>>As we've been reporting, the pandemic has called CSOs to really shift their spending priorities towards securing remote workers. Almost overnight. Zero trust has gone from buzzword to mandate. What's more as we wrote in our recent cybersecurity breaking analysis, not only Maseca pro secured increasingly distributed workforce, but now they have to be wary of software updates in the digital supply chain, including the very patches designed to protect them against cyber attacks. Hello everyone. And welcome to this Q conversation. My name is Dave Vellante and I'm pleased to welcome Derek manky. Who's chief security insights, and global threat alliances for four guard labs with fresh data from its global threat landscape report. Derek. Welcome. Great to see you. >>Thanks so much for, for the invitation to speak. It's always a pleasure. Multicover yeah, >>You're welcome. So first I wonder if you could explain for the audience, what is for guard labs and what's its relationship to fortunate? >>Right. So 40 grand labs is, is our global sockets, our global threat intelligence operation center. It never sleeps, and this is the beat. Um, you know, it's, it's been here since inception at port in it. So it's it's 20, 21 years in the making, since Fortinet was founded, uh, we have built this in-house, uh, so we don't go yum technology. We built everything from the ground up, including creating our own training programs for our, our analysts. We're following malware, following exploits. We even have a unique program that I created back in 2006 to ethical hacking program. And it's a zero-day research. So we try to meet the hackers, the bad guys to their game. And we of course do that responsibly to work with vendors, to close schools and create virtual patches. Um, and, but, you know, so it's, it's everything from, uh, customer protection first and foremost, to following, uh, the threat landscape and cyber. It's very important to understand who they are, what they're doing, who they're, uh, what they're targeting, what tools are they using? >>Yeah, that's great. Some serious DNA and skills in that group. And it's, it's critical because like you said, you can, you can minimize the spread of those malware very, very quickly. So what, what now you have, uh, the global threat landscape report. We're going to talk about that, but what exactly is that? >>Right? So this a global threat landscape report, it's a summary of, uh, all, all the data that we collect over a period of time. So we released this, that biannually two times a year. Um, cyber crime is changing very fast, as you can imagine. So, uh, while we do release security blogs, and, uh, what we call threat signals for breaking security events, we have a lot of other vehicles to release threat intelligence, but this threat landscape report is truly global. It looks at all of our global data. So we have over 5 million censorship worldwide in 40 guard labs, we're processing. I know it seems like a very large amount, but North of a hundred billion, uh, threat events in just one day. And we have to take the task of taking all of that data and put that onto scale for half a year and compile that into something, um, that is, uh, the, you know, that that's digestible. That's a, a very tough task, as you can imagine, so that, you know, we have to work with a huge technologies back to machine learning and artificial intelligence automation. And of course our analyst view to do that. >>Yeah. So this year, of course, there's like the every year is a battle, but this year was an extra battle. Can you explain what you saw in terms of the hacker dynamics over the past? Let's say 12 months. I know you do this twice a year, but what trends did you see evolving throughout the year and what have you seen with the way that attackers have exploited this expanded attack surface outside of corporate network? >>Yeah, it was quite interesting last year. It certainly was not normal. Like we all say, um, and that was no exception for cybersecurity. You know, if we look at cyber criminals and how they pivoted and adapted to the scrap threat landscape, cyber cyber criminals are always trying to take advantage of the weakest link of the chain. They're trying to always prey off here and ride waves of global trends and themes. We've seen this before in, uh, natural disasters as an example, you know, um, trying to do charity kind of scams and campaigns. And they're usually limited to a region where that incident happened and they usually live about two to three weeks, maybe a month at the most. And then they'll move on to the next to the next trip. That's braking, of course, because COVID is so global and dominant. Um, we saw attacks coming in from, uh, well over 40 different languages as an example, um, in regions all across the world that wasn't lasting two to three weeks and it lasted for the better part of a year. >>And of course, what they're, they're using this as a vehicle, right? Not preying on the fear. They're doing everything from initial lockdown, uh, fishing. We were as COVID-19 movers to, um, uh, lay off notices then to phase one, reopenings all the way up to fast forward to where we are today with vaccine rollover development. So there's always that new flavor and theme that they were rolling out, but because it was so successful for them, they were able to, they didn't have to innovate too much, right. They didn't have to expand and shifted to new to new trends. And themes are really developed on new rats families as an example, or a new sophisticated malware. That was the first half of the year and the second half of the year. Um, of course people started to experience COVID fatigue, right? Um, people started to become, we did a lot of education around this. >>People started to become more aware of this threat. And so, um, cyber criminals have started to, um, as we expected, started to become more sophisticated with their attacks. We saw an expansion in different ransomware families. We saw more of a shift of focus on, on, um, uh, you know, targeting the digital supply chain as an example. And so that, that was, that was really towards Q4. Uh, so it, it was a long lived lead year with success on the Google themes, um, targeting healthcare as an example, a lot of, um, a lot of the organizations that were, you know, really in a vulnerable position, I would say >>So, okay. I want to clarify something because my assumption was that they actually did really increase the sophistication, but it sounds like that was kind of a first half trends. Not only did they have to adapt and not have to, but they adapt it to these new vulnerabilities. Uh, my sense was that when you talk about the digital supply chain, that that was a fairly sophisticated attack. Am I, am I getting that right? That they did their sort of their, their, their increased sophistication in the first half, and then they sort of deployed it, did it, uh, w what actually happened there from your data? >>Well, if we look at, so generally there's two types of attacks that we look at, we look at the, uh, the premeditated sophisticated attacks that can have, um, you know, a lot of ramp up work on their end, a lot of time developing the, the, the, the weaponization phase. So developing, uh, the exploits of the sophisticated malware that they're gonna use for the campaign reconnaissance, understanding the targets, where platforms are developed, um, the blueprinting that DNA of, of, of the supply chain, those take time. Um, in fact years, even if we look back to, um, uh, 10 plus years ago with the Stuxnet attacks, as an example that was on, uh, nuclear centrifuges, um, and that, that had four different zero-day weapons at the time. That was very sophisticated, that took over two years to develop as an example. So some of these can take years of time to develop, but they're, they're, uh, very specific in terms of the targets are going to go after obviously the ROI from their end. >>Uh, the other type of attack that we see is as ongoing, um, these broad, wide sweeping attacks, and the reality for those ones is they don't unfortunately need to be too sophisticated. And those ones were the ones I was talking about that were really just playing on the cool, the deem, and they still do today with the vaccine road and development. Uh, but, but it's really because they're just playing on, on, um, you know, social engineering, um, using, uh, topical themes. And in fact, the weapons they're using these vulnerabilities are from our research data. And this was highlighted actually the first pop landscape before last year, uh, on average were two to three years old. So we're not talking about fresh vulnerabilities. You've got to patch right away. I mean, these are things that should have been patched two years ago, but they're still unfortunately having success with that. >>So you mentioned stuck next Stuxnet as the former sort of example, of one of the types of attacks that you see. And I always felt like that was a watershed moment. One of the most sophisticated, if not the most sophisticated attack that we'd ever seen. When I talk to CSOs about the recent government hack, they, they, they suggest I infer maybe they don't suggest it. I infer that it was of similar sophistication. It was maybe thousands of people working on this for years and years and years. Is that, is that accurate or not necessarily? >>Yeah, there's definitely a, there's definitely some comparisons there. Uh, you know, one of the largest things is, uh, both attacks used digital circuits certificate personation, so they're digitally signed. So, you know, of course that whole technology using cryptography is designed by design, uh, to say that, you know, this piece of software installed in your system, hassles certificate is coming from the source. It's legitimate. Of course, if that's compromised, that's all out of the window. And, um, yeah, this is what we saw in both attacks. In fact, you know, stocks in that they also had digitally designed, uh, certificates that were compromised. So when it gets to that level of students or, uh, sophistication, that means definitely that there's a target that there has been usually months of, of, uh, homework done by cyber criminals, for reconnaissance to be able to weaponize that. >>W w what did you see with respect to ransomware? What were the trends there over the past 12 months? I've heard some data and it's pretty scary, but what did you see? >>Yeah, so we're actually, ransomware is always the thorn in our side, and it's going to continue to be so, um, you know, in fact, uh, ransomware is not a new itself. It was actually first created in 1989, and they demanded ransom payments through snail mail. This was to appeal a box, obviously that, that, that didn't take off. Wasn't a successful on the internet was porn at the time. But if you look at it now, of course, over the last 10 years, really, that's where it ran. The ransomware model has been, uh, you know, lucrative, right? I mean, it's been, um, using, uh, by force encrypting data on systems, so that users had to, if they were forced to pay the ransom because they wanted access to their data back data was the target currency for ransomware. That's shifted now. And that's actually been a big pivotal over the last year or so, because again, before it was this let's cast a wide net, in fact, as many people as we can random, um, and try to see if we can hold some of their data for ransom. >>Some people that data may be valuable, it may not be valuable. Um, and that model still exists. Uh, and we see that, but really the big shift that we saw last year and the threat landscape before it was a shift to targeted rats. So again, the sophistication is starting to rise because they're not just going out to random data. They're going out to data that they know is valuable to large organizations, and they're taking that a step further now. So there's various ransomware families. We saw that have now reverted to extortion and blackmail, right? So they're taking that data, encrypting it and saying, unless you pay us as large sum of money, we're going to release this to the public or sell it to a buyer on the dark web. And of course you can imagine the amount of, um, you know, damages that can happen from that. The other thing we're seeing is, is a target of going to revenue services, right? So if they can cripple networks, it's essentially a denial of service. They know that the company is going to be bleeding, you know, X, millions of dollars a day, so they can demand Y million dollars of ransom payments, and that's effectively what's happening. So it's, again, becoming more targeted, uh, and more sophisticated. And unfortunately the ransom is going up. >>So they go to where the money is. And of course your job is to, it's a lower the ROI for them, a constant challenge. Um, we talked about some of the attack vectors, uh, that you saw this year that, that cyber criminals are targeting. I wonder if, if, you know, given the work from home, if things like IOT devices and cameras and, you know, thermostats, uh, with 75% of the work force at home, is this infrastructure more vulnerable? I guess, of course it is. But what did you see there in terms of attacks on those devices? >>Yeah, so, uh, um, uh, you know, unfortunately the attack surface as we call it, uh, so the amount of target points is expanding. It's not shifting, it's expanding. We still see, um, I saw, I mentioned earlier vulnerabilities from two years ago that are being used in some cases, you know, over the holidays where e-commerce means we saw e-commerce heavily under attack in e-commerce has spikes since last summer, right. It's been a huge amount of traffic increase everybody's shopping from home. And, uh, those vulnerabilities going after a shopping cart, plugins, as an example, are five to six years old. So we still have this theme of old vulnerabilities are still new in a sense being attacked, but we're also now seeing this complication of, yeah, as you said, IOT, uh, B roll out everywhere, the really quick shift to work from home. Uh, we really have to treat this as if you guys, as the, uh, distributed branch model for enterprise, right. >>And it's really now the secure branch. How do we take, um, um, you know, any of these devices on, on those networks and secure them, uh, because yeah, if you look at the, what we highlighted in our landscape report and the top 10 attacks that we're seeing, so hacking attacks hacking in tabs, this is who our IPS triggers. You know, we're seeing attempts to go after IOT devices. Uh, right now they're mostly, uh, favoring, uh, well in terms of targets, um, consumer grade routers. Uh, but they're also looking at, um, uh, DVR devices as an example for, uh, you know, home entertainment systems, uh, network attached storage as well, and IP security cameras, um, some of the newer devices, uh, what, the quote unquote smart devices that are now on, you know, virtual assistance and home networks. Uh, we actually released a predictions piece at the end of last year as well. So this is what we call the new intelligent edge. And that's what I think is we're really going to see this year in terms of what's ahead. Um, cause we always have to look ahead and prepare for that. But yeah, right now, unfortunately, the story is, all of this is still happening. IOT is being targeted. Of course they're being targeted because they're easy targets. Um, it's like for cybercriminals, it's like shooting fish in a barrel. There's not just one, but there's multiple vulnerabilities, security holes associated with these devices, easy entry points into networks. >>I mean, it's, um, I mean, attackers they're, they're highly capable. They're organized, they're well-funded they move fast, they're they're agile, uh, and they follow the money. As we were saying, uh, you, you mentioned, you know, co vaccines and, you know, big pharma healthcare, uh, where >>Did you see advanced, persistent >>Threat groups really targeting? Were there any patterns that emerged in terms of other industry types or organizations being targeted? >>Yeah. So just to be clear again, when we talk about AP teams, um, uh, advanced, specific correct group, the groups themselves they're targeting, these are usually the more sophisticated groups, of course. So going back to that theme, these are usually the target, the, um, the premeditated targeted attacks usually points to nation state. Um, sometimes of course there's overlap. They can be affiliated with cyber crime, cyber crime, uh, uh, groups are typically, um, looking at some other targets for ROI, uh, bio there's there's a blend, right? So as an example, if we're looking at the, uh, apt groups I had last year, absolutely. Number one I would say would be healthcare. Healthcare was one of those, and it's, it's, it's, uh, you know, very unfortunate, but obviously with the shift that was happening at a pop up medical facilities, there's a big, a rush to change networks, uh, for a good cause of course, but with that game, um, you know, uh, security holes and concerns the targets and, and that's what we saw IPT groups targeting was going after those and, and ransomware and the cyber crime shrine followed as well. Right? Because if you can follow, uh, those critical networks and crippled them on from cybercriminals point of view, you can, you can expect them to pay the ransom because they think that they need to buy in order to, um, get those systems back online. Uh, in fact, last year or two, unfortunately we saw the first, um, uh, death that was caused because of a denial of service attack in healthcare, right. Facilities were weren't available because of the cyber attack. Patients had to be diverted and didn't make it on the way. >>All right. Jericho, sufficiently bummed out. So maybe in the time remaining, we can talk about remediation strategies. You know, we know there's no silver bullet in security. Uh, but what approaches are you recommending for organizations? How are you consulting with folks? >>Sure. Yeah. So a couple of things, um, good news is there's a lot that we can do about this, right? And, um, and, and basic measures go a long way. So a couple of things just to get out of the way I call it housekeeping, cyber hygiene, but it's always worth reminding. So when we talk about keeping security patches up to date, we always have to talk about that because that is reality as et cetera, these, these vulnerabilities that are still being successful are five to six years old in some cases, the majority two years old. Um, so being able to do that, manage that from an organization's point of view, really treat the new work from home. I don't like to call it a work from home. So the reality is it's work from anywhere a lot of the times for some people. So really treat that as, as the, um, as a secure branch, uh, methodology, doing things like segmentations on network, secure wifi access, multi-factor authentication is a huge muscle, right? >>So using multi-factor authentication because passwords are dead, um, using things like, uh, XDR. So Xers is a combination of detection and response for end points. This is a mass centralized management thing, right? So, uh, endpoint detection and response, as an example, those are all, uh, you know, good security things. So of course having security inspection, that that's what we do. So good threat intelligence baked into your security solution. That's supported by labs angles. So, uh, that's, uh, you know, uh, antivirus, intrusion prevention, web filtering, sandbox, and so forth, but then it gets that that's the security stack beyond that it gets into the end user, right? Everybody has a responsibility. This is that supply chain. We talked about. The supply chain is, is, is a target for attackers attackers have their own supply chain as well. And we're also part of that supply chain, right? The end users where we're constantly fished for social engineering. So using phishing campaigns against employees to better do training and awareness is always recommended to, um, so that's what we can do, obviously that's, what's recommended to secure, uh, via the endpoints in the secure branch there's things we're also doing in the industry, um, to fight back against that with prime as well. >>Well, I, I want to actually talk about that and talk about ecosystems and collaboration, because while you have competitors, you all want the same thing. You, SecOps teams are like superheroes in my book. I mean, they're trying to save the world from the bad guys. And I remember I was talking to Robert Gates on the cube a couple of years ago, a former defense secretary. And I said, yeah, but don't, we have like the best security people and can't we go on the offensive and weaponize that ourselves. Of course, there's examples of that. Us. Government's pretty good at it, even though they won't admit it. But his answer to me was, yeah, we gotta be careful because we have a lot more to lose than many countries. So I thought that was pretty interesting, but how do you collaborate with whether it's the U S government or other governments or other other competitors even, or your ecosystem? Maybe you could talk about that a little bit. >>Yeah. Th th this is what, this is what makes me tick. I love working with industry. I've actually built programs for 15 years of collaboration in the industry. Um, so, you know, we, we need, I always say we can't win this war alone. You actually hit on this point earlier, you talked about following and trying to disrupt the ROI of cybercriminals. Absolutely. That is our target, right. We're always looking at how we can disrupt their business model. Uh, and, and in order, there's obviously a lot of different ways to do that, right? So a couple of things we do is resiliency. That's what we just talked about increasing the security stack so that they go knocking on someone else's door. But beyond that, uh, it comes down to private, private sector collaborations. So, uh, we, we, uh, co-founder of the cyber threat Alliance in 2014 as an example, this was our fierce competitors coming in to work with us to share intelligence, because like you said, um, competitors in the space, but we need to work together to do the better fight. >>And so this is a Venn diagram. What's compared notes, let's team up, uh, when there's a breaking attack and make sure that we have the intelligence so that we can still remain competitive on the technology stack to gradation the solutions themselves. Uh, but let's, let's level the playing field here because cybercriminals moved out, uh, you know, um, uh, that, that there's no borders and they move with great agility. So, uh, that's one thing we do in the private private sector. Uh, there's also, uh, public private sector relationships, right? So we're working with Interpol as an example, Interfor project gateway, and that's when we find attribution. So it's not just the, what are these people doing like infrastructure, but who, who are they, where are they operating? What, what events tools are they creating? We've actually worked on cases that are led down to, um, uh, warrants and arrests, you know, and in some cases, one case with a $60 million business email compromise fraud scam, the great news is if you look at the industry as a whole, uh, over the last three to four months has been for take downs, a motet net Walker, uh, um, there's also IE Gregor, uh, recently as well too. >>And, and Ian Gregor they're actually going in and arresting the affiliates. So not just the CEO or the King, kind of these organizations, but the people who are distributing the ransomware themselves. And that was a unprecedented step, really important. So you really start to paint a picture of this, again, supply chain, this ecosystem of cyber criminals and how we can hit them, where it hurts on all angles. I've most recently, um, I've been heavily involved with the world economic forum. Uh, so I'm, co-author of a report from last year of the partnership on cyber crime. And, uh, this is really not just the pro uh, private, private sector, but the private and public sector working together. We know a lot about cybercriminals. We can't arrest them. Uh, we can't take servers offline from the data centers, but working together, we can have that whole, you know, that holistic effect. >>Great. Thank you for that, Derek. What if people want, want to go deeper? Uh, I know you guys mentioned that you do blogs, but are there other resources that, that they can tap? Yeah, absolutely. So, >>Uh, everything you can see is on our threat research blog on, uh, so 40 net blog, it's under expired research. We also put out, uh, playbooks, w we're doing blah, this is more for the, um, the heroes as he called them the security operation centers. Uh, we're doing playbooks on the aggressors. And so this is a playbook on the offense, on the offense. What are they up to? How are they doing that? That's on 40 guard.com. Uh, we also release, uh, threat signals there. So, um, we typically release, uh, about 50 of those a year, and those are all, um, our, our insights and views into specific attacks that are now >>Well, Derek Mackie, thanks so much for joining us today. And thanks for the work that you and your teams do. Very important. >>Thanks. It's yeah, it's a pleasure. And, uh, rest assured we will still be there 24 seven, three 65. >>Good to know. Good to know. And thank you for watching everybody. This is Dave Volante for the cube. We'll see you next time.

>>As we've been reporting, the pandemic has called CSOs to really shift their spending priorities towards securing remote workers. Almost overnight. Zero trust has gone from buzzword to mandate. What's more as we wrote in our recent cybersecurity breaking analysis, not only Maseca pro secured increasingly distributed workforce, but now they have to be wary of software updates in the digital supply chain, including the very patches designed to protect them against cyber attacks. Hello everyone. And welcome to this Q conversation. My name is Dave Vellante and I'm pleased to welcome Derek manky. Who's chief security insights, and global threat alliances for four guard labs with fresh data from its global threat landscape report. Derek. Welcome. Great to see you. >>Thanks so much for, for the invitation to speak. It's always a pleasure. Multicover yeah, >>You're welcome. So first I wonder if you could explain for the audience, what is for guard labs and what's its relationship to fortunate? >>Right. So 40 grand labs is, is our global sockets, our global threat intelligence operation center. It never sleeps, and this is the beat. Um, you know, it's, it's been here since inception at port in it. So it's it's 20, 21 years in the making, since Fortinet was founded, uh, we have built this in-house, uh, so we don't go yum technology. We built everything from the ground up, including creating our own training programs for our, our analysts. We're following malware, following exploits. We even have a unique program that I created back in 2006 to ethical hacking program. And it's a zero-day research. So we try to meet the hackers, the bad guys to their game. And we of course do that responsibly to work with vendors, to close schools and create virtual patches. Um, and, but, you know, so it's, it's everything from, uh, customer protection first and foremost, to following, uh, the threat landscape and cyber. It's very important to understand who they are, what they're doing, who they're, uh, what they're targeting, what tools are they using? >>Yeah, that's great. Some serious DNA and skills in that group. And it's, it's critical because like you said, you can, you can minimize the spread of those malware very, very quickly. So what, what now you have, uh, the global threat landscape report. We're going to talk about that, but what exactly is that? >>Right? So this a global threat landscape report, it's a summary of, uh, all, all the data that we collect over a period of time. So we released this, that biannually two times a year. Um, cyber crime is changing very fast, as you can imagine. So, uh, while we do release security blogs, and, uh, what we call threat signals for breaking security events, we have a lot of other vehicles to release threat intelligence, but this threat landscape report is truly global. It looks at all of our global data. So we have over 5 million censorship worldwide in 40 guard labs, we're processing. I know it seems like a very large amount, but North of a hundred billion, uh, threat events in just one day. And we have to take the task of taking all of that data and put that onto scale for half a year and compile that into something, um, that is, uh, the, you know, that that's digestible. That's a, a very tough task, as you can imagine, so that, you know, we have to work with a huge technologies back to machine learning and artificial intelligence automation. And of course our analyst view to do that. >>Yeah. So this year, of course, there's like the every year is a battle, but this year was an extra battle. Can you explain what you saw in terms of the hacker dynamics over the past? Let's say 12 months. I know you do this twice a year, but what trends did you see evolving throughout the year and what have you seen with the way that attackers have exploited this expanded attack surface outside of corporate network? >>Yeah, it was quite interesting last year. It certainly was not normal. Like we all say, um, and that was no exception for cybersecurity. You know, if we look at cyber criminals and how they pivoted and adapted to the scrap threat landscape, cyber cyber criminals are always trying to take advantage of the weakest link of the chain. They're trying to always prey off here and ride waves of global trends and themes. We've seen this before in, uh, natural disasters as an example, you know, um, trying to do charity kind of scams and campaigns. And they're usually limited to a region where that incident happened and they usually live about two to three weeks, maybe a month at the most. And then they'll move on to the next to the next trip. That's braking, of course, because COVID is so global and dominant. Um, we saw attacks coming in from, uh, well over 40 different languages as an example, um, in regions all across the world that wasn't lasting two to three weeks and it lasted for the better part of a year. >>And of course, what they're, they're using this as a vehicle, right? Not preying on the fear. They're doing everything from initial lockdown, uh, fishing. We were as COVID-19 movers to, um, uh, lay off notices then to phase one, reopenings all the way up to fast forward to where we are today with vaccine rollover development. So there's always that new flavor and theme that they were rolling out, but because it was so successful for them, they were able to, they didn't have to innovate too much, right. They didn't have to expand and shifted to new to new trends. And themes are really developed on new rats families as an example, or a new sophisticated malware. That was the first half of the year and the second half of the year. Um, of course people started to experience COVID fatigue, right? Um, people started to become, we did a lot of education around this. >>People started to become more aware of this threat. And so, um, cyber criminals have started to, um, as we expected, started to become more sophisticated with their attacks. We saw an expansion in different ransomware families. We saw more of a shift of focus on, on, um, uh, you know, targeting the digital supply chain as an example. And so that, that was, that was really towards Q4. Uh, so it, it was a long lived lead year with success on the Google themes, um, targeting healthcare as an example, a lot of, um, a lot of the organizations that were, you know, really in a vulnerable position, I would say >>So, okay. I want to clarify something because my assumption was that they actually did really increase the sophistication, but it sounds like that was kind of a first half trends. Not only did they have to adapt and not have to, but they adapt it to these new vulnerabilities. Uh, my sense was that when you talk about the digital supply chain, that that was a fairly sophisticated attack. Am I, am I getting that right? That they did their sort of their, their, their increased sophistication in the first half, and then they sort of deployed it, did it, uh, w what actually happened there from your data? >>Well, if we look at, so generally there's two types of attacks that we look at, we look at the, uh, the premeditated sophisticated attacks that can have, um, you know, a lot of ramp up work on their end, a lot of time developing the, the, the, the weaponization phase. So developing, uh, the exploits of the sophisticated malware that they're gonna use for the campaign reconnaissance, understanding the targets, where platforms are developed, um, the blueprinting that DNA of, of, of the supply chain, those take time. Um, in fact years, even if we look back to, um, uh, 10 plus years ago with the Stuxnet attacks, as an example that was on, uh, nuclear centrifuges, um, and that, that had four different zero-day weapons at the time. That was very sophisticated, that took over two years to develop as an example. So some of these can take years of time to develop, but they're, they're, uh, very specific in terms of the targets are going to go after obviously the ROI from their end. >>Uh, the other type of attack that we see is as ongoing, um, these broad, wide sweeping attacks, and the reality for those ones is they don't unfortunately need to be too sophisticated. And those ones were the ones I was talking about that were really just playing on the cool, the deem, and they still do today with the vaccine road and development. Uh, but, but it's really because they're just playing on, on, um, you know, social engineering, um, using, uh, topical themes. And in fact, the weapons they're using these vulnerabilities are from our research data. And this was highlighted actually the first pop landscape before last year, uh, on average were two to three years old. So we're not talking about fresh vulnerabilities. You've got to patch right away. I mean, these are things that should have been patched two years ago, but they're still unfortunately having success with that. >>So you mentioned stuck next Stuxnet as the former sort of example, of one of the types of attacks that you see. And I always felt like that was a watershed moment. One of the most sophisticated, if not the most sophisticated attack that we'd ever seen. When I talk to CSOs about the recent government hack, they, they, they suggest I infer maybe they don't suggest it. I infer that it was of similar sophistication. It was maybe thousands of people working on this for years and years and years. Is that, is that accurate or not necessarily? >>Yeah, there's definitely a, there's definitely some comparisons there. Uh, you know, one of the largest things is, uh, both attacks used digital circuits certificate personation, so they're digitally signed. So, you know, of course that whole technology using cryptography is designed by design, uh, to say that, you know, this piece of software installed in your system, hassles certificate is coming from the source. It's legitimate. Of course, if that's compromised, that's all out of the window. And, um, yeah, this is what we saw in both attacks. In fact, you know, stocks in that they also had digitally designed, uh, certificates that were compromised. So when it gets to that level of students or, uh, sophistication, that means definitely that there's a target that there has been usually months of, of, uh, homework done by cyber criminals, for reconnaissance to be able to weaponize that. >>W w what did you see with respect to ransomware? What were the trends there over the past 12 months? I've heard some data and it's pretty scary, but what did you see? >>Yeah, so we're actually, ransomware is always the thorn in our side, and it's going to continue to be so, um, you know, in fact, uh, ransomware is not a new itself. It was actually first created in 1989, and they demanded ransom payments through snail mail. This was to appeal a box, obviously that, that, that didn't take off. Wasn't a successful on the internet was porn at the time. But if you look at it now, of course, over the last 10 years, really, that's where it ran. The ransomware model has been, uh, you know, lucrative, right? I mean, it's been, um, using, uh, by force encrypting data on systems, so that users had to, if they were forced to pay the ransom because they wanted access to their data back data was the target currency for ransomware. That's shifted now. And that's actually been a big pivotal over the last year or so, because again, before it was this let's cast a wide net, in fact, as many people as we can random, um, and try to see if we can hold some of their data for ransom. >>Some people that data may be valuable, it may not be valuable. Um, and that model still exists. Uh, and we see that, but really the big shift that we saw last year and the threat landscape before it was a shift to targeted rats. So again, the sophistication is starting to rise because they're not just going out to random data. They're going out to data that they know is valuable to large organizations, and they're taking that a step further now. So there's various ransomware families. We saw that have now reverted to extortion and blackmail, right? So they're taking that data, encrypting it and saying, unless you pay us as large sum of money, we're going to release this to the public or sell it to a buyer on the dark web. And of course you can imagine the amount of, um, you know, damages that can happen from that. The other thing we're seeing is, is a target of going to revenue services, right? So if they can cripple networks, it's essentially a denial of service. They know that the company is going to be bleeding, you know, X, millions of dollars a day, so they can demand Y million dollars of ransom payments, and that's effectively what's happening. So it's, again, becoming more targeted, uh, and more sophisticated. And unfortunately the ransom is going up. >>So they go to where the money is. And of course your job is to, it's a lower the ROI for them, a constant challenge. Um, we talked about some of the attack vectors, uh, that you saw this year that, that cyber criminals are targeting. I wonder if, if, you know, given the work from home, if things like IOT devices and cameras and, you know, thermostats, uh, with 75% of the work force at home, is this infrastructure more vulnerable? I guess, of course it is. But what did you see there in terms of attacks on those devices? >>Yeah, so, uh, um, uh, you know, unfortunately the attack surface as we call it, uh, so the amount of target points is expanding. It's not shifting, it's expanding. We still see, um, I saw, I mentioned earlier vulnerabilities from two years ago that are being used in some cases, you know, over the holidays where e-commerce means we saw e-commerce heavily under attack in e-commerce has spikes since last summer, right. It's been a huge amount of traffic increase everybody's shopping from home. And, uh, those vulnerabilities going after a shopping cart, plugins, as an example, are five to six years old. So we still have this theme of old vulnerabilities are still new in a sense being attacked, but we're also now seeing this complication of, yeah, as you said, IOT, uh, B roll out everywhere, the really quick shift to work from home. Uh, we really have to treat this as if you guys, as the, uh, distributed branch model for enterprise, right. >>And it's really now the secure branch. How do we take, um, um, you know, any of these devices on, on those networks and secure them, uh, because yeah, if you look at the, what we highlighted in our landscape report and the top 10 attacks that we're seeing, so hacking attacks hacking in tabs, this is who our IPS triggers. You know, we're seeing attempts to go after IOT devices. Uh, right now they're mostly, uh, favoring, uh, well in terms of targets, um, consumer grade routers. Uh, but they're also looking at, um, uh, DVR devices as an example for, uh, you know, home entertainment systems, uh, network attached storage as well, and IP security cameras, um, some of the newer devices, uh, what, the quote unquote smart devices that are now on, you know, virtual assistance and home networks. Uh, we actually released a predictions piece at the end of last year as well. So this is what we call the new intelligent edge. And that's what I think is we're really going to see this year in terms of what's ahead. Um, cause we always have to look ahead and prepare for that. But yeah, right now, unfortunately, the story is, all of this is still happening. IOT is being targeted. Of course they're being targeted because they're easy targets. Um, it's like for cybercriminals, it's like shooting fish in a barrel. There's not just one, but there's multiple vulnerabilities, security holes associated with these devices, easy entry points into networks. >>I mean, it's, um, I mean, attackers they're, they're highly capable. They're organized, they're well-funded they move fast, they're they're agile, uh, and they follow the money. As we were saying, uh, you, you mentioned, you know, co vaccines and, you know, big pharma healthcare, uh, where >>Did you see advanced, persistent >>Threat groups really targeting? Were there any patterns that emerged in terms of other industry types or organizations being targeted? >>Yeah. So just to be clear again, when we talk about AP teams, um, uh, advanced, specific correct group, the groups themselves they're targeting, these are usually the more sophisticated groups, of course. So going back to that theme, these are usually the target, the, um, the premeditated targeted attacks usually points to nation state. Um, sometimes of course there's overlap. They can be affiliated with cyber crime, cyber crime, uh, uh, groups are typically, um, looking at some other targets for ROI, uh, bio there's there's a blend, right? So as an example, if we're looking at the, uh, apt groups I had last year, absolutely. Number one I would say would be healthcare. Healthcare was one of those, and it's, it's, it's, uh, you know, very unfortunate, but obviously with the shift that was happening at a pop up medical facilities, there's a big, a rush to change networks, uh, for a good cause of course, but with that game, um, you know, uh, security holes and concerns the targets and, and that's what we saw IPT groups targeting was going after those and, and ransomware and the cyber crime shrine followed as well. Right? Because if you can follow, uh, those critical networks and crippled them on from cybercriminals point of view, you can, you can expect them to pay the ransom because they think that they need to buy in order to, um, get those systems back online. Uh, in fact, last year or two, unfortunately we saw the first, um, uh, death that was caused because of a denial of service attack in healthcare, right. Facilities were weren't available because of the cyber attack. Patients had to be diverted and didn't make it on the way. >>All right. Jericho, sufficiently bummed out. So maybe in the time remaining, we can talk about remediation strategies. You know, we know there's no silver bullet in security. Uh, but what approaches are you recommending for organizations? How are you consulting with folks? >>Sure. Yeah. So a couple of things, um, good news is there's a lot that we can do about this, right? And, um, and, and basic measures go a long way. So a couple of things just to get out of the way I call it housekeeping, cyber hygiene, but it's always worth reminding. So when we talk about keeping security patches up to date, we always have to talk about that because that is reality as et cetera, these, these vulnerabilities that are still being successful are five to six years old in some cases, the majority two years old. Um, so being able to do that, manage that from an organization's point of view, really treat the new work from home. I don't like to call it a work from home. So the reality is it's work from anywhere a lot of the times for some people. So really treat that as, as the, um, as a secure branch, uh, methodology, doing things like segmentations on network, secure wifi access, multi-factor authentication is a huge muscle, right? >>So using multi-factor authentication because passwords are dead, um, using things like, uh, XDR. So Xers is a combination of detection and response for end points. This is a mass centralized management thing, right? So, uh, endpoint detection and response, as an example, those are all, uh, you know, good security things. So of course having security inspection, that that's what we do. So good threat intelligence baked into your security solution. That's supported by labs angles. So, uh, that's, uh, you know, uh, antivirus, intrusion prevention, web filtering, sandbox, and so forth, but then it gets that that's the security stack beyond that it gets into the end user, right? Everybody has a responsibility. This is that supply chain. We talked about. The supply chain is, is, is a target for attackers attackers have their own supply chain as well. And we're also part of that supply chain, right? The end users where we're constantly fished for social engineering. So using phishing campaigns against employees to better do training and awareness is always recommended to, um, so that's what we can do, obviously that's, what's recommended to secure, uh, via the endpoints in the secure branch there's things we're also doing in the industry, um, to fight back against that with prime as well. >>Well, I, I want to actually talk about that and talk about ecosystems and collaboration, because while you have competitors, you all want the same thing. You, SecOps teams are like superheroes in my book. I mean, they're trying to save the world from the bad guys. And I remember I was talking to Robert Gates on the cube a couple of years ago, a former defense secretary. And I said, yeah, but don't, we have like the best security people and can't we go on the offensive and weaponize that ourselves. Of course, there's examples of that. Us. Government's pretty good at it, even though they won't admit it. But his answer to me was, yeah, we gotta be careful because we have a lot more to lose than many countries. So I thought that was pretty interesting, but how do you collaborate with whether it's the U S government or other governments or other other competitors even, or your ecosystem? Maybe you could talk about that a little bit. >>Yeah. Th th this is what, this is what makes me tick. I love working with industry. I've actually built programs for 15 years of collaboration in the industry. Um, so, you know, we, we need, I always say we can't win this war alone. You actually hit on this point earlier, you talked about following and trying to disrupt the ROI of cybercriminals. Absolutely. That is our target, right. We're always looking at how we can disrupt their business model. Uh, and, and in order, there's obviously a lot of different ways to do that, right? So a couple of things we do is resiliency. That's what we just talked about increasing the security stack so that they go knocking on someone else's door. But beyond that, uh, it comes down to private, private sector collaborations. So, uh, we, we, uh, co-founder of the cyber threat Alliance in 2014 as an example, this was our fierce competitors coming in to work with us to share intelligence, because like you said, um, competitors in the space, but we need to work together to do the better fight. >>And so this is a Venn diagram. What's compared notes, let's team up, uh, when there's a breaking attack and make sure that we have the intelligence so that we can still remain competitive on the technology stack to gradation the solutions themselves. Uh, but let's, let's level the playing field here because cybercriminals moved out, uh, you know, um, uh, that, that there's no borders and they move with great agility. So, uh, that's one thing we do in the private private sector. Uh, there's also, uh, public private sector relationships, right? So we're working with Interpol as an example, Interfor project gateway, and that's when we find attribution. So it's not just the, what are these people doing like infrastructure, but who, who are they, where are they operating? What, what events tools are they creating? We've actually worked on cases that are led down to, um, uh, warrants and arrests, you know, and in some cases, one case with a $60 million business email compromise fraud scam, the great news is if you look at the industry as a whole, uh, over the last three to four months has been for take downs, a motet net Walker, uh, um, there's also IE Gregor, uh, recently as well too. >>And, and Ian Gregor they're actually going in and arresting the affiliates. So not just the CEO or the King, kind of these organizations, but the people who are distributing the ransomware themselves. And that was a unprecedented step, really important. So you really start to paint a picture of this, again, supply chain, this ecosystem of cyber criminals and how we can hit them, where it hurts on all angles. I've most recently, um, I've been heavily involved with the world economic forum. Uh, so I'm, co-author of a report from last year of the partnership on cyber crime. And, uh, this is really not just the pro uh, private, private sector, but the private and public sector working together. We know a lot about cybercriminals. We can't arrest them. Uh, we can't take servers offline from the data centers, but working together, we can have that whole, you know, that holistic effect. >>Great. Thank you for that, Derek. What if people want, want to go deeper? Uh, I know you guys mentioned that you do blogs, but are there other resources that, that they can tap? Yeah, absolutely. So, >>Uh, everything you can see is on our threat research blog on, uh, so 40 net blog, it's under expired research. We also put out, uh, playbooks, w we're doing blah, this is more for the, um, the heroes as he called them the security operation centers. Uh, we're doing playbooks on the aggressors. And so this is a playbook on the offense, on the offense. What are they up to? How are they doing that? That's on 40 guard.com. Uh, we also release, uh, threat signals there. So, um, we typically release, uh, about 50 of those a year, and those are all, um, our, our insights and views into specific attacks that are now >>Well, Derek Mackie, thanks so much for joining us today. And thanks for the work that you and your teams do. Very important. >>Thanks. It's yeah, it's a pleasure. And, uh, rest assured we will still be there 24 seven, three 65. >>Good to know. Good to know. And thank you for watching everybody. This is Dave Volante for the cube. We'll see you next time.

>>from around the globe. It's the Cube with digital coverage of VM World 2020 brought to you by VM Ware and its ecosystem partners. >>Welcome back. I'm stew Minuteman. And this is the Cube coverage of VM World 2020 our 11th year covering the show. And of course, networking has been a big growth story. Four vm where for a number years, going back to the Neisseria acquisition for over billion dollars. Really leveraging all of the virtual networking and SD wins been another hot topic. A couple years ago, it was the Velo Cloud acquisition. And now happy to welcome to the program two of the Velo Cloud business executives. First of all, we have Sanjay you Paul. He is the senior vice president and general manager of that mentioned division of VM Ware. Enjoining him is Craig Connors, whose the vice president and chief technology officer for that same division he was the chief architect of fellow Cloud Craig Sanjay. Thank you for joining us. >>Thank you. >>Thank you. >>Alright, So, Sanjay, first of all nice, you know, call outs and a lot of news that we're gonna get to dig into in the morning Keynote you know Pat Sanjay the team. Uh, you know, a couple of years ago, Pat talked about, you know, the next billion dollar businesses networking your team helping toe add to that. And, ah, a new term thrown out that we're gonna get to talk a little bit about. Our friends at Gartner termed it sassy. So I'll let you, you know, explain a little bit the news that this wonderful new four letter acronym that the Gartner spots that us. Um, why don't you start us there? >>Yeah. I couldn't be more excited to be here at VM World announcing this expansion of what's going on in Ste. Van. So I see Van was all about bringing branch office users to their applications and doing that in a really efficient manner, throwing out all those complex hardware appliances and simplifying everything with software, increasing the quality of experience for the user. But now what has happened is, you know they want security to be dealt off in the same way. Same simplicity and automation, same great user experience. And at the same time, you know, blocking all these attacks that are coming in from various places and covert has just driven that even more meaning that you need to get to networking and network security to be brought together in this simple and automated way while keeping the end user experience be great on while giving I t what they need, which is high security and good manageability. So this acronym sassy, secure access Service edge It really is the bringing together off net networking and network security both as a service. That service angle is really important. And the exciting part about what we're announcing at the at we'd be involved. Here is the expansion off the S, Stephen Pops and Gateways into becoming Sassy pops. And now customers can get a whole slew of services both networking and network security services from the anyway. So that's the announcement. >>Wonderful, Craig. You know, since since since you've helped with so much of the architecture here, I wanna kick out a little bit. When? When it comes to the security stuff that Sandy was talking about. I remember dealing back with land optimization solutions, trying to remember. Okay, wait. When can I compress? When can I encrypt? You know what do I lay on top of it? Um, SD when you know fits into this story, help us understand. What does you Novello Cloud do? What is it from the partner ecosystem? You know, So you know there's there's some good partners that you have helping us. Help us understand. You know what exactly we mean because security is such a broad term. >>Yeah, thanks. So there's four components in the sassy pop that we're bringing together. Obviously, VM Ware Ston is one of those Sanjay mentioned the changing workforce. We have off net users that aren't coming from behind Stu and Branch Mawr and Mawr today. So we also have secure access powered by our workspace. One solution that's bringing those remote users into the sassy pop and then two different security solutions. Secure Web gateway functionality. And that is the next generation secure Web gateway that includes things like DLP and remote browser isolation. And as you saw in the news today that's powered through ROM agreement with Menlo Security. And then we have next Gen firewall ing for securing corporate traffic. And that's powered by our own VM Ware NSX firewall, which has been recently augmented with our last line acquisition. So those are the four key components coming together within our sassy pop. And of course, we also have our continued partnership with the scaler for our our large joint via Mersey Scaler customer base to facilitate that security solution as well. >>Yeah. So, Sanjay, maybe it would make sense. As you said, you've got ah, portfolio now in this market, Uh, got v d I You've got edge walk us. Or if you could, some of the most important use cases for your business. >>Yeah. So you know the use case that has taken off in the last several years since the advent of SD. When is to get sites? So these would be branch offices and a branch office could be an agricultural field. It could be a plane. It could be an oil rig. You know, it could be any one of these. This is a branch office. So these sites how to get them connected to the applications that they need to get access to so telemedicine example. So how do you get doctors, diagnosticians and all that that are sitting in their clinics and hospitals? You get great access to the applications on the applications can be anywhere they don't have to be back in your data centers. You know, after data center consolidation happened, some of the apse you know, we're in the data centers. But then, after the cloud advent came, then the apse were everywhere there in the public cloud, both in I s as well as in SAS. And then now they're moving back towards the edge because of the advent of edge computing. So that's really the primary use case that s Stephen has been all about. And that's where you know, we have staked a claim to be the leader in that space. Now, with Covic, the use cases are expanding and obviously with work from home, you take the same telemedicine example. The doctors and diagnosticians who used to work from hospitals and clinics now have to get it done when they're working from the home. And, of course, this is a business critical app. And so what do you do? How do you get these folks who are at home to get the same quality of experience, the same security, the same manageability, but at the same time, you cannot disturb the other people who are working from home because that is an entire ecosystem. You serve the business user, but you also serve the needs off the home users keeping privacy in mind. So these two cases branch access and then remote access, which great talked about these are the primary use cases, and then they break down by vertical. So depending on whether it's health or it's federal or its manufacturing or its finance, then you have sub use cases underneath that. But this is how we from a from a V C n standpoint, you know, claimed to have 17,000 customers that have deployed our networking solutions. Ah, large fraction of those being our stu and solutions today. >>Yeah. Okay, Craig, one of those terms that gets thrown around a lot in the industry iss scale. I look at certain parts of the market, you know, say kubernetes kubernetes was about, you know, bringing together lots of sites. But now we're spending a lot of time talking about edge, which is a whole different scale. Same thing if you talk about devices and I o t can you speak to us a little bit about, you know, fundamentally, You know that branch architecture, I think, set you up well, but when I start thinking about EJ, it probably is. You know, uh, you know, larger number and some different challenges. So So maybe maybe some differences that happen to happen in the code to make that happen? >>Yeah, absolutely. I mean, I think you know, we've been fortunate in the success that we've had in RST ran deployments. More than 280,000 branches deployed with RST ran solution. So scale is something that's been near and dear to our heart from the beginning. How do you build a multi tenant service in the cloud? How do you build cloud scale? And we brought that aspect into all of these components through container ization, as you mentioned through horizontal scalability, bringing them into our own dedicated pops. Where we control the hardware we control the hyper visor, obviously built on top of the m r E. S s. I that allows us to deliver scale in a way that other competitors may not be able to achieve. >>Yeah, son Sanjay, it's been a couple of years since the acquisition by VM Ware. Give us a little bit of an update, if you would as to, you know, what I'm sure. Obviously, customer reach on adoption greatly increased by by the channel and go to market. But, you know, directionally And you know, any difference in use cases that that you've seen now being part of the M R. >>Yeah, absolutely. No. There's there's been an expansion in the use cases, which is why this fit was very good, meaning Vela Cloud being a part of VM way. So if you look at it, what the wider network does, where the place where you know ties, we tie it all together and tie walk together. If you look at the end User computing, which Greg was mentioning, the clients are digital workspace, workspace. One client. Well, those clients now will connect to our sassy pop. So that's one tie in that obviously we couldn't have and we were an independent company. The other side of it, when you go from the sassy pop into the data center, then we tie into NSX. Not just that the Cloud firewall, but in the data center itself so we can extend micro segmentation. So that's another kid use case that is becoming prevalent. Then the third aspect of this is really when you run inside telecom operators and VM Ware has a very robust business as it goes after telcos with the software stack and so running our gateways running our sassy pops at the telco environment, then gets us to integrate with what's going on with our telecom business unit. We also have what we're doing on our visibility and Tellem entry perspective. So we had acquired a company called Neons A, which were crafting into on edge network intelligence product that then fits into VM Ware's overall. For in the space we have, ah, product suite called We Realize Network Insight. And so that network inside, combined with what we're doing from from a business unit standpoint, gives customers an end to end view from from an individual client through the cloud, even up to an individual container. And so we call this client to cloud to container. All of this is possible because we're part of VM Ware. In the last piece of this is something that's gonna happen. We believe next year, which is edge computing when edge computing comes in. You know, I jokingly say to my team this acronym of Sassy, which is s a s e you gotta insert of sea in the middle. So it becomes s a CSE and out of that pronounced that says sacks E. So I know it sounds a little bit awkward, but that c stands for the compute. So as you put compute in the computer is going to run in the edge, the computer that's going to run in the pop and the sassy is gonna become, you know, sexy. And who better to give that to you than VM Ware? Because, you know, we have that management stack that controls compute for customers today. >>Well, definitely. I think you're you're you're drawing from the Elon Musk school of You know how to name acronyms in products Do so sometimes It's really interesting. Uh, Craig, talk us a little a little bit about that vision to get there, you know? What do we need to do as an industry? How's the product mature? Give us a little bit of that. That that roadmap forward, if you would >>Yeah, I think you know Sassy is really the convergence of five key things. One is this distributed pop architecture. Er So how do you deliver this? Compute and these services near to the customers premise. And that's something that companies like us have have had years of experience and building out. And then the four key components of sassy that we have, you know, zero trust access S t u N next generation firewall ing and secure Web Gateway. We're fortunate, as Sanjay said, to be part of the M where where we don't have to invent some of these components because we already have a works based one and we already have the NSX distributed firewall. And we already have the m r s d when and so ah, lot of companies you'll see are trying to to put all of these parts together. We already had them in house. We're putting them under one umbrella, the one place where we didn't have a technology within VM Ware. That's where we're leveraging these partnerships with memo and see scaler to get it done. >>Sanjay e think the telco use case that you talked about is really important One we've definitely seen, you know, really good adoption from from VM Ware working in those spaces. One place I I wanna understand, though, if you look at vcf and how that moves. Thio ws toe Azure, even toe Oracle's talked about in the keynote this morning. How does SD win fit into just that kind of traditional hybrid cloud deployment we've been talking about for the last couple of years? >>Yeah, that's a great question. So, you know, when you look at Ste Van, that name can notes software defined, but it doesn't. It's not specific to branch office access at all. And when you look at DCF, what VCF is doing is really modernizing your compute stack. And now you can run this modern compute stack of your own data centers. You can run it in the private cloud. You can run it on the public cloud as well, right? So you can put these tax on Amazon, azure, Google and and then run them. So what an STV in architecture allows you to do is not just get your branch and secure users to access the applications that are running on those computes tax. But you can also intermediate between them. So when customers come in and they say that they want simplified networking and security between two public cloud providers, this is the multi cloud use case, then getting that networking toe work in a seamless fashion with high security can be done by an S Stephen architectures. And our sassy pop is perfectly situated to do that. And all you would need to do is add virtual services at the sassy pop. An enterprise customer would come in and they say they want some peanuts here and some VP CS there they want to look at them in an automated fashion. They want to set it up, you know, with the point and click architectures and not have to do all this manual work, and we can get that done. So there's a there's a really good fit between Sassy s Stephen and where VCF is going to solve the multi cloud problem that people are having right now. >>Excellent. I really appreciate that. That that explanation last thing, I guess I'll ask is, you know, here at VM World, I'm sure you've got a lot of breakouts. You've probably got some good customers sharing some of their stories. So anonymous if it has to be. But we would love if you've got either views of some examples, uh, to help bring home that the value that your solutions are delivering. >>Great. When I start with one and then creek and fill in the other one, eso let me start off with the telemedicine example. So we have, you know, customer called M. D. Anderson Cancer Center. And these are the folks in in Texas, and they provide a really, really important service. And that service is, you know, providing patients who are critically ill to give them all the kinds of services, whether they come into the clinic or whether they're across a network connection. And they're radiologists and doctors air sitting at home. So I think it's very important use case and, you know, we started off by deploying in the hospitals and the clinics. But when Cove, it hit there to send a lot of these folks to work from home, and then when they work from home, it's really this device that goes in which you can see here. This is our Belo cloud edge. And this, um, has said in one of the my my favorite song says, There's nothing this box can't do. All right, so this box goes home into the, you know, doctors home, and then they are talking to their patient, getting telemedicine done because it solves the problem off performance. Um, you know that some of those folks have literally said that this thing was a God sent. That's not very often that networking people, you know, have been told that their products are like godsend. So I'll take that to the limit of grain of salt. But we are solving a very important problems increasing the performance were also this is a secure device, so it's not gonna be hacked into and then makes things much more manageable from a nightie standpoint. So this is one of those use cases, and there's plenty of them. But Craig has his favorites all turn it over to him. >>There's so many I could bore you. I think you know one really interesting. One is a new investment banking company that we have is a customer, and they used to go work in the office five days a week, and everything that they did was on their computer in the office and with this pivot to work from home post Kobe, did they think their future is a flexible work workforce where sometimes there in the office and sometimes they're remote. And when the remote there are deep peeing into their desktop, that is sting in their office and with their like to remote access VPN solution, they had to connect, Say, I'm a user sitting in Southern California. I'm connecting my VPN to Chicago to then come across the network back to Los Angeles to get to my desktop so that I can work from home. And now with Sassy, my secure access client from workspace one connects to the closest asi pop I get to my desktop in my office. Tremendously lower, Leighton see tremendously higher quality to experience for the users, whether they're, you know, at home, on the road anywhere they need to access that device. >>Craig Sanjay, thank you so much. Love the customer example. Sanjay. Good job bringing out the box. Uh, show people It's a software world. But the sassy hardware is still needed at times, too. Thanks for joining us. All >>right. Thank you, Stew. Thanks. Great. Cheers. All >>right. Stay with us for more coverage of VM World 2020. I'm still minimum. Thanks. As always for watching the cube

>> Live from Orlando, Florida, it's theCUBE. Covering .conf18, brought to you by Splunk. >> Welcome back to Orlando everybody, home of Disney World, and this week, home of theCUBE. I'm Dave Vellante and he's Stu Miniman. Steven Hatch is here, he's the manager of Enterprise Logging Services at Cox Automotive. Steven, thanks for coming on theCUBE. >> Thank you. >> So, you've been with Splunk for a while, we're here at conf18. Logging services, enterprise logging services. When you think of Splunk, their roots, Splunk go back to, sort of, log files, analyzing log files, it's in your title. (laughs) You must be pretty intimately tied to, as a practitioner, to this capability, but talk about your role and what you do at Cox. >> Primarily, the role is to be the evangelist, the enabler, and the center of excellence when it comes down to getting those best practices propergated within the enterprise. >> So people come to you for advice, council, you play, sort of, internal consultant. What qualified you to do that? You were a practitioner prior to this, so you got your hands dirty and you kind of now, elevated to-- >> My prior role was a Site Operations, or Site Reliability Engineer, and then Manager. And so, having that background, I've been in IT since '96, so I'm a little old in the game, but basically, having that operational knowledge, and knowing how to think big picture when things are happening or transpiring, or the reverse and go back and find that root cause analysis. >> '96, just a pup, my friend, okay? (both laugh) So, talking to Stu, we were talking off camera, about the number of brands that Cox Automotive has, Cox at Kelley Blue Book and at numerous others, like dozens, each of these is kind of it's own data silo. How do you guys go about using Splunk? Are you able to break down some of those silos? Maybe you could share that with us. >> Yeah, so we have been successful on a lot of the big three really, at Kelley Blue Book, Manheim, as well as Auto Trader, to really break in. A lot of that was because of our, already previous, relationships with team members and leaders. On the other side of the coin is the newly acquired companies that are not in Atlanta, Georgia. That are in places like Groton, Connecticut, South Jordan, Utah, Upstate New York, as well as the Toronto area in Canada. And so, WebEx joined me, email just won't cut it. You actually have to sit down with these people and really showcase your business case, your model, and what you're trying to bring to the table. But of course, the approach is always important. >> And are you using Splunk to do that? As a collaboration tool as well? >> Yes sir, yep. >> Explain that a little bit if you would. >> So, a lot of times, as you mentioned, the silos, as a bigger brand now, it's no longer an excuse for you to only be responsible for your data and not showcase it, or share that data. Because we're thinking about the entire life-cycle of Cox Automotive, and this entity of Cox Automotive, that's important to us now. So for you to hold tight, or to hoard your data, or your metrics and not share them, that's not good business anymore. >> Yeah, so Steven, we talked to a lot of companies that do M&A, and it's usually like, well, this is the products we use, these are the structures that we have. One of the things we hear from Splunk is that you can get to your data, your way. How does the Splunk modeling, and how you look at the data, fit into that M&A? Is that an enabler for you to be able to get that in. >> Yeah, and so, when you can showcase the ability of how the data comes in and, quickly. Key word, right? To showcase how that data can be very valuable to them, especially to their stakeholders, that's when light bolts will go off. And, again, it's the stakeholders, and then champions, that we need to bring to the table to make sure that we can get full adoption. >> Yeah, we've also-- Dave's been to the show a few times, it's my first time, and what I've really heard a bunch of is the people that know how to use Splunk, they're super valuable inside of the company. They get training, people inside the company, they look to get hired, tell us a little about what you've seen, what it means to your role inside the company, and as you network with your peers here. >> It's a lot of exposure. A lot of people are very anxious to get some type of insights into their world, their infrastructure, their applications, their business tools. A lot of times, there are people out there that are very savvy from a business perspective, that have a bunch of KPIs in their head, but no one has actually extracted that information from them, and so, our job is to align with their KPIs. You know, over the last couple of years, that's what we've-- the journey that we've been on, is to now revisit the data that we've just ingested. That's the basic foundation. We want to elevate now and really get more mature, and to align with those business KPIs. >> Meaning they got this tribal knowledge in their head, and you want to codify that so that it can be shared. >> Correct. >> How do you go about doing that? Is it sitting in a whiteboard and understanding that? >> It can be a whiteboard, it can be over a coffee. If I need to get on a plane and go see them in person, and to really just listen and ask the questions when it's time but, again, listen and really understand what's important to them, what is important to their business, to their function, to their silos? Cox Automotive has five, of what we call, pillars, where there's international, finance, marketing, retail, or media, and each one of those owners, over time, wants the specific value. >> So if you go and have a chalkboard session, whiteboard session, with one of these folks, how do you operationalize it? You got to figure out where the data exists, so that you can align with what's in their head? Is that right? And then, how do you do that? How do you scale it? >> Well, so, again, you have to start from the top. If you start from the bottom, you'll be in the weeds until the end of time. So that the more efficient manner is to start from the top and realize those KPIs from those leaders, those stakeholders, and then from there, a tool like ITSI, which is basically built around services, entities, and aligning to their service decomposition model, and that right there allows you to stay consistent and efficient on getting that information. >> So you start top down, but ultimately, people are going to want granularity. So you start-- is it top down, bottom up, type of approach? Where you actually drill, drill, drill, drill, drill, and then get to the point where you can answer all those granule questions? And then, by doing that, if I understand it correctly, it sums to the top line, is that fair? >> Yeah, yeah, there's a point in time where you say, you know what? I could really now enhance or enrichen the data by a dataset that I know where it is. So the keypal will get you to a certain point, and then, to find that happy medium, or that common denominator from the data that you already have on premise, or from your apps, wherever they reside, that's where you can meet the gap. >> Otherwise you're never get it done. You'll end up boiling the ocean. >> That's correct, yes sir. >> All right, so, when we talked to you two years ago, you were using Splunk Cloud, you know? And when we talked to practitioners it's-- the things that they're managing, a lot of times now, most of it's not what they own, and so, how do I get the right information? How do I manage that environment? Talk to us a little bit about what you've seen in the maturation of Splunk and Splunk Cloud, if there's anything in 7.2, or Splunk Next, that's exciting you, to help you do your job even better. >> Oh man, so of course, the keynote today, the DSP, the processing layer that's in front of the Cloud, or in front of the indexes now. Where in real time, I can now route data, specifically from a security standpoint. If there's some type of event, without having to go through all the restarts and configuration management and everything else, I can simply put something in there, right there, and move the data, or mask the data. The ability with the infrastructure app, that's exciting to me, as well as all the feature updates for ITSI, enterprise security, as well as the Cloud itself. >> Can we do a little Splunk 101 for my benefit? So I heard today, from one of the product folks, that it used to be when you added another indexer, you had to add storage and compute simultaneously, whether or not you needed the storage, you had to add it, or vise versa. So an indexer is what, is it, essentially, a Splunk node? >> No, it can be a, basically, a Linux host, that actually has the agent running as an indexer with the attached disk. >> Right, okay, and it used to be you had to buy that in chunks, kind of like HCI, right? And you couldn't scale storage independent of compute? >> That's correct. >> What that meant is you were paying for stuff that you might not need. >> Right. >> So, with 7.2, I guess it is, you can split those and you get more granule, or what does that mean for you? >> Well, being a, now four year customer of Splunk Cloud, and anytime we went to the next version of, or license, the next step up, currently we're on about six terabytes. When we go up to eight, that the entailed more indexes being added to the cluster, which meant more time for the replication of search factors to be met, which can take however long, and then, or if there's any kind of issue with the indexer, where one had to be pulled out and another one introduced. How long does that take? Now, with the decoupling of the compute from the storage, it's minutes, and so it's a fraction of the time. >> And if I understand, I understood it real well when it's an appliance, but it's the same architecture if it's done in the Cloud, is that correct? >> It's, essentially, actually, it's a new architecture in my mind, where now it's able to scale more, and then there's-- I'm not sure how much they talked about it, but there's a potential of the elasticity of it. And so, now, I don't have to be so fixed, I can, on certain times, expand the cluster, you know, for search performance, or bring it back down when it's not needed. >> Some of the promise of Cloud. >> Yes, sir, Splunk Cloud. >> So it's like the Billy Dean, the five tool star. You've got the cost, you've got availability, you got speed, you got flexibility, and you've got business value, ultimately, which is what's driving here. So, I take it, I'm inferring here, you'd expect to use this capability in the near future? >> Very much so. >> Great. What else is on your horizon? What are the cool stuff you're working on? And things you want to share with us? >> Well, in addition to our leveraging Splunk Cloud for four years, next year we plan to move away from our current sim tool, into enterprise security. So it's very exciting to hear that they're continually updating that product, and so our security team has been knocking on my door for the last six months to really get that started. So, once we get there, we'll start the migration efforts and get Splunk Cloud now, enabled with the enterprise security, to really empower our security team, and stay ahead of our threats. >> So, I've been around a long time, and, ever since I can remember being in this business, customers have wanted to consolidate the number of vendors with whom they work. But the allure of best of breed always sucks them in to, oh, lets try this, or you get shadow IT. It sounds like, with Splunk, you're approaching this as a platform that you can use for a variety of different use cases. >> That is correct. >> Now, whether or not you reduce the number of vendors is, maybe a separate conversation, but I guess the question I have is, how are you using Splunk in new ways? It sounds like its permutating a line of business, SecOps, etc, is that an accurate picture? If you could describe it. >> Yeah, so Splunk itself, the core is the platform for so many different other functions within the business. You have security, you have the development group, DevOps, where, from a CICD perspective, now they can measure the metrics or the latency in between, when they create a car, say in rally, all the way to the very end of the line, what are all those metrics that are there, that they can leverage to increase their productivity? Obviously, infrastructure. As we consolidate all of our data centers down, wouldn't it be nice to know if these specific low bouncers or switchers are still having traffic to verse them? And to actually get a depiction of the consolidation effort. From a virtualization standpoint, isn't it powerful to know how many devices E6 hosts are actually fully being utilized, and how many are actually vacant? And how much money can be saved if we were actually to turn down those specifics blades or hosts? Or VMs that aren't being leveraged, but they're sitting there, taking up valuable resources. >> I remember when Splunk, right around the time they went public, I remember two instances, maybe three. There was a MPP database company, there was a large three letter firm, and there was an open-source specialist, and I heard the same thing from each of them, was we have the Splunk killer, this was like, five, six years ago. It seems like this Splunk killer was Splunk. And it really never happened. Why is it? Why is Splunk so effective? You obviously see, you know, you're independent, you want to use the best thing for Cox Automotive. What is it about Splunk that sets them apart, puts them in the lead? >> The scale capabilities, having this type of environment with the conferences and the sales group and the support groups, very intentional about listening. Having workshops where they come on premise to help us out on our use cases, to really educate their users, because the more their users are elevated from a knowledge standpoint, the more they will then exercise the application. If they all stay basic, why would I need another component of Splunk? Why would I need enterprise security? Why would I need to expand my subscription into the Cloud? The more I can exercise it, the more I'll need. >> So this is kind of a give, get. They come in knowing that if they expose you to other best practices, you'll going to be more effective in the use of Splunk and you might apply it in to other parts of your business. >> My appetite will grow and my users appetite will grow. >> And these are freebies that they're doing? Services freebies, or are they paid for services? >> Oh yeah, they have no problem coming in, supplying the necessary ammunition, or food, to entice, to have folks come in, but it's powerful to have all the engineers in there to really show us how things work. 'Cause, again, it's a win, win. >> And you're a football fan, I understand? >> Oh, yes, sir. >> Chiefs are your team, right? >> That's correct. >> Were you a football player? >> For a little while, yes. Now I coach, so that's my-- >> And you coach, what? >> Little girls. >> Kiddie football, huh, awesome. Is that Pop Warner these days, still? >> I guess you call it that. >> Flag football or tackle? >> Tackle football >> Really? >> Yep. >> Eight years old? >> Yes, my son is eight and he's playing full back right now, I'm very excited, happy father. >> Is he a big boy, like his dad? >> He's going to be bigger, I think, than his father, yes, sir. (both laugh) >> That's awesome. Well, listen, thanks very much, Steven, for coming on theCUBE, it's really a pleasure meeting you. >> That's appreciated, thank you very much. All right, keep it right there everybody. Stu and I will be back with our next guest. We're live from Splunk .conf18, you're watching theCUBE.

>> Announcer: Live from San Juan, Puerto Rico, it's theCUBE. Covering Blockchain Unbound, brought to you by Blockchain Industries. (upbeat samba music) >> Hey, everyone. Welcome back to our exclusive coverage in Puerto Rico for Blockchain Unbound Global Conference, where everyone from around the world is coming here. And the Blockchain cryptocurrency, a decentralized application market, changing the game, the future of work, future of government, the future of the world happening. The biggest wave in the tech generation we've seen in centuries. And I'm here in Puerto Rico at the Vanderbilt Hotel. Our next guest, Anthony Delgado, the CEO of Disrupt. We're got some real innovative projects around bringing his work and his vision to Puerto Rico. Anthony, thanks for spending the time. >> Thank you for having me. >> So, talk about your project. Tell me a bit about your project. For instance, you learn how to code. What's goin' on with that? You're doing it in New Jersey, in Newark schools there. Just take me in to explain what you're working on. >> Absolutely. So, back in January, I met a gentleman. His name was David, and he's from Puerto Rico, and he's lived in Puerto Rico for the last eight years, and he runs a tourism company. And when the hurricane happened, his for-profit company transformed into a non-profit. And the same trucks that he used to do tours, he start doing humanitarian work. And I met him at an app release party for a client of mine, and he looked me in my face and says, "Anthony, I'm doing to best work of my life." And I was like, "oh my God! "I'm not doing the best work of my life!" And so, we go to a diner, and I had the worst tuna fish sandwich that I've ever had in my life, but the best conversation. And we start brainstorming about how can we transform and help the people of Puerto Rico? So, the first problem is energy. Close to 50 percent of the island still does not have energy. In the capital, in the beautiful place we are now, power has been restored, but there are many cities that are still forgotten. So, me as the tech guy, I'm like, hey, we can do solar panels. Like, there's tons of sunshine in Puerto Rico, right? So, solar energy. And then the next thing he brought to my attention was that the entire economy is actually based on tourism. So, now, with the hurricane and all those things that are in the media, not only did people lose their jobs, ah, not only did people lose their homes, but they lost their job as well. So, we start brainstorming. We're like, okay, well, let's create a coding school to teach the digital skills that are needed, to the people in Puerto Rico. So, we're goin' back and forth, and he said, "Okay, that's a great idea, "but how are these kids going to pay for this school?" So, the concept that we've come up with is to combine education with vacation, and basically encourage people who are paying to go to school in New York City and encourage them to come to Puerto Rico, experience this beautiful island, learn how to code in the a.m. and have an amazing vacation in the p.m. And that's what we're building. So, we're building the Caribbean Institute of Technology, where we combine education with a vacation. >> So, Institute of Technology. We were talking before we came on camera that you were at the Institute of Technology, a school my two brothers went to. Great engineering school, renowned for it's program. You're doing work there there as well, so you're taking your mission of what you're doing there in New Jersey and bringing it to Puerto Rico. Sounds like you were really impacted by that conversation. As you're here in Puerto Rico, what's your assessment? Good call? Are you happy, and what's on your to-do list as you're down here? So, it's beautiful. I mean, I was here two weeks ago, and now I'm back for this global currency conference. I really feel like there's an unlimited amount of opportunity here in the island. It's the strongest internet, there's huge tax incentives if you start a new business here, and it's really a blank canvas. You know, the hurricane was a horrible atrocity that happened, but now we have this blank canvas to create a vision for Puerto Rico. So, we created a foundation. It's called Vision for PR. And the question that we're asking ourselves is: What would we do if we were creating a new city in America today? What would it look like? It would have solar energy. The power lines would be below ground instead of above ground, right? You know, the economy would be based on the digital economy and not tourism, right? So, we look at countries like Bali, we look at countries like India. We look at countries where they have this huge influx of currency that's getting generated from overseas. So, we really want to be part of the driving force that has Puerto Rico being the Hong Kong of the Caribbean. >> And it really is a clean sheet of paper, because certainly the hurricane puts a real awakening to the needs here. And now that you look at the infrastructure and how it needs to be revamped, this is an opportunity to lay down some fat pipes, high-speed internet, loop Blockchain, the Blockchain.edu chain project that they've got goin' on, http://educhain.io is interesting. The young people, they want more. I mean, that's my vibe here, I'd sense. Yet the old guard, they're scared. They want to preserve their culture, yet there's this huge incentive to move beyond tourism. This is an opportunity for Puerto Rico to be sovereign nation at a level that could go significantly higher-level than they are now. So, that's all great. What do you do? I mean, it seems like Brock Pierce is laying down his vision: come here, bring your cash, bring your community, do good. How is the playbook evolving? Because that's a question people want to know How do I come to Puerto Rico, do it right, not offend the culture, enable them, come together? What's your experience with the playbook? >> Absolutely. So, you know, technology and access to the internet, it democratizes the world. You know, now you're on a level playing field. If you have four G connectivity, and you're on an island, you can compete globally and be a part of the global economy. So, really the opportunity here - [Interviewer] Are you going to start a company here? >> Yeah, so we are starting the Caribbean Institute here in Puerto Rico. And um, yes, so we had this-- >> As a separate corporation? >> Separate corporation. So, we have a non-profit that runs in New Jersey called Newark Kids Code, where we teach kids to code, and we really want to take that model and teach people to code here in Puerto Rico as well. So we started a corporation, it's the Caribbean Institute of Technology-- [Interviewer] Is it going to be a virtual school? Is it going to put up a facility? >> No, no, it's in person. It's in person, so, we have the architect right now working on the renderings. I'd love to share those with you as well. >> Well, certainly, we'll publish them on our blog. But so you're going to put an actual location here. So this is your notion of having people take a vacation and work here. >> Yeah, so that's all well and good, but, like you mentioned, how does that help the people from Puerto Rico? So, what we've created is a scholarship program. So, for every single person from the United States or overseas that comes here to take our coding school, we sponsor someone from the island. >> It's like a fellowship. >> Yes. (Interviewer laughs) >> Alright, so what else are you working on? I see Disrupt is your company. Tell us a bit about you and what you do, and what's goin' on with Disrupt. >> Absolutely! So, Disrupt is a media agency based in New York City. And we focus on creating innovative products that change the world. So, we work with clients who have innovative products that are making a big impact. One of the products that we're working on is called True Connect. It's AI for sales people. And basically it syncs with your Google calendar and it gives you recommendations on ways to connect with your clients. So, it gives you a news feed of news stories, but it's not stories that you're personally interested in, it's stories that your clients would be interested in, so you have topics of conversation. >> It's kind of like a reversed Linked In. >> Yes. (Interviewer laughs) A reversed Linked In, absolutely. >> You also do some really important projects that matter to peoples' lives. Talk about the project that you're working on for the autism kids, that's really interesting. Take a moment to explain that. >> Absolutely. So, another one of our clients is Debbie Stone. She has a non-profit called Pop Earth. And it's basically a free school for kids with autism. So, based on that she's starting a IOT company called the Popu Lace. It's an IOT device, it's about the size of a quarter, and it has GPS, 4G connectivity, and it hooks into a student's shoelaces. There's a huge problem with kids with autism, if they wander off from school, they can get hit by a car, and they don't have the communication skills to get found again. So this device puts a geofence around their school-- >> Alzheimer's, there's a zillion use cases. So, geofencing a location, like Snapchat ads they do, but this is for a good reason, safety and impact to people's lives. >> Absolutely. >> Caregivers, too, they matter. >> Yeah, caregivers, people who go mountain climbing, hiking, all of these other use cases. Primarily focusing on children during the beginning, but yes, Alzeimer's, and hikers, and tons of uses for this. >> Great stuff. Congratulations, Anthony, great to have this conversation with you, really inspired. Good luck with the Puerto Rico opportunity, the Caribbean Institute of Technologies. Will it be on the Caribbean, Bahamas? We were just there for Poly Con. Other islands, start at Puerto Rico... >> Absolutely. So, we're actually open-sourcing the floor plan for the building that we're building. So, the building that we're building has solar energy. It's a green building. And we're open-sourcing that floor plan so that anyone in the Caribbeans, South America, anywhere in the world can adopt this model. >> It's the wee work for paying it forward. >> Absolutely. >> Well done, Anthony. Anthony Delgado, CEO of Disrupt, doing amazing work here, paying it forward, contributing here with the Caribbean Institute of Technology. I'm John Ferrier, in Puerto Rico for our on-the ground coverage of Blockchain Unbound. Be back with more. Thanks for watching. >> Thank you for having me.

I[Announcer] Live from Silicon Valley, it's "The Cube." Covering Mobile World Congress 2017. Brought to you by Intel. >> 'Kay welcome back everyone, we are live in Palo Alto for "The Cube" special coverage of Mobile World Congress 2017. We're in our new 4,500 square foot studio, just moved in. We'll be expanding, you'll see a lot more in-studio coverage from "The Cube" as well as our normal going out to the events and extracting. Anyways I'm John Furrier Joining me is Jeff Frick. General manager of "The Cube." But a breakdown, all the action. As you know, we do a lot of data science. We've been watching the grid. We've been on the treadmill all weekend. All last week, digging into the Mobile World Congress. Sentiment, the vibe, the direction, and trying to synthesize all the action. And really kind of bring it all together for everyone here. And of course,we're doing it in Palo Alto. We're going to bring folks in from Silicon Valley that could not have made the trek to Barcelona. We're going to be talking to folks on the phone, who are in Barcelona. You heard from Lynn Comp from Intel. We have Floyd coming up next. CTO and SAP breaking down all the action from their new cloud. And big Apple news. SAP now has a general availability of the iOS native development kit. Which should change the game for SAP. There is tons of smart cities, smart stadiums, you know IOT, autonomous vehicles. So much going on at Mobile World Congress. We're going to break that down every day starting at 8AM. In-studio. And of course, I want to thank Intel for headlining our sponsorship and allowing us to create this great content. With some contributing support from SAP clouds I want to give a shout out, a bit shout out to Intel. Check out their booth. Check out their coverage. And check out their new SAP cloud, that's been renamed from HANA Cloud to SAP cloud. Without their support we wouldn't be able to bring this wall-to-wall great commentary. Jeff so with that aside. We got two days. We've got Laura Cooney coming in. Bob Stefanski managing this bridge between Detroit and Silicon Valley. And all that great stuff. Phones are ringing off the hook here in the studio. Go tweet us by the way at the cube or at ferrier We have Guy Churchwood coming in. We have great content all week. We have entrepreneurs. We have Tom Joyce, a Cube alumni. Who's an executive interviewing for a bunch of CEO positions. Really going to break down the changing aspect of Mobile World Congress. The iPhone's 10 years old. We're seeing now a new step function of disruption. Peter Burris said the most terrible in time. And I even compounded the words by saying and the phones are getting faster. So it's beyond the device. I mean what are you seeing on the grid? When you look at the data out there? >> John a bunch of things as we've been watching the stream of the data that came in and surprised me. First off just a lot of early announcements around Blackberry and Nokia. Who are often not really mentioned as the leaders in the handsets base. Not a place that we cover real extensively. But really kind of, these guys making a move and really taking advantage of the void that Samsung left with some of the Note issues. But what I thought was even more interesting is on our hashtag monitoring tools that IOT and 5G are actually above any of the handset manufacturers. So it really supports a hypothesis that we have that while handsets will be better and there'll be more data enabled by 5G, what 5G's really all about is as an IOT enabler. And really another huge step in the direction of connected devices, autonomous vehicles. We've talked about it. We cover IOT a lot. But I thought that was pretty interesting. >> Well Robo Car's also in there. That's a. >> Well everybody loves a car right. >> Well it's kind of a symbol of the future of the car. Which again ties it all together. >> Right right. The driverless race car, which is pretty interesting. >> Takes sports to a whole other level. >> I thought that was interesting. Another little thing as we watch these digital assistants and these voice assistants John, and I got a couple for Christmas just so I could try them out, is that Motorola announced that they're going to partner with Alexa. And use the Alexa voice system inside of their phones. You know I'm still waiting, I don't know why Siri doesn't have a stand-alone device and really when you use a Google Home versus an Amazon Alexa, very different devices, really different kind of target. So I thought that was an interesting announcement that also came out. But fundamentally it's fun to see the support of IOT and 5G, and really enable this next great wave of distribution, disruption, and opportunity. >> We're going to have Saar Gillia in the studio later today and tomorrow as a guest analyst for us on "The Cube." Of course folks may know Saar from being on "The Cube," he was recently senior vice reporting to Meg Whitman, and built out that teleco service provider, NFV business model for HP. And he's been to Mobile World Congress almost every year. He didn't make it this year, he'll be coming in the studio. And he told me prior to being, extremely vetting him for "The Cube" if you will, to use a Trump term, after extreme vetting of Saar Gillia he really wants to make the point of, and this is going to be critical analysis, kind of poking a hole into the hype, which is he doesn't think that the technology's ready for primetime. And specifically he's going to comment around he doesn't believe that the apps are ready for all this bandwidth. He doesn't think, he thinks that 5G is a solution looking for a problem. And I don't necessarily agree with him, so we'll have a nice commentary. Look for Saar today on "The Cube," at 11:30 he's coming on. It's going to be a little bit of a cage match there with Saar. >> I always go back to the which is the most underrepresented and most impactful law. Which is probably in the short term, in the hype cycle 5G's probably not going to deliver on their promise up to the level of the hype. As we find over and over with these funny things like Bluetooth. Who would ever think Bluetooth would be such an integral part of so many things that we do today? I think over the long term, the mid term, I think the opportunity's giant. >> I meant I think for people to understand 5G, at least the way I always describe it over the weekend, when I was at lacrosse games and soccer games over the weekend, for the folks that aren't in tech, 5G is the holy grail for IOT, mobile cars, and AI. Because what 5G does, it creates that mesh of rf, or rf radio frequency, at a whole other level. You look at the radios that Intel's announcing across their Telco partners, and what Intel's doing really is a game-changer. And we all know LTE, when the signal's low on the phone, everyone freaks out. We all know when WiFi doesn't work, the world kind of comes to a crawl. I mean just think 15 years ago wifi wasn't even around. So now think about the impact of just what we rely on with the digital plumbing called wireless. >> [Jeff] Right, right. >> When you think about the impact of going around the fiber to the home, and the cost it takes, to bring fiber to, Lynn Comp was commenting on that. So having this massively scalable bandwidth that's a radio frequency wireless is just a game-changing thing you can do. Low latency, 10 20 gig, that's all you need. Then you're going to start to see the phones change and the apps change. And as Peter Burris said a turbulent change of value propositions will emerge. >> It's funny at RSA a couple of weeks back the chatter was the people at RSA, they don't use wifi. You know, they rely on secure mobile networks. And so 5G is going to enable that even more, and as you said, if you can get that bandwidth to your phone in a safer, and secure, more trusted way, you know what is the impact on wifi and what we've come to expect on our devices and the responsiveness. And all that said, there will be new devices, there will be new capabilities. And I guess the other thing that's kind of funny is that of course the Oscar's made their way up to the, on the board. I thought that might wipe everything out after last night. But no IOT and 5G is still above Oscar's on the trending hashtag. >> Well I mean, Oscar's bring up... It's funny we all watch the Oscar's. There was some sort of ploy, but again, you bring up entertainment with the Oscar's. You look at what Hollywood's going through, and the Hollywood Reporter had an article talking about Reed Hastings with Netflix, he talked today really kind of higher end video so the entertainment business is shifting the court cutting is happening, we're seeing more and more what they call over the top. And this is the opportunity for the service providers but also for the entertainment industry. And with social media and with all these four form factors changing the role of media will be a packet data game. And how much can you fit in there? Whether it's e-sports to feature film making, the game is certainly changing. And again, I think Mobile World Congress is changing so radically. It's not just a device show anymore, it's not about the handset. It's about what the enablement is. I think that's why the 5G impact is interesting. And making it all work together, because a car talking to this device, it's complicated. So there's got to be the glue, all kind of new opportunities. So that's what I'm intrigued by. The Intel situation where you've got two chip guys battling it out for who's going to be that glue layer under the hood >> Right and if you look at some of the quotes coming out of the show a lot of the high-level you got to get away from the components and get into the systems and solutions, which we hear about over and over and over again. It's always about systems and solutions. I think they will find a problem to solve, with the 5G. I think it's out there. But it is... >> My philosophy Jeff is kill me with the bandwidth problem. Give me more bandwidth, I will consume more bandwidth. I mean look at compute pal as an example. People thought Morse law was going to cap out a decade ago. You look at the compute power in the chips with the cloud, with Amazon and the cloud providers it's almost infinite computes. So then the role of data comes in. So now you got data, now you got mobile, I think give us more bandwidth, I think the apps have no problem leveling up. >> [Jeff] Sucking it up. >> And that's going to be the debate with Saar. >> It's the old chip. The Intel Microsoft thing where you know, Intel would come out with a faster chip then the OS with eat more of it as part of the OS. And it kept going and going. We've talked through a lot of these John and if you're trying to predict the future and building for the future you really have to plan now for almost infinite bandwidth for free. Infinite storage for free, infinite compute for free. And while those curves are kind of asymptotically free they're not there yet. That is really the world in which we're heading. And how do you reshape the way you design apps, experiences, interphases without those constraints, which before were so so significant. >> I'm just doing a little crowd check here, you can go to crowdcheck.net/mwc if you want to leave news links or check in with the folks chatting. And I was just talking to SAP and SAP had the big Apple news. And one of the things that's interesting and Peter Burris talked about this on our opening this morning is that confluence between the consumer business and then the infrastructures happening. And that it was called devos but now you're starting to see the developers really focusing on the business value of technology. But yet it's not all developers even though people say the developers, the new king-makers, well I would say that. But the business models still is driven by the apps. And I think developers are certainly closer to the front lines. But I think you're going to start to see a much more tighter coupling between the c level folks in business and the developers. It's not just going to be a developer-led 100% direction. Whether it's entertainment, role of data, that's going to be pretty interesting Jeff. >> So Apple's just about finished building the new spaceship headquarters right. I think I opens up next month. I'm just curious to get your take John on Apple. Obviously the iPhone changed the game 10 years ago. What' the next big card that Apple's going to play? 'Cause they seemed to have settled down. They're not at the top of the headlines anymore. >> Well from my sources at Apple, there are many. Deep inside at the highest levels. What I'm hearing is the following. They're doing extremely well financially, look at the retail, look at the breadth of business. I think Tim Cook has done an amazing job. And to all my peers and pundits who are thrashing Apple they just really don't know what they're talking about. Apple's dominating at many levels. It's dominating firstly on the fiscal performance of the company. They're a digital presence in terms of their stickiness is second to none. However, Apple does have to stay in their game. Because all the phone guys they are in essence copying Apple. So I think Apple's going to be very very fine. I think where they could really double down and win on is what they did getting out of the car business. I think that was super smart. There was a post by Auto Blog this weekend saying Silicon Valley failed. I completely disagree with that statement. Although in the short term it looks like on the scoreboard they're kind of tapping out, although Tesla this year. As well as a bunch of other companies. But it's not about making the car anymore. It's all about the car's role in a better digital ecosystem. So to me I think Apple is poised beautifully to use their financial muscle, to either buy car companies or deal with the digital aspect of it and bring that lifestyle to the car, where the digital services for the personalization of the user will be the sticking point for the transportation. So I think Apple's poised beautifully for that. Do they have some issues? Certainly every company does. But compared to everyone else I just see no one even close to Apple. At the financial level, with the cash, and just what they're doing with the tax. From a digital perspective. Now Google's got a self-driving cars, Facebook's a threat, Amazon, so those are the big ones I see. >> The other thing that's happening this week is the game developer conference in San Francisco at Moscone. So you know again, huge consumers of bandwidth, huge consumers of compute power. Not so much storage. I haven't heard much of the confluence of the 5G movement with the game developer conference. But clearly that's going to have a huge impact 'cause most gaming is probably going to move to a more and more mobile platform, less desktop. >> Well the game developer conference, the one that's going on the GDC, is kind has a different vibe right now. It's losing, it's a little bit lackluster in my mind. It's classic conference. It's very monetized. It seems to be over-monetized. It's all about making money rather than promoting community. The community in gaming is shifting. So you can look at how that show is run, versus say e three and now you've got Twitch Con. And then Mobile World Congress, one of the big voids is there's no e-sports conversation. That certainly would be the big thing to me. To me, everything that's going digital, I think gaming is going to shift in a huge way from what we know as a console cult. It's going to go completely mainstream, in all aspects of the device. As 5G overlays on top of the networks with the software gaming will be the first pop. You're going to see e-sports go nuclear. Twitch Con, those kind of Twitch genre's going to expand. Certainly "The Cube" will have in the future a gaming cube. So there'll be a cube anchor desk for most the gaming culture. Certainly younger hosts are going to come one. But to me I think the gaming thing's going to be much more lifestyle. Less culty. I think the game developer conference's lost its edge. >> And one of the other things that comes, obviously Samsung made a huge push. They were advertising crazy last night on the Oscar's, with the Casey add about you know, people are creating movies. And they've had their VR product out for a while but there's a lot of social activity saying what is going to be the killer app that kind of breaks through VR? We know Oculus has had some issues. What do you read in between the tea leaves there John? >> Well it's interesting the Oscar's was awesome last night, I would love to watch the Hollywood spectacle but one of the things that I liked was that segway where they introduced the Oscar's and they kind of were tongue in cheek 'cause no one in Hollywood really has any clue. And they were pandering, well we need to know what they meant. It was really the alpha geeks who were pioneering what used to be the green screen technology now you go and CGI it's our world. I mean I want to see more of that because that is going to be the future of Hollywood. The tools and the technologies for filmmaking is going to have a Morse law-like impact. It's the same as e-sports, you're going to see all kinds of new creative you're going to see all kinds of new tech. They talked about these new cameras. I'm like do a whole show on that, I would love it. But what it's going to enable is you're going to see CGI come down to the price point where when we look at PowerPoints and Adobe Creative Suite and these tools. You're going to start to see some badass creative come down for CGI and this is when the artist aspect comes in. I think art design will be a killer field. I think that is going to be the future of filmmaking. You're going to see an indie market explode in terms of talent. The new voices are going to emerge, the whole diversity thing is going to go away. Because now you're going to have a complete disruption of Hollywood where Hollywood owns it all that's going to get flattened down. I think you're going to see a massive democratization of filmmaking. That's my take. >> And then of course we just continue to watch the big players right. The big players are in here. It's the start ups but I'm looking here at the Ford SAP announcement that came across the wire. We know Ford's coming in at scale as stuff with IBM as well So those people bring massive scale. And scale is what we know drives pricing and I think when people like to cap on Morse law they're so focused on the physical. I think the power of Morse law has nothing to do with the microprocessor per se. But really it's an attitude. Which we talked a little briefly about what does the world look like if you have infinite networking, infinite compute, and infinite storage. And basically free. And if you start to think that way that changes your perspective on everything. >> Alright Jeff well thanks for the commentary. Great segment really breaking down the impact of Mobile World Congress. Again this show is morphing from a device show phone show, to full on end-to-end network. Intel are leading the way and the entire ecosystem on industry partners, going to write software for this whole new app craze, and of course we'll be covering it here all day today Monday the 27th and all the day the 28th. Stay tuned stay watching. We've got more guests coming right back with more after the short break.