desk and I do need to get my flights. Uh, really looking forward to it. >>I can't wait to see the all the announcements and blog posts. We're gonna, we're gonna hear from jerry Chen later. I love the after on our next event. Get your reaction to this castle and castles in the cloud where competitive advantages can be built in the cloud. We're seeing examples of that. But first I gotta ask you give us an update of what's going on. The ap and ecosystem has been an incredible uh, celebration these past couple weeks, >>so, so a lot of different things happening and the interesting thing to me is that as part of my job, I often think that I'm effectively living in the future because I get to see all this really cool stuff that we're building just a little bit before our customers get to, and so I'm always thinking okay, here I am now, and what's the world going to be like in a couple of weeks to a month or two when these launches? I'm working on actually get out the door and that, that's always really, really fun, just kind of getting that, that little edge into where we're going, but this year was a little interesting because we had to really significant birthdays, we had the 15 year anniversary of both EC two and S three and we're so focused on innovating and moving forward, that it's actually pretty rare for us at Aws to look back and say, wow, we've actually done all these amazing things in in the last 15 years, >>you know, it's kind of cool Jeff, if I may is is, you know, of course in the early days everybody said, well, a place for startup is a W. S and now the great thing about the startup showcases, we're seeing the startups that are very near, or some of them have even reached escape velocity, so they're not, they're not tiny little companies anymore, they're in their transforming their respective industries, >>they really are and I think that as they start ups grow, they really start to lean into the power of the cloud. They as they start to think, okay, we've we've got our basic infrastructure in place, we've got, we were serving data, we're serving up a few customers, everything is actually working pretty well for us. We've got our fundamental model proven out now, we can invest in publicity and marketing and scaling and but they don't have to think about what's happening behind the scenes. They just if they've got their auto scaling or if they're survivalists, the infrastructure simply grows to meet their demand and it's it's just a lot less things that they have to worry about. They can focus on the fun part of their business which is actually listening to customers and building up an awesome business >>Jeff as you guys are putting together all the big pre reinvented, knows a lot of stuff that goes on prior as well and they say all the big good stuff to reinvent. But you start to see some themes emerged this year. One of them is modernization of applications, the speed of application development in the cloud with the cloud scale devops personas, whatever persona you want to talk about but basically speed the speed of of the app developers where other departments have been slowing things down, I won't say name names, but security group and I t I mean I shouldn't have said that but only kidding but no but seriously people want in minutes and seconds now not days or weeks. You know whether it's policy. What are some of the trends that you're seeing around this this year as we get into some of the new stuff coming out >>So Dave customers really do want speed and for we've actually encapsulate this for a long time in amazon in what we call the bias for action leadership principle where we just need to jump in and move forward and and make things happen. A lot of customers look at that and they say yes this is great. We need to have the same bias fraction. Some do. Some are still trying to figure out exactly how to put it into play. And they absolutely for sure need to pay attention to security. They need to respect the past and make sure that whatever they're doing is in line with I. T. But they do want to move forward. And the interesting thing that I see time and time again is it's not simply about let's adopt a new technology. It's how do we how do we keep our workforce engaged? How do we make sure that they've got the right training? How do we bring our our I. T. Team along for this. Hopefully new and fun and exciting journey where they get to learn some interesting new technologies they've got all this very much accumulated business knowledge they still want to put to use, maybe they're a little bit apprehensive about something brand new and they hear about the cloud, but there by and large, they really want to move forward. They just need a little bit of help to make it happen real >>good guys. One of the things you're gonna hear today, we're talking about speed traditionally going fast. Oftentimes you meant you have to sacrifice some things on quality and what you're going to hear from some of the startups today is how they're addressing that to automation and modern devoPS technologies and sort of rethinking that whole application development approach. That's something I'm really excited to see organization is beginning to adopt so they don't have to make that tradeoff anymore. >>Yeah, I would never want to see someone sacrifice quality, but I do think that iterating very quickly and using the best of devoPS principles to be able to iterate incredibly quickly and get that first launch out there and then listen with both ears just as much as you can, Everything. You hear iterate really quickly to meet those needs in, in hours and days, not months, quarters or years. >>Great stuff. Chef and a lot of the companies were featuring here in the startup showcase represent that new kind of thinking, um, systems thinking as well as you know, the cloud scale and again and it's finally here, the revolution of deVOps is going to the next generation and uh, we're excited to have Emily Freeman who's going to come on and give a little preview for her new talk on this revolution. So Jeff, thank you for coming on, appreciate you sharing the update here on the cube. Happy >>to be. I'm actually really looking forward to hearing from Emily. >>Yeah, it's great. Great. Looking forward to the talk.

>> Narrator: From around the globe, It's theCUBE! Covering Fortinet Security Summit, brought to you by Fortinet. >> And welcome to the cube coverage here at the PGA champion-- Fortinet championship, where we're going to be here for Napa valley coverage of Fortinet's, the championships security summit, going on Fortinet, sponsoring the PGA, but a great guest Merritt Baer, who's the principal in the office of the CISO at Amazon web services. Great to see you. Thanks for coming on. >> Merritt: Thank you for having me. It's good to be here. >> So Fortinet, uh, big brand now, sponsoring the PGA. Pretty impressive that they're getting out there with the golf. It's very enterprise focused, a lot of action. A lot of customers here. >> Merritt: It seems like it, for sure. >> Bold move. Amazon, Amazon web services has become the gold standard in terms of cloud computing, seeing DevOps people refactoring. You've seen the rise of companies like Snowflake building on Amazon. People are moving not only to the cloud, but they're refactoring their business and security is top of mind for everyone. And obviously cybersecurity threats that Fortinet helps cover, you guys are partnering with them, is huge. What is your state of the union for cyber? What's the current situation with the threat landscape? Obviously there's no perimeter in the cloud. More end points are coming on board. The Edge is here. 5G, wavelength with outpost, a lot happening. >> That was a long question, but I'll, I'll try. So I think, you know, as always business in innovation is the driver. And security needs to be woven into that. And so I think increasingly we're seeing security not be a no shop, but be an enabler. And especially in cloud, when we're talking about the way that you do DevOps with security, I know folks don't like the term DevSecOps, but you know, to be able to do agile methodology and be able to do the short sprints that are really agile and, and innovative where you can-- So instead of nine months or whatever, nine week timelines, we're talking about short sprints that allow you to elastically scale up and down and be able to innovate really creatively. And to do that, you need to weave in your security because there's no like, okay, you pass go, you collect $200. Security is not an after the fact. So I think as part of that, of course the perimeter is dead, long live the perimeter, right? It does matter. And we can talk about that a little bit. You know, the term zero trust is really hot right now. We can dig into that if that's of interest. But I think part of this is just the business is kind of growing up. And as you alluded to we're at the start of what I think is an S curve that is just at the beginning. >> You know, I was really looking forward to Reinforced this year. It was got canceled last year, but the first inaugural event was in Boston. I remember covering that. This year it was virtual, but the keynote Steven gave was interesting, security hubs at the center of it. And I want to ask you, because I need you to share your view on how security's changed with the cloud, because there's now new things that are there to take advantage of if you're a business or an enterprise, yeah on premises, there's a standard operating procedure. You have the perimeter, et cetera. That's not there anymore, but with the cloud, there's a new, there's new ways to protect and security hub is one. What are some of the new things that cloud enables for security? >> Well, so just to clarify, like perimeters exist logically just like they do physically. So, you know, a VPC for example, would be a logical perimeter and that is very relevant, or a VPN. Now we're talking about a lot of remote work during COVID, for example. But one of the things that I think folks are really interested with Security Hub is just having that broad visibility and one of the beauties of cloud is that, you get this tactile sense of your estate and you can reason about it. So for example, when you're looking at identity and access management, you can look at something like access analyzer that will under the hood be running on a tool that our, our group came up with that is like reasoning about the permissions, because you're talking about software layers, you're talking about computer layer reasoning about security. And so another example is in inspector. We have a tool that will tell you without sending a single packet over the network, what your network reach ability is. There's just like this ability to do infrastructure as code that then allows you to do security as code. And then that allows for ephemeral and immutable infrastructures so that you could, for example, get back to a known good state. That being said, you know, you kill a, your web server gets popped and you kill it and you spin up a new one. You haven't solved your problem, right? You need to have some kind of awareness of networking and how principals work. But at the same time, there's a lot of beauties about cloud that you inherit from a security perspective to be able to work in those top layers. And that's of course the premise of cloud. >> Yeah, infrastructure as code, you mentioned that, it's awesome. And the program ability of it with, with server-less functions, you're starting to see new ways now to spin up resources. How is that changing the paradigm and creating opportunities for better security? Is it, is it more microservices? Is it, is, are there new things that people can do differently now that they didn't have a year ago or two years ago? Because you're starting to see things like server-less functions are very popular. >> So yes, and yes, I think that it is augmenting the way that we're doing business, but it's especially augmenting the way we do security in terms of automation. So server-less, under the hood, whether it's CloudWatch events or config rules, they are all a Lambda function. So that's the same thing that powers your Alexa at home. These are server-less functions and they're really simple. You can program them, you can find them on GitHub, but they are-- one way to really scale your enterprise is to have a lot of automation in place so that you put those decisions in ahead of time. So your gray area of human decision making is scaled down. So you've got, you know, what you know to be allowable, what you know to be not allowable. And then you increasingly kind of whittled down that center into things that really are novel, truly novel or high stakes or both. But the focus on automation is a little bit of a trope for us. We at Amazon like to talk about mechanisms, good intentions are not enough. If it's not someone's job, it's a hope and hope is not a plan, you know, but creating the actual, you know, computerized version of making it be done iteratively. And I think that is the key to scaling a security chain because as we all know, things can't be manual for long, or you won't be able to grow. >> I love the AWS reference. Mechanisms, one way doors, raising the bar. These are all kind of internal Amazon, but I got to ask you about the Edge. Okay. There's a lot of action going on with 5G and wavelength. Okay, and what's interesting is if the Edge becomes so much more robust, how do you guys see that security from a security posture standpoint? What should people be thinking about? Because certainly it's just a distributed Edge point. What's the security posture, How should we be thinking about Edge? >> You know, Edge is a kind of catch all, right, we're talking about Internet of Things. We're talking about points of contact. And a lot of times I think we focus so much on the confidentiality and integrity, but the availability is hugely important when we're talking about security. So one of the things that excites me is that we have so many points of contact and so many availability points at the Edge that actually, so for example, in DynamoDB, the more times you put a call on it, the more available it is because it's fresher, you've already been refreshing it, there are so many elements of this, and our core compute platform, EC2, all runs on Nitro, which is our, our custom hardware. And it's really fascinating, the availability benefits there. Like the best patching is a patching you don't have to do. And there are so many elements that are just so core to that Greengrass, you know, which is running on FreeRTOS, which has an open source software, for example, is, you know, one element of zero trust in play. And there are so many ways that we can talk about this in different incarnations. And of course that speaks to like the breadth and depth of the industries that use cloud. We're talking about automotive, we're talking about manufacturing and agriculture, and there are so many interesting use cases for the ways that we will use IOT. >> Yeah. It's interesting, you mentioned Nitro. we also got Annapurna acquisition years ago. You got latency at the Edge. You can handle low latency, high volume compute with the data. That's pretty powerful. It's a paradigm shift. That's a new dynamic. It's pretty compelling, these new architectures, most people are scratching their heads going, "okay, how do I do this, like what do I do?" >> No, you're right. So it is a security inheritance that we are extremely calculated about our hardware supply chain. And we build our own custom hardware. We build our own custom Silicon. Like, this is not a question. And you're right in that one of the things, one of the north stars that we have is that the security properties of our engineering infrastructure are built in. So there just is no button for it to be insecure. You know, like that is deliberate. And there are elements of the ways that nature works from it running, you know, with zero downtime, being able to be patched running. There are so many elements of it that are inherently security benefits that folks inherit as a product. >> Right. Well, we're here at the security summit. What are you excited for today? What's the conversations you're having here at the Fortinet security summit. >> Well, it's awesome to just meet folks and connect outside. It's beautiful outside today. I'm going to be giving a talk on securing the cloud journey and kind of that growth and moving to infrastructure as code and security as code. I'm excited about the opportunity to learn a little bit more about how folks are managing their hybrid environments, because of course, you know, I think sometimes folks perceive AWS as being like this city on a hill where we get it all right. We struggle with the same things. We empathize with the same security work. And we work on that, you know, as a principal in the office of the CISO, I spend a lot of my time on how we do security and then a lot of my time talking to customers and that empathy back and forth is really crucial. >> Yeah. And you've got to be on the bleeding edge and have the empathy. I can't help but notice your AWS crypto shirt. Tell me about the crypto, what's going on there. NFT's coming out, is there a S3 bucket at NFT now, I mean. (both laughing) >> Cryptography never goes out of style. >> I know, I'm just, I couldn't help-- We'll go back to the pyramids on that one. Yeah, no, this is not a, an advertisement for cryptocurrency. It is, I'm a fangirl of the AWS crypto team. And as a result of wearing their shirts, occasionally they send me more shirts. And I can't argue with that. >> Well, love, love, love the crypto. I'm big fan of crypto, I think crypto is awesome. Defi is amazing. New applications are going to come out. We think it's going to be pretty compelling, again, let's get today right. (laughing) >> Well, I don't think it's about like, so cryptocurrency is just like one small iteration of what we're really talking about, which is the idea that math resolves, and the idea that you can have value in your resolution that the math should resolve. And I think that is a fundamental principle and end-to-end encryption, I believe is a universal human right. >> Merritt, thank you for coming on the cube. Great, great to have you on. Thanks for sharing that awesome insight. Thanks for coming on. >> Merritt: Thank you. >> Appreciate it. Okay. CUBE coverage here in Napa valley, our remote set for Fortinet's security cybersecurity summit here as part of their PGA golf Pro-Am tournament happening here in Napa valley. I'm John Furrier. Thanks for watching.

>>From around the globe. It's the cube covering Fortinet security summit brought to you by Fortinet. >>Welcome back to the cubes coverage of 40 net championship security summit from beautiful Napa valley. Lisa Martin here with John farrier, John, and has been phenomenal to do an event in person outdoors and Napa valley. >>You're so bright. We have to wear shades. It's been sunny and it's been hot. It's been great. It's been a great, it's been a great day. I mean, I think Fordanet stepping up to that sponsorship for the PGA is a bold move they're doing well on the business front. They're expanding it. It's good for their customers. It's a new, bold marketing step. Affordanet honestly, they're doing extremely well on the business front. As I mentioned, they got a lot of cash coming in. They got happy customers and they're all here. And golf is a great environment for tech buyers. We know that. So it's great to have the cube on the sports circuit and, uh, we'll be doing more of them. It's it's awesome. >>Good. I, it is great to be on this sport circuit. One of the things that I talked with several folks about today, John Madison being one that CEO, CFO, COO, and then Kenzie, the CEO of Fordanet about the cultural synergies between the PGA and Ford nine. It was really nice to hear how both of these companies, both of these organizations are so invested in things like women in technology and steam and stem programs, and they really align on those two cultures. >>Yeah, there's a, it's a, it's a, it's a culture fit. I mean, they basically, it's a winning formula. Look at Ford and net. Um, you know, and having that kind of representation is good. They, they have a great reputation put in. It does PGA does as well and it's quality, right? So people like, like quality and they want to line that. So it's a great business move for Fordanet to, uh, to do the, uh, the golf sponsorship, uh, multiple years. I think it's six years, five or six years, they get they're doing this. Um, it's phenomenal. I think they're going to Fortnite is going to turn into a marketing powerhouse. I think you're going to start to see John Madison and the team, uh, really gin up some nice new things, because you can do a lot with the PGA. Again, this foundations is charities, again, a lot of causes that are involved in, in fundraising around the PGA and you got the tour players and honestly the tech scene. So I think tech and sports has always been something that I've loved. And I think, you know, we'd love to come and bring our sets here and having the cube here is just a really fun kind of winning formula as well. We'd love it. And we, and we wish we could eat it for more days this year. I think we will, but this has been so much, >>It has been so much fun. There's been about over 300 customers and partners here. Fortnite is a, is a hundred percent partner driven organization. Lot of innovation being discussed the last eight hours or so, but one of the things that you definitely feel is the strength in their partner, community and Fortinets commitment to it. Also something that really impresses me is their commitment to helping to fill the cybersecurity skills gap. This is a gap that has been growing for the last five years. They last week announced a pledge to train 1 million people in the next five years to help shorten that gap. And as we know that the threat landscape is only continuing to expand. So the great combination there, >>And it's a, cause that's a good business logic behind it because there's a of negative unemployment. They need more people to do cybersecurity careers, but also you mentioned women in tech, you know, a lot of that's a big movement too. You start to see a much more women in tech scene here. We had, uh, Merritt bear on principal office of the CSO at Amazon web services on she's amazing. She's wearing the Amazon Krypto shirts. That was a home run, love that interview, but you started to see them afford a net with the whole scene. Here is they're taking their message directly to their customers and they're including their customers. So the magic of this formula that they have with the PGA and this whole program is they don't have live concert series. They got a pavilion here with all their top partners, with customers that doing a summit behind us with their top marquee customers. And they're telling the story direct and you're going, I think you need to shift to see Fordanet really do more of that. What we love in the key, which is take that direct to, to media model, to their customers and contents data. We had great conversations here. I mean, that's all you, you know, viewing the, uh, head VP SVP of at and T cybersecurity, uh, amazing, uh, uh, candidate there's great cube guests. And he was just traveling some serious wisdom. So great guests all along. Fantastic. >>Well, it's, it's been an inspiring day. It's nice that 40 minute has taken the step to do an in-person event. Obviously they did it extremely safely. We were outdoors, but people are, I think a lot of people and I'm speaking for myself, for sure, ready for this to come back and meet the threat landscape that changes that that 40 net has seen in the last 18 months are phenomenal. The growth in ransomware, nearly 11 X in a year. And you had this massive shift to work from home. And now they're talking about how they're partnering with links us, for example, to help enterprises, to really make that remote work environment far more secure, faster, and optimize for the worker. Who's on video conferencing, communication tools. All the kids at home gaming are probably going to be pretty bummed about this, but it really shows coordinates commitment to this. There's a lot of permanence to what we're seeing here in this model. >>I know you and I have done ton of interviews together and, uh, with great guests around cybersecurity and the phrase always comes up and over the past decade, there's there is no more perimeter here. You couldn't, you couldn't, it was louder than ever here because now you have so much going on connected devices. The future of work is at home with the virtual, uh, issues with the pandemic. And now with the Delta variant, uh, continuing at forward, it's a reality, we're in a hybrid world and, um, everything's going hybrid. And I think that's a new thing for companies to operationalize. So they got, there's no playbook. So there is a security playbook. And what these guys are doing is building an ecosystem to build product that people can wrap services around and to solve the key security problems. And that's that, that to me is a good business model. And the SAS is, again, you're seeing everyone go SAS. They want to go SAS product, or, you know, uh, some sort of business models involved in cloud. So cloud security, SAS all kind of rolled up. It's really kinda interesting trend. >>Yeah. We've talked about a whole bunch of trends today. One of them is just one of the marketing terms I've been using and I don't like to use it, but around for years as a future ready people, tech companies always describing solutions and technologies and products is future ready? Well, what does that really mean? Well, when the pandemic struck, none of us were future ready, but what we did hear and see and feel today from 40 net and their partners is how much acceleration they've done. So that going forward, we are going to be future ready for situations that arise like in this challenging cybersecurity landscape that businesses in every industry can prepare for. >>I think, I think the talks here in the cyber security summit behind us, it's interesting. Uh, Tufin one of their customers on a lot of the talks were the same thing, talking about the cultural shift, the cultural shift and security departments has to become more agile. And so that is a big untold story right now is that security departments. Aren't well-liked, they slow things down. I mean, you know, app review everything's gotta be looked at and it takes weeks. That is not good for developers. So app developers in the cloud, they want minutes, you know, shift left is something that we talk about all the time in our events with the developers dev ops movement is putting pressure on the security teams, culturally, who moves first. You don't go faster. You're going to be replaced, but you can't replace a security team. So I find that whole security cloud team dynamic, real organizational challenges. That's something I'm going to look into is one of my key takeaways from this this week. Yeah. >>A huge organizational change. And with that comes, you know, obviously different cultures with these organizations, but at the same time, there really is no more choice. They have to be working together. And as Kenzie and I were talking about, you know, security is no longer an ITP, this is a board level initiative and discussion businesses in every industry, whether it's a retailer or PGA tour have to be prepared. >>Yeah. I mean, I'm a security Hawk. I think every company needs to be prepared to take an offensive strike and be ready on the defense. And this is a huge agility and speed cause ransomware, you get taken down, you know, I mean that's business critical issue. You're dead, you're dead in the water. So, so again, this is all part of his quote digital transformation, uh, that everyone's talking about and is a do over, everyone's doing it over and doing it with the cloud. And I remember just recently in 2012, people were saying, oh, the cloud is not secure. It's now some more secure than anything else. So we starting to see that shift so that realities hit everybody. So it's been great. >>What are some of the things that excited you about the conversations that you had today? >>I was pretty impressed by the fact that one was a physical advantage. You mentioned. So, you know, people in personal, I found it refreshing. I think people here, I noticed we're one relieved to be out and about in public and talking on the cube. Um, but I was really impressed with, uh, the guests from Amazon web services. She was a crypto shirt that got me there. But I think this idea that security is not just a guy thing, right? So to me, women in tech was a, was a big conversation. I thought it was very positive this week, um, here and still a lot more work to do, but I think that's, what's cool. And just the talks were great. I mean, it's cutting edge concepts here. And I thought at, and T was great. I thought, uh, Tufin was a great conversation and again, all the guests that were awesome. So what did you think, what was your take? >>Just how much acceleration we've seen in the last year on innovation and partnerships that really jumped out that when, like I said, we talked about future ready and go, wow. So much of the world wasn't future ready a year and a half ago when this came out and all of the innovation and the positivities that have come out of technology companies creating, because we don't have a choice. We have to figure out secure work from home. For example, we know that some amount of it's going to persist hybrid maybe here to stay, to see what 40 net and their partner ecosystem have done in a short time period. Given the fact that you mentioned ransomware and their global threat landscape, I was talking with Derek, nearly X increased in ransomware and just, >>And they've got four to guard. They got all this. I think your interview with Ken, the CEO, I thought it was really compelling. It was one point he said, um, we're making a lot more investments when you asked him a pointed question. And I think that theme comes across really strong in all of our interviews today. And the conversations in the hallway here is that people that are making the investments are doing well. And so there's more investments being made and that's like, people kind of say, oh yeah, we can do this one, but you have to now. And so the other thing that I thought was awesome with John Madison, talking about their strategy around the PGA, it's a bold move, but it's kind of got this mindset of always innovating, but they're not, they go step at a time, so they get better. So I'm, I'm expecting next year to be better than this year, bigger, uh, and more integrated because that's what they do. They make things better. Um, I think that's gonna be fun to watch, but I think that's a bold move for Affordanet to be doing this kind of marketing. It's really, they haven't done that in the, in the past. So I think this is a really bold move. >>I agree. And they've spun this out of their accelerate event, which is an event that we've covered for years in person. So this was the first time that they've pulled the security summit out as its own event. And clearly there was a great buzz behind us all day. Lots of, lots of topics, a lot of discussions, a lot of partnership. And you're right. A lot of talk about investment investment in their partner ecosystem and investment internally. Yes. >>It's fun too. On a personal note, we've been following Fordanet for many, many years. You and I both got doing the interviews and you do and go to the events is watching them grow and be successful. And it's kind of proud though. I, yeah, I'll go for it. And that kind of rooting for him. And I want to thank them for inviting the cube here because we're so psyched to be here and be part of this awesome event. And again, golf, the cube kind of go together, right? Sports, the cubes. We love it. So always fun. So thanks to, for, to net out there for, uh, supporting us and being, being part of the cube. >>Well, you got the gear, you got your Fordanet Gulf t-shirt I got one too. And pink. It's beautiful. Yeah. You got some shades, but we also have some gear here help us in the morning for our next shows. Be caffeinated. Yeah. But no, it's been great. It's been great to be here. Great to hook co-host with you again in person if for 20 months or so, and looking forward to seeing how 49 and how back >>He was back up the vents. Thanks to the crew. Chuck Leonard, every one's era, Brendan. Right. Well done. Fordanet thank you. Thank you for >>John's been great. Thanks for having me up here today. Looking forward to the next time from Napa valley, Lisa Martin, for John farrier, you've been watching the cube

>>From around the globe. It's the cube covering Fortinet security summit brought to you by Fortinet. >>Welcome back to the cube. Lisa Martin here at the Fordham het championship security summit. Napa valley has been beautiful and gracious to us all day. We're very pleased to be here. I'm very pleased to welcome a first-timer to the cube. Rupesh Chuck Chuck Xi, VP a T and T cybersecurity and edge solutions at, at and T cybersecurity. Refresh. Welcome. >>Thank you. Thank you so much for having me, Lisa, I'm looking forward to our conversation today. >>Me too. First of all, it's we're in Napa we're outdoors. It's beautiful venue, no complaints, right? We're at a golf PGA tournament. Very exciting. Talk to me about the at and T Fordanet relationship. Give me, give me an, a good insight into the partnership. >>Sure, sure. So, as you said, you know, beautiful weather in California, Napa it's my first time. Uh, so it's kind of a new experience for me going back to your question in terms of the relationship between eight P and T and Ford in that, uh, a long lasting, you know, 10 plus years, you know, hand in hand in terms of the product, the technology, the capabilities that we are brought together in the security space for our customers. So a strategic relationship, and I'm so thrilled to be here today as a, Fordanet invited us to be part of the championship. Tommy, >>Talk to me. So your role VP of, and T cybersecurity and edge solutions, give me an, a deep dive into what's in your purview. >>Sure, sure. So I, uh, sort of, you know, run the PNL or the profit and loss center for product management for all of at and T cybersecurity and ed solutions and the whole concept behind putting the teams together is the convergence in networking and security. Um, so, you know, we are supporting the entire customer continuum, whether it's a fortune 50, the fortune 1000 to mid-market customers, to small businesses, to, you know, government agencies, you know, whether it's a local government agency or a school district or a federal agency, et cetera. And my team and I focus on bringing new product and capabilities to the marketplace, you know, working with our sales team from an enablement perspective, go to market strategy. Um, and the whole idea is about, uh, you know, winning in the marketplace, right? So delivering growth and revenue to the business, >>Competitive differentiation. So we've seen so much change in the last year and a half. I know that's an epic understatement, but we've also seen the proliferation at the edge. What are some of the challenges that you're seeing and hearing from customers where that's concerned >>As you stated, right. There's a lot happening in the edge. And sometimes the definition for edge varies when you talk with different people, uh, the way we look at it is, you know, definitely focused on the customer edge, right? So if you think about many businesses, whether I am a, a quick serve restaurant or I'm a banking Institute or a financial services or an insurance agency, or I'm a retail at et cetera, you know, lots of different branches, lots of different transformation taking place. So one way of approaching it is that when you think about the customer edge, you see a lot of virtualization, software driven, a lot of IOT endpoints, et cetera, taking place. So the cyber landscape becomes more important. Now you're connecting users, devices, capabilities, your point of sale system to a multi-cloud environment, and that, you know, encryption of that data, the speed at which it needs to happen, all of that is very important. And as we think ahead with 5g and edge compute and what that evolution revolution is going to bring, it's going to get even more excited because to me, those are kind of like in a playgrounds of innovation, but we want to do it right and keep sort of, you know, cyber and security at the core of it. So we can innovate and keep the businesses safe. >>How do you help customers to kind of navigate edge cybersecurity challenges and them not being synonymous? >>That's a great, great question. You know, every day I see, you know, different teams, different agendas, different kinds of ways of approaching things. And what I tell customers and even my own teams is that, look, we have to have a, a blueprint and architecture, a vision, you know, what are the business outcomes that we want to achieve? What the customer wants to achieve. And then start to look at that kind of technology kind of convergence that is taking place, and especially in the security and the networking space, significant momentum on the convergence and utilize that convergence to create kind of full value stack solutions that can be scaled, can be delivered. So you are not just one and done, but it's a continuous innovation and improvement. And in the security space, you need that, right. It's never going to be one and done. No >>We've seen so much change in the last year. We've seen obviously this rapid pivot to work from home that was overnight for millions and millions of people. We're still in that too. A fair amount. There's a good amount of people that are still remote, and that probably will be permanently there's. Those that are going to be hybrid threat landscape bloated. I was looking at and talking with, um, 40 guard labs and the, the nearly 11 X increase in the last 12 months in ransomware is insane. And the ransomware as a business has exploded. So security is a board level conversation for businesses I assume in any. >>Absolutely. Absolutely. I agree with you, it's a board level conversation. Security is not acknowledged the problem about picking a tool it's about, you know, the business risk and what do we need to do? Uh, you mentioned a couple of interesting stats, right? So we've seen, uh, you know, two things I'll share. One is we've seen, you know, 440 petabytes of data on the at and T network in one average business day. So 440 petabytes of data. Most people don't know what it is. So you can imagine the amount of information. So you can imagine the amount of security apparatus that you need, uh, to Tofino, protect, and defend and provide the right kind of insights. And then the other thing that VOC and along the same lines of what you were mentioning is significant, you know, ransomware, but also significant DDoSs attacks, right? So almost like, you know, we would say around 300% plus said, DDoSs mitigations that we did from last year, you know, year over year. >>So a lot of focus on texting the customer, securing the end points, the applications, the data, the network, the devices, et cetera. Uh, the other two points that I want to mention in this space, you know, again, going back to all of this is happening, right? So you have to focus on this innovation at the, at the speed of light. So, you know, artificial intelligence, machine learning, the software capabilities that are more, forward-looking have to be applied in the security space ever more than ever before, right. Needs these do, we're seeing alliances, right? We're seeing this sort of, you know, crowdsourcing going on of action on the good guys side, right? You see the national security agencies kind of leaning in saying, Hey, let's together, build this concept of a D because we're all going to be doing business. Whether it's a public to public public, to private, private, to private, all of those different entities have to work together. So having security, being a digital trust, >>Do you think that the Biden administrations fairly recent executive order catalyst of that? >>I give it, you know, the president and the, the administration, a lot of, you know, kudos for kind of, and then taking it head on and saying, look, we need to take care of this. And I think the other acknowledgement that it is not just hunting or one company or one agency, right? It's the whole ecosystem that has to come together, not just national at the global level, because we live in a hyper connected world. Right. And one of the things that you mentioned was like this hybrid work, and I was joking with somebody the other day that, and really the word is location, location, location, thinking, network security, and networking. The word is hybrid hybrid hybrid because you got a hybrid workforce, the hybrid cloud, you have a hybrid, you have a hyper-connected enterprise. So we're going to be in this sort of, you know, hybrid for quite some time are, and it has to >>Be secure and an org. And it's, you know, all the disruption of folks going to remote work and trying to get connected. One beyond video conference saying, kids are in school, spouse working, maybe kids are gaming. That's been, the conductivity alone has been a huge challenge. And Affordanet zooming a lot there with links to us, especially to help that remote environment, because we know a lot of it's going to remain, but in the spirit of transformation, you had a session today here at the security summit, talked about transformation, formation plan. We talk about that word at every event, digital transformation, right? Infrastructure transformation, it security. What context, where you talking about transformation in it today? What does it transformation plan mean for your customers? >>That's a great question because I sometimes feel, you know, overused term, right? Then you just take something and add it. It's it? Transformation, network, transformation, digital transformation. Um, but what we were talking today in, in, in the morning was more around and sort of, you know, again, going back to the network security and the transformation that the customers have to do, we hear a lot about sassy and the convergence we are seeing, you know, SD van takeoff significantly from an adoption perspective application, aware to experiences, et cetera, customers are looking at doing things like internet offload and having connectivity back into the SAS applications. Again, secure connectivity back into the SAS applications, which directly ties to their outcomes. Um, so the, the three tenants of my conversation today was, Hey, make sure you have a clear view on the business outcomes that you want to accomplish. Now, the second was work with a trusted advisor and at and T and in many cases is providing that from a trusted advisor perspective. And third, is that going back to the one and done it is not a one and done, right? This is a, is a continuous process. So sometimes we have to be thinking about, are we doing it in a way that we will always be future ready, will be always be able to deal with the security threats that we don't even know about today. So yeah, >>You bring up the term future ready. And I hear that all the time. When you think of man, we really weren't future ready. When the pandemic struck, there was so much that wasn't there. And when I was talking with 49 earlier, I said, you know, how much, uh, has the pandemic been a, uh, a catalyst for so much innovation? I imagine it has been the same thing that >>Absolutely. And, you know, I remember, you know, early days, February, March, where we're all just trying to better understand, right? What is it going to be? And the first thing was, Hey, we're all going to work remote, is it a one week? Is it a two week thing? Right? And then if you're like the CIO or the CSO or other folks who are worried about how am I going to give the productivity tools, right. Businesses in a one customer we work with, again, tobacco innovation was said, Hey, I have 20,000 call center agents that I need to take remote. How do you deliver connectivity and security? Because that call center agent is the bloodline for that business interacting with their end customers. So I think, you know, it is accelerated what would happen over 10 years and 18 months, and it's still unknown, right? So we're still discovering the future. >>There's a, there will be more silver linings to come. I think we'll learn to pick your brain on, on sassy adoption trends. One of the things I noticed in your abstract of your session here was that according to Gardner, the convergence of networking and security into the sassy framework is the most vigorous technology trend. And coming out of 2020, seeing that that's a big description, most vigorous, >>It's a big, big description, a big statement. And, uh, we are definitely seeing it. You know, we saw some of that, uh, in the second half of last year, as the organizations were getting more organized to deal with, uh, the pandemic and the change then coming into this year, it's even more accelerated. And what I mean by that is that, you know, I look at sort of, you know, three things, right? So one is going back to the hybrid work, remote work, work from anywhere, right. So how do you continue to deliver a differentiated experience, highly secure to that workforce? Because productivity, human capital very important, right? The second is that there's a back and forth on the branch transformation. So yes, you know, restaurants are opening back up. Retailers are opening back up. So businesses are thinking about how do I do that branch transformation? And then the third is explosive business IOT. So the IOT end points, do you put into manufacturing, into airports in many industries, we continue to see that. So when you think about sassy and the framework, it's about delivering a, a framework that allows you to protect and secure all of those endpoints at scale. And I think that trend is real. I've seen customer demand, we've signed a number of deals. We're implementing them as we speak across all verticals, healthcare, retail, finance, manufacturing, transportation, government agencies, small businesses, mid-sized businesses. >>Nope, Nope. Not at all. Talk to me about, I'm curious, you've been at, at and T a long time. You've seen a lot of innovation. Talk, talk to me about your perspectives on seeing that, and then what to you think as a silver lining that has come out of the, the acceleration of the last 18 months. >>She and I, I get the question, you know, I've been with at and T long time. Right. And I still remember the day I joined at T and T labs. So it was one of my kind of dream coming out of engineering school. Every engineer wants to go work for a brand that is recognized, right. And I, I drove from Clemson, South Carolina to New Jersey Homedale and, uh, I'm still, you know, you can see I'm still having the smile on my face. So I've, you know, think innovation is key. And that's what we do at, at and T I think the ability to, um, kind of move fast, you know, I think what the pandemic has taught us is the speed, right? The speed at which we have to move the speed at which we have to collaborate the speed at which we have to deliver, uh, to agility has become, you know, the differentiator for all of us. >>And we're focusing on that. I also feel that, uh, you know, there have been times where, you know, product organizations, technology organizations, you know, we struggle with jumping this sort of S-curve right, which is, Hey, I'm holding onto something. Do I let go or not? Let go. And I think the pandemic has taught us that you have to jump the S-curve, you have to accelerate because that is where you need to be in, in a way, going back to the sassy trend, right. It is something that is real, and it's going to be there for the next three to five years. So let's get ready. >>I call that getting comfortably uncomfortable, no businesses safe if they rest on their laurels these days. I think we've learned that, speaking of speed, I wanna, I wanna get kind of your perspective on 5g, where you guys are at, and when do you think it's going to be really impactful to, you know, businesses, consumers, first responders, >>The 5g investments are happening and they will continue to happen. And if you look at what's happened with the network, what at and T has announced, you know, we've gotten a lot of kudos for whatever 5g network for our mobile network, for our wireless network. And we are starting to see that, that innovation and that innovation as we anticipated is happening for the enterprise customers first, right? So there's a lot of, you know, robotics or warehouse or equipment that needs to sort of, you know, connect at a low latency, high speed, highly secure sort of, you know, data movements, compute edge that sits next to the, to the campus, you know, delivering a very different application experience. So we're seeing that, you know, momentum, uh, I think on the consumer side, it is starting to come in and it's going to take a little bit more time as the devices and the applications catch up to what we are doing in the network. And if you think about, you know, the, the value creation that has happened on, on the mobile networks is like, if you think about companies like Uber or left, right, did not exist. And, uh, many businesses, you know, are dependent on that network. And I think, uh, it will carry on. And I think in the next year or two, we'll see firsthand the outcomes and the value that it is delivering you go to a stadium at and T stadium in Dallas, you know, 5g enabled, you know, that the experience is very different. >>I can't wait to go to a stadium again and see it came or live music. Oh, that sounds great. Rubbish. Thank you so much for joining me today, talking about what a T and T is doing with 49, the challenges that you're helping your customers combat at the edge and the importance of really being future. Ready? >>Yes. Thank you. Thank you so much. Really appreciate you having me. Thanks for 49 to invite us to be at this event. Yes. >>Thank you for refresh talk. She I'm Lisa Martin. You're watching the cube at the 40 net championship security summits.

>> Narrator: From around the globe, it's theCUBE, covering Fortinet Security Summit, brought to you by Fortinet. >> Welcome back to theCUBE, Lisa Martin here live in Napa Valley at the Fortinet Championship. This is the site of kickoff to the 2021-22 FedEx Cup regular series. We're here with Fortinet and we're here with one of our distinguished alumni, John Madison, the CMO and EVP of products. John, it's great to see you in person. >> Yes, Lisa it's been a while. >> It has been a while. >> Good to be back here, live. >> I know, you're not on Zoom, you're actually right six feet across from me. >> Yep, look, yes, it's definitely physical. >> It does, talk to me about the PGA and Fortinet. What are some of the synergies? >> There's a lot. I think one of the biggest ones is the culture of the two companies. So I mean, PGA tour, I think they've donated almost $3 billion to charities over the last 15 years, 20 years and we're the same. We would definitely want to give back to the community. We want to make sure we're providing training and education. We're trying to re-skill some of the veterans, for example, over 2000, also women in technology, you may have heard one of the key notes today about that, attempts from a education and training perspective. So there's a lot of synergies between the PGA Tour, and Fortinet from a cultural perspective. >> I love that. Cultural synergy is so important but also some of the initiatives, women in tech, STEM, STEAM, those are fantastic. Give our audience a little overview of what's going on here. We've got over 300 partners and customers here. What are some of the key themes being discussed today? >> Yeah, we're going to try and keep it smaller, this event. We don't want 10,000, 20,000 people. We'll keep it smaller. So about 300 customers and partners, and what we want to do is bring together, you know, the top people in cybersecurity and networking, we want to bring in customers so they can net with each other, we want to bring the partners here. And so, what you're going to see is you can see the tech expo behind you there, where people are talking technology. Some of the keynotes focus on areas like ransomware, for example, and cyber security in different industries. So definitely it's a smaller gathering, but I think it's very focused on cybersecurity and networking. >> Well, that's such an important topic these days. You know, you and I have spoken a number of times this summer by Zoom, and talking about the threat landscape and the changes-- >> Yep. >> And the work from anywhere. When you and I spoke, I think it was in June, you said 25% we expect are going to go back to the office, 25% permanently remote and the other 50 sort of transient. Do you still think given where we are now in September that that's still-- >> Yeah, I'm going to modify my prediction a bit, I think it's going to be hybrid for some time. And I don't think it's just at home or not at home or at work or not at work, I think it's going to be maybe one or two days, or maybe three days versus five days. And so, we definitely see the hybrid mode of about 50% for the next couple of years at least. I think that, you know, ransomware has been in the news a lot. You saw the Colonial, the ransomware has increased. We did a threat report recently. Showed about a 10X increase in ransomware. So, I think customers are very aware of the cybersecurity threats. The damage now is not just sucking information out and IP, it's causing damage to the infrastructure. So definitely the, you know, the attack surface is increased with people working from home, versus in the office, and then you've got the threat landscape, really, really focused on that ransomware piece. >> Yeah, ransomware becoming a household word, I'm pretty sure even my mom knows what that is. And talking about the nearly 11X increase in, what was that, the first half of 2021? >> Yeah, over the last 12 months. And I think what's also happened is ransomware used to be a broad attack. So let me send out, and see if I can find a thousand companies. Again, you saw with the Colonial attack, it's very targeted now as well. So you've got both targeted and broad ransomware campaigns going on. And a lot of companies are just rethinking their cybersecurity strategy to defend against that. And that work from home component is another attack surface. So a lot of companies that were operational technology companies that had air gaps and people would come to work, now that you can remotely get into the network, it's again, you can attack people at home, back into the network. >> Is that a direct correlation that you've saw in the last year, in terms of that increase in ransomware and this sudden shift to working from home? >> Well, I also think there's other components. And so, I think the ransomware organizations, the gangs, could use crypto more reasonably than checks and dollars and stuff like that. So they could get their money out. It became very profitable versus trying to sell credit card data on the dark web. So you saw that component. You also saw, as I said, the attack surface be larger for companies, and so those two things unfortunately have come together, and you know, really seen an exponential rise in attacks. >> Perfect storm. Let's talk about some of your customer conversations and how they've changed and evolved in the last 18 months. Give me a snapshot of when you're talking with customers, what are some of the things that they're coming to you for help, looking for the most guidance? >> Yeah, well I think, you know, the digital innovation transformation is almost accelerated because of, you know, COVID. They've accelerated those programs, especially in industries like retail, where it becomes almost essential now to have that digital connectivity. So they can't stop those programs. They need to accelerate those programs, but as they move those programs faster, again they expand their attack surface. And so, what I'm definitely seeing is a convergence of traditional kind of networking, connectivity, and cybersecurity teams like the CIO and the CSO working on projects jointly. So whether it be the WAN connectivity, or whether it be endpoint, or whether it be cloud, both teams are working much more closely going forward. >> Synergies there that are absolutely essential. Talk to me about what you guys announced with Linksys yesterday, speaking of work from home and how that has transformed every industry. Talk to us about the home work solution powered by Fortinet. >> Yeah, well, we definitely see work from home being there for some time. And so the question is, what do you do there? So I think initially 18 months ago, what happened was companies turned on their, what they call a VPN, which gives them an encrypted access when they went from 5% to a 100% people on the VPN. I speak to customers now and they're saying, that was kind of a temporary solution. It puts an end point security there. It was kind of temporary and now I need a longer-term solution because I can see this at least 50% for the next two years, being this hybrid work from home, and some of them are saying, "Well, let's look at something. Let's try and take the best of enterprise networking and security, and then try and match that with an easy to set up Wi-Fi or routing system." So the two companies, you know, have come together with this joint venture. We're taking Linksys technology from an ease of use at home, it's very simple to set up, you can do it on an app or whatever. And then we integrate the Fortinet technology inside there from a security and enterprise networking. The enterprises can manage themselves, the enterprise component and the consumer can manage their piece. What's very important is that separation as well. So the privacy of your home network, and then to make sure the enterprise piece is secure, and then also introducing some simple, what we call quality of service. So for a business person, things like Teams or Zoom as preference over some of the gaming and downloads of the family. So I think it brings the best of both worlds: ease of use and enterprise security together. >> I'm sure the kids won't like that it's not optimized for gaming, but it is optimized for things like video conferencing which, in the last year we've been dependent on for collaboration and communication. Tell me a little bit about the tuning for video conferencing and collaboration. >> Yeah, so we announced both Zoom and Microsoft Teams, probably the two biggest apps, which I use from a work from home business perspective. And definitely if you've got a normal system at home and your kids they've been downloading something, a new game or something like that, they can just take the whole bandwidth. And so the ability to kind of scale that back and make sure the Zoom meeting or the Teams meeting is first priority, I think is very important, to get that connectivity and that quality of service, but also have that security component as well. >> Yeah, the security component is increasingly important. Talk to me about why Linksys, was COVID the catalyst for this partnership? >> Well, I think we looked at it and we have our own work from home solutions as well. I mean, our own gear. We definitely wanted to find something where we could integrate into more of a ease of use solution set. And it just so happened we were speaking to Linksys on some other things and as soon as we started talking, it was very, very clear that this would be a great relationship and joint venture and so we made the investment. Not just "here's some of our code", we made a substantial investment in Linksys and yeah, we see some other things coming in the future as well. >> Can you talk to me a little bit about what the go to market will be, how can enterprises and consumers get this? >> Yeah. So it's more of an enterprise sale. I know some people think Linksys, they think consumer straight away. For us, this is a sale to the enterprises. So the enterprises buy it, it's a subscription service. So they just pay a monthly fee and they can have different levels of service inside there as well. They will get, you know, for each employee they'll get one, two or three nodes. And then so the, so the enterprise is paying for it, which I think will help a bit and they will manage it through their system, but the consumer will get this kind of a game that's very easy to use, very high speed connectivity, mesh technology. So yes, Linksys will sell some of it as well. But I think, you know, actually Fortinet will be the major kind of go to market because of our 500,000 business customers we have out there. >> Right. And your huge partner network. >> Yes. >> So let's talk about, give me a little bit of a view in terms of the benefit that IT will get leveraging the Linksys home work solution. I imagine that centralized visibility of all the devices connected to the corporate network, even though, wherever the devices are? >> Yeah, it actually extends the corporate network. So not in this initial release, in the second release. In the first release, they can go to a cloud portal and they can manage what they can manage from an enterprise perspective. The employee can go to the same portal, but gets a different view, can manage their piece. In the second release, we'll actually have support in our management systems. So if you're an existing Fortinet customer and you've got our management systems and say you've got, I don't know, 250 sites, and you're managing some of our firewalls or SD WAN systems, You'll be able to see all the employees links as systems as well, in that same management system. But again, there's a separation of duty and privacy where they can just manage the enterprise components, not they can't see the traffic from the employees' side, from the non-business transactions. >> Good. That privacy is key there. Do you think that in a perfect world, would help quiet down some of the perfect storm that we're seeing with ransomware and this explosion, this work from anywhere, work from home, going to be persisting technologies, like what you're doing with Linksys, is going to help make a dent in that spike? >> I think it's a component. So for us, the long term strategy for users, end point, this kind of Linksys component is an element. We also feel like there needs to be a transition of VPN technology into zero trust. So you're limiting again, the access to applications versus the network. And then definitely the third component would be a technology like EDR, which is more behavioral-based versus signature-based. And so you bring all those three together. Absolutely we'll make a dent in ransomware because you're just reducing the attack surface greatly, but also scanning the technology to make sure if you see something, you can act straight away. >> And then pair that with what you guys are doing and the investment that Fortinet's been making for a while in training and helping to fill that cybersecurity skills gap, which is growing year on year. >> Yeah. I speak to a lot of CSOs and CIOs and they go "What's the latest technology? What can you do next?" I say, well, the most important thing you can do is train your people. Train them not to click on that phishing link, right? Because still our numbers are around 6% of employees click on things and it doesn't matter what company you are. And so the education and the training is the one of the core, the most basic steps. We're introducing what we call an IT awareness program as part of NSC, which allows companies to download some tools. And they'll try some phishing emails that go out there, they'll see the response, see how they can (mumbles). So I always say that the people, the social engineering is the first step to try and fix and reduce. That's the biggest attack surface you will have. >> It's getting so sophisticated and so personalized. I mean I've seen examples with training that I've done for various companies where you really have to look 2, 3, 4 times at it and have the awareness alone to know that this might not be legitimate. >> Yeah, especially when people are just clicking on more things because they're going to more places. And so you have to be very careful. You can stop a bunch of that with some rule sets. So the systems, but if they're faking the domain, spear phishing, where they know exactly the context of where the email's coming out, it's hard, but you've just got to be very, very careful. If in doubt don't click on it. >> I agree if in doubt, don't click it. Well, John, it's always great talking to you. Exciting to hear the growth of Fortinet, what you're doing with PGA tour, the synergies there, the cultural synergies and the growth in customers and partners, lots of stuff to come. Can't wait till our next conversation, which I hope is also in person. >> Yes, yes, yes, for sure. You know, I think this is a great venue in that it's- as you can see it's open, which helps a lot. >> Yeah. >> It's not far from our headquarters, just down the road there, we've committed to this event for six or seven years. And so this is our first time, but definitely we're hoping to get out a bit more as we go forward. >> Excellent. I'm glad to see to see a company like Fortinet taking the lead and you look like you're dressed for golf. You said you have meetings, but I'm going to let you go because you probably have to get to that. >> I have a few more meetings. I wish they would leave a little gap for some golf. I'll try and work one as we go forward. >> Yeah. Anyway, John, thank you for joining me, great to see you. For John Madison, I'm Lisa Martin. You're watching theCUBE from the Fortinet Championship Security Summit in Napa. (Upbeat music)

>> It's The Cube covering Fortinet Security Summit brought to you by Fortinet. >> Hey and welcome back to the cubes coverage of Fortinets championship series. Cybersecurity summit here in Napa valley Fortinet is sponsoring the PGA tour event, kicking off the season here, and the cubes here as part of the coverage. And today is cybersecurity day where they bring their top customers in. We got Glenn Katz SVP, general manager, Comcast Enterprise Solutions. Glenn, thanks for coming on The Cube. Thanks for taking time out of your day. - Thank you no This is great. This is great. >> Interviewer: Tell me to explain what you guys do in the Comcast business enterprise group. >> That's our Comcast business. We're a part of Comcast overall. I always like to explain what Comcast really is. If you look at Comcast, it's a technology innovation company by itself that happens to focus on communications and media type of, of markets, right? And if you look at the Comcast side there on the communication side, it's really everything residential with customers. Then there's the us Comcast business and we're the fastest growing entity over the last 15 years within Comcast. And we started in small business, voice, video, and data to small businesses. Then we moved up to provide fiber ethernet type of a transport to mid-market. And then my group started in 2014. And what we do is focus on managed services. It doesn't matter who the transport layer is for enterprise Fortune 1000 type companies. And then when you layer in all these managed wider network services. So that's my business unit. >> Interviewer: Well, we appreciate it we're a customer by the way in Palo Alto >> Glen: Oh great >> So give a shout out to you guys. Let's get into the talk you're giving here about cybersecurity, because I mean, right now with the pandemic, people are working at home. Obviously everyone knows the future of work is hybrid now you're going to see more decentralized defy and or virtual spaces where people are going to want to work anywhere and businesses want to have that extension, right? What people are talking about, and it's not new, but it's kind of new in the sense of reality, right? You've got to execute. This is a big challenge. >> Glen: It is - What's your thoughts on that, >> Well it's a big challenge. And one of the things that I'll try to, I'll speak to this afternoon here, which is at least from the enterprise perspective, which includes the headquarters, the enterprise, the branch locations, the digital commerce, everywhere else, commerce is being done. It's not just at a store anymore. It's everywhere. Even if you only have a store and then you have the remote worker aspect. I mean, they do that to your point earlier. We're not in that fortress sort of security mentality anymore. There's no more DMZs it's done. And so you've got to get down to the zero trust type of network architecture. And how do you put that together? And how does that work? Not just for remote workers that have to access the enterprise applications, but also for simple, you know, consumers or the business customers of these, of these enterprises that have to do business from over the phone or in the store. >> Interviewer: What are the some of the challenges you hear from your customers, obviously, business of the defend themselves now the, the, the attacks are there. There's no parameters. You mentioned no fortress. There's more edge happening, right? Like I said, people at home, what are the top challenges that you're hearing from customers? >> So the biggest challenge, and this is, I would think this is, this is mostly focused on the enterprise side of it is that the is two interesting phenomenons going on. This is sort of beginnings before the pandemic. And then of course the pandemic, the role of the CIO has been elevated to now, they have a real seat at the table. Budgets are increasing to a point, but the expertise needed in these, in these it departments for these large enterprises, it's, it's impossible to do what you were just talking about, which is create a staff of people that can do everything from enterprise applications, e-commerce analytics, the network. How do you secure that network all the way down to the end users? Right? So it's that middle portion. That's the biggest challenge because that takes a lot of work and a lot of effort. And that's where folks like Comcast can come in and help them out. That's their biggest challenge. They can handle the enterprise, they can handle the remote workers. They can handle their own applications, which are continually trying to be, you know, have to be it's competitive out there. It's that middle area, that communications layer that their challenged with. >> Interviewer: Yeah. And John Madison's EVP, CMO Ford. It's always talking about negative unemployment in cybersecurity. Nevermind just the staff that do cyber >> Glen: That's exactly right, that's given. If you're a business, you can't hire people fast enough and you might not have the budget for you want to manage service. So how do you get cyber as a service? >> Glen: Well, so it's even bigger than that. It's not just the cyber as a service because it's now a big package. That's what SASE really is SASE is Secure Access Service Edge. But think of it where I think of it is you've got remote users, remote workers, mobile apps on one side, you've got applications, enterprise or commercial that are now moved into different cloud locations. And in the middle, you've got two real fundamental layers, the network. And, and that includes uh, the actual transport, the software defined wide area, networking components, everything that goes with that, that's the network as a service. And then you've got the secure web gateway portion, which includes everything to secure all the data, going back and forth between your remote laptop, the point of sales. And let's say the cloud based applications, right? So that's really the center stage right there. >> Interviewer: And the cloud has brought more service at the top of the stack. I mean, people thought down stack up stack is kind of like a geeky terms. You're talking about innovation. If you're down stack with network and transport, those are problems that you have to solve on behalf of your customers And make that almost invisible. And that's your job >> That's our job. That's our job is to service provider What's interesting is though back in the day, I mean, when, I mean, back in the day, it could have been 10 years ago in 20. You really, you know, you had stable networks, they were ubiquitous, they were expensive and they were slow. That's kind of the MPLS legacy TDM. Yeah. So you just put them in and you walked away and you still did all your enterprise. You still did all of your applications, but you had your own private data centers. Everything was nicer. It was that fortress mentality right now. It's different. Now everybody needs broadband. Well guess what? Comcast is a big company, but we don't have broadband everywhere. ATT doesn't have it. Verizon doesn't have it Charter doesn't have it. Right. So you need, so now to think about that from enterprise, I'm going to go, I'll give you an example. All of our customers to fulfill a nationwide network, just for the broadband infrastructure, that's, you know, redundant. If you want to think of it that way we, we source probably 200 to 300 different providers to provide an ubiquitous network nationwide for broadband. Then we wrap a layer of the SD wan infrastructure for that, as an example, over the top of that, right? You can't do that by yourself. I mean, people try and they fail. And that's the role of a managed service provider like us is to pull all that together. Take that away. We have that expertise. >> Interviewer: I think this is a really interesting point. Let's just unpack that just for a second. Yeah. In the old days, we want to do an interconnect. You had an agreement. You did, you have your own stuff, do an interconnected connect. >> Glen: Yep. >> Now this, all this mishmash, you got to traverse multiple hops, different networks. >> Glen: That's right >> Different owners, different don't know what's on that. So you guys have to basically stitch this together, hang it together and make it work. And you guys put software on the top and make sure it's cool is that how it works? >> Glen: Yeah. Software and different technology components for the SD wan. And then we would deliver the shore and manager all that. And that's, that's where I really like what's happening in the industry, at least in terminology, which is they try, you have to try to simplify that because it's very, very complicated, but I'm going to give you the network as a service mean, I'm going to give you all the transport and you have to don't have to worry about it. I'm going to rent you the, the SD wan technology. And then I'm going to have in my gateways all these security components for a firewall as a service, zero trust network access, cloud brokerage services. So I will secure all of your data as you go to the cloud and do all of that for you. That's really what we, that's what we bring to the table. And that's what is really, really hard for enterprises to do today. Just because they can't, the expertise needed to do that is just not there. >> Interviewer: Well, what's interesting is that first you have to do it now because the reality of your business now is you don't do it. You won't have customers, but you're making it easier for them. So they don't have to think about it. - [Glen] That's right. >> But now you bring in hybrid networking hybrid cloud, they call it or multi-cloud right. It's essentially a distributed computing and essentially what you're doing, but with multiple typologies, >> Glen: that's right. >> Interviewer: I got an edge device. - [Glen] That's right. If I'm a business. - [Glen] That's right. >> That's where it could be someone working at home >> Glen: That's right. - Or it could be my retail >> Or whatever it could be. So edge is just an extension of what you guys already do. And is that right? Am I getting that right? >> Glen: Yeah that's exactly right. And, and, but the point is, is to make it economic and to make it really work for the end user. If you're a branch, you may have a, a application that's still being run via VPN, but you also need wifi internet for your customers because you want to use your mobile device. They've entered into your store and you want to be able to track that right. And push something to them. And then you've got the actual store applications could be point of sales could be back of house comparing that's going up to AWS. Azura whatever. Right. And that all has to be, it all has to come from one particular branch and someone has to be able to manage that capability. >> Interviewer: It's funny, - Its so different >> Interviewer: just as you're talking, I'm just thinking, okay. Facial recognition, high, high bandwidth requirements, >> Glen: Huge high bandwidth requirements >> Processing at the edge becomes huge. >> Glen: It does. >> So that becomes a new dynamic. >> Glen: It does. It's got to be more dynamic. It's not a static IP end point. >> Glen: Well, I'll give you another an example. Let's say it's, it seems silly, but it's so important from a business perspective, your quick service restaurant, the amount of digital sales from applications are just skyrocketing. And if you yourself, and particularly in the pandemic, you order something, or that goes up to the cloud, comes back through, goes to the point of sales. And then the, the back of house network in a particular restaurant, if that doesn't get there, because one line of you only have one internet connection and it's down, which sometimes happens, right? You lose business, you lose that customer. It's so important. So what's being pushed down to the edge is, you know, reliable broadband hybrid networks, where you have a primary wire line and a secondary wire line, maybe a tertiary wireless or whatever. And then a box, a device that can manage between those two so that you can keep that 99.9, 9% availability at your branch, just for those simple types of applications. >> Interviewer: You know Glenn, you as you're talking most people, when we talk tech, like this is mostly inside the ropes, Hey, I can get it. But most people can relate with the pandemic because they've ordered with their phone on - [Glen] Exactly right >> With the QR code. - [Glen] That's exactly right >> They see the menu - [Glen] That's right >> They get now what's happening - [Glen] That's right that their phone is now connected to the service. >> Glen: That's right >> This is not going away. The new normal. >> Glen: No, it's absolutely here. And what I've seen are there are many, many companies that already knew this and understood this pre pandemic. And they were, they had already changed their infrastructure to really fit what I was calling that network as a service in the SASE model, in different ways. Then there were a bunch that didn't, and I'm not going to name names, but you can look at those companies and you can see how they're, they're struggling terribly. But then there was this. Now there's a, a much bigger push and privatization again, see, I was sending, Hey, I asked for this before. It's not like the CIO didn't know, but management said, well, maybe it wasn't important. Now it is. And so you're seeing this actual amazing surge in business requests and requirements to go to the model that we're all talking about here, which is that SASE type of implementation high-speed broadband. That's not going away for the same reason. And you need a resilient network, right? Yes. >> Interesting. Best practice. Let's just take that advice to the, to the audience. I want to get your thoughts because people who didn't do any R and D or experimentation prior to the pandemic, didn't have cloud. Wasn't thinking about this new architecture got caught flat-footed. -Exactly. >> And they're hurting and or out of business. >> Correct. >> If people who were on the right side of that took advantage as a tailwind and they got lifts. >> That's exactly right. >> So what is the best practice? How should a business think about putting their toe in the water a little bit or jumping in and getting immersed in the new, new architecture? What advice would you give? Because people don't want to be in the wrong side of history. >> No, they don't. >> What's your guy's best practice? >> I may sound biased, but I'm really not trying to be biased. And this'll be some of the I'll speak about here later today. You have to try it. You, as the end user, the enterprise customer, to, to fulfill these types of needs, you've got to really probe your managed service providers. You've got to understand which ones, not just can give you a nice technology presentation and maybe a POC, but who's going to be there for the longterm who has the economic wherewithal to be able to give the resources needed to do what I was talking about, which is you're going to outsource your entire network to me and your sh, and a good portion of your security for the network to a service provider. that service provider has to be able to provide all that has to be able to have the financial capabilities, to be able to provide you with an operating type of model, not you have to buying equipment all the time. That service provider has to be able to have teams that can deliver all of that 200 to 300 different types of providers aggregate all that, and then be there for day two. Simple thing. Like if you know, most companies, if you're not a really large location, you can't afford to, you know, double types of routers that are connected. And if one fails you have fail over, right, most of them will have one router and they'll have, but they'll have two backup paths. Well, what happens is that router or switch, single switch fails? You need to have a meantime to repair a four hours. I mean, that's kind of basic and well do that. How do you do that? You've got to have depots around the entire country. These are the types of questions that any enterprise customers should be probing their managed service provider, right? It's not just about the technology. It's about how can you deliver this and assure this going forward. >> And agility too cause when, if, if things do change rapidly, being agile... >> Exactly >> means shifting and being flexible with your business. >> That's exactly right. And that's important. That's a really important question. And the agility comes from this financial agility, right? Like new threat, new box. I want, I want this old one. I'm going to upgrade to a different type of service. The service providers should be able to do that without me having to force you to go get some more CapEx and buy some more stuff. Cause that's number one. But the other agility is every enterprise is different. Every enterprise believes that its network is the only network in the world and they have opinions and they've tested different technologies. And you're going to have to adapt a little bit to that. And if you don't, you're not going to get out of this. >> It's funny. The old days non-disruptive operations was like a benefit, we have non-disrupt- now it's a table stakes. You can't disrupt businesses. - You can't. You can't at the branch at the remote worker. If you're on a zoom call or whatever, or you're on a teams call, we've all been there. We're still doing it. If it breaks in the middle of a presentation to a customer that's problem. >> Glenn thanks for coming on the cube with great insight. >> Oh great. This was fun. >> Are you exciting and plays golf? You're going to get out there on the range? >> I played, I played golf a lot when I was younger, but I haven't. And so I have a few other things I do, but I guess I'm going to have to learn now that we're also a sponsor of PGA, so yeah, for sure. >> Great. Well, great to have you on - All right thank you and great talk. Thanks for coming on and sharing your insight. >> This was great. I appreciate okay. >> Keep coverage here. Napa valley with Fortinet's Cybersecurity Summit as part of their PGA tour event, that's happening this weekend. I'm John for the Cube. Thanks for watching.

>> Narrator: From around the globe, it's theCUBE, covering Fortinet Security Summit brought to you by Fortinet. >> Welcome to theCUBE. I'm Lisa Martin. We are live at the Fortinet Championship, the PGA Tour Kickoff to the 2021-2022 FedEx Regular Season Cup. And this is so exciting to be here with Fortinet, to be at an in-person event, and to be talking about a very important topic of cybersecurity. One of our alumni is back with me, Sandra Wheatley is here, the SVP of Marketing, Threat Intelligence, and Influencer Communications at Fortinet. Sandra, it's great to see you. >> You too, Lisa. Thank you for having me. >> This is a great event. >> Yeah, it's awesome, yeah. >> Great to be outdoors, great to see people again, and great for Fortinet for being one of the first to come back to in-person events. One of the things I would love to understand is here we are at the PGA tour, what's the relationship with Fortinet and the PGA Tour? >> Well, first of all, I think the PGA tour is an amazing brand. You just have to look around here and it's extremely exciting, but beyond the brand, there's a lot of synergies between the PGA tour and Fortinet CSR initiatives, particularly around STEM, diversity inclusion, as well as veterans rescaling. And so some of the proceeds from the Fortinet Championship will go to benefit local nonprofits and the local community. So that's something we're very excited about overall. >> Lisa: Is this a new partnership? >> It is a new partnership and we will be the Fortinet Championship sponsor for about the next five years. So we're looking forward to developing this partnership and this relationship, and benefiting a lot of nonprofits in the future. >> Excellent, that's a great cause. One of the things, when you and I last saw each other by Zoom earlier in the summer, we were talking about the cybersecurity skills gap. And it's in its fifth consecutive year, and you had said some good news on the front was that data show that instead of needing four million professionals to fill that gap, it's down to three, and now there's even better news coming from Fortinet. Talk to me about the pledge that you just announced to train one million people in the next five years. >> Absolutely, we're very excited about this. You know, Fortinet has been focused on reducing the skills gap for many years now. It continues to be one of the biggest issues for cybersecurity leaders if you think about it. You know, we still need about 3.1 million professionals to come into the industry. We have made progress, but the need is growing at about 400,000 a year. So it's something that public and private partnerships need to tackle. So last week we did announce that we are committed to training a million professionals over the next five years. We're very excited about that. We're tackling this problem in many, many ways. And this really helps our customers and our partners. If you really think about it, in addition to the lack of skills, they're really tackling cybersecurity surface that's constantly changing. In our most recent FortiGuard's threat report, we saw that ransomware alone went up 10 times over the last year. So it's something that we all have to focus on going forward. And this is our way of helping the industry overall. >> It's a huge opportunity. I had the opportunity several times to speak with Derek Manky and John Maddison over the summer, and just looking at what happened in the first half, the threat landscape, we spoke last year, looking at the second half, and ransomware as a service, the amount of money that's involved in that. The fact that we are in this, as Fortinet says, this work from anywhere environment, which is probably going to be somewhat persistent with the attack surface expanding, devices on corporate networks out of the home, there's a huge opportunity for people to get educated, trained, and have a great job in cybersecurity. >> Absolutely, I like to say there's no job security like cybersecurity, and it is. I mean, I've only been in this industry about, I'm coming up on six years, and it's definitely the most dynamic industry of all of the IT areas that I've worked in. The opportunities are endless, which is why it's a little bit frustrating to see this big gap in skills, particularly around the area of women and minorities. Women make up about 20%, and minorities are even less, maybe about 3%. And so this is a huge focus of ours. And so through our Training Advancement Agenda, our TAA initiative, we have several different pillars to attack this problem. And at the core of that is our Network Security Expert Training or NSC training and certification program. We made that freely available to everybody at the beginning of COVID. It was so successful, at one point we we're seeing someone register every five minutes. And that was so successful, we extended that indefinitely. And so to date, we've had about almost 700,000 certifications. So it's just an amazing program. The other pillars are Security Academy Program, where we partner with nonprofits and academia to train young students. And we have something like 419 academies in 88 countries. >> Lisa: Wow. >> And then the other area that's very important to us is our Veterans Program. You know, we have about 250,000 veterans every year, transfer out of the service, looking for other jobs in the private sector. And so not only do we provide our training free, but we do resume building, mentoring, all of these types of initiatives. And we've trained about 2,000 veterans and spouses, and about 350 of those have successfully got jobs. So that's something we'll continue to focus on. >> That's such a great effort. As the daughter of a Vietnam combat veteran, that really just hits me right in the heart. But it's something that you guys have been dedicated for. This isn't something new, this isn't something that is coming out of a result of the recent executive order from the Biden administration. Fortinet has been focused on training and helping to close that gap for a while. >> That's exactly true. While we made the commitment to train a million people on the heels of the Biden administration at Cybersecurity Summit about two weeks ago, we have been focused on this for many years. And actually, a lot of the global companies that were part of that summit happened to be partners on this initiative with us. For example, we work with the World Economic Forum, IBM, and Salesforce offer our NSC training on their training platforms. And this is an area that we think it's really important and we'll continue to partner with larger organizations over time. We're also working with a lot of universities, both in the Bay Area, local like Berkeley, and Stanford and others to train more people. So it's definitely a big commitment for us and has been for many years. >> It'll be exciting to see over the next few years, the results of this program, which I'm sure will be successful. Talk to me a little bit about this event here. Fortinet is 100% partner driven company, more than 300 or so partners and customers here. Tell me a little bit about what some of the interesting topics are that are going to be discussed today. >> Sure, yeah, so we're delighted to bring our partners and customers together. They will be discussing some of the latest innovations in cybersecurity, as well as some of the challenges and opportunities. We are seeing, you know, during COVID we saw a lot of change with regards to cybersecurity, especially with remote working. So we'll discuss our partnership with LYNX that we just announced. We'll also be talking about some of the emerging technologies like CTNA, 5G, SASE, cloud, and really understanding how we can best help protect our customers and our partners. So it's very exciting. In addition to our Technology Summit, we have a technology exhibition here with many of our big sponsors and partners. So it's definitely going to be a lot of dynamic conversation over the next few days. >> We've seen so much change in the last year and a half. That's just an understatement. But one of the things that you touched on this a minute ago, and we're all feeling this is is when we all had to shift to work from home. And here we are using corporate devices on home networks. We're using more devices, the edge is expanding, and that became a huge security challenge for enterprises to figure out how do we secure this. Because for some percentage, and I think John Maddison mentioned a few months ago to me, at least 25% will probably stay remote. Enterprises have to figure out how to keep their data secure as people are often the weakest link. Tell me about what you guys announced with LYNX that will help facilitate that. >> Well, we're announcing an enterprise grade security offering for people who are working remotely. And the nice thing about this offering is it's very easy to set up and implement, so consumers and others can easily set this up. It also provides a dashboard for the enterprise, IT organization to, they can see who's on the network, devices, everything else. So this should really help because we did see a big increase in attacks, really targeting remote workers. As cyber criminals try to use their home as a foothold into the enterprise. So we're very excited about this partnership, and definitely see big demand for this going forward. >> Well, can you tell me about the go-to market for that and where can enterprises and people get it? >> Well, we're still working through that. I know you'll talk with John later on, he'll have more details on that. But definitely, we'll be targeting both of our different sets of customers and the channel for this. And I definitely think this is something that will, it's something that enterprises are definitely looking for, and there'll be more to come on this over the next few months. >> It's so needed. The threat landscape just exploded last year, and it's in a- >> Sandra: Yeah, absolutely. >> Suddenly your home. Maybe your kids are home, your spouse is working, you're distracted, ransomware, phishing emails, so legitimate. >> Sandra: They do. >> Lisa: But the need for what you're doing with LYNX is absolutely essential these days. >> Sandra: Yeah, these threats are so sophisticated. They're really difficult. And the other thing we did in addition to LYNX was as we got into COVID, we saw that, or the most successful organizations were really using this as an opportunity to invest for the longterm in cybersecurity. We also saw that, and this continues to be the case that, the insider threat continues to be one of the biggest challenges, where an employee will accidentally hit on a phishing email. So we did roll out an infosec awareness training, and we made that free for all of our customers and partners. So we're trying to do everything we can to really help our customers through this demanding time. >> Lisa: Right, what are some of the feedback that you're hearing from customers? I'm sure they're very appreciative of the education, the training, the focus effort from Fortinet. >> Sandra: Absolutely, it's definitely huge. And more and more we're seeing partners who want to work with us and collaborate with us on these initiatives. We've had a really positive response from some of the companies that I mentioned earlier, some of the big global names. And we're very excited about that. So we feel like we have some key initiatives on pillars, and we'll continue to expand on those and bring more partners to work with us over time. >> Lisa: Expansion as the business is growing amazingly well. Tell me a little bit about that. >> Sandra: Yeah, I think, in our last quarter we announced our largest billings growth for many, many years. And so, Fortinet, we're been very fortunate over the last few years, has continued to grow faster than the market. We now have half a million customers, and I think our platform approach to security is really being adopted heavily. And we continue to see a lot of momentum, especially around our solutions like SD-WAN. I think we're the only vendor who provides security in SD-WAN appliance. And so that's been a key differentiator for us. The other thing that's increasingly important, especially with the rollout of 5G is performance. And, you know, Fortinet, from the very beginning, created its own customized ASX or SPU, which really provides the best performance in security compute ratings in the industry. So all of this is really helping us with our growth, and we're very excited about the opportunities ahead. >> Lisa: And last question, on that front, what are some of the things that you're excited about as we wrap up 2021 calendar year and go into 2022? >> Sandra: Well, this been very exciting year for Fortinet. And I think we're in a great position to take advantage of many of the different growth areas we're seeing in this new and changing space. And, you know, we're all on board and ready to take advantage of those opportunities, and really fire ahead. >> Lisa: Fire ahead, I like that. Sandra, thank you so much for joining me today, talking about the commitment, the long standing commitment that Fortinet has to training everybody from all ages, academia, veterans, to help close that cybersecurity skills gap. And such an interesting time that we've had. There's so much opportunity, and it's great to see how committed you are to helping provide those opportunities to people of all ages, races, you name it. >> Sandra: Thank you, Lisa, I really appreciate it. >> Lisa: Ah, likewise. For Sandra Wheatley, I'm Lisa Martin. You're watching theCube at the Fortinet Championship Security Summit. (soft bright music)

>> Massachusetts, it's theCUBE! Covering WTG Transform 2019. Brought to you by Winslow Technology Group. >> Welcome back, I'm Stu Miniman, and we're here at WTG Transform 2019, across the Mass Pike from Fenway Park where we're hoping the rain's going to stop in time for the game tonight where we have 189 users here with Winslow Technology, digging in a lot of technology, networking with their peers, and I'm thrilled to have on another one of the ED users on the program. Plamen Dimitrov is director of Information Technology at Kiawah Island Golf Resorts coming to us from South Carolina. Thank you so much for joining us. >> Thank you for having me. >> All right, as I was actually telling you, I'm familiar with Kiawah, my father is retired down to John's Island right off of Charlestown, South Carolina. You have a beautiful golf course there, there've been professional events there, we actually have one of our Cubeos, does some PGA coverage, John Walls, so he and I have talked about Kiawah a few times, but for those of our audience that aren't as familiar, haven't been able to enjoy it, tell us a little bit about Kiawah. >> Kiawah is a beautiful island, over about 10 miles of oceanfront, side, where the Kiawah Golf Resort is spread out. We have different accommodations with a lot of different activities for all ages, starting with the Sanctuary Hotel, which is a Five Star by Forbes and a Five Diamond by AAA. Or you can choose any of our villas from one to eight bedroom villas. We have five beautiful golf courses, which one of them is ocean course, previously hosted Ryder Cup in 1991, and PGA in 2012, and we are also proud to be a host of the PGA 2021, very exciting. Apart of that, we are announced to be Tennis Resort #1 in the world by tennisresortonline.com. We have over 22 tennis course, different variations from car course to clay. On top of that, we have a lot of pools, swimming pools, water parks, a lot of recreation, kayaking. It can be a beautiful journey for any visitors. >> Yeah, so, Plamen I know some of the IT people listening to this are going to be like, "Boy, he's got a tough job there!" Sounds gorgeous, right on the ocean, so many things there, bring us a little bit inside the IT, your world, what that entails, and, boy, there's got to be some different challenges and opportunities that you face, versus the kind of traditional business IT. >> As every island, we have all of our friends, like salty water and all things like that. And besides that, I've mentioned that the company's spread out over 10 miles, we have a total of 23 locations, and all they share the same systems and applications. Our current challenges, from an IT standpoint, are things that not all of the vendors that can keep up with the current technology and the all new and moderns, so we have some, what we call, old school applications, they can't keep up, and then you have the new applications that can be hosted on the Cloud, for instance. In the same time, those applications need to somewhat work with each other and have some interfaces, so this is where we face the, these days a challenge, a little bit, and where our partnership with Winslow, were able to help us determine which is the best route for us. And we determined that having a data center on island, and they have another one off the island, is the best for us to go. They helped us go through the planning of what's the right set up to be used, and I think we're in the right direction. >> Okay, great, so you have two data centers and you're also using Cloud services, if I heard right? >> Correct. >> Okay. There's been a big discussion here, is like, all right, what is the Cloud's strategy and it is an ever changing world and there is no one right answer, so, when you look at yourselves, what is your Cloud strategy today and what makes you help determine where you'll be moving in the future? >> In one of the sessions, they mentioned it's all about checks and balance, and it's to be able to measure how to apply your cash in a way that it makes sense, and one day, maybe, for some applications makes sense to be on premise, another day makes sense to bring it on the Cloud. And I can give you an example, recently what we did was, we were looking into switching to Office 365, pretty much everybody knows about it, and there's a good study that, after you go over a certain threshold, it's much easier to, and much more cost effective, to have something on premise versus going to a Cloud version. Now, again, it depends on the size of the company, it depends on the... Your future projects and goals, for some people it may be different than us. But I think that the future more and more, things will be what's called colocating the Cloud, which is mainly by other providers, and we're going to have two called a key that you can get to those applications from anywhere. >> Plam, bring us inside a little bit that the data centers, you said you have two of them, what's your infrastructure stack look like today? >> We've been looking at the various solutions, hyper-converged, and hybrids, and with the help of Winslow, we determined that sticking to the 3-2-1 traditional solution is the way we go. We use their Compellent products, all flash erase, very flexible and very reliable, very nice speed it provides, performance-wise they're a great product. Then, after that story solution, you have two data switches and then a number of servers. We use, on top of that, the VMware as our hypervisor, along with their VDI environment called Horizon for some remote clients that they don't need much, but that's basically our setup. >> Great, and how long have you been using the Compellent solutions? >> The Compellent solutions, we've been using them for a year and a half, since I joined the company, but my relationship with Winslow goes far back, since 2013 where I used to work for another company here in Nantucket. And the very first person I worked with was John Cliffords from Winslow. Very great guy, and he introduced us to the Dell world. This is when we bought the first EqualLogic and afterwards, I went to Belmont, where we also bought (mumbles), and we just keep going along. >> All right, great, Plamen, last question I have for you, what brings you to an event like this, what were you hoping to get out of it, and how's it been going for you so far? >> Well, what brings me to an event like this, most of the time is on one side to see what Dell has to offer, and some people attend, they'll conference, but I think a place like this, where you have smaller scale conference, it's much more beneficial for me. A, from a learning experience and B, from creating connections, making connections with other users, which this is the best because sales rep can say, "Yeah, this is what you need." But then, from a user perspective, it's priceless to absorb experience. >> All right, well, Plamen Dimitrov, I really appreciate you sharing your journey, and everything that Kiawah Golf Resorts is doing, thank you so much. >> Thank you very much. >> All right, we'll be back with more coverage here from WTG Transform 2019, I'm Stu Miniman, thanks for watching theCUBE. (funky electro music)

Probably Toronto, Canada. It's the cube covering blockchain futurist conference 2018, brought to you by the queue. Hello and welcome back to you keep live covers here in Toronto for the untraceable blockchain uterus conference two days a wall to wall coverage. We were just seeing it here on the coupon shopper host Dave Vellante, Tony Lane, Cuba last night with culture and we have James Mcdonald, head of strategy of Sentinel. He's also a PGA professional golf professional and a boxer. Extraordinary. Welcome to the cube. Thanks. You ever had in my notes. Funny before camera came on. Super exciting. Even though the market's kind of in a downward trough and by the, you know, do its normal cycle and Crypto, tons of energy. The culture is changing. There's a real energy around focusing on high quality builders, high quality individuals. This is a real dynamic projects for good projects for profit is great engineering going on. What could be better for sure, and we've been through the trod so many times. We've gotten to the point that now I just kind of like. I'm like, well, I mean we're here again. You know what I mean? And now it's time for, we figure out right now who's really in it to win it and who's just playing the game. Tell you know what I love about. You've got great energy, great. Already got great culture. You've been around, you've seen it early, you've been involved in a lot of the iterations of the industry that's just now growing to be a baby and his growing up into it's elementary school years. What are you, what's your take? I mean you look at this, I know you do a lot of retreats and self reflection. What's the industry? Where's it come from? Where is it now? How do you feel about what's happening? So I did in blockchain since 2011 and from a price perspective, there's actually a science fiction story that came out on Reddit in 2014 or 13 by someone named, got underscore Nada and it's called I am from the future. And I am here to stop you from what you were doing in this science fiction story. He outlines this pricing curve that basically shows the first five years of bitcoins existence. If no other market factors happen, no outside influence, no qualitative influenced the first five years, 10 x every year, second five years, every other year, 10 x every other year. And what's crazy is that if we wouldn't have had Mt. Gox and some of these other events like bitcoin was only supposed to go to 10 k last year, which is double. So if we wouldn't have had those external events, that pattern would have actually been it. So what's really easy and simple to remember about bitcoin is that it has a scarce supply. That's, I think that's the easiest way to put any of this. And so this is just a period of time. The market over extended itself and it shouldn't have gone realistically past 10 K it doubled. So yeah, I mean that's a if that's to be expected, right? No, no. In my opinion, I looked at either an exercise about six months with my friend. We look at the Nasdaq during the pre bubble days and we'll exchange of the Nasdaq and that's just a small scale relative to global care crypto. It's actually in line with some of the expansion we've seen in other financial market, so I kinda think it's good to have to do curation going on and calling out some of the dead wood, bring it into the better projects. This is kind of the reality now. Rip Good Times. Well, you know Bradley or yesterday at the cloud and blockchain conference posited that wasn't talking about Bitcoin, he was talking about ether. He said there's just too many damn coins and every ICO is most ics anyway. Tied to the theory. Yes, buy it. Well, I mean you can take this one too, but what I see is a decoupling at some point that has to be some sort of decoupling at the moment. Everything is very correlated and I think as time goes on you will see it's like survival of the fittest. Right? So you've got, you've got a lot of blockchains and you've got a lot of tokens on ethereum that want to come off to theory and it's survival of the fittest. I feel like. Yeah, the best ones will prevail and the ones that aren't trusted or secure. Yeah. So talk about who's in it to win it. What do you look for in the contenders versus the pretenders? What are the attributes that you as deep experts in this field look toward the winters? Well, I see as right now we're kind of like a candy that you love coming out with a new flavor. It's like everyone's like, oh yeah, like remember this candy gotta buy it now, but at the end of the day it's pretty much the same candy and she was like a little different sweetener and so we will experience obviously a sharp correction. Yeah, for sure. But I think what's really beautiful about this is it's actually enabling creative potential jobs of the future are not going to be, oh, I know how to do c plus plus now I have a job forever. It's going to be about reinvention at that is the real economy of the future and chains and huge enabler for that new markets are opening up to. So it's not just the reinvention, which I agree, reimagined the reinvention and new markets. Our change was on earlier saying eight and 80 day tour of 10 countries. New markets are exploding. That's just a new markets is rechanging system, not your grandfather's venture capital model, silicon valley or New York or London. It's with the globe. There are many, many reasons to tokenize the world. The thing that, the thing that stands out to me is, you know, when you look at tokenizing securities, the fact that this opens up the free market to everyone, you know, these things can be traded 24 slash seven, three, six, five from anywhere in the world. Traditionally if you want to buy stocks, will streets open for less time than it's been. It's closed and so it. It just opens up the free market to everyone all over the world and to me that's that journalists, you're a professional golfer. Someone use a golf analogy too, because I'd love Golf Golfer, so excellent Golfer. Not a pro, but he could be. I don't keep score with them many times and he never played. She played like, well, why don't you twice a year consistently shoots. There's a little bit hockey and a happy Gilmore going on golf metaphor, so the world that we know that's the centralized governed world banks, big corporations that are being essential. I consider them like a wooden shaft and the old clubs. Now all of a sudden graphite shafts, youth club heads, new technology. The game doesn't really change fundamental APP, but it changes the performance you by that is that a good analogy? Needed to. Perfect analogy. When you go to the golf clubs, then you've got the older members and they don't buy it. They say that the performance doesn't increase with the new technology, but really we know that old stodgy members, it comes down to that people are naturally averse to change. People don't change something that they don't quite understand. They'd naturally dismissed if they don't want to delve in, felt dismiss that and everyone here today is going down this rabbit hole, but there's a hell of a lot of people out there that I didn't really get it. I don't want to get it. So. And they'll dismiss that and they'll even. They'll even talk it down if it threatens them. At the game changes. No, I mean come on. If you look at the current distribution, over time we've moved from tribalized kings and Queens to nation states. Let's hope that we actually enable a redistribution of wealth. I want to see blockchain create the garden of Eden. We're experiencing now is basically same incentives, slightly less bad people, and I feel that if we really use new technology is an opportunity for change. Change is gonna happen and if we make the integration of new technology about experiencing compassion in action as humanity, we changed human perception, human behavior, your understanding of your own limitations. When we enabled real freedom, not just the illusion of freedom as money on Amazon yesterday, which he's with, he's done an amazing work what he's doing to transform the Caribbean islands with exchange changing a society there digitally connected almost 100 percent penetration of mobile. It's incredible. They can't access some basic services society. A new game changer. You're taking an integrative approach to how you interact with people and it's part of your persona. Maybe I'm pushing the golf analogy to bring it, bring it, watching the end of the PGA this week and they were interviewed. Tiger Woods is back and he's comes in and they were interviewing him and he wants to be on the Ryder Cup team. Now, if you've observed him in the Ryder Cup, not great. This is a team sport. The euro's always killed the Americans when the superstar is right and it's sort of the same thing that you're saying. It's the get the haves and have nots. It's a team sport and it's community driven. Increases viewings like you wouldn't need tigers pain. Everyone tunes in, which is great for the sport, for the Americans because they always lose when he plays. I think it would be, you know, why not put him in the team because it's good for the game. It gets people more engaged. He goes and he's been humbled. You know that your thing is there a lock if you the back, you want them involved but you don't want to dominate it. Alright, so guys, let's take it back to reality. You guys are working together on a project we talking, talking you guys, what are you guys working on know about the projects you guys are involved in right now. What James and I do together is we take these skills, we've learned through my life, you a performing artist in his previous life as a professional athlete and we've really taken what we've learned through our knowledge and our network to help entrepreneurs who are driven with integrity and appear to be a success. So it's really, well we do together is we just really, um, and that's, that's what we do both for fun and for enjoyment. And what I'm working on personally, James is the head of strategy at a company and I'll let him get into that when I'm working on personally is global citizenship and my company culture is actually focused on something really integral to the block chain which is capitalizing the market share on the tradition, the transition out of nation states and into oriented and governance models. So we have one layer that's open source for free for the world, for ever to own your agreements and to own your identity as a self sovereign individual stewarded by your community to give everyone more context on each other. And then our for profit businesses basically facebook connects people to their friends, culture connects people to communities and connects communities to dapps that are services and economists basically. And we build that whole ecosystem. So that's really what I'm up to at culture. And then James and I have our own adventure together and James is also had a strategy at center. Yup. Okay. So sentinel is an interoperable network layer for distributed resources. So let me break that down. What block chain technology allows is for you to monetize access resources like access bandwidth, access, GPU or CPU power. And so our first working product is a decentralized vpn. So you know what a vpn is. Sure. So the sentinel, the VPN is distributed. So what that allows you to do for example, is you could access, you can monetize your excess bandwidth by hosting a note that people can connect to it. And the beauty of the decentralized vpn is that it's probable, so all the code is open source and there's proof that the data is actually being kept private, it's encrypted, um, and there's no, there's no centralized or a body or a company that can be shut down or, or forced to give up data or paid for paid for data. It's distributed. So it's fast and it's secure. So yeah, there's a lot of big companies in the crypto space that are very concerned with data privacy and they didn't, may not trump central vpn, traditional centralized vpn paid. So you host your own node, you get paid. It's a marketplace. So anyone in the world can set up their own node, run their own node, help other people obscure their traffic if they don't want. Like for example, Gdpr, if you don't want every website that you visit to monitor literally everything you do, you might want to consider using a vpn for the sake of preserving your own personal privacy and the integrity of your data which you own and rightfully should actually own the monetization value of. So in the world you can have a few node and you guys can pay, people can pay $5 your whole network and use it. So I can sell my xx compute capacity, network bandwidth, the storage sewer. No touching that. A storage, I mean down the line. So it's for, for, for distributed resources. That sentinel. The first product is the dvps yes. Down the line. Yeah. We're going to come up with much more so others could actually plug into that platform like a live stream in China. I can pop on a vpn. There it is. Run Google apps in China because you can run google. Yes. You know, she'd even China. Let's you. Cool. All right guys. Well thanks so much for coming on. Appreciate it. Thanks. Very inspirational. I think there's a lot of mission driven cultural change coming very fast. This next generation coming up is going to be the stewards of making the change happen. It's our job to set the table and get these services out there. Congratulations. Okay. Cube coverage here live in Toronto at the untraceable blockchain futures conference. Two days is the cube wall to wall coverage. I'm John Furrier, stay with us Dave ones continuing the best gas, the most important people. Bring in the great blockchain crypto world together here in Toronto. We'll be right back.