>> From around the globe. It's theCUBE. With digital coverage of IBM Think 2021. Brought to you by IBM. >> Welcome back to theCUBE's ongoing coverage of IBM Think 2021. The virtual cube. You know, the pandemic has caused us to really rethink this whole concept of operational resilience. So we're going to dig into that and talk about the importance of constructing a holistic resilience plan and get the perspective of some really great domain experts. Allen Downs is the Vice President in Global Cloud Security and Resiliency Services at IBM. And he's joined by Ms. Michelle Weston who is the Director of Cloud Security and Resiliency Offerings at IBM. Folks, welcome to theCUBE. Thanks for coming on. >> Thank you. >> Thank you. >> Now, before we get into it, I said, IBM, but I want to ask you Allen, about an announcement you made last month about Kyndryl, new spinout from IBM. What can you tell us? >> Very excited about the name. I think there's a lot of meaning in the name censored around new growth and censored around partnership and relationship. So if you look at the name that was announced, I think it really does typify what we set out to be as a trusted partner in the industry. All born around new growth, censored around strong partnership and relationship. So very pleased and excited. I look forward to the opportunity we have going forward. >> Yeah. Congratulations on that. Add some clarity, Martin Schroeder, new CEO, Cube alum, great exec. Love it. So good luck. Allen, let me stay with you for a second. I mean, operational resilience it means different things to different people. And we know from speaking with CIOs in our community during the pandemic, it doesn't just mean Disaster Recovery. In fact, a lot of CIO said that their business continuing strategy were too focused on DR. Allen, what does operational resilience mean from your perspective? >> So I'll answer it this way. Operational resiliency risk is defined as the quantifiable steps is defined as the quantifiable steps that any client needs to take in order to respond, recover from an unplanned outage. It sits squarely within operational risk and if you think about it operational risk is the kind of non-financial element of risk and defined within that category, operational resiliency risk is trying to identify those steps, trying to identify those steps, both preactive and reactive both preactive and reactive that a client needs to consider that they would have to take in the event of an unplanned disruption or an unplanned outage that would impact their ability to serve their clients or to serve their organization. That's how I define operational resiliency risk. >> Great. And I wonder Michelle if you can add to that, but I think, you know, I sometimes say that the pandemic was like a forced march to digital and part of that was business resilience but you know, where do we go from here? You know, we had 14 months shoved into our face and now we have some time to think about. So how should clients think about evolving their strategies in this regard? >> Yeah, well certainly with respect to what was called NewCo now, Kyndryl, our approach has been advisory-led. We will help clients along this journey. One thing that I'd like to point out and one of the journeys that we've been taking over the last couple of years is it really is about security and resiliency together. If you think of that planning and how to mitigate your operational risk, if the security and resiliency go hand in hand, they're the same people within the organization that are planning for that and worried about it. And so we had already started about three years ago to pull the two together and to have a unified value proposition for clients around security and resiliency both being advisory-led doing everything for a client from project-based to the digital consumption world, which we know clients live in today to a fully managed service all around security and resiliency together. >> Yeah. So, I mean, it's a really important topic. I mean, you heard Chair Powell last month. He was, he was on 60 Minutes saying, well, yeah, yeah. We're worried about inflation but we're way more worried about the security. So, so Allen, where, let's say you're in the virtual conference room with the board of directors, what's that conversation like? Where does it start? >> I think there is a huge concern right now with regards to security and obviously resiliency as well. But if you just think about what we've all been through and what's transpired in the last 12 months, the, what we call the threat landscape has broadened significantly. And therefore clients have had to go through a rapid transformation not just by moving employees to home base, but also their clients having a much higher expectation in terms of access to systems, access to transactions, which are all digital. So you referred to it earlier but the transformation our clients have had to go on driving a higher dependence on those systems that enable them to serve their clients digitally and enable them to and allow the employees to work remotely in this period has increased the dependencies that they have across the environment that are running many of the critical business processes. So the discussion of the boardroom is very much, are we secure? Are we safe? How do we know? How safe and secure and resilient should we be? And based on that facts about how fit, safe and secure should we be, where are we today as an organization? And I think these are the questions that are at the boardroom. It's basically from a resiliency, security perspective where should we be that supports our strategy, vision and our client expectation? And then the second question is very much, where are we today? How do we know that we are secure? How do we know that we can recover from any unplanned or unforeseen disruption to our environments? >> So Michelle, I mean Allen just mentioned the threat surface is expanding and we're just getting started. Everybody's like crazy about 5G, leaning in the Edge, IoT and that's just going to be orders of magnitude by the end of the decade compared to where it is today. So how do you think about the key steps that organizations should take to ensure operational resilience? You know, not only today, but also putting in a roadmap. >> Yeah. Yeah. And one thing that we do know from our clients is those that have actually planned for resiliency and security at the forefront. They tend to do that more effectively and more efficiently. It's much better to do that than to try to do that after an outage. You'll certainly learn a lot but that's not the experience that you want to go through. You want to have that planning and strategy in the forefront as Allen said. In terms of the threat vector, the pandemic brought that on as well. We saw a surgent of cyber attacks, opportunistic attacks. You know, we saw the best of people in the pandemic as well as the worst in people. Some of those attacks were on agencies that were trying to recover or trying to treat the public with respect to the COVID-19 pandemic. So none of us can let our guard down here. I think we can anticipate that that's only going to increase. And with the emergence of these new technologies like Cloud, we know that there's been such a massive benefit to clients. In fact those that were Cloud-enabled sustained their businesses during the pandemic. Full stop. But with that comes a lot more complexity. Those threat vectors increased, 5G, I expect to be the same. So again, resiliency and security have never been more relevant, more important. We see a lot of our clients putting budget there and those that plan for it with a strategic mindset and understand that whatever they have today may be good enough, but in the future they're going to have to invest and continue to evolve that strategy, are those that have done the best. >> Yeah. The bolt-on strategy doesn't really work that well. But, and I, and I wonder if you think about when when we talk to CSOs for example, and you ask them, what's your biggest challenge? They'll say things like lack of talent. We got too many tools. It's just as we're under the hamsters on wheels. So I would think that's, you know, unfortunately for some, but it's good for your, your business. That's a dynamic that you can help with. I mean, you're a services organization. You've got deep expertise in this. So I wonder if you could talk a little bit about that, that lack of talent that skills gap and how you guys address that. >> I think this is really the fit for managed services providers like Kyndryl. Certainly with some of our largest clients, if we look at Pettus as an example, that notion of phone a friend is really important. When it starts to go down, and you're not sure, you know, what you're going to do next, you want the expertise. You want to be able to phone someone and you want to be able to rely on them to help you recover your most critical data. One of the things clients have also been asking us for is a vaulted capability. Almost like the safe deposit box for your data and your critical applications being able to put them somewhere and then in the event of needing to recover, you certainly could call someone to help you do exactly that. >> Allen, I wonder if you could address this. I mean, I like IBM. I was, I'm a customer. I, I trust IBM, what's your relationship? Are you still going to, you know, be able to allow me to tap the pieces that I like and maybe you guys can be more agile in some respects? Maybe you could talk about that a little bit. >> Yeah, sure Dave. And many of our clients we have a long history with and a very positive experience of delivering, you know, market-leading and high, high quality of services and product. The relationship continues. So we will remain very close to IBM and we will continue to work with many of IBM's customers as well, IBM work with our customers going forward. So the relationship I believe whilst the different dynamic, will continue and I believe engenders an opportunity for growth. And, you know, we mentioned it earlier the very name signifies the fact that it's new growth. And I do think that partnership will continue and will continue together to deliver the type of service, the quality of products and services that our clients have you know, enjoyed from IBM over the last number of years. >> Michelle, I might take one of my takeaways from your earlier comments that you guys are hands on, consultative in nature. And I think about the comment I made about a lot of CIOs said we were way too, DR-focused, but when I think about DR, a lot of times it was a checkbox to the board. Hey, we got it. But when was the last time you tested it? Well, we don't test it because it's too risky to test. We do, we do fail over but we don't want to fail back because it's just too risky. Can I stress test? You know, my environment. Are we at the point now where technology and expertise will allow us to do that is that part of what you bring to the table? >> It is exactly what we bring to the table. So from a first of all, from a compliance and regulatory perspective, you no longer have that option. A lot of the auditors are asking you to demonstrate your DR plan. We have technology and I think we've talked about this before. About the automation that we have in our portfolio with resiliency orchestration that allows you to see the risk in your environment on a day-to-day basis, proactively manage it. I tried to recover this. There's a, there's a failure and then you're able to proactively address it. I also give the example from a resiliency work restoration perspective in this very powerful software automation that we have for DR. We've had clients that have come in scheduled a DR Test. It was to be all day they've ordered in lunch. And the DR Test fail over, fail back, took 22 minutes and lunch was canceled. (Dave laughs) >> I love it. >> So that is very powerful and very powerful with an auditor. >> That's awesome. Okay, guys, we got to leave it there. Really great to get the update. Best of luck to you. And congratulations. Thanks for coming on. >> Thank you. >> Thank you so much. >> All right. And thank you for watching. This is Dave Vellante for theCUBE's continuous coverage of IBM Think 2021. Be right back. (calm music)