(soft music) >> There are many constants in the storage business, relentlessly declining cost per bit, innovations that perpetually battled the laws of physics, a seemingly endless flow of venture capital, despite the intense competition. And there's one other constant in the storage business, Eric Hertzog, and he joins us today in this CUBE video exclusive to talk about IBM's recent storage announcements. Eric, welcome back to theCUBE. >> Great, Dave, thanks very much, we love being on theCUBE and you guys do a great job of informing the industry about what's going on in storage and IT in general. >> Well, thank you for that. >> Great job. >> We're going to cover a lot of ground today. IBM Storage, made a number of announcements the past month around data resilience, a new as-a-service model, which a lot of folks are doing in the industry, you've made performance enhancements. Can you give us the top line summary of the hard news, Eric? >> Sure, the top line summary is of course cyber security is on top of mind for everybody in the recent Fortune 500 list that came out, you probably saw, there was a survey of CEOs of Fortune 500 companies, they named cybersecurity as their number one concern, not war, not pandemic, but cybersecurity. So we've got an announcement around data resilience and cyber resiliency built on our FlashSystem family with our new offering, Safeguarded Copy. And the second thing is the move to a new method of storage consumption. Storage-as-a-Service, a pay-as-you-go model, cloud-like the way people buy cloud storage, that's what you can do now from IBM Storage with our Storage-as-a-Service. Those are the key, two takeaways, Dave. >> Yeah and I want to stay on the trends that we're seeing in cyber for a moment, the work from home pivot in the hybrid work approach has really created a new exposures, people aren't as secure outside of the walled garden of the offices and we've seen a dramatic escalation in the adversaries capabilities and techniques, another least of which is island hopping, in other words, putting code fragments in the digital supply chain, they reform once they're inside the company and it's almost like this organic creepy thing that occurs. They're also living as you know, stealthily for many, many months, sometimes years, exfiltrating data, and then just waiting and then when companies respond, the incidents response trigger a ransomware incident. So they escalate the cyber crime and it's just a really, really bad situation for victims. What are you seeing in that regard and the trends? >> Well, one of the key things we see as everyone is very concerned about cybersecurity. The Biden administration has issued (indistinct) not only to the government sector, but to the private sector, cyber security is a big issue. Other governments across the world have done the same thing. So at IBM Storage, what we see is taking a comprehensive view. Many people think that cybersecurity is moat with the alligators, the castle wall and then of course the sheriff of Nottingham to catch the bad guys. And we know the sheriff of Nottingham doesn't do a good job of catching Robin Hood. So it takes a while as you just pointed out, sitting there for months or even longer. So one of the key things you need to do in an overall cybersecurity strategy is don't forget storage. Now our announcement around Safeguarded Copy is very much about rapid recovery after an attack for malware or ransomware. We have a much broader set of cyber security technology inside of IBM Storage. For example, with our FlashSystem family, we can encrypt data at rest with no performance penalty. So if someone steals that data, guess what? It's encrypted. We can do anomalous pattern detection with our backup product, Spectrum Protect Plus, why would you care? Well, if theCUBE's backup was taking two hours on particular datasets and all of a sudden it was taking four hours, Hmm maybe someone is encrypting those backup data sets. And so we notify. So what we believe at IBM is that an overarching cybersecurity strategy has to keep the bad guys out, threat detection, anomalous pattern behavior on the network, on the servers, on the storage and all of that, chasing the bad guy down once they breach the wall, 'cause that does happen, but if you don't have cyber and data resilience built into your storage technology, you are leaving a gap that the bad guys can explain, whether that be the malware ransomware guys oh by the way, Dave, there still is internal IT theft that there was a case about 10 years ago now where 10 IT guys stole $175 million. I kid you not, $175 million from a bunch of large banks across the country, and that was an internal IT theft. So between the internal IT issues that could approach you malware and ransomware, a comprehensive cybersecurity strategy, must include storage. >> So I want to ask you about come back to Safeguarded Copy and you mentioned some features and capabilities, encrypting data at rest, your anomalous pattern recognition inferring, you're taking a holistic approach, but of course you've got a storage centricity, what's different about your cyber solution? What's your unique value probability to your (indistinct) . >> Well, when you look at Safeguarded Copy, what it does is it creates immutable copies that are logically air-gapped, but logically air-gapped locally. So what that means is if you have a malware or ransomware attack and you need to do a recovery, whether it be a surgical recovery or a full-on recovery, because they attacked everything, then we can do recovery in a couple hours versus a couple of days or a couple of weeks. Now, in addition to the logical local air-gapping with Safeguarded Copy, you also could do remote logical air-gapping by snapping out to the cloud, which we also have on our FlashSystem products and you also of course, could take our FlashSystem products and back up to tape, giving you a physical air gap. In short, we give our customers three different ways to help with malware and ransomware. >> Let me ask you- >> Are air-gapped locally. >> Yeah, please continue, I'm sorry. >> So our air-gapping locally for rapid recovery, air-gapping remotely, which again, then puts it on the cloud provider network, so hopefully they can't breach that. And then clearly a physical air gap going out to tape all three and on the mainframe, we have Safeguarded Copy already, Dave and several of our mainframe customers actually do two of those things, they'll do Safeguarded Copy or rapid recovery locally, but they'll also take that Safeguarded Copy and either put it out to tape or put it out to a cloud provider with a remote logical air-gap using a snapshot. >> I want to ask you a question about management 'cause when you ask CSOs, what's your number one challenge, they'll say lack of talent, We've got all these tools and all this lack of skills to really do all this stuff. Can't hire people fast enough and they don't have the skills. So when you think about it, and so what you do is you bring a lot of automation into the orchestration and management. My question is this, when you set up air gaps, do you recommend, or what do you see in terms of not, of logically and physically not only physically separating the data, but also the management and orchestration and automation does that have to be logically air-gapped as well or can you use the same management system? What's best practice there? >> Ah, so what we do is we work with our copy management software, which will manage regular copies as well, but Safeguarded Copies are immutable. You can't write to them, you can't get rid of them and they're logically air-gapped from the local hosts. So the hosts, for the Safeguarded Copies that immutable copy, you just made, the hosts don't even know that it's there. So you manage that with our copy management software, which by the way, we'll manage regular snapshots and replicas as well, but what that allows you to do is allows you to automate, for example, you can automate recovery across multiple FlashSystem arrays, the copy services manager will allow you to set different parameters for different Safeguarded Copies. So a certain Safeguarded Copy, you could say, make me a copy every four hours. And then on another volume on a different data set, you could say, make me a copy every 12 hours. Once you set all that stuff update, it's completely automated, completely automated. >> So, I want to come back to something you mentioned about anomalous pattern recognition and how you help with threat detection. So a couple of a couple of quick multi-part question here. First of all, the backup corpus is an obvious target. So that's an area that you have to protect. And so can, and you're saying, you've used the example if your backups taking too long, but so how do you do that? What's the technology behind that? And then can you go beyond, should you go beyond just the backup corpus, with primary data or copies on-prem, et cetera? Two part questions. >> So when we look at it, the anomalous pattern detection is part of our backup software, say Spectrum Protect and what it does it uses AI-based technology, it recognizes a pattern. So it knows that the backup dataset for the queue takes two hours and it recognizes that, and it sees that as the normal state of events. So if all of a sudden that backup that theCUBE was doing used to take two hours and starts taking four, what it does is that's an anomalous pattern, it's not a normal pattern. It'll send a note to the backup admin, the storage admin, whoever you designate it to and say the backup data set for theCUBE that used to take two hours, it's taken four hours, you probably ought to check that. So when we view cyber resiliency from a storage perspective, it's broad. We just talked about anomalous pattern detection in Spectrum Protect. We were talking most of the conversation about our Safeguarded Copy, which is available on the mainframe for several years and is now available on FlashSystems, making immutable local air-gap copies, that can be rapidly recovered and are immutable and can help you recover for a malware or ransomware attack. Our data at rest encryption happens to be with no performance penalty. So when you look at it, you need to create an overarching strategy for cybersecurity and then when you look at your storage estate, you need to look at your secondary storage, backup, replicas, snaps, archive, and have a strategy there to protect that and then you need a strategy to protect your primary storage, which would be things like Safeguarded Copy and encryption. So then you put it all together and in fact, Dave, one of the things we offer is a free cyber resilience assessment. It's not only for IBM Storage, but it happens to be a cyber resilience assessment that conforms to the NIST Framework and it's heterogeneous. So if you're a big company, you've got IBM EMC and HP Storage, guess what? It's all about the data sets not about the storage. So we say, you said these 10 data sets are critical, why are you not encrypting them? These data sets are XYZ, why are you not air-gapping them? So we come up based on the NIST Framework, a set of recommendations that are not IBM specific, but they are storage specific. Here's how you make your storage more resilient, both your secondary storage and your primary storage. That's how we see the big thing and Safeguarded Copy of course fits in on the primary storage side, A on the mainframe, which we've had for several years now and B in the Linux world, the Unix world and the Windows Server world on our FlashSystem portfolio with the announcement we did on July 20th. >> Great, thank you for painting that picture. Eric, are you seeing any use case patterns emerge in this space? >> Well, we see a couple of things. First of all, is A most resellers and most end-users, don't see storage an overarching part of the cybersecurity strategy, and that's starting to change. Second thing we're seeing is more and more storage companies are trying to get into this bailiwick of offering cyber and data resilience. The value IBM brings of course is much longer experience to that and we even integrate with other products. So for example, IBM offers a product called QRadar from the security divisions not a storage product, a security product, and it helps you with early data breach recognition. So it looks at servers, network access, it looks at the storage and it actually integrates now with our Safeguarded Copy. So, part of the value that we bring is this overarching strategy of a comprehensive data and cyber resilience across our whole portfolio, including Safeguarded Copy our July 20th announcement. But also integration beyond storage now with our QRadar product from IBM security division. And there will be future announcements coming in both Q4 and Q1 of additional integration with other security technologies, so you can see how storage can be a vital COD in the corporate cybersecurity strategy. >> Got it, thank you. Let's pivot to the, as-a-service it's, cloud obviously is brought in that as-a-service. Now, it seems like everybody has one now. You guys have announced obviously HPE, Dell, Lenovo, Cisco, Pure, everybody's gotten out there as-a-service model, what do we need to know about your as-a-service solution and why is it different from the others? >> Sure. Well, one of the big differences is we actually go on actual storage, not effective. So when you look at effective storage, which most of them do that includes creating the (indistinct) data sets and other things, so you're basically paying for that. Second thing we do is we have a bigger margin. So for example, if theCUBE says we want SLA-3 and we sell it by the SLA, Dave, SLA-1, two and three. So let's say theCUBE needs SLA-3 and the minimum capacity is a 100 terabytes, but let's say you think you need 300 terabytes. No problem. You also have a variable. One of the key differences is unlike many of our competitors, the rate for the base and the rate for the variable are identical. Several of our competitors, when you're in the base, you pay a certain amount, when you go into the variable, they charge you a premium. The other key differentiator is around data reduction. Some of our competitors and all storage companies have data reduction technology. Block-level D do thin provisioning, compression, we all offer those features. The difference is with IBM's pay-as-you-grow, Storage-as-a-Service model, if you have certain data sets that are not very deducible, not very compressible, we absorbed that with our competitors, most of them, if the dataset is not easily deducible, compressible, and they don't see the value, they actually charge you a premium for that. So that is a huge difference. And then the last big difference is our a 100% availability guarantee. We have that on our FlashSystem product line, we're the only one offering 100% availability guarantee. We also against many of the competitors offer a better base nines, as you know, availability characteristics. We offer six nines of availability, which is five minutes and 26 seconds of downtime and a 100% availability of offering. Some of our competitors only offer four nines of availability and if you want five or six, they charge you extra. We give you six nines base in which has only five minutes and change of downtime in a year. So those are the key difference between us and the other as-a-service models out there. >> So, the basic concept I think, is if you commit to more and buy more, you pay less per. I mean, that's the basic philosophy of these things, right? So, if- >> Yes. >> I commit to you X, let's say, I want to just sort of start small and I commit to you to X and great. I'm in now in, maybe I sign up for a multi-year term, I commit this much, whatever, a 100 terabytes or whatever the minimum is. And then I can say, Hey, you know what? This is working for me. The CFO likes it and the IT guys can provision more seamlessly, we got our chargeback or showback model goes, I want to now make a bigger commitment and I can, and I want to sort of, can I break my three-year term and come back and then renegotiate, kind of like reserved instances, maybe bigger and pay less? How do you approach that? >> Well, what you do is we do a couple of things. First of all, you could always add additional capacity, and you just call up. We assign a technical account manager to every account. So in addition to what you get from the regular sales team and what you get from our value business partners, by the way, we did factor in the business partners, Dave, into this, so business partners will have a great pay-as-you-go Storage-as-a-Service solution, that includes partners and their ability to leverage. In fact, several of our partners that do have both MSP and MHP businesses are working right now to leverage our Storage-as-a-Service, and then add on their own value with their own MSP and MHP capability. >> And they can white label that? Is that right or? >> Well, you'd still have Storage-as-a-Service from IBM. They would resell that to theCUBE and then they'd add in their own MHP or MSP. >> Got it. >> That said partners interested in doing a white label, we would certainly entertain that capability. >> Got it. I interrupted you, carry on please. >> Yeah, you can go ahead and add more capacity, not a problem. You also can change the SLA. So theCUBE, one of the leading an industry analyst firms, you bought every analyst firm in the world, and you're using IBM Storage-as-a-Service, pay-as-you-go cloud-like model. So what you do is you call up the technical account manager and say, Eric, we bought all these other companies they're using on-prem storage, we'd like to move to Storage-as-a-Service for all the companies we acquire. We can do that, so that would up your capacity. And then you could say, now we've been at SLA-2, but because we're adding all these new applications of workloads from our acquired companies, we want some of it to be at SLA-1. So we can have some of your workloads on SLA-2, others on SLA-1, you could switch everything to SLA-1, and you just call your technical account manager and they'll make that happen for you or your business partner, obviously, if you bought through the channel. >> I get it, the hard question is what if all those other companies theCUBE acquired are also IBM Storage-as-a-Service customers? Can I, what's that discussion like? Hey, can I consolidate those and get a better deal? >> Yeah, there are all Storage-as-a-Service customers and Dave I love that thought, we would just figure out a way to consolidate the agreement. The agreements are one through five years. What I think also that's very unique is let's say for whatever reason, and we all love finance people. Let's say the IT guys have called the finance and say, we did a one-year contract, we now like to do a three-year contract. The one year is coming up and guess what? Finance's delayed for whatever reason, the PO doesn't go through. So the ITI calls up the technical account manager, we love your service, it's delayed in finance. We will let them stay on their Storage-as-a-Service, even though they don't have a contract. Now, of course they've told us they want to do one, but if they exceed the contract by a quarter or two, because they can't get the finance guys are messing with the IT guys, that's fine. What the key differentiators? Exactly the same price. Several of our competitors will also extend without a contract, but until you do a contract, they charge you a premium, we do not, whatever, if you're an SLA-3, you're SLA-3, we'll extend you and no big deal. And then you do your contract, when the finance guys get their act together and you're ready to go. So that is something we can do and we'll do on a continual basis. >> Last question. Let's go way out. So, we're not doing any time, near-term forecasts, I'm trying to understand how popular you think as-a-service is going to be. I mean, if you think about the end of the decade, let's think industry total, IBM specific, how popular do you think as-a-service models will be? Do you think it will be the majority of the transacted business or it's kind of more of a, just one of many? >> So I think there will be many, some people will still have bare metal on-premises. Some people will still do virtualization on-premises or in a hybrid cloud configuration. What I do think though is Storage-as-a-Service will be over 50% by the end. Remember, we're sitting at 2021. So we're talking now 2029. >> Right. >> So I think Storage-as-a-Service will be over 50%. I think most of that Storage-as-a-Service will be in a hybrid cloud model. I think the days of a 100% cloud, which is the way it started. I think a lot of people realize that a 100% cloud actually is more expensive than a hybrid cloud or fully on-prem. I was at a major university in New York, they are in the healthcare space and I know their CIO from one of my past lives. I was talking to him, they did a full on analysis of all the cloud providers going a 100% cloud. And their analysis showed that a 100% cloud, particularly for highly transactional workloads was 50% more expensive than buying it, paying the maintenance and paying their employees. So we did an all in view. So what I think it's going to be is Storage-as-a-Service will be over 50%. I think most of that Storage-as-a-Service will be in a hybrid cloud configuration with storage on-prem or in a colo, like what our IBM pay-as-you-go service will do and then it will be accessed and available through a hybrid cloud configuration with IBM Cloud, Google, Amazon as or whoever the cloud provider is. So I do think that you're looking at over 50% of the storage being as-a-service, but I do think the bulk of that as-a-service will be as-a-service through someone like IBM or our competitors and then part of it will be from the cloud providers. But I do think you're going to see a mix because right now the expense of going a 100% cloud cloud storage is dramatically understated and when someone does an analysis like that major university in New York did, they had a guy from finance, help them do the analysis and it was 50% more expensive than doing on-premise either on-prem or on-prem as-a-service, both were way cheaper. >> But you own the asset, right? >> Yes. >> As-a-service model. >> We, right, we own the asset. >> And I would bet, >> I would bet that over the lifetime value of the spend and it as-a-service model, just like the cloud, if you do this with IBM or any of your competitors, I would bet that overall you're going to spend more just like you've seen in the cloud, but you get the benefit is the flexibility that you get. >> Yeah, yeah. If you compare it to the, so obviously the number one model would be to buy. That's probably going to be the least expensive. >> Right. >> But it's also the least flexible. Then you also have leasing, more flexibility, but leasing usually is more expensive. Just like when you lease your car, if you add up all the lease payments and then you, at the end, pay that balloon payment to buy, it's cheaper to buy the car up front than it is to lease a car. Same thing with any IT asset, now storage network servers, all are available on leasing, the net is at the bottom line, that's more than buying it upfront. And then Storage-as-a-Service will also be more expensive than buying it, my friend, but ultimate capability, altering SLAs, adding new capacity, being able to handle an app very quickly. We can provision the storage, as you mentioned, the IT guys can easily provision. We provision, the storage in 10 minutes, if you bought from IBM Storage or any competitor you bought and you need more storage, A you got to put a PO through your system and if you're not theCUBE, but you're a giant global Fortune 500, sometimes it takes weeks to get the PO done. Then the PO has to go to the business partner, the business partner has got to give a PO to the distributor and a PO to IBM. So it can take you weeks to actually get the additional storage that you need. With Storage-as-a-Service from IBM with our pay-as-you-go, cloud-like model, all you have to do is provision and you're done. And by the way, we provide a 50% overage for free. So if they end up needing more storage, that 50% is actually sitting on-prem already and if they get to 75% utilization of the total amount of storage, we then call them up, the technical account manager would call them up and their business partner and say, Dave, do you know that you guys are at 75% full? We'd like to come add some additional storage to get you back down to a 50% margin. And by the way, most of our competitors only do a 25% margin. So again, another differentiator for IBM Storage-as-a-Service. >> What about, I said, last question, but I have another question. What about day one? Like how long does it take, if I want to start fresh with as-a-service? >> Get it. >> How long does it take to get up and running? >> Basically you put the PO through, whatever it takes on your side or through your business partner, we then we'll sign the technical account manager, will call you up because you need to tell us, do you want to, in a colo facility that you're working with or do you want to put it on on-prem? And then once we do that, we just schedule a time for your IT guys do the install. So, probably two weeks. >> Yeah. >> It all depends because you've got to call back and say, Eric, we'd like it at our colo partner, our colo partners, ABC, we got to call ABC and then get back to you or on-prem , we're going to have guys in the office, a good day when it's not going to be too busy. Could you come two weeks from Thursday? Which now would be three weeks for sake of argument. But that would be, we interface with the customer, with the technical account manager to do it on your schedule on your time, whether you do it in your own facility or use a colo provider. >> Yeah, but once you tell, once I tell you, once we get through all that stuff, it's two weeks from when that's all agreed. >> Yeah. >> It's like the Xerox copier salesman, (Dave chuckles) Where are you going to put it? Once you decide where you're going to put it, then it's a couple of weeks. It's not a month or two months or yeah. >> Yeah, it's not. And we need additional capacity, remember there's a 50% margin sitting there. So if you need to go into the variable and use it, and when we hit a 75%, we actually track it with our storage insights pro. So we'll call you up and say, Dave, you're at 76%. We'd like to add more storage to give you better margin of extra storage and you would say, great, when can we do it? So, yeah, we're proactive about that to make sure that you stay at that 50% margin. Again, our competitors, all do only have 25% margin. So we're giving you that better margin, a larger margin in case you really have a high capacity demand for that quarter and we proactively will call you up, if we think you need more based on monitoring your storage usage. >> Great. Eric got to go, thank you so much for taking us through that great detail, I really appreciate it. Always good to see you. >> Great, thanks Dave, really appreciate it. >> Alright, thank you for watching this CUBE conversation, this is Dave Vellante and we'll see you next time. (soft music)

(upbeat music) >> There are many constants in the storage business, relentlessly declining costs per bit. Innovations that perpetually battle the laws of physics, a seemingly endless flow of venture capital, very intense competition. And there's one other constant in the storage industry, Eric Herzog. And he joins us today in this CUBE video exclusive to talk about IBM's recent storage announcements. Eric, welcome back to theCUBE. Great to see you, my friend. >> Great Dave, thank you very much. Of course, IBM always loves to participate with theCUBE and everything you guys do. Thank you very much for inviting us to come today. >> Really our pleasure. So we're going to cover a lot of ground. IBM Storage made a number of announcements this month around data resilience. You've got a new as a service model. You've got performance enhancements. Eric, can you give us, give us the top line summary of the hard news? >> Yeah. Top line. IBM is enhancing data and cyber resiliency across all non mainframe platforms. We already have it on the mainframe of course, and we're changing CapEx to OpEx with our storage as a service. Those are the key takeaways and the hot ticket items from an end user perspective. >> So maybe we could start with sort of the cyber piece. I mean, wow. I mean the last 18 months have been incredible and you're just seeing, you know, new levels of threats. The work from home pivot has created greater exposure. Organizations are kind of rethinking hybrid. You're seeing the ascendancy of some of the sort of hot cyber startups, but, but you're also seeing the, not only of the attack vectors winded, but the, the techniques are different. You know, threat hunting has become much more important. Your responses to threats. You have to be really careful the whole ransomware thing. So what are some of the big trends that you guys are seeing that are kind of informing how you approach the market? >> Well, first of all, it's gotten a lot worse. In fact, Fortune magazine just released the Fortune 500 a couple of weeks ago, and they had a survey that's public of CEOs, and they said, "What's the number one threat to your business? With no list just what's the number one threat?" Cyber security was number one 66% of the Fortune 500 Chief Executive Officers. Not CIOs not CTOs, but literally the CEOs of the biggest companies in the world. However, it's not just big companies. It hits the mid size, the small companies, everyone is open now to cyber threats and cyber attacks. >> Yeah. So for sure. And it's (chuckles) across the board. Let's talk about your solution, the announcement that you made here. Safeguard Copy, I think is what the branding is. >> Yeah. So what we've done is we've got a number of different technologies within our storage portfolio. For example, with our Spectrum Protect product, we can see anomalous pattern detection and backup data sets. Why would that matter? If I am going to hold theCUBE for ransom, if I don't get control of your secondary storage, snaps, replicas, and backups, you can just essentially say, I'm not paying you. You could just do a recovery, right? So we have anomalous protection there. We see encryption, we encrypt at rest with no performance penalty with our FlashSystem's family. We do air gapping. And in case of safeguarded copy, it's a form of air gapping. So we see physical air gapping with tape. logical air gapping, but to a remote location with snaps or replicas to your Cloud provider, and then local logical on-prem, which is what safeguarded copy does. We've had this technology for many years now on the mainframe platform. And we brought it down to the non mainframe environments, Linux, UNIX, and the Windows Server world by putting safeguarded copy on our FlashSystem's portfolio. >> So, okay. So part of the strategy is air gapping. So you're taking a copy, your air gapping it. You probably, you probably take those snaps, you know, at different intervals, you mix that up, et cetera. How do you manage the copies? How do you ensure if I have to do a recovery that you've got kind of a consistent data set? >> Yeah. So a couple things, first of all, we can create on a single FlashSystem array the full array up to 15,000 immutable copies, essentially they're weren't, you can't delete them, you can't change them. On a per volume basis, you can have 255. This is all managed with our storage copy manager, which can automate the entire process. Creation, deletion, frequency, and even recovery mode. So for example, I could have volume one and volume one perhaps I need to make immutable copies every four hours, while at 255 divided by four a day, I can go for many months and still be making those immutable copies. But with our Copy Services Manager, you can set up to be only 30 days, 60 days, you can set the frequency and once you set it up, it's all automated. And you can even integrate with IBM's QRadar, which is a threat detection and breach software from the security division of IBM. And when certain threats hit, it can actually automatically kick off a safeguarded copy. So what we do is make sure you've got that incredibly rapid recovery. And in fact, you can get air gapping, remotely. We have this on the main frame and a number of large global Fortune 500's actually do double air gapping, local logical, right? So they can do recovery in just a couple hours if they have an attack. And then they take that local logical and either go remote logical. Okay. Which gives them a second level of protection, or they'll go out to tape. So you can use this in a myriad of ways. You can have multiple protection. We even, by the way Dave, have three separate different admin levels. So you can have three different types of admins. One admin can't delete, one admin can. So that way you're also safe from what I'll call industrial espionage. So you can never know if someone's going to be stealing stuff from inside with multiple administrative capabilities, it makes it more difficult for someone to steal your data and then sell it to somebody. >> So, okay. Yeah, right. Because immutable is sort of, well, you're saying that you can set it up so that only one admin has control over that, is that right? If you want it... >> There's three, there's three admins with different levels of control. >> Right. >> And the whole point of having a three admins with different levels of control, is you have that extra security from an internal IT perspective versus one person, again, think of the old war movies, you know, nuclear war movies. Thank God it's never happened. Where two guys turn the key. So you've got some protection, we've got multiple admin level to do that as well. So it's a great solution with the air gapping. It's rapid recovery because it's local, but it is fully logically air gapped separated from the host. It's immutable, it's WORM, Write Once, Read Many can't delete can't change. Can't do anything. And you can automate all the management with our Copy Services Manager software that will work with safeguard copy. >> You, you talked about earlier, you could detect anomalous behavior. So, so presumably this can help with, with detecting threats, is that? >> Well, that's what our spectrum protect product does. My key point was we have all levels of data resiliency across the whole portfolio, whether it be encrypting data at rest, with our VTLs, we can encrypt in-flight. We have safeguarded copy on the mainframe, safeguarded copy on FlashSystems, any type of storage, including our competitor storage. You could air gap it to tape, right? With our spectrum virtualized software in our SAN Volume Controller, you could actually air gap out to a Cloud for 500 arrays that aren't even ours. So what we've done is put in a huge set of data and cyber resiliency across the portfolio. One thing that I've noticed, Dave, that's really strange. Storage is intrinsic to every data center, whether you're big, medium, or small. And when most people think about a cybersecurity strategy from a corporate perspective, they usually don't even think about storage. I've been shocked, but I've been in meetings with CEOs and VPs and they said, "oh, you're right, storage is, is a risk." I don't know why they don't think of it. And clearly many of the security channel partners, right? You have channel that are very focused on security and security consultants, they often don't think about the storage gaps. So we're trying to make sure, A, we've got broad coverage, primary storage, secondary storage, backup, you know, all kinds of things that we can do. And we make sure that we're talking to the end users, as well as the channel to realize that if you don't have data resilience storage, you do not have a corporate cybersecurity strategy because you just left out the storage part. >> Right on. Eric, are you seeing any use case patterns emerge in the customer base? >> Well, the main use case is prioritizing workloads. Obviously, as you do the immutable copies, you chew up capacity. Right now there's a good reason to do that. So you've got these immutable copies, but what they're doing is prioritizing workloads. What are the workloads? I absolutely have to have up and going rapidly. What are other workloads that are super important, but I could do maybe remote logical air gapping? What ones can I put out to tape? Where I have a logical, where I have a true physical air gap. But of course tape can take a long recovery time. So they're prioritizing their applications, workloads and use case to figure out what they need to have a safeguarded copy with what they could do. And by the way, they're trying to do that as well. You know, with our FlashSystem products, we could encrypt data at rest with no performance penalty. So if you were getting, you know, 30,000 database records and they were taken, you know, 10 seconds for sake of argument, when you encrypt, normally you slow that down. Well, guess what, when you encrypt with our FlashSystem product. So in fact, you know, it's interesting Dave, we have a comprehensive and free cyber resiliency assessment, no charge to the end-user, no charge to a business partner if they want to engage with us. And we will look at based on the NIST framework, any gaps. So for example, if theCUBE said, these five databases are most critical databases, then part of our cyber resilience assess and say, "ah, well, we noticed that you're not encrypting those. Why are you not encrypting those?" And by the way, that cyber resilience assessment works not only for IBM storage, but any storage estate they've got. So if they're homogenous, we can evaluate that if they're heterogeneous in their storage estate would evaluate that, and it is vendor agnostic and conforms to the NIST framework, which of course is adopted all over the world. And it's a great thing for people to get free, no obligation. You don't have to buy a single thing from IBM. It's just a free assessment of their storage and what cyber security exposure they have in their storage estate. And that's a free thing that we offer that includes safeguarded copy, encryption, air gapping, all the various functionality. And we'll say, "why are you not encrypting? Why are you not air gapping?" That if it's that important, "what, why are you leaving these things exposed?" So that's what our free cyber resilience assessment does. >> Got to love those freebies take advantage of those for sure. A lot of, a lot of organizations will charge big bucks for those. You know, maybe not ridiculously huge bucks, but you're talking tens of thousands. Sometimes you'll get up to hundreds of thousands of dollars for that type of type of assessment. So that's, you've got to take advantage of that if you're a customer out there. You know, I, I wanted to ask you about just kind of shift topics here and get into the, as a service piece of it. So you guys announced your, your as a service for storage, a lot of people have also done that. What do we need to know about the IBM Solution? And what's different from the others, maybe two part question, but what's the first part. What do we need to know? >> A couple of thing is, from an overall strategy perspective, you don't buy storage. It's a full OpEx model. IBM retains legal title. We own it. We'll do the software upgrades as needed. We may even go ahead and swap the physical system out. You buy an SLA, a tier if you will. You buy capacity, performance, we own it. So let's take an easy one. Our tier two, we give you our worst case performance at 2,250 IOPS per terabyte. Our competitors by the way, when you look at their contracts and look what they're putting out there, they will give you their best case number. So if they're two is 2,250, that's the best case. With us it's our worst case, which means if your applications or workloads get 4,000 IOPS per terabyte, it's free. We don't charge you for that. We give you the worst case scenario and our numbers are higher than our competition. So we make sure that we're differentiated true OpEx model. It's not a modified Lease model. So it's truly converts CapEx into operational expense. We have a base as everybody does, but we have a variable. And guess what? There's the base price and the variable price are the same. So if you don't use the variable, we don't charge you. We bill you for 1/4 in arrears, every feature function that's on our FlashSystem technology such as safeguarded copy, which we just talked about. AI based tiering, data at rest encryption with no performance penalty, data in compression with no performance, all those features you get, all of them, all we're doing is giving you an option. We still let you buy CapEx. We will let you lease with IBM Global Financial Services. And guess what? You could do a full OpEx model. The technology though, our flash core modules, our spectrum virtualized software is all the same. So it's all the same feature function. It's not some sort of stripped down model. We even offer Dave, 100% availability option. We give Six Nines of availability as a default, several of the competitor, which is only five minutes and 26 seconds of downtime, several of our competitors, guess what they give? Fournines. If you want five or six, you got to pay for it. We just give you six as a default differentiator, but then we're the only vendor to offer 100% availability guarantee. Now that is an option. It's the one option. But since we're already at Six Nines, when our competitors are at Four or Five Nines, we already have better availability with our storage as a service than the competition does. >> So let me just make this, make sure I'm clear on this. So you got Six Nines as part of the service. That's >> Absolutely >> Fundamental. And I get, I can pay up for 100% availability option. And, >> Yes you can. >> So what does that, what does that mean? Practically? You're putting in redundancies and, >> Right, right. So we have a technology known as HyperSwap. We have several public references by the way, at ibm.com. We've been shipping HyperSwap on both the mainframe, probably eight or nine years now. We brought it to our FlashSystem product probably five years ago. As I mentioned, we've got public references. You don't pay for the software by the way, you do have to have a dual node cluster. And HyperSwap allows you to do that. But you can do that as a service. You can buy it. You can do as CapEx, right? When you need the additional FlashSystem to go with it again, the software is free. So you're not to pay for the software. You just have to pay for the additional system level componentry, but you can do that as a service and have it completely be an OpEx model as well. We even assign a technical account manager to every account. Every account gets a technical account manager. If you will, concierge service comes with every OpEx version of our storage as a service. >> So what does that mean? What does that concierge do? Just paying attention to (indistinct) >> Concierge service will do a quarterly, a quarterly review with you. So let's say theCUBE bought 10,000 other analyst firms in the industry. You're now the behemoth. And you at theCUBE are using IBM storage as a service. You call up your technical account manager to say, "Guess what? We just bought these companies. We're going to convert them all to storage as a service, A, we need a higher tier, you could upgrade the tier B, we have a one-year contract, but you know what we'd like to extend it to two, C, we think we need more capacity." You tell your technical account manager, they'll take care of all of that for you, as well as giving you best practices. For example, if you decide you want to do safeguarded copy, which you can do, because it's built into our spectrum virtualized software, which is part of our storage as a service, we can give you best practices on that he would tell you, or she would tell you about our integration with our security visions, QRadar. So those are various best practices. So the technical account manager makes sure the software is always up to date, right? All the little things that you would have to do yourself if you own it, we take care of, because we legally own it, which is allow you to buy it as a service. So it is a true OpEx model from a financial perspective. >> In the term of the contracts are what? One, two and three years. >> One to five. >> Yeah. Okay. >> If you don't renew and you don't cancel, we'll automatically re up you at the exact tier you're at, at the exact same price. Several of our competitors, by the way, if you do that, they actually charge you a premium until you sign a contract. We do not. So if you have a contract based on tier two, right? We go buy SLA tier one, tier two, tier three. So if I have a tier two contract at theCUBE, and you forgot to get the contract done at the end of two years, but you still want it, you can go for the next 2/4. I mean, well our business partner as I should say, "Dave, don't you want to sign a contract, you said you like it." Obviously you would, but we will let you stay. You just say, now I want to keep it without a contract. And we don't charge your premium. Our competitors if you don't have a contract, they charge your premium. If you keep it installed without putting a contract in place. So little things like that clearly differentiate what we do. We don't charge a premium. If you go above the base. One of the competitors, in fact, when you go into the variable space, okay? And by the way, we provide 50% extra capacity. We over-provision. The other competitors usually do 25%. We do 50%. No charge, is just part of the service. So the other vendors, if you go into the variable space, they raised the price. So if it's $5, you know, for X capacity and you go into the, which is your base, and then you go above that, they charge you $7 and 50 cents. We don't. It's $5 at the base and $5 at the variable. Now obviously your variable can be very big or very small, but whatever the variable is, we charge you. But we do not charge you an a bigger price. Couple of competitors when you go into the variable world, they charge you more. Guess what it gets you to do, raise your base capacity. (Eric laughs) >> Yeah. I mean, that's, that should, the math should be the opposite of that, in my view. If you make a commitment to a vendor, say, okay, I'm going to commit to X. You have a nice chart on this, actually in your, in your deck. If I'm going to commit to X, and then I'm going to add on, I would think the add on price per bit should be at the same or lower. It shouldn't be higher. Right? And I get, I get what you're saying there. They're forcing you to jack up the base, but then you're taking all the risk. That's not a shared risk model. I get... >> And that's why we made sure that we don't do that. In fact, Dave, you can, you know, the fact that we don't charge you a premium if you go beyond your contract period and say, "I still wanted to do it, but I haven't done the contract yet." The other guys charge you a premium, if you go beyond your contract period. We don't do that either. So we try to be end-user friendly, customer friendly, and we've also factored in our business partners can participate in this program. At least one of our competitors came out with a program and guess what? Partners could not participate. It was all direct. And that company by happens to have about 80% of their business through the channel and their partners were basically cut out of the model, which by the way, is what a lot of Cloud providers had done in the past as well. So it was not a channel friendly model, we're channel friendly, we're end user-friendly, it's all about ease of use. In fact, when you need more capacity, it takes about 10 minutes to get the new capacity up and going, that's it? >> How long does it take to set up? How long does it take to set up initially? And how long does it take to get new capacity? >> So, first of all, we deploy either in a Colo facility that you've contracted with, including Equinix, Equinix, is part of our press release, or we install on your site. So the technical account managers is assigned, he would call up theCUBE and say, "When is it okay for us to come install the storage?" We install it. You don't install anything. You just say, here's your space. Go ahead and install. We do the installation. You then of course do the normal rationing of the capacity to this goes to this Oracle, this goes to SAP. This goes to Mongo or Cassandra, right? You do that part, but we install it. We get it up and going. We get it turned on. We hook it up to your switching infrastructure. If you've got switching infrastructure, we do all of that. And then when you need more capacity, we use our storage insights pro which automatically monitors capacity, performance, and potential tech support problems. So we give you 50% extra, right? If you drop that to 25%, so you now don't have 50% extra anymore, you only have 25% extra, we'll, the technical account manager would call you and say, "Dave, do you know that we'd like to come install extra capacity at no charge to get you back up to that 50% margin?" So we always call because it's on your site or in your Colo facility, right? We own the asset, but we set it up and you know, it takes a week or two, whatever it takes to ship to whatever location. Now by the way, our storage as a service for 2021 will be in North America and Europe only, we are really expanding our storage as a service outside into Asia and into Latin America, et cetera, but not until 2022. So we'll start out with North America and Europe first. >> So I presume part of that is figuring out just the compensation models right? And so how, how did you solve that? I mean, you can't, you know, you don't seem to be struggling with that. Like some do. I think there's some people dipping their toes in the water. Was that because, you know, IBM's got experience with like SAS pricing or how were you thinking about that and how did you deal with kind of the internal (indistinct) >> Sure. So, first of all, we've had for several years, our storage utility model. >> Right? >> Our storage utility model has been sort of a hybrid part CapEx and part OpEx. So first of all, we were already halfway there to an OpEx model with our storage utility model that's item, number one. It also gave us the experience of the billing. So for example, we bill you for a full quarter. We don't send you a monthly bill. We send you a quarterly bill. And guess what, we always bill you in arrears. So for example, since theCUBE is going to be a customer this quarter, we will send you a bill for this quarter in October for the October quarter, we'll send you a bill for that quarter in January. Okay. And if it goes up, it goes up. If it goes down, it goes down. And if you don't use any variable, there's no bill. Because what we do is the base you pay for once a year, the variable you pay for by on a quarterly basis. So if you, if you are within the base, we don't send you a bill at all because there's no bill. You didn't go into the variable capacity area at all. >> I love that. >> When you have a variable It can go up and down. >> Is that unique to some, do some competitors try to charge you up front? Like if it's a one-year term. (Dave laughs) >> Everbody charges, everybody builds yearly on the base capacity. Pretty much everyone does that. >> Okay, so upfront you pay for the base? Okay. >> Right. And the variable can be zero. If you really only use the base, then there is no variable. We only bill for it's a pay for what you use model. So if you don't use any of the variable, we never charge you for variable. Now, you know, because you guys have written about it, storage grows exponentially. So the odds of them ending up needing some of the variable is moderately high. The other thing we've done is we didn't just look at what we've done with our storage utility model, but we actually looked at Cloud providers. And in fact, not only IBM storage, but almost every of our competitors does a comparison to Cloud pricing. And when you do apples to apples, Cloud vendors are more expensive than storage as a services, not just from us, but pretty much for a moment. So let's take an example. We're Six Nines by default. Okay. So as you know, most Cloud providers provide three or Fournines as the default. They'll let you get five or Six Nines, but guess what? They charge you extra. So item number one. Second thing, performance, as you know, the performance of Cloud storage is usually very weak, but you can make it faster if you want to. They charge extra for that. We're sitting at 2,250 terabytes per IOPS, excuse me, per terabytes. That's incredible performance If you've got 100 terabytes, okay. And if your applications and workloads and that's the worst case, by the way, which differentiates from our competitors who usually quote the best case, we quote you the worst case and our worst case by the way, is almost always higher than their best cases in each of the tiers. So at their middle tier, our worst case is usually better than their best case. But the point is, if you get 4,000 IOPS per terabyte and you're on a tier two contract, it's a two-tier contract. And in fact, let's say that theCUBE has a five-year deal. And we base this on our FlashSystem technology. And so let's say for tier two, for sake of argument, FlashSystem, 7,200. We come out two years after theCUBE has it installed with the FlashSystem, 7,400. And let's say the FlashSystem, 7,400, won't deliver a 2,250 IOPS per terabyte, but 5,000, if we choose to replace it, 'cause remember it's our physical property. We own it. If we choose to replace that 7,200 with a 7,400, and now you get 5,000 IOPS per terabyte, it's free. You signed a tier two contract for five years. So two years later, if we decide to put a different physical system there and it's faster, or has four more software features, we don't charge you for any of that. You signed an SLA for tier two. >> You haven't Paid for capacity, right? All right. >> You are paying for the capacity (indistinct) performance, you don't pay for that. If we swap it out and the, the array is physically faster, and has got five new software features. You pay nothing, you pay what your original contract was based on the capacity. >> What I'm saying is you're learning from the Cloud providers 'cause you are a Cloud provider. But you know, a lot of the Cloud providers always sort of talk about how they lower prices. They lower prices, but you know, well, you worked at storage companies your whole life and they, they lower prices on a regular basis because they 'cause the cost of the curve. And so. >> Right. The cost of storage to Cloud, I mean, the average price decline in the storage industry is between 15 and 25%, depending on the year, every single year. >> Right. >> As, you know, you used to be with one of those analysts firms that used to track it by the numbers. So you've seen the numbers. >> For sure. Absolutely. >> On average it drops 15 to 25% every year. >> So, what's driving this then? If it's, it's not necessarily, is it the shift from, from CapEx to OPEX? Is it just a more convenient model than on a Cloud like model? How do you see that? >> So what's happened in IT overall is of course it started with people like salesforce.com. Well, over 10 years ago, and of course it's swept the software industry software as a service. So once that happened, then you now see infrastructure as a service, servers, switches, storage, and an IBM with our storage as a service, we're providing that storage capability. So that as a service model, getting off of the traditional licensing in the software world, which still is out there, but it's mostly now is mostly software as a service has now moved into the infrastructure space. From our perspective, we are giving our business partners and our customers, the choice. You still want to buy it. No problem. You want to lease it? No problem. You want a full OpEx model. No problem. So for us, we're able to offer any of the three options. The, as a service model that started in software has moved now into the systems world. So people want to change often that CapEx into OpEx, we can even see Global Fortune 500s where one division is doing something and a different division might do something else, or they might do it different by geography. In a certain geography, they buy our FlashSystem products and other geographies they lease them. And in other geographies it's, as a service. We are delivering the same feature, function, benefit from a performance availability software function. We just give them a different way to procure. Do you want CapEx you want leasing or OpEx you pick what you want, we'll deliver the right solution for you. >> So, you got the optionality. And that's great. You've thought that out, but, but the reason I'm asking Eric, is I'm trying to figure out this is not just for you for everybody. Is this a check-off item or is this going to be the prevailing way in which storage is consumed? So if you had, if you had a guess, let's go far out. So we're not making any near-term forecast, but end of the decade, is this going to be the dominant model or is it going to be, you know, one of the few. >> It will be one of a few, but it'll be a big few. It'll be the big, one of the biggest. So for sake of argument, there we'll still be CapEx, they'll still be OpEx they'll still be, or there will be OpEx and they're still be leasing, but I will bet you, you know, at the end of this decade, it'll be 40 to 50% will be on the OpEx model. And the other two will have the other 50%. I don't think it's going to move to everything 'cause remember, it's a little easier during the software world. In the system world, you've got to put the storage, the servers, or the networking on the prem, right? Otherwise you're not truly, you know, you got to make it a true OpEx model. There's legal restrictions. You have to make it OpEx, if not, then, you know, based on the a country's practice, depending on the country, you're in, they could say, "Well, no, you really bought that. It's not really a service model." So there's legal constraints that the software worldwise easier to get through and easier to get to bypass. Right? So, and remember, now everything is software as a service, but go back when salesforce.com was started, everyone in the enterprise was doing ELAs and all the small companies were buying some sort of contract, right, or buying by the (indistinct) basis. It took a while for that to change. Now, obviously the predominant model is software as a service, but I would argue given when salesforce.com started, which was, you know, 2007 or so, it took a good 10 years for software as a service to become the dominant level. So I think A, it won't take 10 full years because the software world has blazed a trail now for the systems world. But I do think you'll see, right. We're sitting here know halfway through 2021, that you're going to have a huge percentage. Like I said, the dominant percentage will be OpEx, but the other two will still be there as well. >> Right. >> By the way, you know in software, almost, no one's doing ELAs these days, right? A few people still do, but it's very rare, right? It's all software as a service. So we see that over time doing the same thing in the, in the infrastructure side, but we do think it will be slower. And we'll, we'll offer all three as, as long as customers want it. >> I think you're right. I think it's going to be mixed. Like, do I care more about my income statement or my balance sheet and the different companies or individual different divisions are going to have different requirements. Eric, you got to leave it there. Thanks much for your time and taking us through this announcement. Always great to see you. >> Great. Thank you very much. We really appreciate our time with theCUBE. >> All right. Thank you for watching this CUBE conversation. This is Dave Vellante and we'll see you next time. (upbeat music)

>> From around the globe, It's theCUBE. With digital coverage of IBM Think 2021, brought to you by IBM. >> Hi, welcome back to theCUBE's coverage of IBM Think 2021 virtual. I'm John Furrier host of the CUBE. We got a great guest here. Brian Bouchard is the co-founder president and CEO of Alacrinet. Brian great to see you remoting in all the way from Puerto Rico to Palo Alto. >> That's right. >> Great to see you. >> Thanks for First of all, thanks John, for having me. I really appreciate the opportunity. >> Yeah, great to see you. Thanks for coming on. First of all, before we get into what you guys do and and how this all ties in to Think. What do you guys do at Alacrinet? Why the name? A it's good you're at the top of the list and alphabetically, but tell us the, the, the the secret behind the name and what you guys do. >> So, first of all Alacrinet is based on the root word alacrity which means a prompt and willing, a prompt a joyous prompt to, excuse me, to achieve a common goal. So we ultimately are a network of individuals with the traits of alacrity. So Alacrinet. So that's our name. >> Great. So what's your relationship with IBM and how you guys have been able to leverage the partnership program in the marketplace? Take us through the relationship. >> So, well, first of all Alacrinet is a platinum IBM business partner and it was awarded recently the 2020 IBM North American partner of the year award. And we were selected amongst 1600 other business partners across North America. We've been actually a consulting, an IT consulting company for almost 20 years now. And we were founded in 2002 in Palo Alto and we have focused specifically on cyber security since 2013. And then as part, go ahead. >> What are some of the things that you guys are working on? Because obviously, you know, the business is hot right now. Everyone's kind of looking at COVID saying we're going to double down on the most critical projects and no time for leisurely activities when it comes to IT. And cloud scale projects, you know mission critical stuff's happening what are you guys working on? >> So we're, we're focused on cybersecurity, our security services really compliment IBM's suite of security solutions and cover the full spectrum from our research and penetration testing, which helps identify vulnerabilities before a breach occurs. And we also have managed security services which helps prevent, detect and remediate attacks in real time. And then finally, we also have a security staffing division and a software resell division, which kind of rounds out the full amount of offerings that we have to provide protection for our clients. >> What are some of the biggest challenges you guys have as a business, and how's IBM helping you address those? >> Well, as you know, John, we all know the importance of cybersecurity in today's world, right? So it's increasing in both demand and importance and it's not expected to wane anytime soon. Cyber attacks are on the rise and there's no there's no expected end in sight to this. And in fact, just this week on 60 minutes, Jay Powell, the chairman of the federal reserve board he noted that cyber attacks were the number one threat to the stability of the US economy. Also this week, a public school in Buffalo New York was hacked with ransomware and the school you know, this, the school district is just contemplating you know, paying the ransom to the hackers. So there's literally thousands of these attacks happening every day, whether it's in local school district or a state government, or an enterprise even if you don't hear about them, they're happening In adding to the complexity that the cyber attackers pose is the complexity of the actual cybersecurity tools themselves. There isn't a single solution provider or a single technology, that can ensure a company's security. Our customers need to work with many different companies and disconnected tools and processes to build an individual strategy that can adequately protect their organizations. >> You know, I love this conversation whenever I talk to practitioners on cybersecurity, you know that first of all, they're super smart, usually cyber punks and they also have some kinds of eclectic backgrounds, but more importantly is that there's different approaches in terms of what you hear. Do you, do you put more if you add more firefighters, so to speak to put out the fires and solve the problems? Or do you spend your time preventing the fires from happening in the first place? You know, and you know, the buildings are burning down don't make fire fire, don't make wood make fire resistance, you know, more of a priority. So there's less fires needing firefighters So it's that balance. You throw more firefighters at the problem or do you make the supply or the material the business fireproof, what's your take on that? >> Yeah, well, it kind of works both ways. I mean, we've seen customers want it. They really want choice. They want to, in some cases they want to be the firefighter. And in some cases they want the firefighter to come in and solve their problems. So, the common problem set that we're seeing with our that our customers encounter is that they struggle one, with too many disparate tools. And then they also have too much data being collected by all these disparate tools. And then they have a lack of talent in their environment to manage their environments. So what we've done at Alacrinet is we've taken our cybersecurity practice and we've really specifically tailored our offerings to address these core challenges. So first, to address the too many disparate tools problem, we've been recommending that our clients look at security platforms like the IBM Cloud Pak for security the IBM Cloud Pak for security is built on a security platform that allows interoperability across various security tools using open standards. So our customers have been responding extremely positively to this approach and look at it as a way to future-proof their investments and begin taking advantage of interoperability with, and, tools integration. >> How about where you see your business going with this because, you know, there's not a shortage of need or demand How are you guys flexing with the market? What's the strategy? Are you going to use technology enablement? You're going to more human driven. Brian, how do you see your business unfolding? >> Well, actually really good. We're doing very well. I mean, obviously we made the, the top the business partner for IBM in 2020. They have some significant growth and a lot of interest. I think we really attack the market in a, in a with a good strategy which was to help defragment the market if you will. There's a lot of point solutions and a lot of point vendors that various, you know, they they spent specialized in one piece of the whole problem. And what we've decided to do is find them the highest priority list, every CSO and CIO has a tick list. So that how that, you know, first thing we need we need a SIM, we need an EDR, we need a managed service. We need, what's the third solution that we're doing? So we, we need some new talent in-house. So we actually have added that as well. So we added a security staffing division to help that piece of it as well. So to give you an idea of the cybersecurity market size it was valued at 150 billion in 2019 and that is expected to grow to 300 billion by 2027. And Alacrinet is well-positioned to consolidate the many fragmented aspects of the security marketplace and offer our customers more integrated and easier to manage solutions. And we will continue to help our customers select the best suite of solutions to address all types of cybersecurity, cybersecurity threats. >> You know, it's it's such a really important point you're making because you know, the tools just have piled up in the tool shed. I call it like that. It's like, it's like you don't even know what's in there anymore. And then you've got to support them. Then the world's changed. You get cloud native, the service areas increasing and then the CSOs are also challenged. Do I, how many CLAWs do I build on? Do I optimize my development teams for AWS or Azure? I mean, now that's kind of a factor. So, you have all this tooling going on they're building their own stuff they're building their own core competency. And yet the CSO still needs to be like maintaining kind of like a relevance list. That's almost like a a stock market for the for the products. You're providing that it sounds like you're providing that kind of service as well, right? >> Yeah, well, we, we distill all of the products that are out there. There's thousands of cybersecurity products out there in the marketplace and we kind of do all that distillation for the customer. We find using, you know, using a combination of things. We use Forrester and Gartner and all the market analysts to shortlist our proposed solutions that we offer customers. But then we also use our experience. And so since 2013, we've been deploying these solutions across organizations and corporations across America and we've, we've gained a large body of experience and we can take that experience and knowledge to our customers and help them, you know, make make some good decisions. So they don't have to, you know, make them go through the pitfalls that many companies do when selecting these types of solutions. >> Well congratulations, you've got a great business and you know, that's just a basic search making things easier for the CSO, more so they can be safe and secure in their environment. It's funny, you know, cyber warfare, you know the private companies have to fight their own battles got to build their own armies. Certainly the government's not helping them. And then they're confused even with how to handle all this stuff. So they need, they need your service. I'm just curious as this continues to unfold and you start to see much more of a holistic view, what's the IBM angle in here? How, why are you such a big partner of theirs? Is it because their customers are working with you they're bringing you into business? Is it because you have an affinity towards some of their products? What's the connection with IBM? >> All of the above. (chuckles) So I think it probably started with our affinity to IBM QRadar product. And we have, we have a lot of expertise in that and that solution. So that's, that's where it started. And then I think IBM's leadership in this space has been remarkable, really. So like what's happening now with the IBM Cloud Pak for security you know, building up a security platform to allow all these point solutions to work together. That's the roadmap we want to put our customers on because we believe that's the that's the future for this, this, this marketplace. >> Yeah. And the vision of hybrid cloud having that underpinning be with Red Hat it's a Linux kernel, model of all things >> Yeah. Super NetEase. >> Locked in >> It's portable, multiple, you can run it on Azure. IBM Cloud, AWS. It's portable. I mean, yeah, all this openness, as you probably know cyber security is really a laggard in the security in the information technology space as far as adopting open standards. And IBM is I think leading that charge and you'll be able to have a force multiplier with the open standards in this space. >> Open innovation with open source is incredible. I mean, if you, if, if if open source can embrace a common platform and build that kind of control plane and openness to allow thriving companies to just build out then you have an entire hybrid distributed architecture. >> Yeah. Well, I think companies want to use the best in breed. So when we, when we show these solutions to customers they want the best in breed. They always say, I don't, when it comes to security they don't want second best. They want the best it's out there because they're securing their crown jewels. So that makes sense. So the problem with, you know having all these different disparate solutions that are all top in their category none of them talk to each other. So we need to address that problem because without that being solved, this is just going to be more it's going to compound the complexity of the problems we solve day to day. >> Awesome. Congratulations, Brian, great story. You know entrepreneur built a great business over the years. I think the product's amazing. I think that's exactly what the market needs and just shows you what the ecosystem is all about. This is the power of the ecosystem. You know, a thousand flowers are blooming. You got a great product. IBM is helping as well. Good partnership, network effects built in and and still a lot more to do. Congratulations. >> Absolutely. >> Okay. >> Thank you very much >> Brian Bouchard >> Made my impression. I appreciate that >> Thanks for coming on theCUBE Appreciate it. I'm John Furrier with IBM thinks 2021 virtual coverage. Thanks for watching. (outro music plays)

>> From around the globe it's theCUBE with digital coverage of IBM Think 2021 brought to you by IBM. >> Welcome to the theCUBE's coverage of IBM think 2021, the digital experience. I'm Lisa Martin. I've got two guests here with me next. We're going to be talking about IBM and Cisco. Please welcome Candace Tripp, a partner at Global Security Services Alliances at IBM. Kandyce, it's great to have you on theCUBE. >> Thank you. It's great to be here, Lisa. >> And Erin Jensen joins us as well. Global Partner Executive for IBM at Cisco. Erin, welcome to you as well. >> Yeah, thanks for having me. >> I love it, three women, power women on a tech panel. >> I know, I love it. >> Isn't that nice? It's rare. >> It is. >> Exciting. >> Praise God. All right, let's go ahead, Erin and we're going to start with you. Let's talk about Cisco's strategy and security and how that aligns with IBM. >> Absolutely. Thanks Lisa. So Cisco in the last seven years have made considerable amount of investment in our portfolio. And in fact, it's one reason why I joined Cisco. I've been hearing about customer problems across many security threat vectors and issues. And customers are really looking for a product portfolio that helps them across all their security needs. IBM has taken a similar approach, right? We're not just one product or one service. IBM also has a service portfolio that helps customers through the long haul and their security journey. We're both working to solve problems like Zero Trust, SAS, Cloud security, and helping all of our customers with digital transformation and moving to the cloud. And so both of us have really taken a similar long-term approach to our customer vision and security. >> We've heard a lot about security challenges and the expansion of threat vectors and surfaces and data in the last year or so. So that double-down focus from both IBM and Cisco on security is absolutely critical for customers. Kandyce, let's get your perspective now. Talk to me about IBM security services and the value that it delivers with Cisco's security portfolio, those two powerhouses together. >> Yeah. Great question. I really appreciate it. One of the things I want to point out is just that IBM security services is one of the largest MSPs in the industry. And I think it's a really exciting time and I'm very thrilled to be a part of that. And the answer to your question, we simplify security solutions, we reduce risk, we provide architectural consulting and systems integration. And we do that in support of our partnerships, just like with Cisco, with Cisco, excuse me. So I think it's a really exciting partnership and there's a lot of value provided. >> And then Kandyce also, you recently launched IBM security services Alliance program. What can you tell us about that? >> Yeah, absolutely. So I'm very excited about it. We launched it on March 1st of this year. And it is a very targeted program that's designed to promote support and reward us like set of partners. And Cisco is one of those partners that has been invited to participate. And these are the partners that are committed to doing a couple of different things. One of which is supporting the development of our offerings. It's also partners that are integrating into our technology platform and they also train and enable our engineers, our consultants as well as our sellers. So they bring a lot of value to the table. And like I said before, Cisco is one of the partners that have been invited to participate. And we're very excited. >> Yeah. >> Go ahead Erin. >> And just to add on that as Candace is saying like Cisco is really excited to participate in this program. It's really, truly about delivering an outcome to our customers. And so the program gives us tools to make investments integrations, et cetera. And the part about partnership it's an evolution of things, right? We want to work together. The landscape of the threats are changing, our world's changing, we're in a pandemic, we've got to be able to pivot and really help customers solve these problems together. And the Alliance program gives us a formal way a really kind of put in the wood behind the arrow. So we're really excited to participate. >> Thanks Erin, excited to have you. >> Great. So Kandyce, I'm curious, as Erin was saying that the threat vector, things are expanding, we've seen so much flux. They're saying we're in a dynamic market, situation is a pretty big understatement. What was the impetus of this Alliance? Was it, this Alliance program, did it have anything to do with the flux that we've been through in the last year? >> Well, I think anytime you launch a program or create a strategy, you're obviously solving a problem. And we all know that security is complex and we need to simplify it. And in today's market, there's a shortage of professionals in the industry. There's a lot of siloed processes and a lot of tools. And anytime that you can bring a strategy to the table that solves some of these challenges, it's definitely worthwhile. And our goal is to bring together advisors and integrated leading technologies vendors such as Cisco. And our goal is to help our clients obviously. And optimally, what we want to do is we want to align their security strategy. We want to make sure that we protect their digital users, their data, their assets. We also want to modernize our technology with these advisors. And ultimately, we found a partnership in Cisco in regards to this program, where we can solve some of our customer's challenges and we can leverage this partnership to the fullest. >> Can you talk to me a little bit about the difference between a technology alliances program and a security service Alliance partner at IBM security program? >> Kandyce: Absolutely. Well, I think it's to call out that Cisco is both actually. We do have a Technology Alliance partners as you mentioned, and Security Service Alliance partners and our Technology Alliance partners are purpose built integrations with IBM security products. On the opposite side, you have Security Service Alliance partners where there's kind of two aspects to it. It could be, it's an either situation where they're integrated into our security service offering or we build an offering around the partners technology. And in the case of Cisco there's many product integrations. I'll name two as examples, one being QRadar and the other being Resilient. But I think what makes the partnership so interesting is there's an extensive portfolio to choose from. And I think that makes it very exciting for our clients to kind of look at what we bring to the table jointly and create leverage out of that. Erin, do you have anything to add? >> A couple of things. So the questions we get a lot from customers is, is there overlap in some of these software solutions? And the fact is there really isn't. We are more complimentary than competitive. And one of the things that we want to do to enhance the customer experience is really give a customer the confidence, but also a full service solution. The way Cisco views IBM and security space is like the glue, right? We provide all the automation a lot of the visibility, our tools, for instance QRadar, pump all of the log information and help with instant response to how customers look at threats. And we really want them to, customers would feel confident by being together and really let's face it, IBM and Cisco are the biggest players in the market. But to Kandyce's point they're also looking for innovation from us and we giving them the roadmaps to go to the next level. So our partnership really provides that. And in fact, it's really important to note that IBM is actually a big Cisco client and has invested in some of our technologies around Umbrella, Next-Gen firewall and our IPS and AnyConnect Solution. So truly our use case is between our companies too not just for our customers. So it's part of our loyalty and commitment to each other but also to all the folks who are making investments working with IBM and Cisco. >> So there's a long history deep collaboration between IBM and Cisco here. I'm wondering if either of you and Kandyce we'll start with you, can you talk about anything that you saw in the last year. I'm thinking, from a security perspective we saw governments and schools and hospitals and healthcare organizations being attacked because they were, there was so much focus on those organizations. I'm curious if there's any industries that you guys saw in the last year or so in particular that really have benefited from your Security Services Alliance program? >> Well, I think we just launched the program in March. So we are currently in the process of rolling it out but will say, as a organization we spend a lot of time making sure that we're relevant to the community, that we're solving some of the deepest problems in the industry. And I think it's an exciting time and I know that IBM Security Services brings a lot of solutions to its clients and we'll continue to do so. >> And then Erin, tell me from Cisco's perspective and yes, Kandyce you mentioned that this is a brand new program. What are some of the things that you're looking forward to being able to help clients in industries that I mentioned and really any industry pivot as we're still in such a globally challenging situation? >> Yes. So I won't necessarily talk about verticals but let's talk about the pandemic. So many of our customers in all different kinds of verticals have had to take their business home. Securing all the remote workers, doing what we call Zero Trust and edge security making sure they are who they say they are when they're connecting to the mothership. And so we've really put a lot of effort at Cisco around addressing these problems in a fast and efficient way. And then IBM helps us manage that for customers. So if they don't have the bandwidth, once solutions go in and we turn the key on they don't have the bandwidth to manage this themselves, IBM really picks that ball up and runs with it. So that's another big value out of our partnership. But let's face it, gosh, a year and a half ago all of this changed on the dime. So we had to pivot really quickly. And because we have teams in place are already working together on how we service these solutions through IBM, this was not necessarily a very hard shift. We were able to do this quickly and provide information and kind of stay ahead of the curve while we saw our customers go through this transition. >> And I can only imagine how critical IBM and Cisco were together as you mentioned, Erin, that pivot to work from home happened so quickly for millions and millions, hundreds of millions of not more of people, and there's a good amount of us that are still in that situation that are reliant on technologies. But like IBM and Cisco are delivering, for collaboration, for communication, even to connect families I'm sure what you guys have done helping those customers pivot is just the tip of the iceberg in helping them not just survive this time but be able to thrive, maybe even focus resources on identifying new products on new services, new ways to delight their customers. >> Yeah, I think that's the other thing that's happening between our firms kind of within security and also more broadly is a lot of our customers are moving to the Cloud and they really need help with this kind of full service look and strategy and ongoing managing and the long haul from a partner. So one of the things that's also been really valuable in our partnership is we have teams of people on account level that really understand our customers and can make these recommendations based on what we're putting together behind the scenes and helping them through the journey. So security is clearly a big part of, kind of what's on everyone's mind, but as far as, can a regular IT operations and networking, it's all part of one journey. And so this layered approach is I think what differentiates our partnership absolutely in the marketplace. >> I agree with you, Erin. I think there's a lot to be excited about that. >> We'll good. Ladies, thank you for joining me today. Talking to me about this new security strategy Alliances Program, what it's offering, the power that IBM and Cisco are bringing jointly to your customers. We look forward to seeing what happens in the next year. Thanks for your time. >> Thank you, Lisa. >> Thank you. >> Well, Kandyce Tripp and Erin Jensen. I'm Lisa Martin. You're watching theCUBE's coverage of IBM Think, the digital experience. (soft upbeat music)

(piano music) >> Presenter: From around the globe it's theCUBE with digital coverage of IBM Think 2021 brought to you by IBM. >> Welcome to the theCUBE's coverage of IBM think 2021, the digital experience. I'm Lisa Martin. I've got two guests here with me next. We're going to be talking about IBM and Cisco. Please welcome Candace Tripp, a partner at Global Security Services Alliances at IBM. Kandyce, it's great to have you on theCUBE. >> Thank you. It's great to be here, Lisa. >> And Erin Jensen joins us as well. Global Partner Executive for IBM at Cisco. Erin, welcome to you as well. >> Yeah, thanks for having me. >> I love it, three women, power women on a tech panel. >> I know, I love it. >> Isn't that nice? It's rare. >> It is. >> Exciting. >> Praise God. All right, let's go ahead, Erin and we're going to start with you. Let's talk about Cisco's strategy and security and how that aligns with IBM. >> Absolutely. Thanks Lisa. So Cisco in the last seven years have made considerable amount of investment in our portfolio. And in fact, it's one reason why I joined Cisco. I've been hearing about customer problems across many security threat vectors and issues. And customers are really looking for a product portfolio that helps them across all their security needs. IBM has taken a similar approach, right? We're not just one product or one service. IBM also has a service portfolio that helps customers through the long haul and their security journey. We're both working to solve problems like Zero Trust, SAS, Cloud security, and helping all of our customers with digital transformation and moving to the cloud. And so both of us have really taken a similar long-term approach to our customer vision and security. >> We've heard a lot about security challenges and the expansion of threat vectors and surfaces and data in the last year or so. So that double-down focus from both IBM and Cisco on security is absolutely critical for customers. Kandyce, let's get your perspective now. Talk to me about IBM security services and the value that it delivers with Cisco's security portfolio, those two powerhouses together. >> Yeah. Great question. I really appreciate it. One of the things I want to point out is just that IBM security services is one of the largest MSPs in the industry. And I think it's a really exciting time and I'm very thrilled to be a part of that. And the answer to your question, we simplify security solutions, we reduce risk, we provide architectural consulting and systems integration. And we do that in support of our partnerships, just like with Cisco, with Cisco, excuse me. So I think it's a really exciting partnership and there's a lot of value provided. >> And then Kandyce also, you recently launched IBM security services Alliance program. What can you tell us about that? >> Yeah, absolutely. So I'm very excited about it. We launched it on March 1st of this year. And it is a very targeted program that's designed to promote support and reward us like set of partners. And Cisco is one of those partners that has been invited to participate. And these are the partners that are committed to doing a couple of different things. One of which is supporting the development of our offerings. It's also partners that are integrating into our technology platform and they also train and enable our engineers, our consultants as well as our sellers. So they bring a lot of value to the table. And like I said before, Cisco is one of the partners that have been invited to participate. And we're very excited. >> Yeah. >> Go ahead Erin. >> And just to add on that as Candace is saying like Cisco is really excited to participate in this program. It's really, truly about delivering an outcome to our customers. And so the program gives us tools to make investments integrations, et cetera. And the part about partnership it's an evolution of things, right? We want to work together. The landscape of the threats are changing, our world's changing, we're in a pandemic, we've got to be able to pivot and really help customers solve these problems together. And the Alliance program gives us a formal way a really kind of put in the wood behind the arrow. So we're really excited to participate. >> Thanks Erin, excited to have you. >> Great. So Kandyce, I'm curious, as Erin was saying that the threat vector, things are expanding, we've seen so much flux. They're saying we're in a dynamic market, situation is a pretty big understatement. What was the impetus of this Alliance? Was it, this Alliance program, did it have anything to do with the flux that we've been through in the last year? >> Well, I think anytime you launch a program or create a strategy, you're obviously solving a problem. And we all know that security is complex and we need to simplify it. And in today's market, there's a shortage of professionals in the industry. There's a lot of siloed processes and a lot of tools. And anytime that you can bring a strategy to the table that solves some of these challenges, it's definitely worthwhile. And our goal is to bring together advisors and integrated leading technologies vendors such as Cisco. And our goal is to help our clients obviously. And optimally, what we want to do is we want to align their security strategy. We want to make sure that we protect their digital users, their data, their assets. We also want to modernize our technology with these advisors. And ultimately, we found a partnership in Cisco in regards to this program, where we can solve some of our customer's challenges and we can leverage this partnership to the fullest. >> Can you talk to me a little bit about the difference between a technology alliances program and a security service Alliance partner at IBM security program? >> Kandyce: Absolutely. Well, I think it's to call out that Cisco is both actually. We do have a Technology Alliance partners as you mentioned, and Security Service Alliance partners and our Technology Alliance partners are purpose built integrations with IBM security products. On the opposite side, you have Security Service Alliance partners where there's kind of two aspects to it. It could be, it's an either situation where they're integrated into our security service offering or we build an offering around the partners technology. And in the case of Cisco there's many product integrations. I'll name two as examples, one being QRadar and the other being Resilient. But I think what makes the partnership so interesting is there's an extensive portfolio to choose from. And I think that makes it very exciting for our clients to kind of look at what we bring to the table jointly and create leverage out of that. Erin, do you have anything to add? >> A couple of things. So the questions we get a lot from customers is, is there overlap in some of these software solutions? And the fact is there really isn't. We are more complimentary than competitive. And one of the things that we want to do to enhance the customer experience is really give a customer the confidence, but also a full service solution. The way Cisco views IBM and security space is like the glue, right? We provide all the automation a lot of the visibility, our tools, for instance QRadar, pump all of the log information and help with instant response to how customers look at threats. And we really want them to, customers would feel confident by being together and really let's face it, IBM and Cisco are the biggest players in the market. But to Kandyce's point they're also looking for innovation from us and we giving them the roadmaps to go to the next level. So our partnership really provides that. And in fact, it's really important to note that IBM is actually a big Cisco client and has invested in some of our technologies around Umbrella, Next-Gen firewall and our IPS and AnyConnect Solution. So truly our use case is between our companies too not just for our customers. So it's part of our loyalty and commitment to each other but also to all the folks who are making investments working with IBM and Cisco. >> So there's a long history deep collaboration between IBM and Cisco here. I'm wondering if either of you and Kandyce we'll start with you, can you talk about anything that you saw in the last year. I'm thinking, from a security perspective we saw governments and schools and hospitals and healthcare organizations being attacked because they were, there was so much focus on those organizations. I'm curious if there's any industries that you guys saw in the last year or so in particular that really have benefited from your Security Services Alliance program? >> Well, I think we just launched the program in March. So we are currently in the process of rolling it out but will say, as a organization we spend a lot of time making sure that we're relevant to the community, that we're solving some of the deepest problems in the industry. And I think it's an exciting time and I know that IBM Security Services brings a lot of solutions to its clients and we'll continue to do so. >> And then Erin, tell me from Cisco's perspective and yes, Kandyce you mentioned that this is a brand new program. What are some of the things that you're looking forward to being able to help clients in industries that I mentioned and really any industry pivot as we're still in such a globally challenging situation? >> Yes. So I won't necessarily talk about verticals but let's talk about the pandemic. So many of our customers in all different kinds of verticals have had to take their business home. Securing all the remote workers, doing what we call Zero Trust and edge security making sure they are who they say they are when they're connecting to the mothership. And so we've really put a lot of effort at Cisco around addressing these problems in a fast and efficient way. And then IBM helps us manage that for customers. So if they don't have the bandwidth, once solutions go in and we turn the key on they don't have the bandwidth to manage this themselves, IBM really picks that ball up and runs with it. So that's another big value out of our partnership. But let's face it, gosh, a year and a half ago all of this changed on the dime. So we had to pivot really quickly. And because we have teams in place are already working together on how we service these solutions through IBM, this was not necessarily a very hard shift. We were able to do this quickly and provide information and kind of stay ahead of the curve while we saw our customers go through this transition. >> And I can only imagine how critical IBM and Cisco were together as you mentioned, Erin, that pivot to work from home happened so quickly for millions and millions, hundreds of millions of not more of people, and there's a good amount of us that are still in that situation that are reliant on technologies. But like IBM and Cisco are delivering, for collaboration, for communication, even to connect families I'm sure what you guys have done helping those customers pivot is just the tip of the iceberg in helping them not just survive this time but be able to thrive, maybe even focus resources on identifying new products on new services, new ways to delight their customers. >> Yeah, I think that's the other thing that's happening between our firms kind of within security and also more broadly is a lot of our customers are moving to the Cloud and they really need help with this kind of full service look and strategy and ongoing managing and the long haul from a partner. So one of the things that's also been really valuable in our partnership is we have teams of people on account level that really understand our customers and can make these recommendations based on what we're putting together behind the scenes and helping them through the journey. So security is clearly a big part of, kind of what's on everyone's mind, but as far as, can a regular IT operations and networking, it's all part of one journey. And so this layered approach is I think what differentiates our partnership absolutely in the marketplace. >> I agree with you, Erin. I think there's a lot to be excited about that. >> We'll good. Ladies, thank you for joining me today. Talking to me about this new security strategy Alliances Program, what it's offering, the power that IBM and Cisco are bringing jointly to your customers. We look forward to seeing what happens in the next year. Thanks for your time. >> Thank you, Lisa. >> Thank you. >> Well, Kandyce Tripp and Erin Jensen. I'm Lisa Martin. You're watching theCUBE's coverage of IBM Think, the digital experience. (soft upbeat music)

>> Announcer: From theCUBE Studios in Palo Alto and Boston, connecting with thought leaders all around the world, this is a CUBE conversation. >> Hello, welcome back to theCUBE's coverage, CUBE Virtual's coverage, CUBE digital coverage, of AWS Summit, virtual online, Amazon Summit's normally in face-to-face all around the world, it's happening now online, follow the sun. Of course, we want to bring theCUBE coverage like we do at the events digitally, and we've got a great guest that usually comes on face-to-face, he's coming on virtual, Sanjay Poonen, the chief operating officer of VMware. Sanjay great to see you, thanks for coming in virtually, you look great. >> Hey, John thank you very much. Always a pleasure to talk to you. This is the new reality. We both happen to live very close to each other, me in Los Altos, you in Palo Alto, but here we are in this new mode of communication. But the good news is I think you guys at theCUBE were pioneering a lot of digital innovation, the AI platform, so hopefully it's not much of an adjustment for you guys to move digital. >> It's not really a pivot, just move the boat, put the sails up and sail into the next generation, which brings up really the conversation that we're seeing, which is this digital challenge, the virtual world, it's virtualization, Sanjay, it sounds like VMware. Virtualization spawned so much opportunity, it created Amazon, some say, I'd say. Virtualizing our world, life is now integrated, we're immersed into each other, physical and digital, you got edge computing, you got cloud native, this is now a clear path to customers that recognize with the pandemic challenges of at-scale, that they have to operate their business, reset, reinvent, and grow coming out of this pandemic. This has been a big story that we've been talking about and a lot of smart managers looking at projects saying, I'm doubling down on that, and I'm going to move the resources from this, the people and budget, to this new reality. This is a tailwind for the folks who were prepared, the ones that have the experience, the ones that did the work. theCUBE, thanks for the props, but VMware as well. Your thoughts and reaction to this new reality, because it has to be cloud native, otherwise it doesn't work, your thoughts. >> Yeah, I think, John, you're right on. We were very fortunate as a company to invent the term virtualization for an x86 architecture and the category 20 years ago when Diane founded this great company. And I would say you're right, the public cloud is the instantiation of virtualization at its sort of scale format and we're excited about this Amazon partnership, we'll talk more about that. This new world of doing everything virtual has taken the same concepts to whole new levels. We are partnering very closely with companies like Zoom, because a good part of this is being able to deliver video experiences in there, we'll talk about that if needed. Cloud native security, we announced an acquisition today in container security that's very important because we're making big moves in security, security's become very important. I would just say, John, the first thing that was very important to us as we began to shelter in place was the health of our employees. Ironically, if I go back to, in January I was in Davos, in fact some of your other folks who were on the show earlier, Matt Garman, Andy, we were all there in January. The crisis already started in China, but it wasn't on the world scene as much of a topic of discussion. Little did we know, three, four weeks later, fast forward to February things were moving so quickly. I remember a Friday late in February where we were just about to go the next week to Las Vegas for our in-person sales kickoffs. Thousands of people, we were going to do, I think, five or 6,000 people in Las Vegas and then another 3,000 in Barcelona, and then finally in Singapore. And it had not yet been categorized a pandemic. It was still under this early form of some worriable virus. We decided for the health and safety of our employees to turn the entire event that was going to happen on Monday to something virtual, and I was so proud of the VMware team to just basically pivot just over the weekend. To change our entire event, we'd been thinking about video snippets. We have to become in this sort of virtual, digital age a little bit like TV producers like yourself, turn something that's going to be one day sitting in front of an audience to something that's a lot shorter, quicker snippets, so we began that, and the next thing we began doing over the next several weeks while the shelter in place order started, was systematically, first off, tell our employees, listen, focus on your health, but if you're healthy, turn your attention to serving your customers. And we began to see, which we'll talk about hopefully in the context of the discussion, parts of our portfolio experience a tremendous amount of interest for a COVID-centered world. Our digital workplace solutions, endpoint security, SD-WAN, and that trifecta began to be something that we began to see story after story of customers, hospitals, schools, governments, retailers, pharmacies telling us, thank you, VMware, for helping us when we needed those solutions to better enable our people on the front lines. And all VMware's role, John, was to be a digital first responder to the first responder, and that gave tremendous amount of motivation to all of our employees into it. >> Yeah, and I think that's a great point. One of the things we've been talking about, and you guys have been aligned with this, you mentioned some of those points, is that as we work at home, it points out that digital and technology is now part of lifestyle. So we used to talk about consumerization of IT, or immersion with augmented reality and virtual reality, and then talk about the edge of the network as an endpoint, we are at the edge of the network, we're at home, so this highlights some of the things that are in demand, workspaces, VPN provisioning, these new tools, that some cases we've been hearing people that no one ever thought of having a forecast of 100% VPN penetration. Okay, you did the AirWatch deal way back when you first started, these are now fruits of those labors. So I got to ask you, as managers of your customer base are out there thinking, okay, I got to double down on the right growth strategy for this post-pandemic world, the smart managers are going to look at the technologies enabled for business outcome, so I have to ask you, innovation strategies are one thing, saying it, putting it place, but now more than ever, putting them in action is the mandate that we're hearing from customers. Okay I need an innovation strategy, and I got to put it into action fast. What do you say to those customers? What is VMware doing with AWS, with cloud, to make those innovation strategies not only plausible but actionable? >> That's a great question, John. We focused our energy, before even COVID started, as we prepared for this year, going into sales kickoffs and our fiscal year, around five priorities. Number one was enabling the world to be multicloud, private cloud and public cloud, and clearly our partnership here with Amazon is the best example of that and they are our preferred cloud partner. Secondly, building modern apps with microservices and cloud native, what we call app modernization. Thirdly, which is a key part to the multicloud, is building out the entire network stack, data center networking, the firewalls, the load bouncing in SD-WAN, so I'd call that cloud network. Number four, the modernization of workplace with an additional workspace solution, Workspace ONE. And five, intrinsic security from all aspects of security, network, endpoint, and cloud. So those five priorities were what we began to think through, organize our portfolio, we call them solution pillars, and for any of your viewers who're interested, there's a five-minute version of the VMware story around those five pillars that you can watch on YouTube that I did, you just search for Sanjay Poonen and five-minute story. But then COVID hit us, and we said, okay we got to take these strategies now and make them more actionable. Exactly your question, right? So a subset of that portfolio of five began to become more actionable, because it's pointless going and talking about stuff and it's like, hey, listen, guys, I'm a house on fire, I don't care about the curtains and all the wonderful art. You got to help me through this crisis. So a subset of that portfolio became kind of what was those, think about now your laptop at home, or your endpoint at home. People wanted, on top of their Zoom call, or surrounding their Zoom call, a virtual desktop managed easily, so we began to see Workspace ONE getting a lot of interest from our customers, especially the VDI part of that portfolio. Secondly, that laptop at home needed to be secured. Traditional, old, legacy AV solutions that've worked, enter Carbon Black, so Workspace ONE plus Carbon Black, one and two. Third, that laptop at home needs network acceleration, because we're dialoguing and, John, we don't want any latency. Enter SD-WAN. So the trifecta of Workspace ONE, Carbon Black and VeloCloud, that began to see even more interest and we began to hone in our portfolio around those three. So that's an example of where you have a general strategy, but then you apply it to take action in the midst of a crisis, and then I say, listen, that trifecta, let's just go and present what we can do, we call that the business continuity or business resilience part of our portfolio. We began to start talking to customers, and saying, here's our business continuity solution, here's what we could do to help you, and we targeted hospitals, schools, governments, pharmacies, retailers, the ones who're on the front line of this and said again, that line I said earlier, we want to be a digital first responder to you, you are the real first responder. Right before this call I got off a CIO call with the CIO of a major hospital in the northeast area. What gives me great joy, John, is the fact that we are serving them. Their beds are busting at the seam, in serving patients-- >> And ransomware's a huge problem you guys-- >> We're serving them. >> And great stuff there, Sanjay, I was just on a call this morning with a bunch of folks in the security industry, thought leaders, was in DC, some generals were there, some real thought leaders, trying to figure out security policy around biosecurity, COVID-19, and this invisible disruption, and they were equating it to like the World Wars. Big inflection point, and one of the generals said, in those times of crisis you need alliances. So I got to ask you, COVID-19 is impactful, it's going to have serious impact on the critical nature of it, like you said, the house is on fire, don't worry about the curtains. Alliances matter more than ever when you need to come together. You guys have an ecosystem, Amazon's got an ecosystem, this is going to be a really important test to the alliances out there. How do you view that as you look forward? You need the alliances to be successful, to compete and win in the new world as this invisible enemy, if you will, or disruptor happens, what's your thoughts? >> Yeah, I'll answer in a second, just for your viewers, I sneezed, okay? I've been on your show dozens of time, John, but in your live show, if I sneezed, you'd hear the loud noise. The good news in digital is I can mute myself when a sneeze is about to happen, and we're able to continue the conversation, so these are some side benefits of the digital part of it. But coming to your question on alliance, super important. Ecosystems are how the world run around, united we stand, divided we fall. We have made ecosystems, I've always used this phrase internally at VMware, sort of like Isaac Newton, we see clearly because we stand on the shoulders of giants. So VMware is always able to be bigger of a company if we stand on the shoulders of bigger giants. Who were those companies 20 years ago when Diane started the company? It was the hardware economy of Intel and then HP and Dell, at the time IBM, now Lenovo, Cisco, NetApp, DMC. Today, the new hardware companies Amazon, Azure, Google, whoever have you, we were very, I think, prescient, if you would, to think about that and build a strategic partnership with Amazon three or four years ago. I've mentioned on your show before, Andy's a close friend, he was a classmate over at Harvard Business School, Pat, myself, Ragoo, really got close to Andy and Matt Garman and Mike Clayville and several members of their teams, Teresa Carlson, and began to build a partnership that I think is one of the most incredible success stories of a partnership. And Dell's kind of been a really strong partner with us on private cloud, having now Amazon with public cloud has been seminal, we do regular meetings and build deep integration of, VMware Cloud and AWS is not some announcement two or three years ago. It's deep engineering between, Bask's now in a different role, but in his previous role, that and people like Mark Lohmeyer in our team. And that deep engineering allows us to know and tell customers this simple statement, which both VMware and Amazon reps tell their customers today, if you have a workload running on vSphere, and you want to move that to Amazon, the best place, the preferred place for that is VMware Cloud and Amazon. If you try to refactor that onto a native VC 2, it's a waste of time and money. So to have the entire army of VMware and Amazon telling customers that statement is a huge step, because it tells customers, we have 70 million virtual machines running on-prem. If customers are looking to move those workloads to Amazon, the best place for that VMware Cloud and AWS, and we have some credible customer case studies. Freddie Mac was at VMworld last year. IHS Markit was at VMworld last year talking about it. Those are two examples and many more started it, so we would like to have every VMware and Amazon customer that's thinking about VMware to look at this partnership as one of the best in the industry and say very similar to what Andy I think said on stage at the time of this announcement, it doesn't have to be now a trade-off between public and private cloud, you can get the best of both worlds. That's what we're trying to do here-- >> That's a great point, I want to get your thoughts on leadership, as you look at COVID-19, one of our tracks we're going to be promoting heavily on theCUBE.net and our sites, around how to manage through this crisis. Andy Jassy was quoted on the fireside chat, which is coming up here in North America, but I saw it yesterday in New Zealand time as I time shifted over there, it's a two-sided door versus a one-sided door. That was kind of his theme is you got to be able to go both ways. And I want to get your thoughts, because you might know what you're doing in certain contexts, but if you don't know where you're going, you got to adjust your tactics and strategies to match that, and there's and old expression, if you don't know where you're going, every road will take you there, okay? And so a lot of enterprise CXOs or CEOs have to start thinking about where they want to go with their business, this is the growth strategy. Then you got to understand which roads to take. Your thoughts on this? Obviously we've been thinking it's cloud native, but if I'm a decision maker, I want to make sure I have an architecture that's going to carry me forward to the future. I need to make sure that I know where I'm going, so I know what road I'm on. Versus not knowing where I'm going, and every road looks good. So your thoughts on leadership and what people should be thinking around knowing what their destination is, and then the roads to take? >> John, I think it's the most important question in this time. Great leaders are born through crisis, whether it's Winston Churchill, Charles de Gaulle, Roosevelt, any of the leaders since then, in any country, Mahatma Gandhi in India, the country I grew up, Nelson Mandela, MLK, all of these folks were born through crisis, sometimes severe crisis, they had to go to jail, they were born through wars. I would say, listen, similar to the people you talked about, yeah, there's elements of this crisis that similar to a World War, I was talking to my 80 year old father, he's doing well. I asked him, "When was the world like this?" He said, "Second World War." I don't think this crisis is going to last six years. It might be six or 12 months, but I really don't think it'll be six years. Even the health care professionals aren't. So what do we learn through this crisis? It's a test of our leadership, and leaders are made or broken during this time. I would just give a few guides to leaders, this is something tha, Andy's a great leader, Pat, myself, we all are thinking through ways by which we can exercise this. Think of Sully Sullenberger who landed that plane on the Hudson. Did he know when he flew that airbus, US Airways airbus, that few flock of birds were going to get in his engine, and that he was going to have to land this plane in the Hudson? No, but he was making decisions quickly, and what did he exude to his co-pilot and to the rest of staff, calmness and confidence and appropriate communication. And I think it's really important as leaders, first off, that we communicate, communicate, communicate, communicate to our employees. First, our obligation is first to our employees, our family first, and then of course to our company employees, all 30,000 at VMware, and I'm sure similarly Andy does it to his, whatever, 60, 70,000 at AWS. And then you want to be able to communicate to them authentically and with clarity. People are going to be reading between the lines of everything you say, so one of the things I've sought to do with my team, all the front office functions report to me, is do half an hour Zoom video conferences, in the time zone that's convenient to them, so Japan, China, India, Europe, in their time zone, so it's 10 o'clock my time because it's convenient to Japan, and it's just 10 minutes of me speaking of what I'm seeing in the world, empathizing with them but listening to them for 20 minutes. That is communication. Authentically and with clarity, and then turn your attention to your employees, because we're going stir crazy sitting at home, I get it. And we've got to abide by the ordinances with whatever country we're in, turn your attention to your customers. I've gotten to be actually more productive during this time in having more customer conference calls, video conference calls on Zoom or whatever platform with them, and I'm looking at this now as an opportunity to engage in a new way. I have to be better prepared, like I said, these are shorter conversations, they're not as long. Good news I don't have to all over the place, that's better for my family, better for the carbon emission of the world, and also probably for my life long term. And then the third thing I would say is pick one area that you can learn and improve. For me, the last few years, two, three years, it's been security. I wanted to get the company into security, as you saw today we've announced mobile, so I helped architect the acquisition of Carbon Black, very similar to kind of the moves I've made six years ago around AirWatch, very key part to all of our focus to getting more into security, and I made it a personal goal that this year, at the start of the year, before COVID, I was going to meet 1,000 CISOs, in the Fortune 1000 Global 2000. Okay, guess what, COVID happens, and quite frankly that goal's gotten a little easier, because it's much easier for me to meet a lot more people on Zoom video conferences. I could probably do five, 10 per day, and if there's 200 working days in a day, I can easily get there, if I average about five per day, and sometimes I'm meeting them in groups of 10, 20. >> So maybe we can get you on theCUBE more often too, 'cause you have access to a video camera. >> That is my growth mindset for this year. So pick a growth mindset area. Satya Nadella puts this pretty well, "Move from being a know-it-all to a learn-it-all." And that's the mindset, great company. Andy has that same philosophy for Amazon, I think the great leaders right now who are running these cloud companies have that growth mindset. Pick an area that you can grow in this time, and you will find ways to do it. You'll be able to learn online and then be able to teach in some fashion. So I think communicate effectively, authentically, turn your attention to serving your customers, and then pick some growth area that you can learn yourself, and then we will come out of this crisis collectively, individuals and as partners, like VMware and Amazon, and then collectively as a society, I believe we'll come out stronger. >> Awesome great stuff, great insight there, Sanjay. Really appreciate you sharing that leadership. Back to the more of technical questions around leadership is cloud native. It's clear that there's going to be a line in the sand, if you will, there's going to be a right side of history, people are going to have to be on the right side of history, and I believe it's cloud native. You're starting to see this emersion. You guys have some news, you just announced today, you acquired a Kubernetes security startup, around Kubernetes, obviously Kubernetes needs security, it's one of those key new enablers, disruptive enablers out there. Cloud native is a path that is a destination opportunity for people to think about, why that acquisition? Why that company? Why is VMware making this move? >> Yeah, we felt as we talked about our plans in security, backing up to things I talked about in my last few appearances on your show at VMworld, when we announced Carbon Black, was we felt the security industry was broken because there was too many point benders, and we figured there'd be three to five control points, network, endpoint, cloud, where we could play a much more pronounced role at moving a lot of these point benders, I describe this as not having to force our customers to go to a doctor and say I've got to eat 5,000 tablets to get healthy, you make it part of your diet, you make it part of the infrastructure. So how do we do that? With network security, we're off to the races, we're doing a lot more data center networking, firewall, load bouncing, SD-WAN. Really, reality is we can eat into a lot of the point benders there that I've just been, and quite frankly what's happened to us very gratifying in the network security area, you've seen the last few months, some firewall vendors are buying SD-WAN players, kind of following our strategy. That's a tremendous validation of the fact that the network security space is being disrupted. Okay, move to endpoint security, part of the reason we acquired Carbon Black was to unify the client side, Workspace ONE and Carbon Black should come together, and we're well under way in doing that, make Carbon Black agentless on the server side with vSphere, we're well on the way to that, you'll see that very soon. By the way both those things are something that the traditional endpoint players can't do. And then bring out new forms of workload. Servers that are virtualized by VMware is just one form of work. What are other workloads? AWS, the public clouds, and containers. Container's just another workload. And we've been looking at container security for a long time. What we didn't want to do was buy another static analysis player, another platform and replatform it. We felt that we could get great technology, we have incredible grandeur on container cell. It's sort of Red Hat and us, they're the only two companies who are doing Kubernetes scales. It's not any of these endpoint players who understand containers. So Kubernetes, VMware's got an incredible brand and relevance and knowledge there. The networking part of it, service mesh, which is kind of a key component also to this. We've been working with Google and others like Istio in service mesh, we got a lot of IP there that the traditional endpoint players, Symantec, McAfee, Trend, CrowdStrike, don't know either Kubernetes or service mesh well. We add now container security into this, we really distinguish ourselves further from the traditional endpoint players with bringing together, not just the endpoint platform that can do containers, but also Kubernetes service mesh. So why is that important? As people think about their future in containers, they'll want to do this at the runtime level, not at the static level. They'll want to do it at build time And they'll want to have it integrated with some of their networking capabilities like service mesh. Who better to think about that IP and that evolution than VMware, and now we bring, I think it's 12 to 14 people we're bringing in from this acquisition. Several of them in Israel, some of them here in Palo Alto, and they will build that platform into the tech that VMware has onto the Carbon Black cloud and we will deliver that this year. It's not going to be years from now. >> Did you guys talk about the-- >> Our capability, and then we can bring the best of Carbon Black, with Tanzu, service mesh, and even future innovation, like, for example, there's a big movement going around, this thing call open policy agent OPA, which is an open source effort around policy management. You should expect us to embrace that, there could be aspects of OPA that also play into the future of this container security movement, so I think this is a really great move for Patrick and his team, I'm very excited. Patrick is the CEO of Carbon Black and the leader of that security business unit, and he came to me and said, "Listen, one of the areas "we need to move in is container security "because it's the number one request I'm hearing "from our CESOs and customers." I said, "Go ahead Patrick. "Find out who are the best player you could acquire, "but you have to triangulate that strategy "with the Tanzu team and the NSX team, "and when you have a unified strategy what we should go, "we'll go an make the right acquisition." And I'm proud of what he was able to announce today. >> And I noticed you guys on the release didn't talk about the acquisition amount. Was it not material, was it a small amount? >> No, we don't disclose small, it's a tuck-in acquisition. You should think of this as really bringing us some tech and some talent, and being able to build that into the core of the platform of Carbon Black. Carbon Black was the real big move we made. Usually what we do, you saw this with AirWatch, right, anchor on a fairly big move. We paid I think 2.1 billion for Carbon Black, and then build and build and build on top of that, partner very heavily, we didn't talk about that. If there's time we could talk about it. We announced today a security alliance with top SIEM players, in what's called a sock alliance. Who's announced in there? Splunk, IBM QRadar, Google Chronicle, Sumo Logic, and Exabeam, five of the biggest SIEM players are embracing VMware in endpoint security, saying, Carbon Black is who we want to work with. Nobody else has that type of partnership, so build, partner, and then buy. But buy is always very carefully thought through, we're not one of these companies like CA of the past that just bought every company and then it becomes a graveyard of dead acquisition. Our view is we're very disciplined about how we think about acquisition. Acquisitions for us are often the last resort, because we'd prefer to build and partner. But sometimes for time-to-market reasons, we acquire, and when we acquire, it's thoughtful, it's well-organized within VMware, and we take care of our people, 'cause we want, I mean listen, why do acquisitions fail? Because the good people leave. So we're excited about this team, the team in Israel, and the team in Palo Alto, they come from Octarine. We're going to integrate them rapidly into the platform, and this is a good evidence of VMware investing more in security, and our Q3 earnings pulled, John, I said, sorry, we said that the security business was a billion dollar business at VMware already, primarily from network, but some from endpoint. This is evidence of us putting more fuel behind that fire. It's only been six, seven months and Patrick's made his first acquisition inside Carbon Black, so you're going to see us investing more in security, it's an important priority for the company, and I expect us to be a very prominent player in these three pillars, network security, endpoint security, endpoint is both client and the workload, and cloud. Network, endpoint, cloud, they are the three areas where we think there's lots of room for innovation in security. >> Well, we'll be watching, we'll be reporting and analyzing the moves. Great playbook, by the way. Love that organic partnering and then key acquisitions which you build around, it's a great playbook, I think it's very relevant for this time. The most important question I have to ask you, Sanjay, and this is a personal question, because you're the leader of VMware, I noticed that, we all know you're into music, you've been putting music online, kind of a virtual band. You've also hired a CUBE alumni, Victoria Verango from McAfee who also puts up music, you've got some musicians, but you kind of know how to do the digital moves there, so the question is, will the music at VMworld this year be virtual? >> Oh, man. Victoria is actually an even better musician than me. I'm excited about his marketing gifts, but I'm also excited to watch him. But yeah, you've heard him sing, he's got a voice that's somewhat similar to Sting, so we, just for fun, in our Diwali, which is an Indian celebration last year, Tom Corn, myself, and a wonderful lady named Divya, who's got a beautiful voice, had sung a song, which was off the soundtrack of the Bollywood movie, "Secret Superstar," and we just for fun decided to record that in our three separate homes, and put that out on YouTube. You can listen, it's just a two or three-minute run, and it kind of went a little bit viral. And I was thinking to myself, hey, if this is one way by which we can let the VMware community know that, hey, you know what, art conquers COVID-19, you can do music even socially distant, and bring out the spirit of VMware, which is community. So we might build on that idea, Victoria and I were talking about that last night and saying, hey, maybe we do a virtual music kind of concert of maybe 10 or 15 or 20 voices in the various different countries. Record piece of a song and music and put it out there. I think these are just ways by which we're having fun in a virtual setting where people get to see a different side of VMware where, and the intent here, we're all amateurs, John, we're not like great. There are going to be mistakes in this music. If you listen to that audio, it sounds a little tinny, 'cause we're recording it off our iPhone and our iPad microphone. But we'll do the best we can, the point is just to show the human spirit and to show that we care, and at the end of the day, see, the COVID-19 virus has no prejudice on color of skin, or nationality, or ethnicity. It's affecting the whole world. We all went into the tunnel at different times, we will come out of this tunnel together and we will be a stronger human fabric when we're done with this, We shall absolutely overcome. >> Sanjay, give us a quick update to end the segment on your thoughts around VMworld. It's one of the biggest events, we look forward to it. It's the only even left standing that theCUBE's been to every year of theCUBE's existence, we're looking forward to being part of theCUBE virtual. It's been announced it's virtual. What are some of the thinking going on at the highest levels within the VMware community around how you're going to handle VMworld this year? >> Listen, when we began to think about it, we had to obviously give our customers and folks enough notice, so we didn't want to just spring that sometime this summer. So we decided to think through it carefully. I asked Robin, our CMO, to talk to many of the other CMOs in the industry. Good news is all of these are friends of ours, Amazon, Microsoft, Google, Salesforce, Adobe, and even some smaller companies, IBM did theirs. And if they were in the first half of the year, they had to go virtual 'cause we're sheltered in place, and IBM did theirs, Okta did theirs, and we began to watch how they were doing this. We're kind of in the second half, because we were August, September, and we just sensed a lot of hesitancy from our customers that wanted to get on a plane to come here, and even if we got just 500, 1,000, a few thousand, it wasn't going to be the same and there would always be that sort of, even if we were getting back to that, some worry, so we figured we'd do something that might be semi-digital, and we may have some people that roam, but the bulk of it is going to be digital, and we changed the dates to be a little later. I think it's September 20th to 29th. Right now it's all public now, we announced that, and we're going to make it a great program. In some senses like we're becoming TV producer. I told our team we got to be like Disney or ESPN or whoever your favorite show is, YouTube, and produce a really good several-hour program that has got a different way in which digital content is provided, smaller snippets, very interesting speakers, great brand names, make the content clear, crisp and compelling. And if we do that, this will be, I don't know, maybe it's the new norm for some period of time, or it might be forever, I don't know. >> John: We're all learning. >> In the past we had huge conferences that were busting 50, 70, 100,000 and then after the dot-com era, those all shrunk, they're like smaller conferences, and now with advent of companies like Amazon and Salesforce, we have huge events that, like VMworld, are big events. We may move to a environment that's a lot more digital, I don't know what the future of in-presence physical conferences are, but we, like others, we're working with AWS in terms of their future with Reinvent, what Microsoft's doing with Ignite, what Google's doing with Next, what Salesforce's going to do with Dreamforce, all those four companies are good partners of ours. We'll study theirs, we'll work together as a community, the CMOs of all those companies, and we'll come together with something that's a very good digital experience for our customers, that's really what counts. Today I did a webinar with a partner. Typically when we did a briefing in our briefing center, 20 people came. There're 100 people attending this, I got a lot more participation in this QBR that I did with this SI partner, one of the top SIs in the world, in an online session with them, than would I have gotten if they'd all come to Palo Alto. That's goodness. Should we take the best of that world and some physical presence? Maybe in the future, we'll see how it goes. >> Content quality. You know, you know content. Content quality drives everything online, good engagement creates community, that's a nice flywheel. I think you guys will figure it out, you've got a lot of great minds there, and of course, theCUBE virtual will be helping out as we can, and we're rethinking things too-- >> We count on that, John-- >> We're going to be open minded to new ideas, and, hey, whatever's the best content we can deliver, whether it's CUBE, or with you guys, or whoever, we're looking forward to it. Sanjay, thanks for spending the time on this CUBE Keynote coverage of AWS Summit. Since it's digital we can do longer programs, we can do more diverse content. We got great customer practitioners coming up, talking about their journey, their innovation strategies. Sanjay Poonen, COO of VMware, thank you for taking your precious time out of your day today. >> Thank you, John, always a pleasure. >> Thank you. Okay, more CUBE, virtual CUBE digital coverage of AWS Summit 2020, theCUBE.net is we're streaming, and of course, tons of videos on innovation, DevOps, and more, scaling cloud, scaling on-premise hybrid cloud, and more. We got great interviews coming up, stay with us our all-day coverage. I'm John Furrier, thanks for watching. (upbeat music)

>> Narrator: Live from Miami, Florida. It's theCUBE. Covering IBM's data and AI forum. Brought to you by IBM. >> Welcome back to the port of Miami everybody. This is theCube, the leader in live tech coverage. We're here covering the IBM AI and data forum. Of course, the centerpiece of IBM's AI platform is Watson. Beth Smith is here, she's the GM of IBM Watson. Beth, good to see you again. >> You too. Always good to be with theCUBE. >> So, awesome. Love it. So give us the update on Watson. You know, it's beyond Jeopardy. >> Yeah, yeah. >> Oh, wow. >> That was a long time ago now. (laughs) >> Right, but that's what a lot of people think of, when they think of Watson. What, how should we think about Watson today? >> So first of all, focus Watson on being ready for business. And then, a lot of people ask me, "So what is it?" And I often describe it as a set of tools, to help you do your own AI and ML. A set of applications that are AI applications. Where we have prebuilt it for you, around a use case. And there is examples where it gets embedded in a different application or system that may have existed already. In all of those cases, Watson is here, tuned to business enterprise, how to help people operational-wise, AI. So they can get the full benefit, because at the end of the day it's about those business outcomes. >> Okay, so the tools are for the super geeks, (Beth laughs) who actually want to go in and build the real AI. >> (laughs) That's right, that's right. >> The APPS are, okay. It's prebuilt, right? Go ahead and apply it. >> That's right. >> And the embedded is, we don't even know we're using it, right? >> That's right, or you may. Like, QRadar with Watson has an example of using Watson inside of it. Or, OpenPages with Watson. So sometimes you know you're using it. Sometimes you don't. >> So, how's the mix? I mean, in terms of the adoption of Watson? Are there enough like, super techies out there, who are absorbing this stuff? Or is it mostly packaged APPS? Is it a mix? >> So it is a mix, but we know that data science skills are limited. I mean, they're coveted, right? And so those are the geeks, as you say, that are using the tool chain as a part of it. And we see that in a lot of customers and a lot of industries around the world. And then from a packaged APP standpoint, the biggest use case of adoption is really around customer care, customer service, customer engagement. That kind of thing. And we see that as well. All around the world, all different industries. Lots of great adoption. Watson Assistant is our flagship in that. >> So, in terms of, if you think about these digital initiatives, we talked about digital transformation, >> Yup. >> Last few years, we kind of started in 2016 in earnest, it's real when you talk to customers. And there was a ton of experimentation going on. It was almost like spaghetti. Throw against the wall and see what sticks. Are you seeing people starting to place their bets on AI, Narrowing their scope, and really driving you know, specific business value now? >> Beth: Yeah. >> Or is it still kind of all over the place? >> Well, there's a lot of studies that says about 51% or so still stuck in experimentation. But I would tell you in most of those cases even, they have a nice pilot that's in production, that's doing a part of the business. So, 'cause people understand while they may be interested in the sexiness of the technology, they really want to be able to get the business outcomes. So yes, I would tell 'ya that things have kind of been guided, focused towards the use cases and patterns that are the most common. You know, and we see that. Like I mentioned, customer care. We see it in, how do you help knowledge workers? So you think of all those business documents, and papers and everything that exists. How do you assist those knowledge workers? Whether or not it's an attorney or an engineer, or a mortgage loan advisor. So you see that kind of use case, and then you see customers that are building their own. Focused in on, you know, how do they optimize or automate, or predict something in a particular line of business? >> So you mentioned Watson Assistant. So tell us more about Watson Assistant, and how has that affected adoption? >> So Watson Assistant as I said, it is our flagship around customer care. And just to give you a little bit of a data point, Watson Assistant now, through our public cloud, SaaS version, converses with 82 million end users a month. So it's great adoption. And this is, this is enabling customers. Customers of our customers, to be able to get self-service help in what they're doing. And Watson Assistant, you know, a lot of people want to talk about it being a chat bot. And you can do simple chat bots with it. But it's to sophisticated assistance as well. 'Cause it shows up to do work. It's there to do a task. It's to help you deal with your bank account, or whatever it is you're trying to do, and whatever company you're interacting with. >> So chat bots is kind of a, (laughs) bit of a pejorative. But you're talking about digital systems, it's like a super chat bot, right? >> Beth: Yeah. I saw a stat the other day that there's going to be, by I don't know, 2025, whatever. There's going to be more money spent on chat bot development, or digital assistance, than there is on mobile development. And I don't know if that's true or not, >> Beth: Mhm, wow. But it's kind of an interesting thing. So what are you seeing there? I mean, again I think chat bots, people think, oh, I got to talk into a bot. But a lot of times you don't know you're, >> Beth: That's right. >> so they're getting, they're getting better. I liken it to fraud detection. You know, 10 years ago fraud detection was like, six months later you'll, >> Right. >> you'll get a call. >> Exactly. >> And so chat bots are just going to get better and better and better, and now there's this super category that maybe we can define here. >> That's right. >> What is that all about? >> That's right. And actually I would tell you, they kind of, they can become the brain behind something that's happening. So just earlier today I was, I was with a customer and talking about their email CRM system, and Watson Assistant is behind that. So chat bots aren't just about what you may see in a little window. They're really about understanding user intent, guiding the user through what they're trying to either find out or do, and taking the action as a part of it. And that's why we talk about it being more than chat bots. 'Cause it's more than a FAQ interchange. >> Yes, okay. So it's software, >> Beth: Yes. >> that actually does, performs tasks. >> Beth: Yes. >> Probably could call other software, >> Beth: Absolutely. >> to actually take action. >> That's right. >> I mean, I see. We think of this as systems of agency, actually. Making, sort of, >> That's right. >> decisions and then I guess, the third piece of that is, having some kind of human interaction, where appropriate, right? >> That's right. >> What do you see in terms of, you know, infusing humans into the equation? >> So, well a couple of things. So one of the things that Watson Assistant will do, is if it realizes that it's not the expert on whatever it is, then it will pass over to an expert. And think of that expert as a human agent. And while it's doing that, so you may be in the queue, because that human person is tied up, you can continue to do other things with it, while you're waiting to actually talk to the person. So that's a way that the human is in the loop. I would tell you there's also examples of how the agents are being assisted in the background. So they have the interaction directly with the user, but Watson Assistant is helping them, be able to get to more information quicker, and narrow in on what the topic is. >> So you guys talk about the AI ladder, >> Beth: Mhm. >> Sort of, Rob talked about that this morning. My first version of the AI ladder was building blocks. It was like data and AI analytics, ML, and then AI on top of that. >> Beth: Yup. >> I said AI. Data and IA. >> Beth: Yup. >> Information Architecture. Now you use verbs. Sort of, to describe it. >> Beth: Yup. Which is actually more powerful. Collect, organize, analyze and infuse. Now infuse is like the Holy Grail, right? 'Cause that's operationalizing and being able to scale AI. >> Beth: That's right. >> What can you tell us about how successful companies are infusing AI, and what is IBM doing to help them? >> So, I'm glad you picked up first of all, that these are verbs and it's about action. And action leads to outcome, which is, I think, critical. And I would also tell you yes, infuse is, you know, the Holy Grail of the whole thing. Because that's about injecting it into business processes, into workflows, into how things are done. So you can then see examples of how attorneys may be able to get through their legal prep process in just a few minutes, versus 10, 15 hours on certain things. You can see conversion rates of, from a sales standpoint, improve significantly. A number of different things. We've also got it as a part of supply chain optimization, understanding a little bit more about both inventory, but also where the goods are along the way. And particularly when you think about a very complicated thing, there could be a lot of different goods in various points of transit. >> You know, I was sort of joking. Not joking, but mentioning Jeopardy at first. 'Cause a lot of people associate Watson with Jeopardy. >> Beth: Right. >> I can't remember the first time I saw that. It had to be the mid part of the last decade. What was it? >> Beth: February of 2011. >> 2011, okay I thought I even saw demos before that. I'm actually sure I did. Like in, back in some lab in IBM. And of course, the potential like, blew your mind. >> Right. >> I suspect you guys didn't even know what you had at the time. You were like, "Okay, we're going to go change the world." And you know, when you drive up and down 101 in Silicone Valley, it's like, "Oh, Watson this, Watson that." You know, you get the consumer guys, doing facial recognition, ad serving. You know, serving up fake news, you know. All kinds of applications. But IBM started to do something different. You're trying to really change business. Did you have any clue as to what you had at the time? And then how much of a challenge you were taking on, and then bring us to where we are now, and what do you see as a potential for the next 10 years? >> So, of course we had a clue. So let me start there. (Dave laughs) But with that, I think the possibilities of it weren't completely understood. There's no question in my mind about that. And what the early days were, were understanding, okay, what is that business application? What's the pattern that's going to come about as a part of it? And I think we made tremendous progress on that along the way. I would tell you now, you mentioned operationalizing stuff, and you know, now it's about, how do we help companies have it more throughout their company? Through different lines of business, how does it tie to various things that are important to us? And so that brings in things like trust, explainablity, the ethics of what it's doing. Bias detection and mitigation. And I actually believe a lot of that, and the operationalizing it within the processes, is where we're going to head, going forward. Of course there'll continue to be advancements on the features and the capabilities, but it's going to be about that. >> Alright, I'm going to ask you the it's depends question. (Beth laughs) So I know that's your answer, but at the macro, can machines make better diagnosis than doctors today, and if not, when will they be able to, in your view? >> So I would actually tell you that today they cannot, but what they can do is help the doctor make a better diagnosis than she would have done by herself. And because it comes back to this point of, you know, how the machine can process so much information, and help the expert, in this case the doctor's the expert, it could be an attorney, it could be an engineer, whatever. Help that expert be able to augment the knowledge that he or she has as a part of it. So, and that's where I think it is. And I think that's where it will be for my lifetime. >> So, there's no question in your mind that machines today, AI today, is helping make better diagnosis, it's just within augmented or attended type of approach. >> Absolutely. >> And I want to talk about Watson Anywhere. >> Beth: Okay, great. >> So we saw some discussion in the key notes and some demos. My understanding is, you could bring Watson Anywhere, to the data. >> That's right. >> You don't have to move the data around. Why is that important? Give us the update on Watson Anywhere. >> So first of all, this is the biggest requirement I had since I joined the Watson team, three and a half years ago. Was please can I have Watson on-prem, can I have Watson in my company data center, etcetera. And you know, we needed to instead, really focus in on what these patterns and use cases were, and we needed some help in the platform. And so thanks to Cloud Pak for data, and the underlying Red Hat OpenShift and container platform, we now are enabled to truly take Watson anywhere. So you can have it on premise, you can have it on the other public clouds, and this is important, because like you said, it's important because of where your data is. But it's also important because the workloads of today and tomorrow are very complex. And what's on cloud today, may be on premise tomorrow, may be in a different cloud. And as that moves around, you also want to protect the investment of what you're doing, as you have Watson customize for what your business needs are. >> Do you think you timed it right? I mean, you kind of did. All this talk about multicloud now. You really didn't hear much about it four or five years ago. For awhile I thought you were trying to juice your cloud business. Saying, "You want, if you want Watson, you got to go to the IBM cloud." Was there some of that, or was it really just, "Hey, now the timing's right." Where clients are demanding it, and hybrid and multicloud and on-prem situations? >> Well look, we know that cloud and AI go hand in hand. So there was a lot of positive with that. But it really was this technology point, because had I taken it anywhere three and a half years ago, what would've happened is, every deployment would've been a unique environment, a unique stack. We needed to get to a point that was a modern day, you know, infrastructure, if you will. And that's what we get now, with a container based platform. >> So you're able to scale it, such that every instance isn't a snowflake, >> That's right. >> that requires customization. >> That's right. So then I can invest in the enhancements to the actual capabilities it is there to do, not supporting multiple platform instantiations, under the covers. >> Well, okay. So you guys are making that transparent to the customer. How much of an engineering challenge is that? Can you share that with us? You got to run on this cloud, on that cloud, or on forever? >> Well, now because of Cloud Pak for data, and then what we have with OpenShift and Kubernetes and containers, it becomes, well, you know, there's still some technical work, my engineering team would tell you it was a lie. But it's simple now, it's straightforward. It's a lot of portability and flexibility. In the past, it would've been every combination of whatever people were trying to do, and we would not have had the benefit of what that now gives you. >> And what's the technical enable there? Is it sort of open API's? Architecture that allows for the interconnectivity? >> So, but inside of Watson? Or the overall platform? >> The overall platform. >> So I would say, it's been, at it's, at it's core it's what containers bring. >> Okay, really. So it's that, it's that. It's the marriage of your tech, >> Yeah. >> with the container wave. >> That's right. That's right. Which is why the timing was critical now, right? So you go back, yes they existed, but it really hadn't matured to a point of broad adoption. And that's where we are now. >> Yeah, the adoption of containers, Kubernetes, you know, micro services. >> Right, exactly. Now it's on a very steep curve. >> Exactly. >> Alright, give your last word on, big take away, from this event. What do you hearing, you know, what are you, some of the things you're most excited about? >> So first of all, that we have all of these clients and partners here, and all the buzz that you see. And that we've gotten. And then the other thing that I would tell you is, the great client examples. And what they're bragging on, because they are getting business outcomes. And they're getting better outcomes than they thought they would achieve. >> IBM knows how to throw an event. (Beth laughs) Beth, thanks so much for coming to theCUBE. >> Thank you, good to >> Appreciate it. >> see you again. >> Alright, great to see you. Keep it right there everybody, we'll be back. This is theCUBE live, from the IBM Data Forum in Miami, we'll be right back. (upbeat instrumental music)

>> Announcer: Live from Las Vegas, it's theCUBE. Covering IBM Think 2018. Brought to you by IBM. >> Welcome back to theCUBE live at the inaugural IBM Think 2018 event. I'm Lisa Martin with Dave Vellante. Excited to be joined by a guest from down under, Garrett McDonald, the head of Enterprise Architecture at the Department of Human Services in Australia. Welcome to theCUBE. >> Thank you very much. >> Great to have you. So tell us about the Department of Human Services, DHS. You guys touch 99 percent of the Australian population. >> Yeah, we do. We sit within federal government, we're a large service delivery organization. So through a range of programs and services we touch pretty much every Australian citizen on an annual basis. And within our organization we're responsible for delivery of our national social welfare system, and that picks up people pretty much across the entire course of their lives at different points, we're also responsible for delivering the federally administered portion of our national health system, and that picks up pretty much every Australian every time you go to a doctor, a pharmacy, a hospital, a path lab, indirectly both the provider and the citizen are engaging with our services. We're responsible for running the child support system, but then we also provide IT services for other government departments, so we implement and operate for the Department of Veterans Affairs, and also the National Disability Insurance Agency. And then finally we also run Whole-of-government capabilities, so DHS we operate the myGov platform, that's a Whole-of-government capability for citizens who government authentication and within out program we have 12 million active users and that number continues to grow year on year, and that's the way that you access authenticated services for most of the major interactions that a citizen would have online with government. >> And your role is formerly CTO, right? >> Yep. >> You've got a new role. Can you explain it? >> Yeah, I'm a bit of a jack-of-all-trades within the senior executive at DHS, I've had roles in ICT infrastructure, the role of CTO, the role of national manager for Enterprise Architecture, and I've also had application delivery roles as well. >> Okay, so let's get into the healthcare talk because the drivers in that industry are so interesting, you've got privacy issues, in this country it's HIPAA, I'm sure you're got similar restrictions on data. Um, what's driving your business? You've got that regulation environment plus you've got the whole digital disruption thing going on. You've got cloud, private cloud, what's driving your organization from a technology perspective? >> I think there's two main factors there. We have changing citizen expectations, like we've got this continued explosion in the rate of changing technology, and through that people are becoming increasingly comfortable with the integration of technology in their lives, we've got people who are living their lives through social media platforms and have come to expect a particular user experience when engaging through those platforms, and they're now expecting the same experience when they interact with government. How do I get that slick user experience, how do I take the friction out of the engagement, and how do I take the burden out of having to interact with government? But at the same time, given we are a government agency and we do have data holdings across the entire Australian population, whether it's social welfare, whether it's health or a range of other services, there's this very very high focus on how do we maintain privacy and security of data. >> Yeah, I can't imagine the volumes of transactional data for 12 million people. What are some of the things that DHS is using or leveraging that relationship with IBM for to manage these massive volumes of data? You mentioned like different types of healthcare security requirements alone. What is that like? >> We've been using IBM as our dominant security partner for quite some years now, and it's been the use of data power appliances and ISM power appliances out at the edge to get the traffic into the organization. We're deploying Qradar as our Next Gen SIEM and we're slowly transitioning over to that. And then as we work out way through the mid-range platform through our investment in the power fleet and back to our System Z, we've been using Db2 on Z for quite some years in the health domain to provide that security, the reliability and the performance that we need to service the workloads that hit us on a day-to-day basis. >> So you got a little IoT thing going on. Right? You got the edge, you got the mainframe, you got Db2. Talk a little bit about how, because you've been a customer for a long time, talk about how that platform has evolved. Edge data, modernization of the mainframe, whether it's Linux, blockchain, AI, discuss that a little bit. >> Okay, so over the past three years we've been developing our Next Gen infrastructure strategy. And that really started off around about three years ago, we decided to converge on Enterprise Linux as our preferred operating system. We had probably five or six operating systems in use prior to that, and by converging down on Linux it's given us a, the ability to run same operating system whether it's on x86, on Power, or Z Linux, and that's allowed us to develop a broader range of people with deep skills in Linux, and that's really then given us a common platform upon which we can build an elastic private cloud to service our Next Gen application workloads. >> Now you've talked off-camera. No public cloud. Public cloud bad word (laughs) But you've chosen not to. Maybe discuss why and what you're doing to get cloud-like experiences. >> Yeah, so we are building out a private cloud and we do have a view towards public cloud at a point in the future, but given mandatory requirements we need to comply with within the Australian government around the use of the Cloud, given the sensitivity of the data that we hold. At this point we're holding all data on premise. >> Can we talk a little bit more about what you guys are doing with analytics and how you're using that to have a positive social impact for these 12 million Australians? >> Yeah, we've got a few initiatives on the go there. On how do we apply whether it's machine learning, AI, predictive analytics, or just Next Gen advanced analytics on how do we change the way we're delivering services to the citizens of Australia, how do we make it a more dynamic user experience, how do we make it more tailored? And on here that we're exploring at the moment is this considerable flexibility in our systems and how citizens can engage with them, so for example in the social welfare space we have a requirement for you to provide an estimate of the income you expect to learn over the next 12 months, and then based on what you actually earn through the year there can be an end-of-year true-up. Right, so that creates a situation where if you overestimate at the start of the year you can end up with an overpayment at the end of the year and we need to recover that. So what we're looking at doing is well how do we deploy predictive analytics so that we can take a look an an individual's circumstances and say well, what do we think the probability is that you may end up with an inadvertent overpayment, and how can we engage with you proactively throughout the year to help true that up so that you don't reach the end of the year and have an overpayment that we need to recover. >> So I wonder if we could talk about the data model. You talk about analytics, but what about the data model? As you get pressure from, you know, digital, let's call it. And healthcare is an industry that really hasn't been dramatically or radically transformed. It hasn't been Uberized. But the data model has largely been siloed, at least in my experience working with the healthcare industry. What's the situation in Australia, and specifically with regard to how do you get your data model in shape to be able to leverage it for this digital world? And I know you're coming at it from a standpoint of infrastructure, but maybe you could provide that context. >> Well, given for privacy reasons we continue to maintain a pretty strong degree of separation between categories of health data for a citizen, and we also have an initiative being deployed nationally around an electronic health record that the citizen is able to control, right, so when you create your citizen record, health record, there is a portion of data that is uploaded from our systems into that health record, and then a citizen can opt in around, well what information when you visit the general practitioner is available in that health record. When you go to a specialist you're able to control through privacy settings what information you're willing to share, so it's still a federated model, but there's a very, very strong focus on well how do we put controls in place so that the citizen is in control of their data. >> I want to follow up in that, this is really important, so okay, if I hear you correctly, the citizen essentially has access to and controls his or her own healthcare information. >> Yeah, that's right. And they're able to control what information are they willing to share with a given health practitioner. >> And it's pretty facile, it's easy for the citizen to do that. >> Yeah. >> And you are the trusted third party, is that right? Or -- >> It's a federated model, so we are a contributor to that service. We provide some of the functionality, we feed some of the data in, but we do have another entity that controls the overarching federation. >> Do you, is there a discussion going on around blockchain? I mean could you apply blockchain to sort of eliminate the need for that third party? And have a trustless sort of network? What's the discussion like there? >> We've been maintaining a watching brief on blockchain for a good couple of years now. We've been trying to explore, well how do we find an initial use case where we can potentially apply block chain where it provides a value and it meets the risk profile. And given it does need to be a distributed ledger, how do we find the right combination of parties where we can undertake a joint proof of technology to identify can we make this work. So not so much in HealthSpace, there are other areas where we're exploring at the moment. >> Okay, so you see the potential of just trying to figure out where it applies? >> Yeah, absolutely, and we're also watching the market to see well what's going to become the dominant distribution, how a regulatory framework's going to catch up and ensure that, you know apart from the technical implementation how do we make sure that it's governed, it's administered -- >> Do you own any Bitcoin? No, I'm just kidding. (laughter) How do you like in the Melbourne Cup? So, let's talk a little bit about the things that excite you as a technologist. We talked about a bunch of them, cloud, AI, blockchain, what gets you excited? >> I think the AI and machine learning is a wonderful area of emerging technology. So we've also been pushing quite hard with virtual assistants over the past two to three years, and we have six virtual assistants in the production environment. And those span both the unauthenticated citizen space, how do we assist them in finding information about the social welfare system, once you authenticate we have some additional virtual assistants that help guide you through the process, and then we've also been deploying virtual assistants into the staff-facing side. Now we have one there, she's been in production around about 18 months, and we've got very very complex social welfare legislation, policy, business rules, and when you're on the front line and you have a customer sitting in front of you those circumstances can be really quite complex. And you need to very quickly work through what areas of the policy are relevant, how do I apply them, how does this line up with the legislation, so what we've done is we've put a virtual assistant in place, it's a chat-based VA, and you can ask the virtual assistant some quite complex questions and we've had a 95 percent success rate on the virtual assistant answering a query on the first point of contact without the need to escalate to a subject matter expert and we figure that if we saved, we've had it round about a million questions answered in the last year, and if you think that each one of those probably saves around three minutes of time, engaging in SME, giving them the context and then sorting through to an answer, that's three million minutes of effort that our staff have been able to apply to ensuring that we get the best outcome for our citizen rather than working through how do I find the right answer. So that's a bit of a game-changer for us. >> What are some of the things that you're, related to AI, machine learning, cloud, that you're excited about learning this week at the inaugural IBM Think? And how it may really help your government as a service initiative, et cetera. >> Yeah, so I think I see a lot more potential in the space between say machine learning and predictive analytics. On based on what we know about an individual and based on what we know about similar individuals, how do we help guide that individual back to self-sufficiency? Right, so for many many years we've been highly effective and very efficient at the delivery of our services, but ultimately if we can get someone back to self-sufficiency, they're engaged in society, they're contributing to the economy, and I think that puts everyone in a pretty good place. >> Alright, so I got to ask you, I know again, architecture and infrastructure person, but I always ask everybody in your field. How long before machines are going to be able to make better diagnoses than doctors? >> Uh, not so sure about doctors, but within our space our focus has been on how do we use artificial intelligence and machine learning to augment human capability? Like, the focus is on within our business lines within our business lines we have room for discretion and human judgment. Right, so, we don't expect that the machines will be making the decisions, but given the complexity and the volume of the policy and legislation, we do think there's a considerable opportunity to use that technology to allow an individual to make the most informed and the most consistent and the most accurate decision. >> So then in your term you don't see that as a plausible scenario? >> No. >> Maybe not in our lifetime. >> As I said the focus is very much on, well, how do we augment human capability with emerging technology. >> So Garrett, last question and we've got about a minute left. What are some of the things that you are excited about in your new role as head of Enterprise Architecture for 2018 that you see by the end by the time we get to December, your summertime, that you will have wanted to achieve? >> Okay, so, over the last roughly two years I've been developing the future state technology design that will reshape out social welfare system for probably the next 30 years. This is a generational refresh we're undertaking in that space, so I think it's been a hard slog getting to this point, we're now starting to build on our new digital engagement layer, we've got a new enrichment layer starting to come to life where we do put that machine learning and AI in place and then we're also starting to rebuild the core of our social welfare system, so this is the year for me where we go from planning through to execution, and it brings me an immense sense of pleasure and pride to see the work that you've been pouring yourself into for many years start to come to fruition, start to engage with citizens, start to engage with other government agencies, and start to deliver the value that we know that it's capable of delivering. >> Well, sounds like a very exciting year ahead. We want to thank you so much, Garrett, for stopping by theCUBE and sharing the insights, what you guys are doing to help impact the lives of 12 million Australians. >> Thank you very much. >> Have a great event. >> Thank you. >> And for Dave Vellante I'm Lisa Martin. You're watching theCUBE's live coverage of the inaugural IBM Think 2018. Stick around, we'll be back with our next guest after a short break.

>> Announcer: Live from Las Vegas, it's theCUBE, covering InterConnect 2017. Brought to you by IBM. >> Hey, welcome back, everyone. Here live at the Mandalay Bay in Las Vegas for theCUBE's three-day exclusive coverage of IBM InterConnect 2017. I'm John Furrier. My co-host, Dave Vellante. Our next guest here is Greg Pepper, head of cloud security architects at Check Point Software Technologies. >> You got it. Good afternoon, gentlemen. >> Welcome, welcome to theCUBE. So, security obviously is big. You're seeing compel all the networks, every company out there is buying security, so there's been a security sprawl. But now you guys have a stock that's trading at a very high, 52-week high. Congratulations. >> Yeah, thank you. You know, some people forget about us. We've been doing this for 24 years, we've been the leaders in this industry for over two decades, but sometimes, we're the best kept secret in the industry. >> Unleash some of those secrets here. I know you guys probably can't go into too much secret sauce as a public company, but what's the software secret? Obviously, relationship with IBM is part of why you're here, but what's the Check Point secret sauce right now? >> I think first and foremost, we've built upon a legacy for the last 20 years. We didn't just acquire technology through acquisition, duct tape and paper clips and call it an architecture for our customers. We've built upon a consistent common platform building on our core strengths. I think the second thing that really differentiates us from some of the other guys you mentioned is our commitment and focus to security first. We are a security company end to end, and everything we do is built off of those tenets. And especially with the growth in security in the data center, its migration to cloud, the industry has kind of come back around to software, and though for a while we delivered hardware appliance to customers, 'cause it was the preferred consumption model, when customers go to the cloud, whether it's SoftLayer, Azure, Amazon, Google, and others, we don't have hardware to bring with you, so you need a software defined security strategy to play in the cloud today. >> What is that software defined security strategy? What's the hottest product that you guys have that's working best? >> Everything we have built on our core competencies of management and the gateways themselves. But these days, it's not enough to just be a firewall vendor, so advanced threat prevention, the ability to both prevent and detect malware from getting on the network, rather than just alerting you that something bad happened. We're providing additional access controls with data awareness. I don't need to plug into the network to tell you people are going to YouTube, Netflix, but what's the information about your organization that's being posted out there? Those are the interesting things that we can help differentiate and alert customers to what's going on. >> So, the perimeter's, with the cloud, all these APIs, microservices coming down the pike with cloud, that's the challenge. I mean, this whole idea of being data and software focused. How do you guys play in that world, and what's this focus there? >> The biggest change is moving away from the traditional management architecture to one that's driven by code. These days especially in the cloud to be agile with dev-ops, you have to have security be able to be deployed, programmed, managed, and monitored all through an API, and this is something over the last few years we've enhanced our products to enable automatic deployment in the cloud providers, automatic management, and also integration with people like IBM QRadar in a highly automated way. >> The big discussion in the last couple years in security has been, hey, it's not enough just to dig a moat around the castle. The queen wants to leave her castle, so we've got to, security's got to be everywhere, it's got to follow the data, and also response is another major focus of discussion, we've got to shift spending there. How has that impacted, first of all, you buy that, second of all, how has that impacted your business and your strategy? >> We definitely do agree, which is why as part of our end to end security strategy, the laptops, the desktops, the mobile devices is an area of increased focus for us. Where really just having the traditional perimeter alone is not adequate. The second thing we started to talk about is the ability to move into the cloud. A lot of the competitive solutions out there don't play as well in the cloud because they're dependent on proprietary hardware. If you're a vendor that has custom ASICs, well, you don't have those ASICs when you go to the cloud. Whereas for us, our software defined security strategy, when we go to Amazon, Azure, SoftLayer, and other cloud providers, 100% of our core capabilities moves along with us. >> Talk that through the value proposition and the customer impact. So, it's more flexibility. Is it lower cost, is it speed, is it better response? >> I believe the primary driver for cloud adoption is agility, not always cost savings, although in some cases that is the case. However, the ability to grow and shrink on demand. In the past, our traditional enterprise customers would consume technology for their max resources. If I'm a large department store, I need to be able to handle Black Friday. Well, that's one week a year that you need that peak utilization. That ability to scale up and scale down is one of the major things driving people to the cloud. Well, security has to have the same model. We have to be able to automatically deploy, scale up for those large-scale events, but then also come back down to an average run-time use to help customers save money. >> How about analytics? How does that play into the security business? >> Yeah, I mean look, the whole reason we exist is to give interesting information for technology to be able to chew on, and the ability to provide the forensic auditing accounting for access controls and for our threat prevention, whether it's on the perimeter, in the cloud, in the core, on mobile and end-point devices, there's a reason after 20 years we've been the lead in the industry is 'cause we provide the best forensics data and integration with all the major leading SIM vendors out there. >> Yeah, the 20-year stair with Check Point. Obviously, the company's evolved a lot since then. Talk about the relationship with IBM, obviously we're here at IBM InterConnect, what are you guys doing with IBM? >> IBM's one of our best partners for over the last two decades. For over 18 years now, they've been a customer, a reseller, and a managed services security partner, so there's multiple organization within IBM that have relationship with Check Point to help secure the corporate assets, customer projects in our managed data centers, or even just purely security managed services. One of the exciting projects that we've been working on that was demonstrated at the security booth was an automated security deployment for the hybrid cloud, where the IBM team worked with us to help take security, automatically roll it out into Amazon and Azure, but also bring it into their MSS environment, their managed security services with zero touch, and they're able to provision, have it managed, monitored, and ready to rock and roll in less than 30 seconds. >> And they were doing that all in software? >> Greg: 100% in software, 100% in code with no human intervention. >> So take us through some of those use cases going forward. As you go talk to customers with IBM or on your own, you write on a lot of white board, I can imagine, so what are some of the white board conversations you're having, 'cause security architecture's one of these, kind of a moving train right now. What are some of the patterns you're seeing right now? >> First and foremost, there's a lot of cloud novice, this is new for all of us. So in the walk-jog-run mentality, we all need to come up with the basic terminology and fundamentals so we can have a more advanced conversation. Once we provide the basic knowledge transfer, the second step is how can you help me lift this legacy application and move it to a cloud-centric application, yet still give me the same levels of security and visibility, 'cause I can't go to the board and tell 'em, "Oh, we screwed up. "We moved to the cloud, and now our apps are not secure." As a matter of fact, for our largest customers, the most critical applications will not move to the cloud unless they have a clearly defined security strategy in place. >> So you lay out those parameters up front, then you kind of walk through it, I'd say crawl, walk, run, then jog. >> Greg: Absolutely. >> However you had it, but I mean, lot of people are kind of crawling, but now also, multi-cloud's a big theme here. So now, you're looking at multiple clouds, and some workloads might make sense for cloud one, two, or three depending on the workloads, but some stay on prem. >> 100%. >> And now you got the true private cloud trend where I'm going to have a cloud-like environment on prem. That's cool, development environment looks the same as the cloud, but I got multiple clouds. How do you guys deal with the multi-cloud and this idea of being consistent on prem and on cloud? >> First and foremost, being a software defined gateway, we have this unique capabilities that's the same on premise, Amazon, Azure, Google, SoftLayer, and others as well. Since we're not dependent upon hardware, we have consistent capabilities across all the clouds. The second thing I want to add is from a management perspective, we've built, excuse me, tight integrations with all the data center and cloud providers, so we're able to trust Amazon, VMware, Cisco, OpenStack, Google, and others and real-time integrate their applications and objects and metadata into our security policies, further tightening the integration and automation capabilities between those cloud providers. >> So, you're actively working with all the clouds to integrate in tightly to manage the security. You become the Switzerland for-- >> Look, we were the first of the major security vendors to both be in Amazon and Azure. We were the first achieve Amazon security competency. We were the first to support basic things like clustering and scale set support, which has been a very common deployment in the cloud as well. We've been in this cloud game for the last seven or eight years now, or as I like to joke, we've cloud up-times longer than some of my competitors have been in business. >> Microsoft was actually down on the cloud. We published a report today on siliconangle.com. Three cloud vendors down in a week. I'll give Amazon a little week there, but it's still, you're still going to see some these bumps in the road, but security, you can't have bumps, you got to be rock solid. >> The thing with today in cloud, whether it's the application, the servers, the storage and securities, you have to anticipate for that total failure situation. Heaven forbid, what happens if an east region went down? Case in point, when Amazon had their storage outage, Netflix was not interrupted at all. Now, other organizations that were only deployed in a single region, we were impacted. This is where, I think from an application architecture, one, we have to think beyond single region, single cloud provider. We have to anticipate the total catastrophic failure and how does our business continuity and disaster recovery work. And then, security has to be an integral portion of that. We can't bolt it on after the fact, it's got to be part of the foundation. >> Greg, great point. And by having software, gives you so much flexibility, I love that hybrid cloud example, but I want to get your thoughts on what you said earlier about lift and shift. That seems to be the parlance of the generation. It used to be rip and replace on the enterprise side, but that's not as easy as it is. To your point, you can't just throw it to the cloud, you might have some gaps. As people look to lift and shift, which I always say is be careful, you got to have some concerns. How do you advise your customers when you say, "Hey, we're lifting and shifting to the cloud." >> For those people, I say don't bother. Right, if I'm going to move the same applications and same products and processes from my private data center to the cloud, why bother? If we're not taking advantage of the agility, elasticity, automation, and all the benefits that clouds has to offer, companies should be building new cloud-ready applications for the cloud. We should not just be lifting our legacy applications and like for like moving them to the cloud, 'cause we're not going to get the benefit in return on investment. >> And it's risky, too, by the way. I would agree with you. So, net new applications, no brainer. If the cloud's available, why not? >> Absolutely. >> Let's go back to the workload. Some clouds have better, like analytics use case is a great cloud, just throw IOT data into Amazon or Azure or Office 365 is Azure, and Amazon gets Kinesis, good stuff, and you've got Bluemix over here. You're starting to see that swim lanes of the different vendors. How do you view the differentiation between the vendors, and how do you advise customers? "Hey Greg, I don't know which cloud to go to. "What's your advice?" >> First and foremost, there's pros and cons to everyone's offering. >> It's kind of like Red Sox, Yankees, you know. It's like trying to-- >> Well, let's stop right there, Yankees for sure. >> Dave: You think? >> Absolutely. >> Dave: You really think? >> Well, maybe not in 2017, but-- >> Who's the Yankees, Microsoft or AWS? >> Microsoft probably the Yankees right now. Then again, from my perspective as a Red Sox fan, I'd say it's a tough call. >> (muttering) is the Yankee-killer. Anywhere, let's... >> Alright, go back. >> We digress. >> What I was I going to make a comment of is look for the adjunct services behind the basics, beyond the basic storage, compute and networking services that everybody has as kind of table stakes. For example, if you're someone who's a very heavy Microsoft Office 365 SharePoint user, you're using their business application suite, well, probably migration to Azure is a more natural transition, right. People who are similarly in the Google environment and using the Google suite of applications, it's a benefit to moving the applications there. And to be honest, people who are purely just into the raw compute horsepower and probably the most mature and largest cloud platform, well, Amazon has probably got a five-year head start on the rest of the guys. So, we try not to sit here and determine which of the three clouds is better, 'cause for us, we play in all of them, and our security footprint has to be consistent across all of them. I'll share with you an anecdotal use case from one of my retail customers is building a commerce platform in AWS. But all the corporate applications are moving to Azure, and separately now, they're looking at Google for other global applications as well. So for them, they're going to be in all three cloud providers, just with different applications finding more natural homes. >> Justin Youngblood was just on. He said, the IBM data said 70% of all organizations, or 70% of the organizations have three or more clouds, infrastructure clouds, right. >> I would believe that. >> Back to the security, I mean, the market's booming. In a way, it's unfortunate that the market's booming is 'cause it's such a huge problem that doesn't end. It's great for you. Each year, we look back at last year and say, okay, we feel more secure, and we don't. So, what's happening in the market? Are we finally going to get a handle on sort of how to deal with this, or is it just always going to be this good guy, bad guy, leap-frogging sort of endless loop? >> The big change these days are the bad guys are pros. This is their full-time job, they're very well funded, trained, and able. >> Dave: And they only have to succeed once. >> And remember, the cost of defense is exponentially higher than the cost of offense. So what it costs my banks and hospitals to secure their environment is 10 to 100-fold over what it costs the bad guys, either in the U.S. or some other nation-state, to attack those environments. I think the biggest challenge that most of our customers face, to be honest, is technology saturation. They've bought every product known to mankind. As I like to joke, for every threat, there's an app for that, and most of our customers have bought all three of them. But then they struggle operationally with the technology, and this is more of a people and a process issue than it is a product issue. There's a lot of great technology out there, ours and other vendors as well, but if it's not implemented and maintained properly, those potentially represent the weakest links. >> And there's new threats emerging, ransomware, for instance, is to your point they're overmanned, and the cost to even compare, or defend against that, but they're already hacked. They'll pay the ransom in bit coin to get their stuff back. >> And look, it's cheaper, quicker, and faster to maybe just whack the system and try and do some forensics clean-up than deploy a next generation end-point to try and detect and mitigate against ransomware, disk encryption, or other bots that may get on the end-points themselves. >> But I almost feel like the mitigation, I mean, you've got to have perimeter security, obviously, and continue to invest in that, but I feel like you're never going to stop somebody from penetrating your organization. What's the status on average, the company's penetrated for 200 and whatever end days before they know? 220, 250, whatever number you want. There's got to be more investment in remediating, responding, managing that complexity. And so, I guess the answer to my earlier question was, well, not any time soon. We're going to have to continue to invest in new approaches, new methodologies to deal with this inundation of data, which isn't going to subside. >> Well, but part of it too is in the past, most of the security controls that companies invested in, they put at the perimeter. So, they're overprotecting on the perimeter, but now, the attacks are coming in through the side door. Spearfishing attempts >> Dave: Or internally. >> They're coming in from laptops or mobile devices that leave the organization and come back in, and since most customers lack internal segmentation, a very small infection becomes a very big problem very quickly. So, a lot of customers now are trying to figure out how do I take what I've done in the perimeter and treat my data center, my campus as untrusted, segment and silo and create smaller fault-isolation domains so that heaven forbid there is a breach or an outbreak, it's contained to a smaller subzone, rather than, look at the Target situation, which came in from an HVAC vendor, moved into a payment system, and then exfiltrated millions of credit card records. >> And, or, and not or, but, and techniques to allow the response to focus on the things that matter, and like you said, organizations, CCOS, are inundated with technology, and they don't know necessarily which threats to go deal with. They've got so much data, and to the extent that they can narrow down those high value threats, that's going to help solve the problem. That's why I was asking the question about analytics before. >> That's where I think the partnership with IBM is so important for us, right, 'cause both what they do with Watson and big data analytics and QRadar as well, it's one thing to just create a bunch of alerts, but for most customers, that's a lot of noise. Give me the interesting bits of information. I don't care about these 10 million alerts over the last week. What are the most critical things that my team needs to address right now? And those are the things that collectively IBM and Check Point help. >> How about the competitive landscape? And you guys are kickin' butt, you're well over a billion, what, $1.7 billion company, roughly? >> A little more, but yeah. >> A little more than that, almost a $20 billion market cap, which you said earlier, John, stocks almost at an all-time high, so obviously compete with Palo Alto. Do you compete with HPE, with ArcSight a little bit? I mean, that acquistion, they sort of, that's-- >> They jettisoned some of their core products that were competitive, like TippingPoint. They've kept some of their ArcSight and other big data analytics, the drive service and storage and services out there. But they're as much a partner as they are a competitor. >> Dave: They are? Okay. >> I mean, I would say the usual competitive suspects, some of the guys you mentioned, some of the big route switch vendors like a Cisco or a Juniper out there. Actually, we're in the end-point mobile space as well, which brings in the Symantec and McAfee and Kaspersky. >> And so, right, okay, so what's your big differentiation? >> I think first and foremost is that we have an enterprise management solution that goes from the mobile to the end-point to the cloud to the network. We do it all through a singular console. We have the most scalable security platform in the marketplace today, and to be honest, we have the best security solution out there, both in terms of the effectiveness as well as the manageability. >> Dave: And you're profitable and you're growing. I'm going to throw that in. >> Greg: We've been profitable since day one. >> Greg, thanks for coming onto theCUBE. We really appreciate, give you the final word on the segment as the outlook going forward. Obviously, all the cloud vendors, you work with them all, all trying to be enterprise-ready. >> Yes. >> And they're all, we're the enterprise cloud. Amazon's now the enterprise cloud, Google was flaunting it at Google Next, they got some work to do. IBM certainly is in the enterprise, Oracle's in the enterprise, Microsoft's in the enterprise. Enterprise readiness and the next few years as security evolves, what are the key table stakes that the cloud guys need to continue to work on, continue to invest in, continue to innovate? >> I think the first thing, and this is across all technology, not just cloud, is that interoperability is the new best of breed. All of our customers are going to have a couple of trusted partners. No one enterprise is single-vendor end to end. But we have to be able to play nicely in the sandox. So, whether it's working with Cisco or McAfee or Microsoft or Symantec, if I don't work well with the other investments my companies and customers have invested in, they're not going to have me around for very long. >> And that's the truth. And multi-cloud, and workloads will fit best, 'cause the SaaS also defines some of these big cloud vendors as well. Microsoft SaaS is Office 365, if you have Microsoft, that's going to be some things for ya. Greg, thanks so much, appreciate it. Great commentary with Check Point Software Technologies, talking security, head of architecture here. Greg Pepper, thanks for joining us. This is theCUBE, more live coverage here, day three coverage from theCUBE after this short break. (electronic keyboard music)